last executing test programs:

1m44.762019825s ago: executing program 3 (id=3101):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1m43.79336731s ago: executing program 3 (id=3107):
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0x48, 0x0, 0x1, 0x80004, 0x1, {}, [@WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_PRIVATE_KEY={0x24}, @WGDEVICE_A_IFINDEX={0x8}]}, 0x48}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4008000)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000900)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x2000000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000080000000400"/20, @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB], 0x48)
umount2(&(0x7f0000000340)='./file0\x00', 0x0)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000440)={{{@in6=@private1, @in6=@mcast2, 0x4e21, 0x4, 0x4e23, 0xffff, 0xa, 0x20, 0x20, 0x2b}, {0x5, 0xbe, 0x0, 0x8, 0x9, 0x2, 0x0, 0x8}, {0x6, 0x12d, 0x76, 0x5}, 0xc, 0x6e6bb7, 0x1, 0x0, 0x0, 0x3}, {{@in6=@loopback, 0x4d6, 0x32}, 0xa, @in=@loopback, 0x3502, 0x2, 0x3, 0x1, 0x728, 0x7fffffff}}, 0xe4)
openat$dsp(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r6, r5, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x0, 0x4})

1m42.397907692s ago: executing program 3 (id=3112):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000fcffffff0000000000000000"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x2)
ioctl$CEC_ADAP_G_LOG_ADDRS(r1, 0x805c6103, &(0x7f00000000c0))

1m42.330343641s ago: executing program 3 (id=3113):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
setfsgid(0xee00)
syz_clone(0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x150, 0x30, 0x300, 0x0, 0x0, {}, [{0x13c, 0x1, [@m_xt={0xf0, 0xa, 0x0, 0x0, {{0x7}, {0xbc, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x9}, @TCA_IPT_TARG={0xa5, 0x6, {0x9c, 'raw\x00', 0x9, 0x5, "21921558ff90a88712adf811e626ee3b662f8d9a4fa3828ec22c7a2c0dd692518e26179ee822f66fd6e4930e9a50594afd16d30cc42444ac50afdf40a2d2d901f58699db9cb4c7ae808a9770ad864e899bda0ea781851240288a07278d244552e71e95cdfe54c445ffd557b58edb6ccf3881952fbd647f1cff0125"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x3}]}, {0xf, 0x6, "9023403074192d445c3d20"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x5, 0x2}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x804}, 0x4044000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r1], 0x0, 0x8, 0x28, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180))
mkdir(&(0x7f0000000040)='./file0\x00', 0x11e)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f0000000000), 0x1000000, 0x0)
llistxattr(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1m42.275166062s ago: executing program 3 (id=3114):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x2000000000000, 0xfffffdfffffffffe, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)=ANY=[@ANYBLOB="50000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000300", @ANYRES32=0x0, @ANYBLOB="8700128008000100677470001c00028008000100", @ANYRES32=r3], 0x50}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r4}}, 0x20)
read(r3, 0x0, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r5 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r5, 0xc0585605, &(0x7f0000000080)={0xfffe, 0x0, {0x0, 0x0, 0x2025, 0x7}})
mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x800000, 0x6, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000004, 0x200000005c831, r1, 0x0)
socket(0x3, 0x2, 0xda2e)

1m41.956886025s ago: executing program 3 (id=3116):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0xfffffff6, 0x823b01)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$tun(0xffffffffffffffff, 0x0, 0x32)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x20200, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r2, &(0x7f0000000300)="ca", 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x3c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00'})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

1m41.904465781s ago: executing program 32 (id=3116):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(0x0, 0xfffffff6, 0x823b01)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
syz_open_dev$radio(&(0x7f0000002100), 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$tun(0xffffffffffffffff, 0x0, 0x32)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x20200, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r2, &(0x7f0000000300)="ca", 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x3c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00'})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

1m24.438148735s ago: executing program 0 (id=3181):
r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000005c0), &(0x7f0000000600)=0x4) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DISABLE_SE(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1689c30b30bfa1075b78305039254a8557a4ccf62f7ba1282791348e62520da77e2f929270037951e1821ada7b2fec37a29973b7a678ab311a04b7f7e1563baefbd5c318fc9b5b5f52fd1d5ed6e81ed785c5a48166c0950084882965dda751c42c53f9ccfba4f3bea65a5507a23c6045ae6499800ae3", @ANYRES16=r2, @ANYBLOB="00022cbd7000fddbdf251200000008000100", @ANYRES32=r3, @ANYBLOB="08001500c0000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x200080c0) (async)
connect$nfc_raw(r0, &(0x7f0000000380)={0x27, r3, 0x0, 0x6}, 0x10) (async)
openat$audio1(0xffffff9c, &(0x7f00000000c0), 0x82d01, 0x0) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) (async)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4, 0x10, 0xffffffffffffffff, 0x8000000) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x8) (async)
syz_io_uring_setup(0xf2b, &(0x7f0000000100)={0x0, 0xa0ee, 0x40, 0x1, 0x1a8}, &(0x7f0000000180), &(0x7f00000001c0)) (async)
r4 = openat$vmci(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION(r4, 0x79f, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x5, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071114200000000008510000002000000850008000500000095000000000000009500a50500000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x5f03, &(0x7f00000003c0)={0x0, 0xef71, 0x800, 0x2, 0x2f1}, &(0x7f00000001c0), &(0x7f0000000440))
r7 = syz_io_uring_setup(0x488d, &(0x7f0000000240)={0x0, 0xb0f5, 0x0, 0x0, 0x12}, &(0x7f0000000080)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80800, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x402d, 0x0, 0x0, 0x1000004}]}, 0x10) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r7, 0x47bc, 0x0, 0x0, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1m24.370906285s ago: executing program 0 (id=3182):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

1m23.197404684s ago: executing program 0 (id=3186):
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x100}, 0x90) (fail_nth: 3)

1m23.130970505s ago: executing program 0 (id=3187):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, 0x0, 0x4)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x4, 0x15, 0x89, 0xea0, 0x16, 0x2, &(0x7f00000000c0)="5d60e48717bb5252cafaaed40321820f9620a34c7069"})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x400a00, 0xd8)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_GET(r2, &(0x7f0000000500)={&(0x7f0000000280), 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r3, @ANYBLOB="00032cbd7000fddbdf250b0000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00ff000000080001007063690011000200303030303a30303a31302e300000000008000b0003000000080001007063690011000200303030303a30303a31302e300000000008000b00020000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0009000000080001007063690011000230303a30303a31302e300000000008000b00020000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0017010000"], 0xf8}, 0x1, 0x0, 0x0, 0x64044061}, 0x44000)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
syz_open_dev$sndmidi(0x0, 0xd8, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x1c57, 0x0, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5})
io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7, 0x0, 0x9, 0xfffffffffffffffd, 0x300}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1m22.820732486s ago: executing program 0 (id=3191):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r4, 0x5)
accept4$inet6(r4, 0x0, 0x0, 0x800)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000000))
ioctl$TIOCGPTPEER(r5, 0x5441, 0x1)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/4\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='sessionid\x00')
fchdir(r6)
r7 = inotify_init()
inotify_add_watch(r7, &(0x7f0000000000)='./file0\x00', 0xa0000006)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x240, 0x0)
shutdown(r4, 0x1)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000e1ff0061100800000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x90)
ioctl$BINDER_SET_MAX_THREADS(r8, 0x40046205, 0x0)

1m21.898255941s ago: executing program 0 (id=3195):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000080), 0xfffffe13)
syz_open_dev$sndctrl(&(0x7f0000000380), 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1, 0x200}, 0xc)
socket$netlink(0x10, 0x3, 0x15)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0xd46, 0x3, 0x6, 0x7}, 0x8)
sendmmsg$inet6(r5, &(0x7f00000016c0)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x1, @loopback, 0x4}, 0x1c, &(0x7f0000000580)=[{&(0x7f00000005c0)="9b", 0x1}], 0x1}}], 0x1, 0x8044)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x1e8640, 0x0)

1m17.828076817s ago: executing program 4 (id=3204):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

1m16.886182582s ago: executing program 4 (id=3208):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x6}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f00000004c0)={0x1d, r2}, 0x10)
r3 = socket$pptp(0x18, 0x1, 0x2)
accept4(r3, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = io_uring_setup(0x5b42, &(0x7f0000000640)={0x0, 0xfffffffe, 0x800, 0x103fc, 0x159})
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
mknodat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x8000, 0x8)
ptrace$cont(0xffffffffffffffff, r0, 0x0, 0x0)
sendmsg$rds(r7, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000e59509000000000000d2230700000000000048cd26ce36df28a9c1fb8a57bc3f5c0cc0143d787a034935e6da38f71ca7ec72c061be01f441b8bd92d32ba15ab2ccd5e76dd8199b965f2d7693fab1c0faf9903b2f2bcdf60663938e1667bb0f4e570635a6c978d1381b009cedf4671697454a26ba90b310b112ce9ebc56e46c727c4c6a5de1ba86adb08c0478b39c2ab6feb16cd926f87c9f95a4655e12fc7c26e535d0471b362bfad1ba7a478e0105cc30d6df8c0dc813b37a45e840ef57eb0cc3bdd032161feec3bb487337d557f848ca8f000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r8, 0xc08c5332, &(0x7f0000000400)={{0x40, 0x3}, 0x0, 0x4, 0x88, {}, 0x0, 0xffff})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r8, 0xc0605345, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)

1m15.903371702s ago: executing program 4 (id=3212):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000002010104000000000000000002001000240002801400018008000100e0000001"], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r4 = syz_io_uring_setup(0x109, 0x0, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000440)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$cgroup(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x8000, &(0x7f0000000480)={[{@name={'name', 0x3d, 'nfs\x00'}}]})
write$FUSE_INIT(r7, 0x0, 0x0)
io_uring_enter(r4, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)

1m14.866824679s ago: executing program 4 (id=3214):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, 0x0, 0x0, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

1m13.905642934s ago: executing program 4 (id=3217):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r4, 0x5)
accept4$inet6(r4, 0x0, 0x0, 0x800)

1m12.942786872s ago: executing program 4 (id=3219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x170c}]]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x0) (fail_nth: 3)

1m5.713094734s ago: executing program 33 (id=3195):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000080), 0xfffffe13)
syz_open_dev$sndctrl(&(0x7f0000000380), 0x1ff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1, 0x200}, 0xc)
socket$netlink(0x10, 0x3, 0x15)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0xd46, 0x3, 0x6, 0x7}, 0x8)
sendmmsg$inet6(r5, &(0x7f00000016c0)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x1, @loopback, 0x4}, 0x1c, &(0x7f0000000580)=[{&(0x7f00000005c0)="9b", 0x1}], 0x1}}], 0x1, 0x8044)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x1e8640, 0x0)

1m1.450095203s ago: executing program 5 (id=3242):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c00000002010104000000000000000002001000240002801400018008000100e0000001"], 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
r4 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x204}, 0x0, &(0x7f0000000440)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$cgroup(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x8000, &(0x7f0000000480)={[{@name={'name', 0x3d, 'nfs\x00'}}]})
write$FUSE_INIT(r6, 0x0, 0x0)
io_uring_enter(r4, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)

1m0.487564812s ago: executing program 5 (id=3246):
sendmmsg(0xffffffffffffffff, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0xa1, &(0x7f00000002c0)=0xfffffffffffffffc)
sched_setscheduler(r1, 0x2, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000651000/0x4000)=nil, 0x4000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000280))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040e04062d2055b1a1965e48ad81e268d999b58f35b152793c3295176a0a11696847b35a4bbfa8ea0d4a1893ed7534d5463c2e912d399f6779d2cd7155e872df14d6bdc4f6a6ee9f32a07aea3311a7dd1e6b48c1ebf7df505adbcf61b25feb2017e1c3f47e34dc4b1b7a3d5a46b8ef40bfa7c20f487c02cc1a786b048d93f0e3fb17f5f4e318e850928e0f9ff4d86e8f7692205515f1bbeeb3e500"], 0x7)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180))
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
write$dsp(r5, &(0x7f0000000080)="cd", 0x1)
write$dsp(r5, 0x0, 0x0)
close(r0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r6, 0x1, 0x2a, 0x0, &(0x7f0000000100))
syz_io_uring_setup(0x6089, &(0x7f0000000140)={0x0, 0x2461, 0x1, 0x28003, 0x7fe, 0x0, r4}, &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x11, r9, 0x0, 0x0, 0x0, 0x1, 0x1, {0x3}})

57.258848583s ago: executing program 5 (id=3249):
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, &(0x7f0000000440)=0x1f)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000080)={0x60, 0x12, 0x3, 0x9, 0x72, 0x80, &(0x7f0000000280)="037a7239c9c38a822a592743d9e35663e18298be74ebdc8df1eea98a130ce29e6c530f3e78e980a1804d7610e07df23fc476a1602fe3df32dfa8b739fade78a640cdc03b57fc90f0d725cd1c8aadb8cc1c1d7271eeb7fe1f73c8f2d8578e7f8c72d232fb1630f14fa2e9bc8d2058e8962888"})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2e8381, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x3)
signalfd(0xffffffffffffffff, 0x0, 0x0)
futex(0x0, 0x5, 0x0, 0x0, &(0x7f0000000100), 0x8ffffff8)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, '\x00'})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0xa8040, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/242)
r5 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROM_GET_MCN(r5, 0x324, 0x0)
ioctl$PPPIOCGFLAGS1(r4, 0x40047452, 0x0)

57.096862025s ago: executing program 5 (id=3250):
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000100)=0xbe, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x24000001, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
eventfd(0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$MAP_CREATE(0x0, &(0x7f0000001000)=ANY=[@ANYRES32=r1, @ANYBLOB='\b\x00'/18, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040), 0x0, 0x0, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xa1, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x3}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe8a, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)

56.624252189s ago: executing program 34 (id=3219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x170c}]]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x0) (fail_nth: 3)

56.11280339s ago: executing program 5 (id=3255):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
accept4$inet6(r4, 0x0, 0x0, 0x800)

56.112313952s ago: executing program 5 (id=3256):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}], 0x1, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

51.764403409s ago: executing program 1 (id=3265):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x356}, &(0x7f00000008c0), &(0x7f0000000500))
read$char_usb(r1, &(0x7f0000000300)=""/114, 0x72)
io_uring_enter(r2, 0x70a, 0x41e3, 0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080), 0x1c)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r5, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r4, @ANYRES32=r6], 0x44}}, 0x0)
getsockopt$inet6_tcp_int(r6, 0x6, 0x5, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
getsockopt$inet6_opts(r3, 0x29, 0x39, &(0x7f0000000140)=""/209, &(0x7f0000000240)=0xd1)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r7 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r7, 0xc0185648, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f905, 0x5, '\x00', @value64=0x4}})
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r3, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000400)=""/247, 0xf7}], 0x1}, 0x3}], 0x1, 0x40010020, 0x0)

50.909181428s ago: executing program 1 (id=3269):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000010a03000000000000000000020000000900010073790300000000000000db5d4bb7bb89d0a1"], 0x20}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="20000000010a03000000000000000000020000000900010073790300000000000000db5d4bb7bb89d0a1"], 0x20}}, 0x0) (async)

50.908791035s ago: executing program 1 (id=3270):
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbdbbbbbbbb8a0a63cdec590806000108000604"], 0x0)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @raw_data="1f68057ee1794954f5b32a4cdabf3193cf18e963244f7928664d45497621d465a797e9f9b69f260d0d1bdce3d25e8541b0a1d71110be3ad503169462aa074b8a3b768b20b9235314e1e6af1316426137245114cba3f7c37ff971b6e4f6fa89ef10ed25e884f6a43e968c47b2920f10e3674d6082ed3dee5c4f673e51d5af5e230062fe02989d553bf51d3750f9b8d2e0bad520d75ca4fbe6f34bb074466279b97d7fd9a7a92581764b771ee842a9918934f1c1e559a314f889acd495c020d95ff93b05de4015dbcc"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendto$inet6(r4, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e21, 0x9, @remote, 0xd}, 0x1c)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902"], 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="c50001000e800000850000000e009f42fa583c82a5bf"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140))

48.599494647s ago: executing program 1 (id=3272):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='5\x00'/20, @ANYRES32=0x0, @ANYBLOB="02000000141000001c00128009000100626f6e64000000000c00028005000e0000000000"], 0x77}, 0x1, 0x0, 0x0, 0x40000}, 0x84) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

48.535848752s ago: executing program 1 (id=3273):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(0xffffffffffffffff, 0x5)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x800)

48.535489843s ago: executing program 1 (id=3274):
syz_usb_connect$cdc_ncm(0x3, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYBLOB="4e0571ce7269b89d0e4c0a60b3147803ec2354cec2bc4303c43aca1d9bb32db59b89d674b645bd331fd8308198b5b16614caf6df2fbf26a7843480eff82db2912a99d6409d39515b791c4e34e2b97d46defe00cbf3e996d831cb79928336eb5ef1868d384da9efd9499e502321a782db333c5ff884d8daba8831edb6bc6fa24cef32b49d0fb4f942ac63cf797c63f56d89554a9712eaded88a1f433dc339a77b08"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x210000, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xb011, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100), &(0x7f0000000140))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0406}]})
close_range(r3, r0, 0x0)

40.06951962s ago: executing program 35 (id=3256):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}], 0x1, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

32.046367057s ago: executing program 36 (id=3274):
syz_usb_connect$cdc_ncm(0x3, 0x72, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYBLOB="4e0571ce7269b89d0e4c0a60b3147803ec2354cec2bc4303c43aca1d9bb32db59b89d674b645bd331fd8308198b5b16614caf6df2fbf26a7843480eff82db2912a99d6409d39515b791c4e34e2b97d46defe00cbf3e996d831cb79928336eb5ef1868d384da9efd9499e502321a782db333c5ff884d8daba8831edb6bc6fa24cef32b49d0fb4f942ac63cf797c63f56d89554a9712eaded88a1f433dc339a77b08"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x210000, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xb011, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100), &(0x7f0000000140))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0406}]})
close_range(r3, r0, 0x0)

4.451750792s ago: executing program 2 (id=3422):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000300))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x3000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"])
ioctl$KVM_RUN(r7, 0xae80, 0x0)
recvmsg(r3, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x12041)
sendmsg$inet(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1)
recvmsg(r3, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)="9f", 0x1}], 0x1}, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
sched_getattr(0x0, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3.399065165s ago: executing program 2 (id=3427):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$SIOCX25SSUBSCRIP(0xffffffffffffffff, 0x89e1, 0x0)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
openat$incfs(0xffffffffffffffff, 0x0, 0x1c780, 0x44)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40010101, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000104fcffff1b810000000000000006000000b3036223b457ea", @ANYRES32=0x0, @ANYBLOB="0315000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r2, @ANYRES16=0x0], 0x3c}, 0x1, 0x0, 0x0, 0x4c011}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x8000000000002)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1000000, 0x1010, 0xffffffffffffffff, 0xa35d1000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000003, 0x31, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="050000b7928d7fe6a848e554690001000100ff7f000002020000010000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r4}, 0x38)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000004440)=""/5)
write$sndseq(0xffffffffffffffff, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5, 0xde}, {0x0, 0x9}, @time=@time={0x401, 0xffffffff}}, {0x10, 0xfd, 0x94, 0x2, @time={0x4, 0x7}, {}, {0xfc, 0x9}, @time=@tick=0x9}, {0x0, 0x0, 0x0, 0x0, @tick=0x22d0, {}, {0x0, 0x6}, @time}], 0x54)

2.896995635s ago: executing program 7 (id=3434):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000840)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {}, {0x1001d, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @local}]}}]}, 0x3c}}, 0x0)

2.84312627s ago: executing program 7 (id=3435):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0) (fail_nth: 3)

2.687673917s ago: executing program 7 (id=3437):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1})
close(r3)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc) (fail_nth: 3)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
setsockopt$inet_msfilter(r4, 0x0, 0x29, 0x0, 0x18)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xdb)
statx(0xffffffffffffff9c, 0x0, 0x3000, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)

2.520677285s ago: executing program 7 (id=3442):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket(0x10, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f00000012c0)=ANY=[@ANYBLOB="7d3dc437d253128c3c02420a525dcf2a495745b4105c928e088535d5841edf18e6d9595be9d5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r2, &(0x7f00000003c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='mm_compaction_end\x00', r0, 0x0, 0x8a53}, 0x18)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
setrlimit(0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000740)=0xe)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000340)=0xff)

2.411154865s ago: executing program 8 (id=3444):
syz_emit_ethernet(0x8a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x28, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/16}}}}}}, 0x0)

2.341151219s ago: executing program 8 (id=3445):
r0 = dup(0xffffffffffffffff)
write$UHID_INPUT(r0, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b303d0e8b089b0732306c090890e0879b0a0a5de70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
pselect6(0x40, &(0x7f0000000000)={0x4, 0x800000, 0x3, 0x1000, 0x800, 0x8, 0x1000, 0xfffffffffffeffff}, &(0x7f0000000040)={0x9, 0x5, 0x1, 0x4, 0x6, 0xea5, 0x7, 0x7fffffff}, &(0x7f0000000080)={0xe, 0x3, 0x4, 0x55, 0xf4e2, 0x6, 0x5, 0x3}, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000140)={&(0x7f0000000100)={[0xc4, 0x401]}, 0x8})

2.339550871s ago: executing program 8 (id=3447):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000000)={0x0, 0x9e, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001714b57900000000000000000800010000000000080003"], 0x20}}, 0x0)

2.17944268s ago: executing program 8 (id=3448):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbd}]})
ioprio_get$pid(0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$CDROMPAUSE(r1, 0x5301)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000003e0007012bbd7000fdffffff017c0000040042800c00018006000600800a00000c00028008001480040005"], 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

2.051059038s ago: executing program 8 (id=3451):
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x28, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/16}}}}}}, 0x0) (fail_nth: 4)

2.050838722s ago: executing program 8 (id=3452):
pipe2(&(0x7f0000000300)={0x0, <r0=>0x0}, 0x80800)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r6 = syz_pidfd_open(r5, 0x0)
wait4(0x0, 0x0, 0x80000000, 0x0)
setns(r6, 0x10000000)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000feffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x3)
ioctl$KVM_SET_CPUID2(r8, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"])
r9 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r9, 0xc1105511, &(0x7f0000000180)={{0xb, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 'syz1\x00', 0x0})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f00000000c0))
r10 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
readv(r10, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000001800)=""/4104, 0x1008}], 0x2)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.774227777s ago: executing program 2 (id=3453):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./control\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x286, 0x0)
ioctl$AUTOFS_IOC_ASKUMOUNT(r3, 0x80049370, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
write$P9_RSTATu(r0, &(0x7f0000000880)=ANY=[@ANYBLOB="930200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000000000001f0020a6b6ba696e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86cec602007dfa673effeb09b5351f5bde05f700"], 0x232)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
renameat2(r4, &(0x7f0000000300)='./mnt\x00', r4, &(0x7f0000000100)='./file0\x00', 0x1)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r0, {0x3ff, 0xfffff8fe}}, './file0\x00'})
bpf$PROG_BIND_MAP(0x23, &(0x7f00000000c0)={r4, r5}, 0xc)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@userxattr}]})
listxattr(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)=""/64, 0x40)
io_setup(0x2, &(0x7f0000002400)=<r7=>0x0)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
ioctl$FS_IOC_RESVSP(r8, 0x402c5828, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0x4})
io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff00", 0x5, 0x0, 0x0, 0x2}])
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff6a0af0fff8ffff1971a400fe00000000b7060000080000002d6400000000000045040300010000001704000001000a00b7040000ff010000720af2fe000000008500000049000000b700000070b2000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d761ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a8321e056acf27c34bed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb93ce1c0983cdcb48477b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e44c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6bc7c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c460880000000000000000000000000000007a4604baa70bda5d5f18f54e9638350a6dd81a55ab5528efd1ef5a564908db7cce99e5c569c2947763b90e03b6d1a53b590e4ff4867f0d86b9af58244866b9df33634c8d85ce1b3bfa3e5bec6989c907c2f46b9a837676e07d87bb7dba3f34694ceb5b9faf10eece00bcfd503ed3f3048782665a848d79e443de4ba97db3a9bde69be7612cb1441c61eadd5bb4494ff2eb189c2ab3a241c12f764c0719650c1b"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000080), 0x60, 0x10, &(0x7f0000000340), 0xfffffffffffffdef, 0x0, 0xffffffffffffffff, 0xfffffffffffffe96}, 0x42)

1.632914987s ago: executing program 2 (id=3460):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = gettid()
rt_sigqueueinfo(r2, 0x21, &(0x7f0000000040))
prlimit64(r2, 0x9, &(0x7f0000000180)={0x6, 0x1}, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xa00, 0x1c2)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e000100000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="5e62c3f6f9de4d9b2ff451c34b44d9d1fea5827370d3e3a6f9d6"], 0x18}], 0x1}, 0x0)
sendfile(r4, r3, 0x0, 0x3a)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f00000003c0), 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r6, 0xc044560f, 0x0)
io_setup(0x8, &(0x7f0000000540)=<r7=>0x0)
io_submit(r7, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000100)={0x24, 0x0, &(0x7f0000000040)=[@release, @acquire_done={0x40106309, 0x2}, @decrefs={0x40046307, 0x3}], 0x1000, 0x0, &(0x7f0000000880)="90e89cf309fd7a69384f5e4ee2d11c4ba8090c93a30bad6bb964c5e601b5382a0ba6846fb6e38af122506e0b9c9aa8ce1a7045a239210e5495a11e231fb9bc820ce31985a78949d0fd9fcf8894bd42962b0e8ec33c189167644a87149b6b1b2d8d7859a18929f6e102f1cfbf9a824ebb4affc91258cfc177def722240a3934555ce18aee473fbb9ac69ac2075f1e8cc649a681b885fc813c1c5b9961de8253e21ccadc448f7d2a9f09a8eef083dba0aa03e4338d668083b5686e86f477aee7e49a79f157278573f047acda5504b465c9906cfd7452e02726021439147edc5f714c67055ea3e0ffb81ac8d7bbcc3355949685896bc61fb73a2aaa36fe4b9dff85655445255b6a05aac3d5713b8625c18c2b80595de3584453c1654c90baf37b9d35ea853f08920475463654929f782013f7f2af466253e44c0c7a20a9c2a173deeddc6df6b4c22bc45f54f0ef199a794b74460f915b1f6632c12b3e46ff6565359288f9214eae36f71d1d90b83f0c3a690de5bbef6fa3746ce4c74929a637129685f3b77fc51001f3d902384db50e870b6bdf67322d90fec800b9fc4d73f6db09b7fb33fb4832e34a516e169a5c90e44b5603d4b80b6c7d862b51f805fdcf42427e52c63ef743fddf86d36a28f1656ef31013f4d85b2112851688b5a47a29e3e5d4a000cb3945270fce9d9756f43f701e57290557bef5cab671d3542c3fe285f15fb21cfab1b6ebc65b28f51ad386d9d262493cb1be6e523b2112ad29a6291fa7d170cc38333dea949926ddcdfe526fff0f585976c49254de9460d58637c79c648b2ae6c045bd40d90a0f9a1c2904673520c45c6655dded68819b6c109ca52b0a33103a198fd6889f821f7921171cb00e3f9e1c9c2cfb1aef5ce203916e7837460f915571d2fa9596bc53d2e6c34e052c06ca95f1a1d3649795f8255806719093ef85640fbb7761fc67d042900bb68d071745be7014d9994894d882b20678be71c3afa45ee2024e7f77fa1193874c8b8c4147641e0db8bbdcd6a8f8756125bbcbd59b013c1716bcd91fd89015c306f02d8c555885c8bb81446a68ff76d848228ce9336d95d4e895d35f5fc3d707df8c88d59340827b356c5434e21d6cc9bb6a744b54a16437315e9ae8fc68b1de0bf3b014cee41f195a63eca9d23b5ba95dc4bc6614b6fc57c34b6ea76c1ca1b98c5c33e91495ace0fdf76a83400de5ba288acd8966eab7d15a88b13ef2d7f2365d32568a8d6d1e71d3294a04ceb0341492b9e5f8c5de252e31716125b175a30a8e8b2e38bfd7b8c4b746a110ddfd9487372df30974c149b3cc98c4eb85e73ff280bd04daff17c02e22a92227a61641f571ec1f9010660d1f4ad1b7652590c1bf40e1cb577e9f1401566f3247c124b7ca99e2107ff9c7292e0fac95de0ff6ae83e93127aa3ccd2ecd16dfbd921c26040b9f10a728c051a1b7ab05d2b381025b06bc937890bdec7902526fc0245865c0a749220adb9cd237c67814f2289f0a0ed237ae7b87402dfd8549b675239da0e2dbc2f1c750149a1e654169318a4128309b1a7c1be56c6b75f2217abc41fc985b843f7ebce5050f4763cbc45293795be16c94faed17c517a8252396a9c4eb1c7d1c560503c757c6a05b5c67c370e19bae878391c93d513ba2b7821005c1fa38ac6aa6f216591f801d75059051b1aafa2699ef6c4eb865db1627a134195f579684e51e8af1151518a697b7c12b42a1c72e5da67f2bbeacad9308393a2d9a69b7ff39f686f15dacf0710f96ed2c8619a7e806d0c6e9db14ea68fd93a6418d0467fd1f147c20ac0f4b89a52e13478dd4ac32bb98a627ede731667b50f49aab353309d3c52e5728351bce7c50d2e7bb35ecec0c32d664523fbbdff08155eb9a20156c348d028417897c44144123d64eb3b264e9cbef7d1da99a62d9e685d49989b70178bda7654f5301405d88f4da1c04d39f3b10c7534f26888b7dcf1ff935b1e6249dd6084642b8294fd984be7fa62d9dfb890f061ad2ac77dffabf481095ac3d450c4b3ff8ddf44e926602f1b871de9cf139c6d9dc2befcb601b6c6f1491bf90b44e24bdf5b4a21dac71af53730c364acde21775157e82338a79c001c6faf3d6dbc1178b78f09dd1dcc4799a5fdf0f0cc18dc425bfb03564b5285638fe0984ae2f2033c4cf5e9c5e9d34955792c775435a7ddd18571fc3cf7aab4f513beda315a2a3a7b7373854f450b04c0859c03bf7f249b59185d6c74a1d25eb8319a8e0edb786ef42555d1969e9ef9c1633fa91ce995565b4adc0e4b74a5bf3ffb5f275b8be04fa73183e6f4b510edfb938569ce4bebe0c3637223bcc0393cd48193282c57ae95d1ba3f0225e4e0391c1479840c0b85c4c5190876fb5af9890fae11d471078be7ad6572f6dcadc2064f0d252bedcd86088662564496a41b4e1bf33b409392130b782bfe23b372e2cdfbf038deca1fc494912d4bbcc4a43d00859185f29b46623e71b3c6d44238ee6e18472a896a25d5f53e0c9ca2c40895fd47f5c5a17bc766780db7fde3153dabab9a7eaa903aa481f8c817c3439b3853f69aeb6ea5ef9297808ce2d6c386966316c7b94ddb5d2734823d276e3e5e7fc89ea7aa2c2773b30e9d0a6ee32c73959b4121709334fc8f4874cd91e6a4782667c95dea437628eeeadd28661bc0c6d5d786e3a8c8a9fa77356aa2161ff6fd5c6a2027a646e89a5b883ec645f6c3e0a495365b4044e1e6ed2adbfc16ee2ab014ecf597c5c68aeadf4465fd0691904b3c9f1bc664995cfabf944aef8f401c9cfa3c3a5398a5c09bf559507edb578668ac7c9a9bbdc3887a97432f80bd2e56ac6b4fd4cd8f5b473113ed3518f548de51b24c88f87ff45fc243d752901eee9e4231d4e2ef2191ee5dbaea89f4bbdbe19bfa68b508cf13af708f63d415c076ea9926e462acd39a939b8f86ddc82361e51e6243592dcbbed342bdb40ee1e4cb09fc2e32733337587b391938ad49cc313b5c1ac76244a59b1ce39c9f50e8f5724977c62afed11218de27fe8274c1b37bac8e5b6fbd428a5197bbc0ccbc62aa6248b8619adc9a92830a0414b1a0ee259b5f3bf8513aa5b3aa0657bef6d14713b27b65c2f34d67e5ce43cd5f4c2f0141e884b95f1eae68c77ed3747035afa0c914dd14e0fbdf07158be4d8daff3b7c636634c1ade837dde8f2741c77d62cc3e10f145691e9512c2ed5efe0292d24d9cfbf443b8ca46bf947135742c6e8b24e117c34295b4b4c270a4465575e3b84c80305bb3c143823f0144d8fbbd3b370fc4b007285a73874b8440fb741839adbf003f42a6d8be4e062d5a264a3601427fb03e026895b72c8eab3be4a19b4fc35c2b8b91d32ea8c4aba5db0b2a11f1e66a9e66ef543e2080f681a5706e44a049d08e6d887771361b57d7ba25382a9e75a9c850716e4e2520aa8a120413a435149af396de8ef2b785285e86dd02138a6fed84c63e9df049708e4c1eb2db9565c01403a302601010424ce0b2acad305d419b0e7e660ab11286c88ac4d97b25f5d5e15cc99dbb2fc67df77dfcf866c0e45a1519c5a63813bde0fde24c19cdfa4b6ac62bab4efb8ebd834916110ccdd1af5193bb7ea7f6918823c21bfc20e26972cd5b8dfb1b770c86701a0c0574f24fba91b14081fa2a5785e9bcca5e4d9850534324c53d1692f0231c4327bcc8a4e94a32b992e5a9085ad60a27fbe2ce37890953d1d33d231e8c5d46b48df03809df1078c54a1470b4f17cd7b7c5c4c1e7d9ba9032285c7faffaca710de7bb9d796481e2a6d8fc171be6b761e89080f3dd31987af8e0e6a2589383b8fc66784630efe52332e7a336a07219eab99ee53a6e959d5f0bb0987b0049666ebbe7feeceba48b744f6b283a7fc2c0fd536d6e942b9658a95cd2c9474cc1ade6ae6ea43f9588f1bb0087815523d4dc90271fad9c3ab1dbf23d6fceb965be26673c3882b294bd6760db025361aa2bc29402a6fb4de2c1939f65b244ca3ce77c6eaf3a093367e5c46ddaeddbcc6986c977e273ca5302a1437258e8a4ce1409db02c74bf1a01516b2208134b68280b08536df3086baca36bb98ceb5862961d3a0959e983057faa6142e35e89780b9d24120b758d346aeec975df9f6a5c831f773bcd9fb9dbf7f2310c955e22f85d9228215f54de230b5b31241e2e51aa3f0d935be8e43b6cb29df73172a36e34f370fc01163384a1ae17fb2414fbe7877654936c49095a9104b607c07fd71a0ecba20ca5def61586d318cee5c02bdf4a0abb5dd17d40d92a6bfc90b0272ad44379571e15871c173b7e4cb9c8bae96650f47db5a04eeaefdafafc421c87703ae6ca9ae2fb4b45bea5e48fa7d7c637f04b371bb6d0e75b453a87e40022eade4184e7b4e6e44f9741385595cbba5c9a38a97fb3004c1f4de6c3014e6fc588b1e8edde1d2ead8e41464bf9a6080794c2c83b2103e33cf4cf03d538b79884f544d5c7cbbe9f663b19bb813c06c7370bc30040e8d3f435b2cbdccc595687e489e7bf0d01fb6e12f8638493510d366358e93f8c176fd3fc63db115871900e6cbd3c88e23fdc6e35cb97111ee54333245eb685a01db9556749e547153f9f2f8788c632e2c68e221ed8a545691e905f1ae305af14fe78592d744abfed2d1b36e9534ffd50f866316c6a7550170d7574403e2584f9cca1929debee908a3a6c9efcf7252cd068160c513a2d4e96c454d232c780f7eaeb5101ceb9cb247d603d36ecde88bba837631b8c07ce4487e3ed6ea5f01762b651029351db39eb3a90d4b17bb2c4af8ae6cd7c12ce1a17aa6e2efd839c759d7f39c0839261167c6f97d02c05c7b9f8e2eddd3d33675483e1f141e18ed01981799643758a69dbbce20f885d94e5d97fc6d9557b625cff610ce67d8dad631424905d9fab8a97b77d85e4bc3f3e86945157971fb341ef7c36cdfbed499b5805af2f0f69e5c82f4eac80c946961682e82e813d41cb50ecc729a1f3f914ff16e322b5f24dc9efbe92713d6b4facf47905fe0cb716a9b872527dbb486e4f5517a4ea2c5e9bb22a5095e202b4f4b6f6e3ac5a787ac8b2a8d170803ea22590b3e8deaca3250b82555a94ce534ccc155219e19fc39cf806d0c4cf51f7962f130708add2b663953498dce0e8b08484ad85c0d45aec1d7f282a6de26569774aad7c651925a4089c7dcb0dbde512a6a03b74f3c75c580a2ccbced81fcc50ff3fa7e24db805200e94ae248eac8f0bc5f174dc6d21ae793e7d27c521ab040287db42aa2f2e82ff79e9918ab033b2724b5643165f4bf202bd7c3d39dbde03772bfcc3c3f15edf826b7a5ca810e3417f7594623ee03ddd7addaec020e1dadfd897808da1d98329175521778e1cb99382f87bddaed6d5f024b16050c2433325d24a91b2f5eda892156c8b130d8383baff4b46db0c81a0972a08ccd17db161b4c755e82905ad694c7831c03ffc9e1885cfddc1ad297a1bc17321471a6afaaffddce3abd70857c8f68e4be6157b2b74bc8f12dd186646f60edb2ca5019f1e2cf7e635f8c4ebbb45de179da00d04190e6cafd6164794a191f99dca04edb7f85c44b96778e30305fbb247b90bfb859a0c9d2c9e262c766b09504c832a20b5e2d33472f9349774e3cfd7ff7bd1def2ff0ce5a4e73956f57edea969ccf5fc5fa4c7ee10a138d9ef8bfccb3bc3311eae40484d9b4748028b8dfa31cd5f98adb40c94c532c16713325861a763be432939fc9eccdf60e525637b595a026cc093c48d8dc68a00862940b30b765dc46cfae879c0b90a9e79c0399a3ef039351fdcf279ca41b6dc84e2331230cf9"})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r8)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0e673f264f9e328b965cd07654ba2bf3e2", @ANYRES16=r9, @ANYBLOB="110c2dbd7000fedbdf256800000008000300", @ANYRES32=r10, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
syz_usbip_server_init(0x3)
statx(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x800, 0x100, &(0x7f0000000700))
mount$tmpfs(0x0, 0x0, 0x0, 0x400, 0x0)

1.499813749s ago: executing program 7 (id=3462):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$kcm(0x10, 0x2, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
sched_getattr(r6, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r7, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r7, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001714b57900000000000000000800010000000000080003"], 0x20}}, 0x0)

1.304171751s ago: executing program 6 (id=3465):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x11e, 0x2a, 0x0, &(0x7f0000000000))

1.1532318s ago: executing program 6 (id=3466):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r1 = dup(r0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)
ppoll(&(0x7f00000001c0)=[{r1}], 0x1, &(0x7f0000000200)={0x0, 0x989680}, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r1, 0x1e, &(0x7f0000000000), 0x1) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3, 0x800}) (async, rerun: 32)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b30, &(0x7f0000000000)={'wlan1\x00'}) (async, rerun: 64)
r3 = socket(0x10, 0x803, 0x0) (rerun: 64)
r4 = socket(0x200000100000011, 0x3, 0x0)
r5 = accept4$alg(r3, 0x0, 0x0, 0x80000)
ioctl$BTRFS_IOC_SPACE_INFO(r5, 0xc0109414, &(0x7f0000000e00)={0x6f9, 0x1, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @mcast2}, @IFA_RT_PRIORITY={0x8, 0x9, 0xef}]}, 0x34}}, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@deltaction={0x18, 0x31, 0x2f07bfd930a03859, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x4}]}, 0x18}}, 0x0) (async)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000100))

1.068748156s ago: executing program 6 (id=3467):
r0 = socket(0x1d, 0x2, 0x6)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, 0xff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'netpci0\x00', 0x0}) (fail_nth: 4)

940.292197ms ago: executing program 6 (id=3468):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
mkdir(&(0x7f0000000100)='./file1\x00', 0xbd)
r3 = socket$packet(0x11, 0x3, 0x300)
close(r3)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x6, 0x0, 0x6, 0x691}, 0x10)
sendto$inet6(r5, &(0x7f0000000200)='x', 0x1, 0x4000000, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000006c0)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000640), 0x8)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)={0x54, 0x0, 0x8, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x3}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x3}, @ETHTOOL_A_COALESCE_TX_USECS_HIGH={0xffffffffffffffdd, 0x15, 0x8001}, @ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x3}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x0, 0x7, 0x7fffffff}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x5}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_HIGH={0x0, 0x14, 0x6}, @ETHTOOL_A_COALESCE_RX_USECS_IRQ={0x0, 0x4, 0x4}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x0, 0xf, 0x3}]}, 0x54}}, 0x4)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0408050c"], 0x7)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r6, 0x100, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000092}, 0x4001)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x2c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}, @NL80211_ATTR_4ADDR={0x5}]}, 0x2c}}, 0x0)

940.094708ms ago: executing program 6 (id=3469):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r0, &(0x7f0000000040)={0x1f, @any, 0x1}, 0xa)
getpeername(r0, 0x0, &(0x7f0000000000))
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f00000000c0)=0x6, 0x4)

641.258183ms ago: executing program 2 (id=3470):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/anycast6\x00')
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000000)=""/72, 0x48}], 0x1, 0x38, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10) (async)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r0, 0x1)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb) (async)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000200)=0x40)

640.928098ms ago: executing program 2 (id=3471):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket(0x10, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f00000012c0)=ANY=[@ANYBLOB="7d3dc437d253128c3c02420a525dcf2a495745b4105c928e088535d5841edf18e6d9595be9d5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r2, &(0x7f00000003c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='mm_compaction_end\x00', r0, 0x0, 0x8a53}, 0x18)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
setrlimit(0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000740)=0xe)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000340)=0xff)

469.391643ms ago: executing program 7 (id=3472):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)="99e117f769066baed53897c397e8e9c151570f1187b2f49f5f53480acde061ac884ce211eb5362b94a236016cb26a33412", 0x31}, {&(0x7f0000000280)="2e2493ddfbf7d519f53eb4a0b9dc7b2afa28d5041035b4f8b45a539de352f2582bda87dbfa7673bdbe16cb618b439b9d8c1ca369ad646d6fef9181dff81d02", 0x3f}], 0x2, &(0x7f0000000680)=[@cred={{0x18}}], 0x18, 0x24040000}}, {{&(0x7f00000006c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000740)="d6b4f2553b343079b5e055acdeff9749fbf009a682ab854a16caaecbc7524ade09b8acc86706f3f268ab82cf429d322805a240b37ec31004526142aa124b861a482e6ef9276c481801c421adc3cf37ddada9d47b0cbb3e783fdd3aef2b195694e1f77adef0d433cf", 0x68}, {&(0x7f00000007c0)="da7ebdce0e81580711a94686e127dfd51eec52d4321b1859a8f9f18beefb5bc3a298ca73d3c5306e9507b79a3b9b69f58f6663ba4898f67788a339d2d4147173d6268da9fe0c3e1fc1186b8d376286504d369d008e8b682e0a7035d3af97949d24277aef07329039afac744ae0849c2c72", 0x71}, {&(0x7f0000000880)="4012f8219f3dc17d54ab7cf53bb8ae25d06e4ce6be0f38b7f906f704e9e9302044c135b3118842539d4c30edc92cae203046dd13df0e05f1fd93511b9b699a7882766862d18de81d5e9fe21c87c145244a1f18b2fcffd72091eff895b1a0be5a0c25bd38981eaf68392c611195c86303463a72a03d8f3241c01b6f472b2cca9125617464173d4e6b6d287991f44089023df380660e9abe15102e810ee9fd8f29b0127753602d72b77a09f6cc88f2be820854af", 0xb3}, {&(0x7f0000000940)="db4d40526bd4294abf133219787863e71946c3e74b077abac67392bc578e53c9dc06e62267b2054a2087fa031438b7571f2ef03f017a485f72059fc11c26beca887093ea87f64f0202cb01a903f76dc23fac6cc838c9ff25489d61a580681131bea07671ada03b6ca50190b4c022318caaa6621befd3be3fc61d174583f6b9e1e61d1ec4867374dec0b0f3993b3396a8fa6b3f94d091d9a090069993bfcbe7cc0c365994872bbb94d4b94b193cd1ae42901d5c9f29b26329b82b15d3a10ef302aa0427bc42525fd03139b7388faed56e08e72116c84d47c375c6812f07f70f9d88", 0xe1}, {&(0x7f0000000a40)="f340e33f1e92bae9bce86d018c26c193fdc4ab1b2695cbf0c5f616", 0x1b}, {&(0x7f0000000bc0)="19bdb309170e0d06b1764dd78988fadc1161002ea460286dbd07948534a1605824fed67720d04ea76b0c9a476286995d0c58fce56fd358a2df0214bd7e3e38470dc55eedcd1c918e1ef86a16184ab883cc568c1fc1c3d5c7fb6f3f0baf07fddb1561579f2db96ee093d92d24a1e306d312e947d32ee56bb13faf76d88dbfc40d2cb3692670bfce5285464ff42b8c907eb2bbe9aeee64e5f3402d48e8a8e0897f076b07da370d54d11892b55e09", 0xad}, {&(0x7f0000000cc0)="ec4a87b2973556475157aa0c7e0ef06180954b6ebcda60067a723164b7e13bf73cea91d984f8bbe60417377b01296369b1d29bb8e744221d16ba29ae646a7632ba88295e14c5da6bf17ace49d17b11534023168b66bbc9baf880a82b5a6ff24dce326bacc3820ccd809d8fcbb8aad28b9beb73a9e2219caa8b8d67e6e3fefd08b4565575ebf1f5b2510492e6e08b9e9ae2cd15aaf8f397f8d6382bb66a80d708e174e8a2f3c94ec1c26169d159f42d009dea6780ee7eeaecf5799b4d1e4f6c65b553e82d30adedb44d2e2eb185e2c56d14a26d0ebeb4fd236839b239b0f02fe79c4425b6aae88df54740350600", 0xed}], 0x7, 0x0, 0x0, 0x40}}, {{0x0, 0x0, &(0x7f0000000dc0), 0x0, &(0x7f0000000e00)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x48, 0x4004000}}, {{&(0x7f0000000e80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001340), 0x0, 0x0, 0x0, 0x40000}}], 0x4, 0x0)
sendmmsg$unix(r1, &(0x7f00000057c0)=[{{&(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000440)="9bb6aaebea93da3d40dad457bbb5661996ec4d7ac9c550201e50025cb8d8f94d3e65f90a3c8e0d8829a7d74a25d6cc1fdc5b6e0ad457cf57144aa95ac1a701bcf927e7da5143018bc18d5b02fb15e8ea5934643a7775735031023f5f240dda77d4428598327b8dbcb4c30bae8ccb6707c24d774f7974995a5690f511d3d4ff5e7d24c5280d473bf291fcfb65f5fea41e81913f83159460f0de4c5edf328c0c8e59d69be48742f4", 0xa7}, {&(0x7f0000000500)="5412ee66e283c08610aa130f1c4351de30972e571bb907955a87e07aefe260cf0f3922e5e0bc62e500d3dd3fccefb522b7abebd56ff8d4221b2da9c37f63a0a0cd6d75bcf18c3d333e825216322849149b1186eeacd27504089d41081fc637f01331e255127e123aea6720519d3f991e445095295f251563316e748077b1639bbe4227b94b12edef077bded3dd", 0x8d}, {&(0x7f0000000280)="5c1c220153d3d37265ad6c4ed1a2", 0xe}, {&(0x7f00000005c0)="0d5bfb48d8d5c4ef53f9584f950beb6daf69cf10704b0da6bc5da680e80207ebaa1e6721bcb244e4dc355a8c9fbb40d7f808cc915c67fc3a40b4a24efc4720f7a9f08c4c7e12701fce3fd78f0c3199ce6492877e2ab6a9d1e1bc8b3e030b414d181565f0d1ce6cb8217ca8c55a0c3db3a0f02fa0", 0x74}], 0x4, &(0x7f0000000800)=[@rights={{0x18, 0x1, 0x1, [r1, r1, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}], 0x48, 0x10}}, {{&(0x7f0000000880)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000900)="6276b2310a1bd8a02bbfbb202274f22d4abb9846d7ebed09ddd7d5eb8e1f05de3445a710df22b70a13872a93970718031888b645023b94549190c5d3bc65bf2dd019a9b08afb738a613513106eaffaa6d7ad72e06d8d54712c0aee4281375a8bcaf32d6f7881c78dbbf0316cd689bb997a1c0eeb0fc83c6f5482c44ece43c264da27270314cf7180d5dde7cd4bd934423975b1eecbf95bca02ab8e428fa689272f3deb242c826c6d47f11d18cfbbcd", 0xaf}, {&(0x7f0000000a00)="4a70fc936e146cc2e9c79cf02d3eefea534603ce35da8effbd136fd39721431b508bdea178d38acbeb674a48c2ef8be7ff6df43e2d582e61be85160a41342dae", 0x40}], 0x2, &(0x7f0000000c00)=[@cred={{0x18}}], 0x18, 0x10}}, {{&(0x7f0000000c40)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001000)=[{&(0x7f0000000cc0)="bfcb230e17380f7ea3c39ca388c02471b4b3b1bdd7b552f7a0d78e08083fa05b8118d5601fc1b0d5a9eba40ce8bfb3746becee67f523c4743529c9082e7b868dea6b92f25b1f5d5852072b1c63aac8957b772a4565b174263a37a93fd668ed97dec4b38e307a91c550658c8cc2a22f1907579ebcaf14b2a1fd7c39260d035d9f07b725483b039dff51c9807f", 0x8c}, {&(0x7f0000000d80)="4a8a3d2d865e68c7afd045dfe8762afedb0fc03289ba7cf030da4606aa211d7f1ec951bbacc0f516ae09e1f16e8b79c398fb27c4779f6408b15c2eddffb2eda9ef0bb6bb39991f1cb86bd31abd9c27efabedfc0adcf23ac2593dd214f27aa861ac7bdfae13f41b7ad9c7e97cdadfa16741b7cd9ed534fcffd158e97b14dfd1b1d13ed8ad0f3f8ce5b389b179e28b932dbed71f6a8ff3e368decefeeb8e72d536800be48e8892", 0xa6}, {&(0x7f0000000e40)="75d4aa5f2c0a33a5a1b5a786adcd0eb17d12009ef3bd9a8c6b1eb13a023b421462668e55b0fab1e0999400e08b68ed087bcbc76f1293ceacc4aede5d3fbb750450b29aff0f000000000000119d1ca106132a8628688f3ab72bd2ab53b7b384648d0cbab1ebb29a61e3055a3b726e31041e25c8a336446ec13feae7598dcf4b62b1b024ed776df7b3", 0x88}, {&(0x7f0000000f00)="6c9a8cef72790b8c80b01b1f4dc02b64b09bcbe7741fa41ffa1782a87719f3f705aa95b28acdd895038439181de9dce75d22f508f733ccd2d106e97cf8cdbffbff9fd2bdf2ac52b4674129ea2a3042b59d43293b2c2a874b399af6dbf2056c86cea4b2979a4e8a6509d850953f21add910099baf1acd4ea28b95d4b710f5fa8e9ccbb6b347435518925826a3fbfc0c539007dbd89dc22b2abb465a495a578e2dc87212b9e5d8ff0a1715d46c66934a51d796dd5f8ddf0ad3d0afb3ef50c49a0ffd1fef911eef", 0xc6}], 0x4, &(0x7f0000001040), 0x0, 0xc0}}, {{&(0x7f0000001080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004400)=[{&(0x7f0000001100)="3bc8649f0b24dc4c85f37817d41e959cc73d3ce68fa786fe0b00be75814c2eeceeb2319a830eba2605e673a0b338cb383e9f23fc0bbecc33b54679566e714483d0acc10c2d831527dd1b66a2d91326e33e3a77f4ef8608454a896bbcf4b581c7d49ec040e005c2e551f5ba", 0x6b}, {&(0x7f00000041c0)="db975b0786fd2644e5e7a9c1a51feec16b036e69470130c8fc823c2b8acc4bcbf4edede2411c34f68133f0a30e82b8468f7b30bf30f733c0685ac89ae1878c06ad31873d400a8df72c8733", 0x4b}, {&(0x7f0000004240)="5458c5429651e196aa43924485feda45baffbc2e8cca9846a6e533fa355323a126fc7806f39a54eb8d91f54773bd34f3c843130de9307b25723f7b8743d4f7c643b4296f3efa0ed9180d94e1aad9eed628d9ee103703377733dad0a0fa6450b7d34923e64f61dcd918e1d046", 0x6c}, {&(0x7f00000042c0)="5b922353411675da9a2abec5e6f9b0392b", 0x11}, {&(0x7f0000004300)="5944f9510eaea620b0381082ecc49f7563a9994ff7509b445412c475f3712575d7946228ee61e639694711f60648e428fad2611e715b00538310b6a55620e9c0fa3b7b029e80cfbcfedba1c74fb5a14c38dc046dcc3b48e5e55f2388adc153c328babfb34705b0ef4ff2eca3ad5575383ccde52771211eea999d7d3824b1c733d7b8d276da0069ea31f3b9d3431fecf214cdfc5bbae64083b4f15f0fe3", 0x9d}, {&(0x7f00000043c0)="897c2e562e1b5df628f5c3f0ee58da44bb5c0b2dad12318df253", 0x1a}], 0x6, 0x0, 0x0, 0x20000180}}, {{&(0x7f0000004440)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000004500)=[{&(0x7f00000044c0)="0bd3e72a222b953b0a616fa7646713db0de43b29be9ee6f4220c", 0x1a}], 0x1, 0x0, 0x0, 0x8000}}, {{&(0x7f0000004540)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000005700)=[{&(0x7f00000045c0)="6e17adc2f7bcf9bd83d06fd2590ab12b0e", 0x11}, {&(0x7f0000004600)="2de8ca488adc491207c23c14d149b795e7e445690687775377d016ad04fca27f162758698456598fec21fe9a5e770d5c4c02714555f735c0f9241ce59d109a4f5070c301c6c562c0e737016231b3a3cd0ef639d85ea89863d63d0dda8e260777e3033c8f57d23b708c5f8edf3ed09d1fe65094f399d9c1048bf0617e14fd8b82e2c3bfe07b2b5aaed556076bbd4b8a259d90e7cc0346a834e756747b8c03606d7a8b558d354eda417cd26813781d79b9ac43cdd8b5ddf1c29e3f315350debd6840c9f92707416b8470b6f499b35179cc5d1d60e85eab886c1f6b5bae2ff971cd1f0611a32815d48ad02fe3b4996e9cbe06cf27bc9b84fb616acf4d0420472fbb57d867d3ac5af848c06941b463856c36eccde32e9842b09335ed119ef1aa6199662dc1567b61199ba6b8e78b889f276145fc2009a3afaa902c4566f7eb6d26b47cfd3b81c741bcd4365ccdb53595613694a5828877b9378835bfcc648a20148907773e4ace64f07c8bd1106ff9008208ca6614f234aef22430879a09e1dc516cdbe52c36bae88e6250c4cc65ebe138d468c822e26928edae72fe11c71f05513b14ec83d36fb09b1e6d23245aa2fe247f581329d3c65affa174548a3b8a531ee2a3de3786acf8fddeb5b30d2dae0ac5fdebf5ba5936ea23d59efa3223f0e16dd7c3861223d94c0363b0dbc767dbdc0ba25a115ad7f164e4756ca668f7a05aef5858d9e59859065df8fb6c3d961644f5b42f80056384310f80b08f844c874aaf8e618108ed9008ea14fb49c81f822cd320374d21e462c11e3b952ad730b6072a6e452ea0ddc14fef0ba03557d40e99301d7076bbbf52361315dfe787dcee90b08e1e5eed0d64c1cb3e4b72d39dad42b6fc6e4de144d146b7674ca17e156c9c80982f23d098488d3ddf462f22f981ef399e6f4d2a812defa988876da96975863189452ccae9a8cce9d5e67461427bc2d35f314dc4e27c0813725c7bfeb381aa76088294a281a501cb8c010333c90c2772043338d1d0606dfc89ce1631222b3a8da7c0abd536859199f82ca666f06e7b060b67ab52156a8280ebba2556536a3c4a862eb09e8f26cba66048d5bae1151a139b9b25b29b764ac9fb382dbf8d75d4ac367d29a70ca5efb58037a529389e01170dacc16a67991874098056f7f818f4f9f32649f14af9374cef6b78df709f53c5303e6cea3c61bcb15adaed3a771c3e5488f6d74967194a7fd47f219ceb615ac79d5b018d86501554012b5c11c4480fdb1c2930a45ca6eae15e20342d06b494fdc6954f2c7347f31e6924ad270e66a8a3b69baacef2c2eac4dfe45523defed6bcc52ec7b441a2df541f95b2d8eb62904cdbd76f9893466c849e436ceaf8b303b2406e9786d72f9825fb149b0d15a65d944eea5f6e8bb8efd04c4d9a7b1c03640ff670e38e3f5f733f0bf73d6d85f6c0b61bf7eb7fc2c605a1ee0fde7ff8528fbba299578364ea256d1ab5d310443433fdb779d2ac5e9374287fae455a6e983ad1982b3883def7c8c4547a69c8191a0cd8db94bee543b39c7c25e547bdd2d4249754048021e2aedeadb895d3707fca8eab1d0a23054343beb5acc6188351bb12f38408fc3bcd9928cb3063046d243611e9281e64ef1d8e3a2a4f4bf37c93f11c2f136a4b14061ec4267689f765e40ddf0242f4362ceec337febe9f7b8236a797c5142c56692128d5ffa3c76c31116faf64db241bd519036e1d9f92684f852e188cbb28b9b469dafed4d140c1815794349ce1643f2fcf656c786c2b36948e04dffb039b14e09c7a617757b9f604f1a234ed54223acc360b49492580587fe948c91fe868bccdfbcad978fd690d9100a3c8983e373cd92965b6b16e1ee89c1d6ca73830f04ba30dcb8ffdf796e06786a925e29243016f086f90c1f0fae05a379421174086e6d44fc53488364a3b9b280e1eaac504a31047ae543ff68d4fb5859ade2a4743bcbf7b8e0cbaedda85a6f825684871adb009e1bc4fa803d58c3d0c254d1f95ea88cb88360344aaa542eb9588eb0f555c5c950e3e6bb491ef68680437d30f40aede728eaa7591d9acd9f29e74fc1fbcec75be836ba8a97fc46357936c364cc0ddb2a2252e577048fca32d98950a35b6ebcc155a54bb5df5056ec835eb91fa313190b377c384d69c195244fb36a89597ae6a07a3863f415baddcd502c75ffa1b1cd77c6f156068ded75844e17994a4f758015014684f78bc6954054504550907d5be1408c28bb2c50a2bfe437b00f523905fd65bfc9cdc4a9112fc6beab81c5276d140cf7caf9cb92e676650f74b3c0f2c06a99a5567229715ca34edb8cac1441d8707fb6c1c6ff4c99e94e9b99796a31aef1a52efb78c693235f43e33f60073aa308f00aa81a3236d9da65719fe29b354cfcc7f25b32829f16315c0b91f3f13d67e3f44ecec234a6560e83393e3f11964b422b54d602257f2302aaeb0688027b8274257ac37d80d8432878ea5565f6b25ccd0306058a6bb3c79371eb4c51da00100d3341f7a32e7ec6a52d515eed4ef675e7f76aec14376189b88ec92fcbcc1ee188b2f7886e208c8deee45b22b3b1f37f1f07fdd3200fa4727de72fa0550cdb00c6a2a133c20b97deaab9a7aa0376d46048d7a753af8ddfc9eb903237704903771fb51bc74f4964195039f9fd70d3e8c43074c18c5d51c11ad51ae191633a5ccf9017474ce648ba5a6cbd7b65008f881f6b16db11e8a8edc66bc0091f2c886efbdfde6e1edae22499abb9d64158944751a39ff916b729d04c7d43a78303eaf9a281f92b4ade972658c8b24df64e543b6e6c5ed992be2b1991ae68211bd2b34d5232fb0c2084dfcdd98285017f9d92dd8c109fea6553aad9ac13eacdbc4ec49f4f1540734a4024cfe280ebf09c31a7afc970e129fd30b2250556f89a8242f83cddaec2aeb409bef500b3afde8b1b8a936ac9cf7d72105a66b1f725b7cffec18d1d9171ed64e7bfc9d74bf747c2fbb3b99c666bfe6713226284520962b75d168fef97b51ff4cd71130409af0abb80eb3fa3f148290fdcfa1731698caff9af2291509b21dac80a4ac75558fca43be0e8ba61c0e6ac3ed8acddfabeccf2cbf57ddb696ff73f963e495b9dba93701861559e5c519f982be373f344605a5568067ff15b5e9b5ae2e24a0056a18cb85b5406ab643c275f9d645fe3d997a44eea0a802cbbee1320a081fac502e03a01aa8604624ef761f684f718031d2d75c47186d845e68c2b3804979a74a401857aa04784019c07079ba5ccef3af13e8c8df49d7f1f83bdbfafec31d70833888026d993e9337f0903a8a0e988d1f7bbaeb6668d970d07904482faf2f8ad9f2ae17b1db6a11e5a10a77767d09b875d59374399acfbd3c6dfb853919581f917a1b3585006439c67d702a1242c2efacb92c2cec687afccb866e8d0873069780625b4af63aba2a1b06889050ad7bebd454c889d0938bbf98114721a6e3a607b88b45666f642d9ee2441074aef141e03373deccaf05164dcae117d66d765478d538e5a57d63bff4431d02027b844b364d561831e2b95b0c64b8b736435d62eaa508703094f6992af97c2c92509596fc120c2e9492e22e4f0421d5580c1671bb1aed6f3c71d05ce29e9767531ff2e77d6f1f7b9188e9b4126839522427a4cf33803a37c82cc48c8ed7bd297426e175b78a69bb9abf98ce13b766a15342d70a762648cbd1e44096b232da77aa9e695dc94b179f89db9e255e023aa83e1b79c907e084949d385314cc544a7f9b59453ca8740004c45ab4833214b3a75c6aae3112fae7b615dda511b1a9687d46af0e1a71b7f2bdd74ae2538b0332245fdecca9196094c845b98ccf2485fed12d92d90acf4dd82271db41cc2b975d950fc085037121cd638985beb8118cdf63a8d43d17c78f6d02e43f708cd5fdf53baf831f31c08cdd205cf0f144022872227b23cd2b429692d79df0ecd44fc0f8f026f6352a50d7bc432f1ba83b14151d1b58164455a6011f92c6bcd9d07297884d16814392ece787eb0047c9546b552bae4cfb6ca30cccfb7e2668d5c7584db9f0337d468dc5e58e09d54220def2032d8609a2b4573b48fda412e951c4f51af48df8f41711a809646f4a8e53de3f1f73b3639be96d781bc94c74e60f450d072f457d5e76b6bfe1fc03715d9848ba22a4ee316a033b518eb4d21c7eb716e22aadb0acf6de98f36365096fb3b4f3382d0da99bdce8841feef30801df89490b9180840a47ebf89b49690da771407b93a90788a8518375b02a4efa50f100ba8497fb6c6c1bdad5982aeab8f91ef99aa8db85868b5cfe0b05155466f1f07bb0dd137094c95fcad5e3cedbf847011d8ab694d06d9f1837165ec3b588f23532f606f52df389ce6bbc2bdfe6c410297bcd13909a8ac89acd7ae04300b9cdbaa2d5b8230d62f1aa5e5749143d2b131c01ffc0d57a4b41c814429fd114239cb87170e214d986931f146f7129b83916e34633638c8148aceadb9481c784f6f833436647787298db076a1cedb352917838739d1ccb30a46c5ed42e41289c96c20a2cacff21c4f730097479629a5986b65d156948bca2584f1653a7e40b03efe50dd813f672d64cc414a5ef65a382914055f4559d56111bde5083936c9c4e2d675bf4728f465064f35783966f97e163d7f503b164ec15411c7a354b8d8ae7c202db72859eda00e4645805176b9add9a207dbfa035dce49d27a2699922bbf04dd489ce48211429e02e241ba9372b273f0eb0ed4483e659d5c8c6e6334c99e1cb0480b651ca09cb490de7cb8d06bd645ca9bfffa4fe2b458885bed5a1eddbecda1c00f151bfb9c5a04276f2641a5b15443e45f48586ff2f329cd775ba7191bb7ef6efb3b9cbebda98caf07cc87b08b3853dc287aebb7226be9347aa77e9e83278fa4d00cbebd5bb6421b2eb9913cf3272d9e3e81faf2da7cd9ae560b0c15f3e6c7007210a833d499a4c6728fbb1487a4d7e39ec1832692639e7ae811e0a2ef0f778509a015dcd9c8e7a54064374689fc08b00a3af95343482cef692d5242469fee18f0be5dc119dc138fa1328aff3945775b7cfaab2ab839bc14cdd25055fa3de7aaac7cb32b660efe5129a05e38bc998bf150462f2299cd232b199cbd3862677310e6b72db7e53c5f0a29c7f5d3652dbeafe1a5e2c508f57a50bf3d1a25b24554c256fdcb86fbf0ee75093b86fc9d334dc398aa7e5902664b87a8d5027d0e40879713bfb7bb3f3b9000794a0995755cca872bcc7496575a233976a5c0b7bc1813fe09840d1c9d41868f29ef48c26144695fc4dc1a06521fc2c35f58b6a28f3ce2b4a53ca3389b33aedae55d2d97a99544fb73b84970585f68428fba9c3363f7381c29f3390a401014051cb6fd15dc06830ebeeb7cd8e7108ed4e82476b11ff62cab7aca3d05a2b658b436ff56f7eab1f5bf6f854a17e69ecd78ba2f733b3e27a654ecac51d88f748b0663c42c988f0e4336eff652243d23e3f68a606a132b931f4b48793a9428d8f29b6470962b5e9fe6d34c0d05ef0c06f4026ee290945f954b65c83b9392c35f4b0ab225e6b80f544d30cc5a4b89d0ce7b051eab6746016a8bdab82acbb0f705489d423c57c4f10f3b967b5bfe1d588bb7fe73be03a7b23594c5ec387d015ae828afe2571196fd86b403e85966b17525ad73e938bcf79013046874d0c7a660564731f9910e7806c32131fd0d9ca63bb50126268c66395f88f430270066f719e50e601f177b176bc7d3508705ba6b7639549ebc9b55803d6bab630b7d98c88f293bad9e796179e84d845b3d65cd1", 0x1000}, {&(0x7f0000005600)="4becf43054aeea1c277d017c91eb19b653ff875340ae0061b45166fc2e44c1def732844771b97f6834ce705d32bed24c9345ab1b6f41f2443198631dc7dec55c85bc8b6c2eccb3cb8d791a9ce1fcb2f869534e9e1d9e9c6f0c85073664bcc8f6418dd028bd0f5e70ee9ad8f85b198df2fa4b56ce423ef8d5bdc10d74d658e2a206239ff74ba2c6410124d9913d359a795e1c6698178c560d5867bdf0d8606d538d7dd0c8cd3dc42590af1a3e052b2539ab6bf60354a2adde6ad02e339ca1cbbede0070c1e0", 0xc5}], 0x3, &(0x7f0000005780)=[@cred={{0x18, 0x1, 0x2, {0x0, 0xee00}}}], 0x18, 0x20000004}}], 0x6, 0x20000081)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
r2 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xff, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x0, 0x3}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r2, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
socket(0x28, 0x800, 0x8000000)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1810000000000000000007f10000810000000400", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb1, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$l2tp6(0xa, 0x2, 0x73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_FLAGS={0x8}]}, 0x1c}}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

0s ago: executing program 6 (id=3473):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000080)={0x0, 0x1}, 0xf4240}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x15)
writev(r4, 0x0, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x1, &(0x7f0000000180)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@empty]}]}}}], 0x14}, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f00000004c0)={0x16, 0x2, 0x0, "dd3e1ddbc8e90cb57346e6c94dfa5bf04abc3e8fc2976136531a27a41db375d7"})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
bind$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)

kernel console output (not intermixed with test programs):

lab+0xc2/0x120
[  796.519822][T18228]  __kmalloc_noprof+0xd2/0x510
[  796.519836][T18228]  ? d_absolute_path+0x136/0x1a0
[  796.519854][T18228]  tomoyo_encode2+0x100/0x3e0
[  796.519871][T18228]  tomoyo_encode+0x29/0x50
[  796.519888][T18228]  tomoyo_realpath_from_path+0x18f/0x6e0
[  796.519909][T18228]  tomoyo_path_number_perm+0x245/0x580
[  796.519921][T18228]  ? tomoyo_path_number_perm+0x237/0x580
[  796.519934][T18228]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  796.519961][T18228]  ? find_held_lock+0x2b/0x80
[  796.519973][T18228]  ? hook_file_ioctl_common+0x145/0x410
[  796.519989][T18228]  ? __fget_files+0x20e/0x3c0
[  796.520004][T18228]  security_file_ioctl_compat+0x9b/0x240
[  796.520022][T18228]  __ia32_compat_sys_ioctl+0xc3/0x370
[  796.520043][T18228]  __do_fast_syscall_32+0x7c/0x3a0
[  796.520058][T18228]  do_fast_syscall_32+0x32/0x80
[  796.520071][T18228]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  796.520086][T18228] RIP: 0023:0xf709e579
[  796.520095][T18228] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  796.520107][T18228] RSP: 002b:00000000f548e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  796.520118][T18228] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004601
[  796.520125][T18228] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000
[  796.520132][T18228] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  796.520138][T18228] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  796.520144][T18228] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  796.520158][T18228]  </TASK>
[  796.520171][T18228] ERROR: Out of memory at tomoyo_realpath_from_path.
[  797.533076][T18234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3222'.
[  797.536329][T18234] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3222'.
[  797.539713][T18234] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3222'.
[  797.542823][T18234] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3222'.
[  797.545796][T18234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3222'.
[  797.756438][T18236] cgroup: No subsys list or none specified
[  797.912314][ T6190] usb 7-1: USB disconnect, device number 61
[  797.920476][ T6190] usblp0: removed
[  798.744071][T15433] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  798.817839][ T2109] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[  798.903155][T15433] usb 6-1: Using ep0 maxpacket: 16
[  798.906160][T15433] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  798.909316][T15433] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  798.912443][T15433] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  798.916804][T15433] usb 6-1: config 1 interface 0 has no altsetting 0
[  798.920642][T15433] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  798.923530][T15433] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  798.926260][T15433] usb 6-1: Product: syz
[  798.927625][T15433] usb 6-1: Manufacturer: syz
[  798.929127][T15433] usb 6-1: SerialNumber: syz
[  798.978011][ T2109] usb 7-1: Using ep0 maxpacket: 16
[  798.981191][ T2109] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  798.984397][ T2109] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  798.987785][ T2109] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  798.992025][ T2109] usb 7-1: config 1 interface 0 has no altsetting 0
[  798.996123][ T2109] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  798.999027][ T2109] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  799.001972][ T2109] usb 7-1: Product: syz
[  799.003378][ T2109] usb 7-1: Manufacturer: syz
[  799.004917][ T2109] usb 7-1: SerialNumber: syz
[  799.151561][T15433] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 52 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  799.161190][T14580] EXT4-fs error: 5 callbacks suppressed
[  799.161202][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.166671][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.170382][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.256274][ T2109] usblp 7-1:1.0: usblp1: USB Unidirectional printer dev 62 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  799.264869][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.268859][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.272600][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  799.365044][   T29] usb 6-1: USB disconnect, device number 52
[  799.369738][   T29] usblp0: removed
[  799.995918][T18247] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:14: iget: checksum invalid
[  800.001550][T18246] nvme_fabrics: missing parameter 'transport=%s'
[  800.004056][T18246] nvme_fabrics: missing parameter 'nqn=%s'
[  800.066810][T18248] tmpfs: Unknown parameter 'usquota'
[  801.709593][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  801.710085][   T29] usb 7-1: USB disconnect, device number 62
[  801.717982][   T29] usblp1: removed
[  801.732438][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  801.736507][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  801.846844][T18253] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3228'.
[  801.849749][T18253] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3228'.
[  802.772748][T18262] random: crng reseeded on system resumption
[  802.886709][T18266] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3232'.
[  802.889641][T18266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3232'.
[  802.893116][T18266] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3232'.
[  802.895928][T18266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3232'.
[  802.898794][T18266] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3232'.
[  802.981370][ T5986] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  802.988699][ T5986] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  802.991876][ T5986] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  803.003792][ T5986] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  803.019600][ T5986] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  803.022968][T15505] syz_tun (unregistering): left allmulticast mode
[  803.110288][T18272] cgroup: No subsys list or none specified
[  803.110447][T18267] chnl_net:caif_netlink_parms(): no params data found
[  803.186685][T18267] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.189145][T18267] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.192252][T18267] bridge_slave_0: entered allmulticast mode
[  803.195027][T18267] bridge_slave_0: entered promiscuous mode
[  803.198467][T18267] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.201496][T18267] bridge0: port 2(bridge_slave_1) entered disabled state
[  803.203952][T18267] bridge_slave_1: entered allmulticast mode
[  803.206713][T18267] bridge_slave_1: entered promiscuous mode
[  803.264437][T16259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.278358][T18267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  803.283227][T18267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  803.315754][T18267] team0: Port device team_slave_0 added
[  803.320632][T18267] team0: Port device team_slave_1 added
[  803.351522][T18267] batman_adv: batadv0: Adding interface: batadv_slave_0
[  803.353776][T18267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  803.362047][T18267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  803.366407][T18267] batman_adv: batadv0: Adding interface: batadv_slave_1
[  803.368610][T18267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  803.376696][T18267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  803.399435][T16259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.440980][T18267] hsr_slave_0: entered promiscuous mode
[  803.443366][T18267] hsr_slave_1: entered promiscuous mode
[  803.445522][T18267] debugfs: 'hsr0' already exists in 'hsr'
[  803.447464][T18267] Cannot create hsr debugfs directory
[  803.533829][T16259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.610252][T16259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  803.634834][T18267] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  803.639327][T18267] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  803.643639][T18267] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  803.651830][T18267] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  803.670272][T18267] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.672689][T18267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  803.675108][T18267] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.677440][T18267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  803.711049][T18267] 8021q: adding VLAN 0 to HW filter on device bond0
[  803.726809][ T1238] bridge0: port 1(bridge_slave_0) entered disabled state
[  803.739365][ T1238] bridge0: port 2(bridge_slave_1) entered disabled state
[  803.756319][T18267] 8021q: adding VLAN 0 to HW filter on device team0
[  803.767426][T16254] bridge0: port 1(bridge_slave_0) entered blocking state
[  803.769853][T16254] bridge0: port 1(bridge_slave_0) entered forwarding state
[  803.776149][ T1238] bridge0: port 2(bridge_slave_1) entered blocking state
[  803.778461][ T1238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  803.825584][T16259] bridge_slave_1: left allmulticast mode
[  803.827432][T16259] bridge_slave_1: left promiscuous mode
[  803.830629][T16259] bridge0: port 2(bridge_slave_1) entered disabled state
[  803.838710][T16259] bridge_slave_0: left allmulticast mode
[  803.840571][T16259] bridge_slave_0: left promiscuous mode
[  803.842618][T16259] bridge0: port 1(bridge_slave_0) entered disabled state
[  804.149735][T16259] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  804.154339][T16259] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  804.164045][T16259] bond0 (unregistering): Released all slaves
[  804.248755][T16259] bond1 (unregistering): Released all slaves
[  804.263974][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[  804.266973][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[  804.270871][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[  804.273842][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[  804.276826][T18289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3235'.
[  804.396916][T18267] 8021q: adding VLAN 0 to HW filter on device batadv0
[  804.442993][T18267] veth0_vlan: entered promiscuous mode
[  804.451872][T18267] veth1_vlan: entered promiscuous mode
[  804.497366][T18267] veth0_macvtap: entered promiscuous mode
[  804.508962][T18267] veth1_macvtap: entered promiscuous mode
[  804.528287][ T5688] EXT4-fs error: 29 callbacks suppressed
[  804.528300][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  804.531592][T18267] batman_adv: batadv0: Interface activated: batadv_slave_0
[  804.539758][T16259] hsr_slave_0: left promiscuous mode
[  804.541985][T16259] hsr_slave_1: left promiscuous mode
[  804.544053][T16259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  804.546464][T16259] batman_adv: batadv0: Removing interface: batadv_slave_0
[  804.550053][T16259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  804.552442][T16259] batman_adv: batadv0: Removing interface: batadv_slave_1
[  804.584715][T16259] veth1_macvtap: left promiscuous mode
[  804.586829][T16259] veth0_macvtap: left promiscuous mode
[  804.588880][T16259] veth1_vlan: left promiscuous mode
[  805.222506][ T5986] Bluetooth: hci2: command tx timeout
[  805.391425][T16259] team0 (unregistering): Port device team_slave_1 removed
[  805.475113][T16259] team0 (unregistering): Port device team_slave_0 removed
[  805.872332][T18324] NILFS (loop1): device size too small
[  805.967148][T18322] virtio-fs: tag <c:::> not found
[  806.108106][T18325] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  806.109544][T18267] batman_adv: batadv0: Interface activated: batadv_slave_1
[  806.121686][ T1147] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  806.126721][ T1147] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  806.132980][ T1238] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  806.142557][ T1238] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  806.178662][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  806.182766][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  806.187661][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  806.224557][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  806.233258][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  806.240211][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  806.244506][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  806.252080][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  806.260657][T18330] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  806.282564][T18332] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  806.346995][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  806.358711][T18336] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  807.294191][T18365] cgroup: No subsys list or none specified
[  807.445269][ T5986] Bluetooth: hci2: command tx timeout
[  807.522333][T18367] FAULT_INJECTION: forcing a failure.
[  807.522333][T18367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  807.526615][T18367] CPU: 1 UID: 0 PID: 18367 Comm: syz.2.3244 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  807.526632][T18367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  807.526639][T18367] Call Trace:
[  807.526644][T18367]  <TASK>
[  807.526650][T18367]  dump_stack_lvl+0x16c/0x1f0
[  807.526666][T18367]  should_fail_ex+0x512/0x640
[  807.526696][T18367]  _copy_to_user+0x32/0xd0
[  807.526713][T18367]  simple_read_from_buffer+0xcb/0x170
[  807.526727][T18367]  proc_fail_nth_read+0x197/0x240
[  807.526740][T18367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  807.526754][T18367]  ? rw_verify_area+0xcf/0x6c0
[  807.526766][T18367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  807.526777][T18367]  vfs_read+0x1e4/0xc60
[  807.526793][T18367]  ? __pfx_vfs_read+0x10/0x10
[  807.526805][T18367]  ? find_held_lock+0x2b/0x80
[  807.526820][T18367]  ? __fget_files+0x20e/0x3c0
[  807.526837][T18367]  ksys_read+0x12a/0x250
[  807.526849][T18367]  ? __pfx_ksys_read+0x10/0x10
[  807.526863][T18367]  ? rcu_is_watching+0x12/0xc0
[  807.526877][T18367]  __do_fast_syscall_32+0x7c/0x3a0
[  807.526892][T18367]  do_fast_syscall_32+0x32/0x80
[  807.526905][T18367]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  807.526920][T18367] RIP: 0023:0xf7f44579
[  807.526929][T18367] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  807.526940][T18367] RSP: 002b:00000000f5466590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  807.526952][T18367] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5466620
[  807.526959][T18367] RDX: 000000000000000f RSI: 00000000f73d4ff4 RDI: 0000000000000000
[  807.526966][T18367] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  807.526972][T18367] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  807.526979][T18367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  807.526993][T18367]  </TASK>
[  807.615986][ T6190] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  807.787323][ T6190] usb 6-1: Using ep0 maxpacket: 16
[  807.790443][ T6190] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  807.793762][ T6190] usb 6-1: config 0 has no interfaces?
[  807.797188][ T6190] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  807.800218][ T6190] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  807.802764][ T6190] usb 6-1: Product: syz
[  807.804152][ T6190] usb 6-1: Manufacturer: syz
[  807.805726][ T6190] usb 6-1: SerialNumber: syz
[  807.808641][ T6190] usb 6-1: config 0 descriptor??
[  808.029959][ T6190] usb 6-1: USB disconnect, device number 53
[  808.834743][  T140] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[  808.995195][ T2109] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  809.005976][  T140] usb 7-1: Using ep0 maxpacket: 16
[  809.009348][  T140] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  809.012529][  T140] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  809.015624][  T140] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  809.019990][  T140] usb 7-1: config 1 interface 0 has no altsetting 0
[  809.023945][  T140] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  809.026788][  T140] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.029615][  T140] usb 7-1: Product: syz
[  809.030974][  T140] usb 7-1: Manufacturer: syz
[  809.032465][  T140] usb 7-1: SerialNumber: syz
[  809.166168][ T2109] usb 6-1: Using ep0 maxpacket: 16
[  809.171208][ T2109] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  809.175106][ T2109] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  809.179088][ T2109] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  809.184149][ T2109] usb 6-1: config 1 interface 0 has no altsetting 0
[  809.189925][ T2109] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  809.193516][ T2109] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.196660][ T2109] usb 6-1: Product: syz
[  809.198434][ T2109] usb 6-1: Manufacturer: syz
[  809.200307][ T2109] usb 6-1: SerialNumber: syz
[  809.265216][  T140] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 63 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  809.463073][ T2109] usblp 6-1:1.0: usblp1: USB Unidirectional printer dev 54 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  810.182197][ T5986] Bluetooth: hci2: command tx timeout
[  811.273625][T18388] ubi31: attaching mtd0
[  811.278120][T18388] ubi31: scanning is finished
[  811.279604][T18388] ubi31: empty MTD device detected
[  811.374223][T18388] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  811.376936][T18388] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  811.380411][T18388] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  811.382962][T18388] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  811.385416][T18388] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  811.387648][T18388] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  811.390355][T18388] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2129665502
[  811.393545][T18388] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  811.399448][T18390] ubi31: background thread "ubi_bgt31d" started, PID 18390
[  811.859883][ T6022] usb 6-1: USB disconnect, device number 54
[  811.864299][ T6022] usblp1: removed
[  811.869012][T12981] usb 7-1: USB disconnect, device number 63
[  811.873746][T12981] usblp0: removed
[  811.930090][T18403] __nla_validate_parse: 54 callbacks suppressed
[  811.930104][T18403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3254'.
[  811.936003][T18403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3254'.
[  811.940796][T18403] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3254'.
[  811.944370][T18403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3254'.
[  811.947553][T18403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3254'.
[  812.038068][T17847] syz_tun (unregistering): left allmulticast mode
[  812.089291][ T5337] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  812.097194][ T5337] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  812.117527][ T5337] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  812.123417][ T5337] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  812.129367][ T5337] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  812.167879][T18409] cgroup: No subsys list or none specified
[  812.233770][T18413] EXT4-fs error: 38 callbacks suppressed
[  812.233783][T18413] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:10: iget: checksum invalid
[  812.244169][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.249891][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.254635][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.259236][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.262860][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.267062][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  812.313871][T16259] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.336760][T18406] chnl_net:caif_netlink_parms(): no params data found
[  812.468304][T16259] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.519674][T18406] bridge0: port 1(bridge_slave_0) entered blocking state
[  812.522586][T18406] bridge0: port 1(bridge_slave_0) entered disabled state
[  812.525376][T18406] bridge_slave_0: entered allmulticast mode
[  812.528928][T18406] bridge_slave_0: entered promiscuous mode
[  812.569445][T16259] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.577111][T18406] bridge0: port 2(bridge_slave_1) entered blocking state
[  812.584173][T18406] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.589543][T18406] bridge_slave_1: entered allmulticast mode
[  812.593649][T18406] bridge_slave_1: entered promiscuous mode
[  812.660577][T16259] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  812.673644][T18406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  812.680076][T18406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.713963][T18406] team0: Port device team_slave_0 added
[  812.717561][T18406] team0: Port device team_slave_1 added
[  812.753563][T18406] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.756521][T18406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.763347][T18423] random: crng reseeded on system resumption
[  812.767040][T18406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  812.774740][T18406] batman_adv: batadv0: Adding interface: batadv_slave_1
[  812.777211][T18406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.786522][T18406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  812.831164][T18406] hsr_slave_0: entered promiscuous mode
[  812.834049][T18406] hsr_slave_1: entered promiscuous mode
[  812.836064][T18406] debugfs: 'hsr0' already exists in 'hsr'
[  812.837710][T18406] Cannot create hsr debugfs directory
[  812.844105][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  812.849327][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  812.853668][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  812.943961][T16259] bridge_slave_1: left allmulticast mode
[  812.946620][T16259] bridge_slave_1: left promiscuous mode
[  812.948982][T16259] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.956141][T16259] bridge_slave_0: left allmulticast mode
[  812.958415][T16259] bridge_slave_0: left promiscuous mode
[  812.960739][T16259] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.372628][T16259] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  813.376820][T16259] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  813.380678][T16259] bond0 (unregistering): Released all slaves
[  813.491533][T16259] tipc: Left network mode
[  813.552665][T18406] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  813.558024][T18406] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  813.563386][T18406] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  813.567731][T18406] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  813.663116][T18406] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.675693][T18406] 8021q: adding VLAN 0 to HW filter on device team0
[  813.693304][T15834] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.695640][T15834] bridge0: port 1(bridge_slave_0) entered forwarding state
[  813.703511][T16259] hsr_slave_0: left promiscuous mode
[  813.705741][T16259] hsr_slave_1: left promiscuous mode
[  813.708156][T16259] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  813.710713][T16259] batman_adv: batadv0: Removing interface: batadv_slave_0
[  813.713638][T16259] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  813.716048][T16259] batman_adv: batadv0: Removing interface: batadv_slave_1
[  813.738586][T16259] veth1_macvtap: left promiscuous mode
[  813.740414][T16259] veth0_macvtap: left promiscuous mode
[  813.742630][T16259] veth1_vlan: left promiscuous mode
[  813.745035][T16259] veth0_vlan: left promiscuous mode
[  813.773747][   T29] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  813.955578][   T29] usb 6-1: Using ep0 maxpacket: 16
[  813.958426][   T29] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  813.961580][   T29] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  813.964401][   T29] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  813.968392][   T29] usb 6-1: config 1 interface 0 has no altsetting 0
[  813.972221][   T29] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  813.974839][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  813.978837][   T29] usb 6-1: Product: syz
[  813.980207][   T29] usb 6-1: Manufacturer: syz
[  813.981762][   T29] usb 6-1: SerialNumber: syz
[  814.208807][   T29] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 55 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  814.288908][ T5337] Bluetooth: hci0: command tx timeout
[  814.484209][T16259] team0 (unregistering): Port device team_slave_1 removed
[  814.579090][T16259] team0 (unregistering): Port device team_slave_0 removed
[  815.187859][ T1238] bridge0: port 2(bridge_slave_1) entered blocking state
[  815.190019][ T1238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  815.252079][T18406] 8021q: adding VLAN 0 to HW filter on device batadv0
[  815.291240][T18406] veth0_vlan: entered promiscuous mode
[  815.298506][T18406] veth1_vlan: entered promiscuous mode
[  815.318580][T18406] veth0_macvtap: entered promiscuous mode
[  815.322923][T18406] veth1_macvtap: entered promiscuous mode
[  815.332635][T18406] batman_adv: batadv0: Interface activated: batadv_slave_0
[  815.341289][T18406] batman_adv: batadv0: Interface activated: batadv_slave_1
[  815.354237][ T1238] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  815.358224][ T1238] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  815.360754][ T1238] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  815.363628][ T1238] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  815.409651][T15834] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  815.412270][T15834] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  815.434348][T15834] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  815.440512][T15834] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  815.481623][T18486] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3252'.
[  816.500445][T18498] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3264'.
[  816.502925][T18498] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3264'.
[  816.505939][T18498] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3264'.
[  816.508506][T18498] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3264'.
[  816.510623][ T5337] Bluetooth: hci0: command tx timeout
[  816.687071][ T6190] usb 6-1: USB disconnect, device number 55
[  816.690596][ T6190] usblp0: removed
[  816.722276][T18502] cgroup: No subsys list or none specified
[  817.451612][T18514] __nla_validate_parse: 1 callbacks suppressed
[  817.451623][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.456048][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.458684][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.461227][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.464150][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.467448][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.470287][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.473326][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.476138][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.478944][T18514] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3267'.
[  817.588340][T18519] EXT4-fs error: 65 callbacks suppressed
[  817.588352][T18519] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  817.669636][T18526] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  817.750660][  T839] usb 7-1: new full-speed USB device number 64 using dummy_hcd
[  817.855375][T18529] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  817.900342][  T839] usb 7-1: device descriptor read/64, error -71
[  818.156952][  T839] usb 7-1: new full-speed USB device number 65 using dummy_hcd
[  818.254295][T12981] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  818.295925][  T839] usb 7-1: device descriptor read/64, error -71
[  818.424411][  T839] usb usb7-port1: attempt power cycle
[  818.520938][T12981] usb 6-1: Using ep0 maxpacket: 16
[  818.535054][T12981] usb 6-1: config 0 has no interfaces?
[  818.543341][T12981] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  818.547086][T12981] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.550306][T12981] usb 6-1: Product: syz
[  818.555371][T12981] usb 6-1: Manufacturer: syz
[  818.557241][T12981] usb 6-1: SerialNumber: syz
[  818.560826][T12981] usb 6-1: config 0 descriptor??
[  818.563169][T18533] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  818.659445][T17907] usb 11-1: new full-speed USB device number 2 using dummy_hcd
[  818.734287][ T5337] Bluetooth: hci0: command tx timeout
[  818.744580][T18534] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  818.819853][  T839] usb 7-1: new full-speed USB device number 66 using dummy_hcd
[  818.857828][  T839] usb 7-1: device descriptor read/8, error -71
[  818.863814][T17907] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  818.866947][T17907] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  818.874838][T17907] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  818.877768][T17907] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.891014][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  818.894999][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  818.898710][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  819.105599][T17907] usb 11-1: usb_control_msg returned -32
[  819.107883][T17907] usbtmc 11-1:16.0: can't read capabilities
[  819.119079][  T839] usb 7-1: new full-speed USB device number 67 using dummy_hcd
[  819.151532][  T839] usb 7-1: device descriptor read/8, error -71
[  819.238525][T18535] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  819.281103][  T839] usb usb7-port1: unable to enumerate USB device
[  819.347506][T18528] Set syz1 is full, maxelem 65536 reached
[  819.379989][  T839] usb 6-1: USB disconnect, device number 56
[  819.478347][T18536] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  819.702259][   T29] usb 11-1: USB disconnect, device number 2
[  820.478716][T18552] cgroup: No subsys list or none specified
[  820.728885][T18555] FAULT_INJECTION: forcing a failure.
[  820.728885][T18555] name failslab, interval 1, probability 0, space 0, times 0
[  820.732772][T18555] CPU: 1 UID: 0 PID: 18555 Comm: syz.2.3276 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  820.732789][T18555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  820.732796][T18555] Call Trace:
[  820.732802][T18555]  <TASK>
[  820.732807][T18555]  dump_stack_lvl+0x16c/0x1f0
[  820.732832][T18555]  should_fail_ex+0x512/0x640
[  820.732846][T18555]  ? fs_reclaim_acquire+0xae/0x150
[  820.732864][T18555]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  820.732879][T18555]  should_failslab+0xc2/0x120
[  820.732894][T18555]  __kmalloc_noprof+0xd2/0x510
[  820.732911][T18555]  tomoyo_realpath_from_path+0xc2/0x6e0
[  820.732927][T18555]  ? tomoyo_profile+0x47/0x60
[  820.732944][T18555]  tomoyo_path_number_perm+0x245/0x580
[  820.732955][T18555]  ? tomoyo_path_number_perm+0x237/0x580
[  820.732969][T18555]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  820.732995][T18555]  ? find_held_lock+0x2b/0x80
[  820.733006][T18555]  ? hook_file_ioctl_common+0x145/0x410
[  820.733023][T18555]  ? __fget_files+0x20e/0x3c0
[  820.733037][T18555]  security_file_ioctl_compat+0x9b/0x240
[  820.733051][T18555]  __ia32_compat_sys_ioctl+0xc3/0x370
[  820.733071][T18555]  __do_fast_syscall_32+0x7c/0x3a0
[  820.733085][T18555]  do_fast_syscall_32+0x32/0x80
[  820.733099][T18555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  820.733113][T18555] RIP: 0023:0xf7f44579
[  820.733123][T18555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  820.733134][T18555] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  820.733145][T18555] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  820.733152][T18555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  820.733162][T18555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  820.733169][T18555] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  820.733175][T18555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  820.733188][T18555]  </TASK>
[  820.733194][T18555] ERROR: Out of memory at tomoyo_realpath_from_path.
[  820.958358][ T5337] Bluetooth: hci0: command tx timeout
[  822.837430][ T5337] Bluetooth: hci1: unexpected event for opcode 0x2005
[  823.024782][T17907] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  823.235129][T17907] usb 11-1: Using ep0 maxpacket: 16
[  823.244592][T17907] usb 11-1: config 0 has no interfaces?
[  823.395841][T17907] usb 11-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  823.398848][T17907] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.405818][T17907] usb 11-1: Product: syz
[  823.411027][T17907] usb 11-1: Manufacturer: syz
[  823.413329][T17907] usb 11-1: SerialNumber: syz
[  823.426702][ T5386] EXT4-fs error: 3 callbacks suppressed
[  823.426828][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  823.432945][T17907] usb 11-1: config 0 descriptor??
[  823.447103][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  823.470839][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  823.784769][T18593] __nla_validate_parse: 103 callbacks suppressed
[  823.784781][T18593] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3283'.
[  824.329366][T18585] Set syz1 is full, maxelem 65536 reached
[  824.361901][ T6022] usb 11-1: USB disconnect, device number 3
[  824.962242][T18598] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3285'.
[  824.965113][T18598] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3285'.
[  824.969829][T18598] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3285'.
[  824.972669][T18598] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3285'.
[  824.975473][T18598] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3285'.
[  825.065527][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  825.067556][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  825.188812][T18600] cgroup: No subsys list or none specified
[  825.599934][T18605] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  826.439786][T18617] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  826.673670][T18618] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  826.887317][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  826.891722][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  826.895366][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  826.904691][T18620] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3290'.
[  826.907579][T18620] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3290'.
[  826.911364][T18620] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3290'.
[  826.914334][T18620] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3290'.
[  827.090653][T18625] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  827.322517][T18627] cgroup: No subsys list or none specified
[  828.621215][ T5986] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  828.625150][ T5986] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  828.628480][ T5986] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  828.634663][ T5986] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  828.637571][ T5986] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  828.726227][T18640] chnl_net:caif_netlink_parms(): no params data found
[  828.797469][T18640] bridge0: port 1(bridge_slave_0) entered blocking state
[  828.799846][T18640] bridge0: port 1(bridge_slave_0) entered disabled state
[  828.802148][T18640] bridge_slave_0: entered allmulticast mode
[  828.804953][T18640] bridge_slave_0: entered promiscuous mode
[  828.808108][T18640] bridge0: port 2(bridge_slave_1) entered blocking state
[  828.810480][T18640] bridge0: port 2(bridge_slave_1) entered disabled state
[  828.812809][T18640] bridge_slave_1: entered allmulticast mode
[  828.817364][T18640] bridge_slave_1: entered promiscuous mode
[  828.817791][    T1] EXT4-fs error: 4 callbacks suppressed
[  828.817803][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.825844][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.831662][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.835312][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.839136][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.842677][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  828.870473][T15834] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.893421][T18648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  828.893874][T18640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  828.902245][T18640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  828.938224][T18640] team0: Port device team_slave_0 added
[  828.950270][T15834] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.957694][T18640] team0: Port device team_slave_1 added
[  828.988614][T18640] batman_adv: batadv0: Adding interface: batadv_slave_0
[  828.990901][T18640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  828.999660][T18640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  829.004024][T18640] batman_adv: batadv0: Adding interface: batadv_slave_1
[  829.006256][T18640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  829.014836][T18640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  829.052214][T18640] hsr_slave_0: entered promiscuous mode
[  829.054634][T18640] hsr_slave_1: entered promiscuous mode
[  829.056777][T18640] debugfs: 'hsr0' already exists in 'hsr'
[  829.058616][T18640] Cannot create hsr debugfs directory
[  829.071216][T15834] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.172110][T15834] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.208687][T18640] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  829.213036][T18640] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  829.217179][T18640] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  829.221844][T18640] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  829.238637][T18640] bridge0: port 2(bridge_slave_1) entered blocking state
[  829.241014][T18640] bridge0: port 2(bridge_slave_1) entered forwarding state
[  829.243482][T18640] bridge0: port 1(bridge_slave_0) entered blocking state
[  829.245720][T18640] bridge0: port 1(bridge_slave_0) entered forwarding state
[  829.290666][T18640] 8021q: adding VLAN 0 to HW filter on device bond0
[  829.304949][T15834] bridge_slave_1: left allmulticast mode
[  829.306852][T15834] bridge_slave_1: left promiscuous mode
[  829.308828][T15834] bridge0: port 2(bridge_slave_1) entered disabled state
[  829.312274][T15834] bridge_slave_0: left allmulticast mode
[  829.314082][T15834] bridge_slave_0: left promiscuous mode
[  829.316003][T15834] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.503309][T18661] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:11: iget: checksum invalid
[  829.509024][T18662] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:11: iget: checksum invalid
[  829.699510][T15834] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  829.704050][T15834] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  829.707816][T15834] bond0 (unregistering): Released all slaves
[  829.716761][T18658] __nla_validate_parse: 1 callbacks suppressed
[  829.716772][T18658] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3302'.
[  829.725781][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  829.732243][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  829.755658][T18640] 8021q: adding VLAN 0 to HW filter on device team0
[  829.755828][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  829.765325][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  829.768208][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  829.775887][T18669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3295'.
[  829.780005][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  829.780095][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  829.785068][T18669] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3295'.
[  829.792030][T18669] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3295'.
[  829.794895][T18669] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3295'.
[  829.797675][T18669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3295'.
[  829.831405][T18640] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  829.875342][T18640] 8021q: adding VLAN 0 to HW filter on device batadv0
[  829.942945][T18640] veth0_vlan: entered promiscuous mode
[  829.949645][T18640] veth1_vlan: entered promiscuous mode
[  829.984251][T18640] veth0_macvtap: entered promiscuous mode
[  829.994304][T18640] veth1_macvtap: entered promiscuous mode
[  830.029487][T18691] cgroup: No subsys list or none specified
[  830.056705][T18640] batman_adv: batadv0: Interface activated: batadv_slave_0
[  830.063365][T18640] batman_adv: batadv0: Interface activated: batadv_slave_1
[  830.076383][T16254] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  830.080161][T16254] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  830.085518][T16254] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  830.089640][T16254] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  830.142509][T15834] hsr_slave_0: left promiscuous mode
[  830.145196][T15834] hsr_slave_1: left promiscuous mode
[  830.147375][T15834] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  830.149803][T15834] batman_adv: batadv0: Removing interface: batadv_slave_0
[  830.154847][T15834] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  830.157245][T15834] batman_adv: batadv0: Removing interface: batadv_slave_1
[  830.180949][T15834] veth1_macvtap: left promiscuous mode
[  830.182791][T15834] veth0_macvtap: left promiscuous mode
[  830.185044][T15834] veth1_vlan: left promiscuous mode
[  830.186878][T15834] veth0_vlan: left promiscuous mode
[  830.793602][ T5986] Bluetooth: hci2: command tx timeout
[  830.978323][T15834] team0 (unregistering): Port device team_slave_1 removed
[  831.063021][T15834] team0 (unregistering): Port device team_slave_0 removed
[  831.093058][   T24] usb 7-1: new high-speed USB device number 68 using dummy_hcd
[  831.274572][   T24] usb 7-1: Using ep0 maxpacket: 16
[  831.293828][   T24] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  831.298156][   T24] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  831.301395][   T24] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  831.305550][   T24] usb 7-1: config 1 interface 0 has no altsetting 0
[  831.309772][   T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  831.312697][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  831.315352][   T24] usb 7-1: Product: syz
[  831.316758][   T24] usb 7-1: Manufacturer: syz
[  831.319748][   T24] usb 7-1: SerialNumber: syz
[  831.579037][   T24] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 68 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  831.762148][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.765615][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.815417][T16259] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  831.818510][T16259] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  831.876307][T18705] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3293'.
[  833.034710][T18726] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  833.037532][T18726] IPv6: NLM_F_CREATE should be set when creating new route
[  833.566015][T18733] syz_tun: entered allmulticast mode
[  833.976292][  T140] usb 7-1: USB disconnect, device number 68
[  833.992251][  T140] usblp0: removed
[  834.013476][T18742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3305'.
[  834.016828][T18742] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3305'.
[  834.020421][T18742] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3305'.
[  834.245975][T18749] cgroup: No subsys list or none specified
[  834.515604][T18733] syz_tun: left allmulticast mode
[  834.979960][T18758] EXT4-fs error: 66 callbacks suppressed
[  834.979971][T18758] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:1: iget: checksum invalid
[  834.988089][T18759] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:1: iget: checksum invalid
[  835.080205][ T5986] Bluetooth: hci2: command tx timeout
[  835.914037][   T29] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  836.095917][   T29] usb 12-1: Using ep0 maxpacket: 16
[  836.099052][   T29] usb 12-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  836.102561][   T29] usb 12-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  836.105667][   T29] usb 12-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  836.109819][   T29] usb 12-1: config 1 interface 0 has no altsetting 0
[  836.113512][   T29] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  836.116428][   T29] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.119102][   T29] usb 12-1: Product: syz
[  836.120498][   T29] usb 12-1: Manufacturer: syz
[  836.122026][   T29] usb 12-1: SerialNumber: syz
[  836.378003][   T29] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  836.386377][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  836.390114][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  836.393717][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  836.668620][T15181] syz_tun (unregistering): left allmulticast mode
[  836.674624][ T5337] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  836.678180][ T5337] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  836.682696][ T5337] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  836.686641][ T5337] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  836.689472][ T5337] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  836.774647][T18781] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:11: iget: checksum invalid
[  836.782116][T18776] chnl_net:caif_netlink_parms(): no params data found
[  836.849943][T18776] bridge0: port 1(bridge_slave_0) entered blocking state
[  836.852297][T18776] bridge0: port 1(bridge_slave_0) entered disabled state
[  836.854632][T18776] bridge_slave_0: entered allmulticast mode
[  836.857967][T18776] bridge_slave_0: entered promiscuous mode
[  836.862552][T18776] bridge0: port 2(bridge_slave_1) entered blocking state
[  836.864831][T18776] bridge0: port 2(bridge_slave_1) entered disabled state
[  836.868683][T18776] bridge_slave_1: entered allmulticast mode
[  836.871582][T18776] bridge_slave_1: entered promiscuous mode
[  836.885394][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  836.891522][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  836.899257][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  836.904977][    T1] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm init: iget: checksum invalid
[  836.942044][T16254] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.957926][T18776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  836.963897][T18776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  836.998196][T18776] team0: Port device team_slave_0 added
[  837.001541][T18776] team0: Port device team_slave_1 added
[  837.054855][T16254] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.062358][T18776] batman_adv: batadv0: Adding interface: batadv_slave_0
[  837.064626][T18776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  837.072766][T18776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  837.077152][T18776] batman_adv: batadv0: Adding interface: batadv_slave_1
[  837.079483][T18776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  837.087537][T18776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  837.126987][T18776] hsr_slave_0: entered promiscuous mode
[  837.129406][T18776] hsr_slave_1: entered promiscuous mode
[  837.132054][T18776] debugfs: 'hsr0' already exists in 'hsr'
[  837.135187][T18776] Cannot create hsr debugfs directory
[  837.154723][T16254] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.262462][T16254] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.293183][ T5986] Bluetooth: hci2: command tx timeout
[  837.324791][T18776] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  837.329301][T18776] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  837.333928][T18776] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  837.339955][T18776] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  837.393141][T16254] bridge_slave_1: left allmulticast mode
[  837.395341][T16254] bridge_slave_1: left promiscuous mode
[  837.397311][T16254] bridge0: port 2(bridge_slave_1) entered disabled state
[  837.404496][T16254] bridge_slave_0: left allmulticast mode
[  837.406415][T16254] bridge_slave_0: left promiscuous mode
[  837.408489][T16254] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.528765][T18795] __nla_validate_parse: 2 callbacks suppressed
[  837.528777][T18795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3317'.
[  837.533646][T18795] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3317'.
[  837.538561][T18795] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3317'.
[  837.541725][T18795] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3317'.
[  837.544796][T18795] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3317'.
[  837.742357][T16254] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  837.746804][T16254] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  837.752886][T16254] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  837.767123][T18797] cgroup: No subsys list or none specified
[  837.769679][T16254] bond0 (unregistering): (slave bond1): Releasing backup interface
[  837.772880][T16254] bond0 (unregistering): Released all slaves
[  837.862989][T16254] bond1 (unregistering): Released all slaves
[  837.951675][T16254] bond2 (unregistering): Released all slaves
[  838.007591][T18776] 8021q: adding VLAN 0 to HW filter on device bond0
[  838.037360][T18776] 8021q: adding VLAN 0 to HW filter on device team0
[  838.054820][T16258] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.057179][T16258] bridge0: port 1(bridge_slave_0) entered forwarding state
[  838.063164][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  838.065438][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  838.156492][T18776] 8021q: adding VLAN 0 to HW filter on device batadv0
[  838.215348][T18776] veth0_vlan: entered promiscuous mode
[  838.220517][T18776] veth1_vlan: entered promiscuous mode
[  838.260849][T18776] veth0_macvtap: entered promiscuous mode
[  838.268930][T18776] veth1_macvtap: entered promiscuous mode
[  838.284064][T18776] batman_adv: batadv0: Interface activated: batadv_slave_0
[  838.295707][T18776] batman_adv: batadv0: Interface activated: batadv_slave_1
[  838.301656][T16259] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  838.304669][T16259] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  838.308442][T16259] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  838.314278][T16259] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  838.334996][T16254] hsr_slave_0: left promiscuous mode
[  838.337212][T16254] hsr_slave_1: left promiscuous mode
[  838.339318][T16254] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  838.342087][T16254] batman_adv: batadv0: Removing interface: batadv_slave_0
[  838.344948][T16254] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  838.347468][T16254] batman_adv: batadv0: Removing interface: batadv_slave_1
[  838.417788][T16254] macsec0: left allmulticast mode
[  838.419488][T16254] veth1_macvtap: left allmulticast mode
[  838.459170][T16254] veth1_macvtap: left promiscuous mode
[  838.469081][T16254] veth0_macvtap: left promiscuous mode
[  838.473063][T16254] veth1_vlan: left promiscuous mode
[  838.474919][T16254] veth0_vlan: left promiscuous mode
[  838.811759][T12981] usb 12-1: USB disconnect, device number 2
[  838.819240][T12981] usblp0: removed
[  838.834929][   T24] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  838.918209][ T5986] Bluetooth: hci3: command tx timeout
[  839.003718][   T24] usb 11-1: Using ep0 maxpacket: 16
[  839.017196][   T24] usb 11-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  839.020512][   T24] usb 11-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  839.023699][   T24] usb 11-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  839.027911][   T24] usb 11-1: config 1 interface 0 has no altsetting 0
[  839.032342][   T24] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  839.035181][   T24] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.038177][   T24] usb 11-1: Product: syz
[  839.039685][   T24] usb 11-1: Manufacturer: syz
[  839.041290][   T24] usb 11-1: SerialNumber: syz
[  839.275670][T18835] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  839.278327][T18835] IPv6: NLM_F_CREATE should be set when creating new route
[  839.302633][   T24] usblp 11-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  839.311291][T18837] netlink: 'syz.2.3322': attribute type 1 has an invalid length.
[  839.313915][T12981] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  839.473965][T12981] usb 12-1: Using ep0 maxpacket: 16
[  839.478330][T12981] usb 12-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  839.481470][T12981] usb 12-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  839.484779][T12981] usb 12-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  839.488802][T12981] usb 12-1: config 1 interface 0 has no altsetting 0
[  839.502034][T12981] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  839.505077][T12981] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.507850][T12981] usb 12-1: Product: syz
[  839.508622][T18840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3322'.
[  839.511985][T12981] usb 12-1: Manufacturer: syz
[  839.513515][T12981] usb 12-1: SerialNumber: syz
[  839.522383][  T140] usb 11-1: USB disconnect, device number 4
[  839.527719][  T140] usblp0: removed
[  839.605951][T16254] team0 (unregistering): Port device team_slave_1 removed
[  839.692673][T16254] team0 (unregistering): Port device team_slave_0 removed
[  839.769504][T12981] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  840.001360][   T53] usb 12-1: USB disconnect, device number 3
[  840.006529][   T53] usblp0: removed
[  840.465669][T18837] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  840.467267][ T5688] EXT4-fs error: 38 callbacks suppressed
[  840.467283][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  840.531557][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  840.539831][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  840.544455][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  840.557540][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  840.560091][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  840.564824][T18850] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  840.584318][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  840.588465][T18851] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  840.595057][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  840.637842][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #2001: comm dhcpcd: iget: checksum invalid
[  840.668277][T18859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3326'.
[  840.671306][T18859] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3326'.
[  840.679679][T18859] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3326'.
[  840.682571][T18859] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3326'.
[  840.771117][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  840.804049][T18870] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  840.900645][T18871] cgroup: No subsys list or none specified
[  841.143480][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  841.152520][ T5986] Bluetooth: hci3: command tx timeout
[  841.216548][T15452] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  841.376908][T15452] usb 13-1: Using ep0 maxpacket: 16
[  841.654862][T15452] usb 13-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  841.852327][T15452] usb 13-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  841.875574][T15452] usb 13-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  841.880435][T15452] usb 13-1: config 1 interface 0 has no altsetting 0
[  841.884591][T15452] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  841.897015][T15452] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.900871][T15452] usb 13-1: Product: syz
[  841.902428][T15452] usb 13-1: Manufacturer: syz
[  841.904091][T15452] usb 13-1: SerialNumber: syz
[  841.920154][T18889] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[  842.029034][  T140] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  842.173697][T15452] usblp 13-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  842.200084][  T140] usb 11-1: Using ep0 maxpacket: 16
[  842.204032][  T140] usb 11-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  842.207620][  T140] usb 11-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  842.212706][  T140] usb 11-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  842.217030][  T140] usb 11-1: config 1 interface 0 has no altsetting 0
[  842.244877][  T140] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  842.247806][  T140] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.250372][  T140] usb 11-1: Product: syz
[  842.251766][  T140] usb 11-1: Manufacturer: syz
[  842.253369][  T140] usb 11-1: SerialNumber: syz
[  842.392573][ T2109] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  842.661118][  T140] usblp 11-1:1.0: usblp1: USB Unidirectional printer dev 5 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  843.134977][ T2109] usb 12-1: Using ep0 maxpacket: 16
[  843.365422][ T5986] Bluetooth: hci3: command tx timeout
[  844.039836][ T2109] usb 12-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  844.066464][   T24] usb 13-1: USB disconnect, device number 2
[  844.122868][   T24] usblp0: removed
[  844.162278][T18912] tipc: Failed to remove unknown binding: 66,1,1/0:1072742992/1072742994
[  844.165755][T18912] tipc: Failed to remove unknown binding: 66,1,1/0:1072742992/1072742994
[  844.408711][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  844.408723][   T40] audit: type=1326 audit(1754556496.696:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.421368][   T40] audit: type=1326 audit(1754556496.696:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.428379][   T40] audit: type=1326 audit(1754556496.706:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.435550][   T40] audit: type=1326 audit(1754556496.706:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.442322][   T40] audit: type=1326 audit(1754556496.706:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.449777][   T40] audit: type=1326 audit(1754556496.725:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=93 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.456762][   T40] audit: type=1326 audit(1754556496.725:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.463811][   T40] audit: type=1326 audit(1754556496.725:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.470868][   T40] audit: type=1326 audit(1754556496.725:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.478395][   T40] audit: type=1326 audit(1754556496.725:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18911 comm="syz.8.3332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5579 code=0x7ffc0000
[  844.490855][ T2109] usb 12-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  844.494011][ T2109] usb 12-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  844.498127][ T2109] usb 12-1: config 1 interface 0 has no altsetting 0
[  844.504621][ T2109] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  844.507947][ T2109] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.510595][ T2109] usb 12-1: Product: syz
[  844.511971][ T2109] usb 12-1: Manufacturer: syz
[  844.513462][ T2109] usb 12-1: SerialNumber: syz
[  844.735630][ T2109] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  844.938668][   T24] usb 11-1: USB disconnect, device number 5
[  844.964797][   T24] usblp1: removed
[  845.139220][T18937] __nla_validate_parse: 1 callbacks suppressed
[  845.139232][T18937] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3338'.
[  845.385894][T18942] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3340'.
[  845.589217][ T5986] Bluetooth: hci3: command tx timeout
[  845.857147][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.860373][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.864993][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.868135][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.871425][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.874586][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.878813][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  845.881863][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3345'.
[  846.172812][T18964] EXT4-fs error: 40 callbacks suppressed
[  846.172823][T18964] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  846.184222][T18966] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  846.319794][T18967] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  846.469962][T18965] usb 12-1: USB disconnect, device number 4
[  846.485288][T18965] usblp0: removed
[  846.572786][T18972] FAULT_INJECTION: forcing a failure.
[  846.572786][T18972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  846.576932][T18972] CPU: 3 UID: 0 PID: 18972 Comm: syz.8.3347 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  846.576950][T18972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  846.576957][T18972] Call Trace:
[  846.576962][T18972]  <TASK>
[  846.576967][T18972]  dump_stack_lvl+0x16c/0x1f0
[  846.576985][T18972]  should_fail_ex+0x512/0x640
[  846.577001][T18972]  _copy_from_user+0x2e/0xd0
[  846.577018][T18972]  csum_and_copy_from_iter_full+0x21a/0x1f70
[  846.577041][T18972]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[  846.577058][T18972]  ? policy_nodemask+0xea/0x4e0
[  846.577075][T18972]  ? alloc_pages_mpol+0x25a/0x550
[  846.577094][T18972]  ip_generic_getfrag+0x170/0x270
[  846.577108][T18972]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  846.577121][T18972]  ? do_csum+0x26f/0x2d0
[  846.577139][T18972]  raw6_getfrag+0x22d/0x2a0
[  846.577158][T18972]  __ip6_append_data+0x2772/0x4750
[  846.577180][T18972]  ? __pfx_raw6_getfrag+0x10/0x10
[  846.577201][T18972]  ? __pfx___ip6_append_data+0x10/0x10
[  846.577223][T18972]  ip6_append_data+0x1bd/0x4c0
[  846.577241][T18972]  ? __pfx_raw6_getfrag+0x10/0x10
[  846.577258][T18972]  rawv6_sendmsg+0x163d/0x4820
[  846.577274][T18972]  ? aa_label_sk_perm+0x195/0x600
[  846.577290][T18972]  ? aa_profile_af_perm+0x360/0x3a0
[  846.577304][T18972]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  846.577340][T18972]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  846.577358][T18972]  ? inet_sendmsg+0x11c/0x140
[  846.577374][T18972]  inet_sendmsg+0x11c/0x140
[  846.577390][T18972]  __sys_sendto+0x43c/0x520
[  846.577402][T18972]  ? __pfx___sys_sendto+0x10/0x10
[  846.577424][T18972]  ? ksys_write+0x1ac/0x250
[  846.577437][T18972]  ? __pfx_ksys_write+0x10/0x10
[  846.577452][T18972]  __ia32_sys_sendto+0xdd/0x1b0
[  846.577463][T18972]  ? lockdep_hardirqs_on+0x7c/0x110
[  846.577475][T18972]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  846.577488][T18972]  __do_fast_syscall_32+0x7c/0x3a0
[  846.577503][T18972]  do_fast_syscall_32+0x32/0x80
[  846.577516][T18972]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  846.577530][T18972] RIP: 0023:0xf7fe5579
[  846.577540][T18972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  846.577551][T18972] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  846.577562][T18972] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  846.577569][T18972] RDX: 0000000000000016 RSI: 0000000000003b00 RDI: 0000000000000000
[  846.577576][T18972] RBP: 00000000fffffdfd R08: 0000000000000000 R09: 0000000000000000
[  846.577582][T18972] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  846.577589][T18972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  846.577602][T18972]  </TASK>
[  846.678727][T18976] syz_tun: entered allmulticast mode
[  846.699538][T18978] syz_tun: entered allmulticast mode
[  847.363120][T18973] veth0_to_hsr: entered promiscuous mode
[  847.386993][T18973] veth0_to_hsr: entered allmulticast mode
[  847.648264][T18968] veth0_to_hsr: left allmulticast mode
[  847.665260][T18968] veth0_to_hsr: left promiscuous mode
[  847.676882][T18990] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  847.790631][T18992] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  847.895061][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  847.900060][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  847.903814][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  847.914063][T18996] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  847.923552][T18995] tipc: Started in network mode
[  847.925172][T18995] tipc: Node identity be05fd2342fc, cluster identity 4711
[  847.928772][T18995] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  847.932237][T18995] syzkaller0: entered promiscuous mode
[  847.934101][T18995] syzkaller0: entered allmulticast mode
[  847.963958][T18995] tipc: Resetting bearer <eth:syzkaller0>
[  848.085552][T18994] tipc: Resetting bearer <eth:syzkaller0>
[  848.109556][T18994] tipc: Disabling bearer <eth:syzkaller0>
[  848.411432][T17907] usb 13-1: new high-speed USB device number 3 using dummy_hcd
[  848.497537][T19018] cgroup: No subsys list or none specified
[  848.730160][T19017] 
: renamed from bridge_slave_0 (while UP)
[  848.764346][T17907] usb 13-1: Using ep0 maxpacket: 16
[  848.769943][T17907] usb 13-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  848.774673][T17907] usb 13-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  848.781936][T17907] usb 13-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  848.787807][T17907] usb 13-1: config 1 interface 0 has no altsetting 0
[  848.793045][T17907] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  848.798696][T17907] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.802845][T17907] usb 13-1: Product: syz
[  848.804644][T17907] usb 13-1: Manufacturer: syz
[  848.806252][T17907] usb 13-1: SerialNumber: syz
[  849.085188][T19024] vivid-007: =================  START STATUS  =================
[  849.087947][T19024] vivid-007: Enable Output Cropping: true
[  849.090076][T19024] vivid-007: Enable Output Composing: true
[  849.092163][T19024] vivid-007: Enable Output Scaler: true
[  849.094027][T19024] vivid-007: Tx RGB Quantization Range: Automatic
[  849.096280][T19024] vivid-007: Transmit Mode: HDMI
[  849.098033][T19024] vivid-007: Hotplug Present: 0x00000000
[  849.100130][T19024] vivid-007: RxSense Present: 0x00000000
[  849.102046][T19024] vivid-007: EDID Present: 0x00000000
[  849.104113][T19024] vivid-007: ==================  END STATUS  ==================
[  849.177525][T17907] usblp 13-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  849.431058][T19035] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  849.735804][T19036] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  849.738385][T19036] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  849.740763][T19036] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  849.751941][T19036] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  849.783185][T19036] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  849.785620][T19036] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  849.813453][T19036] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  849.825763][T19036] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  849.827985][T19036] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  849.832793][T19036] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  849.939783][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  850.196675][ T2109] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[  850.380074][ T2109] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  850.385991][ T2109] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  850.389155][ T2109] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  850.391878][ T2109] usb 7-1: Product: syz
[  850.393326][ T2109] usb 7-1: Manufacturer: syz
[  850.394930][ T2109] usb 7-1: SerialNumber: syz
[  850.505057][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  850.618485][ T2109] usblp 7-1:1.0: usblp1: USB Unidirectional printer dev 69 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  850.899568][T17907] usb 7-1: USB disconnect, device number 69
[  850.904824][T17907] usblp1: removed
[  851.272465][T17907] usb 13-1: USB disconnect, device number 3
[  851.288850][T17907] usblp0: removed
[  851.469178][T19055] overlayfs: failed to resolve './file0': -2
[  851.473195][ T5986] Bluetooth: hci1: unexpected event for opcode 0x0c05
[  851.504598][T19057] __nla_validate_parse: 50 callbacks suppressed
[  851.504610][T19057] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3365'.
[  851.693375][T17907] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  851.853703][T17907] usb 13-1: Using ep0 maxpacket: 16
[  851.856795][T17907] usb 13-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  851.859999][T17907] usb 13-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  851.863208][T17907] usb 13-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  851.867773][T17907] usb 13-1: config 1 interface 0 has no altsetting 0
[  851.871554][T17907] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  851.874422][T17907] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  851.877146][T17907] usb 13-1: Product: syz
[  851.878497][T17907] usb 13-1: Manufacturer: syz
[  851.880043][T17907] usb 13-1: SerialNumber: syz
[  851.917985][ T5986] Bluetooth: hci0: command 0x0c1a tx timeout
[  852.003527][ T5337] Bluetooth: hci2: command 0x0c1a tx timeout
[  852.003757][ T5986] Bluetooth: hci3: command 0x0c1a tx timeout
[  852.076026][T19058] EXT4-fs error: 11 callbacks suppressed
[  852.076038][T19058] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  852.084413][T19060] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3366'.
[  852.110761][T17907] usblp 13-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  852.119883][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  852.123554][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  852.127178][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  852.328678][  T140] usb 13-1: USB disconnect, device number 4
[  852.333501][  T140] usblp0: removed
[  852.803558][T19069] fuse: Unknown parameter '000000000000000000070x0000000000000008'
[  852.809243][T19069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3369'.
[  852.812260][T19069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3369'.
[  852.815071][T19069] netlink: 'syz.2.3369': attribute type 12 has an invalid length.
[  852.817952][T19069] netlink: 'syz.2.3369': attribute type 11 has an invalid length.
[  852.869417][  T140] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  852.939665][T19073] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  853.051134][  T140] usb 11-1: Using ep0 maxpacket: 16
[  853.054788][  T140] usb 11-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  853.057987][  T140] usb 11-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  853.061198][  T140] usb 11-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  853.065794][  T140] usb 11-1: config 1 interface 0 has no altsetting 0
[  853.069599][  T140] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  853.072761][  T140] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  853.075396][  T140] usb 11-1: Product: syz
[  853.076770][  T140] usb 11-1: Manufacturer: syz
[  853.078288][  T140] usb 11-1: SerialNumber: syz
[  853.158106][T17907] usb 13-1: new high-speed USB device number 5 using dummy_hcd
[  853.319942][T17907] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  853.327059][T17907] usb 13-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  853.330789][T17907] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[  853.333711][T17907] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  853.337237][T17907] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  853.342973][T17907] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  853.346262][T17907] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  853.347690][  T140] usblp 11-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  853.348856][T17907] usb 13-1: Product: syz
[  853.348869][T17907] usb 13-1: Manufacturer: syz
[  853.359763][T17907] cdc_wdm 13-1:1.0: skipping garbage
[  853.360343][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  853.365105][T17907] cdc_wdm 13-1:1.0: skipping garbage
[  853.365270][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  853.367800][T17907] cdc_wdm 13-1:1.0: cdc-wdm1: USB WDM device
[  853.370728][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  853.376461][T17907] cdc_wdm 13-1:1.0: Unknown control protocol
[  853.383171][T14582] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  853.386743][T14582] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  853.565211][ T2109] usb 11-1: USB disconnect, device number 6
[  853.569028][ T2109] usblp0: removed
[  853.584218][T18890] usb 13-1: USB disconnect, device number 5
[  853.619954][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  853.622904][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  853.625683][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  853.628932][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  853.631854][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  853.634803][T19078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3371'.
[  854.152311][ T5986] Bluetooth: hci0: command 0x0c1a tx timeout
[  854.227048][ T5986] Bluetooth: hci2: command 0x0c1a tx timeout
[  854.237790][ T5986] Bluetooth: hci3: command 0x0c1a tx timeout
[  855.615896][T19112] binder: BINDER_SET_CONTEXT_MGR already set
[  855.618428][T19112] binder: 19110:19112 ioctl 4018620d 800001c0 returned -16
[  855.766606][ T6059] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  855.848398][T19116] veth0_to_hsr: entered promiscuous mode
[  855.850702][T19116] veth0_to_hsr: entered allmulticast mode
[  855.855832][T19115] veth0_to_hsr: left allmulticast mode
[  855.857703][T19115] veth0_to_hsr: left promiscuous mode
[  855.926885][ T6059] usb 12-1: Using ep0 maxpacket: 16
[  855.933879][ T6059] usb 12-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  855.936996][ T6059] usb 12-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  855.940561][ T6059] usb 12-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  855.944613][ T6059] usb 12-1: config 1 interface 0 has no altsetting 0
[  855.952474][ T6059] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  855.955559][ T6059] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  855.958164][ T6059] usb 12-1: Product: syz
[  855.964217][ T6059] usb 12-1: Manufacturer: syz
[  855.967209][ T6059] usb 12-1: SerialNumber: syz
[  856.202356][ T6059] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  856.365231][ T5986] Bluetooth: hci0: command 0x0c1a tx timeout
[  856.420834][ T6043] usb 12-1: USB disconnect, device number 5
[  856.424252][ T6043] usblp0: removed
[  856.450858][ T5986] Bluetooth: hci2: command 0x0c1a tx timeout
[  856.450881][ T5337] Bluetooth: hci3: command 0x0c1a tx timeout
[  856.589674][ T2109] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  856.761999][ T2109] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  856.764879][ T2109] usb 11-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  856.768622][ T2109] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66
[  856.771914][ T2109] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  856.775439][ T2109] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  856.780265][ T2109] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  856.783596][ T2109] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  856.786314][ T2109] usb 11-1: Product: syz
[  856.787823][ T2109] usb 11-1: Manufacturer: syz
[  856.793358][ T2109] cdc_wdm 11-1:1.0: skipping garbage
[  856.795190][ T2109] cdc_wdm 11-1:1.0: skipping garbage
[  856.797695][ T2109] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  856.799966][ T2109] cdc_wdm 11-1:1.0: Unknown control protocol
[  856.988946][T19138] __nla_validate_parse: 48 callbacks suppressed
[  856.988959][T19138] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3387'.
[  857.016703][    C3] wdm_int_callback: 95 callbacks suppressed
[  857.016719][    C3] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  857.021261][    C3] wdm_int_callback: 95 callbacks suppressed
[  857.021273][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  857.025828][    C3] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  857.028286][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  857.031008][    C3] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  857.033211][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  857.036324][    C3] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  857.038958][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  857.041211][T19074] usb 11-1: USB disconnect, device number 7
[  857.787174][ T5386] EXT4-fs error: 15 callbacks suppressed
[  857.787186][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  857.794961][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  857.799676][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  857.866471][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3390'.
[  857.870105][T19147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3390'.
[  857.874669][T19147] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3390'.
[  857.878251][T19147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3390'.
[  857.881810][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3390'.
[  858.125861][T19150] cgroup: No subsys list or none specified
[  859.080594][ T6065] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  859.274649][ T6065] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  859.277458][ T6065] usb 11-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  859.282606][ T6065] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66
[  859.289454][ T6065] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  859.296527][ T6065] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  859.303344][ T6065] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  859.306749][ T6065] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  859.313527][ T6065] usb 11-1: Product: syz
[  859.314931][ T6065] usb 11-1: Manufacturer: syz
[  859.323057][ T6065] cdc_wdm 11-1:1.0: skipping garbage
[  859.326235][ T6065] cdc_wdm 11-1:1.0: skipping garbage
[  859.337564][ T6065] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  859.339861][ T6065] cdc_wdm 11-1:1.0: Unknown control protocol
[  859.354510][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  859.358833][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  859.363686][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  859.547535][    C3] cdc_wdm 11-1:1.0: nonzero urb status received: -71
[  859.547734][ T6065] usb 11-1: USB disconnect, device number 8
[  859.549731][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - 0 bytes
[  859.553847][    C3] cdc_wdm 11-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  859.607067][T19172] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3396'.
[  860.555867][T17907] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  860.628278][T19203] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  860.633471][ T1238] Bluetooth: hci4: Frame reassembly failed (-84)
[  860.635655][ T1238] Bluetooth: hci4: Frame reassembly failed (-84)
[  860.716371][T17907] usb 13-1: Using ep0 maxpacket: 16
[  860.719388][T17907] usb 13-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  860.722503][T17907] usb 13-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  860.725845][T17907] usb 13-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  860.730336][T17907] usb 13-1: config 1 interface 0 has no altsetting 0
[  860.734147][T17907] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  860.737646][T17907] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  860.740668][T17907] usb 13-1: Product: syz
[  860.742038][T17907] usb 13-1: Manufacturer: syz
[  860.743552][T17907] usb 13-1: SerialNumber: syz
[  860.800418][T19180] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  860.889582][T19206] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  861.003020][T17907] usblp 13-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  861.011627][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  861.016390][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  861.020014][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  861.025171][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  862.049726][T19217] FAULT_INJECTION: forcing a failure.
[  862.049726][T19217] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  862.055072][T19217] CPU: 3 UID: 0 PID: 19217 Comm: syz.2.3405 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  862.055101][T19217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  862.055112][T19217] Call Trace:
[  862.055132][T19217]  <TASK>
[  862.055142][T19217]  dump_stack_lvl+0x16c/0x1f0
[  862.055203][T19217]  should_fail_ex+0x512/0x640
[  862.055236][T19217]  should_fail_alloc_page+0xe7/0x130
[  862.055262][T19217]  prepare_alloc_pages+0x3c2/0x610
[  862.055292][T19217]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  862.055313][T19217]  ? __bpf_trace_sched_switch+0x145/0x190
[  862.055335][T19217]  ? lock_acquire+0x179/0x350
[  862.055357][T19217]  ? find_held_lock+0x2b/0x80
[  862.055379][T19217]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  862.055399][T19217]  ? finish_task_switch.isra.0+0x221/0xc10
[  862.055419][T19217]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  862.055445][T19217]  ? __lock_acquire+0x62e/0x1ce0
[  862.055470][T19217]  ? __lock_acquire+0xb97/0x1ce0
[  862.055490][T19217]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  862.055518][T19217]  ? policy_nodemask+0xea/0x4e0
[  862.055544][T19217]  alloc_pages_mpol+0x1fb/0x550
[  862.055568][T19217]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  862.055589][T19217]  ? page_table_check_set+0x627/0x750
[  862.055619][T19217]  alloc_pages_noprof+0x131/0x390
[  862.055643][T19217]  pte_alloc_one+0x1c/0x3a0
[  862.055664][T19217]  __pte_alloc+0x6d/0x3c0
[  862.055687][T19217]  ? __pfx___pte_alloc+0x10/0x10
[  862.055709][T19217]  ? __lock_acquire+0x62e/0x1ce0
[  862.055737][T19217]  do_pte_missing+0x285a/0x3ba0
[  862.055757][T19217]  ? mtree_range_walk+0x718/0xc00
[  862.055791][T19217]  ? find_held_lock+0x2b/0x80
[  862.055810][T19217]  __handle_mm_fault+0x152a/0x2a50
[  862.055837][T19217]  ? __pfx___handle_mm_fault+0x10/0x10
[  862.055880][T19217]  handle_mm_fault+0x589/0xd10
[  862.055905][T19217]  __get_user_pages+0x551/0x34a0
[  862.055939][T19217]  ? down_read_killable+0x220/0x4b0
[  862.055960][T19217]  ? find_held_lock+0x2b/0x80
[  862.055976][T19217]  ? __pfx___get_user_pages+0x10/0x10
[  862.056001][T19217]  ? __gup_longterm_locked+0x1171/0x17e0
[  862.056033][T19217]  __gup_longterm_locked+0xa92/0x17e0
[  862.056066][T19217]  ? __pfx___gup_longterm_locked+0x10/0x10
[  862.056096][T19217]  ? find_held_lock+0x2b/0x80
[  862.056114][T19217]  ? sanity_check_pinned_pages+0x23/0x11d0
[  862.056144][T19217]  gup_fast_fallback+0xf78/0x23f0
[  862.056177][T19217]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  862.056207][T19217]  ? __pfx_gup_fast_fallback+0x10/0x10
[  862.056248][T19217]  pin_user_pages_fast+0xa7/0xf0
[  862.056273][T19217]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  862.056298][T19217]  ? find_held_lock+0x2b/0x80
[  862.056315][T19217]  ? iov_iter_advance+0x7d/0x6c0
[  862.056343][T19217]  iov_iter_extract_pages+0x3a2/0x1ed0
[  862.056379][T19217]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  862.056407][T19217]  ? xxh64_update+0x5f2/0xa50
[  862.056426][T19217]  ? xxh64_update+0x101/0xa50
[  862.056455][T19217]  extract_iter_to_sg+0xf6e/0x20c0
[  862.056480][T19217]  ? crypto_hash_walk_done+0x63/0x400
[  862.056505][T19217]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  862.056523][T19217]  ? gup_put_folio+0x8d/0x260
[  862.056549][T19217]  ? __pfx_unpin_user_page+0x10/0x10
[  862.056587][T19217]  hash_sendmsg+0x43e/0xfb0
[  862.056621][T19217]  __sys_sendto+0x4a3/0x520
[  862.056639][T19217]  ? __pfx___sys_sendto+0x10/0x10
[  862.056681][T19217]  ? ksys_write+0x1ac/0x250
[  862.056701][T19217]  ? __pfx_ksys_write+0x10/0x10
[  862.056725][T19217]  __ia32_sys_sendto+0xdd/0x1b0
[  862.056740][T19217]  ? lockdep_hardirqs_on+0x7c/0x110
[  862.056759][T19217]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  862.056784][T19217]  __do_fast_syscall_32+0x7c/0x3a0
[  862.056806][T19217]  do_fast_syscall_32+0x32/0x80
[  862.056826][T19217]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  862.056847][T19217] RIP: 0023:0xf7f44579
[  862.056863][T19217] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  862.056879][T19217] RSP: 002b:00000000f542455c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  862.056897][T19217] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[  862.056909][T19217] RDX: 00000000fffffcf6 RSI: 0000000000000000 RDI: 0000000000000000
[  862.056920][T19217] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  862.056930][T19217] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  862.056940][T19217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  862.056965][T19217]  </TASK>
[  862.779546][ T5986] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  862.779581][ T5337] Bluetooth: hci4: command 0x1003 tx timeout
[  862.863782][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.867195][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.870234][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.873084][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.875574][T19226] overlayfs: failed to resolve './file0': -2
[  862.877039][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.881621][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.883881][ T5986] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  862.884546][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.890549][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.893425][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.896466][T19224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3409'.
[  862.974230][T19231] FAULT_INJECTION: forcing a failure.
[  862.974230][T19231] name failslab, interval 1, probability 0, space 0, times 0
[  862.978204][T19231] CPU: 0 UID: 0 PID: 19231 Comm: syz.6.3412 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  862.978221][T19231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  862.978229][T19231] Call Trace:
[  862.978234][T19231]  <TASK>
[  862.978239][T19231]  dump_stack_lvl+0x16c/0x1f0
[  862.978256][T19231]  should_fail_ex+0x512/0x640
[  862.978270][T19231]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  862.978286][T19231]  should_failslab+0xc2/0x120
[  862.978301][T19231]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  862.978316][T19231]  ? __alloc_skb+0x2b2/0x380
[  862.978330][T19231]  __alloc_skb+0x2b2/0x380
[  862.978341][T19231]  ? __pfx___alloc_skb+0x10/0x10
[  862.978351][T19231]  ? __page_table_check_zero+0x346/0x5d0
[  862.978368][T19231]  ? __pfx___page_table_check_zero+0x10/0x10
[  862.978384][T19231]  alloc_skb_with_frags+0xe0/0x860
[  862.978399][T19231]  ? post_alloc_hook+0x1af/0x230
[  862.978414][T19231]  sock_alloc_send_pskb+0x7fb/0x990
[  862.978430][T19231]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  862.978442][T19231]  ? rcu_is_watching+0x12/0xc0
[  862.978454][T19231]  ? trace_mm_page_alloc+0x11f/0x1a0
[  862.978473][T19231]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  862.978489][T19231]  unix_dgram_sendmsg+0x3e9/0x17f0
[  862.978506][T19231]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  862.978540][T19231]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  862.978556][T19231]  ? __import_iovec+0x1dd/0x650
[  862.978572][T19231]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  862.978592][T19231]  ____sys_sendmsg+0xa98/0xc70
[  862.978609][T19231]  ? __pfx_____sys_sendmsg+0x10/0x10
[  862.978624][T19231]  ? get_compat_msghdr+0x11a/0x170
[  862.978638][T19231]  ? __pfx__kstrtoull+0x10/0x10
[  862.978652][T19231]  ___sys_sendmsg+0x134/0x1d0
[  862.978665][T19231]  ? __pfx____sys_sendmsg+0x10/0x10
[  862.978694][T19231]  __sys_sendmmsg+0x2f9/0x420
[  862.978707][T19231]  ? __pfx___sys_sendmmsg+0x10/0x10
[  862.978724][T19231]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  862.978743][T19231]  ? fput+0x9b/0xd0
[  862.978762][T19231]  ? ksys_write+0x1ac/0x250
[  862.978775][T19231]  ? __pfx_ksys_write+0x10/0x10
[  862.978791][T19231]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  862.978803][T19231]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  862.978816][T19231]  __do_fast_syscall_32+0x7c/0x3a0
[  862.978831][T19231]  do_fast_syscall_32+0x32/0x80
[  862.978844][T19231]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  862.978859][T19231] RIP: 0023:0xf706e579
[  862.978869][T19231] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  862.978880][T19231] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  862.978892][T19231] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  862.978899][T19231] RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000000
[  862.978906][T19231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  862.978912][T19231] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  862.978919][T19231] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  862.978933][T19231]  </TASK>
[  863.190141][T19242] EXT4-fs error: 10 callbacks suppressed
[  863.190153][T19242] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  863.278553][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  863.278566][   T40] audit: type=1804 audit(1754556514.338:250): pid=19243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3413" name="/newroot/48/file0/file0" dev="9p" ino=35913893 res=1 errno=0
[  863.431166][T17907] usb 13-1: USB disconnect, device number 6
[  863.446645][T17907] usblp0: removed
[  863.478403][T19246] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:7: iget: checksum invalid
[  863.483533][T19247] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:7: iget: checksum invalid
[  864.060087][T19260] overlayfs: failed to resolve './file0': -2
[  864.063255][ T5986] Bluetooth: hci1: unexpected event for opcode 0x0c05
[  864.130085][   T40] audit: type=1400 audit(1754556515.143:251): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=19263 comm="syz.8.3423"
[  864.130838][T19265] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm kworker/u32:2: iget: checksum invalid
[  864.207256][T19268] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[  864.207256][T19268]    program syz.6.3421 not setting count and/or reply_len properly
[  864.357288][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  864.360875][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  864.371415][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  864.966050][T19287] binder_alloc: 19284: binder_alloc_buf, no vma
[  865.126556][T19289] ip_vti0: entered promiscuous mode
[  865.128375][T19289] ip_vti0: entered allmulticast mode
[  865.216830][T19294] FAULT_INJECTION: forcing a failure.
[  865.216830][T19294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  865.221057][T19294] CPU: 2 UID: 0 PID: 19294 Comm: syz.6.3429 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  865.221073][T19294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  865.221080][T19294] Call Trace:
[  865.221084][T19294]  <TASK>
[  865.221088][T19294]  dump_stack_lvl+0x16c/0x1f0
[  865.221105][T19294]  should_fail_ex+0x512/0x640
[  865.221121][T19294]  _copy_from_user+0x2e/0xd0
[  865.221137][T19294]  userfaultfd_ioctl+0x20d2/0x3930
[  865.221157][T19294]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  865.221175][T19294]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  865.221193][T19294]  ? do_vfs_ioctl+0x128/0x14f0
[  865.221210][T19294]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  865.221231][T19294]  ? find_held_lock+0x2b/0x80
[  865.221242][T19294]  ? hook_file_ioctl_common+0x145/0x410
[  865.221259][T19294]  ? __fget_files+0x20e/0x3c0
[  865.221273][T19294]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  865.221290][T19294]  ? compat_ptr_ioctl+0x6b/0xa0
[  865.221306][T19294]  compat_ptr_ioctl+0x6b/0xa0
[  865.221322][T19294]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  865.221339][T19294]  __ia32_compat_sys_ioctl+0x23f/0x370
[  865.221358][T19294]  __do_fast_syscall_32+0x7c/0x3a0
[  865.221373][T19294]  do_fast_syscall_32+0x32/0x80
[  865.221385][T19294]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  865.221399][T19294] RIP: 0023:0xf706e579
[  865.221409][T19294] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  865.221420][T19294] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  865.221431][T19294] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c028aa03
[  865.221438][T19294] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  865.221445][T19294] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  865.221451][T19294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  865.221458][T19294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  865.221471][T19294]  </TASK>
[  865.300135][    C2] vkms_vblank_simulate: vblank timer overrun
[  865.361231][ T5688] EXT4-fs error (device sda1): ext4_lookup:1787: inode #125: comm dhcpcd: iget: checksum invalid
[  865.369250][T19304] overlayfs: failed to resolve './file0': -2
[  865.369935][T19305] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  865.381133][T19306] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1259: comm dhcpcd: iget: checksum invalid
[  865.741550][T19315] FAULT_INJECTION: forcing a failure.
[  865.741550][T19315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  865.746177][T19315] CPU: 2 UID: 0 PID: 19315 Comm: syz.7.3435 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  865.746196][T19315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  865.746203][T19315] Call Trace:
[  865.746208][T19315]  <TASK>
[  865.746212][T19315]  dump_stack_lvl+0x16c/0x1f0
[  865.746228][T19315]  should_fail_ex+0x512/0x640
[  865.746245][T19315]  _copy_to_user+0x32/0xd0
[  865.746262][T19315]  simple_read_from_buffer+0xcb/0x170
[  865.746276][T19315]  proc_fail_nth_read+0x197/0x240
[  865.746289][T19315]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  865.746318][T19315]  ? rw_verify_area+0xcf/0x6c0
[  865.746330][T19315]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  865.746342][T19315]  vfs_read+0x1e4/0xc60
[  865.746358][T19315]  ? __pfx_vfs_read+0x10/0x10
[  865.746370][T19315]  ? find_held_lock+0x2b/0x80
[  865.746386][T19315]  ? __fget_files+0x20e/0x3c0
[  865.746403][T19315]  ksys_read+0x12a/0x250
[  865.746415][T19315]  ? __pfx_ksys_read+0x10/0x10
[  865.746428][T19315]  ? fput+0x9b/0xd0
[  865.746444][T19315]  ? rcu_is_watching+0x12/0xc0
[  865.746458][T19315]  __do_fast_syscall_32+0x7c/0x3a0
[  865.746472][T19315]  do_fast_syscall_32+0x32/0x80
[  865.746486][T19315]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  865.746526][T19315] RIP: 0023:0xf70de579
[  865.746536][T19315] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  865.746548][T19315] RSP: 002b:00000000f54ce590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  865.746559][T19315] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54ce620
[  865.746566][T19315] RDX: 000000000000000f RSI: 00000000f7444ff4 RDI: 0000000000000000
[  865.746573][T19315] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  865.746579][T19315] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  865.746586][T19315] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  865.746600][T19315]  </TASK>
[  865.818881][    C2] vkms_vblank_simulate: vblank timer overrun
[  865.878321][T19324] FAULT_INJECTION: forcing a failure.
[  865.878321][T19324] name failslab, interval 1, probability 0, space 0, times 0
[  865.894462][T19324] CPU: 3 UID: 0 PID: 19324 Comm: syz.7.3437 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  865.894480][T19324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  865.894506][T19324] Call Trace:
[  865.894512][T19324]  <TASK>
[  865.894518][T19324]  dump_stack_lvl+0x16c/0x1f0
[  865.894534][T19324]  should_fail_ex+0x512/0x640
[  865.894549][T19324]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  865.894563][T19324]  should_failslab+0xc2/0x120
[  865.894579][T19324]  __kmalloc_cache_noprof+0x6a/0x3e0
[  865.894591][T19324]  ? ____ip_mc_inc_group+0x403/0x10f0
[  865.894606][T19324]  ____ip_mc_inc_group+0x403/0x10f0
[  865.894618][T19324]  ? trace_kmalloc+0x21/0xd0
[  865.894634][T19324]  ? __pfx_____ip_mc_inc_group+0x10/0x10
[  865.894651][T19324]  __ip_mc_join_group+0x451/0x600
[  865.894668][T19324]  do_ip_setsockopt+0x2d6f/0x3130
[  865.894686][T19324]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  865.894710][T19324]  ? aa_sk_perm+0x2f4/0xb10
[  865.894729][T19324]  ? __pfx_aa_sk_perm+0x10/0x10
[  865.894744][T19324]  ip_setsockopt+0x59/0xf0
[  865.894761][T19324]  tcp_setsockopt+0xa4/0x100
[  865.894779][T19324]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  865.894796][T19324]  do_sock_setsockopt+0xf0/0x1d0
[  865.894812][T19324]  __sys_setsockopt+0x120/0x1a0
[  865.894826][T19324]  __ia32_sys_setsockopt+0xbc/0x160
[  865.894837][T19324]  ? lockdep_hardirqs_on+0x7c/0x110
[  865.894849][T19324]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  865.894862][T19324]  __do_fast_syscall_32+0x7c/0x3a0
[  865.894876][T19324]  do_fast_syscall_32+0x32/0x80
[  865.894889][T19324]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  865.894904][T19324] RIP: 0023:0xf70de579
[  865.894914][T19324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  865.894925][T19324] RSP: 002b:00000000f54ce55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  865.894936][T19324] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000000000
[  865.894943][T19324] RDX: 0000000000000027 RSI: 0000000080000180 RDI: 000000000000000c
[  865.894950][T19324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  865.894956][T19324] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  865.894963][T19324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  865.894976][T19324]  </TASK>
[  865.976802][T19328] overlayfs: failed to resolve './file0': -2
[  865.979657][ T5986] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  866.396455][T19348] overlayfs: failed to resolve './file0': -2
[  866.405328][T19346] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  866.473265][T19351] FAULT_INJECTION: forcing a failure.
[  866.473265][T19351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.482099][T19351] CPU: 3 UID: 0 PID: 19351 Comm: syz.8.3451 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  866.482119][T19351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  866.482126][T19351] Call Trace:
[  866.482131][T19351]  <TASK>
[  866.482136][T19351]  dump_stack_lvl+0x16c/0x1f0
[  866.482154][T19351]  should_fail_ex+0x512/0x640
[  866.482170][T19351]  _copy_to_user+0x32/0xd0
[  866.482188][T19351]  simple_read_from_buffer+0xcb/0x170
[  866.482202][T19351]  proc_fail_nth_read+0x197/0x240
[  866.482215][T19351]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  866.482228][T19351]  ? rw_verify_area+0xcf/0x6c0
[  866.482240][T19351]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  866.482253][T19351]  vfs_read+0x1e4/0xc60
[  866.482268][T19351]  ? __pfx_vfs_read+0x10/0x10
[  866.482280][T19351]  ? find_held_lock+0x2b/0x80
[  866.482296][T19351]  ? __fget_files+0x20e/0x3c0
[  866.482312][T19351]  ksys_read+0x12a/0x250
[  866.482325][T19351]  ? __pfx_ksys_read+0x10/0x10
[  866.482339][T19351]  ? rcu_is_watching+0x12/0xc0
[  866.482353][T19351]  __do_fast_syscall_32+0x7c/0x3a0
[  866.482368][T19351]  do_fast_syscall_32+0x32/0x80
[  866.482381][T19351]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  866.482395][T19351] RIP: 0023:0xf7fe5579
[  866.482405][T19351] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  866.482416][T19351] RSP: 002b:00000000f5506590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  866.482427][T19351] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5506620
[  866.482435][T19351] RDX: 000000000000000f RSI: 00000000f7474ff4 RDI: 0000000000000000
[  866.482442][T19351] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  866.482448][T19351] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  866.482455][T19351] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  866.482469][T19351]  </TASK>
[  866.657717][T19352] netlink: 'syz.6.3450': attribute type 1 has an invalid length.
[  866.681025][T19352] 8021q: adding VLAN 0 to HW filter on device bond1
[  866.805007][T19368] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  866.827712][   T61] IPVS: starting estimator thread 0...
[  866.882940][T19379] overlayfs: failed to resolve './file0': -2
[  866.911662][T19381] FAULT_INJECTION: forcing a failure.
[  866.911662][T19381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.915840][T19381] CPU: 0 UID: 0 PID: 19381 Comm: syz.6.3459 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  866.915858][T19381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  866.915865][T19381] Call Trace:
[  866.915870][T19381]  <TASK>
[  866.915875][T19381]  dump_stack_lvl+0x16c/0x1f0
[  866.915892][T19381]  should_fail_ex+0x512/0x640
[  866.915909][T19381]  _copy_from_iter+0x29f/0x16f0
[  866.915928][T19381]  ? __alloc_skb+0x200/0x380
[  866.915940][T19381]  ? __pfx__copy_from_iter+0x10/0x10
[  866.915956][T19381]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  866.915974][T19381]  netlink_sendmsg+0x829/0xdd0
[  866.915989][T19381]  ? __pfx_netlink_sendmsg+0x10/0x10
[  866.916003][T19381]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  866.916038][T19381]  ____sys_sendmsg+0xa98/0xc70
[  866.916056][T19381]  ? __pfx_____sys_sendmsg+0x10/0x10
[  866.916070][T19381]  ? get_compat_msghdr+0x11a/0x170
[  866.916088][T19381]  ___sys_sendmsg+0x134/0x1d0
[  866.916101][T19381]  ? __pfx____sys_sendmsg+0x10/0x10
[  866.916120][T19381]  ? find_held_lock+0x2b/0x80
[  866.916141][T19381]  __sys_sendmsg+0x16d/0x220
[  866.916154][T19381]  ? __pfx___sys_sendmsg+0x10/0x10
[  866.916172][T19381]  ? rcu_is_watching+0x12/0xc0
[  866.916186][T19381]  __do_fast_syscall_32+0x7c/0x3a0
[  866.916201][T19381]  do_fast_syscall_32+0x32/0x80
[  866.916214][T19381]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  866.916228][T19381] RIP: 0023:0xf706e579
[  866.916238][T19381] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  866.916249][T19381] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  866.916260][T19381] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  866.916268][T19381] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000000
[  866.916275][T19381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  866.916281][T19381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  866.916288][T19381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  866.916302][T19381]  </TASK>
[  866.985431][T19374] IPVS: using max 46 ests per chain, 110400 per kthread
[  867.083644][T19388] sit1: entered promiscuous mode
[  867.085368][T19388] sit1: entered allmulticast mode
[  867.126250][T19384] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13)
[  867.128518][T19384] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  867.131177][T19384] vhci_hcd vhci_hcd.0: Device attached
[  867.140701][T19389] vhci_hcd: connection closed
[  867.152247][T15834] vhci_hcd: stop threads
[  867.155179][T15834] vhci_hcd: release socket
[  867.156616][T15834] vhci_hcd: disconnect device
[  867.463284][T19410] FAULT_INJECTION: forcing a failure.
[  867.463284][T19410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  867.467533][T19410] CPU: 1 UID: 0 PID: 19410 Comm: syz.6.3467 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  867.467551][T19410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  867.467559][T19410] Call Trace:
[  867.467565][T19410]  <TASK>
[  867.467570][T19410]  dump_stack_lvl+0x16c/0x1f0
[  867.467587][T19410]  should_fail_ex+0x512/0x640
[  867.467604][T19410]  _copy_from_user+0x2e/0xd0
[  867.467620][T19410]  dev_ethtool+0x15b/0x5bc0
[  867.467637][T19410]  ? stack_depot_save_flags+0x29/0x9c0
[  867.467651][T19410]  ? __lock_acquire+0xb97/0x1ce0
[  867.467668][T19410]  ? kasan_save_stack+0x42/0x60
[  867.467682][T19410]  ? kasan_save_stack+0x33/0x60
[  867.467694][T19410]  ? kasan_save_track+0x14/0x30
[  867.467706][T19410]  ? kfree+0x2b4/0x4d0
[  867.467717][T19410]  ? __pfx_dev_ethtool+0x10/0x10
[  867.467732][T19410]  ? __do_fast_syscall_32+0x7c/0x3a0
[  867.467744][T19410]  ? do_fast_syscall_32+0x32/0x80
[  867.467756][T19410]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  867.467786][T19410]  ? kasan_quarantine_put+0x10a/0x240
[  867.467798][T19410]  ? lockdep_hardirqs_on+0x7c/0x110
[  867.467812][T19410]  ? find_held_lock+0x2b/0x80
[  867.467825][T19410]  ? __lock_acquire+0x62e/0x1ce0
[  867.467843][T19410]  ? rcu_is_watching+0x12/0xc0
[  867.467869][T19410]  ? trace_cap_capable+0x18d/0x200
[  867.467888][T19410]  ? cap_capable+0xb3/0x250
[  867.467906][T19410]  ? security_capable+0x250/0x260
[  867.467923][T19410]  ? capable+0x83/0x110
[  867.467936][T19410]  dev_ioctl+0x290/0x1060
[  867.467954][T19410]  compat_sock_ioctl+0x42e/0x730
[  867.467972][T19410]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  867.467987][T19410]  ? hook_file_ioctl_common+0x145/0x410
[  867.468004][T19410]  ? __fget_files+0x20e/0x3c0
[  867.468021][T19410]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  867.468036][T19410]  __ia32_compat_sys_ioctl+0x23f/0x370
[  867.468056][T19410]  __do_fast_syscall_32+0x7c/0x3a0
[  867.468070][T19410]  do_fast_syscall_32+0x32/0x80
[  867.468083][T19410]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  867.468097][T19410] RIP: 0023:0xf706e579
[  867.468106][T19410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  867.468118][T19410] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  867.468129][T19410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  867.468136][T19410] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  867.468142][T19410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  867.468149][T19410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  867.468155][T19410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  867.468169][T19410]  </TASK>
[  867.578613][T19412] overlayfs: failed to resolve './file0': -2
[  868.552499][   T61] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  868.744883][   T61] usb 12-1: Using ep0 maxpacket: 16
[  868.748254][   T61] usb 12-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  868.751471][   T61] usb 12-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  868.754570][   T61] usb 12-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  868.758865][   T61] usb 12-1: config 1 interface 0 has no altsetting 0
[  868.762822][   T61] usb 12-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  868.765679][   T61] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  868.768316][   T61] usb 12-1: Product: syz
[  868.769785][   T61] usb 12-1: Manufacturer: syz
[  868.771300][   T61] usb 12-1: SerialNumber: syz
[  868.784277][T14580] EXT4-fs error: 7 callbacks suppressed
[  868.784289][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  868.786145][    C3] 
[  868.786151][    C3] =============================
[  868.786154][    C3] [ BUG: Invalid wait context ]
[  868.786159][    C3] 6.16.0-syzkaller-11895-gcca7a0aae895 #0 Not tainted
[  868.786165][    C3] -----------------------------
[  868.786168][    C3] udevd/14580 is trying to lock:
[  868.786173][    C3] ffff888013c41410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x254/0xeb0
[  868.786205][    C3] other info that might help us debug this:
[  868.786208][    C3] context-{2:2}
[  868.786212][    C3] 4 locks held by udevd/14580:
[  868.786218][    C3]  #0: ffff888044f846d0 (&type->i_mutex_dir_key#3){++++}-{4:4}, at: walk_component+0x345/0x5b0
[  868.786244][    C3]  #1: ffffffff8e5aea60 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  868.786270][    C3]  #2: ffffffff8e5aead0 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  868.786292][    C3]  #3: ffff888013c41960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x23a/0xeb0
[  868.786318][    C3] stack backtrace:
[  868.786324][    C3] CPU: 3 UID: 0 PID: 14580 Comm: udevd Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895 #0 PREEMPT(full) 
[  868.786335][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  868.786341][    C3] Call Trace:
[  868.786344][    C3]  <IRQ>
[  868.786348][    C3]  dump_stack_lvl+0x116/0x1f0
[  868.786360][    C3]  __lock_acquire+0xa27/0x1ce0
[  868.786372][    C3]  ? __lock_acquire+0xb97/0x1ce0
[  868.786386][    C3]  lock_acquire+0x179/0x350
[  868.786398][    C3]  ? kvm_xen_set_evtchn_fast+0x254/0xeb0
[  868.786414][    C3]  _raw_read_lock_irqsave+0x46/0x90
[  868.786423][    C3]  ? kvm_xen_set_evtchn_fast+0x254/0xeb0
[  868.786437][    C3]  kvm_xen_set_evtchn_fast+0x254/0xeb0
[  868.786451][    C3]  ? kvm_xen_set_evtchn_fast+0x23a/0xeb0
[  868.786485][    C3]  ? __pfx_kvm_xen_set_evtchn_fast+0x10/0x10
[  868.786500][    C3]  ? do_raw_spin_unlock+0x172/0x230
[  868.786514][    C3]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  868.786529][    C3]  ? debug_object_deactivate+0x1ec/0x3a0
[  868.786545][    C3]  ? __pfx_xen_timer_callback+0x10/0x10
[  868.786558][    C3]  xen_timer_callback+0x1db/0x2a0
[  868.786572][    C3]  ? __pfx_xen_timer_callback+0x10/0x10
[  868.786586][    C3]  ? do_raw_spin_unlock+0x172/0x230
[  868.786600][    C3]  __hrtimer_run_queues+0x5ea/0xad0
[  868.786611][    C3]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  868.786620][    C3]  ? read_tsc+0x9/0x20
[  868.786632][    C3]  ? rcu_is_watching+0x12/0xc0
[  868.786643][    C3]  hrtimer_interrupt+0x397/0x8e0
[  868.786654][    C3]  __sysvec_apic_timer_interrupt+0x10b/0x3f0
[  868.786664][    C3]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  868.786674][    C3]  </IRQ>
[  868.786677][    C3]  <TASK>
[  868.786681][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  868.786691][    C3] RIP: 0010:console_flush_all+0x9a2/0xc60
[  868.786701][    C3] Code: 00 e8 a2 bc 28 00 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 70 d2 20 00 48 85 db 0f 85 55 01 00 00 e8 f2 d6 20 00 fb 4c 89 e0 <48> c1 e8 03 42 80 3c 38 00 0f 84 11 ff ff ff 4c 89 e7 e8 f7 33 86
[  868.786711][    C3] RSP: 0018:ffffc90003c57140 EFLAGS: 00000293
[  868.786719][    C3] RAX: ffffffff8f2eca38 RBX: 0000000000000000 RCX: ffffffff819a38c0
[  868.786725][    C3] RDX: ffff888043f0c880 RSI: ffffffff819a38ce RDI: 0000000000000007
[  868.786732][    C3] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  868.786737][    C3] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8f2eca38
[  868.786746][    C3] R13: ffffffff8f2ec9e0 R14: ffffc90003c571d0 R15: dffffc0000000000
[  868.786754][    C3]  ? console_flush_all+0x990/0xc60
[  868.786763][    C3]  ? console_flush_all+0x99e/0xc60
[  868.786774][    C3]  ? __pfx_console_flush_all+0x10/0x10
[  868.786784][    C3]  ? is_printk_cpu_sync_owner+0x32/0x40
[  868.786795][    C3]  console_unlock+0xd8/0x210
[  868.786804][    C3]  ? __pfx_console_unlock+0x10/0x10
[  868.786813][    C3]  ? _printk+0xc7/0x100
[  868.786825][    C3]  ? __down_trylock_console_sem+0xb0/0x140
[  868.786838][    C3]  vprintk_emit+0x418/0x6d0
[  868.786848][    C3]  ? __pfx_vprintk_emit+0x10/0x10
[  868.786857][    C3]  ? find_held_lock+0x2b/0x80
[  868.786867][    C3]  _printk+0xc7/0x100
[  868.786878][    C3]  ? __pfx__printk+0x10/0x10
[  868.786891][    C3]  ? __pfx____ratelimit+0x10/0x10
[  868.786901][    C3]  __ext4_error_inode+0x4f9/0x6d0
[  868.786915][    C3]  ? __pfx___ext4_error_inode+0x10/0x10
[  868.786927][    C3]  ? _raw_spin_unlock+0x28/0x50
[  868.786941][    C3]  ? iget_locked+0x1c6/0x830
[  868.786953][    C3]  ? __ext4_check_dir_entry+0x3f1/0x7f0
[  868.786965][    C3]  ? crc32c+0x1ae/0x360
[  868.786976][    C3]  ? ext4_inode_csum+0x172/0x380
[  868.786991][    C3]  ? __pfx_ext4_inode_csum+0x10/0x10
[  868.787005][    C3]  ? crc32c+0x1ae/0x360
[  868.787016][    C3]  __ext4_iget+0x31af/0x4670
[  868.787030][    C3]  ? __pfx___ext4_iget+0x10/0x10
[  868.787043][    C3]  ext4_lookup+0x37c/0x730
[  868.787057][    C3]  ? __pfx_ext4_lookup+0x10/0x10
[  868.787071][    C3]  ? __lock_acquire+0xb97/0x1ce0
[  868.787084][    C3]  ? lockdep_init_map_type+0x5c/0x280
[  868.787098][    C3]  __lookup_slow+0x251/0x460
[  868.787112][    C3]  ? __pfx___lookup_slow+0x10/0x10
[  868.787129][    C3]  ? lookup_fast+0x156/0x610
[  868.787139][    C3]  walk_component+0x353/0x5b0
[  868.787148][    C3]  link_path_walk+0x627/0xe20
[  868.787160][    C3]  path_openat+0x1b0/0x2cb0
[  868.787169][    C3]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  868.787180][    C3]  ? __pfx_path_openat+0x10/0x10
[  868.787192][    C3]  do_filp_open+0x20b/0x470
[  868.787203][    C3]  ? __pfx_do_filp_open+0x10/0x10
[  868.787217][    C3]  ? alloc_fd+0x471/0x7d0
[  868.787228][    C3]  do_sys_openat2+0x11b/0x1d0
[  868.787242][    C3]  ? __pfx_do_sys_openat2+0x10/0x10
[  868.787258][    C3]  __x64_sys_openat+0x174/0x210
[  868.787272][    C3]  ? __pfx___x64_sys_openat+0x10/0x10
[  868.787289][    C3]  do_syscall_64+0xcd/0x490
[  868.787300][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  868.787309][    C3] RIP: 0033:0x7fd95fea7407
[  868.787317][    C3] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  868.787326][    C3] RSP: 002b:00007ffc91f158b0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  868.787335][    C3] RAX: ffffffffffffffda RBX: 00007fd96061e880 RCX: 00007fd95fea7407
[  868.787341][    C3] RDX: 0000000000080000 RSI: 00007ffc91f15a60 RDI: ffffffffffffff9c
[  868.787347][    C3] RBP: 0000000000000008 R08: 0000000000000000 R09: 0000000000000000
[  868.787352][    C3] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fd9606b253b
[  868.787358][    C3] R13: 00007fd9606b253b R14: 0000000000000001 R15: 00007fd9606b7920
[  868.787366][    C3]  </TASK>
[  869.080869][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  869.084494][T14580] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1135: comm udevd: iget: checksum invalid
[  869.325694][   T61] usblp 12-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  871.275561][T18914] usb 12-1: USB disconnect, device number 6
[  871.277791][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  871.278958][T18914] usblp0: removed
[  871.281869][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  871.287168][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  874.513528][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  874.519044][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid
[  874.523612][ T5386] EXT4-fs error (device sda1): ext4_lookup:1787: inode #1222: comm udevd: iget: checksum invalid

VM DIAGNOSIS:
08:48:59  Registers:
info registers vcpu 0

CPU#0
EAX=84915a9f EBX=ffffffff ECX=84915aa9 EDX=0003856f
ESI=f7404fe8 EDI=f6c6f008 EBP=f7f35610 ESP=ffbac920
EIP=f70ae701 EFL=00000286 [--S--P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 581d7440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000569dc4c0 CR3=00000000761d8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffea0001cbf3c0 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff81f7a64e RDI=ffff88807ffdbc28 RBP=0000000000000000 RSP=ffffc9000217eef0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=1ffffffff1cb97d9
R12=ffff88807ffdbc28 R13=1ffff9200042fde2 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81bb0fc8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975cc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032f19ffc CR3=00000000776d3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b541d40 RCX=ffffffff81af13b1 RDX=ffff888024d50000
RSI=ffffffff81af138b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900042af888
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=dffffc0000000000 R13=ffffed10056a83a9 R14=0000000000000001 R15=0000000000000003
RIP=ffffffff81af138d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976cc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032f1cffc CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85609ad5 RDI=ffffffff9b0f07c0 RBP=ffffffff9b0f0780 RSP=ffffc90003c56ff8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0f0780 R15=ffffffff85609a70
RIP=ffffffff85609aff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd96061e880 ffffffff 00c00000
GS =0000 ffff8880977cc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f543dda4 CR3=000000004cfc0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000100010 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc91f15a40 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffff0f0e0d0c0b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055d7d8488cb0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002730306e69 3130706931306373
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffff000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 646431b3bc2d0434 646431b3bc2e4064
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 646431b3bc2e406c 646431b3bc2e406c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 62696c2f646f6d6b 62696c006e69746c 6975622e73656c75 646f6d006e69622e
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 474c490a414a484e 474c49004b4c5149 4c50470b56404950 414a48004b4c470b
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0e60ec7e901b5961 000055d285377135 0000000000000221 000000302e313a31
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e617020343d7372 6f6e696d5f796361 67656c5f6d756e5f 6964656d6f632e69
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64656d6f63203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000530353932 0000000000000021 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000