last executing test programs:

6m15.564070151s ago: executing program 32 (id=60):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES8, @ANYBLOB="02000000000000001c00128009000100626f6e64000000000c00028008001e0011"], 0x74}, 0x1, 0x0, 0x0, 0x24000046}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000080)=0x1, 0x4)

6m8.454244276s ago: executing program 33 (id=105):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000580)={&(0x7f0000000540)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, <r3=>0x0], &(0x7f0000000200), 0x2, r2})
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000180)={0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000840)={0x0, 0x1, &(0x7f00000005c0)=[r1], &(0x7f0000000180), &(0x7f0000000280)=[r3], &(0x7f0000000040)}) (fail_nth: 2)

6m1.269390485s ago: executing program 34 (id=139):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) (fail_nth: 2)

5m48.374725938s ago: executing program 35 (id=208):
r0 = syz_open_dev$video4linux(&(0x7f0000000280), 0xa0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000100)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}}) (async)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000100)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
io_uring_setup(0x6281, &(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
unshare(0x22020600)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
unshare(0x42040200)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f000000b280), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000017840)={0x2c, 0x7, 0x0, {0x0, 0x0, 0x3, 0x0, '%@\''}}, 0x2c) (async)
write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000017840)={0x2c, 0x7, 0x0, {0x0, 0x0, 0x3, 0x0, '%@\''}}, 0x2c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)={0x2c, 0x3c, 0x107, 0xfffffffc, 0x0, {0x2, 0x7c}, [@nested={0x18, 0x48, 0x0, 0x1, [@nested={0x14, 0x8, 0x0, 0x1, [@typed={0xe, 0x16, 0x0, 0x0, @str='-&]#\xae**$$\x00'}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x88c4}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x19, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x30}}, 0x60800)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='task_rename\x00', r8, 0x0, 0x1049c}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[], 0x38}}, 0x4000)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000002c0)={@in6={{0xa, 0x4e21, 0x10, @local, 0x1ff}}, 0x0, 0x0, 0x3c, 0x0, "e1deb01a10af8cc10942a1e07a77bbcb8e64acf2496a1980b3300f63ed1e1c6e5e2e94b5d09017f57d8badaa699c857371bfe8035fb618b601fae2852af37cd0bdec8d64087180912686b782326278c3"}, 0xd8) (async)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000002c0)={@in6={{0xa, 0x4e21, 0x10, @local, 0x1ff}}, 0x0, 0x0, 0x3c, 0x0, "e1deb01a10af8cc10942a1e07a77bbcb8e64acf2496a1980b3300f63ed1e1c6e5e2e94b5d09017f57d8badaa699c857371bfe8035fb618b601fae2852af37cd0bdec8d64087180912686b782326278c3"}, 0xd8)
read$FUSE(r4, &(0x7f00000023c0)={0x2020, 0x0, <r9=>0x0}, 0x2020)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r10, &(0x7f0000007280)=[{{&(0x7f0000000800)={0xa, 0x4e20, 0x3, @loopback, 0xd}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000006280)=[{&(0x7f0000004f00)="d5", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000006340)="8f1dcb09", 0x4}], 0x1}}], 0x3, 0x8000) (async)
sendmmsg$inet6(r10, &(0x7f0000007280)=[{{&(0x7f0000000800)={0xa, 0x4e20, 0x3, @loopback, 0xd}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000006280)=[{&(0x7f0000004f00)="d5", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000006340)="8f1dcb09", 0x4}], 0x1}}], 0x3, 0x8000)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e000000ff0300000800004000000040c40000880100a231980a749810cd2ce405003a6574ede08c4b7f5d82f3fa43efd2a248f2620bca0adce42d6745372ec4a27a5db16208f6f50b7024283112b4157cfba75684efae2c7110c03b47f725fc7c3cf9d8a895c03d7caf312c4d4addc6f6e30ef1dab1a1e8b36d61fb0785a68a57a219d0ecfb", @ANYRES32, @ANYBLOB, @ANYRES32=r9, @ANYRES64=r10, @ANYRES32, @ANYBLOB, @ANYRES8=r10, @ANYRES8=r3], 0x50)
syz_open_dev$vim2m(&(0x7f00000004c0), 0xe, 0x2) (async)
syz_open_dev$vim2m(&(0x7f00000004c0), 0xe, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)

5m37.834300697s ago: executing program 36 (id=263):
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0)
msgget$private(0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@gettaction={0xd8, 0x32, 0x4, 0x70bd27, 0x25dfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x42ee7d0f}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffffffff}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xe1c1}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffc56}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x1fa5}, @action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0x14, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x400}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e25}, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000240)={0x0, 0x4}) (async)
r4 = socket$rds(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x8, 0x0, &(0x7f00000006c0))
lseek(r3, 0x0, 0x4)
openat$snapshot(0xffffff9c, 0x0, 0x8001, 0x0) (async)
unshare(0x68060200) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, &(0x7f0000000080))

5m3.530774429s ago: executing program 37 (id=518):
r0 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getregset(0x4205, r1, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, &(0x7f0000000180)='0', 0x1)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001200)={0x10, 0x1418, 0x1}, 0x10}, 0x1, 0xf00, 0x0, 0x40}, 0x10)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x33, 0x5, 0x20000a2e, 0x0, 0x0, 0x3, 0x2000000, 0x0, 0x3000000}})
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r5, 0x0)
setsockopt(r5, 0x10d, 0x10, &(0x7f0000000100)="01681adb", 0x4)

4m59.56741505s ago: executing program 38 (id=567):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000580)={&(0x7f0000000540)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000040)={r0, 0xe, 0xad00000000000, 0xa})
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000180)={0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000840)={0x0, 0x1, &(0x7f00000005c0)=[r1], &(0x7f0000000180), &(0x7f0000000280)=[0x0], &(0x7f0000000040)})

4m20.75089351s ago: executing program 39 (id=859):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001bc0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}]}, 0x24}}, 0x0)

4m20.710781736s ago: executing program 40 (id=861):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r1}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) (fail_nth: 2)

3m51.58813368s ago: executing program 41 (id=1009):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r1, 0x0, 0x0)
write$FUSE_INIT(r1, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x10, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYRESDEC=r4, @ANYRES32, @ANYRES64=r0, @ANYRESHEX=r4, @ANYRES64=r1, @ANYBLOB="9d", @ANYRESDEC=r3], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x35, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_emit_ethernet(0x2a4, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a6026e0000fc020000000000000000000000000000fe8000000000000000000000000000aa223427d5c9a46b9fa14172170a013589317d2af31ba554311bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df1"], 0x0) (fail_nth: 2)
r8 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r8, r8, r8}, &(0x7f0000000040)=""/217, 0xd9, 0x0)
r9 = memfd_create(0x0, 0x3)
ftruncate(r9, 0xffff)
fcntl$addseals(r2, 0x409, 0x0)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f00000002c0)={r9, 0x0, 0x0, 0x1000})

3m51.532390066s ago: executing program 42 (id=1011):
r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x0)

3m48.509329748s ago: executing program 43 (id=1034):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r4, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r5)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r7)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

3m41.858811357s ago: executing program 44 (id=1045):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = socket$inet(0x2, 0x3, 0x1)
setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000100)=ANY=[], 0x1)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000080)={<r4=>0x0, @local, @local}, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@private0, 0x78, r4})
r5 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000140)={@empty, 0x8000, 0x3, 0x1, 0x2, 0x7, 0x8}, 0x20)

3m39.333089268s ago: executing program 45 (id=1051):
socket$l2tp(0x2, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002100), 0x2a71801, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$inet6(0xa, 0x2, 0x3a)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x40000, 0x49, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)=0x400)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000380)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="56c78e3c733dd956f47c2c6ae5c782785fb2dbd811576f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)=""/83, 0x53)
open(0x0, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r2)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="700000000009010400000000000000000000000008000540000200000900010073797a31000000000000002c000180140003008910000400000000000000000000000214000400fe8000000000000004803e00"/102], 0x70}}, 0x0)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

3m33.485305422s ago: executing program 46 (id=1063):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r5, 0x0, 0x23)
read$FUSE(0xffffffffffffffff, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r6 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r6)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r7, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

3m15.283222368s ago: executing program 47 (id=1208):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008aec1, &(0x7f0000000080)=ANY=[@ANYBLOB="81"]) (fail_nth: 2)

2m52.596138168s ago: executing program 48 (id=1360):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
r1 = syz_open_dev$evdev(0x0, 0x4, 0x183000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000002440)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r1, @ANYRES16=r0, @ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x9, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x5, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r4, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e)
connect$pptp(r4, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f"], 0x4b0}}, 0x0)
ioctl$EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x5, "2a000000000000005a957fe0213b2e100af028f0030b2eff0b61e6e66b8f37ff"})
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x8)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = openat$fb1(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0)
ioctl$FBIOBLANK(r8, 0x4611, 0x0)
sendmmsg(r7, &(0x7f0000007340), 0x0, 0x4000010)

2m48.472406448s ago: executing program 49 (id=1382):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, 0x0)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r6, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa3}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x48}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}]}, 0x30}}, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x2d000000000, 0x69, 0x6, 0x7, 0x0, 0x4003ff, 0x20000000006], 0x3000, 0x2e0710})
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000080)={0x400})
r7 = eventfd2(0x2, 0x800)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000000)={r7, 0x2, 0x2, r7})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto={0xffffffff, 0x0, 0x0, 0xd, 0x4}]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x339)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r2)
socket$can_raw(0x1d, 0x3, 0x1)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_IFINDEX(r9, 0x113, 0x9, 0x0, &(0x7f0000000740))
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt(r10, 0x802, 0x805, 0x0, 0x0)
r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000e80), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r11, @ANYBLOB="01000000009377d52f839200"/32], 0x14}}, 0x20008050)

2m20.987894608s ago: executing program 50 (id=1517):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
shutdown(r0, 0x1)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="19", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="ae", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f0000001800)="f35f79", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f0000002ac0)="bd", 0xfffffffffffffdc1}], 0x1}}], 0x4, 0x4040040)

2m20.81501441s ago: executing program 51 (id=1519):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x17\x00'}]}, 0x1c}}, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@dstaddrv6={0x0, 0x84, 0x8, @private1}], 0x9, 0x4008040}], 0x9249249249249e3, 0x4084)

2m16.893549306s ago: executing program 52 (id=1537):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)={0x38, r1, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}]}, 0x38}, 0x4, 0x700000000000000}, 0x0)

2m9.398711465s ago: executing program 53 (id=1562):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r6, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r9)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

2m5.685774317s ago: executing program 54 (id=1575):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x0, 0x2}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, 0x0, 0x0)

2m1.093655339s ago: executing program 55 (id=1597):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000780)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_emit_ethernet(0x4a, &(0x7f0000000400)=ANY=[@ANYBLOB="4dee707b1624ffffffffffff86dd608a37f200142c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000005", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="01000000000000005e82f043fd3d8cdb6327c8a8437efb9e8fdd53c1f1d8f65f7e8328baabfa59721119add62a7c7c7f5694d2b34bf0db2b9118043292e7fb0f084a721f871ee21e43e70033ddd1f7c6eb2e6b0b0da67308fe1f67746d7cc750cef43bff35751e08bacd7a1d5cdee7eccb9fc3755ace071c89a11e4f44eb10c8349f97b2aec5e06224f36ce180cefd5618cf85f88c36612098afe47f4acfc54437b76d58a1afe26f51bb9ac88e7c6947aa567e6a6406deb36fd35dee6c2d6c5f875252b0"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xc, &(0x7f0000000300)={0x80000001, 0x88f}, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffffc)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1c, 0x0, 0x0)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e0c00031000"], 0xf)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
mkdir(0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(0x0, 0xe)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48ae51b0"], 0xd)
syz_emit_vhci(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m55.962701776s ago: executing program 56 (id=1611):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x20, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x4}]}, 0x20}}, 0x0)

1m54.121181006s ago: executing program 57 (id=1623):
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = timerfd_create(0x9, 0x0)
timerfd_settime(r0, 0x0, &(0x7f0000000180)={{}, {0x77359400}}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0xffffffff, 0x80800)
r2 = socket(0x10, 0x80002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
recvmmsg$unix(r2, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010102, 0x0)
r4 = dup(r1)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80003, 0x6)
setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, &(0x7f00000001c0)={0x800, {{0xa, 0x4e22, 0x112, @local, 0x1}}}, 0x84)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r9, &(0x7f0000000040)=ANY=[], 0xff2e)
ioctl$TCXONC(r9, 0x540a, 0x3)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000100))
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0xa, 0x100010, r4, 0x8000000)

1m39.176111919s ago: executing program 58 (id=1697):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0xc, "5639f5bb08000000c26ebe7d9a7b0d5100", <r2=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000001c0)={0x80000, "340b7832ceefdad118cf501922d6974a270000c50f0000002ddc7d00", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r3, <r4=>0xffffffffffffffff})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x32, &(0x7f0000001500)=ANY=[@ANYBLOB="aa9baaaaaaaa0180c2040000000045000024000004000011907800000000004e20001090780200000000080000000000d734"], 0x0)
ppoll(&(0x7f0000000400)=[{r2, 0x8440}, {0xffffffffffffffff, 0x21}, {r4, 0x4080}, {r3, 0x2410}, {0xffffffffffffffff, 0x1003}], 0x5, &(0x7f0000000440), &(0x7f0000000480)={[0x9, 0x938f]}, 0x8)
ppoll(&(0x7f0000000140)=[{r3, 0xa084}, {r4, 0x400}], 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r6}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x42, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0xfffffffffffffffd, &(0x7f0000000340)={<r11=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r10, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000002c0)=0x8, r11, 0x0, 0x0, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x68}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r12=>0x0})
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000240)=ANY=[@ANYBLOB='H\x00', @ANYRES16=r13, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r12, @ANYBLOB="060014010500000006001200000000000a000600ffffffffffff000006001000b003000006001a0102000000"], 0x48}}, 0x20054)

1m34.10515901s ago: executing program 4 (id=1712):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0xc, "5639f5bb08000000c26ebe7d9a7b0d5100", <r2=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000001c0)={0x80000, "340b7832ceefdad118cf501922d6974a270000c50f0000002ddc7d00", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r3, <r4=>0xffffffffffffffff})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180)=r6, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000001500)=ANY=[@ANYBLOB="aa9baaaaaaaa0180c2040000000045000024000004000011907800000000004e20001090780200000000080000000000d734"], 0x0)
ppoll(&(0x7f0000000400)=[{r2, 0x8440}, {0xffffffffffffffff, 0x21}, {r4, 0x4080}, {r3, 0x2410}, {0xffffffffffffffff, 0x1003}], 0x5, &(0x7f0000000440), &(0x7f0000000480)={[0x9, 0x938f]}, 0x8)
ppoll(&(0x7f0000000140)=[{r3, 0xa084}, {r4, 0x400}], 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r8}, &(0x7f0000000180)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x42, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r9, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0)
r12 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r12, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0xfffffffffffffffd, &(0x7f0000000340)={<r13=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r12, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000002c0)=0x8, r13, 0x0, 0x0, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x68}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r14=>0x0})
r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000240)=ANY=[@ANYBLOB='H\x00', @ANYRES16=r15, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r14, @ANYBLOB="060014010500000006001200000000000a000600ffffffffffff000006001000b003000006001a0102000000"], 0x48}}, 0x20054)

1m33.185318118s ago: executing program 4 (id=1719):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x44, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_connect(0x1, 0x477, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0xc3, 0x47, 0x11, 0xff, 0x129b, 0x160c, 0x38d5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x465, 0x1, 0x9, 0x3, 0x10, 0x60, [{{0x9, 0x4, 0x58, 0xf8, 0x9, 0xa1, 0x5c, 0xe9, 0x5, [@hid_hid={0x9, 0x21, 0x1e91, 0x3, 0x1, {0x22, 0xe25}}, @hid_hid={0x9, 0x21, 0x9, 0x40, 0x1, {0x22, 0xd8b}}], [{{0x9, 0x5, 0x6, 0x3, 0x20, 0xeb, 0x92, 0x8}}, {{0x9, 0x5, 0x5, 0x0, 0x20, 0x4, 0x2, 0x84, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x6, 0x8000}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x80, 0x4}]}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x2, 0x3, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xff, 0x8000}, @generic={0x62, 0x11, "09f9351ba9d8d61ec43b21c6f20609027b9b9e195c2e5c95d461b87f90355e0df35f07e039e9002686084e7d13621f0035f1a8a0d8b9ac13db4ae11b1264ea550f96adc1fbcf31ca753a6ecc5a1630b95607cbb56f90372793cbdff56fbb4d61"}]}}, {{0x9, 0x5, 0x2, 0x8, 0x10, 0xe, 0x7, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7}]}}, {{0x9, 0x5, 0xb, 0x2, 0x10, 0xfe, 0x6, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x7, 0x401}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x80, 0xa}]}}, {{0x9, 0x5, 0xd, 0x8, 0x20, 0x32, 0x7d, 0x4, [@generic={0xa8, 0x0, "05c65846d69c8609494f561c326ae7ee9b15dd7c9bb8a3a1e7bd12b38de9f052959666903c965ffe9005f93c57f4a973f72f492a2e34e2dbf50ae9ab10b44b50e044697d9ac4e20ee0d56734b77612324ec884e9f48a5661397930385c8d02afc174e5943938da041885e1c6ac55223776eb715de79655c20f723e2791af833a598a913534a504c639d10b7b39cdac3fa4fb6906ae332a1399cd757b82370de2b7e97421ba19"}, @generic={0x61, 0x24, "3b9210804b01ac9e0877479b08a80cea274b28ca5d5d2a83dc68fd67e2e2743290ea3dd12b5a3045de48f9605da8ea56f6bbb552b7518a5a0863ce3c04f294dbefdc182f084bf5586141762b272d726d04ea160da4b7eb997e017d86afd3de"}]}}, {{0x9, 0x5, 0x80, 0x8, 0x8, 0x3, 0x18, 0x2, [@generic={0xcc, 0x30, "8a45134ea8b5f2ced05f7bb42b847fd1a69d9f47ca1041d881dde5ff7c7b2ef72c57b57d4d2317086f9660800c6869725cc0134e9183006b37415f099d4ddad113f0ce0d3cbd97161624ba49813f56255a5e0d1d5e118d85a14791e575e3f9624be147814fa855e470668fdd42ed66f6393879a8648266278cab3c8e15ae6d580558e2ac274f263abd46e20803ab1ee7b7734b58a87ae5454414f87e1e0471151961da3a4f774c736292fce650b4c34939ce4c7cd8181a1e5d9db99abd5c97371f6fe92290e7297d2946"}, @generic={0x74, 0x22, "00d2516781673822bcf6abbba82adba27d0f40e86c0b71de5b501e72e5d2dfeb61f4ae9323b845abd1ba112a889c5eec197a4d4b03e6e702cfd4bf3b6cbaa02a783ac09d5610851a62986fc8fe7829bcbbb81fe6df856ba0d8cf0543d475cdc8debfc69c79343ada7e4e1b2245e60d1564b4"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x20, 0x8, 0x90, 0xe6, [@generic={0x78, 0x4, "92e2c5b94c77fc10c35562250f8a9ce679c22b0b714febc38edbe2deb39e8419adeb50899301923d33e7c4ad30ece61268197eef1d7cce4dc80e681ab80cd6f49733d7a896a749bf66a0742083c7ad2f3e3c8a4b1ecaf76cf96016a58e96a195aa9c51a7d1b9f238cc59535be822fe28823322da3e90"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x40, 0xdb, 0x7, 0x8, [@generic={0xa3, 0x2, "ee0ef1cba39ba18d6f63e2d926b9f57c488a50f67bc3f1abedef44b8b0f88bb9b1ebc48383f21f4daf7c6cb564c33bbd35a596b3644c2178302e1fbf4b0ea8c824062d96cfa61f6f87ebc6024db0c77d0d30bbf0e9d3bc8070b7933eb121f8f9828f108734e8bffab3c1822e1ff3d60afa54417d167c550e5ef4b179cfb18d10787a2d7f21fc66852a957dce10fe11205ee24aeae0e3224a392b5aa7f2604a70a4"}]}}]}}]}}]}}, &(0x7f0000000280)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0x40, 0x8, 0x81, 0xff, 0x91}, 0x3d, &(0x7f0000000180)={0x5, 0xf, 0x3d, 0x4, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x2, 0x8, 0x8}, @ssp_cap={0x10, 0x10, 0xa, 0x9, 0x1, 0x81, 0xf00, 0x40, [0xc000]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0x2, 0x4, 0x5}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "a6a2b10791c09c40eb1601ffaaac0357"}]}, 0x1, [{0xb4, &(0x7f00000001c0)=@string={0xb4, 0x3, "60319a108824ef672b15c81117a3f2b9a77bbcdc723368295bb896d8a095a196812ec2b239acebdaacf6f1dad9ad1def4c5a5132697e41ad7154adf2ae68599f4b82a7707b8be374b2476ef497430b1395c17eed976851432ce8b25a303052dfcf9e9ae05669071bc67d8f1b2f37aee54b9fc6634906f34be6a3da5854a1d9a700398d9b412c1a914cf83d951b5133eec97449ddc0921345bba9a1da657cb8d0faae75fcbd9043cc2fab9aaa0b09a8d7a079"}}]})
syz_usb_control_io$hid(r2, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f00000003a8407a730b93bf0280b3"], 0x0}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$VT_WAITACTIVE(r3, 0x5607)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f0000002480), 0x0, 0x88101)
r7 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r7, 0xffff)
fcntl$addseals(r7, 0x409, 0x7)
write(r7, &(0x7f0000000380)='\b', 0x1)
ioctl$HIDIOCGUSAGE(r6, 0x40184810, 0x0)
dup3(r4, r5, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b01, 0x0)

1m31.067066469s ago: executing program 4 (id=1731):
socket$l2tp(0x2, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002100), 0x2a71801, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$inet6(0xa, 0x2, 0x3a)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x40000, 0x49, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)=0x400)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000080))
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000380)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="56c78e3c733dd956f47c2c6ae5c782785fb2dbd811576f657874656e642c616363817373"])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)=""/83, 0x53)
open(0x0, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r2)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="700000000009010400000000000000000000000008000540000200000900010073797a31000000000000002c000180140003008910000400000000000000000000000214000400fe8000000000000004803e00"/102], 0x70}}, 0x0)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

1m28.605204764s ago: executing program 4 (id=1732):
syz_open_procfs(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0/../file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

1m25.579190156s ago: executing program 9 (id=1741):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0xc, "5639f5bb08000000c26ebe7d9a7b0d5100", <r2=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000001c0)={0x80000, "340b7832ceefdad118cf501922d6974a270000c50f0000002ddc7d00", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r3, <r4=>0xffffffffffffffff})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180)=r6, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000001500)=ANY=[@ANYBLOB="aa9baaaaaaaa0180c2040000000045000024000004000011907800000000004e20001090780200000000080000000000d734"], 0x0)
ppoll(&(0x7f0000000400)=[{r2, 0x8440}, {0xffffffffffffffff, 0x21}, {r4, 0x4080}, {r3, 0x2410}, {0xffffffffffffffff, 0x1003}], 0x5, &(0x7f0000000440), &(0x7f0000000480)={[0x9, 0x938f]}, 0x8)
ppoll(&(0x7f0000000140)=[{r3, 0xa084}, {r4, 0x400}], 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x42, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0xfffffffffffffffd, &(0x7f0000000340)={<r10=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000002c0)=0x8, r10, 0x0, 0x0, 0x1}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x68}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r11=>0x0})
r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000240)=ANY=[@ANYBLOB='H\x00', @ANYRES16=r12, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=r11, @ANYBLOB="060014010500000006001200000000000a000600ffffffffffff000006001000b003000006001a0102000000"], 0x48}}, 0x20054)

1m25.411183543s ago: executing program 4 (id=1742):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000140)={0x18, 0x0, {0x3, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84d0bd929bee87993c85be3c048b6961a9e49162177acf7f3f24f4e0e19095bafc84ded52ca3170d99cafffbdbf6acd1b6ae07d3f6d5ae4e0691a50a3e1adce3933fec8ae71046da14716cc98cce8c3796cd6a48caa505d0d954b85a7dac89f00af7fe4e3dbac106105f45b83a3628fd46e47780efe4a1594d8b7c6936f3403dd79ba117aa4c746d91d1776018d77c3a44d1f6287148db7724e3e9b7bac8361bee7bcdb944a775e16d843197414512f42cb3c84441f10c3880f42c5544ff12d96b997b94a40dccbdd1dc25ba474dd82be747ba6cd3a223a2f29e25e8419dfaa920e1356dbc36b382e9acdc79e462c6fc920df4dae53bbaa60047c318e72119906e06fb2645985edebb1890206bcdffd56514a2b7061338fc6606c0504054d99364ea3d0bd6ab651dda011128ee03ac9cc2a2d7d64123998a940bc4bf5e74ecfeb360dd33c22150a94deefcb36fab13a3adfed49142eb6947c13519f96604350088b140a8323eb69017ac050fdf1df8f953edb09e1f334c898e5dbb8043639fce67694c579f33243623e1204eb23f092a9dd6dac90e88c0fc4c74e3dd660365c2b73a917ab17269d14b1167c447fe0c83e0c3472dadc35c1a031c9ecc2313c3ceab90a173be50d88c76026f032961d7e0d9f666f9f1679139f9b8845a38a19fda970bc608daeee381add78a491024ca5af485e0e0fddbc6cc9f0c34a56571aaab9ba63dbddb788782d6cb6c6a7939a4132591f2780a9417343bfd054390a43486e86d25050f909aa8c3d03fe1c05b899f6f55b82eeefd4b46893fa74a61671fcba3fbd9df7a96327e70dd3c0957727fd96e68cb6a2a7620f8858e1f6daaab1a97746b916f80ca84a6cc80711e84d066dee51914572201bdf6b40c8de7a075d8f57d32c2dc413741e6538e599776f035557c6f3d422d4e812bc7c8ec5e698e229c6a8a60c2da5462d46eb83e6facf23afb8f22835b1fb7424225046be471d0ef177bdf1184e76fc96d7a49d5d9034c1009b32210915860aa2517f26ca5f66a9eaf7c7b0e104565d5220b70199d31b4dce3ac8e333850b6650765968e45114740b9d5c23f248873bc3451d0a476ea7866d75f63ea7fafe7b008770320b06a8b1310ada1259686d751e81161b84c9068d01ccea2d9f9a733328c47e9b9807fba04aa80a4c27565a17f35f266b98cac2864b1d998d5be1a343d33c533f5232b7003eddf698e10028855dc1016ae8a3aa9817fab16229883b8c7eaad8cd0b2725e63cac82225ea02871f97f7c6347bea4c119b98550804ffdbc1d5f1184db70b63eee8b55aa2ff637df8cf19c37c5c097c31cf9b3e1ca3ad449b240a87b1a474e1f2c2adcfcab59ad6475aef2b144a026ac943052b7e31b834f858ca36ca183da21a7872ff79b0c47d97cd0738411ee5ff953c8556441d9906612197ee4d7fa09777931e3d08e4aaba87b118cc5bd5441eca207c1defece7e58dc050ef9dc789ad46116701d7a9cf8774270ae6064a12426cec07139b17fe17104ba195bcf0ee2f43682794abb4e78ab4df64d132caa44a14f92f6085c0502c6e1f42260c1ffe57d4ff581655b037a1b713fe329e6f5cd084297fd1e298a419bd90da15593e2f6f2f69edd11b32281e608abbec6e900dfbfdd220815113e74ecda9d79f1096e30a18b4967134839b325932b32d21a52a8a3c5d5081c4cd7684757e5d393127072413a53b2dae9c6d31ea67a47ca53674dabfd8dcc127ecb757ccfc667c13b4c0db5f4776c708bf68f91b4ce723cd410873f797e7b042a7fe45a85f95f496aaac079bffc7e5191e71fbdacfdad55dfa72db9207b6a199289cecfcadb683b1cca5333645008da2d75cb152070a25c9a01399b7fa347892300a79ad8b1a778cfcb5b1f1e9671524e17cd33a1cbbbb33eda5ca12eff65bccfb6a4d921a76f2164411e503eabc6e850e340c60bff0e69cf697652e336343950598e7a92e161fe208fa6fe031caa568686ff602cff29262e9a7008bfd0cc7cac3655baaa773756ced4b12a57d77e3f6b7b56784c00f912cbdbe47bbf14d6c304fb8d8651f65a9504c152d781bc7df91c755cb6085940cc46bd088a4bfbc5ec53255341c98f4752e1894d7a588fb02ac2974d6efc4c39bf8fe00d176f79c7ecc089b2ace0c6434dbd9a4f75badf28aafa624f614c2221250a026ded7373ee488c6630d1fe5578c7ad2db659e40d6805733fee446ecd9caceb3366f773b717ebe5a0c550a1c3dd43e06432e122afaae2857ada147b4c45b9571fb4aee763fac32bde7def5d10a093ad4851d5e302dff4076b6f2feabe7d2c85a62dc067f07ac5b6df3c1cdb1af8eae25a4de7696353bed658c0c0eb4151c69f54a675ce74566bc66808041a465ae835018ea68b292b77bb14e1a3a0f79a5401137600cd5defca346e32486c6e61cb02b1492471408a31c67f06feb64520318ad1c9a56f7edaa7736e1135c3b9bed4af3da00f19190d890ed50b6bfd88462053b1491aac50a4c1693784280c764d431db0818860c69d102673bf55c823a86d90564e154ac2eb657262a997472fc543957c43a841364ed80f6f84e75c461fdc2eead9b3d7b02fd6d0e8bcbe0ac68ec7f8f8e96b6ed037a3e275327a2f1400b1646793bc5f9da3c55279c5600dca85b064279974ab65c59cba4b9c2aecfa76803acaf182414d2c728dc62b2a0b52f989e6e8e9922060caa84b81e45c9d7d6792fc1bf5bd8ab0fc86bf7df3998292ba2191ea73c50c4fd6947383aba9cfd5f989c291b2bda5f0e5eb3e5fee035b10190ea51f63a4ac844630ad85344e477ad8313479043c6ab579ea8b54f9a9e0283350b131dfdcb219d5512e72ce4e34ecdfdd7f1f465fefe585a9bf648fb5e334df14f514eba0f21a80004cbfafc028f589191"}}, &(0x7f0000000040))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x503340, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
read$fb(0xffffffffffffffff, &(0x7f00000004c0)=""/199, 0xc7)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r2, &(0x7f0000000440)=[{0x84, 0x77, 0x0, 0x0, @time={0x5, 0xa70}, {0xfd}, {0x7}, @raw32={[0x2, 0x6, 0x8000000]}}, {0x0, 0x0, 0x5, 0x83, @tick, {0xf9}, {}, @note={0x81, 0x0, 0x2}}, {0x6, 0x3, 0x9, 0x3, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @control={0x3, 0x7, 0x7fff}}, {0x8, 0x3, 0x6, 0x0, @tick=0xba6, {0xbb, 0x3}, {0xdb}, @ext={0x0, 0x0}}], 0x70)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
writev(r3, &(0x7f0000000800)=[{&(0x7f0000000c00)="89e7ee2c7cdad9b4b4", 0x9}, {0x0}], 0x2)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002400)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000008a661488e0d196fee613462c5f5a1938d6f85e3e4168780d80d3ede84d45c9f4c783b1b203e4c3e3af2fc24a00cc22498908f7c34c056fc5deb3aec47338085a8780e6474c383bcded5bcf242a4b19db19a12fcb3227fedcddb1f6", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000810000000000008db0c22bcdf963af0000000000008000b166e098c00680619fe9560dac56b08cc713252e85db618c7cbbfdb9827624207fd970d8b70a220024216dfcbc7595"], 0x50)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="1700000015006b05c84e21000ab16d6e230675f8020000", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6, 0x0, 0x0, 0xa000000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, 0x0, &(0x7f00000000c0)}, 0x1c)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000001400)={<r7=>0x0, 0xc182, 0x9, 0x1})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000001800)={<r8=>0x0, 0xda3b, 0x6})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r5, 0xc400941d, &(0x7f0000001c00)={<r9=>0x0, 0x5, 0x8})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000002000)={0x0, 0xe5a7c63b00761233, {0x8, @struct={0x4, 0x437}, r7, 0x5, 0x4, 0x2d, 0x1, 0x8000000000000001, 0xa, @struct={0x6, 0x18}, 0x839, 0x8, [0x2af, 0x4, 0x2, 0x800, 0x401, 0x1d8e]}, {0x3ff, @struct={0x8, 0x570e67d3}, r8, 0x7, 0x0, 0x1f2, 0x2, 0x1, 0x80, @struct={0xfffffff9, 0x20000000}, 0x0, 0x3, [0x3, 0x67, 0x4, 0xfffffffffffffffb, 0x3, 0x3]}, {0x5f, @usage=0xc, r9, 0x3, 0xffff, 0x8, 0x5, 0x1ff, 0x440, @struct={0x2}, 0x7, 0x5, [0xffffffffffffff7e, 0xa120, 0x7, 0x7, 0x6, 0xffffffffffffffff]}, {0x401, 0x0, 0x100}})

1m25.055652428s ago: executing program 9 (id=1744):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r6, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r9)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

1m24.990962303s ago: executing program 4 (id=1745):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r6, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r9)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

1m24.922805431s ago: executing program 59 (id=1745):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, 0x0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r6, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r7 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r7)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r8, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r9)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

1m24.065234773s ago: executing program 9 (id=1748):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x8000000, @loopback}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000080)=""/55, 0x37)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000140)={0x8d, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r5, 0x40045612, &(0x7f0000000040)=0x2)
ioctl$vim2m_VIDIOC_STREAMON(r5, 0x40045612, &(0x7f0000000080)=0x2)
sendmmsg$inet6(r4, 0x0, 0x0, 0x0)
getsockopt$bt_hci(r4, 0x84, 0x2, &(0x7f0000000f00)=""/4095, &(0x7f0000000000)=0xfff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8}, @NFTA_OSF_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

1m23.086484422s ago: executing program 9 (id=1749):
syz_open_procfs(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0/../file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

1m19.850958745s ago: executing program 9 (id=1754):
socket$l2tp(0x2, 0x2, 0x73)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002100), 0x2a71801, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$inet6(0xa, 0x2, 0x3a)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x40000, 0x49, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000)=0x400)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000080))
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000380)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="56c78e3c733dd956f47c2c6ae5c782785fb2dbd811576f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d"])
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$SNDCTL_TMR_CONTINUE(r1, 0x5404)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
symlink(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)=""/83, 0x53)
open(0x0, 0x0, 0x0)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r2)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB="700000000009010400000000000000000000000008000540000200000900010073797a31000000000000002c000180140003008910000400000000000000000000000214000400fe8000000000000004803e00"/102], 0x70}}, 0x0)
write$binfmt_script(r2, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

1m19.659721987s ago: executing program 9 (id=1755):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x0})
r3 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1, 0x9})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r1, r0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f0000000340)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x44, 0x0, &(0x7f0000000580)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000440)={@fda={0x66646185, 0x80000001, 0x2, 0x32}, @flat=@weak_handle={0x77682a85, 0x200}, @ptr={0x70742a85, 0x1000, &(0x7f00000001c0)=""/230, 0xe6, 0x2, 0x10}}, &(0x7f0000000140)={0x0, 0x1c, 0x34}}}], 0x0, 0x0, 0x0})

1m19.570599289s ago: executing program 60 (id=1755):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000000)={@my=0x0})
r3 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1, 0x9})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r2, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r1, r0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f0000000340)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x44, 0x0, &(0x7f0000000580)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000440)={@fda={0x66646185, 0x80000001, 0x2, 0x32}, @flat=@weak_handle={0x77682a85, 0x200}, @ptr={0x70742a85, 0x1000, &(0x7f00000001c0)=""/230, 0xe6, 0x2, 0x10}}, &(0x7f0000000140)={0x0, 0x1c, 0x34}}}], 0x0, 0x0, 0x0})

1m13.026695492s ago: executing program 5 (id=1790):
socket$alg(0x26, 0x5, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000001600), 0x1, 0x2002)
read(r5, 0x0, 0x23)
read$FUSE(r3, &(0x7f0000000780)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r6 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r6)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000011c0)}, 0x10000)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x8})
ioctl$sock_netdev_private(r7, 0x8914, &(0x7f0000000000))
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f0000000180), &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000019140)={[&(0x7f0000000380)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x03\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\xdch\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc']}, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$can_raw(0x1d, 0x3, 0x1)

1m12.062467816s ago: executing program 5 (id=1798):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m11.822967962s ago: executing program 5 (id=1801):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2)

1m11.610980962s ago: executing program 5 (id=1806):
syz_open_procfs(0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0/../file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

1m8.525178824s ago: executing program 5 (id=1825):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e70"}}}}}}}, 0x0)

1m8.24965809s ago: executing program 5 (id=1827):
r0 = fsopen(&(0x7f0000000300)='xfs\x00', 0x1)
r1 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000080)=0x2, 0x4)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000340)='nolazytime\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r2)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="37090000000000fffffd0000e3339088000000000000"], 0x1c}}, 0x0)

1m8.199690852s ago: executing program 61 (id=1827):
r0 = fsopen(&(0x7f0000000300)='xfs\x00', 0x1)
r1 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000080)=0x2, 0x4)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000340)='nolazytime\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r2)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="37090000000000fffffd0000e3339088000000000000"], 0x1c}}, 0x0)

1m4.65086921s ago: executing program 2 (id=1843):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f000000aac0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0) (fail_nth: 2)

1m4.650715357s ago: executing program 2 (id=1844):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x25dfdbfd, {0x81, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x1c}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1e9000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x1000000)
syz_emit_ethernet(0x4a, &(0x7f000000aac0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

1m4.500780823s ago: executing program 2 (id=1846):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
recvfrom$x25(r0, &(0x7f0000000040)=""/214, 0xd6, 0x100, &(0x7f0000000140)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x12)
ioctl$FITHAW(0xffffffffffffffff, 0xc0045878)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000240)={0x2, 0x7fffffff})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
syz_emit_vhci(&(0x7f0000000a00)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0xff, 0xc8}}}, 0x6)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000001180)=0x9, 0x4)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r2, 0x5404)
ioctl$SNDCTL_TMR_TEMPO(r2, 0xc0045405, &(0x7f0000000140))
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00009d82441eba9c54169fd494c9c3a7d93b566c952d52bbc65a152ab3be171a7963346d417ec1bf43df4332b8436bfd3533259a7a2518465aaef71580de0f5540ba222f0e669e58aec5c5cb25044cd697bb78ffeece2e66ca86b39c028d32469bf1ec2ce2ed7e2d42857331cdb36aeea5ba4834fc9d253b81adc2c2887e072a73d939853881c1048010e2878847ece063718e6ecbc222cb", @ANYRES16=r3, @ANYBLOB="010700000000000000006700000008000300", @ANYRES32=r5, @ANYBLOB="0800c300000000000800c40000000000"], 0x2c}}, 0x0)

1m4.428497339s ago: executing program 2 (id=1847):
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0/../file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

1m1.337136513s ago: executing program 2 (id=1858):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)={0x1c, r1, 0x62c29957b2bff3f, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500, 0x801}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x7}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004c811}, 0x0)

1m1.160922566s ago: executing program 2 (id=1859):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000680)={0xd, 0x2, 0x0, "d52b3d000000fa44966262631e8ac11e000000000000000000000000ebff00", 0x38414761})
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
dup(r1)
iopl(0x3)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0x82002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = open(0x0, 0x60840, 0x1d2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0xa13, &(0x7f0000000180)={0x0, 0xe3f8, 0x0, 0x0, 0x255, 0x0, r5}, &(0x7f0000000980), &(0x7f0000000ac0))
setitimer(0x2, &(0x7f0000000a40)={{}, {0x0, 0xea60}}, &(0x7f0000000a80))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x381, 0x0)

1m1.099725329s ago: executing program 62 (id=1859):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000680)={0xd, 0x2, 0x0, "d52b3d000000fa44966262631e8ac11e000000000000000000000000ebff00", 0x38414761})
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
dup(r1)
iopl(0x3)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0x82002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = open(0x0, 0x60840, 0x1d2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_setup(0xa13, &(0x7f0000000180)={0x0, 0xe3f8, 0x0, 0x0, 0x255, 0x0, r5}, &(0x7f0000000980), &(0x7f0000000ac0))
setitimer(0x2, &(0x7f0000000a40)={{}, {0x0, 0xea60}}, &(0x7f0000000a80))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x381, 0x0)

45.040774778s ago: executing program 0 (id=1988):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000fc0)=[{&(0x7f0000000400)="08001efbb07d586e", 0x8}], 0x1, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x7}}], 0x18}, 0x10)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = syz_open_dev$loop(&(0x7f00000003c0), 0x89, 0x800)
ioctl$BLKZEROOUT(r5, 0x127f, 0x0)
read$char_usb(r4, 0x0, 0x0)

43.414366891s ago: executing program 0 (id=2000):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (fail_nth: 2)

43.004882484s ago: executing program 0 (id=2003):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x8000, 0x3)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9beb010018000000000000000c0000000c000000020000000000000000000002000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0xd, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000950000000000000018400000ffffffff000000000000000018100000", @ANYRES32, @ANYBLOB="00000000000000001850000000000000000000000000000018400000f8ffffff000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x2, &(0x7f0000000940), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

42.986422854s ago: executing program 0 (id=2004):
syz_open_procfs(0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0/../file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

39.985647803s ago: executing program 0 (id=2034):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(r3, 0xc0844123, &(0x7f0000000040)={0x0, 0x0})
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x17, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044855}, 0x40000)

38.810491583s ago: executing program 0 (id=2038):
syslog(0x0, &(0x7f0000000100)=""/246, 0xf6)

38.78365339s ago: executing program 63 (id=2038):
syslog(0x0, &(0x7f0000000100)=""/246, 0xf6)

14.5602752s ago: executing program 1 (id=2165):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000006780)=[{{0x0, 0x0, 0x0}}], 0x80000000000020c, 0x0)

14.490321512s ago: executing program 1 (id=2166):
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000900))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x23c, &(0x7f0000000380)={0x0, 0x1ffefe, 0x10100, 0x7ffff, 0x0, 0x0, r1}, &(0x7f0000000200)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75}, 0x38)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './bus\x00'})
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0xc, 0x2031, 0xffffffffffffffff, 0x14dfd000)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {}, 0x1})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[], 0x0, 0x2a, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x28)
io_uring_enter(r2, 0x2ded, 0x25d2, 0x0, 0x0, 0x0)
r5 = socket(0x23, 0x5, 0x0)
listen(r5, 0x0)
accept4$unix(r5, 0x0, 0x0, 0x0) (fail_nth: 3)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)

14.270048866s ago: executing program 1 (id=2168):
r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10, 0x80000)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x3, 0x6, 0x0, 0x0, 0x0, {0x1, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x2c}}, 0x4000004)
openat$vim2m(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb8, r3, 0xc2446180d89d5f40, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CQM={0x24, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x6}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4d}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x78}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x48}]}, @NL80211_ATTR_CQM={0x34, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x2}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x3000000}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x2f}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x14}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x52}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4e}]}, @NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x4}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x21e}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x1}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x8}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x80}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x4e0f}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0xc1fab9b4aad11c8b}, 0x20040054)
r4 = accept4(r2, 0x0, &(0x7f00000003c0), 0xc00)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r2)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r4, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000640)={&(0x7f0000000480)={0x184, r5, 0xfeca7e1089f3c80c, 0x70bd2c, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x8}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4f9}, {0x6, 0x11, 0x7fff}, {0x8, 0x15, 0x16107113}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xff}, {0x6, 0x11, 0x4}, {0x8, 0x15, 0x6}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x20}, {0x8, 0x15, 0x7ff}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xa1e}, {0x6, 0x11, 0x2}, {0x8, 0x15, 0x2}}]}, 0x184}, 0x1, 0x0, 0x0, 0x20040018}, 0x4050)
r6 = dup(r4)
r7 = open(&(0x7f00000006c0)='./file0\x00', 0x410400, 0x120)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000740), r0)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r8, 0x100, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x404c004)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x30, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xe0000000}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc01cf509, &(0x7f0000000940)={<r9=>r2, 0xbf0f, 0xb, 0x7})
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000980)={'bridge0\x00', {0x2, 0x4e23, @broadcast}})
r10 = syz_open_dev$vcsu(&(0x7f00000009c0), 0x0, 0x400041)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000a40), r9)
sendmsg$TIPC_NL_BEARER_ADD(r10, &(0x7f0000000bc0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a80)={0xe0, r11, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MEDIA={0x34, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc293}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}]}]}, @TIPC_NLA_MEDIA={0x88, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xac}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x59}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5d5b}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}]}]}, 0xe0}}, 0xc0c5)
setsockopt$inet6_IPV6_RTHDR(r10, 0x29, 0x39, &(0x7f0000000c00)={0x10, 0x8, 0x1, 0x91, 0x0, [@private2, @local, @loopback, @local]}, 0x48)
sched_setscheduler(0x0, 0x3, &(0x7f0000000c80)=0x1)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000d00), r10)
sendmsg$DEVLINK_CMD_RATE_NEW(r7, &(0x7f0000000dc0)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000d80)={&(0x7f0000000d40)={0x3c, r12, 0x800, 0x70bd25, 0x25dfdbff, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xe}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_PORT_INDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x4010800)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f0000000ec0)={'ip6_vti0\x00', &(0x7f0000000e40)={'syztnl1\x00', <r14=>0x0, 0x2f, 0x6, 0x8, 0xffffff02, 0x10, @local, @empty, 0x20, 0x7, 0x140000, 0x56d5}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r10, 0x89f2, &(0x7f0000000f80)={'tunl0\x00', &(0x7f0000000f00)={'erspan0\x00', <r15=>0x0, 0x9, 0x8000, 0x67400000, 0x401, {{0xd, 0x4, 0x2, 0x6, 0x34, 0x65, 0x0, 0x14, 0x29, 0x0, @rand_addr=0x64010100, @broadcast, {[@ssrr={0x89, 0x13, 0xf2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x1b}, @loopback, @private=0xa010100]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0x7, 0xb5, [@loopback]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000fc0)={'team0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r13, &(0x7f0000001c40)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001c00)={&(0x7f0000001740)={0x4ac, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r14}, {0xb8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1ff}}}]}}, {{0x8, 0x1, r16}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}]}}, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xbe}}}]}}, {{0x8}, {0xe8, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8}, {0x154, 0x2, 0x0, 0x1, [{0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0xa, 0x1, 0x1, 0x3}, {0x3f72, 0x45, 0x5, 0x7}, {0xfbe, 0x61, 0x7, 0xe}, {0x79, 0xd3, 0x81, 0x6f}, {0x7fff, 0xd8, 0x0, 0x7}]}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x52b7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xffff8000}}, {0x8}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x4ac}, 0x1, 0x0, 0x0, 0x400c1}, 0x44)

14.269063454s ago: executing program 1 (id=2169):
syz_open_procfs(0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x8000000010, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x118, &(0x7f0000000100)={0x0, 0x2, 0x10, 0xfffffffc, 0x3a6}, &(0x7f0000000000), 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
r5 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r6, 0x80015b1a, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)

12.290491895s ago: executing program 1 (id=2179):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000010c0)=[0x0], &(0x7f0000001080), 0x0, 0x1, 0x0, 0x0, r3})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000980000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setrlimit(0x8, &(0x7f0000000080)={0x1, 0x401})
r5 = shmget$private(0x0, 0x2000, 0x8, &(0x7f0000ffc000/0x2000)=nil)
shmctl$SHM_LOCK(r5, 0xb)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0b010510"], 0xe)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$UHID_INPUT(r0, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b244645c68c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x30, r0, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000300), 0x104, 0x2)
r7 = openat(r0, &(0x7f0000000080)='./file0\x00', 0xa00, 0x9d)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000040)={0x18, 0x1, 0x0, "9611e6d6ff1f7506733200000000000000000300000000000000000083df00"})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0086426, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{}, {<r8=>0x0}]})
ioctl$DRM_IOCTL_NEW_CTX(r7, 0x40086425, &(0x7f0000000140)={r8})
r9 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000180)={'veth1_to_hsr\x00'})
r10 = socket$kcm(0xa, 0x2, 0x3a)
recvmsg(r10, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x40000000)
setuid(0xee00)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

12.078352067s ago: executing program 1 (id=2180):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x2000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x2}, 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a4, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3dc, 0xffffffff, 0xffffffff, 0x3dc, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x198, 0x1b8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf4}, {0x9, 0x0, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@private0, @private1, [], [], 'pimreg1\x00', 'wlan1\x00'}, 0x0, 0x1bc, 0x224, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x500)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, 0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000440), 0x1c1482, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})

12.055618007s ago: executing program 64 (id=2180):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x2000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x2}, 0x6)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a4, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3dc, 0xffffffff, 0xffffffff, 0x3dc, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x198, 0x1b8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf4}, {0x9, 0x0, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@private0, @private1, [], [], 'pimreg1\x00', 'wlan1\x00'}, 0x0, 0x1bc, 0x224, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0x1, 0x0, 'syz1\x00'}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x500)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, 0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000440), 0x1c1482, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})

3.350490584s ago: executing program 8 (id=2211):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0xc, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
readlink(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000004000000000000000000850000000700000018", @ANYRES32, @ANYBLOB="0000000000000000b708"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2800000070000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="1000018004000480080001"], 0x28}, 0x1, 0x1000000000000000}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, r6, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x30, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x15}}, @NFQA_CFG_MASK={0x8}, @NFQA_CFG_PARAMS={0x9, 0x2, {0xdd9, 0x2}}]}, 0x30}}, 0x0)
listen(r7, 0x0)
accept4(r7, 0x0, 0x0, 0x0)

2.961830284s ago: executing program 3 (id=2213):
socket$packet(0x11, 0x3, 0x300) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000000000000000001e95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2000000, 0x2, 0x0, &(0x7f0000000000)="fef3", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x4c) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001"], 0x38}}, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000000c0)={"6957608d766cfff5c3a6653d8900", 0x0, 0x0, {0x4, 0x2}, {0x7, 0xc00000}, 0x5, [0x3, 0x9, 0x7ff, 0x6, 0x0, 0x10000400, 0x9, 0x2, 0x8, 0x6, 0x6, 0x8000082, 0x10, 0xbd, 0x7, 0xffffffff00000000]}) (async)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) (async)
r1 = mq_open(&(0x7f00005a1ffb)='e\xeeQ\x92o', 0x42, 0x0, 0x0)
r2 = dup2(r1, r1) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2000000000000069, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x27}, 0x74) (async)
sendmmsg$unix(r4, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}], 0x1}}], 0x2, 0x0) (async)
mq_notify(r2, 0x0) (async)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00008bb32ca10dded249870500000000000000c0ecdb1e00341819ba24947f523948cae5ef8a38d07a639f7753aa2b5589b7ad5fe3390e50d778b1938caafbfe11e3b5c5f1458543f609d8c3feb3c1a60c3b95bb0f2395084a6307f31b4c96aa92cf9f7ba7e51cc39a9d963445ef48fbc6d05c2531fc087e99b235012f697d6b0f64399beeee2f96498cecd4812055bcfa26a6743886d5f827b76e3a381d04070b0ce808e534a8a1689e9f7c4521f626fb4f22a5d13f663d7dc5ed6dd97d6e9f3af63d077e60121db1ea6fc010d1d5311b9c622531e47cc1ba49a03c4ae7cb15804066cccea0c0cb6b6b77d49b353d78a10f00c6796efadadf34ccbb", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000540)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca90000000000003509010000000000950000000000000075090200020000007b9a00fe00000000b509000000000000c39a04fe51000000bf8700000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018290000", @ANYRES32=r6, @ANYBLOB="00000000000000005ddfa03793b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r7, 0x0) (async)
mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0) (async)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
mlock2(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1) (async)
mlock2(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1)
ioctl$SG_GET_COMMAND_Q(r5, 0x2270, &(0x7f0000000200))

2.507714131s ago: executing program 8 (id=2215):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f017, 0x1})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0xba01}, 0x810)

2.395679971s ago: executing program 6 (id=2216):
r0 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0xc0045543, &(0x7f0000000080))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
r3 = syz_open_pts(r2, 0x801)
r4 = dup3(r3, r2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x15)
write$UHID_INPUT(r4, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x30, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '%kT', 0x0, 0x2b, 0x0, @mcast1, @dev}}}}}}}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4000, 0x0, 0x4, 0xeffffdff, 0x0, [{}, {0x0, 0x9, 0x0, '\x00', 0xff}, {0xcc, 0x12}, {0x0, 0x6}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x4, 0x2, '\x00', 0x1}, {}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x2}, {0x0, 0x1, 0x7}, {}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x3}, {0xe, 0x0, 0x6}, {}, {0x84, 0x80}, {0x0, 0x4, 0x2}, {0x0, 0xd, 0x3}, {0x0, 0x2}, {0x0, 0x0, 0x3}]}})

2.395462662s ago: executing program 7 (id=2217):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000000240)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x84}, 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000050701", @ANYBLOB='\x00\x00\x00'], 0x40}, 0x1, 0x4c00000000000000}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast2, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001640)=[{{&(0x7f0000000040)={0x2, 0x4e22, @private=0xa010102}, 0x10, 0x0}}], 0x1, 0x240080e4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0xa6, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.355219585s ago: executing program 8 (id=2218):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x98f6}]})
ioperm(0x0, 0x9, 0x1f)
getdents64(r6, &(0x7f00000002c0)=""/154, 0x9a)

2.259843687s ago: executing program 7 (id=2219):
r0 = socket$packet(0x11, 0x3, 0x300)
syz_extract_tcp_res$synack(&(0x7f0000002f40)={<r1=>0x41424344}, 0x1, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000040)={<r2=>0x41424344, <r3=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x1a8, &(0x7f00000003c0)=ANY=[@ANYBLOB="fb4189a5b1370180c200000308004922019a0065000006069078ffffffff0a010100863a00000002070eb1e1da08006691c3e635fbe501041c4902085eb6fc66adbd0611e1b79cb1694eea59abe2dd8254e34b00098ca1470dec246444143d610000000000000002e000000100002f9b8907c2ffffffff440b181d24ce931499c76994040100862b00000003010b9403104af8b9513cb9000af173e78d26f285440009c5082b2036e61c00020605ca941d004e234e24", @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="d080000e90780e37220f4aa75317a835db452b406ce24503030f030307030309fe04f989020407057632fbfcdde216040000000000000053f2aa3c0a00a11334fa0d2155ab33fc1d4361e82d627f7610e24b9cf34a23fc5bfd0cf27778bc504de245ade46f61fe5c7d487b33330fb33f7ba57f417f008120dc0ebd507da1cb76a642a713ebd527db193fc6ccc7bd9c5d14dc24b09bc59d5c9879c38f90932e2a75b653f987314e6be7832b64fdadd4d1919be238ba69a6e57444b20d5ef34daedbad11cf865ff6e7bff7554b7260122f7a5ca99fecdd2946e5bc00"/234], 0x0)
syz_emit_ethernet(0x131, &(0x7f0000002f80)={@random="ddea1574e2b7", @remote, @val={@void, {0x8100, 0x4, 0x0, 0x2}}, {@mpls_mc={0x8848, {[{0x8}], @ipv6=@tcp={0x5, 0x6, "f9ed1d", 0xf3, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, {[@dstopts={0x5e, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0x81}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, @fragment={0x11, 0x0, 0x0, 0x1, 0x0, 0x18, 0x65}, @routing={0x89, 0xa, 0x0, 0x48, 0x0, [@ipv4={'\x00', '\xff\xff', @local}, @remote, @remote, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, @private2]}], {{0x4e20, 0x4e21, r1, r2, 0x1, 0x0, 0xc, 0x10, 0x6794, 0x0, 0xac5, {[@mss={0x2, 0x4, 0xaf}, @md5sig={0x13, 0x12, "782b898fcabf619d81ee4952ccb459d3"}, @eol, @sack_perm={0x4, 0x2}]}}, {"3abbd13e4f9bd2658d0ad150442b19d44c25a1d44dbe2c57d3edd449916ea91984b182df91d4be3f18a691482f8b08999150e4fa2b9f596e6ae9ec85286c0c625312a0ff0e257b43afe436"}}}}}}}}, &(0x7f00000030c0)={0x0, 0x3, [0x9ff, 0xbb4, 0x710, 0x297]})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r6 = dup2(r5, r5)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x2010, r6, 0x100000000)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x800)
read$FUSE(r6, &(0x7f0000000540)={0x2020, 0x0, 0x0, <r8=>0x0}, 0x2020)
getresgid(&(0x7f00000002c0), &(0x7f0000000340), &(0x7f00000003c0)=<r9=>0x0)
write$P9_RSTATu(r7, &(0x7f0000000400)={0x4d, 0x7d, 0x1, {{0x0, 0x37, 0x61, 0xfffffffe, {0x4, 0x3, 0x7}, 0x4010000, 0x9, 0x9, 0x7fff, 0x1, '\x00', 0x1, '\x00', 0x1, '\x00', 0x1, '*'}, 0x1, '\x00', r8, r9, 0xffffffffffffffff}}, 0x4d)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r11 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r11}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r11, &(0x7f00000077c0)={0x2020, 0x0, <r12=>0x0}, 0x2020)
write$FUSE_INIT(r11, &(0x7f0000004200)={0x50, 0x0, r12, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50)
write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000002f00)={0x18, 0xfffffffffffffff5, r12, {0x2}}, 0x18)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r5)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000002ec0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002e80)={&(0x7f0000004280)={0x90c, r13, 0x10, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x120, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x78, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x3, 0x5}, {0x2, 0x8}, {0x4, 0x6}, {0x6, 0x4}, {0x3, 0xa}, {0x4, 0x19}, {0x6, 0x3}, {0x4, 0x4}, {0x6, 0x5}, {0x3, 0x2}, {0x3, 0x1}, {0x0, 0x1}, {0x3, 0x9}, {0x0, 0x9}, {0x0, 0x2}, {0x0, 0x3}, {0x6, 0x8}, {0x2, 0x9}, {0x5, 0x9}, {0x0, 0x8}, {0x1, 0x2}, {0x4, 0x7}, {0x2, 0x3}, {0x4, 0x5}, {0x2, 0x6}, {0x5, 0x9}, {0x2, 0x7}, {0x7, 0xa}, {0x4}, {0x2, 0x9}, {0x5, 0xa}, {0x1, 0x3}, {0x4, 0x2}, {0x0, 0x8}, {0x7, 0x2}, {0x0, 0x7}, {0x7, 0x3}, {0x2, 0x4}, {0x0, 0x9}, {0x4, 0x5}, {0x4, 0x2}, {0x1, 0x2}, {0x2, 0x6}, {0x4, 0x3}, {0x7}, {0x5, 0xa}, {0x0, 0x2}, {0x0, 0x4}, {0x6}, {0x0, 0x7}, {0x3, 0x8}, {0x4, 0x2}, {0x7, 0x7}, {0x0, 0x7}, {0x1, 0x7}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x0, 0x77ea, 0x2, 0x3, 0xd6, 0xa, 0x2]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x100, 0x1, 0x2, 0x2, 0x7, 0x7, 0x101, 0x68c]}}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0xc, 0x3, 0x30, 0x6, 0x25, 0xb, 0x9, 0x2, 0x14, 0x30, 0x30, 0x2, 0x6, 0x6, 0xa6dbdb50c6caaa9f, 0x3, 0x3, 0x5, 0x60, 0x60, 0x1, 0x6, 0x12, 0x0, 0x1b, 0x1b, 0xb, 0x36]}, @NL80211_TXRATE_HT={0x9, 0x2, [{0x4, 0x6}, {0x2, 0xa}, {0x5, 0x9}, {0x0, 0x8}, {0x1, 0x4}]}]}, @NL80211_BAND_2GHZ={0x48, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x19, 0x2, [{0x3, 0x9}, {0x6, 0x7}, {0x0, 0x5}, {0x1, 0x7}, {0x5, 0x5}, {0x7, 0x4}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x9}, {0x1}, {0x2, 0x6}, {0x2, 0xa}, {0x6, 0x6}, {0x1, 0x7}, {0x0, 0x3}, {0x2, 0x8}, {0x0, 0x3}, {0x2, 0xa}, {0x7, 0x5}, {0x0, 0x7}, {0x0, 0x7}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x1b, 0x18, 0x6, 0x4, 0x48, 0xb, 0x3, 0x36, 0x4, 0x6c, 0x48, 0x1e, 0x18, 0xb, 0x30, 0x6f, 0x2, 0x18, 0x36, 0x12, 0x1b, 0xd, 0x36, 0x48, 0x1b]}]}, @NL80211_BAND_60GHZ={0x1c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x2, 0x8}, {0x1, 0x8}, {0x1, 0x5}, {0x2, 0x9}, {0x4, 0x3}, {0x0, 0x2}, {0x0, 0xa}, {0x5, 0x4}, {0x1, 0x2}, {0x5, 0x1}]}]}]}, @NL80211_ATTR_TX_RATES={0x29c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x6c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x66, 0xfffb, 0x3, 0x1000, 0x10af, 0x7, 0x1, 0x8]}}, @NL80211_TXRATE_HT={0x16, 0x2, [{0x5, 0x3}, {0x2, 0x2}, {0x5, 0x5}, {0x3, 0xa}, {0x5, 0x4}, {0x6, 0x6}, {0x2, 0x2}, {0x0, 0x7}, {0x3, 0xa}, {0x2, 0x9}, {0x7, 0x7}, {0x7, 0x4}, {0x7, 0x6}, {0x5, 0x9}, {0x0, 0x8}, {0x1, 0x1}, {0x4, 0x1}, {0x4, 0x9}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x2a, 0x2, [{0x5, 0x5}, {0x3, 0x2}, {0x6, 0x1}, {0x4, 0xa}, {0x7, 0x3}, {0x2, 0x7}, {0x4, 0x4}, {0x1, 0x4}, {0x6, 0x4}, {0x7, 0x7}, {0x6}, {0x2, 0x5}, {0x6}, {0x2, 0x1}, {0x2, 0x9}, {0x7, 0xa}, {0x3, 0x1}, {0x7}, {0x0, 0x8}, {0x1, 0xa}, {0x1, 0xa}, {0x4, 0x2}, {0x7, 0x2}, {0x4, 0x2}, {0x7, 0x5}, {0x3, 0x4}, {0x4, 0x1}, {0x4, 0x2}, {0x4}, {0x0, 0x4}, {0x4, 0x6}, {0x6, 0x3}, {0x6, 0x7}, {0x6}, {0x0, 0x5}, {0x0, 0x1}, {0x7, 0x7}, {0x2, 0x8}]}]}, @NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x14, 0x1, [0x9, 0x60, 0x24, 0x24, 0x60, 0x1b, 0x11, 0xb, 0x6c, 0x18, 0x6, 0x2, 0x12, 0x5, 0x60, 0x3]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0xbc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x51, 0x2, [{0x4, 0xa}, {0x6, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x0, 0x5}, {0x7, 0x5}, {0x4, 0x5}, {0x2}, {0x4}, {0x7, 0x3}, {0x7, 0xa}, {0x6, 0xa}, {0x2}, {0x3, 0xa}, {0x3, 0x2}, {0x1, 0x2}, {0x4}, {0x0, 0xa}, {0x5, 0x8}, {0x3, 0x1}, {0x6, 0x8}, {0x7, 0x5}, {0x5, 0x6}, {0x2, 0x4}, {0x7}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x5}, {0x4, 0xa}, {0x4, 0x8}, {0x4, 0x3}, {0x0, 0x2}, {0x1, 0x5}, {0x1, 0x4}, {0x1, 0x8}, {0x0, 0x6}, {0x1, 0x9}, {}, {0x0, 0xa}, {0x6, 0x9}, {0x2, 0x2}, {0x3, 0x6}, {0x7, 0x1}, {0x5, 0x9}, {0x0, 0x6}, {0x6, 0x9}, {0x4, 0x9}, {0x2, 0x6}, {0x0, 0x2}, {0x5, 0x1}, {0x3, 0xa}, {0x5, 0x8}, {0x1, 0x2}, {0x0, 0x5}, {0x7}, {0x6, 0x4}, {0x4, 0xa}, {0x6}, {0x3, 0x3}, {0x1, 0x2}, {0x2, 0x4}, {0x2, 0x4}, {0x0, 0x4}, {0x5, 0x8}, {0x3, 0x1}, {0x4}, {0x6, 0x8}, {0x7, 0x2}, {0x2, 0x3}, {0x1, 0x7}, {0x7, 0x8}, {0x0, 0x9}, {0x2, 0x9}, {0x7, 0x9}, {0x1}, {0x5, 0x4}, {0x5, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x1cab, 0xc, 0x3, 0x6, 0x7, 0x6, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x5, 0xc811, 0x2, 0x40, 0x7, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x1, 0x3, 0xb03, 0xac78, 0x80, 0xa35, 0x200]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0xffff, 0xce20, 0x8, 0x0, 0x64f5, 0x7, 0xfff9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xf, 0x3, 0x1, 0x3, 0x7, 0x8, 0x9, 0x81]}}]}, @NL80211_BAND_2GHZ={0x1c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x8000, 0x1, 0x2, 0x8001, 0x2, 0x8001, 0x200]}}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff32, 0x3, 0x2, 0x1000, 0x4, 0x1000, 0x1, 0x9]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0xa4, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0xa86, 0x800, 0x5, 0x7, 0xfffb, 0xf, 0x101]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x2, 0x81c, 0x1, 0x7, 0xd, 0x80, 0x401]}}, @NL80211_TXRATE_HT={0x3b, 0x2, [{0x2, 0x7}, {0x0, 0x3}, {0x0, 0x9}, {0x2, 0x4}, {0x0, 0x3}, {0x3, 0x6}, {0x3, 0xa}, {0x5, 0x9}, {0x7, 0x8}, {0x2, 0x1}, {0x1, 0x3}, {0x2, 0x3}, {0x5, 0x8}, {0x1, 0x2}, {0x1}, {0x0, 0xa}, {0x2, 0x7}, {0x3, 0x8}, {0x4, 0xa}, {0x6, 0x4}, {0x5}, {0x6, 0x4}, {0x7, 0x1}, {0x1, 0xa}, {0x4, 0x3}, {0x6, 0x6}, {0x2, 0x6}, {0x0, 0x5}, {0x6}, {0x7, 0x5}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x8}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x7, 0x7}, {}, {0x2, 0x4}, {0x0, 0x3}, {0x7, 0x2}, {0x0, 0x4}, {0x5, 0x5}, {0x2, 0x8}, {0x6}, {0x0, 0x1}, {0x5, 0x3}, {0x2, 0x5}, {0x4}, {0x2}, {0x0, 0x4}, {0x1, 0x3}, {0x7, 0x3}, {0x3, 0x4}, {0x6, 0x9}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x0, 0x5, 0x721d, 0xefe, 0x9, 0x551, 0x3]}}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x1, 0x8}, {0x0, 0x8}, {0x0, 0x1}, {0x3, 0x7}, {0x3, 0x7}, {0x3, 0x6}, {0x1, 0x4}, {0x7, 0x5}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4000, 0x8, 0x963, 0x9, 0x2, 0x7, 0x7, 0x2]}}]}, @NL80211_BAND_5GHZ={0x28, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1a, 0x2, [{0x7, 0x4}, {0x7, 0x7}, {0x0, 0x4}, {0x3, 0x6}, {0x7, 0x7}, {0x4, 0x9}, {0x1}, {0x7, 0x1}, {0x3, 0xa}, {0x6, 0x7}, {0x7, 0xa}, {0x6, 0xa}, {0x0, 0x5}, {0x1, 0xa}, {0x2, 0x2}, {0x1, 0x3}, {0x3, 0x3}, {0x7, 0x7}, {0x6, 0x7}, {0x4, 0x2}, {0x5, 0x2}, {0x3}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x19, 0x1, [0xb, 0x1, 0xb, 0x6, 0x5, 0x60, 0x18, 0x1, 0x12, 0x3, 0x1, 0x6c, 0x24, 0x36, 0x5, 0x6c, 0x1, 0x2, 0x5, 0x60, 0x12]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x260, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x8, 0xc, 0x4, 0x7, 0x2, 0x3, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x24, 0x48, 0x12, 0x42, 0x5, 0x60, 0x12, 0xd, 0x5, 0x1, 0x9, 0x24, 0x18, 0x5, 0x3, 0x2, 0x48]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x5, 0x3, 0xc, 0xb, 0x9, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x30, 0x2, [{0x0, 0x9}, {}, {0x3}, {0x3, 0x9}, {0x3, 0x8}, {0x2, 0x3}, {0x4, 0x9}, {0x7, 0x2}, {0x6, 0x4}, {0x0, 0x7}, {0x7, 0x1}, {0x1, 0x5}, {0x5, 0x9}, {0x1, 0xa}, {0x1, 0xa}, {0x6}, {0x6, 0x5}, {0x4, 0x7}, {0x5, 0xa}, {0x7, 0x8}, {0x4, 0x5}, {0x0, 0xa}, {0x2, 0x4}, {0x6, 0x3}, {0x4, 0xa}, {0x5, 0x4}, {0x4, 0x4}, {0x3, 0x5}, {0x0, 0x9}, {0x7, 0x6}, {0x4, 0x9}, {0x5, 0x4}, {0x1, 0x1}, {0x1, 0x5}, {0x3, 0x8}, {0x6, 0x5}, {0x2, 0x5}, {0x3, 0x5}, {0x7, 0x9}, {0x3, 0x7}, {0x6, 0x5}, {0x4, 0x5}, {0x3, 0x7}, {0x3, 0x3}]}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x0, 0x5}, {0x3, 0xa}, {0x6, 0x8}, {0x6, 0x5}, {0x0, 0x5}, {0x5, 0x8}, {0x1, 0x8}, {0x5, 0x4}, {0x0, 0x2}, {0x4, 0x6}, {0x3, 0x6}, {0x0, 0x2}, {0x3, 0x13}, {0x1, 0x2}, {0x0, 0x6}, {0x7, 0x9}, {0x1, 0x7}, {0x6, 0x4}, {0x7, 0x8}, {0x4, 0x7}, {0x2}, {0x6, 0x9}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8000, 0x2, 0xff, 0x1, 0x9, 0x81, 0xff, 0x401]}}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x9, 0x1, 0xa, 0x1, 0xffff, 0x4, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3824, 0x401, 0xe, 0x2, 0x6, 0x7, 0x2, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x84, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xfff7, 0x4, 0x1c, 0x0, 0x0, 0x7, 0x0, 0x826e]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x1, 0x5}, {0x2, 0x2}, {0x6, 0x2}, {0x3, 0x6}, {0x0, 0x1}, {0x4, 0x5}, {0x1, 0x5}, {0x2, 0xa}, {0x5, 0x4}, {0x6, 0x2}, {0x1, 0x8}, {0x6, 0x1}, {0x2, 0x7}, {0x4}, {0x4, 0x8}, {0x5, 0x8}, {0x4, 0x8}, {0x5, 0x4}, {0x1, 0x8}, {0x0, 0x3}, {0x5, 0x5}, {0x5, 0x2}, {0x7, 0xa}, {0x1, 0x9}, {0x2, 0x1}, {0x7, 0xa}, {0x7, 0x9}, {0x3}, {0x4, 0x8}, {0x3, 0x4}, {0x2, 0x9}, {0x0, 0x7}, {0x3, 0x9}, {0x4, 0x7}, {0x6, 0x8}, {0x0, 0x8}, {0x6, 0x3}, {0x3}, {0x7, 0x9}, {0x3, 0x2}, {0x0, 0x3}, {0x3, 0x5}, {0x6, 0x8}, {0x6}]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x60, 0x16, 0x48, 0x48, 0x24, 0x60, 0x0, 0x16, 0x1, 0xc, 0x6c, 0x5, 0x36, 0x1b, 0x6c, 0x12, 0x60, 0x24, 0x30, 0x60, 0x4, 0x4, 0x60, 0x20, 0x1b, 0xc, 0x2, 0x3, 0x48, 0x36]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x10, 0x6, 0xfff, 0x3, 0xa8, 0x5, 0xffff, 0xb]}}, @NL80211_TXRATE_LEGACY={0xf, 0x1, [0x24, 0x12, 0x18, 0x60, 0xb, 0x1, 0x5, 0x16, 0x30, 0x3, 0x24]}]}, @NL80211_BAND_2GHZ={0x1c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_5GHZ={0x6c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0x1, 0x9, 0xcf, 0x0, 0x36, 0x7cc705daf09597de, 0x6, 0x30, 0x11, 0x1, 0x1b, 0x24, 0x18, 0x1, 0x9, 0x5, 0x6c, 0x12, 0x18, 0x18, 0x1b, 0x6, 0x9, 0xb, 0x2, 0x30, 0x16, 0x5, 0x5, 0x36, 0x60]}, @NL80211_TXRATE_LEGACY={0x1d, 0x1, [0x18, 0x6c, 0x2, 0x4c, 0x5, 0x4, 0x4, 0x2, 0x36, 0x6, 0x24, 0x30, 0x1b, 0x0, 0x12, 0xb566deb72894e304, 0x1b, 0x6, 0x1d, 0x24, 0x9, 0x3, 0x6, 0x60, 0x24]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x4, 0x6d, 0x24, 0x7, 0x2, 0x9, 0x1000]}}]}, @NL80211_BAND_60GHZ={0x4}]}, @NL80211_ATTR_TX_RATES={0x2c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x10, 0x1, [0x6, 0x1b, 0x3, 0x18, 0x1b, 0x1, 0x48, 0x6, 0x2, 0xc, 0x9, 0x6]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x3, 0x3, 0xffff, 0xfffa, 0x9, 0x3, 0xfffe]}}]}]}, @NL80211_ATTR_TX_RATES={0x2b0, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6c60, 0xa, 0x4, 0x9, 0x5, 0x3, 0x9, 0x8]}}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x35, 0x2, [{0x3, 0x5}, {0x1}, {}, {0x1, 0x7}, {0x1, 0xa}, {0x7, 0x1}, {0x2, 0x6}, {0x5, 0x9}, {0x7, 0x4}, {0x1, 0x5}, {0x7, 0x4}, {0x1, 0x1}, {0x0, 0x1}, {0x6, 0x5}, {0x1, 0x3}, {0x1}, {0x1, 0x1}, {0x6, 0xa}, {0x4, 0x3}, {0x0, 0x9}, {0x2, 0x1}, {0x0, 0x9}, {0x1, 0x1}, {0x2, 0x3}, {0x4, 0x1}, {0x0, 0x9}, {0x0, 0x7}, {0x2, 0x7}, {0x7, 0x1}, {0x4, 0x9}, {0x1, 0x9}, {0x7, 0x8}, {0x2, 0xa}, {0x5, 0xa}, {0x2, 0x5}, {0x0, 0x8}, {0x7, 0x3}, {0x7, 0xa}, {0x2}, {0x1, 0x7}, {0x5, 0xa}, {0x2, 0x9}, {0x5}, {0x2, 0x3}, {0x3, 0x7}, {0x6}, {0x1, 0x7}, {0x1, 0x6}, {0x7, 0x4}]}]}, @NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4c, 0x2, [{0x7, 0x5}, {0x4, 0x4}, {0x2, 0x5}, {0x3, 0x6}, {0x2, 0x7}, {0x7, 0x8}, {0x5, 0xa}, {0x4, 0x4}, {0x6, 0x2}, {0x3, 0x7}, {0x6, 0x5}, {0x7, 0x5}, {0x2, 0xa}, {0x6, 0x6}, {0x2, 0x3}, {0x4, 0x6}, {0x4, 0x8}, {0x7, 0x8}, {0x1, 0x2}, {0x3, 0x3}, {}, {0x4, 0x8}, {0x7, 0x9}, {0x7, 0x3}, {0x7, 0x6}, {0x0, 0x9}, {0x3, 0x6}, {0x7, 0x4}, {0x7, 0x3}, {0x2}, {0x5, 0x2}, {0x5, 0x2}, {0x4, 0x6}, {0x1, 0x5}, {0x1}, {0x1, 0x3}, {0x6, 0x7}, {0x0, 0x4}, {0x5, 0x7}, {0x7, 0x2}, {0x7}, {}, {0x0, 0xa}, {0x3, 0x6}, {0x0, 0xa}, {0x0, 0x1}, {0x1, 0x7}, {0x0, 0x9}, {0x0, 0x5}, {0x5, 0x4}, {0x1, 0x7}, {0x2}, {0x2, 0x9}, {0x2, 0x6}, {0x7, 0x2}, {0x0, 0x8}, {0x1, 0x2}, {0x1, 0x5}, {0x4, 0x5}, {0x2, 0x5}, {0x5, 0x1}, {0x6, 0x7}, {0x4, 0xa}, {0x5, 0x7}, {0x4, 0x7}, {0x0, 0x6}, {0x6, 0xa}, {0x3, 0x2}, {0x4, 0xa}, {0x4, 0x7}, {0x3, 0xa}, {0x6, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x4, 0xfff, 0x3, 0x6, 0x2433, 0x1b70, 0x4, 0x6]}}]}, @NL80211_BAND_2GHZ={0x1c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0xb, 0x18, 0x6, 0x6, 0x6c, 0x24, 0x1, 0x12]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x4}]}, @NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x2b89, 0x800, 0x2, 0x9, 0xfff, 0x7fff]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1f, 0x2, [{0x7, 0x2}, {0x5, 0x5}, {0x7, 0x9}, {0x6, 0x2}, {0x7}, {0x2, 0x9}, {0x6, 0x3}, {0x6, 0x1}, {0x4, 0x3}, {0x3, 0xa}, {0x7, 0x5}, {0x0, 0x8}, {0x3, 0x6}, {0x0, 0xa}, {0x5, 0x9}, {0x3, 0x4}, {0x1, 0x7}, {0x5, 0x3}, {0x6, 0x6}, {0x4, 0x7}, {0x4, 0x1}, {0x7, 0x4}, {0x5, 0xa}, {0x1, 0x8}, {0x1, 0x9}, {0x1, 0x3}, {0x0, 0x1}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x641, 0x0, 0x38, 0x3, 0xe, 0x8001, 0xe8d4, 0x2]}}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x1b, 0x5, 0x13, 0x24, 0x18, 0xc, 0x48, 0x2]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x1, 0x48, 0x18]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_5GHZ={0x94, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x4b, 0x2, [{0x0, 0x8}, {0x6, 0x6}, {0x4, 0x7}, {0x6}, {0x5, 0xa}, {0x2, 0x3}, {0x1, 0xa}, {0x4, 0x3}, {0x3}, {0x3, 0x3}, {0x4, 0x7}, {0x1, 0x9}, {0x3, 0x2}, {0x2, 0xa}, {0x0, 0x7}, {0x5, 0x4}, {0x1, 0x4}, {0x3, 0x8}, {0x5, 0x9}, {0x1, 0x1}, {0x6, 0x4}, {0x0, 0x7}, {0x0, 0xa}, {0x1, 0x1}, {0x2, 0x5}, {0x5, 0x9}, {0x2, 0x4}, {0x7, 0x5}, {0x0, 0x1}, {0x0, 0x2}, {0x4, 0x8}, {0x1, 0x3}, {0x1, 0x2}, {0x1, 0x1}, {0x1, 0x2}, {0x1, 0x8}, {0x2, 0x4}, {0x0, 0x6}, {0x3}, {0x3, 0x2}, {0x0, 0x8}, {0x1, 0x2}, {0x1, 0x7}, {}, {0x6, 0x2}, {0x1, 0x2}, {0x7, 0x9}, {0x0, 0x9}, {0x0, 0x1}, {0x7}, {0x6}, {0x2, 0x4}, {0x4, 0x8}, {0x0, 0xa}, {0x1, 0x3}, {0x1, 0x3}, {0x6, 0x6}, {0x7, 0x3}, {0x3, 0x9}, {0x7, 0x6}, {0x4}, {0x0, 0x8}, {0x7, 0x3}, {0x6, 0x8}, {0x1, 0x5}, {0x0, 0x6}, {0x4, 0x5}, {0x4, 0x3}, {0x7, 0x8}, {0x7, 0x3}, {0x4, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2abd, 0x4, 0x8, 0x6, 0xe0fe, 0x6, 0x2b88, 0xab3b]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x78, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x17, 0x2, [{0x1, 0x6}, {0x1, 0x7}, {0x3, 0x1}, {0x7, 0x1}, {0x2, 0x6}, {0x1, 0x7}, {0x7, 0x9}, {0x5}, {0x5, 0x4}, {0x3, 0x8}, {0x6, 0x8}, {0x2, 0x6}, {0x0, 0x3}, {0x6, 0x7}, {0x7, 0x8}, {0x4, 0x5}, {0x2, 0x8}, {}, {0x2, 0x4}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x30, 0x48, 0x24, 0x9, 0x9, 0x6, 0x9, 0x9, 0x6, 0x0, 0x3, 0x6c, 0x6, 0x48, 0x30, 0x2, 0x5]}, @NL80211_TXRATE_HT={0x14, 0x2, [{0x0, 0x6}, {0x3, 0xe}, {0x5, 0x5}, {0x6, 0x6}, {0x0, 0xa}, {0x2, 0x3}, {0x4, 0x5}, {0x0, 0x9}, {0x2, 0x4}, {0x2, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x7, 0x7}, {0x0, 0x7}]}]}]}]}, 0x90c}, 0x1, 0x0, 0x0, 0x4000}, 0x40040)
syz_io_uring_setup(0x57dc, &(0x7f0000000000)={0x0, 0xa817, 0x200, 0x3, 0x2e9, 0x0, r6}, &(0x7f0000000080), &(0x7f0000000140))
r14 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r14, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="021800000b0000000000000000000000030005000000000002000000e00000010000000000000000030012000000000002000000000000000000000000000000030006000000000002"], 0x58}}, 0x24000894)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="780000001000370400"/20, @ANYRES32=r10, @ANYBLOB="8304050000000000580012800e00010069703667726500087000000044000280060010004e210000140006000000000000000000000600000000000008000c00000001000500160001000000040012"], 0x78}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
r15 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r15}, @call={0x85, 0x0, 0x0, 0x86}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sendto$packet(r0, &(0x7f0000000180)="1bf2", 0x2, 0x0, &(0x7f0000000100)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @random="2ab50e65cd6b"}, 0x14)

2.217291391s ago: executing program 7 (id=2220):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000008c0)={0x50, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_PEERS={0x34, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x8, 0x9, 0x0, 0x1, [{0x4}]}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

2.212071973s ago: executing program 7 (id=2228):
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCSFF(r1, 0x402c4580, &(0x7f0000001240)={0x51, 0x0, 0x0, {}, {}, @period={0x5d, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, 0x1c)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x3, @remote, 0x6}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000001180)={0x18, 0x1, 0x0, {0xfffffffffffffffb}}, 0x18)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r3, 0xffffffffffffffff, 0x1, 0x0, @val=@netfilter={0x2, 0x0, 0x8000}}, 0x40)
r4 = socket(0x840000000002, 0x3, 0xfa)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r4, &(0x7f0000005240), 0x4000095, 0x0)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))

2.120130498s ago: executing program 3 (id=2221):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000300)=ANY=[@ANYRESOCT, @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/tty/ldiscs\x00', 0x0, 0x0)
write$tun(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="0000994c058020630078c40040000c00000186dd061000090180c200000bfc000000000000000000000000000001000000000000fc000000000000000000fb000000"], 0x42)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x400)
r4 = socket(0x8, 0x80000, 0xfffffffa)
ioctl$sock_SIOCBRDELBR(r4, 0x89a1, &(0x7f00000009c0)='bond0\x00')
landlock_create_ruleset(&(0x7f0000000180)={0x1958}, 0x18, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000ac0)='sched_switch\x00', r5}, 0x18)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000a40)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000b00)=ANY=[@ANYRES8=r3, @ANYRES16=0x0, @ANYBLOB="000028bd7000fddbdf252100000002000300", @ANYRES32=0x0, @ANYBLOB="3410f2ef23d67415d656207097f3725ad15c679f56365f2392435d33cae43d037923e9483e84688d7f827ea4c8065594e9c2b794897c41cc716978e97e768c94517481108f9244050c5456eb7a6d16f7eb88988d969073fccf371e497b4b3f"], 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x10)
r6 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
write$binfmt_script(r6, &(0x7f0000000280)={'#! ', './file0/file0'}, 0x11)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r7 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000240)={0x28, 0x0, 0xffffffff, @hyper}, 0x10, 0x1000)
write$6lowpan_control(r7, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0xfffffffffffffda2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r3}, &(0x7f0000000340), &(0x7f0000000380)}, 0x1c)

1.443879044s ago: executing program 8 (id=2222):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async)
r0 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x1, 0x4, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x8045}, 0x40000) (async)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) (async)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
preadv(r3, &(0x7f0000000540)=[{&(0x7f00000020c0)=""/4096, 0x1000}], 0x1, 0x20, 0x0)

1.427552071s ago: executing program 6 (id=2223):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), r0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c000500040000000000000008000100030000000500020000000000050002"], 0x12c}, 0x1, 0x0, 0x0, 0x20000060}, 0x4800)

1.320472525s ago: executing program 8 (id=2224):
r0 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0xc0045543, &(0x7f0000000080))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
r3 = syz_open_pts(r2, 0x801)
r4 = dup3(r3, r2, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0x15)
write$UHID_INPUT(r4, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}, 0xffffffff}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x30, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '%kT', 0x0, 0x2b, 0x0, @mcast1, @dev}}}}}}}, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4000, 0x0, 0x4, 0xeffffdff, 0x0, [{}, {0x0, 0x9, 0x0, '\x00', 0xff}, {0xcc, 0x12}, {0x0, 0x6}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x4, 0x2, '\x00', 0x1}, {}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x2}, {0x0, 0x1, 0x7}, {}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x3}, {0xe, 0x0, 0x6}, {}, {0x84, 0x80}, {0x0, 0x4, 0x2}, {0x0, 0xd, 0x3}, {0x0, 0x2}, {0x0, 0x0, 0x3}]}})

1.313984128s ago: executing program 6 (id=2225):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), r0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c000500040000000000000008000100030000000500020000000000050002"], 0x12c}, 0x1, 0x0, 0x0, 0x20000060}, 0x4800) (fail_nth: 2)

1.179637444s ago: executing program 6 (id=2226):
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x29)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r1, 0x8002f515, &(0x7f0000000040))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
mount$pvfs2(0x0, 0x0, 0x0, 0x20, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$nl_generic(r6, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000002380)='net/fib_trie\x00')
read$FUSE(r8, &(0x7f0000000300)={0x2020}, 0x2020)
ioctl$sock_SIOCGPGRP(r7, 0x8904, &(0x7f00000001c0)=<r9=>0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={r9, r2, 0x0, 0x0, 0x0}, 0x30)

1.175680552s ago: executing program 3 (id=2235):
iopl(0x3)
memfd_secret(0x0) (fail_nth: 1)

812.748094ms ago: executing program 7 (id=2227):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f017, 0x1})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x403, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0xba01}, 0x810)

809.076537ms ago: executing program 8 (id=2237):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
setrlimit(0xf, &(0x7f0000000640)={0xba90, 0xc})
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
munlockall()
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x23, 0x70bd28, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4084}, 0x4000000)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {0x0, 0xcd, 0x6, 0x8001}, {0x0, 0x0, 0x81, 0x4}, {0x0, 0x0, 0x6e, 0x80000000}, {0x6, 0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0xa0}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)={0x58, 0x2, 0x3, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x11}, @NFQA_CFG_CMD={0x8, 0x1, {0x0, 0x0, 0x8}}, @NFQA_CFG_CMD={0x8, 0x1, {0x3, 0x0, 0x1d}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x9, 0x2}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x7}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x2f99}, @NFQA_CFG_MASK={0x8}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4)
openat$snapshot(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000480), 0x6584, 0x100c0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r7, 0x80dc5521, &(0x7f00000006c0)=""/89)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
close(r9)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x12, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0xfffffffd, 0x6, 0x0, 0x27c}}, @TCA_ACT_BPF_FD={0x8, 0x5, r8}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x64}}, 0x0)
r10 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCDFWD(r10, 0x40047459, 0x1000000000000)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000380)={0x0, 0x3c, &(0x7f0000000340)=[@in={0x2, 0x4e21, @private=0xa010102}, @in6={0xa, 0x4e22, 0xffffffb4, @dev={0xfe, 0x80, '\x00', 0xd}, 0x8}, @in={0x2, 0x4e20, @multicast1}]}, &(0x7f0000000500)=0xc)

808.320471ms ago: executing program 3 (id=2229):
socket$netlink(0x10, 0x3, 0x15) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) (async, rerun: 64)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 64)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) (async, rerun: 64)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc)
getsockopt$ax25_int(r1, 0x101, 0x3, &(0x7f0000000000), &(0x7f0000000100)=0x4) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000000c0)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c9d064bbd27b2aa57459cff33a3a9831ac46b8829b48fff3d63520d260804d0"}, 0x48, 0xfffffffffffffffd)
keyctl$setperm(0x5, r2, 0x0)
keyctl$revoke(0x6, 0x0) (async)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$pptp(0x18, 0x1, 0x2) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) (async)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x2c00, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) (async)
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

719.67148ms ago: executing program 3 (id=2230):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)

719.121587ms ago: executing program 3 (id=2231):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x98f6}]})
ioperm(0x0, 0x9, 0x1f)
getdents64(r6, &(0x7f00000002c0)=""/154, 0x9a)

676.834223ms ago: executing program 7 (id=2232):
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000900))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0xfffffd00, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$igmp(0x2, 0x3, 0x2)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='autofs\x00', 0x26c02, &(0x7f0000001540)='\r\x87\x17^\x981\xd5\x14\xe2\x81\xa6\xcd\t\xa5\xbasG\x88\x7f]\x03\xf3\xd5t\x97\x9f\xee\"\xebU\xccM\x02\x17\x0f[\x9c\x9e\xa6\xd2\xe4(\xea\x7f\xe4\x90K\xcb\xb5;f\x02}\x147\x04=\xe50\x8d;\x90!\x01,\xdb,\xb9\x8e\t\x13\x1eh\xbc^<\xd2\x809G\xe6H\xbb&^\\\x9c\xady\xd9\xb5\xa3\x16\xd0\xdf\x1a\xaa\xfcHz\x89\x19\xe1\xe6+\xf6\xc3\xad\x80\x98\xc2\x10\x91\xec\xf6\x93=\xbe\x10\xfc`\x86\xa7\xe6\xae\x00*R\x92\x05\xf6\x80u\xf9\xb7S{\xd6\x99\x9a\xf3\xcc\x04o\xdd\x91 \x92;\x87\xfb\x82c>\x82VR8\xe5\x0f\xeb\xcdJz\f\xf5.\xd7!\xa1\xfe\xc8\xf0\xb5\\\xc2\xc7\xc7\xaa\xd9:\xa3+\x12\x9f\xfc\xf6@},`=\xea\x91\fJ\xe4\rC\xa9\xe0\x8b%\x9f\'\xbdX\xbfS\x00\x8c\x84\x10\xcf\xf0\xd7\xe0\xf9\xf8E\xa3?\x17\\\x9e\n\xa1h!\x9e\xd8\xe8\xa5\xc5\xbf_\xa7\xc9\x91U\x86=\xa5\xf7g~\xaa\xc8N\"^\x8e%')
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x1c, 0x0, 0x400, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000004)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x2a, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @address_reply}}}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x2c, 0x2, 0x1, 0x5, 0x0, 0x0, {0xa, 0x0, 0x8}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x3}, @CTA_SEQ_ADJ_REPLY={0x4}, @CTA_ID={0x8}, @CTA_SEQ_ADJ_REPLY={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048400}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x9}}, [@TCA_RATE={0x6, 0x5, {0xff, 0x3}}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}]}, 0x40}}, 0x44880)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x55}, 0x4000)

315.194µs ago: executing program 6 (id=2233):
iopl(0x3)
memfd_secret(0x0)

0s ago: executing program 6 (id=2234):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x14000012)
recvmsg$qrtr(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000180)=""/227, 0xe3}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f00000007c0)=""/242, 0xf2}], 0x3}, 0x1c, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000008f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000050)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000340)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6f9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="020108090500000000000000fbdb85ade90d76637c6d19bf05033a930adf250300030000a0000002000009ac14140200000000000000003b8cb24851da5c7e873c9d9abe0eb9b2095c6b3d0ca5223c8a3cd84c9cebdf6dde6e11a710c3833eefcd4cb1a53c84698261060791fcaa296f7fd350c08435a5a7be0fc16ec653f2010dc2303c5c4b82af972f"], 0x28}}, 0x0)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

kernel console output (not intermixed with test programs):

5.612709][T19185] Call Trace:
[  385.614056][T19185]  <TASK>
[  385.615233][T19185]  dump_stack_lvl+0x16c/0x1f0
[  385.617106][T19185]  should_fail_ex+0x497/0x5b0
[  385.618664][T19185]  _copy_from_user+0x2e/0xd0
[  385.619997][T19185]  snd_rawmidi_kernel_write1+0x35e/0x860
[  385.621764][T19185]  snd_rawmidi_write+0x267/0xbe0
[  385.623173][T19185]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  385.624749][T19185]  ? apparmor_file_permission+0x251/0x400
[  385.626372][T19185]  ? bpf_lsm_file_permission+0x9/0x10
[  385.627935][T19185]  ? security_file_permission+0x71/0x210
[  385.629554][T19185]  ? iov_iter_advance+0x1e3/0x6c0
[  385.631017][T19185]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  385.632575][T19185]  vfs_writev+0x6da/0xdd0
[  385.633829][T19185]  ? find_held_lock+0x2d/0x110
[  385.635209][T19185]  ? __pfx_vfs_writev+0x10/0x10
[  385.636660][T19185]  ? find_held_lock+0x2d/0x110
[  385.638073][T19185]  ? __pfx_lock_release+0x10/0x10
[  385.639518][T19185]  ? trace_lock_acquire+0x14e/0x1f0
[  385.641047][T19185]  ? __fget_files+0x206/0x3a0
[  385.642439][T19185]  ? do_writev+0x297/0x340
[  385.643722][T19185]  do_writev+0x297/0x340
[  385.644956][T19185]  ? __pfx_do_writev+0x10/0x10
[  385.646338][T19185]  __do_fast_syscall_32+0x73/0x120
[  385.647817][T19185]  do_fast_syscall_32+0x32/0x80
[  385.649228][T19185]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  385.651025][T19185] RIP: 0023:0xf7f75579
[  385.652237][T19185] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  385.657887][T19185] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  385.660264][T19185] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000680
[  385.662633][T19185] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  385.664908][T19185] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  385.667156][T19185] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  385.669417][T19185] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  385.671673][T19185]  </TASK>
[  386.052156][ T5957] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  386.055620][ T5957] Bluetooth: hci1: unexpected event for opcode 0x2062
[  386.214397][T19207] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1985'.
[  386.217105][T19207] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1985'.
[  386.265440][T19211] FAULT_INJECTION: forcing a failure.
[  386.265440][T19211] name failslab, interval 1, probability 0, space 0, times 0
[  386.270649][T19211] CPU: 3 UID: 0 PID: 19211 Comm: syz.6.1986 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  386.274742][T19211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  386.278938][T19211] Call Trace:
[  386.280270][T19211]  <TASK>
[  386.281463][T19211]  dump_stack_lvl+0x16c/0x1f0
[  386.283567][T19211]  should_fail_ex+0x497/0x5b0
[  386.285464][T19211]  ? fs_reclaim_acquire+0xae/0x150
[  386.287502][T19211]  should_failslab+0xc2/0x120
[  386.289371][T19211]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  386.291089][T19211]  ? __alloc_skb+0x2b3/0x380
[  386.292544][T19211]  __alloc_skb+0x2b3/0x380
[  386.294005][T19211]  ? __pfx___alloc_skb+0x10/0x10
[  386.295540][T19211]  ? lock_acquire+0x2f/0xb0
[  386.296864][T19211]  netlink_alloc_large_skb+0x69/0x130
[  386.298694][T19211]  netlink_sendmsg+0x689/0xd70
[  386.300491][T19211]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.302494][T19211]  ____sys_sendmsg+0x9ae/0xb40
[  386.304293][T19211]  ? __pfx_____sys_sendmsg+0x10/0x10
[  386.306296][T19211]  ? get_compat_msghdr+0x11b/0x170
[  386.308086][T19211]  ___sys_sendmsg+0x135/0x1e0
[  386.309624][T19211]  ? __pfx____sys_sendmsg+0x10/0x10
[  386.311353][T19211]  ? __pfx_lock_release+0x10/0x10
[  386.313107][T19211]  ? trace_lock_acquire+0x14e/0x1f0
[  386.314801][T19211]  ? __fget_files+0x206/0x3a0
[  386.316200][T19211]  __sys_sendmsg+0x16e/0x220
[  386.317554][T19211]  ? __pfx___sys_sendmsg+0x10/0x10
[  386.319040][T19211]  __do_fast_syscall_32+0x73/0x120
[  386.320572][T19211]  do_fast_syscall_32+0x32/0x80
[  386.322038][T19211]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  386.323883][T19211] RIP: 0023:0xf7f76579
[  386.325068][T19211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  386.331250][T19211] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  386.333717][T19211] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200000c0
[  386.335992][T19211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  386.338271][T19211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  386.340559][T19211] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  386.342887][T19211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  386.345248][T19211]  </TASK>
[  386.485195][T19214] Context (ID=0x0) not attached to queue pair (handle=0x1:0x0)
[  386.692072][ T7094] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  386.922006][ T7094] usb 5-1: Using ep0 maxpacket: 8
[  386.934375][ T7094] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  386.938621][ T7094] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  386.941503][ T7094] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.072560][ T7094] usb 5-1: config 0 descriptor??
[  387.290529][ T7094] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  387.352913][   T39] audit: type=1800 audit(1737494962.319:230): pid=19244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1994" name="file0" dev="9p" ino=36575189 res=0 errno=0
[  387.501639][T11525] usb 5-1: USB disconnect, device number 12
[  387.610428][T19250] FAULT_INJECTION: forcing a failure.
[  387.610428][T19250] name failslab, interval 1, probability 0, space 0, times 0
[  387.614104][T19250] CPU: 3 UID: 0 PID: 19250 Comm: syz.6.1996 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  387.617058][T19250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  387.620086][T19250] Call Trace:
[  387.621056][T19250]  <TASK>
[  387.621912][T19250]  dump_stack_lvl+0x16c/0x1f0
[  387.623321][T19250]  should_fail_ex+0x497/0x5b0
[  387.624673][T19250]  ? fs_reclaim_acquire+0xae/0x150
[  387.626152][T19250]  should_failslab+0xc2/0x120
[  387.627622][T19250]  __kmalloc_noprof+0xce/0x4f0
[  387.629092][T19250]  ? bpf_test_init.isra.0+0xa5/0x150
[  387.630596][T19250]  ? find_held_lock+0x2d/0x110
[  387.631964][T19250]  bpf_test_init.isra.0+0xa5/0x150
[  387.633412][T19250]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  387.635114][T19250]  bpf_prog_test_run_skb+0x250/0x22c0
[  387.636657][T19250]  ? __fget_files+0x40/0x3a0
[  387.638025][T19250]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  387.639698][T19250]  ? fput+0x67/0x440
[  387.640808][T19250]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  387.642420][T19250]  __sys_bpf+0x1921/0x57a0
[  387.643731][T19250]  ? __pfx_lock_release+0x10/0x10
[  387.645194][T19250]  ? __pfx___sys_bpf+0x10/0x10
[  387.646556][T19250]  ? vfs_write+0x306/0x1150
[  387.647835][T19250]  ? __mutex_unlock_slowpath+0x164/0x690
[  387.649729][T19250]  ? fput+0x67/0x440
[  387.651250][T19250]  ? ksys_write+0x1ba/0x250
[  387.653093][T19250]  ? __pfx_ksys_write+0x10/0x10
[  387.654684][T19250]  __ia32_sys_bpf+0x76/0xe0
[  387.656411][T19250]  __do_fast_syscall_32+0x73/0x120
[  387.658459][T19250]  do_fast_syscall_32+0x32/0x80
[  387.660413][T19250]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  387.662249][T19250] RIP: 0023:0xf7f76579
[  387.663419][T19250] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  387.668876][T19250] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  387.671246][T19250] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  387.673522][T19250] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  387.675771][T19250] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  387.678319][T19250] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  387.681331][T19250] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  387.683918][T19250]  </TASK>
[  387.716908][T19253] FAULT_INJECTION: forcing a failure.
[  387.716908][T19253] name failslab, interval 1, probability 0, space 0, times 0
[  387.721183][T19253] CPU: 2 UID: 0 PID: 19253 Comm: syz.6.1997 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  387.724139][T19253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  387.727194][T19253] Call Trace:
[  387.728160][T19253]  <TASK>
[  387.729021][T19253]  dump_stack_lvl+0x16c/0x1f0
[  387.730380][T19253]  should_fail_ex+0x497/0x5b0
[  387.731725][T19253]  ? fs_reclaim_acquire+0xae/0x150
[  387.733210][T19253]  should_failslab+0xc2/0x120
[  387.734550][T19253]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  387.736070][T19253]  ? __pfx___might_resched+0x10/0x10
[  387.737584][T19253]  ? __anon_vma_prepare+0xae/0x5e0
[  387.738955][T19253]  __anon_vma_prepare+0xae/0x5e0
[  387.740285][T19253]  ? __pfx___pte_alloc+0x10/0x10
[  387.741649][T19253]  __vmf_anon_prepare+0x11c/0x240
[  387.743273][T19253]  do_pte_missing+0x1020/0x3e00
[  387.744679][T19253]  ? mt_find+0x82d/0xa20
[  387.745899][T19253]  ? __pfx_lock_release+0x10/0x10
[  387.747338][T19253]  __handle_mm_fault+0x103c/0x2a40
[  387.748803][T19253]  ? __pfx___handle_mm_fault+0x10/0x10
[  387.750356][T19253]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  387.751960][T19253]  ? find_vma+0xc0/0x140
[  387.753170][T19253]  ? __pfx_find_vma+0x10/0x10
[  387.754481][T19253]  handle_mm_fault+0x3fa/0xaa0
[  387.755858][T19253]  do_user_addr_fault+0x7a3/0x13f0
[  387.757293][T19253]  exc_page_fault+0x5c/0xc0
[  387.758560][T19253]  asm_exc_page_fault+0x26/0x30
[  387.760004][T19253] RIP: 0010:__put_user_8+0x11/0x20
[  387.761450][T19253] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[  387.766762][T19253] RSP: 0018:ffffc900206b7e60 EFLAGS: 00050206
[  387.768457][T19253] RAX: 00000000f50c6ba8 RBX: 0000000000000000 RCX: 0000000020000000
[  387.770696][T19253] RDX: ffff888022f2c880 RSI: ffffffff816146d1 RDI: ffff888022f2cf18
[  387.772970][T19253] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20bca22
[  387.775198][T19253] R10: ffffffff905e5117 R11: 0000000000000000 R12: 1ffff920040d6fd0
[  387.777423][T19253] R13: 0000000020000000 R14: 0000000000000028 R15: dffffc0000000000
[  387.779614][T19253]  ? __do_sys_prctl+0x1451/0x20f0
[  387.781064][T19253]  __do_sys_prctl+0x1483/0x20f0
[  387.782460][T19253]  ? __pfx___do_sys_prctl+0x10/0x10
[  387.783901][T19253]  __do_fast_syscall_32+0x73/0x120
[  387.785361][T19253]  do_fast_syscall_32+0x32/0x80
[  387.786749][T19253]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  387.788517][T19253] RIP: 0023:0xf7f76579
[  387.789680][T19253] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  387.795090][T19253] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 00000000000000ac
[  387.797451][T19253] RAX: ffffffffffffffda RBX: 0000000000000028 RCX: 0000000020000000
[  387.799672][T19253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  387.801895][T19253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  387.804094][T19253] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  387.806335][T19253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  387.808563][T19253]  </TASK>
[  387.917762][T19259] openvswitch: netlink: nsh attr 2 has unexpected len 0 expected 16
[  387.920076][T19259] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  388.032124][T19262] FAULT_INJECTION: forcing a failure.
[  388.032124][T19262] name failslab, interval 1, probability 0, space 0, times 0
[  388.035976][T19262] CPU: 3 UID: 0 PID: 19262 Comm: syz.0.2000 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  388.039225][T19262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.042446][T19262] Call Trace:
[  388.043438][T19262]  <TASK>
[  388.044316][T19262]  dump_stack_lvl+0x16c/0x1f0
[  388.045967][T19262]  should_fail_ex+0x497/0x5b0
[  388.047818][T19262]  ? fs_reclaim_acquire+0xae/0x150
[  388.049471][T19262]  should_failslab+0xc2/0x120
[  388.050881][T19262]  __kmalloc_cache_node_noprof+0x6f/0x3f0
[  388.052552][T19262]  ? mark_lock+0xb5/0xc60
[  388.053966][T19262]  ? __get_vm_area_node+0x101/0x2f0
[  388.055549][T19262]  __get_vm_area_node+0x101/0x2f0
[  388.057209][T19262]  ? __pfx_mark_lock+0x10/0x10
[  388.058625][T19262]  __vmalloc_node_range_noprof+0x26a/0x1530
[  388.060577][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.062215][T19262]  ? mark_lock+0xb5/0xc60
[  388.063522][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.065244][T19262]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  388.067234][T19262]  ? __pfx_aa_get_newest_label+0x10/0x10
[  388.069046][T19262]  ? __pfx___lock_acquire+0x10/0x10
[  388.070635][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.072299][T19262]  __vmalloc_noprof+0x6d/0x90
[  388.073749][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.075427][T19262]  bpf_prog_alloc_no_stats+0x54/0x630
[  388.077071][T19262]  ? security_capable+0x7e/0x260
[  388.078859][T19262]  bpf_prog_alloc+0x3b/0x230
[  388.080247][T19262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  388.082117][T19262]  bpf_prog_load+0x1b4e/0x2670
[  388.083562][T19262]  ? __pfx_bpf_prog_load+0x10/0x10
[  388.085194][T19262]  ? find_held_lock+0x2d/0x110
[  388.086627][T19262]  ? __might_fault+0x13b/0x190
[  388.088091][T19262]  ? __might_fault+0xe3/0x190
[  388.089556][T19262]  __sys_bpf+0x5677/0x57a0
[  388.090906][T19262]  ? __pfx_lock_release+0x10/0x10
[  388.092486][T19262]  ? __pfx___sys_bpf+0x10/0x10
[  388.093973][T19262]  ? vfs_write+0x306/0x1150
[  388.095342][T19262]  ? __mutex_unlock_slowpath+0x164/0x690
[  388.097057][T19262]  ? fput+0x67/0x440
[  388.098488][T19262]  ? ksys_write+0x1ba/0x250
[  388.101017][T19262]  ? __pfx_ksys_write+0x10/0x10
[  388.103115][T19262]  __ia32_sys_bpf+0x76/0xe0
[  388.104722][T19262]  __do_fast_syscall_32+0x73/0x120
[  388.106534][T19262]  do_fast_syscall_32+0x32/0x80
[  388.108123][T19262]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.110074][T19262] RIP: 0023:0xf7f51579
[  388.111337][T19262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  388.117331][T19262] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  388.119836][T19262] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  388.122244][T19262] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  388.124625][T19262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.126998][T19262] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  388.129384][T19262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.131935][T19262]  </TASK>
[  388.134322][T19262] syz.0.2000: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  388.139066][T19262] CPU: 3 UID: 0 PID: 19262 Comm: syz.0.2000 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  388.142401][T19262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.145628][T19262] Call Trace:
[  388.146755][T19262]  <TASK>
[  388.147715][T19262]  dump_stack_lvl+0x16c/0x1f0
[  388.149146][T19262]  warn_alloc+0x24d/0x3a0
[  388.150479][T19262]  ? __pfx_warn_alloc+0x10/0x10
[  388.151960][T19262]  ? rcu_is_watching+0x12/0xc0
[  388.153844][T19262]  ? __kmalloc_cache_node_noprof+0x245/0x3f0
[  388.155921][T19262]  ? __kasan_kmalloc+0x8a/0xb0
[  388.157390][T19262]  ? __get_vm_area_node+0x1dc/0x2f0
[  388.158878][T19262]  __vmalloc_node_range_noprof+0xd27/0x1530
[  388.160566][T19262]  ? mark_lock+0xb5/0xc60
[  388.161841][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.163807][T19262]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  388.166364][T19262]  ? __pfx_aa_get_newest_label+0x10/0x10
[  388.168629][T19262]  ? __pfx___lock_acquire+0x10/0x10
[  388.170756][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.173125][T19262]  __vmalloc_noprof+0x6d/0x90
[  388.174747][T19262]  ? bpf_prog_alloc_no_stats+0x54/0x630
[  388.176407][T19262]  bpf_prog_alloc_no_stats+0x54/0x630
[  388.178088][T19262]  ? security_capable+0x7e/0x260
[  388.179653][T19262]  bpf_prog_alloc+0x3b/0x230
[  388.181018][T19262]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  388.182740][T19262]  bpf_prog_load+0x1b4e/0x2670
[  388.184122][T19262]  ? __pfx_bpf_prog_load+0x10/0x10
[  388.185609][T19262]  ? find_held_lock+0x2d/0x110
[  388.187002][T19262]  ? __might_fault+0x13b/0x190
[  388.188353][T19262]  ? __might_fault+0xe3/0x190
[  388.189888][T19262]  __sys_bpf+0x5677/0x57a0
[  388.191243][T19262]  ? __pfx_lock_release+0x10/0x10
[  388.192773][T19262]  ? __pfx___sys_bpf+0x10/0x10
[  388.194373][T19262]  ? vfs_write+0x306/0x1150
[  388.195812][T19262]  ? __mutex_unlock_slowpath+0x164/0x690
[  388.197505][T19262]  ? fput+0x67/0x440
[  388.198694][T19262]  ? ksys_write+0x1ba/0x250
[  388.200097][T19262]  ? __pfx_ksys_write+0x10/0x10
[  388.201621][T19262]  __ia32_sys_bpf+0x76/0xe0
[  388.203033][T19262]  __do_fast_syscall_32+0x73/0x120
[  388.204591][T19262]  do_fast_syscall_32+0x32/0x80
[  388.206096][T19262]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.208172][T19262] RIP: 0023:0xf7f51579
[  388.209533][T19262] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  388.215386][T19262] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  388.217926][T19262] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0
[  388.220214][T19262] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  388.222633][T19262] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.225076][T19262] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  388.227480][T19262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.229863][T19262]  </TASK>
[  388.232014][T19262] Mem-Info:
[  388.233125][T19262] active_anon:15800 inactive_anon:0 isolated_anon:0
[  388.233125][T19262]  active_file:19129 inactive_file:12530 isolated_file:0
[  388.233125][T19262]  unevictable:1768 dirty:3 writeback:0
[  388.233125][T19262]  slab_reclaimable:7257 slab_unreclaimable:76272
[  388.233125][T19262]  mapped:30414 shmem:8121 pagetables:1392
[  388.233125][T19262]  sec_pagetables:320 bounce:0
[  388.233125][T19262]  kernel_misc_reclaimable:0
[  388.233125][T19262]  free:42722 free_pcp:1669 free_cma:0
[  388.246860][T19263] sg_write: data in/out 2097180/14 bytes for SCSI command 0x0-- guessing data in;
[  388.246860][T19263]    program syz.6.1999 not setting count and/or reply_len properly
[  388.249215][T19262] Node 0 active_anon:2364kB inactive_anon:0kB active_file:804kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1228kB dirty:0kB writeback:0kB shmem:4148kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9844kB pagetables:1044kB sec_pagetables:1152kB all_unreclaimable? yes
[  388.262854][T19262] Node 1 active_anon:60836kB inactive_anon:0kB active_file:75712kB inactive_file:50120kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:120428kB dirty:12kB writeback:0kB shmem:28336kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5308kB pagetables:4524kB sec_pagetables:128kB all_unreclaimable? no
[  388.281960][T19262] Node 0 DMA free:2996kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:388kB local_pcp:220kB free_cma:0kB
[  388.300546][T19262] lowmem_reserve[]: 0 296 0 0 0
[  388.302669][T19262] Node 0 DMA32 free:21684kB boost:2048kB min:15720kB low:19136kB high:22552kB reserved_highatomic:4096KB active_anon:2428kB inactive_anon:0kB active_file:804kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:303684kB mlocked:0kB bounce:0kB free_pcp:2060kB local_pcp:172kB free_cma:0kB
[  388.312267][T19262] lowmem_reserve[]: 0 0 0 0 0
[  388.314342][T19262] Node 1 DMA32 free:138840kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:61252kB inactive_anon:0kB active_file:75712kB inactive_file:50120kB unevictable:3536kB writepending:32kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:8916kB local_pcp:160kB free_cma:0kB
[  388.326144][T19262] lowmem_reserve[]: 0 0 0 0 0
[  388.328030][T19262] Node 0 DMA: 27*4kB (UM) 41*8kB (UM) 32*16kB (UM) 42*32kB (UM) 9*64kB (UM) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2996kB
[  388.333588][T19262] Node 0 DMA32: 29*4kB (UMH) 109*8kB (UMEH) 81*16kB (UMEH) 145*32kB (UMEH) 66*64kB (UMEH) 28*128kB (UMEH) 9*256kB (UMEH) 7*512kB (UMH) 1*1024kB (U) 0*2048kB 0*4096kB = 21644kB
[  388.340346][T19262] Node 1 DMA32: 92*4kB (UME) 89*8kB (UE) 50*16kB (UME) 104*32kB (UME) 77*64kB (UE) 65*128kB (UME) 32*256kB (UME) 15*512kB (UME) 12*1024kB (M) 13*2048kB (UME) 16*4096kB (UM) = 138776kB
[  388.345856][T19262] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.348501][T19262] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.351197][T19262] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.354016][T19262] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.357225][T19262] 39428 total pagecache pages
[  388.359115][T19262] 169 pages in swap cache
[  388.360890][T19262] Free swap  = 120584kB
[  388.363798][T19262] Total swap = 124996kB
[  388.365493][T19262] 524155 pages RAM
[  388.366998][T19262] 0 pages HighMem/MovableOnly
[  388.368897][T19262] 207331 pages reserved
[  388.370588][T19262] 0 pages cma reserved
[  388.417552][T19269] FAULT_INJECTION: forcing a failure.
[  388.417552][T19269] name failslab, interval 1, probability 0, space 0, times 0
[  388.423420][T19269] CPU: 3 UID: 0 PID: 19269 Comm: syz.1.2002 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  388.427345][T19269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.431372][T19269] Call Trace:
[  388.432736][T19269]  <TASK>
[  388.433903][T19269]  dump_stack_lvl+0x16c/0x1f0
[  388.435752][T19269]  should_fail_ex+0x497/0x5b0
[  388.437544][T19269]  ? fs_reclaim_acquire+0xae/0x150
[  388.439501][T19269]  should_failslab+0xc2/0x120
[  388.441314][T19269]  __kmalloc_noprof+0xce/0x4f0
[  388.443178][T19269]  ? bpf_test_init.isra.0+0xa5/0x150
[  388.445137][T19269]  ? find_held_lock+0x2d/0x110
[  388.446898][T19269]  bpf_test_init.isra.0+0xa5/0x150
[  388.448744][T19269]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  388.450940][T19269]  bpf_prog_test_run_skb+0x250/0x22c0
[  388.452981][T19269]  ? __fget_files+0x40/0x3a0
[  388.454646][T19269]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  388.456845][T19269]  ? fput+0x67/0x440
[  388.458390][T19269]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  388.460492][T19269]  __sys_bpf+0x1921/0x57a0
[  388.462208][T19269]  ? __pfx_lock_release+0x10/0x10
[  388.464131][T19269]  ? __pfx___sys_bpf+0x10/0x10
[  388.465879][T19269]  ? vfs_write+0x306/0x1150
[  388.467608][T19269]  ? __mutex_unlock_slowpath+0x164/0x690
[  388.469763][T19269]  ? fput+0x67/0x440
[  388.471243][T19269]  ? ksys_write+0x1ba/0x250
[  388.472966][T19269]  ? __pfx_ksys_write+0x10/0x10
[  388.474760][T19269]  __ia32_sys_bpf+0x76/0xe0
[  388.476425][T19269]  __do_fast_syscall_32+0x73/0x120
[  388.478300][T19269]  do_fast_syscall_32+0x32/0x80
[  388.480107][T19269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.482468][T19269] RIP: 0023:0xf7f75579
[  388.483989][T19269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  388.490504][T19269] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  388.493256][T19269] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240
[  388.495932][T19269] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  388.498477][T19269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.500680][T19269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  388.502905][T19269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.505313][T19269]  </TASK>
[  388.563257][T19281] FAULT_INJECTION: forcing a failure.
[  388.563257][T19281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.566957][T19281] CPU: 2 UID: 0 PID: 19281 Comm: syz.1.2006 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  388.569925][T19281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.573037][T19281] Call Trace:
[  388.574006][T19281]  <TASK>
[  388.574829][T19281]  dump_stack_lvl+0x16c/0x1f0
[  388.576204][T19281]  should_fail_ex+0x497/0x5b0
[  388.577566][T19281]  _copy_from_user+0x2e/0xd0
[  388.578903][T19281]  compat_ioctl_preallocate+0xbc/0x220
[  388.580457][T19281]  ? __pfx_compat_ioctl_preallocate+0x10/0x10
[  388.582228][T19281]  __do_compat_sys_ioctl+0x24e/0x2c0
[  388.583747][T19281]  __do_fast_syscall_32+0x73/0x120
[  388.585232][T19281]  do_fast_syscall_32+0x32/0x80
[  388.586639][T19281]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  388.588448][T19281] RIP: 0023:0xf7f75579
[  388.589631][T19281] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  388.595113][T19281] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  388.597492][T19281] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000402c5828
[  388.599769][T19281] RDX: 0000000020001080 RSI: 0000000000000000 RDI: 0000000000000000
[  388.602033][T19281] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  388.604301][T19281] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  388.606558][T19281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  388.608821][T19281]  </TASK>
[  388.675266][T19288] binder: 19287:19288 ioctl 5412 20000140 returned -22
[  388.734631][T19292] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2010'.
[  388.744259][T19277] netlink: 'syz.0.2004': attribute type 12 has an invalid length.
[  388.804624][T19300] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  388.808332][T19300] overlayfs: overlapping lowerdir path
[  388.842568][ T5953] Bluetooth: hci2: command 0x0405 tx timeout
[  389.072026][T11525] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  389.402010][T11525] usb 5-1: Using ep0 maxpacket: 8
[  389.406376][T11525] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  389.409230][T11525] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  389.418856][T11525] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  389.421638][T11525] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  389.426639][T11525] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  389.430957][T11525] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  389.436427][T11525] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.646137][T11525] usb 5-1: usb_control_msg returned -32
[  389.647802][T11525] usbtmc 5-1:16.0: can't read capabilities
[  389.759433][T19345] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2025'.
[  389.928686][ T5953] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  389.929203][   T39] audit: type=1326 audit(1737494964.889:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.2027" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x0
[  390.112174][ T5953] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  390.116152][ T5953] Bluetooth: hci1: Injecting HCI hardware error event
[  390.121421][ T5953] Bluetooth: hci1: hardware error 0x00
[  390.912036][ T5958] Bluetooth: hci2: command 0x0405 tx timeout
[  391.470204][ T7094] usb 5-1: USB disconnect, device number 13
[  391.620783][T19385] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  391.624470][T19385] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  391.917381][T19418] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2035'.
[  392.192159][ T5953] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  392.225708][T19385] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  392.227707][T19385] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  392.316613][T19385] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  392.319363][T19385] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  392.592090][   T35] usb 11-1: new full-speed USB device number 19 using dummy_hcd
[  392.696030][   T96] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.764307][   T35] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  392.767272][   T35] usb 11-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  392.771632][   T35] usb 11-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  392.779242][   T35] usb 11-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  392.782018][   T35] usb 11-1: Product: syz
[  392.783290][   T35] usb 11-1: Manufacturer: syz
[  392.784656][   T35] usb 11-1: SerialNumber: syz
[  392.787531][   T35] usb 11-1: config 0 descriptor??
[  392.824136][   T96] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.855610][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  392.861574][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  392.865411][ T5958] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  392.871794][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  392.876172][ T5958] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  392.878620][ T5958] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  392.886363][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  392.888730][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  392.890919][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  392.893419][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  392.904524][ T5953] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  392.906778][ T5953] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  392.913606][   T96] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.933910][T19460] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2041'.
[  392.960117][T19460] 8021q: adding VLAN 0 to HW filter on device bond1
[  392.981795][T19461] 8021q: adding VLAN 0 to HW filter on device bond1
[  392.984103][T19461] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  392.987744][T19461] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  393.035340][   T96] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.185266][   T96] bridge_slave_1: left promiscuous mode
[  393.187011][   T96] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.190627][   T96] bridge_slave_0: left allmulticast mode
[  393.193187][   T96] bridge_slave_0: left promiscuous mode
[  393.195057][   T96] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.422761][T19486] netlink: 324 bytes leftover after parsing attributes in process `syz.1.2043'.
[  393.703431][   T96] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  393.711199][   T96] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  393.721263][   T96] bond0 (unregistering): Released all slaves
[  393.739454][T19452] chnl_net:caif_netlink_parms(): no params data found
[  393.874844][T19452] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.879626][T19452] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.881776][T19452] bridge_slave_0: entered allmulticast mode
[  393.886618][T19452] bridge_slave_0: entered promiscuous mode
[  393.889441][T19452] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.894389][T19452] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.896504][T19452] bridge_slave_1: entered allmulticast mode
[  393.898681][T19452] bridge_slave_1: entered promiscuous mode
[  393.968560][T19452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.974080][T19452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  394.000895][T19452] team0: Port device team_slave_0 added
[  394.008675][T19452] team0: Port device team_slave_1 added
[  394.057122][T19452] batman_adv: batadv0: Adding interface: batadv_slave_0
[  394.059137][T19452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.072288][T19452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  394.085895][T19452] batman_adv: batadv0: Adding interface: batadv_slave_1
[  394.088741][T19452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.097468][T19452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  394.134932][   T96] hsr_slave_0: left promiscuous mode
[  394.137503][   T96] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  394.140308][   T96] batman_adv: batadv0: Removing interface: batadv_slave_0
[  394.143194][   T96] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  394.145429][   T96] batman_adv: batadv0: Removing interface: batadv_slave_1
[  394.173238][   T96] veth1_macvtap: left promiscuous mode
[  394.175101][   T96] veth0_macvtap: left promiscuous mode
[  394.177081][   T96] veth1_vlan: left promiscuous mode
[  394.179014][   T96] veth0_vlan: left promiscuous mode
[  394.923755][ T5958] Bluetooth: hci3: command tx timeout
[  395.025524][   T96] team0 (unregistering): Port device team_slave_1 removed
[  395.127996][   T96] team0 (unregistering): Port device team_slave_0 removed
[  395.359397][T11169] usb 11-1: USB disconnect, device number 19
[  395.969603][T19452] hsr_slave_0: entered promiscuous mode
[  395.971717][T19452] hsr_slave_1: entered promiscuous mode
[  395.974015][T19452] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  395.976220][T19452] Cannot create hsr debugfs directory
[  396.384695][T19547] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2048'.
[  396.677132][T19559] program syz.6.2053 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  396.756849][T19568] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2054'.
[  396.813893][T19452] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  396.836164][T19452] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  396.845820][T19452] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  396.848771][T19574] netlink: 'syz.6.2056': attribute type 12 has an invalid length.
[  396.853627][T19452] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  396.938100][T19452] 8021q: adding VLAN 0 to HW filter on device bond0
[  396.947652][T19452] 8021q: adding VLAN 0 to HW filter on device team0
[  396.952817][T15050] bridge0: port 1(bridge_slave_0) entered blocking state
[  396.955032][T15050] bridge0: port 1(bridge_slave_0) entered forwarding state
[  396.960325][T15050] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.962468][T15050] bridge0: port 2(bridge_slave_1) entered forwarding state
[  397.004431][ T5958] Bluetooth: hci3: command tx timeout
[  397.062067][T19589] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2057'.
[  397.126708][T19452] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.272143][ T7761] psmouse serio17: Failed to reset mouse on : -5
[  397.353337][T19452] veth0_vlan: entered promiscuous mode
[  397.357622][T19452] veth1_vlan: entered promiscuous mode
[  397.382246][T19452] veth0_macvtap: entered promiscuous mode
[  397.388283][T19452] veth1_macvtap: entered promiscuous mode
[  397.406419][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.411070][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.415360][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.418527][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.421541][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.425410][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.428446][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.431703][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.435186][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.438645][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.442719][T19452] batman_adv: batadv0: Interface activated: batadv_slave_0
[  397.449791][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.455368][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.458590][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.461710][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.465306][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.468712][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.471961][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.474950][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.478515][T19452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.483365][T19452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.490336][T19452] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.494300][T19452] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.497507][T19452] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.500209][T19452] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.504619][T19452] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  397.578560][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  397.581013][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.606690][T15050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  397.609938][T15050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.670522][T19626] Cannot find add_set index 0 as target
[  398.325171][T19650] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2059'.
[  398.640123][T19676] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  398.658319][T19676] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  399.082032][ T5953] Bluetooth: hci3: command tx timeout
[  399.313740][T19715] binder: 19714:19715 ioctl c0306201 200087c0 returned -14
[  399.354328][T19723] input: syz1 as /devices/virtual/input/input71
[  399.378866][T19723] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  399.380975][T19723] overlayfs: failed to set xattr on upper
[  399.383168][T19723] overlayfs: ...falling back to redirect_dir=nofollow.
[  399.385824][T19723] overlayfs: ...falling back to index=off.
[  399.651378][T19741] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  399.744817][T19723] overlayfs: ...falling back to uuid=null.
[  399.997442][   T39] audit: type=1326 audit(1737494974.959:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19762 comm="syz.8.2071" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  400.156914][T19782] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  400.254044][T19792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  400.263254][T19792] FAULT_INJECTION: forcing a failure.
[  400.263254][T19792] name failslab, interval 1, probability 0, space 0, times 0
[  400.267751][T19792] CPU: 2 UID: 0 PID: 19792 Comm: syz.7.2076 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  400.270537][T19792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  400.274360][T19792] Call Trace:
[  400.275557][T19792]  <TASK>
[  400.276743][T19792]  dump_stack_lvl+0x16c/0x1f0
[  400.278545][T19792]  should_fail_ex+0x497/0x5b0
[  400.280336][T19792]  ? fs_reclaim_acquire+0xae/0x150
[  400.282304][T19792]  should_failslab+0xc2/0x120
[  400.284066][T19792]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  400.285745][T19792]  ? security_inode_alloc+0x3b/0x2b0
[  400.287193][T19792]  security_inode_alloc+0x3b/0x2b0
[  400.288577][T19792]  inode_init_always_gfp+0xce4/0x1030
[  400.290036][T19792]  alloc_inode+0x82/0x230
[  400.291600][T19792]  sock_alloc+0x40/0x280
[  400.293219][T19792]  __sock_create+0xc1/0x8d0
[  400.294948][T19792]  ? trace_lock_acquire+0x14e/0x1f0
[  400.296979][T19792]  __sys_socket+0x14f/0x260
[  400.298705][T19792]  ? __might_fault+0xe3/0x190
[  400.300497][T19792]  ? __pfx___sys_socket+0x10/0x10
[  400.302296][T19792]  ? __might_fault+0xe3/0x190
[  400.303876][T19792]  __do_compat_sys_socketcall+0x57e/0x700
[  400.305865][T19792]  ? __fget_files+0x206/0x3a0
[  400.307610][T19792]  ? __pfx___do_compat_sys_socketcall+0x10/0x10
[  400.309919][T19792]  ? fput+0x67/0x440
[  400.311414][T19792]  __do_fast_syscall_32+0x73/0x120
[  400.313362][T19792]  do_fast_syscall_32+0x32/0x80
[  400.315186][T19792]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  400.317513][T19792] RIP: 0023:0xf7f06579
[  400.319036][T19792] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  400.326075][T19792] RSP: 002b:00000000f50554d0 EFLAGS: 00000282 ORIG_RAX: 0000000000000066
[  400.328749][T19792] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f50554e0
[  400.330921][T19792] RDX: 00000000f7393ff4 RSI: 0000000000000036 RDI: 0000000000000000
[  400.333138][T19792] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  400.335296][T19792] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  400.337427][T19792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  400.339588][T19792]  </TASK>
[  400.370426][T19792] socket: no more sockets
[  400.798309][   T39] audit: type=1800 audit(1737494975.759:233): pid=19826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2077" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  400.914132][T19835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  400.924746][T19835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  401.110129][T19843] FAULT_INJECTION: forcing a failure.
[  401.110129][T19843] name failslab, interval 1, probability 0, space 0, times 0
[  401.117897][T19843] CPU: 2 UID: 0 PID: 19843 Comm: syz.1.2079 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  401.120841][T19843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.123870][T19843] Call Trace:
[  401.124820][T19843]  <TASK>
[  401.125712][T19843]  dump_stack_lvl+0x16c/0x1f0
[  401.127064][T19843]  should_fail_ex+0x497/0x5b0
[  401.128402][T19843]  ? fs_reclaim_acquire+0xae/0x150
[  401.129881][T19843]  should_failslab+0xc2/0x120
[  401.131205][T19843]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  401.132718][T19843]  ? lock_acquire+0x2f/0xb0
[  401.134009][T19843]  ? __might_fault+0xe3/0x190
[  401.135350][T19843]  ? getname_flags.part.0+0x4c/0x550
[  401.136927][T19843]  ? __might_fault+0xe3/0x190
[  401.138263][T19843]  getname_flags.part.0+0x4c/0x550
[  401.139712][T19843]  getname_flags+0x93/0xf0
[  401.141001][T19843]  user_path_at+0x24/0x60
[  401.142201][T19843]  __ia32_sys_mount+0x1fc/0x310
[  401.143604][T19843]  ? __pfx___ia32_sys_mount+0x10/0x10
[  401.145113][T19843]  __do_fast_syscall_32+0x73/0x120
[  401.146578][T19843]  do_fast_syscall_32+0x32/0x80
[  401.148027][T19843]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.150226][T19843] RIP: 0023:0xf7f75579
[  401.151835][T19843] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  401.159344][T19843] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  401.161980][ T5958] Bluetooth: hci3: command 0x0419 tx timeout
[  401.162651][T19843] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000180
[  401.162665][T19843] RDX: 0000000020000080 RSI: 0000000001214040 RDI: 0000000000000000
[  401.162677][T19843] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  401.172022][T19843] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  401.174444][T19843] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.176754][T19843]  </TASK>
[  401.182790][T19843] overlayfs: overlapping lowerdir path
[  401.409025][T19848] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.426426][T19852] overlayfs: missing 'lowerdir'
[  401.430090][T19852] mac80211_hwsim hwsim75 ÿÿÿÿÿÿ: renamed from wlan1
[  401.452132][ T7761] misc userio: Buffer overflowed, userio client isn't keeping up
[  401.490532][T19848] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.510028][T19854] FAULT_INJECTION: forcing a failure.
[  401.510028][T19854] name failslab, interval 1, probability 0, space 0, times 0
[  401.516757][T19854] CPU: 2 UID: 0 PID: 19854 Comm: syz.7.2081 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  401.519815][T19854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.523036][T19854] Call Trace:
[  401.524043][T19854]  <TASK>
[  401.524948][T19854]  dump_stack_lvl+0x16c/0x1f0
[  401.526361][T19854]  should_fail_ex+0x497/0x5b0
[  401.527749][T19854]  ? fs_reclaim_acquire+0xae/0x150
[  401.529310][T19854]  should_failslab+0xc2/0x120
[  401.530707][T19854]  __kmalloc_cache_noprof+0x68/0x420
[  401.532298][T19854]  ? _copy_from_user+0x59/0xd0
[  401.533754][T19854]  copy_mount_options+0x55/0x190
[  401.535251][T19854]  __ia32_sys_mount+0x1ad/0x310
[  401.536731][T19854]  ? __pfx___ia32_sys_mount+0x10/0x10
[  401.538332][T19854]  __do_fast_syscall_32+0x73/0x120
[  401.539828][T19854]  do_fast_syscall_32+0x32/0x80
[  401.541276][T19854]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.543272][T19854] RIP: 0023:0xf7f06579
[  401.544477][T19854] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  401.550106][T19854] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  401.552621][T19854] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[  401.554955][T19854] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000100
[  401.557332][T19854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  401.559649][T19854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  401.562405][T19854] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.565064][T19854]  </TASK>
[  401.622091][T19848] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.697244][T19863] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2083'.
[  401.718260][T19848] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.758225][T19872] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  401.850809][T19848] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  401.858790][T19848] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  401.864537][T19848] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  401.871149][T19848] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  401.914832][   T39] audit: type=1326 audit(1737494976.879:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19873 comm="syz.8.2085" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  402.514592][ T7761] input: PS/2 Generic Mouse as /devices/serio17/input/input70
[  402.722097][ T7761] psmouse serio17: Failed to enable mouse on 
[  402.992841][T19889] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.232225][ T5958] Bluetooth: hci3: command 0x0419 tx timeout
[  403.665189][T19941] FAULT_INJECTION: forcing a failure.
[  403.665189][T19941] name failslab, interval 1, probability 0, space 0, times 0
[  403.668832][T19941] CPU: 2 UID: 0 PID: 19941 Comm: syz.8.2092 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  403.671728][T19941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.674801][T19941] Call Trace:
[  403.675776][T19941]  <TASK>
[  403.676679][T19941]  dump_stack_lvl+0x16c/0x1f0
[  403.678071][T19941]  should_fail_ex+0x497/0x5b0
[  403.679433][T19941]  ? fs_reclaim_acquire+0xae/0x150
[  403.680908][T19941]  should_failslab+0xc2/0x120
[  403.682289][T19941]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  403.683963][T19941]  ? __pfx___might_resched+0x10/0x10
[  403.685587][T19941]  ? alloc_vmap_area+0x636/0x2a70
[  403.687105][T19941]  alloc_vmap_area+0x636/0x2a70
[  403.688518][T19941]  ? __pfx_alloc_vmap_area+0x10/0x10
[  403.690097][T19941]  __get_vm_area_node+0x19e/0x2f0
[  403.691500][T19941]  __vmalloc_node_range_noprof+0x26a/0x1530
[  403.693179][T19941]  ? kernel_clone+0xfd/0x960
[  403.694496][T19941]  ? local_lock_acquire+0x10/0x150
[  403.695974][T19941]  ? mod_objcg_state+0x4c4/0x8d0
[  403.697468][T19941]  ? lockdep_hardirqs_on+0x7c/0x110
[  403.698940][T19941]  ? kernel_clone+0xfd/0x960
[  403.700265][T19941]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  403.702100][T19941]  ? rcu_is_watching+0x12/0xc0
[  403.703477][T19941]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  403.705012][T19941]  ? kmem_cache_alloc_node_noprof+0x219/0x3b0
[  403.706783][T19941]  ? copy_process+0x49c/0x6f20
[  403.708145][T19941]  ? kernel_clone+0xfd/0x960
[  403.709466][T19941]  copy_process+0x29b3/0x6f20
[  403.710805][T19941]  ? kernel_clone+0xfd/0x960
[  403.712123][T19941]  ? get_pid_task+0xfc/0x250
[  403.713455][T19941]  ? __pfx_lock_release+0x10/0x10
[  403.714836][T19941]  ? trace_lock_acquire+0x14e/0x1f0
[  403.716272][T19941]  ? __pfx_copy_process+0x10/0x10
[  403.717789][T19941]  ? find_held_lock+0x2d/0x110
[  403.719094][T19941]  kernel_clone+0xfd/0x960
[  403.720321][T19941]  ? __pfx_kernel_clone+0x10/0x10
[  403.721718][T19941]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  403.723374][T19941]  __do_compat_sys_ia32_clone+0xb7/0x100
[  403.724976][T19941]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  403.726785][T19941]  __do_fast_syscall_32+0x73/0x120
[  403.728204][T19941]  do_fast_syscall_32+0x32/0x80
[  403.729580][T19941]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.731353][T19941] RIP: 0023:0xf706e579
[  403.732555][T19941] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  403.738516][T19941] RSP: 002b:00000000f503f50c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  403.741569][T19941] RAX: ffffffffffffffda RBX: 0000000000000080 RCX: 0000000000000000
[  403.744502][T19941] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  403.747108][T19941] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000
[  403.749425][T19941] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  403.751639][T19941] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  403.753919][T19941]  </TASK>
[  403.762765][T19941] syz.8.2092: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  403.767653][T19941] CPU: 3 UID: 0 PID: 19941 Comm: syz.8.2092 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  403.770687][T19941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.773752][T19941] Call Trace:
[  403.774720][T19941]  <TASK>
[  403.775591][T19941]  dump_stack_lvl+0x16c/0x1f0
[  403.776966][T19941]  warn_alloc+0x24d/0x3a0
[  403.778226][T19941]  ? __pfx_warn_alloc+0x10/0x10
[  403.779642][T19941]  ? kfree+0x14f/0x4b0
[  403.780835][T19941]  ? __get_vm_area_node+0x1dc/0x2f0
[  403.782340][T19941]  __vmalloc_node_range_noprof+0xd27/0x1530
[  403.784045][T19941]  ? local_lock_acquire+0x10/0x150
[  403.785537][T19941]  ? mod_objcg_state+0x4c4/0x8d0
[  403.786967][T19941]  ? lockdep_hardirqs_on+0x7c/0x110
[  403.788472][T19941]  ? kernel_clone+0xfd/0x960
[  403.789823][T19941]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  403.791638][T19941]  ? rcu_is_watching+0x12/0xc0
[  403.793056][T19941]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  403.794618][T19941]  ? kmem_cache_alloc_node_noprof+0x219/0x3b0
[  403.796371][T19941]  ? copy_process+0x49c/0x6f20
[  403.797764][T19941]  ? kernel_clone+0xfd/0x960
[  403.799099][T19941]  copy_process+0x29b3/0x6f20
[  403.800462][T19941]  ? kernel_clone+0xfd/0x960
[  403.801807][T19941]  ? get_pid_task+0xfc/0x250
[  403.803148][T19941]  ? __pfx_lock_release+0x10/0x10
[  403.804602][T19941]  ? trace_lock_acquire+0x14e/0x1f0
[  403.806116][T19941]  ? __pfx_copy_process+0x10/0x10
[  403.807500][T19941]  ? find_held_lock+0x2d/0x110
[  403.808846][T19941]  kernel_clone+0xfd/0x960
[  403.810144][T19941]  ? __pfx_kernel_clone+0x10/0x10
[  403.811609][T19941]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  403.813364][T19941]  __do_compat_sys_ia32_clone+0xb7/0x100
[  403.814970][T19941]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  403.816734][T19941]  __do_fast_syscall_32+0x73/0x120
[  403.818183][T19941]  do_fast_syscall_32+0x32/0x80
[  403.819563][T19941]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.821340][T19941] RIP: 0023:0xf706e579
[  403.822525][T19941] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  403.827851][T19941] RSP: 002b:00000000f503f50c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  403.830166][T19941] RAX: ffffffffffffffda RBX: 0000000000000080 RCX: 0000000000000000
[  403.832350][T19941] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  403.834577][T19941] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000
[  403.836813][T19941] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  403.839046][T19941] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  403.841274][T19941]  </TASK>
[  403.844612][T19941] Mem-Info:
[  403.845589][T19941] active_anon:1876 inactive_anon:7783 isolated_anon:0
[  403.845589][T19941]  active_file:1120 inactive_file:10352 isolated_file:0
[  403.845589][T19941]  unevictable:32861 dirty:2 writeback:0
[  403.845589][T19941]  slab_reclaimable:7294 slab_unreclaimable:78257
[  403.845589][T19941]  mapped:36540 shmem:2345 pagetables:1406
[  403.845589][T19941]  sec_pagetables:321 bounce:0
[  403.845589][T19941]  kernel_misc_reclaimable:0
[  403.845589][T19941]  free:26929 free_pcp:5878 free_cma:0
[  403.861188][T19941] Node 0 active_anon:2352kB inactive_anon:0kB active_file:804kB inactive_file:0kB unevictable:5948kB isolated(anon):0kB isolated(file):0kB mapped:1372kB dirty:0kB writeback:0kB shmem:3620kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9788kB pagetables:1140kB sec_pagetables:1152kB all_unreclaimable? yes
[  403.873169][T19941] Node 1 active_anon:9252kB inactive_anon:31132kB active_file:3676kB inactive_file:41408kB unevictable:127996kB isolated(anon):0kB isolated(file):0kB mapped:144788kB dirty:8kB writeback:0kB shmem:5760kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:5628kB pagetables:4484kB sec_pagetables:132kB all_unreclaimable? no
[  403.886176][T19941] Node 0 DMA free:2784kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:144kB inactive_anon:0kB active_file:44kB inactive_file:0kB unevictable:212kB writepending:0kB present:15992kB managed:15360kB mlocked:212kB bounce:0kB free_pcp:408kB local_pcp:164kB free_cma:0kB
[  403.894301][T19941] lowmem_reserve[]: 0 296 0 0 0
[  403.895757][T19941] Node 0 DMA32 free:15540kB boost:2048kB min:15720kB low:19136kB high:22552kB reserved_highatomic:2048KB active_anon:2208kB inactive_anon:0kB active_file:760kB inactive_file:0kB unevictable:5696kB writepending:0kB present:1032196kB managed:303684kB mlocked:2160kB bounce:0kB free_pcp:5648kB local_pcp:1632kB free_cma:0kB
[  403.912093][T19941] lowmem_reserve[]: 0 0 0 0 0
[  403.913542][T19941] Node 1 DMA32 free:92768kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:9252kB inactive_anon:31132kB active_file:3676kB inactive_file:48508kB unevictable:123396kB writepending:8kB present:1048432kB managed:948252kB mlocked:120032kB bounce:0kB free_pcp:7972kB local_pcp:404kB free_cma:0kB
[  403.922675][T19941] lowmem_reserve[]: 0 0 0 0 0
[  403.924138][T19941] Node 0 DMA: 8*4kB (UM) 34*8kB (U) 24*16kB (U) 40*32kB (UM) 10*64kB (UM) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2736kB
[  403.928252][T19941] Node 0 DMA32: 17*4kB (UEH) 61*8kB (UEH) 29*16kB (UEH) 78*32kB (UEH) 52*64kB (UMEH) 26*128kB (MEH) 9*256kB (UMEH) 4*512kB (MH) 1*1024kB (U) 0*2048kB 0*4096kB = 15548kB
[  403.933286][T19941] Node 1 DMA32: 118*4kB (UME) 197*8kB (UME) 113*16kB (UMEH) 241*32kB (UMEH) 83*64kB (UME) 25*128kB (UME) 19*256kB (UME) 9*512kB (UME) 14*1024kB (M) 10*2048kB (ME) 7*4096kB (M) = 93040kB
[  403.938678][T19941] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  403.941457][T19941] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  403.944397][T19941] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  403.947114][T19941] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  403.949849][T19941] 24801 total pagecache pages
[  403.951283][T19941] 170 pages in swap cache
[  403.952952][T19941] Free swap  = 117256kB
[  403.954517][T19941] Total swap = 124996kB
[  403.955874][T19941] 524155 pages RAM
[  403.957049][T19941] 0 pages HighMem/MovableOnly
[  403.958470][T19941] 207331 pages reserved
[  403.959763][T19941] 0 pages cma reserved
[  404.023684][T19950] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  404.145416][T19952] overlayfs: failed to resolve './file0': -2
[  404.195194][T19958] overlay: Bad value for 'redirect_dir'
[  404.199575][T19958] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  404.252888][   T39] audit: type=1326 audit(1737494979.219:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19955 comm="syz.6.2096" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x0
[  404.406928][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[  404.984093][T19972] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  405.082760][T19977] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  405.394602][T19985] 9pnet_fd: Insufficient options for proto=fd
[  405.402382][T19986] 8021q: adding VLAN 0 to HW filter on device bond1
[  405.408778][T19983] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  405.477522][ T7761] IPVS: starting estimator thread 0...
[  405.593503][T19989] IPVS: using max 38 ests per chain, 91200 per kthread
[  405.798029][T19999] netlink: 596 bytes leftover after parsing attributes in process `syz.1.2107'.
[  405.800737][T19998] netlink: 596 bytes leftover after parsing attributes in process `syz.1.2107'.
[  406.057983][   T39] audit: type=1800 audit(1737494981.019:236): pid=20005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2109" name="bus" dev="overlay" ino=378 res=0 errno=0
[  406.283737][   T39] audit: type=1326 audit(1737494981.249:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20008 comm="syz.7.2110" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x0
[  406.431988][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout
[  406.432048][ T5958] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  406.802048][ T7470] usb 13-1: new full-speed USB device number 19 using dummy_hcd
[  406.900762][T20028] kvm: user requested TSC rate below hardware speed
[  406.975084][ T7470] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.981295][ T7470] usb 13-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.987020][ T7470] usb 13-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  406.990280][ T7470] usb 13-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  406.993811][ T7470] usb 13-1: Product: syz
[  406.995477][ T7470] usb 13-1: Manufacturer: syz
[  406.997321][ T7470] usb 13-1: SerialNumber: syz
[  407.000661][ T7470] usb 13-1: config 0 descriptor??
[  407.175347][T20035] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2116'.
[  407.267153][T20035] netfs: Couldn't get user pages (rc=-14)
[  408.380875][T20054] bridge0: entered allmulticast mode
[  409.582931][T11169] usb 13-1: USB disconnect, device number 19
[  409.666512][   T39] audit: type=1326 audit(1737494984.629:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20076 comm="syz.6.2124" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x0
[  409.741456][T20089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2127'.
[  409.835788][T20092] xt_CT: You must specify a L4 protocol and not use inversions on it
[  409.845188][T20092] 9pnet_fd: Insufficient options for proto=fd
[  410.055138][T20099] FAULT_INJECTION: forcing a failure.
[  410.055138][T20099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.060069][T20099] CPU: 3 UID: 0 PID: 20099 Comm: syz.7.2129 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  410.064231][T20099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  410.068286][T20099] Call Trace:
[  410.069577][T20099]  <TASK>
[  410.070735][T20099]  dump_stack_lvl+0x16c/0x1f0
[  410.072561][T20099]  should_fail_ex+0x497/0x5b0
[  410.074403][T20099]  strncpy_from_user+0x3b/0x2d0
[  410.076280][T20099]  getname_flags.part.0+0x8f/0x550
[  410.078270][T20099]  getname+0x8d/0xe0
[  410.079793][T20099]  do_sys_openat2+0x104/0x1e0
[  410.081610][T20099]  ? __pfx_do_sys_openat2+0x10/0x10
[  410.083626][T20099]  ? __fget_files+0x206/0x3a0
[  410.085437][T20099]  __ia32_compat_sys_open+0x147/0x1e0
[  410.087483][T20099]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  410.089708][T20099]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  410.091800][T20099]  __do_fast_syscall_32+0x73/0x120
[  410.093800][T20099]  do_fast_syscall_32+0x32/0x80
[  410.095658][T20099]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  410.098038][T20099] RIP: 0023:0xf7f06579
[  410.099600][T20099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  410.106769][T20099] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  410.110003][T20099] RAX: ffffffffffffffda RBX: 0000000020000780 RCX: 0000000000000000
[  410.113024][T20099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  410.115980][T20099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  410.118993][T20099] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  410.121895][T20099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  410.124865][T20099]  </TASK>
[  410.126198][    C3] vkms_vblank_simulate: vblank timer overrun
[  410.302162][T11538] usb 13-1: new high-speed USB device number 20 using dummy_hcd
[  410.474251][T11538] usb 13-1: Using ep0 maxpacket: 8
[  410.477984][T11538] usb 13-1: unable to read config index 0 descriptor/start: -61
[  410.480228][T11538] usb 13-1: can't read configurations, error -61
[  410.611990][T11538] usb 13-1: new high-speed USB device number 21 using dummy_hcd
[  410.772042][T11538] usb 13-1: Using ep0 maxpacket: 8
[  410.775440][T11538] usb 13-1: unable to read config index 0 descriptor/start: -61
[  410.777732][T11538] usb 13-1: can't read configurations, error -61
[  410.779722][T11538] usb usb13-port1: attempt power cycle
[  410.811439][T20116] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2134'.
[  410.841975][   T39] audit: type=1804 audit(1737494985.799:239): pid=20118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2135" name="/newroot/19/file0/bus" dev="ramfs" ino=79284 res=1 errno=0
[  411.132043][T11538] usb 13-1: new high-speed USB device number 22 using dummy_hcd
[  411.152955][T11538] usb 13-1: Using ep0 maxpacket: 8
[  411.157738][T11538] usb 13-1: unable to read config index 0 descriptor/start: -61
[  411.159861][T11538] usb 13-1: can't read configurations, error -61
[  411.291968][T11538] usb 13-1: new high-speed USB device number 23 using dummy_hcd
[  411.322807][T11538] usb 13-1: Using ep0 maxpacket: 8
[  411.325994][T11538] usb 13-1: unable to read config index 0 descriptor/start: -61
[  411.328150][T11538] usb 13-1: can't read configurations, error -61
[  411.332864][T11538] usb usb13-port1: unable to enumerate USB device
[  411.687455][T20124] FAULT_INJECTION: forcing a failure.
[  411.687455][T20124] name failslab, interval 1, probability 0, space 0, times 0
[  411.691625][T20124] CPU: 3 UID: 0 PID: 20124 Comm: syz.6.2136 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  411.695279][T20124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  411.698477][T20124] Call Trace:
[  411.699451][T20124]  <TASK>
[  411.700317][T20124]  dump_stack_lvl+0x16c/0x1f0
[  411.701760][T20124]  should_fail_ex+0x497/0x5b0
[  411.703318][T20124]  ? fs_reclaim_acquire+0xae/0x150
[  411.705168][T20124]  should_failslab+0xc2/0x120
[  411.706748][T20124]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  411.708668][T20124]  ? alloc_empty_file+0x73/0x1e0
[  411.710607][T20124]  alloc_empty_file+0x73/0x1e0
[  411.712169][T20124]  path_openat+0xe1/0x2d70
[  411.713541][T20124]  ? hlock_class+0x4e/0x130
[  411.715157][T20124]  ? __lock_acquire+0x15a9/0x3c40
[  411.717085][T20124]  ? __pfx_path_openat+0x10/0x10
[  411.719005][T20124]  ? __pfx___lock_acquire+0x10/0x10
[  411.720800][T20124]  ? lock_acquire.part.0+0x11b/0x380
[  411.722356][T20124]  ? find_held_lock+0x2d/0x110
[  411.724029][T20124]  do_filp_open+0x20c/0x470
[  411.725583][T20124]  ? __pfx_do_filp_open+0x10/0x10
[  411.727543][T20124]  ? find_held_lock+0x2d/0x110
[  411.727975][T20125] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2137'.
[  411.729417][T20124]  ? _raw_spin_unlock+0x28/0x50
[  411.733141][T20124]  ? alloc_fd+0x41f/0x760
[  411.734409][T20124]  do_sys_openat2+0x17a/0x1e0
[  411.735824][T20124]  ? __pfx_do_sys_openat2+0x10/0x10
[  411.737349][T20124]  ? __fget_files+0x206/0x3a0
[  411.738713][T20124]  __ia32_compat_sys_open+0x147/0x1e0
[  411.740220][T20124]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  411.741916][T20124]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  411.743741][T20124]  __do_fast_syscall_32+0x73/0x120
[  411.745210][T20124]  do_fast_syscall_32+0x32/0x80
[  411.746594][T20124]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  411.748341][T20124] RIP: 0023:0xf7f76579
[  411.749492][T20124] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  411.754742][T20124] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  411.757119][T20124] RAX: ffffffffffffffda RBX: 0000000020000780 RCX: 0000000000000000
[  411.759355][T20124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  411.761596][T20124] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  411.763830][T20124] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  411.766007][T20124] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  411.768285][T20124]  </TASK>
[  412.531188][T20118] syz.7.2135 (20118) used greatest stack depth: 18768 bytes left
[  412.896397][T20149] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(6)
[  412.898319][T20149] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  412.900699][T20149] vhci_hcd vhci_hcd.0: Device attached
[  412.976091][T20159] FAULT_INJECTION: forcing a failure.
[  412.976091][T20159] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  412.980827][T20159] CPU: 2 UID: 0 PID: 20159 Comm: syz.6.2140 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  412.983902][T20159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  412.987376][T20159] Call Trace:
[  412.988652][T20159]  <TASK>
[  412.989814][T20159]  dump_stack_lvl+0x16c/0x1f0
[  412.991627][T20159]  should_fail_ex+0x497/0x5b0
[  412.993408][T20159]  _copy_from_user+0x2e/0xd0
[  412.994761][T20159]  input_ff_effect_from_user+0x164/0x2c0
[  412.996412][T20159]  evdev_do_ioctl+0xf1b/0x1ae0
[  412.998290][T20159]  ? __pfx_evdev_do_ioctl+0x10/0x10
[  413.000303][T20159]  ? trace_lock_acquire+0x14e/0x1f0
[  413.002276][T20159]  evdev_ioctl_compat+0x16d/0x1a0
[  413.004205][T20159]  ? __pfx_evdev_ioctl_compat+0x10/0x10
[  413.006292][T20159]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  413.008286][T20159]  __do_fast_syscall_32+0x73/0x120
[  413.010210][T20159]  do_fast_syscall_32+0x32/0x80
[  413.012027][T20159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  413.014418][T20159] RIP: 0023:0xf7f76579
[  413.015972][T20159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  413.023132][T20159] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  413.026227][T20159] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000402c4580
[  413.028986][T20159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  413.031320][T20159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  413.033609][T20159] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  413.035871][T20159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  413.038129][T20159]  </TASK>
[  413.082294][ T8922] vhci_hcd: vhci_device speed not set
[  413.128614][T20164] FAULT_INJECTION: forcing a failure.
[  413.128614][T20164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  413.135809][T20164] CPU: 2 UID: 0 PID: 20164 Comm: syz.6.2142 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  413.138839][T20164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  413.141925][T20164] Call Trace:
[  413.142005][ T8922] usb 51-1: new full-speed USB device number 4 using vhci_hcd
[  413.142883][T20164]  <TASK>
[  413.145911][T20164]  dump_stack_lvl+0x16c/0x1f0
[  413.147269][T20164]  should_fail_ex+0x497/0x5b0
[  413.148721][T20164]  __kvm_read_guest_page+0x16b/0x210
[  413.150303][T20164]  kvm_fetch_guest_virt+0x128/0x1a0
[  413.152106][T20164]  __do_insn_fetch_bytes+0x506/0x730
[  413.152179][ T5953] Bluetooth: hci3: command 0x0419 tx timeout
[  413.153866][T20164]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  413.157252][T20164]  ? __pfx_kvm_tdp_mmu_map+0x10/0x10
[  413.158777][T20164]  ? find_held_lock+0x2d/0x110
[  413.160117][T20164]  x86_decode_insn+0x1888/0x55d0
[  413.161537][T20164]  ? __pfx_lock_release+0x10/0x10
[  413.163388][T20164]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  413.165311][T20164]  ? __pfx_x86_decode_insn+0x10/0x10
[  413.167256][T20164]  ? init_decode_cache+0xd/0x210
[  413.169070][T20164]  ? emulator_get_dr+0x50/0x170
[  413.170849][T20164]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  413.172863][T20164]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  413.175032][T20164]  x86_emulate_instruction+0x975/0x1a50
[  413.176823][T20164]  kvm_mmu_page_fault+0xb44/0x1bb0
[  413.178689][T20164]  ? __pfx___lock_acquire+0x10/0x10
[  413.180631][T20164]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[  413.182742][T20164]  ? __pfx_mark_lock+0x10/0x10
[  413.184569][T20164]  ? clear_bhb_loop+0x35/0x90
[  413.186357][T20164]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  413.188443][T20164]  handle_ept_violation+0x25a/0x640
[  413.190422][T20164]  ? __pfx_handle_ept_violation+0x10/0x10
[  413.192435][T20164]  vmx_handle_exit+0x733/0x1f70
[  413.193864][T20164]  vcpu_run+0x2aaf/0x4c00
[  413.195155][T20164]  ? x86_emulate_instruction+0x153/0x1a50
[  413.197052][T20164]  ? __pfx_vcpu_run+0x10/0x10
[  413.198813][T20164]  ? rcu_is_watching+0x12/0xc0
[  413.200570][T20164]  ? __local_bh_enable_ip+0xa4/0x120
[  413.202360][T20164]  ? complete_emulated_mmio+0x272/0x640
[  413.203963][T20164]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  413.205660][T20164]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  413.207239][T20164]  kvm_vcpu_ioctl+0x6ce/0x1520
[  413.208644][T20164]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  413.210284][T20164]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  413.211799][T20164]  ? tomoyo_path_number_perm+0x190/0x5b0
[  413.213448][T20164]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  413.215684][T20164]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  413.217417][T20164]  ? do_vfs_ioctl+0x513/0x1950
[  413.218916][T20164]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  413.220803][T20164]  ? __pfx_lock_release+0x10/0x10
[  413.222703][T20164]  ? trace_lock_acquire+0x14e/0x1f0
[  413.224669][T20164]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  413.226687][T20164]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  413.228897][T20164]  ? __fget_files+0x206/0x3a0
[  413.230676][T20164]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  413.232346][T20164]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  413.233914][T20164]  __do_fast_syscall_32+0x73/0x120
[  413.235404][T20164]  do_fast_syscall_32+0x32/0x80
[  413.236836][T20164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  413.238666][T20164] RIP: 0023:0xf7f76579
[  413.240144][T20164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  413.246227][T20164] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  413.248649][T20164] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  413.250933][T20164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  413.253246][T20164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  413.255513][T20164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  413.257803][T20164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  413.260090][T20164]  </TASK>
[  413.392995][T20174] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2143'.
[  413.632101][  T834] psmouse serio18: Failed to reset mouse on : -5
[  414.151820][T20123] syz.1.2137 (20123) used greatest stack depth: 17904 bytes left
[  414.200361][T20150] vhci_hcd: connection reset by peer
[  414.203032][T15050] vhci_hcd: stop threads
[  414.204262][T15050] vhci_hcd: release socket
[  414.205627][T15050] vhci_hcd: disconnect device
[  414.372421][T20205] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2150'.
[  414.426572][T20211] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.339569][T11541] IPVS: starting estimator thread 0...
[  415.422004][T20249] IPVS: using max 37 ests per chain, 88800 per kthread
[  415.477400][T20255] FAULT_INJECTION: forcing a failure.
[  415.477400][T20255] name failslab, interval 1, probability 0, space 0, times 0
[  415.483132][T20255] CPU: 2 UID: 0 PID: 20255 Comm: syz.1.2158 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  415.486104][T20255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  415.489208][T20255] Call Trace:
[  415.490234][T20255]  <TASK>
[  415.491149][T20255]  dump_stack_lvl+0x16c/0x1f0
[  415.492516][T20255]  should_fail_ex+0x497/0x5b0
[  415.493900][T20255]  ? fs_reclaim_acquire+0xae/0x150
[  415.495630][T20255]  should_failslab+0xc2/0x120
[  415.497450][T20255]  __kmalloc_node_noprof+0xd1/0x520
[  415.499003][T20255]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  415.500565][T20255]  __kvmalloc_node_noprof+0xad/0x1a0
[  415.502101][T20255]  nf_hook_entries_grow+0x282/0x810
[  415.503606][T20255]  ? nf_defrag_ipv4_enable+0x25/0x120
[  415.505219][T20255]  __nf_register_net_hook+0x1cd/0x730
[  415.507035][T20255]  nf_register_net_hook+0x109/0x160
[  415.509126][T20255]  nf_register_net_hooks+0x5d/0xd0
[  415.510639][T20255]  nf_defrag_ipv4_enable+0xb8/0x120
[  415.512135][T20255]  nf_ct_netns_do_get+0x31f/0x620
[  415.513609][T20255]  ? __pfx_nf_ct_netns_do_get+0x10/0x10
[  415.515188][T20255]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  415.516911][T20255]  ? rcu_is_watching+0x12/0xc0
[  415.518300][T20255]  nf_ct_netns_get+0x39/0x150
[  415.519690][T20255]  __ip_vs_update_dest+0x1234/0x1810
[  415.521222][T20255]  ip_vs_new_dest+0x6ae/0xc50
[  415.522696][T20255]  ? find_held_lock+0x2d/0x110
[  415.524082][T20255]  ? __pfx_ip_vs_new_dest+0x10/0x10
[  415.525569][T20255]  ? ip_vs_add_dest+0x52e/0x1090
[  415.527004][T20255]  ? mark_held_locks+0x9f/0xe0
[  415.528365][T20255]  ip_vs_add_dest+0x546/0x1090
[  415.529767][T20255]  ? __pfx_ip_vs_add_dest+0x10/0x10
[  415.531508][T20255]  ? trace_lock_acquire+0x14e/0x1f0
[  415.533016][T20255]  ? __might_fault+0xe3/0x190
[  415.534365][T20255]  ? do_ip_vs_set_ctl+0xf4c/0x1070
[  415.535875][T20255]  do_ip_vs_set_ctl+0xf4c/0x1070
[  415.537461][T20255]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  415.538984][T20255]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  415.540759][T20255]  ? rcu_is_watching+0x12/0xc0
[  415.542178][T20255]  ? __mutex_lock+0x1cc/0xa60
[  415.543520][T20255]  ? __mutex_unlock_slowpath+0x164/0x690
[  415.545136][T20255]  ? nf_setsockopt+0x8a/0xf0
[  415.546462][T20255]  nf_setsockopt+0x8a/0xf0
[  415.547770][T20255]  ip_setsockopt+0xcb/0xf0
[  415.549058][T20255]  tcp_setsockopt+0xa4/0x100
[  415.550389][T20255]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  415.552125][T20255]  do_sock_setsockopt+0x222/0x480
[  415.553685][T20255]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  415.555260][T20255]  ? lock_acquire+0x2f/0xb0
[  415.556588][T20255]  __sys_setsockopt+0x1a0/0x230
[  415.558075][T20255]  __ia32_sys_setsockopt+0xbc/0x160
[  415.559559][T20255]  ? lockdep_hardirqs_on+0x7c/0x110
[  415.561057][T20255]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  415.563003][T20255]  __do_fast_syscall_32+0x73/0x120
[  415.564459][T20255]  do_fast_syscall_32+0x32/0x80
[  415.565869][T20255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  415.567805][T20255] RIP: 0023:0xf7f75579
[  415.569098][T20255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  415.574488][T20255] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  415.576877][T20255] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000000000
[  415.579113][T20255] RDX: 0000000000000487 RSI: 0000000020000000 RDI: 0000000000000044
[  415.581341][T20255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  415.583587][T20255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  415.586044][T20255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  415.588337][T20255]  </TASK>
[  415.589351][    C2] vkms_vblank_simulate: vblank timer overrun
[  415.594069][ T5953] Bluetooth: hci3: command 0x0419 tx timeout
[  416.492330][T20274] FAULT_INJECTION: forcing a failure.
[  416.492330][T20274] name failslab, interval 1, probability 0, space 0, times 0
[  416.496729][T20274] CPU: 0 UID: 0 PID: 20274 Comm: syz.7.2160 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  416.499671][T20274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.502753][T20274] Call Trace:
[  416.503720][T20274]  <TASK>
[  416.504580][T20274]  dump_stack_lvl+0x16c/0x1f0
[  416.505938][T20274]  should_fail_ex+0x497/0x5b0
[  416.507302][T20274]  should_failslab+0xc2/0x120
[  416.508686][T20274]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  416.510225][T20274]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  416.511832][T20274]  ? dst_alloc+0x99/0x1a0
[  416.513097][T20274]  ? __pfx_ip6_dst_gc+0x10/0x10
[  416.514491][T20274]  dst_alloc+0x99/0x1a0
[  416.515711][T20274]  ip6_dst_alloc+0x2c/0xa0
[  416.517009][T20274]  ip6_pol_route+0x956/0x1120
[  416.518370][T20274]  ? __pfx_ip6_pol_route+0x10/0x10
[  416.519845][T20274]  ? __pfx___lock_acquire+0x10/0x10
[  416.521357][T20274]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  416.523020][T20274]  fib6_rule_lookup+0x386/0x720
[  416.524426][T20274]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  416.525966][T20274]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  416.527569][T20274]  ? rcu_is_watching+0x12/0xc0
[  416.528961][T20274]  ? dev_get_by_index_rcu+0x102/0x140
[  416.530503][T20274]  ip6_route_output_flags+0x1d0/0x640
[  416.532043][T20274]  ip6_dst_lookup_tail.constprop.0+0x1159/0x2150
[  416.533854][T20274]  ? __lock_acquire+0x15a9/0x3c40
[  416.535308][T20274]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  416.537224][T20274]  ? hlock_class+0x4e/0x130
[  416.538542][T20274]  ? mark_lock+0xb5/0xc60
[  416.539787][T20274]  ? mark_lock+0xb5/0xc60
[  416.541040][T20274]  ? hlock_class+0x4e/0x130
[  416.542366][T20274]  ? mark_lock+0xb5/0xc60
[  416.543616][T20274]  ip6_dst_lookup_flow+0x99/0x1d0
[  416.545088][T20274]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  416.546716][T20274]  dccp_v6_connect+0x7c6/0x1550
[  416.548109][T20274]  ? __pfx_dccp_v6_connect+0x10/0x10
[  416.549642][T20274]  ? __pfx_mark_lock+0x10/0x10
[  416.551019][T20274]  __inet_stream_connect+0x3c7/0x1020
[  416.552711][T20274]  ? find_held_lock+0x2d/0x110
[  416.554500][T20274]  ? __pfx___inet_stream_connect+0x10/0x10
[  416.556279][T20274]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  416.557835][T20274]  ? __pfx_inet_stream_connect+0x10/0x10
[  416.559437][T20274]  ? mark_held_locks+0x9f/0xe0
[  416.560818][T20274]  ? __local_bh_enable_ip+0xa4/0x120
[  416.562333][T20274]  ? __pfx_inet_stream_connect+0x10/0x10
[  416.563927][T20274]  inet_stream_connect+0x57/0xa0
[  416.565363][T20274]  __sys_connect_file+0x13e/0x1a0
[  416.566807][T20274]  __sys_connect+0x14f/0x170
[  416.568133][T20274]  ? __pfx___sys_connect+0x10/0x10
[  416.569626][T20274]  ? __pfx_ksys_write+0x10/0x10
[  416.571023][T20274]  __ia32_sys_connect+0x71/0xb0
[  416.572451][T20274]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  416.574345][T20274]  __do_fast_syscall_32+0x73/0x120
[  416.575843][T20274]  do_fast_syscall_32+0x32/0x80
[  416.577531][T20274]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.579643][T20274] RIP: 0023:0xf7f06579
[  416.580839][T20274] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  416.586328][T20274] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  416.588710][T20274] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  416.590968][T20274] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  416.593250][T20274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.595508][T20274] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  416.597973][T20274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.600907][T20274]  </TASK>
[  416.673594][T20279] FAULT_INJECTION: forcing a failure.
[  416.673594][T20279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  416.677536][T20279] CPU: 2 UID: 0 PID: 20279 Comm: syz.1.2162 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  416.680549][T20279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  416.683718][T20279] Call Trace:
[  416.684721][T20279]  <TASK>
[  416.685587][T20279]  dump_stack_lvl+0x16c/0x1f0
[  416.686973][T20279]  should_fail_ex+0x497/0x5b0
[  416.688344][T20279]  __kvm_read_guest_page+0x16b/0x210
[  416.689895][T20279]  kvm_fetch_guest_virt+0x128/0x1a0
[  416.691411][T20279]  __do_insn_fetch_bytes+0x506/0x730
[  416.693024][T20279]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  416.694751][T20279]  ? __pfx_kvm_tdp_mmu_map+0x10/0x10
[  416.696312][T20279]  ? find_held_lock+0x2d/0x110
[  416.697722][T20279]  x86_decode_insn+0x1888/0x55d0
[  416.699163][T20279]  ? __pfx_lock_release+0x10/0x10
[  416.700650][T20279]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  416.702390][T20279]  ? __pfx_x86_decode_insn+0x10/0x10
[  416.703939][T20279]  ? init_decode_cache+0xd/0x210
[  416.705410][T20279]  ? emulator_get_dr+0x50/0x170
[  416.706834][T20279]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  416.708416][T20279]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  416.710131][T20279]  x86_emulate_instruction+0x975/0x1a50
[  416.711747][T20279]  kvm_mmu_page_fault+0xb44/0x1bb0
[  416.713269][T20279]  ? __pfx___lock_acquire+0x10/0x10
[  416.714802][T20279]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[  416.716420][T20279]  ? __pfx_mark_lock+0x10/0x10
[  416.717831][T20279]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  416.719455][T20279]  handle_ept_violation+0x25a/0x640
[  416.720991][T20279]  ? __pfx_handle_ept_violation+0x10/0x10
[  416.722656][T20279]  vmx_handle_exit+0x733/0x1f70
[  416.724093][T20279]  vcpu_run+0x2aaf/0x4c00
[  416.725387][T20279]  ? __pfx_vcpu_run+0x10/0x10
[  416.726761][T20279]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  416.728389][T20279]  ? rcu_is_watching+0x12/0xc0
[  416.729800][T20279]  ? trace_lock_acquire+0x14e/0x1f0
[  416.731308][T20279]  ? __local_bh_enable_ip+0xa4/0x120
[  416.732865][T20279]  ? lockdep_hardirqs_on+0x7c/0x110
[  416.734397][T20279]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  416.736072][T20279]  ? lock_acquire+0x2f/0xb0
[  416.737403][T20279]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  416.739053][T20279]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  416.740669][T20279]  kvm_vcpu_ioctl+0x6ce/0x1520
[  416.742073][T20279]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  416.743712][T20279]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  416.745242][T20279]  ? tomoyo_path_number_perm+0x190/0x5b0
[  416.746868][T20279]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  416.748601][T20279]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  416.750321][T20279]  ? do_vfs_ioctl+0x513/0x1950
[  416.751717][T20279]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  416.753215][T20279]  ? __pfx_lock_release+0x10/0x10
[  416.754708][T20279]  ? trace_lock_acquire+0x14e/0x1f0
[  416.756225][T20279]  kvm_vcpu_compat_ioctl+0x210/0x3f0
[  416.757765][T20279]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  416.759454][T20279]  ? __fget_files+0x206/0x3a0
[  416.760837][T20279]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  416.762539][T20279]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  416.764090][T20279]  __do_fast_syscall_32+0x73/0x120
[  416.765600][T20279]  do_fast_syscall_32+0x32/0x80
[  416.767022][T20279]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  416.768860][T20279] RIP: 0023:0xf7f75579
[  416.770049][T20279] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  416.775604][T20279] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  416.778016][T20279] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000ae80
[  416.780287][T20279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  416.782593][T20279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  416.784922][T20279] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  416.787204][T20279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  416.789503][T20279]  </TASK>
[  416.790470][    C2] vkms_vblank_simulate: vblank timer overrun
[  417.057671][T20293] FAULT_INJECTION: forcing a failure.
[  417.057671][T20293] name failslab, interval 1, probability 0, space 0, times 0
[  417.061269][T20293] CPU: 3 UID: 0 PID: 20293 Comm: syz.1.2166 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  417.064251][T20293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.067309][T20293] Call Trace:
[  417.068277][T20293]  <TASK>
[  417.069140][T20293]  dump_stack_lvl+0x16c/0x1f0
[  417.070506][T20293]  should_fail_ex+0x497/0x5b0
[  417.071879][T20293]  ? fs_reclaim_acquire+0xae/0x150
[  417.073370][T20293]  should_failslab+0xc2/0x120
[  417.074808][T20293]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  417.076461][T20293]  ? __d_alloc+0x35/0x8c0
[  417.077726][T20293]  __d_alloc+0x35/0x8c0
[  417.078928][T20293]  d_alloc_pseudo+0x1c/0xc0
[  417.080247][T20293]  alloc_file_pseudo+0xd2/0x200
[  417.081669][T20293]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  417.083250][T20293]  sock_alloc_file+0x50/0x1d0
[  417.084610][T20293]  do_accept+0x23e/0x530
[  417.085853][T20293]  ? do_raw_spin_lock+0x12d/0x2c0
[  417.087307][T20293]  ? __pfx_do_accept+0x10/0x10
[  417.088705][T20293]  __sys_accept4+0xfe/0x1b0
[  417.090015][T20293]  ? __pfx___sys_accept4+0x10/0x10
[  417.091495][T20293]  ? __pfx_ksys_write+0x10/0x10
[  417.092916][T20293]  __ia32_sys_accept4+0x94/0x100
[  417.094347][T20293]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  417.096242][T20293]  __do_fast_syscall_32+0x73/0x120
[  417.097731][T20293]  do_fast_syscall_32+0x32/0x80
[  417.099148][T20293]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.100974][T20293] RIP: 0023:0xf7f75579
[  417.102157][T20293] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.107610][T20293] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 000000000000016c
[  417.109994][T20293] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000000
[  417.112278][T20293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  417.114550][T20293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.116904][T20293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.119168][T20293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.121438][T20293]  </TASK>
[  417.371428][T20307] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2171'.
[  417.376476][T20306] netlink: 'syz.1.2169': attribute type 12 has an invalid length.
[  417.532007][  T834] misc userio: Buffer overflowed, userio client isn't keeping up
[  417.653529][T20314] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  417.672004][T12787] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  417.831987][T12787] usb 6-1: Using ep0 maxpacket: 8
[  417.838184][T12787] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  417.840836][T12787] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  417.844003][T12787] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  417.846947][T12787] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  417.849916][T12787] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  417.853804][T12787] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  417.856598][T12787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.071650][T12787] usb 6-1: usb_control_msg returned -32
[  418.073374][T12787] usbtmc 6-1:16.0: can't read capabilities
[  418.165749][T20319] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  418.261979][ T8922] vhci_hcd: vhci_device speed not set
[  418.585834][  T834] input: PS/2 Generic Mouse as /devices/serio18/input/input72
[  418.630125][T12787] usb 6-1: USB disconnect, device number 13
[  418.733360][T20325] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  418.739926][T20325] FAULT_INJECTION: forcing a failure.
[  418.739926][T20325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  418.743836][T20325] CPU: 1 UID: 0 PID: 20325 Comm: syz.6.2175 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  418.746747][T20325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  418.749805][T20325] Call Trace:
[  418.750775][T20325]  <TASK>
[  418.751625][T20325]  dump_stack_lvl+0x16c/0x1f0
[  418.752998][T20325]  should_fail_ex+0x497/0x5b0
[  418.754362][T20325]  _copy_from_user+0x2e/0xd0
[  418.755724][T20325]  blkdev_common_ioctl+0x1592/0x2220
[  418.757254][T20325]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  418.758962][T20325]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  418.760570][T20325]  ? do_vfs_ioctl+0x513/0x1950
[  418.761978][T20325]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  418.763441][T20325]  ? __pfx_lock_release+0x10/0x10
[  418.764894][T20325]  ? trace_lock_acquire+0x14e/0x1f0
[  418.766388][T20325]  compat_blkdev_ioctl+0x257/0x750
[  418.767862][T20325]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  418.769483][T20325]  ? __fget_files+0x206/0x3a0
[  418.770840][T20325]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  418.772465][T20325]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  418.773958][T20325]  __do_fast_syscall_32+0x73/0x120
[  418.775413][T20325]  do_fast_syscall_32+0x32/0x80
[  418.776828][T20325]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  418.778633][T20325] RIP: 0023:0xf7f76579
[  418.779805][T20325] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  418.785430][T20325] RSP: 002b:00000000f508455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  418.787829][T20325] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000127f
[  418.790091][T20325] RDX: 0000000020000240 RSI: 0000000000000000 RDI: 0000000000000000
[  418.792312][T20325] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  418.794511][T20325] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  418.796747][T20325] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  418.798987][T20325]  </TASK>
[  418.811990][  T834] psmouse serio18: Failed to enable mouse on 
[  418.926223][T20329] syz.7.2177: attempt to access beyond end of device
[  418.926223][T20329] nbd7: rw=0, sector=1, nr_sectors = 1 limit=0
[  418.930589][T20329] VFS: could not find a valid V7 on nbd7.
[  419.129583][T20334] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  419.262195][  T979] usb 13-1: new high-speed USB device number 24 using dummy_hcd
[  419.416529][  T979] usb 13-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  419.424582][  T979] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  419.427758][  T979] usb 13-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  419.431430][  T979] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  419.434380][  T979] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.443243][  T979] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  419.445442][  T979] usb 13-1: invalid MIDI out EP 0
[  419.484132][  T979] snd-usb-audio 13-1:27.0: probe with driver snd-usb-audio failed with error -22
[  419.496543][ T5943] udevd[5943]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb13/13-1/13-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  419.565881][ T5958] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  419.571317][ T5958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  419.575010][ T5958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  419.578088][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  419.580457][ T5958] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  419.582851][ T5958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  419.657079][T20336] chnl_net:caif_netlink_parms(): no params data found
[  419.695865][T20336] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.698053][T20336] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.700167][T20336] bridge_slave_0: entered allmulticast mode
[  419.702968][T20336] bridge_slave_0: entered promiscuous mode
[  419.706779][T20336] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.709284][T20336] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.711732][T20336] bridge_slave_1: entered allmulticast mode
[  419.714801][T20336] bridge_slave_1: entered promiscuous mode
[  419.739418][T20336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.744720][T20336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.774999][T20345] input: syz1 as /devices/virtual/input/input73
[  419.784332][T20336] team0: Port device team_slave_0 added
[  419.791797][T20336] team0: Port device team_slave_1 added
[  419.824701][T20336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.826801][T20336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.834914][T20336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.838969][T20336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.841029][T20336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.849133][T20336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.881444][T20336] hsr_slave_0: entered promiscuous mode
[  419.884560][T20336] hsr_slave_1: entered promiscuous mode
[  419.886735][T20336] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  419.889038][T20336] Cannot create hsr debugfs directory
[  419.914313][T20350] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[  419.916235][T20350] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  419.918535][T20350] vhci_hcd vhci_hcd.0: Device attached
[  420.041263][ T1200] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.255480][ T1200] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.401406][  T979] vhci_hcd: vhci_device speed not set
[  420.409044][ T1200] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.478800][  T979] usb 49-1: new full-speed USB device number 3 using vhci_hcd
[  420.520626][ T1200] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.971591][ T1200] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  420.976878][ T1200] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  420.980736][ T1200] bond0 (unregistering): Released all slaves
[  421.021007][T20336] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  421.027380][T20336] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  421.030601][T20336] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  421.035092][T20336] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  421.100982][T20336] 8021q: adding VLAN 0 to HW filter on device bond0
[  421.111720][T20336] 8021q: adding VLAN 0 to HW filter on device team0
[  421.117089][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.119734][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  421.160219][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  421.163123][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  421.259564][T20336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  421.276463][T20336] veth0_vlan: entered promiscuous mode
[  421.280536][T20336] veth1_vlan: entered promiscuous mode
[  421.289909][T20351] vhci_hcd: connection reset by peer
[  421.294520][   T63] vhci_hcd: stop threads
[  421.297461][   T63] vhci_hcd: release socket
[  421.304166][   T63] vhci_hcd: disconnect device
[  421.308906][ T1200] hsr_slave_0: left promiscuous mode
[  421.311013][ T1200] hsr_slave_1: left promiscuous mode
[  421.317917][ T1200] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.319968][ T1200] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.324039][ T1200] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.326178][ T1200] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.367174][ T1200] veth1_macvtap: left promiscuous mode
[  421.369233][ T1200] veth0_macvtap: left promiscuous mode
[  421.371461][ T1200] veth1_vlan: left promiscuous mode
[  421.373455][ T1200] veth0_vlan: left promiscuous mode
[  421.642101][ T5953] Bluetooth: hci2: command tx timeout
[  421.674419][T20411] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  421.695207][T20411] FAULT_INJECTION: forcing a failure.
[  421.695207][T20411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.699094][T20411] CPU: 1 UID: 0 PID: 20411 Comm: syz.7.2186 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  421.702095][T20411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  421.705166][T20411] Call Trace:
[  421.706133][T20411]  <TASK>
[  421.706988][T20411]  dump_stack_lvl+0x16c/0x1f0
[  421.708349][T20411]  should_fail_ex+0x497/0x5b0
[  421.709718][T20411]  _copy_from_user+0x2e/0xd0
[  421.711059][T20411]  blkdev_common_ioctl+0x1592/0x2220
[  421.712582][T20411]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  421.714322][T20411]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  421.715931][T20411]  ? do_vfs_ioctl+0x513/0x1950
[  421.717314][T20411]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  421.718718][T20411]  ? __pfx_lock_release+0x10/0x10
[  421.720157][T20411]  ? trace_lock_acquire+0x14e/0x1f0
[  421.721667][T20411]  compat_blkdev_ioctl+0x257/0x750
[  421.723128][T20411]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  421.724747][T20411]  ? __fget_files+0x206/0x3a0
[  421.726101][T20411]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  421.727705][T20411]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  421.729215][T20411]  __do_fast_syscall_32+0x73/0x120
[  421.730631][T20411]  do_fast_syscall_32+0x32/0x80
[  421.732018][T20411]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  421.733814][T20411] RIP: 0023:0xf7f06579
[  421.734962][T20411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  421.740148][T20411] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  421.742363][T20411] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000127f
[  421.744558][T20411] RDX: 0000000020000240 RSI: 0000000000000000 RDI: 0000000000000000
[  421.746763][T20411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.748948][T20411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  421.751150][T20411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.753355][T20411]  </TASK>
[  422.112667][ T7761] usb 13-1: USB disconnect, device number 24
[  422.775379][ T1200] team0 (unregistering): Port device team_slave_1 removed
[  422.897232][ T1200] team0 (unregistering): Port device team_slave_0 removed
[  423.683557][T20336] veth0_macvtap: entered promiscuous mode
[  423.688113][T20336] veth1_macvtap: entered promiscuous mode
[  423.697161][T20418] bridge0: port 3(syz_tun) entered blocking state
[  423.699087][T20418] bridge0: port 3(syz_tun) entered disabled state
[  423.701028][T20418] syz_tun: entered allmulticast mode
[  423.703619][T20418] syz_tun: entered promiscuous mode
[  423.705332][T20418] bridge0: port 3(syz_tun) entered blocking state
[  423.707185][T20418] bridge0: port 3(syz_tun) entered forwarding state
[  423.761991][ T5953] Bluetooth: hci2: command tx timeout
[  423.764899][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.764917][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.764929][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.764940][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.764949][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.764961][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.764969][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.764977][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.764986][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  423.764998][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.765732][T20336] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.767007][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.767021][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.767033][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.767040][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.767048][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.767060][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.767070][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.767081][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.767090][T20336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  423.767102][T20336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  423.767728][T20336] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.850532][T20336] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.854058][T20336] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.857256][T20336] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.860494][T20336] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.928311][   T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.930531][   T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  423.942852][   T96] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  423.945538][   T96] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.119841][T20454] ipvlan2: entered promiscuous mode
[  424.123925][T20454] bridge0: port 3(ipvlan2) entered blocking state
[  424.125921][T20454] bridge0: port 3(ipvlan2) entered disabled state
[  424.127871][T20454] ipvlan2: entered allmulticast mode
[  424.129432][T20454] bridge0: entered allmulticast mode
[  424.131657][T20454] ipvlan2: left allmulticast mode
[  424.134572][T20454] bridge0: left allmulticast mode
[  424.539169][ T1200] IPVS: stop unused estimator thread 0...
[  424.627895][T20474] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  424.629852][T20474] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  424.633007][T20474] vhci_hcd vhci_hcd.0: Device attached
[  424.861248][ T6013] vhci_hcd: vhci_device speed not set
[  424.942228][ T6013] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[  425.224869][T20487] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  425.792007][  T979] vhci_hcd: vhci_device speed not set
[  425.792064][ T5958] Bluetooth: hci2: command tx timeout
[  426.153673][T20541] input: syz1 as /devices/virtual/input/input74
[  426.159300][T20541] netlink: 'syz.6.2198': attribute type 1 has an invalid length.
[  426.223082][T20541] bond2: (slave geneve2): making interface the new active one
[  426.227411][T20541] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  426.301992][T11169] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  426.349475][T20475] vhci_hcd: connection reset by peer
[  426.352130][   T63] vhci_hcd: stop threads
[  426.353281][   T63] vhci_hcd: release socket
[  426.354610][   T63] vhci_hcd: disconnect device
[  426.494519][T11169] usb 12-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  426.497122][T11169] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.499417][T11169] usb 12-1: Product: syz
[  426.500619][T11169] usb 12-1: Manufacturer: syz
[  426.502074][T11169] usb 12-1: SerialNumber: syz
[  426.512307][T11169] usb 12-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  426.529494][T11169] usb 12-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  427.245976][   T39] audit: type=1326 audit(1737495002.209:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20603 comm="syz.8.2207" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  427.587123][T11169] ath9k_htc 12-1:1.0: ath9k_htc: Target is unresponsive
[  427.597660][T11169] ath9k_htc: Failed to initialize the device
[  427.614134][T20631] vivid-007: disconnect
[  427.696838][T11169] usb 12-1: ath9k_htc: USB layer deinitialized
[  427.817553][T20640] overlay: Unknown parameter '/'
[  427.873132][ T5958] Bluetooth: hci2: command 0x0419 tx timeout
[  428.280487][T20660] 9pnet_fd: Insufficient options for proto=fd
[  428.519458][T20630] vivid-007: reconnect
[  428.574351][   T39] audit: type=1326 audit(1737495003.539:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  428.580192][   T39] audit: type=1326 audit(1737495003.539:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  428.812028][    T8] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  428.899860][ T6122] usb 12-1: USB disconnect, device number 8
[  428.961962][    T8] usb 8-1: Using ep0 maxpacket: 32
[  428.972000][    T8] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  428.979993][    T8] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.018268][T20672] ipvlan2: entered promiscuous mode
[  429.021229][T20672] bridge0: port 4(ipvlan2) entered blocking state
[  429.023900][T20672] bridge0: port 4(ipvlan2) entered disabled state
[  429.026193][T20672] ipvlan2: entered allmulticast mode
[  429.028087][T20672] bridge0: entered allmulticast mode
[  429.030298][T20672] ipvlan2: left allmulticast mode
[  429.032106][T20672] bridge0: left allmulticast mode
[  429.101372][    T8] usb 8-1: config 0 has no interfaces?
[  429.105347][    T8] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  429.109104][    T8] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  429.112325][    T8] usb 8-1: Product: syz
[  429.113579][    T8] usb 8-1: Manufacturer: syz
[  429.115062][    T8] usb 8-1: SerialNumber: syz
[  429.118507][    T8] usb 8-1: config 0 descriptor??
[  429.227283][T20686] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2219'.
[  429.229309][   T39] audit: type=1326 audit(1737495004.189:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20681 comm="syz.8.2218" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[  429.327329][   T39] audit: type=1326 audit(1737495004.289:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.333591][   T39] audit: type=1326 audit(1737495004.289:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.339685][   T39] audit: type=1326 audit(1737495004.289:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.340920][   T35] usb 8-1: USB disconnect, device number 13
[  429.346818][   T39] audit: type=1326 audit(1737495004.289:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.354166][   T39] audit: type=1326 audit(1737495004.289:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.360427][   T39] audit: type=1326 audit(1737495004.289:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20664 comm="syz.3.2213" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  429.952219][ T5958] Bluetooth: hci2: command 0x0419 tx timeout
[  430.097778][T20706] netlink: 204 bytes leftover after parsing attributes in process `syz.6.2223'.
[  430.102021][ T6013] vhci_hcd: vhci_device speed not set
[  430.225875][T20716] FAULT_INJECTION: forcing a failure.
[  430.225875][T20716] name failslab, interval 1, probability 0, space 0, times 0
[  430.230113][T20716] CPU: 3 UID: 0 PID: 20716 Comm: syz.6.2225 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  430.234087][T20716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.238296][T20716] Call Trace:
[  430.239648][T20716]  <TASK>
[  430.240731][T20716]  dump_stack_lvl+0x16c/0x1f0
[  430.242128][T20716]  should_fail_ex+0x497/0x5b0
[  430.243485][T20716]  ? fs_reclaim_acquire+0xae/0x150
[  430.244964][T20716]  should_failslab+0xc2/0x120
[  430.246313][T20716]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  430.248050][T20716]  ? __lock_acquire+0x15a9/0x3c40
[  430.250078][T20716]  ? __alloc_skb+0x2b3/0x380
[  430.251847][T20716]  __alloc_skb+0x2b3/0x380
[  430.253585][T20716]  ? __pfx___alloc_skb+0x10/0x10
[  430.255719][T20716]  netlink_alloc_large_skb+0x69/0x130
[  430.257802][T20716]  netlink_sendmsg+0x689/0xd70
[  430.259771][T20716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  430.261848][T20716]  ____sys_sendmsg+0x9ae/0xb40
[  430.263715][T20716]  ? __pfx_____sys_sendmsg+0x10/0x10
[  430.265272][T20716]  ? get_compat_msghdr+0x11b/0x170
[  430.266731][T20716]  ___sys_sendmsg+0x135/0x1e0
[  430.268088][T20716]  ? __pfx____sys_sendmsg+0x10/0x10
[  430.269597][T20716]  ? __pfx_lock_release+0x10/0x10
[  430.271028][T20716]  ? trace_lock_acquire+0x14e/0x1f0
[  430.272545][T20716]  ? __fget_files+0x206/0x3a0
[  430.273893][T20716]  __sys_sendmsg+0x16e/0x220
[  430.275228][T20716]  ? __pfx___sys_sendmsg+0x10/0x10
[  430.276695][T20716]  __do_fast_syscall_32+0x73/0x120
[  430.278245][T20716]  do_fast_syscall_32+0x32/0x80
[  430.280225][T20716]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.282669][T20716] RIP: 0023:0xf7f76579
[  430.284243][T20716] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.291309][T20716] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  430.293667][T20716] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200010c0
[  430.295897][T20716] RDX: 0000000000004800 RSI: 0000000000000000 RDI: 0000000000000000
[  430.298303][T20716] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.301354][T20716] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.304351][T20716] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.307265][T20716]  </TASK>
[  430.350591][T20721] FAULT_INJECTION: forcing a failure.
[  430.350591][T20721] name failslab, interval 1, probability 0, space 0, times 0
[  430.354518][T20721] CPU: 0 UID: 0 PID: 20721 Comm: syz.3.2235 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  430.357333][T20721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.360154][T20721] Call Trace:
[  430.361118][T20721]  <TASK>
[  430.362044][T20721]  dump_stack_lvl+0x16c/0x1f0
[  430.363323][T20721]  should_fail_ex+0x497/0x5b0
[  430.364660][T20721]  ? fs_reclaim_acquire+0xae/0x150
[  430.366035][T20721]  should_failslab+0xc2/0x120
[  430.367327][T20721]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  430.368852][T20721]  ? alloc_inode+0xbf/0x230
[  430.370092][T20721]  alloc_inode+0xbf/0x230
[  430.371307][T20721]  alloc_anon_inode+0x28/0x3e0
[  430.372677][T20721]  ? do_raw_spin_unlock+0x172/0x230
[  430.374136][T20721]  secretmem_file_create.constprop.0+0x9a/0x310
[  430.375873][T20721]  ? __pfx_secretmem_file_create.constprop.0+0x10/0x10
[  430.377700][T20721]  __ia32_sys_memfd_secret+0xc5/0x1a0
[  430.379182][T20721]  __do_fast_syscall_32+0x73/0x120
[  430.380638][T20721]  do_fast_syscall_32+0x32/0x80
[  430.382041][T20721]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  430.383798][T20721] RIP: 0023:0xf708e579
[  430.384974][T20721] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  430.390385][T20721] RSP: 002b:00000000f508055c EFLAGS: 00000296 ORIG_RAX: 00000000000001bf
[  430.392752][T20721] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  430.394973][T20721] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  430.397210][T20721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  430.399429][T20721] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  430.401691][T20721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  430.403961][T20721]  </TASK>
[  430.713386][T20726] ipvlan2: entered promiscuous mode
[  430.716438][T20726] bridge0: port 3(ipvlan2) entered blocking state
[  430.718553][T20726] bridge0: port 3(ipvlan2) entered disabled state
[  430.720678][T20726] ipvlan2: entered allmulticast mode
[  430.724035][T20726] bridge0: entered allmulticast mode
[  430.726234][T20726] ipvlan2: left allmulticast mode
[  430.727788][T20726] bridge0: left allmulticast mode
[  430.841035][ T5958] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  430.844908][ T5958] CPU: 0 UID: 0 PID: 5958 Comm: kworker/u33:5 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  430.848039][ T5958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  430.850945][ T5958] Workqueue: hci2 hci_rx_work
[  430.852306][ T5958] Call Trace:
[  430.853272][ T5958]  <TASK>
[  430.854083][ T5958]  dump_stack_lvl+0x16c/0x1f0
[  430.855418][ T5958]  sysfs_warn_dup+0x7f/0xa0
[  430.856762][ T5958]  sysfs_create_dir_ns+0x24d/0x2b0
[  430.858337][ T5958]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.859881][ T5958]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  430.861380][ T5958]  ? kobject_add_internal+0x12d/0x990
[  430.862891][ T5958]  ? do_raw_spin_unlock+0x172/0x230
[  430.864348][ T5958]  kobject_add_internal+0x2c8/0x990
[  430.865824][ T5958]  kobject_add+0x16f/0x240
[  430.867096][ T5958]  ? __pfx_kobject_add+0x10/0x10
[  430.868531][ T5958]  ? class_to_subsys+0x3e/0x160
[  430.869875][ T5958]  ? do_raw_spin_unlock+0x172/0x230
[  430.871325][ T5958]  ? kobject_put+0xab/0x5a0
[  430.872613][ T5958]  device_add+0x289/0x1a70
[  430.873848][ T5958]  ? __pfx_dev_set_name+0x10/0x10
[  430.875263][ T5958]  ? __pfx_device_add+0x10/0x10
[  430.876649][ T5958]  ? mgmt_send_event_skb+0x2f2/0x460
[  430.878178][ T5958]  hci_conn_add_sysfs+0x17e/0x230
[  430.879625][ T5958]  le_conn_complete_evt+0xfce/0x1d10
[  430.881149][ T5958]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.882776][ T5958]  ? __mutex_lock+0x1cc/0xa60
[  430.884135][ T5958]  hci_le_conn_complete_evt+0x23c/0x370
[  430.885727][ T5958]  hci_le_meta_evt+0x2e2/0x5d0
[  430.887208][ T5958]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  430.888966][ T5958]  hci_event_packet+0x666/0x1190
[  430.890392][ T5958]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.891938][ T5958]  ? __pfx_hci_event_packet+0x10/0x10
[  430.893486][ T5958]  ? mark_held_locks+0x9f/0xe0
[  430.894870][ T5958]  ? kcov_remote_start+0x3cf/0x6e0
[  430.896292][ T5958]  ? lockdep_hardirqs_on+0x7c/0x110
[  430.897838][ T5958]  hci_rx_work+0x2c5/0x16b0
[  430.899155][ T5958]  ? process_one_work+0x8bb/0x1b30
[  430.900583][ T5958]  process_one_work+0x958/0x1b30
[  430.901966][ T5958]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  430.903541][ T5958]  ? __pfx_process_one_work+0x10/0x10
[  430.905092][ T5958]  ? rcu_is_watching+0x12/0xc0
[  430.906465][ T5958]  ? assign_work+0x1a0/0x250
[  430.907817][ T5958]  worker_thread+0x6c8/0xf00
[  430.909187][ T5958]  ? __pfx_worker_thread+0x10/0x10
[  430.910647][ T5958]  kthread+0x2c1/0x3a0
[  430.911817][ T5958]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.913308][ T5958]  ? __pfx_kthread+0x10/0x10
[  430.914678][ T5958]  ret_from_fork+0x45/0x80
[  430.915969][ T5958]  ? __pfx_kthread+0x10/0x10
[  430.917333][ T5958]  ret_from_fork_asm+0x1a/0x30
[  430.918713][ T5958]  </TASK>
[  430.920424][ T5958] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.924931][ T5958] Bluetooth: hci2: failed to register connection device
[  431.352333][T20742] bridge0: port 3(syz_tun) entered blocking state
[  431.354218][T20742] bridge0: port 3(syz_tun) entered disabled state
[  431.356128][T20742] syz_tun: entered allmulticast mode
[  431.359106][T20742] syz_tun: entered promiscuous mode
[  431.360820][T20742] bridge0: port 3(syz_tun) entered blocking state
[  431.362658][T20742] bridge0: port 3(syz_tun) entered forwarding state
[  431.516624][T20748] bridge_slave_0: left allmulticast mode
[  431.518783][T20748] bridge_slave_0: left promiscuous mode
[  431.520999][T20748] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.524872][T20748] bridge_slave_1: left allmulticast mode
[  431.526503][T20748] bridge_slave_1: left promiscuous mode
[  431.528206][T20748] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.537175][T20748] bond0: (slave bond_slave_0): Releasing backup interface
[  431.543735][T20748] bond0: (slave bond_slave_1): Releasing backup interface
[  431.557185][T20732] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  431.562570][T20732] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  431.581056][T20748] team0: Port device team_slave_0 removed
[  431.581401][T20732] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  431.585792][T20732] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  431.593572][T20732] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  431.595238][T20748] team0: Port device team_slave_1 removed
[  431.597496][T20748] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  431.599740][T20748] batman_adv: batadv0: Removing interface: batadv_slave_0
[  431.605439][T20748] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  431.607631][T20748] batman_adv: batadv0: Removing interface: batadv_slave_1
[  431.609845][T20732] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  431.617001][T20732] ==================================================================
[  431.619287][T20732] BUG: KASAN: slab-use-after-free in sock_def_readable+0x175/0x610
[  431.621541][T20732] Read of size 8 at addr ffff8880750a2060 by task syz.8.2237/20732
[  431.624581][T20732] 
[  431.625792][T20732] CPU: 0 UID: 0 PID: 20732 Comm: syz.8.2237 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  431.628738][T20732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.631758][T20732] Call Trace:
[  431.632738][T20732]  <TASK>
[  431.633586][T20732]  dump_stack_lvl+0x116/0x1f0
[  431.634937][T20732]  print_report+0xc3/0x620
[  431.636226][T20732]  ? __virt_addr_valid+0x5e/0x590
[  431.637742][T20732]  ? __phys_addr+0xc6/0x150
[  431.639052][T20732]  kasan_report+0xd9/0x110
[  431.640334][T20732]  ? sock_def_readable+0x175/0x610
[  431.641810][T20732]  ? sock_def_readable+0x175/0x610
[  431.643289][T20732]  kasan_check_range+0xef/0x1a0
[  431.644689][T20732]  sock_def_readable+0x175/0x610
[  431.646055][T20732]  l2cap_sock_teardown_cb+0x1d1/0x3c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  431.647707][T20732]  l2cap_chan_del+0xba/0x8f0
[  431.649019][T20732]  l2cap_conn_del+0x37c/0x730
[  431.650336][T20732]  l2cap_connect_cfm+0x7aa/0xf10
[  431.651744][T20732]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  431.653294][T20732]  ? hci_cb_lookup+0x319/0x4e0
[  431.654624][T20732]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  431.656121][T20732]  hci_conn_failed+0x225/0x3e0
[  431.657464][T20732]  ? __pfx_hci_conn_failed+0x10/0x10
[  431.658912][T20732]  ? lock_acquire+0x2f/0xb0
[  431.660265][T20732]  ? hci_abort_conn_sync+0x172/0x1030
[  431.661837][T20732]  hci_abort_conn_sync+0x968/0x1030
[  431.663357][T20732]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  431.664958][T20732]  ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0
[  431.666822][T20732]  ? __pfx_lock_release+0x10/0x10
[  431.668255][T20732]  ? trace_lock_acquire+0x14e/0x1f0
[  431.669740][T20732]  ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0
[  431.671538][T20732]  hci_disconnect_all_sync.constprop.0+0x104/0x3c0
[  431.673321][T20732]  hci_suspend_sync+0x772/0xab0
[  431.674646][T20732]  ? __pfx_hci_suspend_sync+0x10/0x10
[  431.676161][T20732]  ? __pfx_mgmt_suspending+0x10/0x10
[  431.677683][T20732]  hci_suspend_dev+0x27d/0x5e0
[  431.679053][T20732]  hci_suspend_notifier+0x28d/0x2f0
[  431.680539][T20732]  notifier_call_chain+0xb7/0x410
[  431.681986][T20732]  ? __pfx_hci_suspend_notifier+0x10/0x10
[  431.683607][T20732]  blocking_notifier_call_chain_robust+0xc9/0x170
[  431.685437][T20732]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  431.687415][T20732]  ? do_raw_spin_unlock+0x172/0x230
[  431.688904][T20732]  pm_notifier_call_chain_robust+0x27/0x60
[  431.690563][T20732]  snapshot_open+0x189/0x2b0
[  431.691901][T20732]  ? __pfx_snapshot_open+0x10/0x10
[  431.693384][T20732]  misc_open+0x35a/0x420
[  431.694600][T20732]  ? __pfx_misc_open+0x10/0x10
[  431.695970][T20732]  chrdev_open+0x237/0x6a0
[  431.697258][T20732]  ? __pfx_apparmor_file_open+0x10/0x10
[  431.698825][T20732]  ? __pfx_chrdev_open+0x10/0x10
[  431.700240][T20732]  do_dentry_open+0xf59/0x1ea0
[  431.701702][T20732]  ? __pfx_chrdev_open+0x10/0x10
[  431.703171][T20732]  ? inode_permission+0xdd/0x5f0
[  431.704605][T20732]  vfs_open+0x82/0x3f0
[  431.705777][T20732]  ? may_open+0x1f2/0x400
[  431.706994][T20732]  path_openat+0x1e81/0x2d70
[  431.708326][T20732]  ? __pfx_path_openat+0x10/0x10
[  431.709825][T20732]  ? __pfx___lock_acquire+0x10/0x10
[  431.711317][T20732]  ? lock_acquire.part.0+0x11b/0x380
[  431.712845][T20732]  ? find_held_lock+0x2d/0x110
[  431.714216][T20732]  do_filp_open+0x20c/0x470
[  431.715511][T20732]  ? __pfx_do_filp_open+0x10/0x10
[  431.716956][T20732]  ? find_held_lock+0x2d/0x110
[  431.718341][T20732]  ? alloc_fd+0x41f/0x760
[  431.719579][T20732]  do_sys_openat2+0x17a/0x1e0
[  431.720917][T20732]  ? __pfx_do_sys_openat2+0x10/0x10
[  431.722357][T20732]  ? fput+0x67/0x440
[  431.723468][T20732]  ? __sys_sendmsg+0x19a/0x220
[  431.724833][T20732]  __ia32_compat_sys_openat+0x16e/0x210
[  431.726370][T20732]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  431.728040][T20732]  __do_fast_syscall_32+0x73/0x120
[  431.729585][T20732]  do_fast_syscall_32+0x32/0x80
[  431.730964][T20732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.732775][T20732] RIP: 0023:0xf706e579
[  431.733934][T20732] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.739363][T20732] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  431.741690][T20732] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200004c0
[  431.743880][T20732] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  431.746035][T20732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.748190][T20732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  431.750408][T20732] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.752625][T20732]  </TASK>
[  431.753485][T20732] 
[  431.754151][T20732] Allocated by task 20737:
[  431.755380][T20732]  kasan_save_stack+0x33/0x60
[  431.756688][T20732]  kasan_save_track+0x14/0x30
[  431.758031][T20732]  __kasan_kmalloc+0xaa/0xb0
[  431.759346][T20732]  __kmalloc_noprof+0x21a/0x4f0
[  431.760702][T20732]  sk_prot_alloc+0x1a8/0x2a0
[  431.762122][T20732]  sk_alloc+0x36/0xb90
[  431.763256][T20732]  bt_sock_alloc+0x3b/0x3a0
[  431.764530][T20732]  l2cap_sock_alloc.constprop.0+0x33/0x1c0
[  431.766145][T20732]  l2cap_sock_create+0x123/0x1f0
[  431.767532][T20732]  bt_sock_create+0x182/0x350
[  431.768876][T20732]  __sock_create+0x335/0x8d0
[  431.770145][T20732]  __sys_socket+0x14f/0x260
[  431.771426][T20732]  __ia32_sys_socket+0x72/0xb0
[  431.772839][T20732]  __do_fast_syscall_32+0x73/0x120
[  431.774297][T20732]  do_fast_syscall_32+0x32/0x80
[  431.775684][T20732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.777667][T20732] 
[  431.778486][T20732] Freed by task 20737:
[  431.779673][T20732]  kasan_save_stack+0x33/0x60
[  431.781057][T20732]  kasan_save_track+0x14/0x30
[  431.782466][T20732]  kasan_save_free_info+0x3b/0x60
[  431.783952][T20732]  __kasan_slab_free+0x51/0x70
[  431.785410][T20732]  kfree+0x14f/0x4b0
[  431.786591][T20732]  __sk_destruct+0x5eb/0x720
[  431.787954][T20732]  sk_destruct+0xc2/0xf0
[  431.789221][T20732]  __sk_free+0xf4/0x3e0
[  431.790460][T20732]  sk_free+0x6a/0x90
[  431.791653][T20732]  l2cap_sock_kill+0x171/0x2d0
[  431.793066][T20732]  l2cap_sock_release+0x189/0x210
[  431.794600][T20732]  __sock_release+0xb0/0x270
[  431.796007][T20732]  sock_close+0x1c/0x30
[  431.797228][T20732]  __fput+0x3f8/0xb60
[  431.798455][T20732]  task_work_run+0x14e/0x250
[  431.799817][T20732]  get_signal+0x1d3/0x2610
[  431.801150][T20732]  arch_do_signal_or_restart+0x90/0x7e0
[  431.802870][T20732]  syscall_exit_to_user_mode+0x150/0x2a0
[  431.804488][T20732]  __do_fast_syscall_32+0x80/0x120
[  431.806006][T20732]  do_fast_syscall_32+0x32/0x80
[  431.807480][T20732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.809316][T20732] 
[  431.810052][T20732] The buggy address belongs to the object at ffff8880750a2000
[  431.810052][T20732]  which belongs to the cache kmalloc-2k of size 2048
[  431.814025][T20732] The buggy address is located 96 bytes inside of
[  431.814025][T20732]  freed 2048-byte region [ffff8880750a2000, ffff8880750a2800)
[  431.817986][T20732] 
[  431.818677][T20732] The buggy address belongs to the physical page:
[  431.820480][T20732] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880750a6000 pfn:0x750a0
[  431.823357][T20732] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  431.825612][T20732] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  431.827753][T20732] page_type: f5(slab)
[  431.828876][T20732] raw: 04fff00000000040 ffff88801b042f00 ffffea00017b9400 dead000000000002
[  431.831196][T20732] raw: ffff8880750a6000 0000000000080007 00000001f5000000 0000000000000000
[  431.833572][T20732] head: 04fff00000000040 ffff88801b042f00 ffffea00017b9400 dead000000000002
[  431.835978][T20732] head: ffff8880750a6000 0000000000080007 00000001f5000000 0000000000000000
[  431.838323][T20732] head: 04fff00000000003 ffffea0001d42801 ffffffffffffffff 0000000000000000
[  431.840662][T20732] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  431.843008][T20732] page dumped because: kasan: bad access detected
[  431.844782][T20732] page_owner tracks the page as allocated
[  431.846375][T20732] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11242, tgid 11242 (syz-executor), ts 209858358142, free_ts 209856543599
[  431.852117][T20732]  post_alloc_hook+0x2d1/0x350
[  431.853478][T20732]  get_page_from_freelist+0xfce/0x2f80
[  431.855019][T20732]  __alloc_pages_noprof+0x221/0x2470
[  431.856511][T20732]  alloc_pages_mpol_noprof+0x2c8/0x620
[  431.858043][T20732]  new_slab+0x2c9/0x410
[  431.859233][T20732]  ___slab_alloc+0xcda/0x1660
[  431.860580][T20732]  __slab_alloc.constprop.0+0x56/0xb0
[  431.862116][T20732]  __kmalloc_node_track_caller_noprof+0x2ee/0x520
[  431.863895][T20732]  kmalloc_reserve+0xef/0x2c0
[  431.865223][T20732]  __alloc_skb+0x164/0x380
[  431.866485][T20732]  inet6_ifinfo_notify+0x77/0x150
[  431.867901][T20732]  addrconf_notify+0x81a/0x19c0
[  431.869261][T20732]  notifier_call_chain+0xb7/0x410
[  431.870662][T20732]  call_netdevice_notifiers_info+0xbe/0x140
[  431.872354][T20732]  __dev_notify_flags+0x12d/0x2e0
[  431.873794][T20732]  dev_change_flags+0x10c/0x160
[  431.875180][T20732] page last free pid 11242 tgid 11242 stack trace:
[  431.877015][T20732]  free_unref_page+0x661/0x1080
[  431.878391][T20732]  __put_partials+0x14c/0x170
[  431.879735][T20732]  qlist_free_all+0x4e/0x120
[  431.881062][T20732]  kasan_quarantine_reduce+0x195/0x1e0
[  431.882611][T20732]  __kasan_slab_alloc+0x69/0x90
[  431.884004][T20732]  __kmalloc_node_noprof+0x1d0/0x520
[  431.885488][T20732]  alloc_slab_obj_exts+0x41/0xa0
[  431.886865][T20732]  new_slab+0x314/0x410
[  431.888051][T20732]  ___slab_alloc+0xcda/0x1660
[  431.889399][T20732]  __slab_alloc.constprop.0+0x56/0xb0
[  431.890916][T20732]  kmem_cache_alloc_noprof+0xeb/0x3b0
[  431.892448][T20732]  sk_prot_alloc+0x60/0x2a0
[  431.893743][T20732]  sk_alloc+0x36/0xb90
[  431.894917][T20732]  unix_create1+0xa6/0x6c0
[  431.896196][T20732]  unix_create+0x10e/0x1d0
[  431.897442][T20732]  __sock_create+0x335/0x8d0
[  431.898691][T20732] 
[  431.899358][T20732] Memory state around the buggy address:
[  431.900898][T20732]  ffff8880750a1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  431.903092][T20732]  ffff8880750a1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  431.905297][T20732] >ffff8880750a2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.907523][T20732]                                                        ^
[  431.909555][T20732]  ffff8880750a2080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.911809][T20732]  ffff8880750a2100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  431.914095][T20732] ==================================================================
[  431.921041][T20732] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  431.923192][T20732] CPU: 3 UID: 0 PID: 20732 Comm: syz.8.2237 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  431.926396][T20732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.929561][T20732] Call Trace:
[  431.930503][T20732]  <TASK>
[  431.931348][T20732]  dump_stack_lvl+0x3d/0x1f0
[  431.932719][T20732]  panic+0x71d/0x800
[  431.933862][T20732]  ? __pfx_panic+0x10/0x10
[  431.935154][T20732]  ? preempt_schedule_thunk+0x1a/0x30
[  431.936748][T20732]  ? preempt_schedule_common+0x44/0xc0
[  431.938327][T20732]  check_panic_on_warn+0xab/0xb0
[  431.939708][T20732]  end_report+0x117/0x180
[  431.940978][T20732]  kasan_report+0xe9/0x110
[  431.942248][T20732]  ? sock_def_readable+0x175/0x610
[  431.943671][T20732]  ? sock_def_readable+0x175/0x610
[  431.945139][T20732]  kasan_check_range+0xef/0x1a0
[  431.946589][T20732]  sock_def_readable+0x175/0x610
[  431.948049][T20732]  l2cap_sock_teardown_cb+0x1d1/0x3c0
[  431.949586][T20732]  l2cap_chan_del+0xba/0x8f0
[  431.950932][T20732]  l2cap_conn_del+0x37c/0x730
[  431.952293][T20732]  l2cap_connect_cfm+0x7aa/0xf10
[  431.953696][T20732]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  431.955200][T20732]  ? hci_cb_lookup+0x319/0x4e0
[  431.956735][T20732]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  431.958250][T20732]  hci_conn_failed+0x225/0x3e0
[  431.959624][T20732]  ? __pfx_hci_conn_failed+0x10/0x10
[  431.961166][T20732]  ? lock_acquire+0x2f/0xb0
[  431.962451][T20732]  ? hci_abort_conn_sync+0x172/0x1030
[  431.963950][T20732]  hci_abort_conn_sync+0x968/0x1030
[  431.965593][T20732]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  431.967668][T20732]  ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0
[  431.969909][T20732]  ? __pfx_lock_release+0x10/0x10
[  431.971294][T20732]  ? trace_lock_acquire+0x14e/0x1f0
[  431.972733][T20732]  ? hci_disconnect_all_sync.constprop.0+0x77/0x3c0
[  431.974538][T20732]  hci_disconnect_all_sync.constprop.0+0x104/0x3c0
[  431.976515][T20732]  hci_suspend_sync+0x772/0xab0
[  431.977959][T20732]  ? __pfx_hci_suspend_sync+0x10/0x10
[  431.979465][T20732]  ? __pfx_mgmt_suspending+0x10/0x10
[  431.980960][T20732]  hci_suspend_dev+0x27d/0x5e0
[  431.982314][T20732]  hci_suspend_notifier+0x28d/0x2f0
[  431.983766][T20732]  notifier_call_chain+0xb7/0x410
[  431.985181][T20732]  ? __pfx_hci_suspend_notifier+0x10/0x10
[  431.987105][T20732]  blocking_notifier_call_chain_robust+0xc9/0x170
[  431.989450][T20732]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  431.991394][T20732]  ? do_raw_spin_unlock+0x172/0x230
[  431.992896][T20732]  pm_notifier_call_chain_robust+0x27/0x60
[  431.994531][T20732]  snapshot_open+0x189/0x2b0
[  431.995857][T20732]  ? __pfx_snapshot_open+0x10/0x10
[  431.997317][T20732]  misc_open+0x35a/0x420
[  431.998516][T20732]  ? __pfx_misc_open+0x10/0x10
[  431.999873][T20732]  chrdev_open+0x237/0x6a0
[  432.001153][T20732]  ? __pfx_apparmor_file_open+0x10/0x10
[  432.002700][T20732]  ? __pfx_chrdev_open+0x10/0x10
[  432.004090][T20732]  do_dentry_open+0xf59/0x1ea0
[  432.005437][T20732]  ? __pfx_chrdev_open+0x10/0x10
[  432.007241][T20732]  ? inode_permission+0xdd/0x5f0
[  432.009186][T20732]  vfs_open+0x82/0x3f0
[  432.010353][T20732]  ? may_open+0x1f2/0x400
[  432.011560][T20732]  path_openat+0x1e81/0x2d70
[  432.012861][T20732]  ? __pfx_path_openat+0x10/0x10
[  432.014245][T20732]  ? __pfx___lock_acquire+0x10/0x10
[  432.015709][T20732]  ? lock_acquire.part.0+0x11b/0x380
[  432.017140][T20732]  ? find_held_lock+0x2d/0x110
[  432.018512][T20732]  do_filp_open+0x20c/0x470
[  432.019785][T20732]  ? __pfx_do_filp_open+0x10/0x10
[  432.021184][T20732]  ? find_held_lock+0x2d/0x110
[  432.022551][T20732]  ? alloc_fd+0x41f/0x760
[  432.023760][T20732]  do_sys_openat2+0x17a/0x1e0
[  432.025061][T20732]  ? __pfx_do_sys_openat2+0x10/0x10
[  432.026719][T20732]  ? fput+0x67/0x440
[  432.027898][T20732]  ? __sys_sendmsg+0x19a/0x220
[  432.029286][T20732]  __ia32_compat_sys_openat+0x16e/0x210
[  432.030907][T20732]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  432.032740][T20732]  __do_fast_syscall_32+0x73/0x120
[  432.034236][T20732]  do_fast_syscall_32+0x32/0x80
[  432.035669][T20732]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.037541][T20732] RIP: 0023:0xf706e579
[  432.038742][T20732] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.044319][T20732] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  432.046744][T20732] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200004c0
[  432.049094][T20732] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  432.051411][T20732] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  432.053735][T20732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  432.056102][T20732] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.058384][T20732]  </TASK>
[  432.059891][T20732] Kernel Offset: disabled
[  432.061118][T20732] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:25:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8517b7c5 RDI=ffffffff9aa95500 RBP=ffffffff9aa954c0 RSP=ffffc90003176c98
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3730383838666666
R12=0000000000000000 R13=0000000000000020 R14=ffffffff8517b760 R15=0000000000000000
RIP=ffffffff8517b7ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50c5cc0 CR3=0000000054532000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000010000000 Opmask01=00000000fffffff8 Opmask02=0000000002000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffaed81140 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000a3030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000001331807 RBX=0000000000000001 RCX=ffffffff8b1e4559 RDX=0000000000000000
RSI=ffffffff8b6cd3a0 RDI=ffffffff8bd24ce0 RBP=ffffed1003a5f910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2fc880 R14=ffffffff905e5110 R15=0000000000000000
RIP=ffffffff8b1e593f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3af18e CR3=000000004a982000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000001067608347e RBX=ffff88802b628400 RCX=00000000000006e0 RDX=0000000000000106
RSI=ffff88802b628400 RDI=0000000000022973 RBP=0000000000022973 RSP=ffffc90000548ec0
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000002
R12=0000000000000000 R13=0000000000000019 R14=0000000000000000 R15=7fffffffffffffff
RIP=ffffffff814670c5 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f56f09b4d00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000562b7fb76000 CR3=0000000049f54000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=5318206e5318206e 5318206e5318206e 5318206e5318206e 5318206e5318206e 5318206e5318206e 5318206e5318206e 5318206e5318206e 5318206e5318206e
ZMM22=682022ed682022ed 682022ed682022ed 682022ed682022ed 682022ed682022ed 682022ed682022ed 682022ed682022ed 682022ed682022ed 682022ed682022ed
ZMM23=a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846 a8d46846a8d46846
ZMM24=f0095488f0095488 f0095488f0095488 f0095488f0095488 f0095488f0095488 f0095488f0095488 f0095488f0095488 f0095488f0095488 f0095488f0095488
ZMM25=4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3 4dea32b34dea32b3
ZMM26=61251e5561251e55 61251e5561251e55 61251e5561251e55 61251e5561251e55 61251e5561251e55 61251e5561251e55 61251e5561251e55 61251e5561251e55
ZMM27=178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d 178fa81d178fa81d
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7510000075100000 7510000075100000 7510000075100000 7510000075100000 7510000075100000 7510000075100000 7510000075100000 7510000075100000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=000000000004fb80 RCX=1ffff110087abc97 RDX=ffff8880236e2440
RSI=ffffffff81dc9120 RDI=ffff888043d5e4b8 RBP=ffff888043d5e400 RSP=ffffc900069375e0
R8 =0000000000000004 R9 =0000000000000840 R10=0000000000100000 R11=0000000000000000
R12=000000000004fb80 R13=0000000000000001 R14=ffffe8ffac200000 R15=0000000000000003
RIP=ffffffff81dca02d RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f56f09b4d00 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000003381bffc CR3=0000000049f54000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9adebaddcd1e6543 13c13cd19a2e4938
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ad339d255fb650f6 9b5a1a4f83a1ae85
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b095df302b6d10e9 c463c4c91ff67d70
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64cc373e76a591cb a106b09d09474f3f
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000060
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000020
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 62bca6c7c0396613 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63ce958e00000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d14936eca5afed5c b16558f70b595c96
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000005932144a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0376f08e329936b d988f547f19ea65e
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d8fa673c6074d6ef b7bd56ec2e3dad6f
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000