last executing test programs:

1.747153382s ago: executing program 1 (id=848):
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000000)={0x8, 0x45, {<r0=>0xffffffffffffffff}, {<r1=>0x0}, 0x9, 0x1})
ptrace$setsig(0x4203, r0, 0x6312, &(0x7f0000000040)={0x34, 0x181, 0xfa09})
r2 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r2, 0x12, &(0x7f00000000c0)={0xf, 0x100, 0x7}, 0x0)
rt_sigqueueinfo(r0, 0x7, &(0x7f0000000140)={0x24, 0xfffffff8, 0x2})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000001c0), 0x242, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r4, 0xc0585604, &(0x7f0000000200)={0x0, 0x0, {0x0, 0x0, 0x201c, 0x0, 0xa, 0x7, 0x0, 0x1}})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000280)=0x13, 0x12)
sync_file_range(r4, 0x8, 0x3, 0xbdaddb80535805ca)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000440)={0x1, 0x1, 0x1000, 0x4b, &(0x7f00000002c0)="d669a9702eeaab92546ecccc74393bc14ab0357b12e60e6376d424d71a54d9722809db2143e76c00992647f0875cfc1165f05cebac07436c3ac0a4367471d5b4effcdeccec3403e48fab09", 0xc3, 0x0, &(0x7f0000000340)="78f31141e4fa5c9d72c985fec6d86abeb03676b7bbc0d1eeb0def8086b959adbeeff4d4446fc2c2d20256793ac391c72c1ea7f61303fcb00049a9f0c69f82f76a1f25cbb4fd3a231cdcceaced720edf6baf462125ff53abd8ca5bfb0ccf615555c68f52cb7403d5d88ee754905dd1ea4158a1516d0c33decb2838007160e33679ee705cd64bad4f46855a3e82115b94270f439b32c203ad2cce134f2dacf1eee6943f5be4d6cdc0fe872edf03d7d38b8c392fcff0ee05dba89745f4b0da50e1a907f7c"})
msgget$private(0x0, 0x31c)
ioctl$VIDIOC_G_STD(r4, 0x80085617, &(0x7f00000004c0))
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x9ebe67d38c0eace8, &(0x7f0000000500), &(0x7f0000000540)=0x4)
close(r2)
getsockopt$bt_hci(r5, 0x0, 0x2, &(0x7f0000000580)=""/248, &(0x7f0000000680)=0xf8)
r6 = open_tree(r4, &(0x7f00000006c0)='./file0\x00', 0x1)
setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000700)=0x2, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, &(0x7f0000001b40)=[{&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f0000001740)=""/158, 0x9e}, {&(0x7f0000001800)=""/18, 0x12}, {&(0x7f0000001840)=""/125, 0x7d}, {&(0x7f00000018c0)=""/196, 0xc4}, {&(0x7f00000019c0)=""/224, 0xe0}, {&(0x7f0000001ac0)=""/75, 0x4b}], 0x7, &(0x7f0000001bc0)=""/222, 0xde}, 0x10001}, {{&(0x7f0000001cc0)=@x25, 0x80, &(0x7f0000001e40)=[{&(0x7f0000001d40)=""/154, 0x9a}, {&(0x7f0000001e00)=""/64, 0x40}], 0x2, &(0x7f0000001e80)=""/48, 0x30}, 0x2}, {{&(0x7f0000001ec0)=@l2tp={0x2, 0x0, @multicast2}, 0x80, &(0x7f00000025c0)=[{&(0x7f0000001f40)=""/204, 0xcc}, {&(0x7f0000002040)=""/94, 0x5e}, {&(0x7f00000020c0)=""/248, 0xf8}, {&(0x7f00000021c0)=""/255, 0xff}, {&(0x7f00000022c0)=""/202, 0xca}, {&(0x7f00000023c0)=""/235, 0xeb}, {&(0x7f00000024c0)=""/176, 0xb0}, {&(0x7f0000002580)=""/62, 0x3e}], 0x8, &(0x7f0000002640)=""/133, 0x85}, 0x8000000}], 0x3, 0x41, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000002880)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002840)={&(0x7f0000002800)={0x1c, 0x0, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10000080}, 0x0)
r7 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000028c0)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@remote, 0x4e23, 0x7, 0x4e20, 0xffff, 0x2, 0x80, 0x0, 0x32, 0x0, r1}, {0x8, 0xae1c, 0x6, 0x19, 0xe50, 0x2, 0x5, 0x4}, {0x81, 0x80, 0x8, 0xf}, 0x3, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x4d2, 0x33}, 0xa, @in=@multicast1, 0x3503, 0x0, 0x0, 0x0, 0x5, 0x10001, 0x1}}, 0xe8)
r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000029c0), 0x10000, 0x0)
getsockopt$inet_tcp_int(r8, 0x6, 0x22, &(0x7f0000002a00), &(0x7f0000002a40)=0x4)
ioctl$sock_ax25_SIOCDELRT(r8, 0x890c, &(0x7f0000002a80)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @null, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000002b40)=@generic={&(0x7f0000002b00)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000002bc0)=@generic={&(0x7f0000002b80)='.\x00'}, 0x18)

1.746424622s ago: executing program 1 (id=849):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="cfcad0abd2b7c5da56ac73746174696101000000"])
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0xfffffffffffffeff}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xfff2}, {0x0, 0x6}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x8000}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=@newtfilter={0x4c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {}, {0x2, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0xd, 0x7}}]}}]}, 0x4c}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000005000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x2, 0x0, 0x5c, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)
bind$alg(r3, &(0x7f0000000340)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x58)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.716434286s ago: executing program 1 (id=851):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000240)=ANY=[], 0x15) (async)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) (async)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) (async)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x201, 0x2) (async)
read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020)
chdir(&(0x7f00000002c0)='./file0\x00')
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x82140, 0x0) (async)
ioctl$VIDIOC_QUERYSTD(r2, 0x8008563f, &(0x7f0000000040)) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)

1.609572236s ago: executing program 1 (id=854):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/clear_refs\x00', 0x1, 0x0) (async)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/clear_refs\x00', 0x1, 0x0)
write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0xfffffffffffffffe, 0x0, {0x7}}, 0x18)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$SO_COOKIE(r2, 0x1, 0x2, &(0x7f0000000000), &(0x7f0000000100)=0x8) (async)
getsockopt$SO_COOKIE(r2, 0x1, 0x2, &(0x7f0000000000), &(0x7f0000000100)=0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in6=@loopback, 0x100, 0x0, 0x0, 0x80, 0x0, 0x20}, {@in=@multicast2, 0x0, 0xff}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0xaf}}, 0xf0}}, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newsa={0xf0, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in6=@loopback, 0x100, 0x0, 0x0, 0x80, 0x0, 0x20}, {@in=@multicast2, 0x0, 0xff}, @in6=@loopback, {}, {}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0xaf}}, 0xf0}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000001714"], 0x38}}, 0x800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x7}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000040000000400000008"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, &(0x7f00000001c0), &(0x7f0000000080)=""/52}, 0x20) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, &(0x7f00000001c0), &(0x7f0000000080)=""/52}, 0x20)
write$sysctl(r0, &(0x7f0000000180)='4\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xf372, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x4, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x76b}}, {{{0x9, 0x5, 0x81, 0x3, 0xedff}}}}}]}}]}}, 0x0)

1.336561508s ago: executing program 0 (id=864):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='coredump_filter\x00')
prctl$PR_SET_ENDIAN(0x14, 0x0)
write$cgroup_pid(r0, &(0x7f0000000140), 0xffffffffffffff73)

1.322992958s ago: executing program 2 (id=866):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000edffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ffffffff00"/28], 0x48)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x8a}}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210001"], 0x24}}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="9000000020", 0x5, 0x0, 0x0, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000000)='.', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB="3c01d946190001000000000000000000ff010000000000000040000000e34af26b112b8bc8000000000000000000000000003b00000000000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000020d0000000000000000000000000000000000000000000084000500e0000002000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000001000500000000000000000000000000fe8000000000000000000000000000bb000000002b00000000000000fe8000"/244], 0x13c}, 0x1, 0x0, 0x0, 0x4000001}, 0x800)

1.259462787s ago: executing program 0 (id=867):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000080)=@urb_type_control={0x2, {}, 0xfffffff8, 0xc1, &(0x7f0000000000)={0x4b5a9da54893e123, 0xe, 0x11, 0x2}, 0x8, 0xa0400000, 0x0, 0x0, 0x0, 0x20000, 0x0})
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x7fff, @bcast, @netrom={'nr', 0x0}, 0x7, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]})

1.258935024s ago: executing program 2 (id=868):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004c051}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='ext2\x00', 0x60000, &(0x7f0000000240)='\xff\xff\xff\xff\xff\xff')
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r1=>r0, {0x9}}, './file1\x00'}) (async, rerun: 32)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000003c0)=<r2=>0xffffffffffffffff) (rerun: 32)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000400)=@multiplanar_userptr={0x8, 0x5, 0x4, 0x800, 0x101, {}, {0x3, 0x1, 0x8, 0xa, 0xb0, 0x0, "42a43ed8"}, 0x4, 0x2, {&(0x7f0000000340)=[{0xff, 0x7, {&(0x7f00000002c0)}, 0x7}, {0x10000, 0x7, {&(0x7f0000000300)}, 0xfffffffd}]}, 0x40000, 0x0, <r3=>r2}) (async)
getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f0000000480)={@mcast1, <r4=>0x0}, &(0x7f00000004c0)=0x14)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x11, 0x10000, 0x6, 0x7, 0x10141, r1, 0x8, '\x00', r4, r1, 0x4, 0x2, 0x5, 0x0, @void, @value, @value=r1}, 0x50)
r6 = accept$phonet_pipe(r1, &(0x7f0000000580), &(0x7f00000005c0)=0x10) (async, rerun: 64)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000600)={0x0, ""/256, 0x0, <r7=>0x0}) (async, rerun: 64)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000800)={{<r8=>0x0, 0x0, 0x9, 0x7, 0x10, 0xe4, 0x2, 0x7fffffff, 0x2, 0x9, 0xfff, 0x8000000000000001, 0x5, 0x9, 0x5}, 0x18, [0x0, 0x0, 0x0]})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r6, 0xd000943e, &(0x7f00000008c0)={r7, r8, "470aad1f452b73742e109996f0fdad14d313ada4d5d91b36f3fc243ae89617b11830050abacf241e327f3ce4fee8cc3b61a82a65f82df5413a2f10f2692a71abb1aa6c3ed4cf150e3c6c221d371d097138fa22005f46f5d8aa30e81dd64ca98f4038fe4ee63d4480da40c1fdfce68ed08b7a38103df2e9bc6256f7617d97b146fb049458b745aff0a02cd8281ce5946dc860b5670f5609a287704c4d777543d1e4b937ac0ea779443258fff19936193980db8ff7d1922c23551bdc3c094e9f0581f75986e45e0411d30eac49fb800c9c6b4f40f397688f9a3ac558ba1baf44a54d5a6d9da59278361df6361239276bad4a0e0d6df37e596073c9a20da74b82a4", "77ebf9c33ce93d864603355f839297dc29f09ab165ca5ef929b8e5eb4d6d8f16110c4b4fa4eeb967272b56e8b0c980f0ad2e9f8064122946139f363c84642e5e1baa3c3bef052c83181910cdd5cc569c64d1a8bc617800310f6d3c085491229e929f612fb7aecdec477e839d31261b933a7ebf65e67457c6cb4a26696f0dcb03c1787db33667b08703db8b1807a95840d927081ed8e6b036d4a0992fa6acf67c8bb61536e347c6b4822a1d3fcef8790efe3376ffbe89957263d3ccec7ae1c61484ac57c0fb5fa7fa08742766de72b6492107944eaaabf25bf9918068cb1534819d5058130cb10662f014c34742a2f6869a851166a5fa3131ff863cfa5e570e68f2e319e4cf0de963216df87f503aaffe4ffad481fcfbee392f085086b44c46243c6088a02a5798453ad813f26a95f93ee0f7ec8460b931fcc5d871ff36b338023e765af072d5632003529e90b81bac68c7d898df204cbeefb95f5cdb15e07a75e28f441dea711297210c1b51dc673ec6746cba9723b4d208d4dd9534b6622b264d09a2de9765b13cc5b41661cb183731fbef6dbfed6578a2f02d4d36cab1169714a93d175b4409cd6df2a90a67a1cef6dcd2aceee01430e38bcfd4ad7f06f7c7f43c77f6dafe4a936e4a629d78f51ad6517696132252560977a0266e62e2070f0166b684efd6841b77de26ee312bca9c90f459fa9b7cfd54da6558952cfcdaa39542ff5598fef922cb369f767a39e7063984103d3aebe9266c700dfe01479335e3aeffe6550ba73835af15edf1048c39bca5ef23dbefb05361e91db83fc40296e3736f23a256f04436ec441e4944c0a5f5bccfba643c7770c84fd543290ce12354c09cd5c95dd305f2eebfe06eadbca3657c41a9e7496b3c4f07f868bf6c7d4fd3c0bc5f86dc1bf9332bc646fe3752d954ec8a07f0c1acc4dbfbf09bc6f97753db382b5dc419e990bb01fb2303214d7a68bc659e8f5b75183aaafafd9b8a3f61953d02639dae0077620f6d06d39b9a3146b4a15e6b31c516dd95b4d2ab44f8dc4fce29cc7ad2d959e503b92d17bb23e03709858e6b9f0c58bc110ecd9a27a85652a62a3c426131807ff7a5268ea50ad8d60b41bede2e705df698231a57414e6bb391440c9ce1e5f29b93d7ec71b891b43c77fda9924866a0c9b618e0022585298914b9fbd4e252a0672431605b354a9d1cf5d9151dd388f0ca72e6a27657acb2890fa19fc84e9f99dec1cf257dd80b311d294299d1b897030d4375742cb4d1f903ee1d6b01808fa51463f962fdb9aa5e47bf451c18b8d9e0d2a52afcf93639914fafddfddc54e1b0177a8ca9b772623e2c74184ba98309a2f018dc10037d973009adda5010a2f3972555fcd765da51b4cd50d5251770b7d455f7432368ffc2e73be99239c41d6d8bcaf4f67feae375f4ccbc8e1731f275ca87323984de2d53378a7420e0d2746c7a4b651b756e681e8428ff950b517345bc4f54a5252d856dfe144e021bbd29c1dea758369c0f72179fe249a4665ef2eb5d92c10139cf78c7921bf3fbec801664dd7ff0a4490cccc2161de30f5478d2362c06bfba5d5c35d8e0e01b4b721317f653276ae861dc5d5ee637994cdb8ab1740c09ebbfd06d110eeedf1c1098a578f0cdb222306678b8ed8e9ef311f95bb1d3f08f311b3827ff508ed1b6e3e87309fc0fcd16c37341badc2f4e1f6a423954c4aaffecbdb5b69896b7fec94ae2a87d89fc91b0f84abec021fdac4b56c19a7bde439f1ebdbb44e22924748aaf5b02336aea001c3d425bbbd816d4c5f083fa70e24987bb90bd796136502df71953301a8331cb82563da52ca8bbf4f013b03c488ca7244563b700aecab3c22a6232b951eba7cbbd5a78c0c7b7b3b3b6ac6e4d823f9f735b2ae1e0084e666e0b151e39374cd0604cef19f4f259ff9ca081678b8d6f20ef8dbd3f71b42315bc482052b5a952b624abe64802660eafeb21da29a18474ecec4a8440a22ac911777ba5e9bd70a40f9fe0d83188fec64a66dcc6a2e00b19ba83cb03328cfee277a257efe6dbae513a15c091766e729d6c83abcc01bbfbf9c782b4b83acbee6d663fefbf3290d9eea36bcf123b8ec1cab4e140631b9a4080963f062425fe90b925eccab757412920f2a69980ba75ee4071e3baa6c813db143c8f2a193779944d28c6b2c3ccd7dc20fac31364472fdb9f63c44542c3d63abc7449a79359ba3d5cb268ce4023532fe0b2fc211dc8915162980397507aa37026409f0fe1c37882aff39c45ef718bbb0d0a936adb15c456fc1a23fc234711ae01d3039ad0ce474729e373bd8154dbf808ba850a032ba78f394b14515371c5fb66a20acad014ce6f6523fdee3d975362631b4522e794b2bac9ab5a1ce103dca8cd37d1a11aa7a95091e23d61c847b845e999aa28140fff4e14005ab2ac67b812db58facf1dedac47527d88ce1de018b24f21316b1694972ad5a4ff8cca49e404e5f78e2ba07f4c9cb0a9d0f1d908938a0d33b96f6d9ddeec1e5718fdc31208141ab023c2d2a7bac57d1127c7a219d110ebe153539e5af155c49b4830f4fc219b8620e780c91be0c6939d2d0e27ea4160364e2542f2511adc3a09fdbf8fda9e31727fd0badc61aabb75d722b3f352ad0d5b265cdc513c7f519984b98dc9eae26d0494c623285476fba629113d4f546195e0cc565ad776fbef031dd3876ebd9c689f2d00e8c203d97243fb7677840dc2b0a2315f644391dc852318d9aa5c8b199201d7777003c89c012137b6703b1b3b28792e83c0bb0e99024f2e82bfc854d52865d827686786c42264d1487a0461110bc8ff03e1182054baf73e9f62f8be648d9f3c6bb6acb8bf603b4d1fa57588ba881485d8675c297e13e716869794b914ad4591febda2f99cc063c0af07e49fc15a4f3071b539401a573100bdf4c85e15cbd86e960b8e6a495ebb038a076284d60f3ef2f0f9bc58dcaa7a74de9029c22bc1f676544967f1e1d30126d4b516d104bf24191851755150eb2c5991c87b072ec24aeb507614cad1cc7960367c5aa0c60268c7a82b6a5830165e6b6f5300268e1e0a2974e9b392b458a26ceb13aac1ec7c1a9c4e1db154543c0a4793c6f1277de8f142414128bb148c78bf5ec91be846279d95425285c81e991b4434dab74cc93cfc7dc8548f0356c3e5c3eb0413a44cdde2ebe32a930f15fe6e78239bebca5d77add2cad4f5e690b9ddf42cddf94b21c7a9e55e534a5e73880b956901a9513088bfe527f30e05790ff524784fdf4cfffd46efb913cda148b1c0bd735b6f9db19cb24a008fa2e5886cd5b9cfdad4e11064ec0ad9aca025941e03bb8f55514789bb07cd1d907908f48d534b66b798bd4d38f5b0e5c2e745ddff2b1a2498c71fe61f6f48dbeaf92f17cefd542033e24d1719a49d3fefd005209567c2902a787b3c4d234f4871464b1ec3b48b7a973e4186c56c2f6c673ace6eee629f2b7bee48f35ffceb562b7f5b0fca132cfa86189f35d90e4e1f937da70dae10314c27b3fd564bbc63b86aa7fcc3c5c32c81832e19e2a90953d79fcb8af359e0b94b5ac1b00cec0ae2d4a62e6d8158f9e4efa8a8ae7a00a90d370d65d26cb3d2b79f896813dd239f2055621be75f94c0c206a41ce47aaab643a5e201a708c93d78e441a3b47464d66d58219991c4ac82083878bd81a8799cb62b18aff79f7faa741bc799386eb0a158c085655f86cf6b236004dd0bcf9d41e0347ab9f71bdba4dae3fa71ac6b92caf36e88bb840640c0da2209378979354fe0fd142b138748ceba48e991f719f0873aa9cd591a64dc99f2c9f3af4f8a7b3f134804c923f59838921ba45a69037d3bc179d3581ba170153654424cf3081778143ccb7dd0463c23a4f5758d47617fc55fc4335e4f73870e46aea6c77a00be13658e23c2d7122130338082aabc37ecd37e3c8b327fe295c6cccdf51cae2c2788580085fa83aa8ba08dabe1cf26976b42eb4e60c87a5ee5723080ba71af3a7bb8e173db2a39817bd9f49cbdf1e62177277e9735e6586bed8d297cf7e6f0925750ba98ec30af903225a6a424421af9564c668b21ff3fb07d74d6521512ba001795ffab0be4d8e89265d5250a560e938f8268d34380330610001d29c24771aab28184073b290435c6fe333692a6e8252c7f4f70a0f9b47f5c029d951ccaa15c05fa61e64af3ed39689829471a3a380a91495da3c10dbeb049e39e4ab461a7a2f82e21836119361bcc8a3ace1c613312775f54ff36fb949e449044d8d7c3a561051c044e94397ee5da499e71262203c7230d5cd6d56fe09bc6adaacbbec43181a41c40e57659a16e4435f148bb3e0f0d2913df8480e1094ebeb79a13c4800400a6b9617ecc07d5286e17bf5734b8c7fbf7de714c1ad7edfe44a75a78cbd6d3902bcafe1e62bfd9b24ca7d8833da7f3dd9d392560c759b1088a17154e4dd2bc1ba3648473f1f36bf28234135fbb28f0dea038ea62c6f2446da8556b7942eed0b849d2284bd5eb88fd4388e45fcc77bbd68120d9a5a1cdeeb1b8cf37acf3134f62c1e3ab681f9799332ad11e652e553851fd5ebae74caa79bda48bf82d252609d54c727dd75db8299a5523c698bc61cd396cec9ca93fe51f77dba7ac4405a5db6861585c682a4982dc6dfed92d69cedc95e940c5d1a7af9d5b7ecc12912176ac7f07375561a0f86479d359c94e2528c7aebd6695133e92fa11837a8a3395ae4626863d4faa015128457162ac10a00be284c5057d94dc1c7a5c36b5c5661eaeb9850e5c6d940ef1ea0f2f7828dd22870ec064a9068950e1a16e781974ce9febd41a65f63aaa5a4b043da817c2f61e746a285d8eb3e43c6b525165b2b5ced16a626b9681abc68c0073bf469df2286a281047dfc86a5d312d56768b6c04dc45bd0a13263cb8c5d5505d20d75f745bee0e0ca6af286ecc675f4716a700243378e95650e7fd09c5cb24920c227ab0028333ba9958b445c15890bf3a9b734d89df2d0c7fbbf0f3d7d3431ae6750fdd3febeecb07e8b1c8fd62dec9dfde0b93f5f80b2be18f4a260fc595e806f3a7142dcc59803ec864da176e5fa9ae5d72a47db0cccbc0dddee9f62d74aec79cbe49a695c8c1be86da3c85a695ef6cd6b63b84d3456ce7a0c95412cd5b0155a6d527ec882275dd936a334204ef8db1bcd943e6a15409b2dda48e7de2f150e6a36a612f0caef9fd2e457aba8c6499c2f5422a8677237410e2bf0d80ec1293c168250ae98798655a4a07cec59e7affb867a115bdff3eb93b11dde6cd1d0adfa21d64f04284389aa74d4b9c801f8759e738ecadc12eab29af0a349b5fc0d352ca4bbb60df5b68c7f688d25fd0b810913b618df3f2f154eb046b80001aace08e03c380d219009b038d9f959695a4c1f5d3b6adbcd1523a518deb9319e894fc12f3b1fc70"})
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f00000018c0)={0xc, 0x2, 0x6}) (async)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000019c0)={'veth0_virt_wifi\x00', &(0x7f0000001900)=@ethtool_flash={0x33, 0x200, './file0\x00'}}) (async)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0) (async)
r9 = ioctl$NS_GET_PARENT(r1, 0xb702, 0x0) (async, rerun: 64)
ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, &(0x7f0000001a00)={<r10=>0x0, 0x3, 0xffffffffffffff55}) (rerun: 64)
ioctl$BTRFS_IOC_GET_DEV_STATS(r9, 0xc4089434, &(0x7f0000001e00)={r10, 0x1, 0x1, [0x9, 0xfffffffffffffffe, 0x10, 0x4, 0x7], [0xc, 0x1b78, 0x76a, 0x6, 0x11c, 0x0, 0x3, 0x1, 0x24ea, 0xffffffff, 0x1, 0x4f, 0x2, 0x3, 0x0, 0x4, 0xfffffffffffffffc, 0x81, 0x8000000000000000, 0x8, 0x8b, 0x6, 0x200, 0x86, 0xc, 0x6, 0xb5d2, 0x1, 0x81dd, 0x8000000000000000, 0x56800000000, 0x2, 0xd450, 0xfffffffeffffffff, 0x7, 0x600000, 0x7, 0x9, 0x8, 0xb, 0x800, 0x3e08da4c, 0xfff, 0x2, 0x4, 0x1, 0x5, 0x8, 0x0, 0x6, 0x2651, 0x1, 0x8, 0x80, 0x40, 0x4, 0xffffffffffffffff, 0x2e6, 0x7, 0x7f, 0x9, 0x8000000000000000, 0x9, 0xfff, 0x8c6, 0x100000001, 0x8, 0x8000, 0x6, 0xfe, 0xd, 0x4, 0x3, 0x4, 0x6, 0xdda1, 0x0, 0x2c18, 0x0, 0x100000000000000, 0x2, 0x3, 0xc, 0x2f, 0x2, 0x3, 0x7, 0xfffffffffffffffe, 0x5, 0x6, 0x1, 0x9, 0x0, 0x600, 0x0, 0x8, 0x3, 0x200000, 0x7, 0x2, 0xfffffffffffffffb, 0x4, 0x80000001, 0x2, 0x1, 0x135d, 0x6, 0x1, 0x7, 0x7a1, 0xd0b, 0x100000001, 0x8000000000000000, 0x9, 0x1, 0x2, 0x2cf, 0x6, 0x3, 0x5, 0x9]}) (async)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000002280), r0)
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000002380)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002340)={&(0x7f00000022c0)={0x68, r11, 0x20, 0x70bd28, 0x25dfdbfe, {{}, {}, {0x4c, 0x18, {0x7f, @media='udp\x00'}}}, ["", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x801}, 0x8004)
ioctl$EXT4_IOC_SETFSUUID(r5, 0x4008662c, &(0x7f00000023c0)={0x10, 0x0, "f4b72500f8dfffa54617b43b895fbd58"})
sendfile(r0, r6, 0x0, 0x50) (async, rerun: 32)
ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f0000002400)={'bridge_slave_0\x00', 0xd5a9}) (rerun: 32)
r12 = syz_genetlink_get_family_id$ipvs(&(0x7f0000002480), r1)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000002540)={&(0x7f0000002440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002500)={&(0x7f00000024c0)={0x1c, r12, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x4) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000002b00)={&(0x7f0000002580)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000002ac0)={&(0x7f00000025c0)=@delchain={0x4d8, 0x65, 0x8, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x8, 0x10}, {0xfff2, 0x6c4bdd999943c8fe}, {0xa, 0xf}}, [@filter_kind_options=@f_route={{0xa}, {0x4a0, 0x2, [@TCA_ROUTE4_POLICE={0x48c, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x370, 0x2, 0x2, 0xfffffff7, 0x3, 0x50, 0xb, 0x0, 0x6, 0x7, 0xd, 0x7fff, 0x8, 0x80, 0x81, 0x7, 0xfff, 0x66, 0x8, 0x3, 0xa878, 0x4, 0xffffffff, 0x9, 0x2, 0x2c8, 0x100, 0x1, 0x4266, 0xffffff81, 0x7, 0x8000, 0x794, 0x2, 0x6, 0x100, 0x2, 0x1, 0x2, 0x0, 0x81, 0x4, 0x8, 0x4, 0x4, 0xfdc, 0x0, 0x8, 0x40000, 0x1, 0xa, 0x401, 0x9, 0x4, 0x8, 0x0, 0x8, 0x9, 0x4, 0x10000, 0xb, 0xb, 0x0, 0x7, 0x8, 0x4, 0x6, 0x2, 0x7844, 0x0, 0x1ff, 0x5, 0x0, 0x9, 0x0, 0x40000000, 0x2, 0x7fff, 0x6, 0x8, 0x5, 0x652, 0x6, 0x9, 0xffffffc2, 0x62, 0xaf18, 0x6, 0xe98, 0x86b6, 0x4, 0x6, 0xffff, 0xd, 0x40, 0xeade, 0x5, 0x8, 0x9, 0x0, 0x6, 0x10, 0x5, 0x6, 0x14820a7, 0x8, 0xe, 0x8, 0x6, 0x80, 0x3, 0x9, 0x1, 0x0, 0x10000, 0xd, 0x7, 0x8, 0x26, 0x6, 0x1, 0xf8, 0x4, 0x1, 0x3, 0x80000000, 0x6, 0x7fffffff, 0x4, 0xfffffff8, 0xd5a9, 0x6, 0x9, 0x2, 0x9, 0x9, 0xa0d4, 0xe86d, 0x0, 0xfffffff5, 0xfffffffc, 0x7, 0x7, 0xcd, 0x0, 0x7f, 0xbeb, 0x4, 0x7f, 0xffff, 0x5, 0xe, 0xffff, 0x8, 0x80000001, 0xc, 0x2, 0x9, 0xc, 0x1000, 0x6, 0x7, 0xb0, 0x9, 0x80000000, 0x80000000, 0x2, 0x80, 0x9, 0x4, 0x1, 0xd1, 0x0, 0x3ff, 0x3, 0x7fffffff, 0x23, 0x5, 0x8f6, 0x3, 0x233e, 0x9702, 0x4, 0xffffffff, 0x7, 0x1, 0x8, 0x2, 0xd, 0x10000, 0x87a, 0x1, 0x4c2, 0x5, 0x80000001, 0xffa2, 0x7, 0x4, 0x200, 0xff, 0x2, 0x10001, 0x3, 0x9, 0x7, 0x4ef, 0xffff, 0x84a, 0x2, 0x4, 0x7, 0xe0000, 0x2, 0x6ff, 0x10, 0x4, 0x4ce, 0x3, 0xffffffff, 0x9, 0x1, 0x800, 0xfffffffb, 0x0, 0x26400, 0x1, 0x3, 0x7f, 0x3, 0x4b4, 0x4, 0x1ff, 0x1ff, 0x5, 0x80000001, 0xb5, 0xfffffff7, 0x8, 0x40, 0x3, 0x2, 0xf, 0xffffffff, 0x9, 0x2, 0x71d, 0x200, 0x200, 0x0, 0x5, 0x7, 0xffff, 0x3, 0x0, 0x8, 0xffffffff]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x40000000, 0x2, 0x0, 0x1000, {0xe, 0x1, 0x7fff, 0x8000, 0xb, 0xffffff6e}, {0x0, 0x2, 0x100, 0x9, 0x5, 0xd}, 0x401, 0x1d32, 0x40}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_RATE64={0xc, 0x8, 0x758}, @TCA_POLICE_RATE64={0xc, 0x8, 0xffffffffffffffc0}]}, @TCA_ROUTE4_TO={0x8, 0x2, 0xe2}, @TCA_ROUTE4_TO={0x8, 0x2, 0xd6}]}}, @TCA_CHAIN={0x8, 0xb, 0x401}]}, 0x4d8}, 0x1, 0x0, 0x0, 0x40000}, 0x10001) (async)
close(r6) (async, rerun: 64)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000002b40)={'ip6erspan0\x00', 0x1000}) (async, rerun: 64)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000002b80)=0x101000, 0x4)

1.255709276s ago: executing program 0 (id=869):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
sendmsg$rds(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@zcopy_cookie={0x18}], 0x18}, 0x4000000)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r4, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)
r5 = fsopen(&(0x7f0000000000)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000180)='rootcontext', &(0x7f0000000040)='E\xe1\x85\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x85)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1.179366659s ago: executing program 0 (id=870):
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="020000001300"})
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000)={r2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000340)={@val, @void, @eth={@broadcast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xf, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}, "13176b"}}}}}}}, 0x35)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r2})

1.178974903s ago: executing program 2 (id=871):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = gettid()
preadv2(r0, &(0x7f0000002ac0)=[{&(0x7f00000005c0)=""/255, 0xff}, {&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000380)=""/109, 0x6d}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000480)=""/128, 0x80}, {&(0x7f0000002740)=""/227, 0xe3}, {&(0x7f0000002840)=""/147, 0x93}, {&(0x7f0000002900)=""/157, 0x9d}, {&(0x7f00000029c0)=""/201, 0xc9}], 0x9, 0xf57d, 0x1, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0xc10, 0x948, 0x168, 0x10, 0x0, 0xb, 0xb40, 0x250, 0x250, 0xb40, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0x0, 0x0, 0x0, 0xffffff00], [0xffffff00], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x8e0, 0x948, 0x0, {0x0, 0x28e}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x3}, {}, {0x3, 0x2}, {0x3, 0x1}, {0xf3}, {0x9}, {0x5bb, 0x1}, {0x82, 0x3}, {0x1ff}, {0xffff8001, 0x3}, {0x6, 0x2}], [{0x8, 0x7}, {0x9, 0x80000000}, {0xffffff00, 0x6}, {0x1}, {0x80000000, 0x3}, {0x7, 0x100}, {0x2, 0x401}, {0x8, 0x3}, {0x8, 0x7}, {0x4, 0x6}, {0x2, 0xc0}], 0x8, 0x2}, {[{0x122, 0x2}, {0x8, 0x1}, {0x0, 0x2}, {0x1, 0x3}, {0xe9, 0x3}, {0x1, 0x2}, {0x0, 0x1}, {0x84ef, 0x1}, {0x3, 0x2}, {0x1}, {0x4, 0x3}], [{0xfffffeff, 0x2}, {0x51, 0x4}, {0x6, 0x4}, {0x4, 0x3}, {0x6, 0x40}, {0x7b2, 0x1}, {0x8, 0xa9}, {0x5c0, 0x4}, {0x6}, {0xc, 0x5}, {0xcd9d, 0x3}], 0x3, 0x6}, {[{0x0, 0x2}, {0x5, 0x1}, {0x0, 0x3}, {0xa}, {0xa86, 0x2}, {0xe}, {0x4, 0x2}, {0x4}, {0x400, 0x3}, {0x7, 0x3}, {0x651790d2, 0x1}], [{0x10001, 0x4}, {0x2}, {0x100, 0x7}, {0x4, 0x8}, {0x6, 0x200}, {0x0, 0xf21}, {0x4, 0x3}, {0x3ff, 0x80}, {0x21eefaa2, 0x10001}, {0x8, 0xea}, {0xbd0, 0x10000}], 0x2, 0xb}, {[{0x80000001, 0x2}, {0x1, 0x1}, {0xcdc, 0x2}, {0xfffffffe, 0x1}, {0x3, 0x2}, {0xfff, 0x2}, {0x5, 0x3}, {0x2, 0x3}, {0x7, 0x1}, {0x9}, {0x6, 0x3}], [{0xa, 0x7ff}, {0x3ff, 0xffff}, {0x10, 0x2}, {0x8, 0x7}, {0x5, 0x5}, {0x2, 0x3dcb}, {0xf2c, 0x101}, {0x40, 0x9}, {0x80, 0x5}, {0xb77, 0xed37}, {0x0, 0x4}], 0xb}, {[{0x7ff}, {0x4, 0x3}, {0x40, 0x2}, {0x5, 0x3}, {0x7c}, {0x400, 0x3}, {0x8001, 0x3}, {0xfffffff9, 0x3}, {0x401, 0x1}, {0x101, 0x3}, {0x1000}], [{0x2, 0x3d56}, {0x9, 0x413}, {0xff8, 0x7}, {0xec00439, 0x7}, {0x9, 0xea}, {0x6, 0xee9b}, {0x9, 0xffff}, {0x1, 0x6}, {0x5, 0x4}, {0x40, 0x5}, {0x0, 0x8}], 0x6, 0x8}, {[{0x1, 0x51d5f25b88549df3}, {0x8}, {0xfffffffc, 0x1}, {0x4, 0x3}, {0x1e, 0x2}, {0x20000000}, {0x10000, 0x2}, {0x8, 0x1}, {0x9}, {0x1, 0x1}, {0xa}], [{0x2c94a8d1, 0x9}, {0xdacf, 0x6}, {0x7000000, 0x1}, {0x1, 0x6}, {0x5, 0x3}, {0x80000001, 0x401}, {0x6, 0x5}, {0xfffffff7, 0x1ff}, {0x80000000, 0x4}, {0x80000001, 0x8}, {0x100, 0x3}], 0x7, 0xb}, {[{0x0, 0x2}, {0x6, 0x1}, {0x0, 0x3}, {0x3}, {0x7, 0x1}, {0x8001, 0x3}, {0x8}, {0x68}, {0x1, 0x3}, {0x6, 0x3}, {0x1}], [{0xe, 0x7}, {0x0, 0x55}, {0x5, 0xb8}, {0x6, 0x6}, {0x3, 0x7fffffff}, {0x1000, 0x3}, {0x9, 0x3}, {0xfffeffff, 0x6}, {0x5, 0x4}, {0x8, 0x80000001}, {0x28000000, 0x5}], 0x6, 0x6}, {[{0x1634, 0x2}, {0x7fffffff, 0x3}, {0xfffffffa, 0x3}, {0x5, 0x3}, {0x4}, {0x8, 0x3}, {0x9, 0x1}, {0x2}, {0x0, 0x88c9cedeeaac922b}, {0x1a0000, 0x1}, {0x9, 0x3}], [{0x8, 0x401}, {0xfffeffff, 0xffffffff}, {0x1, 0x1}, {0x800, 0x8}, {0x3, 0x1}, {0x9, 0x2}, {0x200, 0x7}, {0xfffffff9, 0x3ff}, {0x5, 0x5}, {0x9, 0x3}, {0xff, 0x9}], 0x4, 0x7}, {[{0x6}, {0x56}, {0x1, 0x2}, {0x0, 0x1}, {0x4, 0x2}, {0x4005, 0x1}, {0x46}, {0x80, 0x1}, {0x9, 0x3}, {0xfff, 0x2}, {0x788}], [{0x10001, 0x9}, {0x7, 0x1000}, {0xfff, 0x200}, {0x3, 0x4}, {0x4, 0xd6a0}, {0x49, 0xffac}, {0x1, 0x2}, {0x4, 0x7}, {0x6, 0x7fff}, {0x0, 0xffff136e}, {0x10000, 0x6}], 0x5}, {[{}, {0xfffffffe}, {0xfffffffb}, {0x209}, {0x2, 0x2}, {0x100, 0x1}, {0x12000000, 0x1}, {0x8, 0x1}, {0x187}, {0x7, 0x3}, {0x3, 0x2}], [{0x1, 0x1}, {0x9, 0x606}, {0x7, 0x10001}, {0xadd, 0x8000}, {0x6742e4e5, 0x4}, {0x80000001, 0x66bb6b23}, {0x7, 0x2}, {0x7ff, 0x3}, {0x6, 0xe61a}, {0x1, 0x80000000}, {0x40, 0x44}], 0xc, 0x7}, {[{0x6}, {0x1}, {0x8, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x6400000, 0x2}, {0xf48d, 0x3}, {0x7, 0x3}, {0x9, 0x3}, {0x1, 0x1}, {0x0, 0x1}], [{0x5, 0x2}, {0x7fffffff, 0x6cf6}, {0x6, 0x3}, {0xf99c128, 0xb19}, {0x4, 0x9}, {0x7, 0x1000}, {0x4, 0x9}, {0x6, 0xfffffffa}, {0x0, 0x8}, {0xe, 0x2}, {0xffffffff, 0x9}], 0xa, 0xb}], 0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}, {0xfffffffffffffffd}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xc70)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000002c0)='htcp\x00', 0x5)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
write$tun(r0, &(0x7f0000000300)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv4=@tipc={{0x6, 0x4, 0x1, 0x3d, 0x48, 0x68, 0x0, 0x81, 0x6, 0x0, @broadcast, @empty, {[@lsrr={0x83, 0x3, 0xbc}]}}, @payload_named={{{{{0x30, 0x0, 0x1, 0x1, 0x0, 0xa, 0x1, 0x2, 0x2, 0x0, 0x0, 0xb, 0x1, 0x2, 0x15c, 0x9, 0x1, 0x4e20, 0x4e20}, 0x0, 0x2}, 0x0, 0x2}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}, 0x5a)

939.887933ms ago: executing program 2 (id=872):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x6)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x880)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 66)

659.676292ms ago: executing program 2 (id=874):
set_mempolicy(0x3, &(0x7f0000000040)=0x3, 0x6)
r0 = socket$key(0xf, 0x3, 0x2)
listen(r0, 0x401)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x6576, 0x9})
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x100000000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="14010000320001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)

589.274825ms ago: executing program 2 (id=876):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0xfe, 0x0, 0x7ffffffe}]})
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ptrace(0x10, r1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000140)={0x6})
r3 = dup(r0)
r4 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r4, 0xc0205647, &(0x7f0000000080)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90f, 0x1ff, '\x00', @p_u8=&(0x7f0000000180)=0x6}})
r5 = socket(0xa, 0x1, 0x0)
r6 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r8 = dup3(r6, r7, 0x0)
read$FUSE(r8, 0x0, 0x30)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @local, 0x0, 0x2, 'dh\x00', 0x0, 0x20}, 0x2c)
r9 = syz_open_dev$dri(&(0x7f0000000400), 0x1023, 0x100)
r10 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r8, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)={0x28, 0x1406, 0x10, 0x70bd26, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000040)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000440)={0x0, &(0x7f0000000040)=[<r11=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r9, 0xc06864a1, &(0x7f0000000340)={0x0, 0x0, r11, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r9, 0xc06864a2, &(0x7f0000000240)={0x0, 0x0, r11, r12, 0x0, 0x2, 0xa, 0x200, {0x2, 0x7f, 0x180, 0x10, 0xfdfc, 0x2025, 0xfffc, 0xffff, 0x3, 0x3, 0xfffd, 0x9, 0x200004, 0x1, "12d56163d7287bd287881d942450c7153243937ca9a58f1c02000000476b1500"}})
migrate_pages(0x0, 0x8001, &(0x7f0000000800)=0x3, &(0x7f0000000840)=0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[r12], 0x1, 0x800})
r13 = socket$pppl2tp(0x18, 0x1, 0x1)
r14 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r13, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r14, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)

529.17948ms ago: executing program 3 (id=879):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async, rerun: 32)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x33}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) (async)
r3 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0x1f37353a, 0x88800)
mmap$snddsp_status(&(0x7f00007be000/0xb000)=nil, 0x1000, 0x0, 0x40010, r3, 0x82000000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async)
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r4 = socket(0x10, 0x803, 0x0) (rerun: 64)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x8000000, 0x0, 0x1, 0x2}}) (async)
r5 = socket(0x2, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}}) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x8)

528.707567ms ago: executing program 3 (id=880):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = gettid()
preadv2(r0, &(0x7f0000002ac0)=[{&(0x7f00000005c0)=""/255, 0xff}, {&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000380)=""/109, 0x6d}, {&(0x7f0000001740)=""/4096, 0x1000}, {&(0x7f0000000480)=""/128, 0x80}, {&(0x7f0000002740)=""/227, 0xe3}, {&(0x7f0000002840)=""/147, 0x93}, {&(0x7f0000002900)=""/157, 0x9d}, {&(0x7f00000029c0)=""/201, 0xc9}], 0x9, 0xf57d, 0x1, 0x3)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0xc10, 0x948, 0x168, 0x10, 0x0, 0xb, 0xb40, 0x250, 0x250, 0xb40, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0x0, 0x0, 0x0, 0xffffff00], [0xffffff00], 'veth1_to_batadv\x00', 'veth1_to_hsr\x00', {}, {}, 0x3a}, 0x6000000, 0x8e0, 0x948, 0x0, {0x0, 0x28e}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x3}, {}, {0x3, 0x2}, {0x3, 0x1}, {0xf3}, {0x9}, {0x5bb, 0x1}, {0x82, 0x3}, {0x1ff}, {0xffff8001, 0x3}, {0x6, 0x2}], [{0x8, 0x7}, {0x9, 0x80000000}, {0xffffff00, 0x6}, {0x1}, {0x80000000, 0x3}, {0x7, 0x100}, {0x2, 0x401}, {0x8, 0x3}, {0x8, 0x7}, {0x4, 0x6}, {0x2, 0xc0}], 0x8, 0x2}, {[{0x122, 0x2}, {0x8, 0x1}, {0x0, 0x2}, {0x1, 0x3}, {0xe9, 0x3}, {0x1, 0x2}, {0x0, 0x1}, {0x84ef, 0x1}, {0x3, 0x2}, {0x1}, {0x4, 0x3}], [{0xfffffeff, 0x2}, {0x51, 0x4}, {0x6, 0x4}, {0x4, 0x3}, {0x6, 0x40}, {0x7b2, 0x1}, {0x8, 0xa9}, {0x5c0, 0x4}, {0x6}, {0xc, 0x5}, {0xcd9d, 0x3}], 0x3, 0x6}, {[{0x0, 0x2}, {0x5, 0x1}, {0x0, 0x3}, {0xa}, {0xa86, 0x2}, {0xe}, {0x4, 0x2}, {0x4}, {0x400, 0x3}, {0x7, 0x3}, {0x651790d2, 0x1}], [{0x10001, 0x4}, {0x2}, {0x100, 0x7}, {0x4, 0x8}, {0x6, 0x200}, {0x0, 0xf21}, {0x4, 0x3}, {0x3ff, 0x80}, {0x21eefaa2, 0x10001}, {0x8, 0xea}, {0xbd0, 0x10000}], 0x2, 0xb}, {[{0x80000001, 0x2}, {0x1, 0x1}, {0xcdc, 0x2}, {0xfffffffe, 0x1}, {0x3, 0x2}, {0xfff, 0x2}, {0x5, 0x3}, {0x2, 0x3}, {0x7, 0x1}, {0x9}, {0x6, 0x3}], [{0xa, 0x7ff}, {0x3ff, 0xffff}, {0x10, 0x2}, {0x8, 0x7}, {0x5, 0x5}, {0x2, 0x3dcb}, {0xf2c, 0x101}, {0x40, 0x9}, {0x80, 0x5}, {0xb77, 0xed37}, {0x0, 0x4}], 0xb}, {[{0x7ff}, {0x4, 0x3}, {0x40, 0x2}, {0x5, 0x3}, {0x7c}, {0x400, 0x3}, {0x8001, 0x3}, {0xfffffff9, 0x3}, {0x401, 0x1}, {0x101, 0x3}, {0x1000}], [{0x2, 0x3d56}, {0x9, 0x413}, {0xff8, 0x7}, {0xec00439, 0x7}, {0x9, 0xea}, {0x6, 0xee9b}, {0x9, 0xffff}, {0x1, 0x6}, {0x5, 0x4}, {0x40, 0x5}, {0x0, 0x8}], 0x6, 0x8}, {[{0x1, 0x51d5f25b88549df3}, {0x8}, {0xfffffffc, 0x1}, {0x4, 0x3}, {0x1e, 0x2}, {0x20000000}, {0x10000, 0x2}, {0x8, 0x1}, {0x9}, {0x1, 0x1}, {0xa}], [{0x2c94a8d1, 0x9}, {0xdacf, 0x6}, {0x7000000, 0x1}, {0x1, 0x6}, {0x5, 0x3}, {0x80000001, 0x401}, {0x6, 0x5}, {0xfffffff7, 0x1ff}, {0x80000000, 0x4}, {0x80000001, 0x8}, {0x100, 0x3}], 0x7, 0xb}, {[{0x0, 0x2}, {0x6, 0x1}, {0x0, 0x3}, {0x3}, {0x7, 0x1}, {0x8001, 0x3}, {0x8}, {0x68}, {0x1, 0x3}, {0x6, 0x3}, {0x1}], [{0xe, 0x7}, {0x0, 0x55}, {0x5, 0xb8}, {0x6, 0x6}, {0x3, 0x7fffffff}, {0x1000, 0x3}, {0x9, 0x3}, {0xfffeffff, 0x6}, {0x5, 0x4}, {0x8, 0x80000001}, {0x28000000, 0x5}], 0x6, 0x6}, {[{0x1634, 0x2}, {0x7fffffff, 0x3}, {0xfffffffa, 0x3}, {0x5, 0x3}, {0x4}, {0x8, 0x3}, {0x9, 0x1}, {0x2}, {0x0, 0x88c9cedeeaac922b}, {0x1a0000, 0x1}, {0x9, 0x3}], [{0x8, 0x401}, {0xfffeffff, 0xffffffff}, {0x1, 0x1}, {0x800, 0x8}, {0x3, 0x1}, {0x9, 0x2}, {0x200, 0x7}, {0xfffffff9, 0x3ff}, {0x5, 0x5}, {0x9, 0x3}, {0xff, 0x9}], 0x4, 0x7}, {[{0x6}, {0x56}, {0x1, 0x2}, {0x0, 0x1}, {0x4, 0x2}, {0x4005, 0x1}, {0x46}, {0x80, 0x1}, {0x9, 0x3}, {0xfff, 0x2}, {0x788}], [{0x10001, 0x9}, {0x7, 0x1000}, {0xfff, 0x200}, {0x3, 0x4}, {0x4, 0xd6a0}, {0x49, 0xffac}, {0x1, 0x2}, {0x4, 0x7}, {0x6, 0x7fff}, {0x0, 0xffff136e}, {0x10000, 0x6}], 0x5}, {[{}, {0xfffffffe}, {0xfffffffb}, {0x209}, {0x2, 0x2}, {0x100, 0x1}, {0x12000000, 0x1}, {0x8, 0x1}, {0x187}, {0x7, 0x3}, {0x3, 0x2}], [{0x1, 0x1}, {0x9, 0x606}, {0x7, 0x10001}, {0xadd, 0x8000}, {0x6742e4e5, 0x4}, {0x80000001, 0x66bb6b23}, {0x7, 0x2}, {0x7ff, 0x3}, {0x6, 0xe61a}, {0x1, 0x80000000}, {0x40, 0x44}], 0xc, 0x7}, {[{0x6}, {0x1}, {0x8, 0x3}, {0x6, 0x1}, {0x7, 0x1}, {0x6400000, 0x2}, {0xf48d, 0x3}, {0x7, 0x3}, {0x9, 0x3}, {0x1, 0x1}, {0x0, 0x1}], [{0x5, 0x2}, {0x7fffffff, 0x6cf6}, {0x6, 0x3}, {0xf99c128, 0xb19}, {0x4, 0x9}, {0x7, 0x1000}, {0x4, 0x9}, {0x6, 0xfffffffa}, {0x0, 0x8}, {0xe, 0x2}, {0xffffffff, 0x9}], 0xa, 0xb}], 0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0x10000, 0x80000001}, {0xfffffffffffffffd}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xc70)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000002c0)='htcp\x00', 0x5)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
write$tun(r0, &(0x7f0000000300)={@val={0x1c, 0xf5}, @val, @mpls={[{}], @ipv4=@tipc={{0x6, 0x4, 0x1, 0x3d, 0x48, 0x68, 0x0, 0x81, 0x6, 0x0, @broadcast, @empty, {[@lsrr={0x83, 0x3, 0xbc}]}}, @payload_named={{{{{0x30, 0x0, 0x1, 0x1, 0x0, 0xa, 0x1, 0x2, 0x2, 0x0, 0x0, 0xb, 0x1, 0x2, 0x15c, 0x9, 0x1, 0x4e20, 0x4e20}, 0x0, 0x2}, 0x0, 0x2}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}, 0x5a)

389.478428ms ago: executing program 3 (id=881):
r0 = add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000000200)={0x2020, 0x0, <r5=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r4, &(0x7f0000002300)={0x50, 0x0, r5, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)
read$FUSE(r4, &(0x7f0000004580)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r4, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r6}, 0x10)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r7, r4, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, r8, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r3, 0x0)
fanotify_mark(r2, 0x201, 0x4800003e, r1, 0x0)
fanotify_mark(r2, 0x80, 0x40000022, r1, 0x0)
r9 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000400)={<r10=>0xffffffffffffffff}, 0x80)
r11 = add_key$keyring(&(0x7f0000001680), &(0x7f00000016c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r11, r10, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r12 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r12, 0x10c, 0x8, &(0x7f0000000040)=0xffff, 0x4)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r0, r0, r9}, &(0x7f0000000600)=""/100, 0x64, &(0x7f0000000180)={&(0x7f0000000400)={'xxhash64-generic\x00'}, &(0x7f0000000000)="0900a9351a47", 0x6})

299.628475ms ago: executing program 1 (id=882):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x7}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000280), 0x14)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
dup3(r2, r3, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000140)={<r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r1, 0xc02864c3, &(0x7f0000000080)={&(0x7f0000000000)=[r4], 0x2, 0x1, 0xb})
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "2a4001011f891d5b", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "fd6ed24e", "d4e9e1c90d89691c"}, 0x38)

298.231226ms ago: executing program 1 (id=883):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) (async)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x21}, [@IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x0, 0x2}}]}]}]}, 0x3c}}, 0x0)
syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000322000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f00000000c0)="66ba4200b000ee66b8e6008ec8c4c145da01d38900400000c401b5e0789fd9f4b9800000c00f3235010000000f30c74424004c000000c744240200000000ff2c243e26e0000f68a800000000", 0x4c}], 0x1, 0x2, &(0x7f0000000200), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0x10}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x74000}], 0x2, 0x101000, 0x0, 0x8)

297.725497ms ago: executing program 3 (id=884):
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x1, 0x4302)
write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
statx(r0, &(0x7f0000000080)='./file0\x00', 0x800, 0x10, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
quotactl_fd$Q_SETINFO(r1, 0xffffffff80000601, r2, &(0x7f00000001c0)={0x1, 0x4, 0x1, 0x5})
write$binfmt_elf64(r0, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x2, 0xd, 0x1, 0xa, 0x2, 0x3, 0x4, 0x1fb, 0x40, 0x146, 0x1ff, 0x1, 0x38, 0x2, 0xf844, 0x3, 0xc500}, [{0x1, 0x9, 0x5, 0x80, 0x0, 0x8000000000000000, 0x1, 0xfffffffffffeffff}, {0x6, 0x3, 0x81, 0x3e39, 0x3, 0x6, 0x4, 0x9}], "402e031ef4b175a2e5c863a604c77e9c0072125dfeb8fa763a215ee0f3335c310e8d23aea54ffd84e2006dce15723e7b626828cd6855d70b1c83b01eebb3bf68639e6bf1a7a76c00bc69480ad543e2b8e4cd40e91d3d09e0ab0ca40a5b1fc0a645bfb52ae2b1cb7ca5a6368c7a91c08b558d1f5d693aec9184a9dc7fd1", ['\x00', '\x00', '\x00']}, 0x42d)
close_range(r0, r1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000680)={'filter\x00', 0x7, 0x4, 0x418, 0x220, 0x0, 0x220, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000640), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @broadcast, 0x1, 0xffffffff}}}, {{@arp={@multicast2, @multicast1, 0xffffffff, 0xff, 0xc, 0x9, {@mac=@broadcast, {[0xff, 0xff, 0x0, 0xff, 0xff]}}, {@mac=@multicast, {[0x0, 0x0, 0x0, 0xff, 0xff, 0xff]}}, 0x81, 0x0, 0xffff, 0xb, 0x7, 0x7, 'veth1_macvtap\x00', 'ip_vti0\x00', {0x80}, {0xff}, 0x0, 0x22}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @dev={0xac, 0x14, 0x14, 0x11}, @dev={0xac, 0x14, 0x14, 0x38}, 0x4, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="6e36ae431488", @loopback, @remote, 0x8}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000b00)={0x5, [0x0, 0x0, 0x0, 0x0, <r3=>0x0]}, &(0x7f0000000b40)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000b80)={r3, 0x9dd9}, 0x8)
sendmsg$sock(r1, &(0x7f0000001000)={&(0x7f0000000bc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x3, 0x0, 0x1, 0x3, {0xa, 0x4e22, 0xd, @rand_addr=' \x01\x00', 0x6}}}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000000c40)="1efa0aa26035221e0c0ac8ae1fc7", 0xe}, {&(0x7f0000000c80)="6e3402d4f89464d79cf26abf7c6c6819ca6085fa44fe334d54bd4e097a480549dfca85e2077988e2c6266d9fa1fc597c5c8842895023f445f3444b62d43df060e8bfe0b8b09848f92517c951597baffbb8576e91fc5b37ba930b9e6cf08f7d3c46664bb310c0e265d101eb44ea7d8f226f6de64645896002ef4da6b2bd223b2af1494a84a8edbe77f00ae09505f7edef995fb3a5fcb8f72460c9bbb9927808a60d482a4abf7a01c68136315a80289c803eba1762f2d40c4b8e2bb3f073fd7c6d70", 0xc1}, {&(0x7f0000000d80)="eeefaf0507d4b5ae05972829aa8a6425b99071974d177de97f50ea6fd979b43ae0e85cbba77397008c1871cf11a10dce0cbbc617ec8f2ecf68ad871380b890efeb7af8e55a43a839af10e2aefba571487e982163a25731e29e6312932d7a2c35fefcb5aa07a12fce0076c554fc3f189edb8b32fb397b9421390c3493c6476e6f68b677b829560014adc8669399e6e20e7485bf223e072e5873401270f8afe8ad087569342530a9b44ca0", 0xaa}, {&(0x7f0000000e40)="1cd7376897df3a5c277df3f2baf8ce2d0a076f11b31aa7d1bb940326eec17fee95c53b2f57c5719ef64f83cd560f9e453273495f771dffa4d807d593e9f60b4bbd916c9123d8f054c769b4736876aa8691cc44", 0x53}, {&(0x7f0000000ec0)="35439a9ad8a8bbee58e9de9d56ed037790183584d590d8aed7be64d35db37a53cf605e0189f169f4ea8f4ef54c83c19c5304e4b6b6bc", 0x36}], 0x5, &(0x7f0000000f80)=[@mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0xa}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}], 0x78}, 0x40800)
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000001040))
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000001080)={<r5=>0x0, 0x7ff, 0x3})
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000001480)={{r0}, {@val={r5}, @actul_num={@void, 0x9, 0x47}}})
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f00000014c0)={0x6, 0x8, 0x0, @empty, 'bond_slave_0\x00'})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000003640)={'ip6gre0\x00', &(0x7f00000035c0)={'ip6gre0\x00', <r6=>0x0, 0x4, 0x7, 0x18, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8, 0x20, 0x8, 0xd}})
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000003680)=<r7=>0x0, &(0x7f00000036c0)=0x4)
sendmsg$inet(r1, &(0x7f0000003880)={0x0, 0x0, &(0x7f0000003580)=[{&(0x7f0000001500)="7751ea896748a9fe7c51c7f6b4c470a59732b00b4345f76510263c719770a22d7388aaf2400c5432028ae5186cd812cdf2e92582e94c57fbe3e6dfa134624643ac7b689bf8ca89cc7dc84836710ad016aa9eb4991b179402f90f0233b999b4c785871d8a353f36de58e28942f47b68f5405e176854ecc55c4b9ee720d65b05afc1a2fc81f24e14ebf77fba1af6741aa30c3fcd1bcf63eea9410f91bba1660d57cf9daf16e937f9fbd2856c430850e2b6f6ccfb82b1c485c4705babe72f57921d8a6c1ec4291025d8af8f857a39e43972c43cffb2468c650ed76e8757fdb3a72962e6ca5f21423b9ac3a6e6148978db6ae4ecb421f5eb002a24e0fe9cc4dffc0e09be2364ec30cb31a7abe89021ddc3fb929a90f2b7c0bbea11ec4a76df62cce50ecc57e0b4f891985bb6795949ced93a0daee5d16f34ff0e2ad0b8f01fdbeac6e89abbe017ed7246bd63d475676f929d091e195eea7b98e0db1c0e7baabb6a4733aa438ca0f1ab7df9045bbfc5252ad8a076dce5f3eab29f5403681b0e390d4f2b75a1b2022d94814ba488c6bd2d48092652ba3106c8deed9ace3d1fee542894f6dca02b1c5954579e2c9fdfb1eeeacef322a194cda0f35b465a6284b92a85f540326df7d41194b63b29895bfeee6a2f1237aabed37de07ae83e21d4db4c7ee2f2c88e7921a0e206c61a5bb3836c268931053700cb05a3f1f465a168eb84a89079d76fa93e0cd44754537e6643687183d18a3ffadab4feadbb7d72834bfb809c58eeaf3ab962869744edbdc8200c0e08a8ccbecb1bd8f6e382302752582880cab5b30faf988e244b467f262883776ef0c0f786d7ff802e899567a1a2c3dd430aeff4a781a6947a1532a313c2401a60027ae3b687d19856bba33576f22f67539e604a691df1471cb42a3a1bd5f42107003851f88bfe592978672a46bc290471f5848eedb3fc8f945cb6e205ae2abe6ad333aa75bc43b15c4e66a05f587866b56f5611acd7d3047e4c3ed09c56002120c553579bc1e4996edf54224960b7039d2bd10eb99d0ce869d8faa3591849f6ef8a21bfe35edc0f4a241658d6fd1a90c3f526e11c2137c501767660a9aab9cd3a9e5d7559216ec3d145a2003badbdd686fbf0ef4f680bff8cad3c40f7ac68846e45d957a0f5c61e715e06cc45ba7cc83570ee722be00d5772b98a6944b0cb339264b669d4059a98b8492c441beb07808577afe35b7308cbb2d6347ef8c38086d8d6a47fe65f42627f8b027c1af2240cff6eced1c46a7f6330b2721d8ebfc109a2604c451bd851f0564684e22a3bb0dee7f09bf3321078719fe6db3ca0ad2cbba27a139eedd82f946f7079c45db06995069e7e773715adee2e5552c260247ea23e56e633f6a0c185a3d350a6ebab900e704c3bf5099dee791bb984dce9078eff0cc47e8b3fbf65ebd503a737c2476c728be667c2eb00b83167e851b53787eb045fb717c875e9c12b2148d1d8e562d53ec37bd1ca6c2d3202790c6e2c5c399c280598339bad23e6ec7a75ec5d15d3f8e666610d68d1c296a8243878627fc826a25167762673f7e6b148671e2cd22f3473c40b3b261312126edf0d9caaab5e5478035602eedd362706786d53a70144be002331c453b99fc1c8fac379bf453afe3315a83b8d9ce0437546b3e29970e7e741d357135cf5b466763c9dc6ab0baeb21ecfa7e722cb3191a7fb354e7ddf638a6fc5916ebb1f946daaaaa2148c869dcbca97808234ff09ad04aad28ac8b4908cd1409ea04f50e8e7de3acd0e6c7cdfcc970fa99d348108f717f283e4ca99120bfff591536b3f3b4efa488be6ade6ed06d746bf91dc7e2fb1147fce89b00db0eda174b6c8c49f49ed40785f186d2fe684f50417d26c8c51c7a0e2cd2fb78c133d3a53d6a7ec38ba0b50c4741845765fc9e8718821f1c6add2e0cd3a904f5f9959ea9878489247abbce728bec8c8d78cfd6f112180944782d6e3b3820dd8586934da74f4465257e936b4b4b4ae4b546ac82d46fc8965497fbe3226008fbe7ac20234a4041b666eaa37b62fd11c27493b1a7aa58ac1e8618f4c1fbf68e2e196122e37967e8a4395d4fc437d2fb347405fea63456911551b62f6ec36ac1e2e7fabaacb396552469f7e6cdeb61def198876992e328de4bc28a1d83e25beb038a72cbeb487aa9ccf44fa7996fecebf8477c5cdad7a092f40446ed0be6bc24f435d50820d75c436c8f22b1ee06ad290ead58c532cf75ae9be6461ce9014c8060318bff5f5413f0cdc097bcae25a66aa19be1b134afed162e6ab9da6e0536cacda8de2d154ced84b0cf17ede39c91eefc8d64a9eb9a1af40be7c09d6dd2ff997ae2aaccac1eae2ebedc17a844ff021af6912f4913973a790f3753ed5b029a011c31e4c502f8e53655a27df28e36b9f620f87a064539b1a2a8e5d545c7f1d4dfdef577eaede86e0b0d5fb73fe2c2c5c138d3fea8b328e986c6879bddb74b1d1d7b58bff600e940abdcaf5dc2af0afaf6c64697edec07374f2ef26e2f4b39199b7600070b76c8646e9d9708e1814dbeb6abbe6594b8d5b6ecc6800d6a174cc4c4b9ee80234933ee9c54fd4b1187a607f4fd6e1281a198df8f935d1a030c8b2f49b457a625e94ca97aa39a64c3f095e223482e3e556049edf738ee40092bc663e30442bc91a08db513da122fa98ef6b391992c893ba18135fb5c93ba3935e0853cffd78c4eb126f6974df0769494e3d4766c694afa1ced8bd4f773f891b671d20d93c7d4f2ee5101a93c8ae808e9a2541e58722e734c2b8af442b07fac0f61efbeec1a9e18afccce4ad72391a3b843ee516d57b54eec0000775f857d156b2af3a346bf674c5ff26d4ebc451af718f285f1c2c1f532da60b1d6f064ab30f51f13e6ee6266bb282c48eda60995e982485aec0019b1bea5df6472f4a69bdaed77dbdcc01ce1491e10ce6b2623cfc191fa47f938cfed3657afd4f3ee0b1cb9d4e267fadcf818cf4537fe03e98b43e7ee6e6a20e23bb13919021af54d2db7f8a65c80f5bdcaea299deaf3baeb8885e97918a25c2a809f97695110b928110f2b903b2bb7d77e24aa030dc4a27a7f55983fd30983da589cbf0e26d5828d840d6fa5d16434b7f858aa4e30ee59a58f3096c75cec839975790992db672013f665561e106d21c726af43c039b03bc36aae63489140ec3c50c479a2bac0ca3297b10f86b7ed59440814516d9a3ebf53672dc2146d45ea3465f87ad38a7b7c8600227609b2f3a223a786f83bcf9707797e673977af0544ef6878bbf4e9def1d38b5f6ddb672839d177f4afa713da71c2abd67e9da34904a0cec5946207a794f2b1f1771caf07c341e8c5ee1fa84ba1a33bcdcbc4cfe92e3164d604c67c772cf657ba9f20f7f9d020f93738017d60b88c561f394655032ca4135f930f54d7ba3af8e29d263ddd6c4aaaa3e8db57ed65b6732286c1a8202925fa0fc642e28d580f947252236f2cbdeb707e760bb7a1791ce2580e0597f4bc52f65dc8e42c282737f5985c6d2b3fe0c64607198757ff414233afe45cd1b1f64e406240c4f6250cdf8da3d443cdce40b3b8af75a099520ecab92c45f35b3e59b28f02314ee97f26334bf8e433f67ad9a21968e6cbe533a7f77e190c186dc15c24522ad323c6c3e9c7f91a669b675de16f7d711888b334a615753f17b1c9c8858186c6e0afa78b39f73fc141a981469fb4180b1596df4653da1da91a6992a0ca85372ba04ed18f4c165e7cc2dad8b6c780a8200e211f6a2d369c414cd77be409e9e2b7ed0775e0656f2820fcb11231d339956c7db3cdcffdddfaca84877e27163c27e10b98a05bdb60c32cf77929930d113ec944fe30e666e3538c50c08d801ee9acb9878826acfea6c4eafe5a868da2774d2ffba3d7d713afcddf01751f876a6165ed707aa8011752415f301f7889997462fa654e99a8af7c2515d3b75d51a8995077adac761bdf92c828d217679ff6520b2940623d3314b563e2b031107a044f1b130bc2330547ae6cc4272c758f9882c3a5eb0cd4028754666c5307ec439a4223e713d3498d773dc674c5cf9f130c9d95e8247ade66dea12501e5beff6b8b05bc92eea0025bdc640c83b2cd6d34d4721c3f676fe5d908ba8d87f471e01d963ff95424e7f0013db885fa2ca40fa5b571ee826ef0e1f7b30135a6beaffa16e2a1ff29de756b62b2afdf71d7339f31790f0215f0a3e4520f173e9ee1c75257d471e7339fc1756decce9de2ad58ca5da10820d4cb04f8df3944b60e21536da331c5d6e02f408b92121c925b054f427bc215155eb8d8581db79a84d810d83f91af8374393d57dbe1a833ee874932d40b3d2907d673655dff38b1ead62e6a1c13e2fcafd41d6c9a547b0a4dc04feb7101405a56349a53b184577b4e4110f8de7bcdd8e5146ad121d0d204f84ab010d62d0752e1a997ad255848206a1c68210de8c59b9fc7370de9f4aa2a9a1935dc29c90d946e936ec3d3ba434a7d08ac109eb959269cef533e23df9101c4f4135bdfd17d03a111dce82ca616a2e79dbbe66c85274c38cf22168c1beef2d287404ff689dafaad14c0bdcbbf4cc058e9db79d459c6a03aa264c23320785d940179ca7e29e88c91e564af2ba294790fdaca193cc44783b01dec40e55e3e5165b2bf338540ecc7324493fd0079601cd716e2837668b7f9f610f75934237e8ab78c514a7b4ca2ee4cc9377e4e42d4fbc04f47d6b2e2f4d9e29f5e9a124c95fd9ce920a4e7ce9b201c9b77f543adf438e95f355f62db72b637d6af4264d8e698da7e50998267f030d35a62f479d14d072adbf20d727eb657ca9f560dc8f4fb10593c33cfb1043ad0b4d03964410eba1e0d5a4a56562e1818b76a55a1d92b58a01ea4351190273c2ccc77fc3730bb33f76e17fbff9f6a13a0fab4f5266593e3ed27bd6d4af96912bd345d4a008d5abd13f4b8363fab818f879d9bc4d309982349540bb748aea8cbd2ef92024aab3bdaf5d5887359d81459e1d0c6dd64a0695b1a732c7ec9bef23626162f0ece38a86f73f82452b95a67e2ebf110c9ff5fc3294f8ebe4a71b4ef67ba1fe6b4dbbb334abd29a943a3a24fbe9a21dc8abcdc2b0162ee6d98023463fb25bead9447794b915c0bce3c9e58298462104bec038755ba8693feae87db34f08814e0bef7502c636b70fb56902b31fb747a00b23ee622153b8e740ed618af97ce3e4df4a40cf1b6e5e677964fe393f0eaa4d24cc3b8cc0907ee4d45cb67a6887e4d41ce172620a696f13fad039d5e00213137592e0802c02c421e38c22ca6bcf54a82622a7eadb44df99fde7b33cef4a2847b6b24052775572d2a946008b915fe1afc5fa89d5ce2a051f02c45f207df68c242c0262a3c3d9ff9f8d4433b55280af3bdaefa1ac70c42b82f12eb5ee64e7ee538358aea279b31fb4864494325629ff0c1ce85be9c9382296a282edb8b9fa25c74b8f7fc2390dece9363c1dd8adc508f968bb65f60a4114db886d4d67bf7bb339aee8995b7acf70ecaf1c1df34e0c6b6a438ec8cf76291ad867214f0833ee6a90c49e32adeb72af7c245c1dcde20483da18ef071cb1dd58ac64ac1b91d897a6d8ce816f0a2ff53cf172c8e1e7ec40d762cc78061bcf4f25713aca8a6da5cb054ec9432e00cb9711541c92f7b9d9ed37b943bd2ff5509eaf8342bab40d30e8794a0902b2f79ce0d8a2d5f8f7f7eafb982bddfbc22bf4582b17780fa9e20d1dd68709e28c3e60cf1448711bc6d2e349bd0be7a00e15e33abb7e5f873bd4f0622cff8d4148dfea433f0257a0c5471a372dc2f48b2e5a73", 0x1000}, {&(0x7f0000002500)="1880fcad2acf02bb594d81de1e5f79dd0a2d6c7a75e8f346ecf5423c729665731fd4bd6376cad175cfb2c1fba8b274dcc8235d71c920dda42692731f52ba51b61745c39b210d1d780a398bfb636f14ff7f836f4684d4ecd6dd7f526658bd0c43b75e8119b684214b85e5b2b832dfc3312d87f35b443382801c4616281fefb220ba574a792e0d45952204ee62c4398e105ab77ed976271a103e3e45f43783a6c6be1f461670208e42dd321f50490986f070a445ae8913cc59944ad1ce65fa485207d43236059449bcf8198883bb723c00742e89116af2f2f2687b4496a8cfe20f18abf1a6d5f65d339dc8203a18a75b9e0b8151a7a4440b5221352b2424c9dc3ce90addb592427ee47534dea6afe68ba9ea180c8e0c0c7ec8b6e2235008237e7ba1694de970010c20494e9906167136f3b8528a10e42606ac64705e32bfd434650b7d12c158b87461fcd434ecd3726ed8fbab7719c4211a3960662255338605b6816d3b2940a99b38655c428b7445a74280d5372edebf7e8906ebdcbdfa47ba4b9f7befb2d6f76d3168b6a190f790db613cd84a99869a788824ebd3658bdf11f631a9c0b1c7e0b7deae71eb3067e6ffca23dced281af3faa632e54ed12da1b5eb9d8c351d462feb9bda035400c3a2ecba1ae8bb1e77ddf71535ff3558d3e1e477cafe9c2fdc6f41bb35967b102dba24ffa21064ca940cb0a0f0cdbe71d9c82b9e59bf8e818f1d8e1555d32cc805fc6cb235e102c7b12a6e5cdf3860d2fedbfe04b893fb19ace29388aa4221831f1d6bf097683c30332e0df4c057647d40d1f0957af4277a72102593edad504875ffd78b06d0c42cf9857a68ec2b2ea8a5d2168659f859a2e9c7dc7387e24440b4ad630fe3eee7b11134ef872ea799b522d9b8c7173e38adf9b0344d3cc8e6856f6e23836ffcecb8d3b49b93c4dcd6f34a4946f3a7ff736ba7a31283c1b0e637d4a0de9179a1f04485b4b6945e00d844ee7329b629a4f5a4ad3c3f808ce59d81b1f1d3e37290e87951c8af08e1f02c74ef76c2a7116562ea2cbc731a192461f99161f13e2e49d81256f77f7ff97b8bb293d481e31fe826d4eb224f8ed2101e077b5fb99c429e6d18955c76235f26a192c24d4e74866717085cfae7667668bc1b443adb723241a5650b9ed5fc03efd9ca53022c849c880f11279161abbce1917d259c70fb17cc9bccbf7d6246c919d17412523cc096e385566f7869f09dcad1de8f307c009f658765ae678f9256aa324c643328057931d858b21d5538d6c8adaf2658cc711aa14e1cd4ff5c99be9bfaa55aa3d42e0081be457048159867f8c8a966b922419f1e19388cc1dd72e9e40519bdd9565ffeb5ca30ee21ed1bf1a18c4c8996b6aa8b60d2d3632bc6466b68a298c86c3d725e6243be71befa18bf82812404cbd7ff7f5cfee884a5459805ed89edd8a35722e8eefa9ff30dd62ef1e4acf299939ea4bf0c1141c8e5c9817321e14ba9314a562978bcb34881f85127b4276535ae08695d42868fe5530f1c66abc08ffc28b1a671ce7081d44c590b927f0007847702ce940053a31ed83152787b536a46503acabba64e2bea4e92b71af6e1d6707f0471a198ab3681ddd54928fd9ccfb98d3534949b7e334842ef3ad5772d526acf23c06eb5620c86c01215903b45ee8116ee4766421bc12cf99349460ee46fa5312fdaffc5adb8caebb101c396a16e7c7c407b3af8c102ff693564552e25b9c621e93a4ee666db65dda91bc38b56ae26425ecee8c40dcc839779030e52ee1107ecefac6f4b1a16720d51bef59576cc6e4bbe7ffff2c7a68c96290648eb245e8eb734d1c4d9338054a9a2352fc9289b66c249c748b4b0bf7e0766556611a2933d7c14bde611f20e7cf889d941532817dbf85519cfc02cb34b596d2941c8a551f0ee67e0ef49e0c77954cc52861e3294db055a21b7bbd53ec66d6604629682cecaffec7d6929bfe3876071f2debb89a424bff48bd8b9a0073068444bb1e419e10a95ff677539018ad11e3ef329ae4181559654bf487dc78a9de76bcef721b96a8af1120513010edb3e8f405d631782f6c1e1f1c5be851c1c3034db4ecc9574319ff87de0e0c15e6f6a8efc8b0e877a89ecef26626c263f19f9ba1680e3713b7d07f2b3796f36e1e2cce030389e08f848b5db1bef2e2e908b5f87a6b9b7be3edc85908d5d9e182b5467690913eb4d05e138e51733868e0921a241c594d6bb16b1311d6dd5281b8813ea454ed2bd09a96bff7aef731f2acf63cd7611495cc2782ce2b3f7d575cda9b15890f17317cab57ef4481150cfeae9d4d54f82bd363211cb277aa9192dc9fd9d248fefda2544e22b00145516f525dd07647fb199a60620be522c2851cd5f48865a4085aaf771731509bc3b7136e6bbd6d62a29d1722ab6c6f85765e8c09c21e562cf39e44a4b8cffbbc5bcceac622cf829d1475a5344eef376c653935e69bb9dfa067e034c69642ebed42c127c5ff4a6b259c9d2033cd9e55910b09418cf32c5d90bd0a7bc285fbc93f63a19bb8bf80edb5f29764782789d79e5b61ab5dce65b761089694f592cbb59c60bc7555f1b2abe9cce5e411107cc022120651aec696eff4c5d881f2d6a3cf390eb559936e70cab64485d24ac1ab057ef275ebf3a4042711f3506ded28ee677a132f7c73d7335478297395f3b294435291ad529026b3d7d7784b1875fce788e7142f2cede887ba58be456ebc8d720a814d23c27e7345900ee59f3edce1dfbb6a846f811fa1294dfc869c6739cc36404719d2bba17ae342aa37caff0a4bf91cc53791da496dae753c9d39c7bcc1a57ffa84225f76b45b4599ac32615dce813b26a512c4dff70ec053f5130e8654a6fc3be3ba24b7deac5c4f14df38144bd2e7badd0f912df59d0ad44dac7c97593eaaea6fb4e1bca66369d1cbc8c8eca793a7f6bab749fd1f91790525f55ffc38acbb3d7a7ec88b3cf85b9bb27dde5bc9af3bc29848c8c5905632916cc40fa5baa712ea7095a8c7b18b3ecdb9ce6651df4d08c73df568d4fc5a0ca17d8ecc41daf147605fed010f292db9e50958387641d61294d5ca06333240d7f430c5b6c9d110095fb476a0d56f173c0f45da25f9533d79a9788f166f74a01d01237b5b665fb00afae7dbcc5baab6b25d13c8091291bb8ad15c16c15a3eb8383ac60b3e20270e60c756da6e6a134ff7643a3f9e05df81a6b55be374bd472a9340b34692c369b3b3fdbbc1e8b9585cb2c8bea48a25c7b542cff2f71890653c0efeec2bf1d370bb686e196909533c5bc9fe728241355754faf6a74a8b048c28f08e57710d17dbdf000d2fe09de5b6ef41d0e55abbe64f1489fe0e9234c7c5a81df828d2a1abfa1f4036cbe9d5cbf1edf6ef9bd896959173d6769c1c4e68489f4131652e369deba6db5428e943274ab3cb053802746f1d809db82cc542f2b1d51776dafd6948e31208349b3768dcda22359dccb2c88d6d904908051e1a0f5629dd70951824e7a468bc6c2f6472ca739bb2006191588454b73a1e1a545fa39f0f3edbd0a9bbcba6d50e1c7eaeb6f81e168fb085ee713b17afe584f683b856f1dda8a5a998fc1b87da02f3e92e51f7f2d73988eff21384a3252e485d3cd189d2a659496515de565c17fc5c92bea88373b7d636c9eb364dcc9d70affff3a27701a19867283a4f02eac74f7f2906b13f5fd1c2acb0b8dedb990705a51fe4b084e4874336f3f3e1009d3b507db8335a036411f722c750e6fd7ee1da2d465d17db68fcc2348c186fefd44c6e463b7dd8e4cbb2610d0a3e1ade21839d960b62e652c8c3b8e0fa980ebd0bc8ce1826e5408feb1d70c9f4a94932f82ed4a07d63fcf9330cb39261dc587324808ac99dbdd5cb9a94e7874f0b79f434ad2ffa5198397f14703d2f9f3dd33385ac178a0b2b6388c158f43834092ffda1c969e3e684e1e938e60ab0763ca8424b110f99fb9769277e2decee8fcf925f58f1838b730f8dc6981fe85cf43b586334ae10061419988c4094f36d017e286001e6e958736418d73babe2ac42081b5d4c3d54d77a6e6dc5b6f905c2a6c6401e94818cab52adb3f859f32285e3537c389f4d04c177089e18e1a75ff1db7e19a8c5dffb5374c0c3bf3f6310d35ec93467b8e74ff3864fb0442732eb34c6cd4db744cf431580b672551dcc30b87e1745e6bd2190bd7699489d420a94ae4bb68e4dd195b6dcba5bad0628090599aca64543423865909a532feee729fc4f6af861f9f70b0716d5ec262e5adbd65cb5859955ab000148d3a4cf8422ef857532039ce0c41354444f4e1e156de8cfcf359d42130fa9fdf51b5f51cc1b7e83d7733eba15e2941914a815a6bf514bae71f6a4b746b8156db2eff5ca01625a2049ee5ccfbd1a6ecc3a6a73cd378b7f60d416cd39df35000367f73a6c26fdcb5c788ac33322fd31c25b5b32b55fa35faebf6b92e1c7f8a78575c9b495a6df937c0277f6d82f6dbd85520e489270cf4ae0b517b9c475b0b23c9e021d54376715a9eabe8516f0f529874fe738b6b1f5cf9a137f05d0388e943e6c1c41e5d236e068f1714ce2eefdc2d6a0a2372e3d14854198922cc71b8932136f00045f11281f2bdcfa8393c4352c65abfda22e88dbb96e8867cae8363665414294bed0e1d0cbe8e08ac063cae948a60cbbb9f78847dbc0700d40c098b9823b7b298fde0922dea2c4687ed04a31e45a7b69085884d8cf00e5a3dba1eea66d5db6c28dd1315438c2fd8d70a8ebf3d80fcf4b2964ee81af89bf77c180455931e8d755ce0c8e907fb794dd46cadb98aef3e9ece923a51d088bc2a533057e33fcdbcde2b45a238d804e2e8efde24ac98c230875578b3dc6c7e0704dd05a0ccd8db3a97ba6d4d305b2a7f2234019c65c9a0abff22af49fe359b1fbe2d9d2633e5a0101ae550e7dab0b8230d9cf2474ba1b3f9109c04a4fd559665c44fd85722bf2844da930501fe464871d06abc58ceb8485883fc3b39e8448f28a962efb5cab751febfbade655cbc6fe3555a5822cf5797ad1f91703febe018456f7c0b710ec7a061ca604573982dc8a1c369b8e922e706ee5d6d695f60238784f6aadc212829784e4ce88f74fbec51e7bde15d5a8e9ad8433a2e8ac3c1d3a95887316d653fbf520e3640aad87ce0714cbc304b25468ad76282573e36a77603eed322f59da8596a40f494ea53f1390d00f016f48f8024d1183d39973ab7f3c0244d346449a50374f12fe3f58ed87e711cecd0d8d746b99b82e2d38ee50427696cebf6d1f5ed6600201ea5e41e26b3fc23cbf25fcdf94f0a55c3463b4a1dd49baedd3cb972d2c4f80f9459f7729e3515bee531d1ce32fb15492964bb11f5ac5299ed6db11764f281297a5940b2aa42e23b10fbd2fe07632c50724a25fdc1555da7d4b35ee10c133e59713eee93adf2702f5a3daafa4e3c32aa853d4317bcec4651c38fda707c441df6eea35e7be153e0572d30e61f74ee8337286ed11c2f91d5d7636c65c0c0e2ae018e273da8cf7f61b1048e6d1bf9c9201ec9d5b92e5639e87220c83ad6bd69428afa7f37d06491a24a76c02798bbee0020d0791d38e0e148683eab34def556003d401b4dad7e442299fb58c2238726ff69a4c632dea8d11a689905d52d6a654611dec29c77ed00a1b64057a48b7fdca59eefb0df35efaf702776fc4a420dc60be98108e9742321b7839ebb60660b94f480640d0cd4de1c3c199bebd29ea70e36ac0397b1eb6d202c75cdef0a17e1059d814b29a33ee84561a168ae2106e4a8734735c23200ad79796b43c6faa983bf0c4ef676e3", 0x1000}, {&(0x7f0000003500)="57347e3395cdba76810d3e8a3e415e045e17bc80e7a928c59ca1f32adc46c0717b8aba1ce5b1d7c5ed42f207d42dd99e742a32bc8f35185890ce92ff662989e7c5d02d0f", 0x44}], 0x3, &(0x7f0000003700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @rand_addr=0x64010100, @rand_addr=0x64010100}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x401}}, @ip_retopts={{0x14, 0x0, 0x7, {[@ra={0x94, 0x4, 0x1}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_retopts={{0xc0, 0x0, 0x7, {[@ssrr={0x89, 0xb, 0x4a, [@broadcast, @loopback]}, @ra={0x94, 0x4}, @generic={0x94, 0xf, "80927db613d68c186b9fe4f87d"}, @generic={0x7, 0x10, "e5692d94c77c1b55eefd368d700c"}, @timestamp={0x44, 0x8, 0x29, 0x0, 0x3, [0x3ff]}, @cipso={0x86, 0x4b, 0x1, [{0x7, 0x4, "155f"}, {0x5, 0x12, "48dd909d9b4857b1020c8192141bf917"}, {0x2, 0x6, "43b028c2"}, {0x1, 0x4, "b54a"}, {0x2, 0xb, "e0c0ebd34344c9db72"}, {0x7, 0xe, "7c1ca9fa082c72af5cc6a527"}, {0x7, 0xc, "e8a78c3e9fd4bbe885fa"}]}, @timestamp={0x44, 0x10, 0x8, 0x0, 0x6, [0x7f, 0x4, 0xf]}, @ssrr={0x89, 0x1f, 0x4, [@rand_addr=0x64010102, @remote, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, @remote, @broadcast]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @loopback, @remote}}}], 0x160}, 0x44000)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000003900)=@generic={&(0x7f00000038c0)='./file0\x00'}, 0x18)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000002, 0x30, r0, 0x0)
syz_io_uring_setup(0x1619, &(0x7f0000003940)={0x0, 0xead7, 0x4, 0x0, 0x2f2, 0x0, r0}, &(0x7f00000039c0), &(0x7f0000003a00)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000003a40)=@IORING_OP_POLL_REMOVE={0x7, 0x1, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1})
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xa6)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r0, 0x40084149, &(0x7f0000003a80)=0x4)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000003ac0), 0x88000, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r10, 0x3b71, &(0x7f0000003bc0)={0x20, 0x0, &(0x7f0000003b00)="296603645d0f4df1bcb4ef70d8d53428c44b4bb4a97168c1aafb9882184c14b59085c9170dcbc5e786608f4a9a1517d7870210ea5146ec6719fc55bfd9f8e0e133910b1f87045b76f5536a886865a93618d9dcb7c1e8ee93bed8bc2e0fedfc3752498548a4a89c2bf74e9661718f7a5bb093e6556b709385e6937bd79bf335a8ea409bb66efa1de15578e14ca72743def4e38a7c9ca14d328a167571258b8c006601cb869c", 0x4, 0xffff})
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000003c00)='/proc/asound/card2/oss_mixer\x00', 0x400000, 0x0)
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000003c40), &(0x7f0000003c80)=0x4)

249.331178ms ago: executing program 0 (id=885):
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000001340), 0x4008000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0xb, 0x1, 0x2, "6106ffff030080000000000000acf586d84a50bd0000080000e6ff00", 0x30314247})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x34, r4, 0x1, 0x0, 0x0, {0x34}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0xd0f, 0x4, 0x25dfdbfb, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RTT={0x8, 0x7, 0x1ff}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
socket$rxrpc(0x21, 0x2, 0xa)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
ioctl$UFFDIO_WRITEPROTECT(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$UFFDIO_CONTINUE(r7, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f00000000c0)={0x2a6, 0x9})
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000440)=@allocspi={0x104, 0x16, 0x401, 0x0, 0x0, {{{@in6=@private0, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast2, 0x0, 0x33}, @in=@remote}, 0x8, 0xffffffff}, [@mark={0xc, 0x15, {0x0, 0x2}}]}, 0x104}}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18010000000000000000000000000000850000002e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r9}, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="d80000001c0081044e81f782db44b904021d080201000000040000a118000c000600142603600e1208000f0100810401a80016002000014003", 0x39}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000040)=ANY=[@ANYBLOB="1303000054009155090893b31b71a54a07"], 0xfe33)

149.787568ms ago: executing program 3 (id=886):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0xb, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
chdir(&(0x7f0000000380)='./file0\x00')
pipe2(&(0x7f00000003c0)={<r2=>0xffffffffffffffff}, 0x1808c0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000440)={'vxcan0\x00'})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000400)={0x30002008})
accept4(r1, &(0x7f00000002c0)=@ax25={{0x3, @bcast}, [@bcast, @rose, @netrom, @rose, @default, @default, @null, @null]}, &(0x7f0000000340)=0xe0, 0x800)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha1\x00'}, 0x58)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r4, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r3, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)
bind$tipc(r3, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000000040)={0x400000, [[0x9ef8, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x10001, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0xffffffff], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{}, {0xfffffffd}, {}, {0x0, 0x4, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x7fffffd, 0x8f96}], '\x00', 0x1000})

69.798313ms ago: executing program 3 (id=887):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f00000004c0)=[@transaction_sg={0x400c6313, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$HCIINQUIRY(r0, 0x400448e4, &(0x7f0000000000)={0x0, 0x0, "c72a63"})

0s ago: executing program 0 (id=888):
syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x113383)

0s ago: executing program 1 (id=893):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff}) (async)
r2 = io_uring_setup(0x7fdd, &(0x7f00000005c0)={0x0, 0x71eb, 0x1000, 0x2})
close_range(r2, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) (async)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5}, 0x18) (async)
connect$can_j1939(r4, &(0x7f0000000140)={0x1d, r5, 0x0, {}, 0xfe}, 0x18) (async)
sendmsg$can_j1939(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)="1000607d67a31b2530", 0x9}}, 0x40000) (async)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1) (async)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00')
preadv(r6, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0x80, 0x0) (async)
r7 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r7, 0xab0a, 0x1000001000104) (async)
r8 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x200)
ioctl$NBD_SET_SOCK(r8, 0xab00, r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r9=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r8, 0xab00, r9)
ioctl$NBD_DO_IT(r7, 0xab03)
ioctl$NBD_CLEAR_SOCK(r7, 0xab04)

kernel console output (not intermixed with test programs):

nknown parameter 'root'
[   78.829840][ T7638] netlink: 'syz.2.422': attribute type 1 has an invalid length.
[   78.856520][ T7638] bond10: (slave veth41): Enslaving as a backup interface with a down link
[   78.860783][ T7638] FAULT_INJECTION: forcing a failure.
[   78.860783][ T7638] name failslab, interval 1, probability 0, space 0, times 0
[   78.863957][ T7638] CPU: 1 UID: 0 PID: 7638 Comm: syz.2.422 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   78.866697][ T7638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.869494][ T7638] Call Trace:
[   78.870444][ T7638]  <TASK>
[   78.871222][ T7638]  dump_stack_lvl+0x16c/0x1f0
[   78.872495][ T7638]  should_fail_ex+0x497/0x5b0
[   78.873735][ T7638]  ? fs_reclaim_acquire+0xae/0x150
[   78.875119][ T7638]  should_failslab+0xc2/0x120
[   78.876361][ T7638]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   78.877759][ T7638]  ? __lock_acquire+0x15a9/0x3c40
[   78.879069][ T7638]  ? __kernfs_new_node+0xd3/0x890
[   78.880400][ T7638]  __kernfs_new_node+0xd3/0x890
[   78.881675][ T7638]  ? __pfx___kernfs_new_node+0x10/0x10
[   78.883100][ T7638]  ? __pfx___lock_acquire+0x10/0x10
[   78.884469][ T7638]  kernfs_new_node+0x186/0x240
[   78.885718][ T7638]  ? find_held_lock+0x2d/0x110
[   78.886980][ T7638]  __kernfs_create_file+0x53/0x350
[   78.888335][ T7638]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   78.889731][ T7638]  internal_create_group+0x56c/0xf10
[   78.891116][ T7638]  ? __pfx_internal_create_group+0x10/0x10
[   78.892647][ T7638]  ? kernfs_create_link+0x1bd/0x240
[   78.893998][ T7638]  internal_create_groups+0x9d/0x150
[   78.895424][ T7638]  device_add+0x6d3/0x1a70
[   78.896655][ T7638]  ? __pfx_device_add+0x10/0x10
[   78.897943][ T7638]  ? __init_waitqueue_head+0xca/0x150
[   78.899369][ T7638]  netdev_register_kobject+0x183/0x3a0
[   78.900824][ T7638]  register_netdevice+0x1473/0x1e90
[   78.902178][ T7638]  ? __pfx_register_netdevice+0x10/0x10
[   78.903560][ T7638]  ? dev_addr_mod+0x321/0x5b0
[   78.904779][ T7638]  veth_newlink+0x291/0x8f0
[   78.905897][ T7638]  ? netlink_rcv_skb+0x16b/0x440
[   78.907546][ T7638]  ? __pfx_veth_newlink+0x10/0x10
[   78.908944][ T7638]  ? ___sys_sendmsg+0x135/0x1e0
[   78.910356][ T7638]  ? validate_linkmsg+0x57d/0xb60
[   78.911636][ T7638]  ? __pfx_validate_linkmsg+0x10/0x10
[   78.912994][ T7638]  ? alloc_netdev_mqs+0xed5/0x1510
[   78.914356][ T7638]  ? rtnl_create_link+0xa51/0xfa0
[   78.915680][ T7638]  ? __pfx_veth_newlink+0x10/0x10
[   78.917037][ T7638]  rtnl_newlink+0xb82/0x1ce0
[   78.918256][ T7638]  ? __pfx_rtnl_newlink+0x10/0x10
[   78.919570][ T7638]  ? __pfx___lock_acquire+0x10/0x10
[   78.920936][ T7638]  ? cred_has_capability.isra.0+0x192/0x2f0
[   78.922464][ T7638]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   78.924095][ T7638]  ? find_held_lock+0x2d/0x110
[   78.925344][ T7638]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   78.926671][ T7638]  ? __pfx_lock_release+0x10/0x10
[   78.927924][ T7638]  ? trace_lock_acquire+0x14e/0x1f0
[   78.929265][ T7638]  ? __pfx_rtnl_newlink+0x10/0x10
[   78.930580][ T7638]  rtnetlink_rcv_msg+0x95b/0xea0
[   78.931888][ T7638]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   78.933307][ T7638]  netlink_rcv_skb+0x16b/0x440
[   78.934564][ T7638]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   78.936003][ T7638]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   78.937345][ T7638]  ? netlink_deliver_tap+0x1ae/0xd30
[   78.938669][ T7638]  netlink_unicast+0x53c/0x7f0
[   78.939891][ T7638]  ? __pfx_netlink_unicast+0x10/0x10
[   78.941605][ T7638]  netlink_sendmsg+0x8b8/0xd70
[   78.942967][ T7638]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.944394][ T7638]  ____sys_sendmsg+0xaaf/0xc90
[   78.945676][ T7638]  ? copy_msghdr_from_user+0x10b/0x160
[   78.947189][ T7638]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.948572][ T7638]  ? __lock_acquire+0xcc5/0x3c40
[   78.949880][ T7638]  ___sys_sendmsg+0x135/0x1e0
[   78.951117][ T7638]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.952416][ T7638]  ? trace_lock_acquire+0x14e/0x1f0
[   78.953709][ T7638]  __sys_sendmmsg+0x201/0x420
[   78.954888][ T7638]  ? __pfx___sys_sendmmsg+0x10/0x10
[   78.956233][ T7638]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   78.957734][ T7638]  ? fput+0x67/0x440
[   78.958758][ T7638]  ? ksys_write+0x1ba/0x250
[   78.960044][ T7638]  ? __pfx_ksys_write+0x10/0x10
[   78.961293][ T7638]  __x64_sys_sendmmsg+0x9c/0x100
[   78.962594][ T7638]  ? lockdep_hardirqs_on+0x7c/0x110
[   78.963969][ T7638]  do_syscall_64+0xcd/0x250
[   78.965140][ T7638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.966664][ T7638] RIP: 0033:0x7f625437ff19
[   78.967814][ T7638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.972543][ T7638] RSP: 002b:00007f62551e8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   78.974723][ T7638] RAX: ffffffffffffffda RBX: 00007f6254545fa0 RCX: 00007f625437ff19
[   78.976776][ T7638] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   78.978820][ T7638] RBP: 00007f62551e80a0 R08: 0000000000000000 R09: 0000000000000000
[   78.980905][ T7638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   78.982956][ T7638] R13: 0000000000000000 R14: 00007f6254545fa0 R15: 00007ffda05ec918
[   78.985019][ T7638]  </TASK>
[   78.985868][    C1] vkms_vblank_simulate: vblank timer overrun
[   78.998675][ T7638] bond10: (slave veth43): Enslaving as a backup interface with a down link
[   79.290396][ T7662] netlink: 'syz.3.429': attribute type 1 has an invalid length.
[   79.306897][ T7661] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   79.310678][ T7661] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   79.313917][ T7661] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   79.317775][ T7661] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   79.321428][ T7661] geneve2: entered promiscuous mode
[   79.323494][ T7661] geneve2: entered allmulticast mode
[   79.354525][   T39] kauditd_printk_skb: 25 callbacks suppressed
[   79.354540][   T39] audit: type=1400 audit(1733798796.237:480): avc:  denied  { setopt } for  pid=7665 comm="syz.2.431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   79.361370][   T39] audit: type=1400 audit(1733798796.237:481): avc:  denied  { map } for  pid=7665 comm="syz.2.431" path="socket:[18758]" dev="sockfs" ino=18758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   79.363732][ T7662] bond4: (slave veth5): Enslaving as a backup interface with a down link
[   79.367576][   T39] audit: type=1400 audit(1733798796.237:482): avc:  denied  { read accept } for  pid=7665 comm="syz.2.431" path="socket:[18758]" dev="sockfs" ino=18758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   79.391218][ T7667] bond4: (slave veth7): Enslaving as a backup interface with a down link
[   79.396599][ T7654] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[   79.409477][ T7667] bond4: (slave veth9): Enslaving as a backup interface with a down link
[   79.423171][ T7670] overlayfs: failed to resolve './bus/file0': -2
[   79.430392][   T39] audit: type=1400 audit(1733798796.317:483): avc:  denied  { bind } for  pid=7669 comm="syz.2.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   79.435431][   T39] audit: type=1400 audit(1733798796.317:484): avc:  denied  { listen } for  pid=7669 comm="syz.2.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   79.458521][ T7676] netlink: 12 bytes leftover after parsing attributes in process `syz.2.434'.
[   79.461602][ T7676] netlink: 12 bytes leftover after parsing attributes in process `syz.2.434'.
[   79.539014][ T7688] pim6reg1: entered promiscuous mode
[   79.541081][ T7688] pim6reg1: entered allmulticast mode
[   79.572241][ T7692] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[   79.602242][   T39] audit: type=1400 audit(1733798796.487:485): avc:  denied  { lock } for  pid=7687 comm="syz.2.438" path="socket:[19542]" dev="sockfs" ino=19542 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   79.765383][ T7714] sp0: Synchronizing with TNC
[   79.855171][ T7716] netlink: 'syz.1.444': attribute type 1 has an invalid length.
[   79.901733][ T7716] bond6: (slave veth27): Enslaving as a backup interface with a down link
[   79.918575][ T7724] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7724 comm=syz.2.447
[   79.996472][ T7737] xt_hashlimit: size too large, truncated to 1048576
[   80.017664][ T7741] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   80.301819][ T7753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.454'.
[   80.564828][ T7764] netlink: 'syz.2.457': attribute type 1 has an invalid length.
[   80.605596][ T7764] bond11: (slave veth45): Enslaving as a backup interface with a down link
[   80.627942][ T7764] bond11: (slave veth47): Enslaving as a backup interface with a down link
[   80.648897][ T7764] bond11: (slave veth49): Enslaving as a backup interface with a down link
[   80.686941][ T7767] netlink: 52 bytes leftover after parsing attributes in process `syz.2.458'.
[   80.690346][ T7767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.458'.
[   80.774367][ T7777] netlink: 28 bytes leftover after parsing attributes in process `syz.2.461'.
[   80.789392][ T7779] netlink: 16 bytes leftover after parsing attributes in process `syz.0.462'.
[   80.825086][ T7782] netlink: 'syz.2.463': attribute type 1 has an invalid length.
[   80.828866][ T7783] netlink: 16 bytes leftover after parsing attributes in process `syz.0.464'.
[   80.854416][ T7782] bond12: (slave veth51): Enslaving as a backup interface with a down link
[   80.886591][ T7782] bond12: (slave veth53): Enslaving as a backup interface with a down link
[   80.902955][ T7789] netlink: 'syz.0.466': attribute type 1 has an invalid length.
[   80.903455][ T7782] bond12: (slave veth55): Enslaving as a backup interface with a down link
[   80.946150][ T7789] bond9: (slave veth27): Enslaving as a backup interface with a down link
[   80.971696][ T7789] bond9: (slave veth29): Enslaving as a backup interface with a down link
[   80.992964][ T7789] bond9: (slave veth31): Enslaving as a backup interface with a down link
[   81.025634][   T39] audit: type=1400 audit(1733798797.907:486): avc:  denied  { append } for  pid=7796 comm="syz.0.468" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   81.045284][   T39] audit: type=1400 audit(1733798797.927:487): avc:  denied  { checkpoint_restore } for  pid=7796 comm="syz.0.468" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   81.132447][   T39] audit: type=1400 audit(1733798798.017:488): avc:  denied  { mount } for  pid=7813 comm="syz.1.474" name="/" dev="ramfs" ino=19831 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   81.134679][ T7814] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   81.142805][   T39] audit: type=1400 audit(1733798798.027:489): avc:  denied  { listen } for  pid=7813 comm="syz.1.474" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   81.229869][ T7814] netlink: 20 bytes leftover after parsing attributes in process `syz.1.474'.
[   81.272787][ T7824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.476'.
[   81.374182][ T7834] syz.0.477: attempt to access beyond end of device
[   81.374182][ T7834] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0
[   81.380436][ T7834] syz.0.477: attempt to access beyond end of device
[   81.380436][ T7834] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0
[   81.384691][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   81.387500][ T7834] syz.0.477: attempt to access beyond end of device
[   81.387500][ T7834] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0
[   81.392537][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   81.394999][ T7834] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[   81.396958][ T7834] UDF-fs: Scanning with blocksize 1024 failed
[   81.398954][ T7834] syz.0.477: attempt to access beyond end of device
[   81.398954][ T7834] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0
[   81.402660][ T7834] syz.0.477: attempt to access beyond end of device
[   81.402660][ T7834] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0
[   81.405958][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   81.409072][ T7834] syz.0.477: attempt to access beyond end of device
[   81.409072][ T7834] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0
[   81.413430][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   81.416043][ T7834] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[   81.418262][ T7834] UDF-fs: Scanning with blocksize 2048 failed
[   81.420110][ T7834] syz.0.477: attempt to access beyond end of device
[   81.420110][ T7834] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[   81.427437][ T7834] syz.0.477: attempt to access beyond end of device
[   81.427437][ T7834] nbd0: rw=0, sector=2048, nr_sectors = 8 limit=0
[   81.431870][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[   81.435192][ T7834] syz.0.477: attempt to access beyond end of device
[   81.435192][ T7834] nbd0: rw=0, sector=4096, nr_sectors = 8 limit=0
[   81.447255][ T7834] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[   81.449872][ T7834] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[   81.452024][ T7834] UDF-fs: Scanning with blocksize 4096 failed
[   81.453635][ T7834] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[   81.463146][ T7834] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   81.823258][ T7863] netlink: 48 bytes leftover after parsing attributes in process `syz.1.488'.
[   81.825900][ T7863] netlink: 32 bytes leftover after parsing attributes in process `syz.1.488'.
[   83.090003][    C3] vcan0: j1939_tp_rxtimer: 0xffff888029afd400: rx timeout, send abort
[   83.095057][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888029afd400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[   83.397523][ T7883] netlink: 'syz.1.495': attribute type 21 has an invalid length.
[   83.399807][ T7883] netlink: 'syz.1.495': attribute type 6 has an invalid length.
[   83.647233][ T7898] fuse: Bad value for 'fd'
[   83.704987][ T7904] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode broadcast(3)
[   84.338941][ T7926] batadv_slave_1: entered promiscuous mode
[   84.344513][ T7925] batadv_slave_1: left promiscuous mode
[   84.357026][   T39] kauditd_printk_skb: 40086 callbacks suppressed
[   84.357039][   T39] audit: type=1326 audit(1733798801.237:40576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.364982][   T39] audit: type=1326 audit(1733798801.237:40577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.373843][   T39] audit: type=1326 audit(1733798801.247:40578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.380182][   T39] audit: type=1326 audit(1733798801.247:40579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.386038][   T39] audit: type=1326 audit(1733798801.247:40580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.388581][ T7929] netlink: 'syz.0.510': attribute type 1 has an invalid length.
[   84.393263][   T39] audit: type=1326 audit(1733798801.247:40581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.400232][   T39] audit: type=1326 audit(1733798801.247:40582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.405805][   T39] audit: type=1326 audit(1733798801.247:40583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.411938][   T39] audit: type=1326 audit(1733798801.247:40584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.418109][   T39] audit: type=1326 audit(1733798801.247:40585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7835 comm="syz.2.480" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625437ff19 code=0x7ff00000
[   84.426159][ T7929] bond10: (slave veth33): Enslaving as a backup interface with a down link
[   84.432064][ T7929] FAULT_INJECTION: forcing a failure.
[   84.432064][ T7929] name failslab, interval 1, probability 0, space 0, times 0
[   84.436961][ T7929] CPU: 1 UID: 0 PID: 7929 Comm: syz.0.510 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   84.440477][ T7929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.444318][ T7929] Call Trace:
[   84.445595][ T7929]  <TASK>
[   84.446796][ T7929]  dump_stack_lvl+0x16c/0x1f0
[   84.448460][ T7929]  should_fail_ex+0x497/0x5b0
[   84.450191][ T7929]  ? fs_reclaim_acquire+0xae/0x150
[   84.452145][ T7929]  should_failslab+0xc2/0x120
[   84.453759][ T7929]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   84.455602][ T7929]  ? __kernfs_new_node+0xd3/0x890
[   84.457331][ T7929]  __kernfs_new_node+0xd3/0x890
[   84.458988][ T7929]  ? __pfx___kernfs_new_node+0x10/0x10
[   84.460835][ T7929]  ? __pfx_lock_release+0x10/0x10
[   84.462679][ T7929]  ? kernfs_add_one+0x39d/0x520
[   84.464545][ T7929]  ? up_write+0x1b2/0x520
[   84.466174][ T7929]  kernfs_new_node+0x186/0x240
[   84.467826][ T7929]  __kernfs_create_file+0x53/0x350
[   84.469794][ T7929]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   84.471833][ T7929]  internal_create_group+0x56c/0xf10
[   84.473889][ T7929]  ? __pfx_internal_create_group+0x10/0x10
[   84.475962][ T7929]  ? kernfs_create_link+0x1bd/0x240
[   84.477733][ T7929]  internal_create_groups+0x9d/0x150
[   84.479508][ T7929]  device_add+0x6d3/0x1a70
[   84.480943][ T7929]  ? __pfx_device_add+0x10/0x10
[   84.482530][ T7929]  ? __init_waitqueue_head+0xca/0x150
[   84.484326][ T7929]  netdev_register_kobject+0x183/0x3a0
[   84.486285][ T7929]  register_netdevice+0x1473/0x1e90
[   84.488080][ T7929]  ? __pfx_register_netdevice+0x10/0x10
[   84.490092][ T7929]  ? dev_addr_mod+0x321/0x5b0
[   84.491335][ T7929]  veth_newlink+0x291/0x8f0
[   84.492571][ T7929]  ? netlink_rcv_skb+0x16b/0x440
[   84.493891][ T7929]  ? __pfx_veth_newlink+0x10/0x10
[   84.495230][ T7929]  ? ___sys_sendmsg+0x135/0x1e0
[   84.496685][ T7929]  ? validate_linkmsg+0x57d/0xb60
[   84.498031][ T7929]  ? __pfx_validate_linkmsg+0x10/0x10
[   84.499440][ T7929]  ? alloc_netdev_mqs+0xed5/0x1510
[   84.500818][ T7929]  ? rtnl_create_link+0xa51/0xfa0
[   84.502459][ T7929]  ? __pfx_veth_newlink+0x10/0x10
[   84.503862][ T7929]  rtnl_newlink+0xb82/0x1ce0
[   84.505471][ T7929]  ? __pfx_rtnl_newlink+0x10/0x10
[   84.507319][ T7929]  ? __pfx___lock_acquire+0x10/0x10
[   84.509090][ T7929]  ? cred_has_capability.isra.0+0x192/0x2f0
[   84.510643][ T7929]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   84.512534][ T7929]  ? find_held_lock+0x2d/0x110
[   84.514002][ T7929]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   84.515409][ T7929]  ? __pfx_lock_release+0x10/0x10
[   84.516803][ T7929]  ? trace_lock_acquire+0x14e/0x1f0
[   84.518342][ T7929]  ? __pfx_rtnl_newlink+0x10/0x10
[   84.519733][ T7929]  rtnetlink_rcv_msg+0x95b/0xea0
[   84.521075][ T7929]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   84.522519][ T7929]  netlink_rcv_skb+0x16b/0x440
[   84.523807][ T7929]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   84.525266][ T7929]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   84.527134][ T7929]  ? netlink_deliver_tap+0x1ae/0xd30
[   84.528993][ T7929]  netlink_unicast+0x53c/0x7f0
[   84.530752][ T7929]  ? __pfx_netlink_unicast+0x10/0x10
[   84.532614][ T7929]  netlink_sendmsg+0x8b8/0xd70
[   84.534352][ T7929]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.536191][ T7929]  ____sys_sendmsg+0xaaf/0xc90
[   84.537834][ T7929]  ? copy_msghdr_from_user+0x10b/0x160
[   84.539669][ T7929]  ? __pfx_____sys_sendmsg+0x10/0x10
[   84.541820][ T7929]  ? __lock_acquire+0xcc5/0x3c40
[   84.543536][ T7929]  ___sys_sendmsg+0x135/0x1e0
[   84.545002][ T7929]  ? __pfx____sys_sendmsg+0x10/0x10
[   84.546578][ T7929]  ? trace_lock_acquire+0x14e/0x1f0
[   84.548266][ T7929]  __sys_sendmmsg+0x201/0x420
[   84.549626][ T7929]  ? __pfx___sys_sendmmsg+0x10/0x10
[   84.551009][ T7929]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   84.552601][ T7929]  ? fput+0x67/0x440
[   84.553647][ T7929]  ? ksys_write+0x1ba/0x250
[   84.554868][ T7929]  ? __pfx_ksys_write+0x10/0x10
[   84.556175][ T7929]  __x64_sys_sendmmsg+0x9c/0x100
[   84.557502][ T7929]  ? lockdep_hardirqs_on+0x7c/0x110
[   84.558887][ T7929]  do_syscall_64+0xcd/0x250
[   84.560205][ T7929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.561775][ T7929] RIP: 0033:0x7fcd92d7ff19
[   84.562958][ T7929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.569395][ T7929] RSP: 002b:00007fcd92bf9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   84.572133][ T7929] RAX: ffffffffffffffda RBX: 00007fcd92f45fa0 RCX: 00007fcd92d7ff19
[   84.574920][ T7929] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   84.577726][ T7929] RBP: 00007fcd92bf90a0 R08: 0000000000000000 R09: 0000000000000000
[   84.580489][ T7929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   84.583235][ T7929] R13: 0000000000000000 R14: 00007fcd92f45fa0 R15: 00007fffdaf47a98
[   84.585834][ T7929]  </TASK>
[   84.587015][    C1] vkms_vblank_simulate: vblank timer overrun
[   84.606000][ T7929] bond10: (slave veth35): Enslaving as a backup interface with a down link
[   84.868906][ T7961] netlink: 'syz.1.520': attribute type 1 has an invalid length.
[   84.872263][ T7959] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   84.922381][ T7961] bond7: (slave veth29): Enslaving as a backup interface with a down link
[   84.928233][ T7961] FAULT_INJECTION: forcing a failure.
[   84.928233][ T7961] name failslab, interval 1, probability 0, space 0, times 0
[   84.932154][ T7961] CPU: 3 UID: 0 PID: 7961 Comm: syz.1.520 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   84.935091][ T7961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.938185][ T7961] Call Trace:
[   84.939076][ T7961]  <TASK>
[   84.939885][ T7961]  dump_stack_lvl+0x16c/0x1f0
[   84.941166][ T7961]  should_fail_ex+0x497/0x5b0
[   84.942417][ T7961]  ? fs_reclaim_acquire+0xae/0x150
[   84.943728][ T7961]  should_failslab+0xc2/0x120
[   84.945046][ T7961]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   84.946461][ T7961]  ? __kernfs_new_node+0xd3/0x890
[   84.948029][ T7961]  __kernfs_new_node+0xd3/0x890
[   84.949457][ T7961]  ? __pfx___kernfs_new_node+0x10/0x10
[   84.951269][ T7961]  ? __pfx_lock_release+0x10/0x10
[   84.953261][ T7961]  ? kernfs_add_one+0x39d/0x520
[   84.954791][ T7961]  ? up_write+0x1b2/0x520
[   84.956151][ T7961]  kernfs_new_node+0x186/0x240
[   84.957491][ T7961]  __kernfs_create_file+0x53/0x350
[   84.958825][ T7961]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   84.960263][ T7961]  internal_create_group+0x56c/0xf10
[   84.961658][ T7961]  ? __pfx_internal_create_group+0x10/0x10
[   84.963176][ T7961]  ? kernfs_create_link+0x1bd/0x240
[   84.964522][ T7961]  internal_create_groups+0x9d/0x150
[   84.965976][ T7961]  device_add+0x6d3/0x1a70
[   84.967376][ T7961]  ? __pfx_device_add+0x10/0x10
[   84.969023][ T7961]  ? __init_waitqueue_head+0xca/0x150
[   84.970656][ T7961]  netdev_register_kobject+0x183/0x3a0
[   84.972209][ T7961]  register_netdevice+0x1473/0x1e90
[   84.973680][ T7961]  ? __pfx_register_netdevice+0x10/0x10
[   84.975262][ T7961]  ? dev_addr_mod+0x321/0x5b0
[   84.976522][ T7961]  veth_newlink+0x291/0x8f0
[   84.977741][ T7961]  ? netlink_rcv_skb+0x16b/0x440
[   84.979346][ T7961]  ? __pfx_veth_newlink+0x10/0x10
[   84.980762][ T7961]  ? ___sys_sendmsg+0x135/0x1e0
[   84.982110][ T7961]  ? validate_linkmsg+0x57d/0xb60
[   84.983422][ T7961]  ? __pfx_validate_linkmsg+0x10/0x10
[   84.984844][ T7961]  ? alloc_netdev_mqs+0xed5/0x1510
[   84.986195][ T7961]  ? rtnl_create_link+0xa51/0xfa0
[   84.987942][ T7961]  ? __pfx_veth_newlink+0x10/0x10
[   84.989366][ T7961]  rtnl_newlink+0xb82/0x1ce0
[   84.990740][ T7961]  ? __pfx_rtnl_newlink+0x10/0x10
[   84.992518][ T7961]  ? __pfx___lock_acquire+0x10/0x10
[   84.994214][ T7961]  ? cred_has_capability.isra.0+0x192/0x2f0
[   84.996092][ T7961]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   84.997866][ T7961]  ? find_held_lock+0x2d/0x110
[   84.999237][ T7961]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   85.000735][ T7961]  ? __pfx_lock_release+0x10/0x10
[   85.002244][ T7961]  ? trace_lock_acquire+0x14e/0x1f0
[   85.003672][ T7961]  ? __pfx_rtnl_newlink+0x10/0x10
[   85.005013][ T7961]  rtnetlink_rcv_msg+0x95b/0xea0
[   85.006332][ T7961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   85.007822][ T7961]  ? ttwu_queue_wakelist+0x26d/0x400
[   85.009270][ T7961]  ? __smp_call_single_queue+0x174/0x1e0
[   85.010930][ T7961]  ? do_raw_spin_unlock+0x172/0x230
[   85.012616][ T7961]  netlink_rcv_skb+0x16b/0x440
[   85.014200][ T7961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   85.015794][ T7961]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   85.017451][ T7961]  ? rcu_is_watching+0x12/0xc0
[   85.018733][ T7961]  netlink_unicast+0x53c/0x7f0
[   85.020006][ T7961]  ? __pfx_netlink_unicast+0x10/0x10
[   85.021431][ T7961]  netlink_sendmsg+0x8b8/0xd70
[   85.022694][ T7961]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.024083][ T7961]  ____sys_sendmsg+0xaaf/0xc90
[   85.025335][ T7961]  ? copy_msghdr_from_user+0x10b/0x160
[   85.026785][ T7961]  ? __pfx_____sys_sendmsg+0x10/0x10
[   85.028416][ T7961]  ? __lock_acquire+0xcc5/0x3c40
[   85.029836][ T7961]  ___sys_sendmsg+0x135/0x1e0
[   85.031215][ T7961]  ? __pfx____sys_sendmsg+0x10/0x10
[   85.033022][ T7961]  ? trace_lock_acquire+0x14e/0x1f0
[   85.034704][ T7961]  __sys_sendmmsg+0x201/0x420
[   85.036072][ T7961]  ? __pfx___sys_sendmmsg+0x10/0x10
[   85.037697][ T7961]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   85.039294][ T7961]  ? fput+0x67/0x440
[   85.040242][ T7961]  ? ksys_write+0x1ba/0x250
[   85.041276][ T7961]  ? __pfx_ksys_write+0x10/0x10
[   85.042509][ T7961]  __x64_sys_sendmmsg+0x9c/0x100
[   85.043812][ T7961]  ? lockdep_hardirqs_on+0x7c/0x110
[   85.045135][ T7961]  do_syscall_64+0xcd/0x250
[   85.046330][ T7961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.048303][ T7961] RIP: 0033:0x7fef3877ff19
[   85.049482][ T7961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.055478][ T7961] RSP: 002b:00007fef39650058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   85.057968][ T7961] RAX: ffffffffffffffda RBX: 00007fef38945fa0 RCX: 00007fef3877ff19
[   85.060169][ T7961] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   85.062262][ T7961] RBP: 00007fef396500a0 R08: 0000000000000000 R09: 0000000000000000
[   85.064328][ T7961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.066785][ T7961] R13: 0000000000000000 R14: 00007fef38945fa0 R15: 00007ffc6c6f0c28
[   85.068974][ T7961]  </TASK>
[   85.105151][ T7961] bond7: (slave veth31): Enslaving as a backup interface with a down link
[   85.269137][ T7994] bond0: Unable to set down delay as MII monitoring is disabled
[   85.327812][   T35] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   85.405502][ T8005] usb usb9: usbfs: process 8005 (syz.1.532) did not claim interface 0 before use
[   85.439831][ T8007] netlink: 'syz.1.533': attribute type 1 has an invalid length.
[   85.457149][ T8007] bond8: (slave veth33): Enslaving as a backup interface with a down link
[   85.461484][ T8007] FAULT_INJECTION: forcing a failure.
[   85.461484][ T8007] name failslab, interval 1, probability 0, space 0, times 0
[   85.465312][ T8007] CPU: 2 UID: 0 PID: 8007 Comm: syz.1.533 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   85.468589][ T8007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.471377][ T8007] Call Trace:
[   85.472313][ T8007]  <TASK>
[   85.473360][ T8007]  dump_stack_lvl+0x16c/0x1f0
[   85.474772][ T8007]  should_fail_ex+0x497/0x5b0
[   85.476190][ T8007]  ? fs_reclaim_acquire+0xae/0x150
[   85.477492][ T8007]  should_failslab+0xc2/0x120
[   85.478723][ T8007]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   85.480226][ T8007]  ? __kernfs_new_node+0xd3/0x890
[   85.481667][ T8007]  __kernfs_new_node+0xd3/0x890
[   85.483044][ T8007]  ? __pfx___kernfs_new_node+0x10/0x10
[   85.484541][ T8007]  ? __pfx_lock_release+0x10/0x10
[   85.485925][ T8007]  ? kernfs_add_one+0x39d/0x520
[   85.487186][ T8007]  ? up_write+0x1b2/0x520
[   85.488578][ T8007]  kernfs_new_node+0x186/0x240
[   85.490011][ T8007]  __kernfs_create_file+0x53/0x350
[   85.490244][   T35] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   85.491611][ T8007]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   85.494799][   T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.496476][ T8007]  internal_create_group+0x56c/0xf10
[   85.499529][   T35] usb 7-1: Product: syz
[   85.500738][ T8007]  ? __pfx_internal_create_group+0x10/0x10
[   85.502265][   T35] usb 7-1: Manufacturer: syz
[   85.503771][ T8007]  ? kernfs_create_link+0x1bd/0x240
[   85.505357][   T35] usb 7-1: SerialNumber: syz
[   85.506655][ T8007]  internal_create_groups+0x9d/0x150
[   85.509780][ T8007]  device_add+0x6d3/0x1a70
[   85.510967][ T8007]  ? __pfx_device_add+0x10/0x10
[   85.512429][ T8007]  ? __init_waitqueue_head+0xca/0x150
[   85.513046][   T35] usb 7-1: config 0 descriptor??
[   85.513860][ T8007]  netdev_register_kobject+0x183/0x3a0
[   85.517260][ T8007]  register_netdevice+0x1473/0x1e90
[   85.518667][ T8007]  ? __pfx_register_netdevice+0x10/0x10
[   85.520193][ T8007]  ? dev_addr_mod+0x321/0x5b0
[   85.521398][ T8007]  veth_newlink+0x291/0x8f0
[   85.522545][ T8007]  ? netlink_rcv_skb+0x16b/0x440
[   85.523785][ T8007]  ? __pfx_veth_newlink+0x10/0x10
[   85.525058][ T8007]  ? ___sys_sendmsg+0x135/0x1e0
[   85.526319][ T8007]  ? validate_linkmsg+0x57d/0xb60
[   85.527544][ T8007]  ? __pfx_validate_linkmsg+0x10/0x10
[   85.528891][ T8007]  ? alloc_netdev_mqs+0xed5/0x1510
[   85.530207][ T8007]  ? rtnl_create_link+0xa51/0xfa0
[   85.531668][ T8007]  ? __pfx_veth_newlink+0x10/0x10
[   85.533085][ T8007]  rtnl_newlink+0xb82/0x1ce0
[   85.534348][ T8007]  ? __pfx_rtnl_newlink+0x10/0x10
[   85.535829][ T8007]  ? __pfx___lock_acquire+0x10/0x10
[   85.537201][ T8007]  ? cred_has_capability.isra.0+0x192/0x2f0
[   85.538633][ T8007]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   85.540153][ T8007]  ? find_held_lock+0x2d/0x110
[   85.541315][ T8007]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   85.542568][ T8007]  ? __pfx_lock_release+0x10/0x10
[   85.543934][ T8007]  ? trace_lock_acquire+0x14e/0x1f0
[   85.545381][ T8007]  ? __pfx_rtnl_newlink+0x10/0x10
[   85.546875][ T8007]  rtnetlink_rcv_msg+0x95b/0xea0
[   85.548449][ T8007]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   85.549947][ T8007]  netlink_rcv_skb+0x16b/0x440
[   85.551171][ T8007]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   85.552655][ T8007]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   85.554191][ T8007]  ? netlink_deliver_tap+0x1ae/0xd30
[   85.555963][ T8007]  netlink_unicast+0x53c/0x7f0
[   85.557249][ T8007]  ? __pfx_netlink_unicast+0x10/0x10
[   85.558677][ T8007]  netlink_sendmsg+0x8b8/0xd70
[   85.559960][ T8007]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.561371][ T8007]  ____sys_sendmsg+0xaaf/0xc90
[   85.562871][ T8007]  ? copy_msghdr_from_user+0x10b/0x160
[   85.564349][ T8007]  ? __pfx_____sys_sendmsg+0x10/0x10
[   85.565758][ T8007]  ? __lock_acquire+0xcc5/0x3c40
[   85.567026][ T8007]  ___sys_sendmsg+0x135/0x1e0
[   85.568255][ T8007]  ? __pfx____sys_sendmsg+0x10/0x10
[   85.569708][ T8007]  ? trace_lock_acquire+0x14e/0x1f0
[   85.571402][ T8007]  __sys_sendmmsg+0x201/0x420
[   85.572631][ T8007]  ? __pfx___sys_sendmmsg+0x10/0x10
[   85.574303][ T8007]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   85.575973][ T8007]  ? fput+0x67/0x440
[   85.577061][ T8007]  ? ksys_write+0x1ba/0x250
[   85.578287][ T8007]  ? __pfx_ksys_write+0x10/0x10
[   85.579610][ T8007]  __x64_sys_sendmmsg+0x9c/0x100
[   85.580934][ T8007]  ? lockdep_hardirqs_on+0x7c/0x110
[   85.582297][ T8007]  do_syscall_64+0xcd/0x250
[   85.583493][ T8007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.585079][ T8007] RIP: 0033:0x7fef3877ff19
[   85.586284][ T8007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.591664][ T8007] RSP: 002b:00007fef39650058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   85.594264][ T8007] RAX: ffffffffffffffda RBX: 00007fef38945fa0 RCX: 00007fef3877ff19
[   85.596864][ T8007] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   85.598937][ T8007] RBP: 00007fef396500a0 R08: 0000000000000000 R09: 0000000000000000
[   85.601032][ T8007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.603011][ T8007] R13: 0000000000000000 R14: 00007fef38945fa0 R15: 00007ffc6c6f0c28
[   85.605190][ T8007]  </TASK>
[   85.642711][ T8007] bond8: (slave veth35): Enslaving as a backup interface with a down link
[   85.717595][   T35] usb 7-1: USB disconnect, device number 3
[   85.729788][ T8032] block nbd3: NBD_DISCONNECT
[   85.732134][ T8033] block nbd3: NBD_DISCONNECT
[   85.917442][   T57] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   85.960196][ T7978] SELinux:  policydb version 1402900228 does not match my version range 15-33
[   85.962794][ T7978] SELinux: failed to load policy
[   85.997566][ T8048] netlink: 'syz.1.544': attribute type 1 has an invalid length.
[   86.014655][ T8048] bond9: (slave veth37): Enslaving as a backup interface with a down link
[   86.017840][ T8048] FAULT_INJECTION: forcing a failure.
[   86.017840][ T8048] name failslab, interval 1, probability 0, space 0, times 0
[   86.021183][ T8048] CPU: 0 UID: 0 PID: 8048 Comm: syz.1.544 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   86.023917][ T8048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.026690][ T8048] Call Trace:
[   86.027580][ T8048]  <TASK>
[   86.028389][ T8048]  dump_stack_lvl+0x16c/0x1f0
[   86.029626][ T8048]  should_fail_ex+0x497/0x5b0
[   86.030865][ T8048]  ? fs_reclaim_acquire+0xae/0x150
[   86.032216][ T8048]  should_failslab+0xc2/0x120
[   86.033448][ T8048]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   86.034863][ T8048]  ? __kernfs_new_node+0xd3/0x890
[   86.036184][ T8048]  __kernfs_new_node+0xd3/0x890
[   86.037461][ T8048]  ? __pfx___kernfs_new_node+0x10/0x10
[   86.038874][ T8048]  ? __pfx_lock_release+0x10/0x10
[   86.040190][ T8048]  ? kernfs_add_one+0x39d/0x520
[   86.041461][ T8048]  ? up_write+0x1b2/0x520
[   86.042591][ T8048]  kernfs_new_node+0x186/0x240
[   86.043924][ T8048]  __kernfs_create_file+0x53/0x350
[   86.045256][ T8048]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   86.046660][ T8048]  internal_create_group+0x56c/0xf10
[   86.048056][ T8048]  ? __pfx_internal_create_group+0x10/0x10
[   86.049586][ T8048]  ? kernfs_create_link+0x1bd/0x240
[   86.050948][ T8048]  internal_create_groups+0x9d/0x150
[   86.052337][ T8048]  device_add+0x6d3/0x1a70
[   86.053519][ T8048]  ? __pfx_device_add+0x10/0x10
[   86.054948][ T8048]  ? __init_waitqueue_head+0xca/0x150
[   86.056361][ T8048]  netdev_register_kobject+0x183/0x3a0
[   86.057727][ T8048]  register_netdevice+0x1473/0x1e90
[   86.059018][ T8048]  ? __pfx_register_netdevice+0x10/0x10
[   86.060373][ T8048]  ? dev_addr_mod+0x321/0x5b0
[   86.061230][ T8050] __nla_validate_parse: 7 callbacks suppressed
[   86.061241][ T8050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'.
[   86.061541][ T8048]  veth_newlink+0x291/0x8f0
[   86.066559][ T8048]  ? netlink_rcv_skb+0x16b/0x440
[   86.067856][ T8048]  ? __pfx_veth_newlink+0x10/0x10
[   86.069434][ T8048]  ? ___sys_sendmsg+0x135/0x1e0
[   86.070815][ T8048]  ? validate_linkmsg+0x57d/0xb60
[   86.072212][ T8048]  ? __pfx_validate_linkmsg+0x10/0x10
[   86.073664][ T8048]  ? alloc_netdev_mqs+0xed5/0x1510
[   86.075078][ T8048]  ? rtnl_create_link+0xa51/0xfa0
[   86.076501][ T8048]  ? __pfx_veth_newlink+0x10/0x10
[   86.077879][ T8048]  rtnl_newlink+0xb82/0x1ce0
[   86.078966][ T8048]  ? __pfx_rtnl_newlink+0x10/0x10
[   86.080303][ T8048]  ? __pfx___lock_acquire+0x10/0x10
[   86.081660][ T8048]  ? cred_has_capability.isra.0+0x192/0x2f0
[   86.083149][ T8048]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   86.084944][ T8048]  ? find_held_lock+0x2d/0x110
[   86.086221][ T8048]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   86.087798][ T8048]  ? __pfx_lock_release+0x10/0x10
[   86.089497][ T8048]  ? trace_lock_acquire+0x14e/0x1f0
[   86.090898][ T8048]  ? __pfx_rtnl_newlink+0x10/0x10
[   86.092420][ T8048]  rtnetlink_rcv_msg+0x95b/0xea0
[   86.093749][ T8048]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.095225][ T8048]  netlink_rcv_skb+0x16b/0x440
[   86.096659][ T8048]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.098143][ T8048]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   86.099555][ T8048]  ? netlink_deliver_tap+0x1ae/0xd30
[   86.100955][ T8048]  netlink_unicast+0x53c/0x7f0
[   86.102242][ T8048]  ? __pfx_netlink_unicast+0x10/0x10
[   86.103708][ T8048]  netlink_sendmsg+0x8b8/0xd70
[   86.105000][ T8048]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.106399][ T8048]  ____sys_sendmsg+0xaaf/0xc90
[   86.107685][ T8048]  ? copy_msghdr_from_user+0x10b/0x160
[   86.109219][ T8048]  ? __pfx_____sys_sendmsg+0x10/0x10
[   86.110718][ T8048]  ? __lock_acquire+0xcc5/0x3c40
[   86.112113][ T8048]  ___sys_sendmsg+0x135/0x1e0
[   86.113426][ T8048]  ? __pfx____sys_sendmsg+0x10/0x10
[   86.114893][ T8048]  ? trace_lock_acquire+0x14e/0x1f0
[   86.116342][ T8048]  __sys_sendmmsg+0x201/0x420
[   86.117580][ T8048]  ? __pfx___sys_sendmmsg+0x10/0x10
[   86.118938][ T8048]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   86.120527][ T8048]  ? fput+0x67/0x440
[   86.121557][ T8048]  ? ksys_write+0x1ba/0x250
[   86.122757][ T8048]  ? __pfx_ksys_write+0x10/0x10
[   86.124055][ T8048]  __x64_sys_sendmmsg+0x9c/0x100
[   86.125437][ T8048]  ? lockdep_hardirqs_on+0x7c/0x110
[   86.126926][ T8048]  do_syscall_64+0xcd/0x250
[   86.128204][ T8048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.129828][ T8048] RIP: 0033:0x7fef3877ff19
[   86.131002][ T8048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.135861][ T8048] RSP: 002b:00007fef39650058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   86.137903][   T57] usb 5-1: Using ep0 maxpacket: 8
[   86.138224][ T8048] RAX: ffffffffffffffda RBX: 00007fef38945fa0 RCX: 00007fef3877ff19
[   86.138234][ T8048] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   86.141601][   T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   86.142080][ T8048] RBP: 00007fef396500a0 R08: 0000000000000000 R09: 0000000000000000
[   86.145133][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   86.147776][ T8048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.147794][ T8048] R13: 0000000000000000 R14: 00007fef38945fa0 R15: 00007ffc6c6f0c28
[   86.147810][ T8048]  </TASK>
[   86.162691][   T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   86.169263][   T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   86.177188][   T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   86.180312][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.180786][ T8048] bond9: (slave veth39): Enslaving as a backup interface with a down link
[   86.187141][ T8050] geneve3: entered promiscuous mode
[   86.188543][ T8050] geneve3: entered allmulticast mode
[   86.267664][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.547'.
[   86.270300][ T8062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.547'.
[   86.272765][ T8062] netlink: 'syz.2.547': attribute type 13 has an invalid length.
[   86.275353][ T8062] netlink: 'syz.2.547': attribute type 11 has an invalid length.
[   86.327205][ T8070] cgroup: No subsys list or none specified
[   86.386825][   T57] usb 5-1: GET_CAPABILITIES returned 0
[   86.388364][   T57] usbtmc 5-1:16.0: can't read capabilities
[   86.707898][ T8102] ax25_connect(): syz.3.559 uses autobind, please contact jreuter@yaina.de
[   86.747939][ T8100] loop7: detected capacity change from 16383 to 0
[   86.843748][    T8] usb 5-1: USB disconnect, device number 3
[   87.086707][ T8139] netlink: 16 bytes leftover after parsing attributes in process `syz.3.567'.
[   87.091338][ T8139] netlink: 200 bytes leftover after parsing attributes in process `syz.3.567'.
[   87.500395][ T8146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'.
[   87.613969][ T8151] 8021q: adding VLAN 0 to HW filter on device bond10
[   87.616676][ T8151] bond0: (slave bond10): Enslaving as an active interface with an up link
[   87.623734][ T8151] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[   87.832579][ T8177] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[   87.925629][ T8190] ufs: You didn't specify the type of your ufs filesystem
[   87.925629][ T8190] 
[   87.925629][ T8190] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   87.925629][ T8190] 
[   87.925629][ T8190] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   87.936852][ T8190] ufs: ufstype=old is supported read-only
[   87.940129][ T8190] ufs: ufs_fill_super(): bad magic number
[   88.229914][ T8222] netlink: 'syz.2.591': attribute type 10 has an invalid length.
[   88.232609][ T8222] netlink: 2 bytes leftover after parsing attributes in process `syz.2.591'.
[   88.235863][ T8222] team0: entered promiscuous mode
[   88.239058][ T8222] team_slave_0: entered promiscuous mode
[   88.241876][ T8222] team_slave_1: entered promiscuous mode
[   88.245761][ T8222] bridge0: port 3(team0) entered blocking state
[   88.248877][ T8222] bridge0: port 3(team0) entered disabled state
[   88.250988][ T8222] team0: entered allmulticast mode
[   88.252660][ T8222] team_slave_0: entered allmulticast mode
[   88.254586][ T8222] team_slave_1: entered allmulticast mode
[   88.272394][ T8222] bridge0: port 3(team0) entered blocking state
[   88.274741][ T8222] bridge0: port 3(team0) entered forwarding state
[   88.297802][ T8237] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   88.300932][ T8237] overlayfs: failed to set xattr on upper
[   88.302873][ T8237] overlayfs: ...falling back to redirect_dir=nofollow.
[   88.305168][ T8237] overlayfs: ...falling back to index=off.
[   88.307326][ T8237] overlayfs: ...falling back to uuid=null.
[   88.330193][ T8239] netlink: 'syz.2.596': attribute type 21 has an invalid length.
[   88.384008][ T8243] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8243 comm=syz.2.598
[   88.799644][ T8280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.603'.
[   89.272836][ T8325] syz.2.608: attempt to access beyond end of device
[   89.272836][ T8325] nbd2: rw=0, sector=1, nr_sectors = 1 limit=0
[   89.276374][ T8325] VFS: could not find a valid V7 on nbd2.
[   89.281179][ T8339] dvmrp8: entered allmulticast mode
[   89.284239][ T8339] dvmrp8: left allmulticast mode
[   89.337569][ T8341] syzkaller0: entered promiscuous mode
[   89.339060][ T8341] syzkaller0: entered allmulticast mode
[   89.511350][ T8353] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   89.514720][ T8354] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   89.706362][   T39] kauditd_printk_skb: 94 callbacks suppressed
[   89.706373][   T39] audit: type=1400 audit(1733798806.587:40680): avc:  denied  { mounton } for  pid=8357 comm="syz.0.617" path=2F3137302F66696C6530202864656C6574656429 dev="proc" ino=4026533336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=dir permissive=1
[   90.936021][   T39] audit: type=1400 audit(1733798807.817:40681): avc:  denied  { write } for  pid=8374 comm="syz.3.620" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   90.938136][ T8377] netlink: 1280 bytes leftover after parsing attributes in process `syz.0.621'.
[   90.948510][ T8377] openvswitch: netlink: Flow actions attr not present in new flow.
[   90.980038][ T8383] netlink: 'syz.0.624': attribute type 10 has an invalid length.
[   90.984405][ T8383] geneve0: entered promiscuous mode
[   90.990034][   T39] audit: type=1400 audit(1733798807.877:40682): avc:  denied  { bind } for  pid=8380 comm="syz.2.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   90.991988][ T8383] bond0: (slave geneve0): Enslaving as an active interface with an up link
[   91.047938][ T8390] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   91.214201][   T39] audit: type=1400 audit(1733798808.097:40683): avc:  denied  { read write } for  pid=8389 comm="syz.2.626" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   91.220748][   T39] audit: type=1400 audit(1733798808.107:40684): avc:  denied  { open } for  pid=8389 comm="syz.2.626" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   91.228314][   T39] audit: type=1400 audit(1733798808.107:40685): avc:  denied  { map } for  pid=8389 comm="syz.2.626" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   91.236721][   T39] audit: type=1400 audit(1733798808.107:40686): avc:  denied  { execute } for  pid=8389 comm="syz.2.626" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   91.376753][   T39] audit: type=1400 audit(1733798808.257:40687): avc:  denied  { read } for  pid=8402 comm="syz.2.630" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   91.384904][   T39] audit: type=1400 audit(1733798808.257:40688): avc:  denied  { open } for  pid=8402 comm="syz.2.630" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   91.416316][ T8405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.632'.
[   91.498232][ T8413] program syz.1.634 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   91.543176][ T8418] netlink: 'syz.1.636': attribute type 1 has an invalid length.
[   91.585281][ T8418] bond12: (slave veth41): Enslaving as a backup interface with a down link
[   91.589441][ T8418] FAULT_INJECTION: forcing a failure.
[   91.589441][ T8418] name failslab, interval 1, probability 0, space 0, times 0
[   91.592764][ T8418] CPU: 3 UID: 0 PID: 8418 Comm: syz.1.636 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   91.595705][ T8418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.598814][ T8418] Call Trace:
[   91.599739][ T8418]  <TASK>
[   91.600520][ T8418]  dump_stack_lvl+0x16c/0x1f0
[   91.601839][ T8418]  should_fail_ex+0x497/0x5b0
[   91.603321][ T8418]  ? fs_reclaim_acquire+0xae/0x150
[   91.605323][ T8418]  should_failslab+0xc2/0x120
[   91.607091][ T8418]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   91.609074][ T8418]  ? __kernfs_new_node+0xd3/0x890
[   91.610920][ T8418]  __kernfs_new_node+0xd3/0x890
[   91.612705][ T8418]  ? __pfx___kernfs_new_node+0x10/0x10
[   91.614659][ T8418]  ? __pfx_lock_release+0x10/0x10
[   91.616506][ T8418]  ? kernfs_add_one+0x39d/0x520
[   91.618302][ T8418]  ? up_write+0x1b2/0x520
[   91.619881][ T8418]  kernfs_new_node+0x186/0x240
[   91.621628][ T8418]  __kernfs_create_file+0x53/0x350
[   91.623494][ T8418]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   91.625450][ T8418]  internal_create_group+0x56c/0xf10
[   91.627098][ T8418]  ? __pfx_internal_create_group+0x10/0x10
[   91.628681][ T8418]  ? kernfs_create_link+0x1bd/0x240
[   91.630104][ T8418]  internal_create_groups+0x9d/0x150
[   91.631777][ T8418]  device_add+0x6d3/0x1a70
[   91.633029][ T8418]  ? __pfx_device_add+0x10/0x10
[   91.634670][ T8418]  ? __init_waitqueue_head+0xca/0x150
[   91.636541][ T8418]  netdev_register_kobject+0x183/0x3a0
[   91.638468][ T8418]  register_netdevice+0x1473/0x1e90
[   91.640380][ T8418]  ? __pfx_register_netdevice+0x10/0x10
[   91.642426][ T8418]  ? dev_addr_mod+0x321/0x5b0
[   91.644182][ T8418]  veth_newlink+0x291/0x8f0
[   91.645727][ T8418]  ? netlink_rcv_skb+0x16b/0x440
[   91.647056][ T8418]  ? __pfx_veth_newlink+0x10/0x10
[   91.648531][ T8418]  ? ___sys_sendmsg+0x135/0x1e0
[   91.650343][ T8418]  ? validate_linkmsg+0x57d/0xb60
[   91.652240][ T8418]  ? __pfx_validate_linkmsg+0x10/0x10
[   91.654456][ T8418]  ? alloc_netdev_mqs+0xed5/0x1510
[   91.656362][ T8418]  ? rtnl_create_link+0xa51/0xfa0
[   91.658260][ T8418]  ? __pfx_veth_newlink+0x10/0x10
[   91.660259][ T8418]  rtnl_newlink+0xb82/0x1ce0
[   91.662009][ T8418]  ? __pfx_rtnl_newlink+0x10/0x10
[   91.663995][ T8418]  ? __pfx___lock_acquire+0x10/0x10
[   91.665857][ T8418]  ? cred_has_capability.isra.0+0x192/0x2f0
[   91.668191][ T8418]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   91.670443][ T8418]  ? find_held_lock+0x2d/0x110
[   91.672196][ T8418]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   91.674068][ T8418]  ? __pfx_lock_release+0x10/0x10
[   91.675905][ T8418]  ? trace_lock_acquire+0x14e/0x1f0
[   91.677802][ T8418]  ? __pfx_rtnl_newlink+0x10/0x10
[   91.679775][ T8418]  rtnetlink_rcv_msg+0x95b/0xea0
[   91.681734][ T8418]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.683850][ T8418]  netlink_rcv_skb+0x16b/0x440
[   91.685613][ T8418]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.687601][ T8418]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   91.689527][ T8418]  ? netlink_deliver_tap+0x1ae/0xd30
[   91.691446][ T8418]  netlink_unicast+0x53c/0x7f0
[   91.693174][ T8418]  ? __pfx_netlink_unicast+0x10/0x10
[   91.695091][ T8418]  netlink_sendmsg+0x8b8/0xd70
[   91.696869][ T8418]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.698896][ T8418]  ____sys_sendmsg+0xaaf/0xc90
[   91.700692][ T8418]  ? copy_msghdr_from_user+0x10b/0x160
[   91.702681][ T8418]  ? __pfx_____sys_sendmsg+0x10/0x10
[   91.704606][ T8418]  ? __lock_acquire+0xcc5/0x3c40
[   91.706271][ T8418]  ___sys_sendmsg+0x135/0x1e0
[   91.707907][ T8418]  ? __pfx____sys_sendmsg+0x10/0x10
[   91.709851][ T8418]  ? trace_lock_acquire+0x14e/0x1f0
[   91.711575][ T8418]  __sys_sendmmsg+0x201/0x420
[   91.713249][ T8418]  ? __pfx___sys_sendmmsg+0x10/0x10
[   91.715107][ T8418]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   91.716999][ T8418]  ? fput+0x67/0x440
[   91.718122][ T8418]  ? ksys_write+0x1ba/0x250
[   91.719423][ T8418]  ? __pfx_ksys_write+0x10/0x10
[   91.720823][ T8418]  __x64_sys_sendmmsg+0x9c/0x100
[   91.722238][ T8418]  ? lockdep_hardirqs_on+0x7c/0x110
[   91.723735][ T8418]  do_syscall_64+0xcd/0x250
[   91.724951][ T8418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.726499][ T8418] RIP: 0033:0x7fef3877ff19
[   91.727684][ T8418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.732716][ T8418] RSP: 002b:00007fef39650058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   91.735276][ T8418] RAX: ffffffffffffffda RBX: 00007fef38945fa0 RCX: 00007fef3877ff19
[   91.737406][ T8418] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   91.739456][ T8418] RBP: 00007fef396500a0 R08: 0000000000000000 R09: 0000000000000000
[   91.741625][ T8418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   91.743889][ T8418] R13: 0000000000000000 R14: 00007fef38945fa0 R15: 00007ffc6c6f0c28
[   91.746006][ T8418]  </TASK>
[   91.758112][ T8418] bond12: (slave veth43): Enslaving as a backup interface with a down link
[   91.791862][ T8425] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   91.990740][   T39] audit: type=1400 audit(1733798808.877:40689): avc:  denied  { lock } for  pid=8448 comm="syz.2.643" path="/174/file0/file1" dev="9p" ino=38535256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.084125][ T8454] netlink: 'syz.3.647': attribute type 1 has an invalid length.
[   92.097631][ T8457] binder: 8456:8457 ioctl c0306201 20000580 returned -14
[   92.102947][ T8454] bond5: (slave veth11): Enslaving as a backup interface with a down link
[   92.106276][ T8454] FAULT_INJECTION: forcing a failure.
[   92.106276][ T8454] name failslab, interval 1, probability 0, space 0, times 0
[   92.110106][ T8454] CPU: 3 UID: 0 PID: 8454 Comm: syz.3.647 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   92.113030][ T8454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.115899][ T8454] Call Trace:
[   92.116790][ T8454]  <TASK>
[   92.117571][ T8454]  dump_stack_lvl+0x16c/0x1f0
[   92.118799][ T8454]  should_fail_ex+0x497/0x5b0
[   92.120077][ T8454]  ? fs_reclaim_acquire+0xae/0x150
[   92.121437][ T8454]  should_failslab+0xc2/0x120
[   92.122678][ T8454]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   92.124089][ T8454]  ? __kernfs_new_node+0xd3/0x890
[   92.125405][ T8454]  __kernfs_new_node+0xd3/0x890
[   92.126691][ T8454]  ? __pfx___kernfs_new_node+0x10/0x10
[   92.128126][ T8454]  ? __pfx_lock_release+0x10/0x10
[   92.129450][ T8454]  ? kernfs_add_one+0x39d/0x520
[   92.130793][ T8454]  ? up_write+0x1b2/0x520
[   92.131938][ T8454]  kernfs_new_node+0x186/0x240
[   92.133198][ T8454]  __kernfs_create_file+0x53/0x350
[   92.134551][ T8454]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   92.135969][ T8454]  internal_create_group+0x56c/0xf10
[   92.137349][ T8454]  ? __pfx_internal_create_group+0x10/0x10
[   92.138872][ T8454]  ? kernfs_create_link+0x1bd/0x240
[   92.140270][ T8454]  internal_create_groups+0x9d/0x150
[   92.141660][ T8454]  device_add+0x6d3/0x1a70
[   92.142832][ T8454]  ? __pfx_device_add+0x10/0x10
[   92.144120][ T8454]  ? __init_waitqueue_head+0xca/0x150
[   92.145514][ T8454]  netdev_register_kobject+0x183/0x3a0
[   92.146915][ T8454]  register_netdevice+0x1473/0x1e90
[   92.148273][ T8454]  ? __pfx_register_netdevice+0x10/0x10
[   92.149769][ T8454]  ? dev_addr_mod+0x321/0x5b0
[   92.151056][ T8454]  veth_newlink+0x291/0x8f0
[   92.152248][ T8454]  ? netlink_rcv_skb+0x16b/0x440
[   92.153584][ T8454]  ? __pfx_veth_newlink+0x10/0x10
[   92.154913][ T8454]  ? ___sys_sendmsg+0x135/0x1e0
[   92.156142][ T8454]  ? validate_linkmsg+0x57d/0xb60
[   92.157404][ T8454]  ? __pfx_validate_linkmsg+0x10/0x10
[   92.158786][ T8454]  ? alloc_netdev_mqs+0xed5/0x1510
[   92.160154][ T8454]  ? rtnl_create_link+0xa51/0xfa0
[   92.161466][ T8454]  ? __pfx_veth_newlink+0x10/0x10
[   92.162744][ T8454]  rtnl_newlink+0xb82/0x1ce0
[   92.163921][ T8454]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.165234][ T8454]  ? __pfx___lock_acquire+0x10/0x10
[   92.166555][ T8454]  ? cred_has_capability.isra.0+0x192/0x2f0
[   92.168237][ T8454]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   92.170017][ T8454]  ? find_held_lock+0x2d/0x110
[   92.171280][ T8454]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   92.172609][ T8454]  ? __pfx_lock_release+0x10/0x10
[   92.173931][ T8454]  ? trace_lock_acquire+0x14e/0x1f0
[   92.175309][ T8454]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.176630][ T8454]  rtnetlink_rcv_msg+0x95b/0xea0
[   92.177926][ T8454]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.179337][ T8454]  ? __pfx___lock_acquire+0x10/0x10
[   92.180799][ T8454]  ? __pfx___lock_acquire+0x10/0x10
[   92.182164][ T8454]  ? __pfx_sock_has_perm+0x10/0x10
[   92.183499][ T8454]  ? __lock_acquire+0xcc5/0x3c40
[   92.184803][ T8454]  netlink_rcv_skb+0x16b/0x440
[   92.186053][ T8454]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.187466][ T8454]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   92.188877][ T8454]  ? netlink_deliver_tap+0x1ae/0xd30
[   92.190422][ T8454]  netlink_unicast+0x53c/0x7f0
[   92.191697][ T8454]  ? __pfx_netlink_unicast+0x10/0x10
[   92.193070][ T8454]  netlink_sendmsg+0x8b8/0xd70
[   92.194323][ T8454]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.195713][ T8454]  ____sys_sendmsg+0xaaf/0xc90
[   92.196961][ T8454]  ? copy_msghdr_from_user+0x10b/0x160
[   92.198360][ T8454]  ? __pfx_____sys_sendmsg+0x10/0x10
[   92.199759][ T8454]  ? __lock_acquire+0xcc5/0x3c40
[   92.201054][ T8454]  ___sys_sendmsg+0x135/0x1e0
[   92.202281][ T8454]  ? __pfx____sys_sendmsg+0x10/0x10
[   92.203651][ T8454]  ? trace_lock_acquire+0x14e/0x1f0
[   92.205017][ T8454]  __sys_sendmmsg+0x201/0x420
[   92.206251][ T8454]  ? __pfx___sys_sendmmsg+0x10/0x10
[   92.207627][ T8454]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   92.209210][ T8454]  ? fput+0x67/0x440
[   92.210280][ T8454]  ? ksys_write+0x1ba/0x250
[   92.211472][ T8454]  ? __pfx_ksys_write+0x10/0x10
[   92.212745][ T8454]  __x64_sys_sendmmsg+0x9c/0x100
[   92.214060][ T8454]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.215409][ T8454]  do_syscall_64+0xcd/0x250
[   92.216609][ T8454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.218144][ T8454] RIP: 0033:0x7f8dc1d7ff19
[   92.219493][ T8454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.224567][ T8454] RSP: 002b:00007f8dc2b9f058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   92.226700][ T8454] RAX: ffffffffffffffda RBX: 00007f8dc1f45fa0 RCX: 00007f8dc1d7ff19
[   92.228839][ T8454] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   92.230917][ T8454] RBP: 00007f8dc2b9f0a0 R08: 0000000000000000 R09: 0000000000000000
[   92.233010][ T8454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.235083][ T8454] R13: 0000000000000000 R14: 00007f8dc1f45fa0 R15: 00007fff24ab19c8
[   92.237139][ T8454]  </TASK>
[   92.257689][ T8454] bond5: (slave veth13): Enslaving as a backup interface with a down link
[   92.267942][ T8461] i2c i2c-1: Invalid block write size 34
[   92.514893][ T8484] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   92.520207][ T8486] netlink: 'syz.3.659': attribute type 1 has an invalid length.
[   92.542214][ T8486] bond6: (slave veth15): Enslaving as a backup interface with a down link
[   92.546054][ T8486] FAULT_INJECTION: forcing a failure.
[   92.546054][ T8486] name failslab, interval 1, probability 0, space 0, times 0
[   92.550511][ T8486] CPU: 3 UID: 0 PID: 8486 Comm: syz.3.659 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   92.553915][ T8486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.557621][ T8486] Call Trace:
[   92.558745][ T8486]  <TASK>
[   92.559810][ T8486]  dump_stack_lvl+0x16c/0x1f0
[   92.561394][ T8486]  should_fail_ex+0x497/0x5b0
[   92.562962][ T8486]  ? fs_reclaim_acquire+0xae/0x150
[   92.564701][ T8486]  should_failslab+0xc2/0x120
[   92.566385][ T8486]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   92.568285][ T8486]  ? __kernfs_new_node+0xd3/0x890
[   92.569394][ T8489] libceph: resolve '
[   92.569394][ T8489] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[   92.569394][ T8489] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[   92.569995][ T8486]  __kernfs_new_node+0xd3/0x890
[   92.570018][ T8486]  ? __pfx___kernfs_new_node+0x10/0x10
[   92.576809][ T8486]  ? __pfx_lock_release+0x10/0x10
[   92.578120][ T8486]  ? kernfs_add_one+0x39d/0x520
[   92.579446][ T8486]  ? up_write+0x1b2/0x520
[   92.580687][ T8486]  kernfs_new_node+0x186/0x240
[   92.581955][ T8486]  __kernfs_create_file+0x53/0x350
[   92.583347][ T8486]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   92.585061][ T8486]  internal_create_group+0x56c/0xf10
[   92.586847][ T8486]  ? __pfx_internal_create_group+0x10/0x10
[   92.588431][ T8486]  ? kernfs_create_link+0x1bd/0x240
[   92.589924][ T8486]  internal_create_groups+0x9d/0x150
[   92.591614][ T8486]  device_add+0x6d3/0x1a70
[   92.593011][ T8486]  ? __pfx_device_add+0x10/0x10
[   92.594617][ T8486]  ? __init_waitqueue_head+0xca/0x150
[   92.596188][ T8486]  netdev_register_kobject+0x183/0x3a0
[   92.597663][ T8486]  register_netdevice+0x1473/0x1e90
[   92.599050][ T8486]  ? __pfx_register_netdevice+0x10/0x10
[   92.600539][ T8486]  ? dev_addr_mod+0x321/0x5b0
[   92.601833][ T8486]  veth_newlink+0x291/0x8f0
[   92.603115][ T8486]  ? netlink_rcv_skb+0x16b/0x440
[   92.604698][ T8486]  ? __pfx_veth_newlink+0x10/0x10
[   92.606586][ T8486]  ? ___sys_sendmsg+0x135/0x1e0
[   92.608332][ T8486]  ? validate_linkmsg+0x57d/0xb60
[   92.609980][ T8486]  ? __pfx_validate_linkmsg+0x10/0x10
[   92.611698][ T8486]  ? alloc_netdev_mqs+0xed5/0x1510
[   92.613019][ T8486]  ? rtnl_create_link+0xa51/0xfa0
[   92.614292][ T8486]  ? __pfx_veth_newlink+0x10/0x10
[   92.615943][ T8486]  rtnl_newlink+0xb82/0x1ce0
[   92.617538][ T8486]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.619216][ T8486]  ? __pfx___lock_acquire+0x10/0x10
[   92.621046][ T8486]  ? cred_has_capability.isra.0+0x192/0x2f0
[   92.623310][ T8486]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   92.625779][ T8486]  ? find_held_lock+0x2d/0x110
[   92.627604][ T8486]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   92.628799][ T8493] syz.0.660[8493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.629512][ T8486]  ? __pfx_lock_release+0x10/0x10
[   92.629539][ T8486]  ? trace_lock_acquire+0x14e/0x1f0
[   92.632629][ T8493] syz.0.660[8493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.634188][ T8486]  ? __pfx_rtnl_newlink+0x10/0x10
[   92.634222][ T8486]  rtnetlink_rcv_msg+0x95b/0xea0
[   92.636084][ T8493] syz.0.660[8493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.639594][ T8486]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.639647][ T8486]  ? __pfx___lock_acquire+0x10/0x10
[   92.639671][ T8486]  ? __pfx___lock_acquire+0x10/0x10
[   92.639688][ T8486]  ? __pfx_sock_has_perm+0x10/0x10
[   92.653773][ T8486]  ? __lock_acquire+0xcc5/0x3c40
[   92.655477][ T8486]  netlink_rcv_skb+0x16b/0x440
[   92.657106][ T8486]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.658866][ T8486]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   92.660550][ T8486]  ? netlink_deliver_tap+0x1ae/0xd30
[   92.662245][ T8486]  netlink_unicast+0x53c/0x7f0
[   92.663827][ T8486]  ? __pfx_netlink_unicast+0x10/0x10
[   92.665662][ T8486]  netlink_sendmsg+0x8b8/0xd70
[   92.667204][ T8486]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.668591][ T8486]  ____sys_sendmsg+0xaaf/0xc90
[   92.670032][ T8486]  ? copy_msghdr_from_user+0x10b/0x160
[   92.671836][ T8486]  ? __pfx_____sys_sendmsg+0x10/0x10
[   92.673278][ T8486]  ? __lock_acquire+0xcc5/0x3c40
[   92.674652][ T8486]  ___sys_sendmsg+0x135/0x1e0
[   92.675937][ T8486]  ? __pfx____sys_sendmsg+0x10/0x10
[   92.677665][ T8486]  ? trace_lock_acquire+0x14e/0x1f0
[   92.679505][ T8486]  __sys_sendmmsg+0x201/0x420
[   92.681166][ T8486]  ? __pfx___sys_sendmmsg+0x10/0x10
[   92.683003][ T8486]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   92.685409][ T8486]  ? fput+0x67/0x440
[   92.686905][ T8486]  ? ksys_write+0x1ba/0x250
[   92.688808][ T8486]  ? __pfx_ksys_write+0x10/0x10
[   92.690827][ T8486]  __x64_sys_sendmmsg+0x9c/0x100
[   92.692945][ T8486]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.694709][ T8486]  do_syscall_64+0xcd/0x250
[   92.696311][ T8486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.698381][ T8486] RIP: 0033:0x7f8dc1d7ff19
[   92.700015][ T8486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.706712][ T8486] RSP: 002b:00007f8dc2b9f058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   92.709595][ T8486] RAX: ffffffffffffffda RBX: 00007f8dc1f45fa0 RCX: 00007f8dc1d7ff19
[   92.712339][ T8486] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   92.715164][ T8486] RBP: 00007f8dc2b9f0a0 R08: 0000000000000000 R09: 0000000000000000
[   92.718257][ T8486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.721181][ T8486] R13: 0000000000000000 R14: 00007f8dc1f45fa0 R15: 00007fff24ab19c8
[   92.723977][ T8486]  </TASK>
[   92.742868][ T8486] bond6: (slave veth17): Enslaving as a backup interface with a down link
[   92.869289][ T8507] netlink: 16 bytes leftover after parsing attributes in process `syz.1.665'.
[   92.870064][ T8508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.665'.
[   92.940042][ T8512] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   93.000564][ T8520] netlink: 'syz.0.670': attribute type 1 has an invalid length.
[   93.022863][ T8520] bond11: (slave veth37): Enslaving as a backup interface with a down link
[   93.049721][ T8520] FAULT_INJECTION: forcing a failure.
[   93.049721][ T8520] name failslab, interval 1, probability 0, space 0, times 0
[   93.053446][ T8520] CPU: 1 UID: 0 PID: 8520 Comm: syz.0.670 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   93.056218][ T8520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.059082][ T8520] Call Trace:
[   93.059985][ T8520]  <TASK>
[   93.060758][ T8520]  dump_stack_lvl+0x16c/0x1f0
[   93.061983][ T8520]  should_fail_ex+0x497/0x5b0
[   93.063180][ T8520]  ? fs_reclaim_acquire+0xae/0x150
[   93.064684][ T8520]  should_failslab+0xc2/0x120
[   93.065910][ T8520]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   93.067350][ T8520]  ? __kernfs_new_node+0xd3/0x890
[   93.068570][ T8520]  __kernfs_new_node+0xd3/0x890
[   93.069875][ T8520]  ? __pfx___kernfs_new_node+0x10/0x10
[   93.071349][ T8520]  ? __pfx_lock_release+0x10/0x10
[   93.072710][ T8520]  ? kernfs_add_one+0x39d/0x520
[   93.074112][ T8520]  ? up_write+0x1b2/0x520
[   93.075329][ T8520]  kernfs_new_node+0x186/0x240
[   93.076653][ T8520]  __kernfs_create_file+0x53/0x350
[   93.078032][ T8520]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   93.079436][ T8520]  internal_create_group+0x56c/0xf10
[   93.080876][ T8520]  ? __pfx_internal_create_group+0x10/0x10
[   93.082493][ T8520]  ? kernfs_create_link+0x1bd/0x240
[   93.083882][ T8520]  internal_create_groups+0x9d/0x150
[   93.085263][ T8520]  device_add+0x6d3/0x1a70
[   93.086516][ T8520]  ? __pfx_device_add+0x10/0x10
[   93.087892][ T8520]  ? __init_waitqueue_head+0xca/0x150
[   93.089295][ T8520]  netdev_register_kobject+0x183/0x3a0
[   93.090721][ T8520]  register_netdevice+0x1473/0x1e90
[   93.092110][ T8520]  ? __pfx_register_netdevice+0x10/0x10
[   93.093550][ T8520]  ? dev_addr_mod+0x321/0x5b0
[   93.094862][ T8520]  veth_newlink+0x291/0x8f0
[   93.096011][ T8520]  ? netlink_rcv_skb+0x16b/0x440
[   93.097269][ T8520]  ? __pfx_veth_newlink+0x10/0x10
[   93.098548][ T8520]  ? ___sys_sendmsg+0x135/0x1e0
[   93.099818][ T8520]  ? validate_linkmsg+0x57d/0xb60
[   93.101152][ T8520]  ? __pfx_validate_linkmsg+0x10/0x10
[   93.102568][ T8520]  ? alloc_netdev_mqs+0xed5/0x1510
[   93.103998][ T8520]  ? rtnl_create_link+0xa51/0xfa0
[   93.105385][ T8520]  ? __pfx_veth_newlink+0x10/0x10
[   93.106698][ T8520]  rtnl_newlink+0xb82/0x1ce0
[   93.107863][ T8520]  ? __pfx_rtnl_newlink+0x10/0x10
[   93.109175][ T8520]  ? __pfx___lock_acquire+0x10/0x10
[   93.110515][ T8520]  ? cred_has_capability.isra.0+0x192/0x2f0
[   93.111959][ T8520]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   93.113501][ T8520]  ? find_held_lock+0x2d/0x110
[   93.114754][ T8520]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   93.116041][ T8520]  ? __pfx_lock_release+0x10/0x10
[   93.117312][ T8520]  ? trace_lock_acquire+0x14e/0x1f0
[   93.118857][ T8520]  ? __pfx_rtnl_newlink+0x10/0x10
[   93.120530][ T8520]  rtnetlink_rcv_msg+0x95b/0xea0
[   93.122192][ T8520]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   93.123718][ T8520]  netlink_rcv_skb+0x16b/0x440
[   93.125272][ T8520]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   93.126680][ T8520]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   93.128073][ T8520]  ? netlink_deliver_tap+0x1ae/0xd30
[   93.129455][ T8520]  netlink_unicast+0x53c/0x7f0
[   93.130708][ T8520]  ? __pfx_netlink_unicast+0x10/0x10
[   93.132163][ T8520]  netlink_sendmsg+0x8b8/0xd70
[   93.133423][ T8520]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.135023][ T8520]  ____sys_sendmsg+0xaaf/0xc90
[   93.136240][ T8520]  ? copy_msghdr_from_user+0x10b/0x160
[   93.137742][ T8520]  ? __pfx_____sys_sendmsg+0x10/0x10
[   93.139144][ T8520]  ? __lock_acquire+0xcc5/0x3c40
[   93.140673][ T8520]  ___sys_sendmsg+0x135/0x1e0
[   93.142124][ T8520]  ? __pfx____sys_sendmsg+0x10/0x10
[   93.143814][ T8520]  ? trace_lock_acquire+0x14e/0x1f0
[   93.145302][ T8520]  __sys_sendmmsg+0x201/0x420
[   93.146610][ T8520]  ? __pfx___sys_sendmmsg+0x10/0x10
[   93.148037][ T8520]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   93.149693][ T8520]  ? fput+0x67/0x440
[   93.150745][ T8520]  ? ksys_write+0x1ba/0x250
[   93.151967][ T8520]  ? __pfx_ksys_write+0x10/0x10
[   93.153243][ T8520]  __x64_sys_sendmmsg+0x9c/0x100
[   93.154551][ T8520]  ? lockdep_hardirqs_on+0x7c/0x110
[   93.155821][ T8520]  do_syscall_64+0xcd/0x250
[   93.157080][ T8520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.158511][ T8520] RIP: 0033:0x7fcd92d7ff19
[   93.159644][ T8520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.164657][ T8520] RSP: 002b:00007fcd92bf9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   93.166767][ T8520] RAX: ffffffffffffffda RBX: 00007fcd92f45fa0 RCX: 00007fcd92d7ff19
[   93.168764][ T8520] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   93.170772][ T8520] RBP: 00007fcd92bf90a0 R08: 0000000000000000 R09: 0000000000000000
[   93.172638][ T8520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.174604][ T8520] R13: 0000000000000000 R14: 00007fcd92f45fa0 R15: 00007fffdaf47a98
[   93.176575][ T8520]  </TASK>
[   93.177499][    C1] vkms_vblank_simulate: vblank timer overrun
[   93.192480][ T8520] bond11: (slave veth39): Enslaving as a backup interface with a down link
[   93.315184][ T8542] netlink: 28 bytes leftover after parsing attributes in process `syz.3.675'.
[   93.493546][ T8539] tap0: tun_chr_ioctl cmd 1074025677
[   93.495113][ T8539] tap0: linktype set to 805
[   93.978608][ T8548] mmap: syz.3.679 (8548) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   94.143765][ T8567] netlink: 'syz.0.685': attribute type 1 has an invalid length.
[   94.200746][ T8570] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   94.204943][ T8570] overlayfs: failed to set xattr on upper
[   94.206681][ T8570] overlayfs: ...falling back to redirect_dir=nofollow.
[   94.212430][ T8570] overlayfs: ...falling back to metacopy=off.
[   94.214319][ T8570] overlayfs: ...falling back to index=off.
[   94.215862][ T8570] overlayfs: ...falling back to uuid=null.
[   94.509244][ T8590] binder: 8589:8590 ioctl c00c620f 20000040 returned -22
[   94.768764][ T8604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.695'.
[   94.871016][   T39] kauditd_printk_skb: 8 callbacks suppressed
[   94.871028][   T39] audit: type=1400 audit(1733798811.757:40698): avc:  denied  { accept } for  pid=8610 comm="syz.0.698" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   94.952652][   T39] audit: type=1400 audit(1733798811.837:40699): avc:  denied  { ioctl } for  pid=8618 comm="syz.2.701" path="socket:[24207]" dev="sockfs" ino=24207 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   94.988829][ T8627] netlink: 112 bytes leftover after parsing attributes in process `syz.2.703'.
[   95.030154][ T8629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.033765][ T8629] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.086555][ T8634] bridge0: entered allmulticast mode
[   95.139186][   T39] audit: type=1400 audit(1733798812.027:40700): avc:  denied  { unmount } for  pid=5935 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   95.144130][ T8639] sg_write: process 457 (syz.3.707) changed security contexts after opening file descriptor, this is not allowed.
[   95.158358][ T8641] netlink: 68 bytes leftover after parsing attributes in process `syz.0.708'.
[   95.256637][   T39] audit: type=1400 audit(1733798812.137:40701): avc:  denied  { write } for  pid=8649 comm="syz.0.712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   95.297296][   T57] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[   95.351502][ T8653] netlink: 36 bytes leftover after parsing attributes in process `syz.0.713'.
[   95.479766][   T57] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.486369][   T57] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[   95.491778][   T57] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[   95.493282][ T8675] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[   95.494327][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.505390][   T57] usb 7-1: config 0 descriptor??
[   95.510846][   T57] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[   95.512786][   T57] dvb-usb: bulk message failed: -22 (3/0)
[   95.519102][   T57] dvb-usb: will use the device's hardware PID filter (table count: 16).
[   95.522370][   T57] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[   95.526218][   T57] usb 7-1: media controller created
[   95.530554][   T57] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   95.541945][   T57] dvb-usb: bulk message failed: -22 (6/0)
[   95.544326][   T57] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[   95.548658][   T57] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input14
[   95.558861][   T57] dvb-usb: schedule remote query interval to 150 msecs.
[   95.561113][   T57] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[   95.718522][ T1021] usb 7-1: USB disconnect, device number 5
[   95.762803][ T1021] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[   95.892736][   T39] audit: type=1400 audit(1733798812.777:40702): avc:  denied  { write } for  pid=8704 comm="syz.0.724" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   96.038490][ T8710] netlink: 'syz.0.726': attribute type 11 has an invalid length.
[   96.040506][ T8710] netlink: 20 bytes leftover after parsing attributes in process `syz.0.726'.
[   96.089686][ T1021] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   96.234117][   T39] audit: type=1400 audit(1733798813.117:40703): avc:  denied  { create } for  pid=8706 comm="syz.3.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   96.237066][ T1021] usb 6-1: Using ep0 maxpacket: 8
[   96.241830][ T1021] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[   96.244064][ T1021] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   96.246353][ T1021] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   96.249443][ T1021] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   96.252222][ T1021] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   96.255789][ T1021] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   96.258679][ T1021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.360654][ T8726] netlink: 24 bytes leftover after parsing attributes in process `syz.2.730'.
[   96.528929][ T1021] usb 6-1: usb_control_msg returned -32
[   96.531397][ T1021] usbtmc 6-1:16.0: can't read capabilities
[   96.584860][   T39] audit: type=1400 audit(1733798813.467:40704): avc:  denied  { accept } for  pid=8736 comm="syz.0.733" lport=42573 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   96.593926][   T39] audit: type=1400 audit(1733798813.467:40705): avc:  denied  { write } for  pid=8736 comm="syz.0.733" lport=42573 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   96.603371][   T39] audit: type=1400 audit(1733798813.467:40706): avc:  denied  { setopt } for  pid=8736 comm="syz.0.733" lport=42573 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   96.611034][   T39] audit: type=1400 audit(1733798813.487:40707): avc:  denied  { write } for  pid=5334 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   96.627554][ T8739] netlink: 4 bytes leftover after parsing attributes in process `syz.0.734'.
[   97.100261][ T8751] netlink: 732 bytes leftover after parsing attributes in process `syz.3.737'.
[   97.104778][ T8751] netlink: 732 bytes leftover after parsing attributes in process `syz.3.737'.
[   97.108177][   T57] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   97.133174][ T8751] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[   97.215260][ T8755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.739'.
[   97.218840][ T8755] netlink: 72 bytes leftover after parsing attributes in process `syz.3.739'.
[   97.293477][   T57] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.298225][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   97.302475][   T57] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   97.306306][   T57] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   97.310775][   T57] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   97.311212][ T8760] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   97.313931][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.326488][   T57] usb 5-1: config 0 descriptor??
[   97.332457][ T8748] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[   97.725522][ T8782] @: renamed from vlan0 (while UP)
[   97.740271][   T57] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd
[   97.744934][   T57] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[   97.754663][   T57] plantronics 0003:047F:FFFF.0004: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[   97.931787][ T8799] netlink: 1280 bytes leftover after parsing attributes in process `syz.3.750'.
[   97.935015][ T8799] openvswitch: netlink: Flow actions attr not present in new flow.
[   98.003744][ T8806] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   98.173067][ T8812] fuse: Unknown parameter 'Fd'
[   98.186331][ T8812] netlink: 'syz.2.754': attribute type 29 has an invalid length.
[   98.321348][ T8822] bridge2: entered allmulticast mode
[   98.323847][ T8823] netlink: 'syz.2.757': attribute type 29 has an invalid length.
[   98.331843][ T8823] netlink: 'syz.2.757': attribute type 29 has an invalid length.
[   98.336169][ T8823] netlink: 604 bytes leftover after parsing attributes in process `syz.2.757'.
[   98.411251][ T8826] SELinux:  Context system_u:object_r:syslogd_initrc_exec_t:s0 is not valid (left unmapped).
[   98.462866][ T8833] tipc: Enabling <ib:lo> not permitted
[   98.464918][ T8833] tipc: Enabling of bearer <ib:lo> rejected, failed to enable media
[   98.518434][ T8837] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   98.816301][ T8858] netlink: 'syz.3.770': attribute type 1 has an invalid length.
[   98.837637][ T8858] bond7: (slave veth19): Enslaving as a backup interface with a down link
[   98.842079][ T8858] FAULT_INJECTION: forcing a failure.
[   98.842079][ T8858] name failslab, interval 1, probability 0, space 0, times 0
[   98.846445][ T8858] CPU: 1 UID: 0 PID: 8858 Comm: syz.3.770 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   98.849878][ T8858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.853130][ T8858] Call Trace:
[   98.854502][ T8858]  <TASK>
[   98.855510][ T8858]  dump_stack_lvl+0x16c/0x1f0
[   98.856844][ T8858]  should_fail_ex+0x497/0x5b0
[   98.858089][ T8858]  ? fs_reclaim_acquire+0xae/0x150
[   98.859446][ T8858]  should_failslab+0xc2/0x120
[   98.860738][ T8858]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   98.862515][ T8858]  ? __kernfs_new_node+0xd3/0x890
[   98.864226][ T8858]  __kernfs_new_node+0xd3/0x890
[   98.865874][ T8858]  ? __pfx___kernfs_new_node+0x10/0x10
[   98.866880][   T35] usb 6-1: USB disconnect, device number 6
[   98.867616][ T8858]  ? __pfx_lock_release+0x10/0x10
[   98.867645][ T8858]  ? kernfs_add_one+0x39d/0x520
[   98.867670][ T8858]  ? up_write+0x1b2/0x520
[   98.873887][ T8858]  kernfs_new_node+0x186/0x240
[   98.875614][ T8858]  __kernfs_create_file+0x53/0x350
[   98.877781][ T8858]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   98.879815][ T8858]  internal_create_group+0x56c/0xf10
[   98.882073][ T8858]  ? __pfx_internal_create_group+0x10/0x10
[   98.884538][ T8858]  ? kernfs_create_link+0x1bd/0x240
[   98.886445][ T8858]  internal_create_groups+0x9d/0x150
[   98.888311][ T8858]  device_add+0x6d3/0x1a70
[   98.889898][ T8858]  ? __pfx_device_add+0x10/0x10
[   98.891642][ T8858]  ? __init_waitqueue_head+0xca/0x150
[   98.893857][ T8858]  netdev_register_kobject+0x183/0x3a0
[   98.895856][ T8858]  register_netdevice+0x1473/0x1e90
[   98.897695][ T8858]  ? __pfx_register_netdevice+0x10/0x10
[   98.899656][ T8858]  ? dev_addr_mod+0x321/0x5b0
[   98.901322][ T8858]  veth_newlink+0x291/0x8f0
[   98.902925][ T8858]  ? netlink_rcv_skb+0x16b/0x440
[   98.903512][ T8862] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.772'.
[   98.904702][ T8858]  ? __pfx_veth_newlink+0x10/0x10
[   98.909023][ T8862] openvswitch: netlink: Flow actions attr not present in new flow.
[   98.909588][ T8858]  ? ___sys_sendmsg+0x135/0x1e0
[   98.914259][ T8858]  ? validate_linkmsg+0x57d/0xb60
[   98.916162][ T8858]  ? __pfx_validate_linkmsg+0x10/0x10
[   98.918099][ T8858]  ? alloc_netdev_mqs+0xed5/0x1510
[   98.919976][ T8858]  ? rtnl_create_link+0xa51/0xfa0
[   98.921811][ T8858]  ? __pfx_veth_newlink+0x10/0x10
[   98.923856][ T8858]  rtnl_newlink+0xb82/0x1ce0
[   98.925477][ T8858]  ? __pfx_rtnl_newlink+0x10/0x10
[   98.927465][ T8858]  ? __pfx___lock_acquire+0x10/0x10
[   98.929447][ T8858]  ? cred_has_capability.isra.0+0x192/0x2f0
[   98.931552][ T8858]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   98.933790][ T8858]  ? find_held_lock+0x2d/0x110
[   98.935824][ T8858]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   98.938046][ T8858]  ? __pfx_lock_release+0x10/0x10
[   98.940153][ T8858]  ? trace_lock_acquire+0x14e/0x1f0
[   98.942285][ T8858]  ? __pfx_rtnl_newlink+0x10/0x10
[   98.944180][ T8858]  rtnetlink_rcv_msg+0x95b/0xea0
[   98.945936][ T8858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   98.947619][ T8858]  ? __pfx___lock_acquire+0x10/0x10
[   98.949415][ T8858]  ? __pfx___lock_acquire+0x10/0x10
[   98.951247][ T8858]  ? __pfx_sock_has_perm+0x10/0x10
[   98.953045][ T8858]  ? __lock_acquire+0xcc5/0x3c40
[   98.954860][ T8858]  netlink_rcv_skb+0x16b/0x440
[   98.956624][ T8858]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   98.958573][ T8858]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   98.960457][ T8858]  ? netlink_deliver_tap+0x1ae/0xd30
[   98.962357][ T8858]  netlink_unicast+0x53c/0x7f0
[   98.964067][ T8858]  ? __pfx_netlink_unicast+0x10/0x10
[   98.965926][ T8858]  netlink_sendmsg+0x8b8/0xd70
[   98.967671][ T8858]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.969623][ T8858]  ____sys_sendmsg+0xaaf/0xc90
[   98.971410][ T8858]  ? copy_msghdr_from_user+0x10b/0x160
[   98.973447][ T8858]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.975425][ T8858]  ? __lock_acquire+0xcc5/0x3c40
[   98.977280][ T8858]  ___sys_sendmsg+0x135/0x1e0
[   98.979026][ T8858]  ? __pfx____sys_sendmsg+0x10/0x10
[   98.980889][ T8858]  ? trace_lock_acquire+0x14e/0x1f0
[   98.982793][ T8858]  __sys_sendmmsg+0x201/0x420
[   98.984537][ T8858]  ? __pfx___sys_sendmmsg+0x10/0x10
[   98.986428][ T8858]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   98.988610][ T8858]  ? fput+0x67/0x440
[   98.990140][ T8858]  ? ksys_write+0x1ba/0x250
[   98.991985][ T8858]  ? __pfx_ksys_write+0x10/0x10
[   98.993630][ T8858]  __x64_sys_sendmmsg+0x9c/0x100
[   98.995105][ T8858]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.996488][ T8858]  do_syscall_64+0xcd/0x250
[   98.997680][ T8858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.999270][ T8858] RIP: 0033:0x7f8dc1d7ff19
[   99.000838][ T8858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.006911][ T8858] RSP: 002b:00007f8dc2b9f058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   99.009492][ T8858] RAX: ffffffffffffffda RBX: 00007f8dc1f45fa0 RCX: 00007f8dc1d7ff19
[   99.011720][ T8858] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   99.014189][ T8858] RBP: 00007f8dc2b9f0a0 R08: 0000000000000000 R09: 0000000000000000
[   99.016926][ T8858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   99.019023][ T8858] R13: 0000000000000000 R14: 00007f8dc1f45fa0 R15: 00007fff24ab19c8
[   99.021507][ T8858]  </TASK>
[   99.022744][    C1] vkms_vblank_simulate: vblank timer overrun
[   99.062058][ T8858] bond7: (slave veth21): Enslaving as a backup interface with a down link
[   99.077809][ T8867] netlink: 'syz.1.773': attribute type 1 has an invalid length.
[   99.080380][ T8867] netlink: 'syz.1.773': attribute type 4 has an invalid length.
[   99.083344][ T8867] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.773'.
[   99.129472][ T8876] netlink: 'syz.3.776': attribute type 15 has an invalid length.
[   99.133309][ T8877] netlink: 'syz.3.776': attribute type 15 has an invalid length.
[   99.152788][ T8881] input: syz0 as /devices/virtual/input/input16
[   99.168372][ T8881] input: failed to attach handler evdev to device input16, error: -4
[   99.306502][ T8901] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.781'.
[   99.310182][ T8901] openvswitch: netlink: Flow actions attr not present in new flow.
[   99.360024][ T8884] veth0_vlan: left promiscuous mode
[   99.361734][ T8884] veth0_vlan: entered promiscuous mode
[   99.407823][ T8907] netlink: 'syz.2.784': attribute type 1 has an invalid length.
[   99.459099][ T8907] bond13: (slave veth59): Enslaving as a backup interface with a down link
[   99.465637][ T8907] FAULT_INJECTION: forcing a failure.
[   99.465637][ T8907] name failslab, interval 1, probability 0, space 0, times 0
[   99.470326][ T8907] CPU: 0 UID: 0 PID: 8907 Comm: syz.2.784 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[   99.474093][ T8907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.477987][ T8907] Call Trace:
[   99.479202][ T8907]  <TASK>
[   99.480356][ T8907]  dump_stack_lvl+0x16c/0x1f0
[   99.482187][ T8907]  should_fail_ex+0x497/0x5b0
[   99.483928][ T8907]  ? fs_reclaim_acquire+0xae/0x150
[   99.485727][ T8907]  should_failslab+0xc2/0x120
[   99.487403][ T8907]  kmem_cache_alloc_noprof+0x6e/0x3d0
[   99.489305][ T8907]  ? __kernfs_new_node+0xd3/0x890
[   99.491083][ T8907]  __kernfs_new_node+0xd3/0x890
[   99.492827][ T8907]  ? __pfx___kernfs_new_node+0x10/0x10
[   99.494766][ T8907]  ? __pfx_lock_release+0x10/0x10
[   99.496674][ T8907]  ? kernfs_add_one+0x39d/0x520
[   99.498561][ T8907]  ? up_write+0x1b2/0x520
[   99.500275][ T8907]  kernfs_new_node+0x186/0x240
[   99.502084][ T8907]  __kernfs_create_file+0x53/0x350
[   99.503884][ T8907]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[   99.505795][ T8907]  internal_create_group+0x56c/0xf10
[   99.507669][ T8907]  ? __pfx_internal_create_group+0x10/0x10
[   99.509680][ T8907]  ? kernfs_create_link+0x1bd/0x240
[   99.511517][ T8907]  internal_create_groups+0x9d/0x150
[   99.513452][ T8907]  device_add+0x6d3/0x1a70
[   99.515251][ T8907]  ? __pfx_device_add+0x10/0x10
[   99.517226][ T8907]  ? __init_waitqueue_head+0xca/0x150
[   99.519296][ T8907]  netdev_register_kobject+0x183/0x3a0
[   99.521299][ T8907]  register_netdevice+0x1473/0x1e90
[   99.523100][ T8907]  ? __pfx_register_netdevice+0x10/0x10
[   99.525037][ T8907]  ? dev_addr_mod+0x321/0x5b0
[   99.526616][ T8907]  veth_newlink+0x291/0x8f0
[   99.528246][ T8907]  ? netlink_rcv_skb+0x16b/0x440
[   99.530006][ T8907]  ? __pfx_veth_newlink+0x10/0x10
[   99.531779][ T8907]  ? ___sys_sendmsg+0x135/0x1e0
[   99.533516][ T8907]  ? validate_linkmsg+0x57d/0xb60
[   99.534689][ T8907]  ? __pfx_validate_linkmsg+0x10/0x10
[   99.536190][ T8907]  ? alloc_netdev_mqs+0xed5/0x1510
[   99.538036][ T8907]  ? rtnl_create_link+0xa51/0xfa0
[   99.539932][ T8907]  ? __pfx_veth_newlink+0x10/0x10
[   99.541951][ T8907]  rtnl_newlink+0xb82/0x1ce0
[   99.543770][ T8907]  ? __pfx_rtnl_newlink+0x10/0x10
[   99.545721][ T8907]  ? __pfx___lock_acquire+0x10/0x10
[   99.547536][ T8907]  ? cred_has_capability.isra.0+0x192/0x2f0
[   99.549596][ T8907]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[   99.551748][ T8907]  ? find_held_lock+0x2d/0x110
[   99.553495][ T8907]  ? rtnetlink_rcv_msg+0x93a/0xea0
[   99.555390][ T8907]  ? __pfx_lock_release+0x10/0x10
[   99.557244][ T8907]  ? trace_lock_acquire+0x14e/0x1f0
[   99.559026][ T8907]  ? __pfx_rtnl_newlink+0x10/0x10
[   99.560868][ T8907]  rtnetlink_rcv_msg+0x95b/0xea0
[   99.562673][ T8907]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   99.564596][ T8907]  netlink_rcv_skb+0x16b/0x440
[   99.566290][ T8907]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   99.568219][ T8907]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   99.570079][ T8907]  ? netlink_deliver_tap+0x1ae/0xd30
[   99.571993][ T8907]  netlink_unicast+0x53c/0x7f0
[   99.573691][ T8907]  ? __pfx_netlink_unicast+0x10/0x10
[   99.575562][ T8907]  netlink_sendmsg+0x8b8/0xd70
[   99.577329][ T8907]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.579348][ T8907]  ____sys_sendmsg+0xaaf/0xc90
[   99.581291][ T8907]  ? copy_msghdr_from_user+0x10b/0x160
[   99.583400][ T8907]  ? __pfx_____sys_sendmsg+0x10/0x10
[   99.585311][ T8907]  ? __lock_acquire+0xcc5/0x3c40
[   99.587123][ T8907]  ___sys_sendmsg+0x135/0x1e0
[   99.588821][ T8907]  ? __pfx____sys_sendmsg+0x10/0x10
[   99.590657][ T8907]  ? trace_lock_acquire+0x14e/0x1f0
[   99.592583][ T8907]  __sys_sendmmsg+0x201/0x420
[   99.594269][ T8907]  ? __pfx___sys_sendmmsg+0x10/0x10
[   99.596116][ T8907]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   99.598234][ T8907]  ? fput+0x67/0x440
[   99.599651][ T8907]  ? ksys_write+0x1ba/0x250
[   99.601235][ T8907]  ? __pfx_ksys_write+0x10/0x10
[   99.602921][ T8907]  __x64_sys_sendmmsg+0x9c/0x100
[   99.604729][ T8907]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.606646][ T8907]  do_syscall_64+0xcd/0x250
[   99.608290][ T8907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.610380][ T8907] RIP: 0033:0x7f625437ff19
[   99.612088][ T8907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.619311][ T8907] RSP: 002b:00007f62551e8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   99.622216][ T8907] RAX: ffffffffffffffda RBX: 00007f6254545fa0 RCX: 00007f625437ff19
[   99.624966][ T8907] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   99.627665][ T8907] RBP: 00007f62551e80a0 R08: 0000000000000000 R09: 0000000000000000
[   99.630465][ T8907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   99.633414][ T8907] R13: 0000000000000000 R14: 00007f6254545fa0 R15: 00007ffda05ec918
[   99.636346][ T8907]  </TASK>
[   99.667752][ T8907] bond13: (slave veth61): Enslaving as a backup interface with a down link
[   99.732290][ T8915] binder: BINDER_SET_CONTEXT_MGR already set
[   99.734444][ T8915] binder: 8912:8915 ioctl 4018620d 20000100 returned -16
[   99.737958][ T8915] binder: BINDER_SET_CONTEXT_MGR already set
[   99.740168][ T8914] binder_alloc: binder_alloc_mmap_handler: 8912 20ffd000-21000000 already mapped failed -16
[   99.746666][ T8915] binder: 8912:8915 ioctl 4018620d 20000040 returned -16
[   99.921201][   T30] usb 5-1: USB disconnect, device number 4
[  100.064105][ T8926] bond12: entered promiscuous mode
[  100.066059][ T8926] bond12: entered allmulticast mode
[  100.068762][ T8926] 8021q: adding VLAN 0 to HW filter on device bond12
[  100.127228][   T57] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  100.281069][   T57] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.285343][   T57] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  100.291703][   T57] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  100.294851][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.299031][   T57] usb 7-1: Product: syz
[  100.300689][   T57] usb 7-1: Manufacturer: syz
[  100.302292][   T57] usb 7-1: SerialNumber: syz
[  100.426158][ T8938] bond13: (slave veth41): Enslaving as a backup interface with a down link
[  100.431325][ T8938] FAULT_INJECTION: forcing a failure.
[  100.431325][ T8938] name failslab, interval 1, probability 0, space 0, times 0
[  100.436059][ T8938] CPU: 0 UID: 0 PID: 8938 Comm: syz.0.794 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[  100.440494][ T8938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.444410][ T8938] Call Trace:
[  100.445615][ T8938]  <TASK>
[  100.446684][ T8938]  dump_stack_lvl+0x16c/0x1f0
[  100.448393][ T8938]  should_fail_ex+0x497/0x5b0
[  100.450077][ T8938]  ? fs_reclaim_acquire+0xae/0x150
[  100.451916][ T8938]  should_failslab+0xc2/0x120
[  100.453600][ T8938]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  100.455498][ T8938]  ? __kernfs_new_node+0xd3/0x890
[  100.457335][ T8938]  __kernfs_new_node+0xd3/0x890
[  100.459116][ T8938]  ? __pfx___kernfs_new_node+0x10/0x10
[  100.460989][ T8938]  ? __pfx_lock_release+0x10/0x10
[  100.462734][ T8938]  ? kernfs_add_one+0x39d/0x520
[  100.464456][ T8938]  ? up_write+0x1b2/0x520
[  100.466003][ T8938]  kernfs_new_node+0x186/0x240
[  100.467746][ T8938]  __kernfs_create_file+0x53/0x350
[  100.469642][ T8938]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  100.471799][ T8938]  internal_create_group+0x56c/0xf10
[  100.474031][ T8938]  ? __pfx_internal_create_group+0x10/0x10
[  100.476404][ T8938]  ? kernfs_create_link+0x1bd/0x240
[  100.478284][ T8938]  internal_create_groups+0x9d/0x150
[  100.480232][ T8938]  device_add+0x6d3/0x1a70
[  100.481789][ T8938]  ? __pfx_device_add+0x10/0x10
[  100.483528][ T8938]  ? __init_waitqueue_head+0xca/0x150
[  100.485442][ T8938]  netdev_register_kobject+0x183/0x3a0
[  100.487432][ T8938]  register_netdevice+0x1473/0x1e90
[  100.489289][ T8938]  ? __pfx_register_netdevice+0x10/0x10
[  100.491237][ T8938]  ? dev_addr_mod+0x321/0x5b0
[  100.492928][ T8938]  veth_newlink+0x291/0x8f0
[  100.494561][ T8938]  ? netlink_rcv_skb+0x16b/0x440
[  100.496338][ T8938]  ? __pfx_veth_newlink+0x10/0x10
[  100.498178][ T8938]  ? ___sys_sendmsg+0x135/0x1e0
[  100.500019][ T8938]  ? validate_linkmsg+0x57d/0xb60
[  100.501858][ T8938]  ? __pfx_validate_linkmsg+0x10/0x10
[  100.503785][ T8938]  ? alloc_netdev_mqs+0xed5/0x1510
[  100.505629][ T8938]  ? rtnl_create_link+0xa51/0xfa0
[  100.507510][ T8938]  ? __pfx_veth_newlink+0x10/0x10
[  100.509305][ T8938]  rtnl_newlink+0xb82/0x1ce0
[  100.510546][ T8921] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  100.510953][ T8938]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.515475][ T8938]  ? __pfx___lock_acquire+0x10/0x10
[  100.517464][ T8938]  ? cred_has_capability.isra.0+0x192/0x2f0
[  100.519833][ T8938]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  100.522073][ T8938]  ? find_held_lock+0x2d/0x110
[  100.523776][ T8938]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  100.525633][ T8938]  ? __pfx_lock_release+0x10/0x10
[  100.527425][ T8938]  ? trace_lock_acquire+0x14e/0x1f0
[  100.529299][ T8938]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.531132][ T8938]  rtnetlink_rcv_msg+0x95b/0xea0
[  100.532910][ T8938]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.534926][ T8938]  netlink_rcv_skb+0x16b/0x440
[  100.536810][ T8938]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.538920][ T8938]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  100.541105][ T8938]  ? netlink_deliver_tap+0x1ae/0xd30
[  100.543186][ T8938]  netlink_unicast+0x53c/0x7f0
[  100.545098][ T8938]  ? __pfx_netlink_unicast+0x10/0x10
[  100.547495][ T8938]  netlink_sendmsg+0x8b8/0xd70
[  100.549262][ T8938]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.551121][ T8938]  ____sys_sendmsg+0xaaf/0xc90
[  100.552830][ T8938]  ? copy_msghdr_from_user+0x10b/0x160
[  100.554783][ T8938]  ? __pfx_____sys_sendmsg+0x10/0x10
[  100.556657][ T8938]  ? __lock_acquire+0xcc5/0x3c40
[  100.558518][ T8938]  ___sys_sendmsg+0x135/0x1e0
[  100.560272][ T8938]  ? __pfx____sys_sendmsg+0x10/0x10
[  100.562134][ T8938]  ? trace_lock_acquire+0x14e/0x1f0
[  100.564321][ T8938]  __sys_sendmmsg+0x201/0x420
[  100.565983][ T8938]  ? __pfx___sys_sendmmsg+0x10/0x10
[  100.567896][ T8938]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  100.570106][ T8938]  ? fput+0x67/0x440
[  100.571516][ T8938]  ? ksys_write+0x1ba/0x250
[  100.573130][ T8938]  ? __pfx_ksys_write+0x10/0x10
[  100.574835][ T8938]  __x64_sys_sendmmsg+0x9c/0x100
[  100.576610][ T8938]  ? lockdep_hardirqs_on+0x7c/0x110
[  100.578442][ T8938]  do_syscall_64+0xcd/0x250
[  100.580179][ T8938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.582294][ T8938] RIP: 0033:0x7fcd92d7ff19
[  100.583912][ T8938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.590822][ T8938] RSP: 002b:00007fcd92bf9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  100.593943][ T8938] RAX: ffffffffffffffda RBX: 00007fcd92f45fa0 RCX: 00007fcd92d7ff19
[  100.596902][ T8938] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[  100.599705][ T8938] RBP: 00007fcd92bf90a0 R08: 0000000000000000 R09: 0000000000000000
[  100.602442][ T8938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  100.605187][ T8938] R13: 0000000000000000 R14: 00007fcd92f45fa0 R15: 00007fffdaf47a98
[  100.608455][ T8938]  </TASK>
[  100.629762][ T8938] bond13: (slave veth43): Enslaving as a backup interface with a down link
[  100.637217][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  100.787227][   T35] usb 6-1: Using ep0 maxpacket: 32
[  100.790816][   T35] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  100.795884][   T35] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  100.799116][   T35] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  100.801582][   T35] usb 6-1: Product: syz
[  100.803155][   T35] usb 6-1: Manufacturer: syz
[  100.804827][   T35] usb 6-1: SerialNumber: syz
[  100.809245][   T35] usb 6-1: config 0 descriptor??
[  100.811381][ T8941] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  101.079937][ T6006] usb 6-1: USB disconnect, device number 7
[  101.116333][ T8921] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  101.319063][   T57] cdc_mbim 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  101.321168][   T57] cdc_mbim 7-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  101.323311][   T57] cdc_mbim 7-1:1.0: setting rx_max = 2048
[  101.525358][   T57] cdc_mbim 7-1:1.0: setting tx_max = 184
[  101.532275][   T57] cdc_mbim 7-1:1.0: cdc-wdm0: USB WDM device
[  101.536924][   T57] wwan wwan0: port wwan0mbim0 attached
[  101.544163][   T57] cdc_mbim 7-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 42:42:42:42:42:42
[  101.627277][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.687261][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.735205][ T8921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.749328][ T8921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.779702][ T6006] usb 7-1: USB disconnect, device number 6
[  101.780970][    C0] cdc_mbim 7-1:1.0: nonzero urb status received: -71
[  101.782452][ T6006] cdc_mbim 7-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[  101.784551][    C0] cdc_mbim 7-1:1.0: wdm_int_callback - 0 bytes
[  101.789143][    C0] cdc_mbim 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  101.807374][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.867485][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.937172][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  101.938273][ T6006] wwan wwan0: port wwan0mbim0 disconnected
[  101.983021][ T8965] __nla_validate_parse: 4 callbacks suppressed
[  101.983034][ T8965] netlink: 16 bytes leftover after parsing attributes in process `syz.1.799'.
[  102.067182][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  102.087676][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  102.657756][ T8983] validate_nla: 1 callbacks suppressed
[  102.657773][ T8983] netlink: 'syz.2.804': attribute type 1 has an invalid length.
[  102.681136][ T8983] bond14: (slave veth63): Enslaving as a backup interface with a down link
[  102.695613][ T8983] bond14: (slave veth65): Enslaving as a backup interface with a down link
[  102.709728][ T8983] bond14: (slave veth67): Enslaving as a backup interface with a down link
[  102.739262][   T39] kauditd_printk_skb: 19 callbacks suppressed
[  102.739279][   T39] audit: type=1400 audit(1733798819.627:40727): avc:  denied  { bind } for  pid=8987 comm="syz.2.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  102.862404][ T8995] syz.2.808: attempt to access beyond end of device
[  102.862404][ T8995] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  102.867426][ T8995] exFAT-fs (nbd2): unable to read boot sector
[  102.870922][ T8995] exFAT-fs (nbd2): failed to read boot sector
[  102.873287][ T8995] exFAT-fs (nbd2): failed to recognize exfat type
[  103.037838][   T39] audit: type=1400 audit(1733798819.927:40728): avc:  denied  { write } for  pid=9007 comm="syz.1.811" path="socket:[28674]" dev="sockfs" ino=28674 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  103.047165][   T39] audit: type=1400 audit(1733798819.927:40729): avc:  denied  { nlmsg_write } for  pid=9007 comm="syz.1.811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  103.071781][ T9013] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  103.142376][   T39] audit: type=1400 audit(1733798820.027:40730): avc:  denied  { setopt } for  pid=9017 comm="syz.2.814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  103.181076][   T39] audit: type=1400 audit(1733798820.067:40731): avc:  denied  { create } for  pid=9017 comm="syz.2.814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  103.211323][ T9023] netlink: 'syz.2.815': attribute type 1 has an invalid length.
[  103.236006][ T9023] bond15: (slave veth69): Enslaving as a backup interface with a down link
[  103.239965][ T9023] FAULT_INJECTION: forcing a failure.
[  103.239965][ T9023] name failslab, interval 1, probability 0, space 0, times 0
[  103.243180][ T9027] Bluetooth: MGMT ver 1.23
[  103.244328][ T9023] CPU: 1 UID: 0 PID: 9023 Comm: syz.2.815 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[  103.247149][ T9023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.250129][ T9023] Call Trace:
[  103.251031][ T9023]  <TASK>
[  103.252055][ T9023]  dump_stack_lvl+0x16c/0x1f0
[  103.253444][ T9023]  should_fail_ex+0x497/0x5b0
[  103.254935][ T9023]  ? fs_reclaim_acquire+0xae/0x150
[  103.256733][ T9023]  should_failslab+0xc2/0x120
[  103.258104][ T9023]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  103.259708][ T9023]  ? __kernfs_new_node+0xd3/0x890
[  103.261047][ T9023]  __kernfs_new_node+0xd3/0x890
[  103.262341][ T9023]  ? __pfx___kernfs_new_node+0x10/0x10
[  103.263875][ T9023]  ? __pfx_lock_release+0x10/0x10
[  103.265199][ T9023]  ? kernfs_add_one+0x39d/0x520
[  103.266484][ T9023]  ? up_write+0x1b2/0x520
[  103.267645][ T9023]  kernfs_new_node+0x186/0x240
[  103.268912][ T9023]  __kernfs_create_file+0x53/0x350
[  103.270388][ T9023]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  103.271943][ T9023]  internal_create_group+0x56c/0xf10
[  103.273484][ T9023]  ? __pfx_internal_create_group+0x10/0x10
[  103.275235][ T9023]  ? kernfs_create_link+0x1bd/0x240
[  103.276629][ T9023]  internal_create_groups+0x9d/0x150
[  103.278005][ T9023]  device_add+0x6d3/0x1a70
[  103.279194][ T9023]  ? __pfx_device_add+0x10/0x10
[  103.280517][ T9023]  ? __init_waitqueue_head+0xca/0x150
[  103.281924][ T9023]  netdev_register_kobject+0x183/0x3a0
[  103.283348][ T9023]  register_netdevice+0x1473/0x1e90
[  103.284738][ T9023]  ? __pfx_register_netdevice+0x10/0x10
[  103.286200][ T9023]  ? dev_addr_mod+0x321/0x5b0
[  103.287633][ T9023]  veth_newlink+0x291/0x8f0
[  103.289197][ T9023]  ? netlink_rcv_skb+0x16b/0x440
[  103.290752][ T9023]  ? __pfx_veth_newlink+0x10/0x10
[  103.292100][ T9023]  ? ___sys_sendmsg+0x135/0x1e0
[  103.293563][ T9023]  ? validate_linkmsg+0x57d/0xb60
[  103.294933][ T9023]  ? __pfx_validate_linkmsg+0x10/0x10
[  103.296498][ T9023]  ? alloc_netdev_mqs+0xed5/0x1510
[  103.297890][ T9023]  ? rtnl_create_link+0xa51/0xfa0
[  103.299240][ T9023]  ? __pfx_veth_newlink+0x10/0x10
[  103.300600][ T9023]  rtnl_newlink+0xb82/0x1ce0
[  103.301845][ T9023]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.303214][ T9023]  ? __pfx___lock_acquire+0x10/0x10
[  103.304612][ T9023]  ? cred_has_capability.isra.0+0x192/0x2f0
[  103.306198][ T9023]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  103.307915][ T9023]  ? find_held_lock+0x2d/0x110
[  103.309229][ T9023]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  103.310843][ T9023]  ? __pfx_lock_release+0x10/0x10
[  103.312313][ T9023]  ? trace_lock_acquire+0x14e/0x1f0
[  103.313779][ T9023]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.315323][ T9023]  rtnetlink_rcv_msg+0x95b/0xea0
[  103.316671][ T9023]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  103.318114][ T9023]  netlink_rcv_skb+0x16b/0x440
[  103.319377][ T9023]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  103.320903][ T9023]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  103.322337][ T9023]  ? netlink_deliver_tap+0x1ae/0xd30
[  103.323812][ T9023]  netlink_unicast+0x53c/0x7f0
[  103.325037][ T9023]  ? __pfx_netlink_unicast+0x10/0x10
[  103.326415][ T9023]  netlink_sendmsg+0x8b8/0xd70
[  103.327676][ T9023]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.329280][ T9023]  ____sys_sendmsg+0xaaf/0xc90
[  103.330564][ T9023]  ? copy_msghdr_from_user+0x10b/0x160
[  103.332028][ T9023]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.333612][ T9023]  ? __lock_acquire+0xcc5/0x3c40
[  103.334975][ T9023]  ___sys_sendmsg+0x135/0x1e0
[  103.336282][ T9023]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.337737][ T9023]  ? trace_lock_acquire+0x14e/0x1f0
[  103.339569][ T9023]  __sys_sendmmsg+0x201/0x420
[  103.341044][ T9023]  ? __pfx___sys_sendmmsg+0x10/0x10
[  103.342575][ T9023]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  103.344223][ T9023]  ? fput+0x67/0x440
[  103.345199][ T9023]  ? ksys_write+0x1ba/0x250
[  103.346384][ T9023]  ? __pfx_ksys_write+0x10/0x10
[  103.347645][ T9023]  __x64_sys_sendmmsg+0x9c/0x100
[  103.348921][ T9023]  ? lockdep_hardirqs_on+0x7c/0x110
[  103.350228][ T9023]  do_syscall_64+0xcd/0x250
[  103.351658][ T9023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.353245][ T9023] RIP: 0033:0x7f625437ff19
[  103.354513][ T9023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.359716][ T9023] RSP: 002b:00007f62551e8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  103.361847][ T9023] RAX: ffffffffffffffda RBX: 00007f6254545fa0 RCX: 00007f625437ff19
[  103.363899][ T9023] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[  103.365921][ T9023] RBP: 00007f62551e80a0 R08: 0000000000000000 R09: 0000000000000000
[  103.367970][ T9023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.370294][ T9023] R13: 0000000000000000 R14: 00007f6254545fa0 R15: 00007ffda05ec918
[  103.372740][ T9023]  </TASK>
[  103.373811][    C1] vkms_vblank_simulate: vblank timer overrun
[  103.390769][ T9023] bond15: (slave veth71): Enslaving as a backup interface with a down link
[  103.442216][   T39] audit: type=1400 audit(1733798820.327:40732): avc:  denied  { override_creds } for  pid=9035 comm="syz.2.819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  103.447766][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.450223][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.452570][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.504615][ T9044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.820'.
[  103.510222][   T39] audit: type=1400 audit(1733798820.397:40733): avc:  denied  { read } for  pid=9043 comm="syz.2.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  103.516512][   T39] audit: type=1400 audit(1733798820.397:40734): avc:  denied  { getopt } for  pid=9031 comm="syz.3.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  103.557865][ T9046] netlink: 'syz.2.821': attribute type 1 has an invalid length.
[  103.561134][ T9046] netlink: 'syz.2.821': attribute type 3 has an invalid length.
[  103.564004][ T9046] netlink: 224 bytes leftover after parsing attributes in process `syz.2.821'.
[  103.566807][ T9046] NCSI netlink: No device for ifindex 0
[  103.609599][   T39] audit: type=1400 audit(1733798820.497:40735): avc:  denied  { mount } for  pid=9050 comm="syz.2.822" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  103.622318][ T9051] overlayfs: failed to resolve './file1': -2
[  103.859350][   T39] audit: type=1326 audit(1733798820.747:40736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9060 comm="syz.2.826" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f625437ff19 code=0x0
[  103.989100][ T9067] netlink: 'syz.1.827': attribute type 1 has an invalid length.
[  104.012455][ T9067] bond14: (slave veth45): Enslaving as a backup interface with a down link
[  104.016659][ T9067] FAULT_INJECTION: forcing a failure.
[  104.016659][ T9067] name failslab, interval 1, probability 0, space 0, times 0
[  104.021243][ T9067] CPU: 3 UID: 0 PID: 9067 Comm: syz.1.827 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[  104.024812][ T9067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.028100][ T9067] Call Trace:
[  104.029561][ T9067]  <TASK>
[  104.030693][ T9067]  dump_stack_lvl+0x16c/0x1f0
[  104.032042][ T9067]  should_fail_ex+0x497/0x5b0
[  104.033310][ T9067]  ? fs_reclaim_acquire+0xae/0x150
[  104.034659][ T9067]  should_failslab+0xc2/0x120
[  104.035904][ T9067]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  104.037333][ T9067]  ? __kernfs_new_node+0xd3/0x890
[  104.038636][ T9067]  ? kernfs_add_one+0x3d1/0x520
[  104.039938][ T9067]  __kernfs_new_node+0xd3/0x890
[  104.041224][ T9067]  ? __pfx___kernfs_new_node+0x10/0x10
[  104.042693][ T9067]  ? up_write+0x1b2/0x520
[  104.043874][ T9067]  ? map_id_range_down+0x2bb/0x3a0
[  104.045211][ T9067]  ? __pfx_map_id_range_down+0x10/0x10
[  104.046635][ T9067]  kernfs_new_node+0x186/0x240
[  104.047925][ T9067]  ? net_ns_get_ownership+0xf8/0x1b0
[  104.049357][ T9067]  kernfs_create_dir_ns+0x4c/0x150
[  104.050960][ T9067]  internal_create_group+0x34e/0xf10
[  104.052436][ T9067]  ? __pfx_internal_create_group+0x10/0x10
[  104.054397][ T9067]  ? kernfs_create_link+0x1bd/0x240
[  104.055798][ T9067]  internal_create_groups+0x9d/0x150
[  104.057180][ T9067]  device_add+0xf33/0x1a70
[  104.058415][ T9067]  ? __pfx_device_add+0x10/0x10
[  104.059732][ T9067]  ? __init_waitqueue_head+0xca/0x150
[  104.061166][ T9067]  netdev_register_kobject+0x183/0x3a0
[  104.062685][ T9067]  register_netdevice+0x1473/0x1e90
[  104.064566][ T9067]  ? __pfx_register_netdevice+0x10/0x10
[  104.066646][ T9067]  ? dev_addr_mod+0x321/0x5b0
[  104.068416][ T9067]  veth_newlink+0x291/0x8f0
[  104.070076][ T9067]  ? netlink_rcv_skb+0x16b/0x440
[  104.071868][ T9067]  ? __pfx_veth_newlink+0x10/0x10
[  104.073414][ T9067]  ? ___sys_sendmsg+0x135/0x1e0
[  104.074727][ T9067]  ? validate_linkmsg+0x57d/0xb60
[  104.076099][ T9067]  ? __pfx_validate_linkmsg+0x10/0x10
[  104.077741][ T9067]  ? alloc_netdev_mqs+0xed5/0x1510
[  104.079331][ T9067]  ? rtnl_create_link+0xa51/0xfa0
[  104.081010][ T9067]  ? __pfx_veth_newlink+0x10/0x10
[  104.082686][ T9067]  rtnl_newlink+0xb82/0x1ce0
[  104.084429][ T9067]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.086281][ T9067]  ? __pfx___lock_acquire+0x10/0x10
[  104.087918][ T9067]  ? cred_has_capability.isra.0+0x192/0x2f0
[  104.089643][ T9067]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  104.091229][ T9067]  ? find_held_lock+0x2d/0x110
[  104.092645][ T9067]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  104.094458][ T9067]  ? __pfx_lock_release+0x10/0x10
[  104.096305][ T9067]  ? trace_lock_acquire+0x14e/0x1f0
[  104.098321][ T9067]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.100312][ T9067]  rtnetlink_rcv_msg+0x95b/0xea0
[  104.102370][ T9067]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.104806][ T9067]  netlink_rcv_skb+0x16b/0x440
[  104.106644][ T9067]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.108835][ T9067]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  104.110916][ T9067]  ? netlink_deliver_tap+0x1ae/0xd30
[  104.112859][ T9067]  netlink_unicast+0x53c/0x7f0
[  104.114622][ T9067]  ? __pfx_netlink_unicast+0x10/0x10
[  104.116035][ T9067]  netlink_sendmsg+0x8b8/0xd70
[  104.117786][ T9067]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.119276][ T9067]  ____sys_sendmsg+0xaaf/0xc90
[  104.121232][ T9067]  ? copy_msghdr_from_user+0x10b/0x160
[  104.123349][ T9067]  ? __pfx_____sys_sendmsg+0x10/0x10
[  104.125341][ T9067]  ? __lock_acquire+0xcc5/0x3c40
[  104.127284][ T9067]  ___sys_sendmsg+0x135/0x1e0
[  104.129131][ T9067]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.131101][ T9067]  ? trace_lock_acquire+0x14e/0x1f0
[  104.132867][ T9067]  __sys_sendmmsg+0x201/0x420
[  104.134480][ T9067]  ? __pfx___sys_sendmmsg+0x10/0x10
[  104.136509][ T9067]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  104.138586][ T9067]  ? fput+0x67/0x440
[  104.139969][ T9067]  ? ksys_write+0x1ba/0x250
[  104.141538][ T9067]  ? __pfx_ksys_write+0x10/0x10
[  104.143255][ T9067]  __x64_sys_sendmmsg+0x9c/0x100
[  104.144825][ T9067]  ? lockdep_hardirqs_on+0x7c/0x110
[  104.146196][ T9067]  do_syscall_64+0xcd/0x250
[  104.147639][ T9067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.149526][ T9067] RIP: 0033:0x7fef3877ff19
[  104.151052][ T9067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.159918][ T9067] RSP: 002b:00007fef39650058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  104.162881][ T9067] RAX: ffffffffffffffda RBX: 00007fef38945fa0 RCX: 00007fef3877ff19
[  104.165704][ T9067] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[  104.168365][ T9067] RBP: 00007fef396500a0 R08: 0000000000000000 R09: 0000000000000000
[  104.171020][ T9067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.173782][ T9067] R13: 0000000000000000 R14: 00007fef38945fa0 R15: 00007ffc6c6f0c28
[  104.176702][ T9067]  </TASK>
[  104.194596][ T9067] bond14: (slave veth47): Enslaving as a backup interface with a down link
[  104.791389][ T9112] sp0: Synchronizing with TNC
[  104.878397][ T9111] [U] è
[  104.996488][ T9119] netlink: 20 bytes leftover after parsing attributes in process `syz.1.842'.
[  105.004901][ T9119] netlink: 20 bytes leftover after parsing attributes in process `syz.1.842'.
[  105.048340][ T9119] overlay: filesystem on ./file0 not supported
[  105.087966][ T9127] [U] 
[  105.259199][ T9139] tmpfs: Unknown parameter 'ÏÊЫҷÅÚV¬statia
'
[  105.339023][ T9141] netlink: 20 bytes leftover after parsing attributes in process `syz.0.850'.
[  105.387299][ T9154] netlink: 40 bytes leftover after parsing attributes in process `syz.1.854'.
[  105.388429][ T9156] 9pnet_fd: Insufficient options for proto=fd
[  105.517143][ T9169] netlink: 456 bytes leftover after parsing attributes in process `syz.0.858'.
[  105.520251][ T9169] overlayfs: disabling nfs_export due to verity=on
[  105.548871][ T9171] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  105.619547][ T9178] binder: 9177:9178 ioctl 4008941a 20000000 returned -22
[  105.638383][ T9178] binder: BINDER_SET_CONTEXT_MGR already set
[  105.640571][ T9178] binder: 9177:9178 ioctl 4018620d 20000040 returned -16
[  105.644571][ T9182] binder: BINDER_SET_CONTEXT_MGR already set
[  105.646531][ T9180] binder: 9177:9180 ioctl 4008941a 20000000 returned -22
[  105.657067][ T9182] binder: 9177:9182 ioctl 4018620d 20000100 returned -16
[  105.667424][ T1021] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  105.715138][ T9190] netlink: 18 bytes leftover after parsing attributes in process `syz.2.866'.
[  105.722966][ T9192] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  105.724961][ T9192] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.754716][ T9194] tipc: Started in network mode
[  105.756159][ T9194] tipc: Node identity 080211000001, cluster identity 4711
[  105.759160][ T9194] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.761622][ T9194] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  105.816487][ T9203] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  105.837858][ T1021] usb 6-1: Using ep0 maxpacket: 16
[  105.841634][ T1021] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.845637][ T1021] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 58879, setting to 1024
[  105.850186][ T1021] usb 6-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[  105.853428][ T1021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.857352][ T1021] usb 6-1: config 0 descriptor??
[  105.861094][ T9154] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  106.052501][ T9206] netlink: 'syz.2.872': attribute type 1 has an invalid length.
[  106.066712][ T1021] usb 6-1: string descriptor 0 read error: -71
[  106.073642][ T1021] usbhid 6-1:0.0: can't add hid device: -71
[  106.075796][ T1021] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  106.085832][ T1021] usb 6-1: USB disconnect, device number 8
[  106.092279][ T9206] bond16: (slave veth73): Enslaving as a backup interface with a down link
[  106.096051][ T9206] FAULT_INJECTION: forcing a failure.
[  106.096051][ T9206] name failslab, interval 1, probability 0, space 0, times 0
[  106.101234][ T9206] CPU: 3 UID: 0 PID: 9206 Comm: syz.2.872 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[  106.104022][ T9206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.106994][ T9206] Call Trace:
[  106.108259][ T9206]  <TASK>
[  106.109156][ T9206]  dump_stack_lvl+0x16c/0x1f0
[  106.110483][ T9206]  should_fail_ex+0x497/0x5b0
[  106.111731][ T9206]  ? fs_reclaim_acquire+0xae/0x150
[  106.113310][ T9206]  should_failslab+0xc2/0x120
[  106.114527][ T9206]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  106.115903][ T9206]  ? __kernfs_new_node+0xd3/0x890
[  106.117355][ T9206]  __kernfs_new_node+0xd3/0x890
[  106.119018][ T9206]  ? __pfx___kernfs_new_node+0x10/0x10
[  106.120854][ T9206]  ? __pfx_lock_release+0x10/0x10
[  106.122721][ T9206]  ? kernfs_add_one+0x39d/0x520
[  106.124290][ T9206]  ? up_write+0x1b2/0x520
[  106.125696][ T9206]  kernfs_new_node+0x186/0x240
[  106.127319][ T9206]  __kernfs_create_file+0x53/0x350
[  106.129016][ T9206]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  106.130811][ T9206]  internal_create_group+0x56c/0xf10
[  106.132287][ T9206]  ? __pfx_internal_create_group+0x10/0x10
[  106.133938][ T9206]  ? kernfs_create_link+0x1bd/0x240
[  106.135448][ T9206]  internal_create_groups+0x9d/0x150
[  106.136910][ T9206]  device_add+0xf33/0x1a70
[  106.138090][ T9206]  ? __pfx_device_add+0x10/0x10
[  106.139345][ T9206]  ? __init_waitqueue_head+0xca/0x150
[  106.140726][ T9206]  netdev_register_kobject+0x183/0x3a0
[  106.142655][ T9206]  register_netdevice+0x1473/0x1e90
[  106.144531][ T9206]  ? __pfx_register_netdevice+0x10/0x10
[  106.146689][ T9206]  ? dev_addr_mod+0x321/0x5b0
[  106.148765][ T9206]  veth_newlink+0x291/0x8f0
[  106.150583][ T9206]  ? netlink_rcv_skb+0x16b/0x440
[  106.152445][ T9206]  ? __pfx_veth_newlink+0x10/0x10
[  106.154283][ T9206]  ? ___sys_sendmsg+0x135/0x1e0
[  106.156081][ T9206]  ? validate_linkmsg+0x57d/0xb60
[  106.158000][ T9206]  ? __pfx_validate_linkmsg+0x10/0x10
[  106.159975][ T9206]  ? alloc_netdev_mqs+0xed5/0x1510
[  106.161876][ T9206]  ? rtnl_create_link+0xa51/0xfa0
[  106.163654][ T9206]  ? __pfx_veth_newlink+0x10/0x10
[  106.165369][ T9206]  rtnl_newlink+0xb82/0x1ce0
[  106.167007][ T9206]  ? __pfx_rtnl_newlink+0x10/0x10
[  106.168708][ T9206]  ? __pfx___lock_acquire+0x10/0x10
[  106.170463][ T9206]  ? cred_has_capability.isra.0+0x192/0x2f0
[  106.172449][ T9206]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  106.174732][ T9206]  ? find_held_lock+0x2d/0x110
[  106.176547][ T9206]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  106.178726][ T9206]  ? __pfx_lock_release+0x10/0x10
[  106.180692][ T9206]  ? trace_lock_acquire+0x14e/0x1f0
[  106.182522][ T9206]  ? __pfx_rtnl_newlink+0x10/0x10
[  106.184273][ T9206]  rtnetlink_rcv_msg+0x95b/0xea0
[  106.185952][ T9206]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  106.187863][ T9206]  netlink_rcv_skb+0x16b/0x440
[  106.189642][ T9206]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  106.191441][ T9206]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  106.193274][ T9206]  ? netlink_deliver_tap+0x1ae/0xd30
[  106.195418][ T9206]  netlink_unicast+0x53c/0x7f0
[  106.197253][ T9206]  ? __pfx_netlink_unicast+0x10/0x10
[  106.199218][ T9206]  netlink_sendmsg+0x8b8/0xd70
[  106.200992][ T9206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  106.202958][ T9206]  ____sys_sendmsg+0xaaf/0xc90
[  106.204654][ T9206]  ? copy_msghdr_from_user+0x10b/0x160
[  106.206532][ T9206]  ? __pfx_____sys_sendmsg+0x10/0x10
[  106.208684][ T9206]  ? __lock_acquire+0xcc5/0x3c40
[  106.210383][ T9206]  ___sys_sendmsg+0x135/0x1e0
[  106.211998][ T9206]  ? __pfx____sys_sendmsg+0x10/0x10
[  106.213952][ T9206]  ? trace_lock_acquire+0x14e/0x1f0
[  106.215910][ T9206]  __sys_sendmmsg+0x201/0x420
[  106.217807][ T9206]  ? __pfx___sys_sendmmsg+0x10/0x10
[  106.219785][ T9206]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  106.221997][ T9206]  ? fput+0x67/0x440
[  106.223391][ T9206]  ? ksys_write+0x1ba/0x250
[  106.224918][ T9206]  ? __pfx_ksys_write+0x10/0x10
[  106.226606][ T9206]  __x64_sys_sendmmsg+0x9c/0x100
[  106.228389][ T9206]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.230218][ T9206]  do_syscall_64+0xcd/0x250
[  106.232210][ T9206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.234324][ T9206] RIP: 0033:0x7f625437ff19
[  106.235852][ T9206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.241300][ T9206] RSP: 002b:00007f62551e8058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  106.244246][ T9206] RAX: ffffffffffffffda RBX: 00007f6254545fa0 RCX: 00007f625437ff19
[  106.247186][ T9206] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[  106.250031][ T9206] RBP: 00007f62551e80a0 R08: 0000000000000000 R09: 0000000000000000
[  106.252771][ T9206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  106.255563][ T9206] R13: 0000000000000000 R14: 00007f6254545fa0 R15: 00007ffda05ec918
[  106.258386][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.873'.
[  106.258409][ T9206]  </TASK>
[  106.287677][ T9206] bond16: (slave veth75): Enslaving as a backup interface with a down link
[  106.467950][ T9232] IPVS: set_ctl: invalid protocol: 25647 47.112.116.109:30720
[  106.513977][ T9235] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  106.837770][   T35] tipc: Node number set to 134418688
[  106.945923][ T9257] binder: 9256:9257 ioctl c0306201 20000300 returned -22
[  106.988648][ T9260] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  107.220188][ T9279] __nla_validate_parse: 1 callbacks suppressed
[  107.220201][ T9279] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.894'.
[  107.224238][ T9279] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  107.257809][ T9277] block nbd1: Device being setup by another task
[  107.261437][ T9281] xt_hashlimit: size too large, truncated to 1048576
[  107.357787][ T9276] 
[  107.358740][ T9276] ======================================================
[  107.361092][ T9276] WARNING: possible circular locking dependency detected
[  107.363367][ T9276] 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0 Not tainted
[  107.365964][ T9276] ------------------------------------------------------
[  107.369735][ T9276] syz.1.893/9276 is trying to acquire lock:
[  107.371367][ T9276] ffff888025a64810 (set->srcu){.+.+}-{0:0}, at: __synchronize_srcu+0x99/0x2a0
[  107.374380][ T9276] 
[  107.374380][ T9276] but task is already holding lock:
[  107.376378][ T9276] ffff888025ae9968 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  107.379688][ T9276] 
[  107.379688][ T9276] which lock already depends on the new lock.
[  107.379688][ T9276] 
[  107.382448][ T9276] 
[  107.382448][ T9276] the existing dependency chain (in reverse order) is:
[  107.384964][ T9276] 
[  107.384964][ T9276] -> #6 (&q->sysfs_lock){+.+.}-{4:4}:
[  107.387110][ T9276]        __mutex_lock+0x19b/0xa60
[  107.388471][ T9276]        __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  107.390200][ T9276]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  107.391857][ T9276]        nbd_start_device+0x15b/0xd70
[  107.393312][ T9276]        nbd_ioctl+0x21a/0xfd0
[  107.394643][ T9276]        blkdev_ioctl+0x276/0x6d0
[  107.396025][ T9276]        __x64_sys_ioctl+0x190/0x200
[  107.397542][ T9276]        do_syscall_64+0xcd/0x250
[  107.398923][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.400609][ T9276] 
[  107.400609][ T9276] -> #5 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[  107.402912][ T9276]        blk_mq_submit_bio+0x1fb6/0x24c0
[  107.404476][ T9276]        __submit_bio+0x384/0x540
[  107.405834][ T9276]        submit_bio_noacct_nocheck+0x698/0xd70
[  107.407448][ T9276]        submit_bio_noacct+0x93a/0x1e20
[  107.408906][ T9276]        mpage_readahead+0x41d/0x590
[  107.410293][ T9276]        read_pages+0x1a8/0xdc0
[  107.411636][ T9276]        page_cache_ra_unbounded+0x3dc/0x750
[  107.413383][ T9276]        force_page_cache_ra+0x24b/0x340
[  107.415254][ T9276]        page_cache_sync_ra+0x110/0x9c0
[  107.417117][ T9276]        filemap_get_pages+0xd7b/0x1be0
[  107.418568][ T9276]        filemap_read+0x3ca/0xd70
[  107.419888][ T9276]        blkdev_read_iter+0x187/0x480
[  107.421317][ T9276]        vfs_read+0x87f/0xbe0
[  107.422648][ T9276]        ksys_read+0x12b/0x250
[  107.424248][ T9276]        do_syscall_64+0xcd/0x250
[  107.425737][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.427434][ T9276] 
[  107.427434][ T9276] -> #4 (mapping.invalidate_lock#2){++++}-{4:4}:
[  107.429660][ T9276]        down_read+0x9a/0x330
[  107.430897][ T9276]        page_cache_ra_unbounded+0x173/0x750
[  107.432542][ T9276]        page_cache_ra_order+0x8f2/0xc80
[  107.434435][ T9276]        filemap_fault+0x14a5/0x2820
[  107.436206][ T9276]        __do_fault+0x10a/0x490
[  107.437843][ T9276]        do_pte_missing+0xebd/0x3e00
[  107.439222][ T9276]        __handle_mm_fault+0x103c/0x2a40
[  107.440691][ T9276]        handle_mm_fault+0x3fa/0xaa0
[  107.442153][ T9276]        do_user_addr_fault+0x7a3/0x13f0
[  107.443753][ T9276]        exc_page_fault+0x5c/0xc0
[  107.445079][ T9276]        asm_exc_page_fault+0x26/0x30
[  107.446530][ T9276]        _copy_from_iter+0x384/0x1560
[  107.447931][ T9276]        tcp_sendmsg_locked+0x193b/0x3770
[  107.449406][ T9276]        tcp_sendmsg+0x2e/0x50
[  107.450679][ T9276]        inet_sendmsg+0xb9/0x140
[  107.452004][ T9276]        ____sys_sendmsg+0x98c/0xc90
[  107.453643][ T9276]        ___sys_sendmsg+0x135/0x1e0
[  107.455325][ T9276]        __sys_sendmsg+0x16e/0x220
[  107.456970][ T9276]        do_syscall_64+0xcd/0x250
[  107.458626][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.460704][ T9276] 
[  107.460704][ T9276] -> #3 (sk_lock-AF_INET){+.+.}-{0:0}:
[  107.463283][ T9276]        lock_sock_nested+0x3a/0xf0
[  107.465009][ T9276]        inet_shutdown+0x67/0x440
[  107.466675][ T9276]        nbd_mark_nsock_dead+0xae/0x5d0
[  107.468482][ T9276]        recv_work+0x691/0xaa0
[  107.470070][ T9276]        process_one_work+0x9c5/0x1ba0
[  107.471837][ T9276]        worker_thread+0x6c8/0xf00
[  107.473402][ T9276]        kthread+0x2c1/0x3a0
[  107.474989][ T9276]        ret_from_fork+0x45/0x80
[  107.476638][ T9276]        ret_from_fork_asm+0x1a/0x30
[  107.478346][ T9276] 
[  107.478346][ T9276] -> #2 (&nsock->tx_lock){+.+.}-{4:4}:
[  107.480851][ T9276]        __mutex_lock+0x19b/0xa60
[  107.482498][ T9276]        nbd_queue_rq+0x424/0x1220
[  107.484171][ T9276]        blk_mq_dispatch_rq_list+0x443/0x1dc0
[  107.486148][ T9276]        __blk_mq_sched_dispatch_requests+0xcdf/0x1620
[  107.488438][ T9276]        blk_mq_sched_dispatch_requests+0xd8/0x1b0
[  107.490593][ T9276]        blk_mq_run_hw_queue+0x239/0x670
[  107.492470][ T9276]        blk_mq_flush_plug_list+0x673/0x1c60
[  107.494431][ T9276]        __blk_flush_plug+0x2c5/0x4b0
[  107.496180][ T9276]        __submit_bio+0x439/0x540
[  107.497847][ T9276]        submit_bio_noacct_nocheck+0x698/0xd70
[  107.499854][ T9276]        submit_bio_noacct+0x93a/0x1e20
[  107.501689][ T9276]        block_read_full_folio+0x812/0xa50
[  107.503656][ T9276]        filemap_read_folio+0xc6/0x2a0
[  107.505487][ T9276]        do_read_cache_folio+0x263/0x5c0
[  107.507359][ T9276]        read_part_sector+0xd4/0x310
[  107.509089][ T9276]        adfspart_check_ICS+0x94/0x940
[  107.511067][ T9276]        bdev_disk_changed+0x71f/0x1520
[  107.512979][ T9276]        blkdev_get_whole+0x187/0x290
[  107.514992][ T9276]        bdev_open+0x2c7/0xe20
[  107.516710][ T9276]        blkdev_open+0x329/0x400
[  107.518403][ T9276]        do_dentry_open+0xf59/0x1ea0
[  107.520245][ T9276]        vfs_open+0x82/0x3f0
[  107.521723][ T9276]        path_openat+0x1e6a/0x2d60
[  107.523427][ T9276]        do_filp_open+0x20c/0x470
[  107.525238][ T9276]        do_sys_openat2+0x17a/0x1e0
[  107.527073][ T9276]        __x64_sys_openat+0x175/0x210
[  107.528953][ T9276]        do_syscall_64+0xcd/0x250
[  107.530688][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.532889][ T9276] 
[  107.532889][ T9276] -> #1 (&cmd->lock){+.+.}-{4:4}:
[  107.535443][ T9276]        __mutex_lock+0x19b/0xa60
[  107.537167][ T9276]        nbd_queue_rq+0xbe/0x1220
[  107.538864][ T9276]        blk_mq_dispatch_rq_list+0x443/0x1dc0
[  107.540954][ T9276]        __blk_mq_sched_dispatch_requests+0xcdf/0x1620
[  107.543302][ T9276]        blk_mq_sched_dispatch_requests+0xd8/0x1b0
[  107.545621][ T9276]        blk_mq_run_hw_queue+0x239/0x670
[  107.547633][ T9276]        blk_mq_flush_plug_list+0x673/0x1c60
[  107.549688][ T9276]        __blk_flush_plug+0x2c5/0x4b0
[  107.551557][ T9276]        __submit_bio+0x439/0x540
[  107.553308][ T9276]        submit_bio_noacct_nocheck+0x698/0xd70
[  107.555442][ T9276]        submit_bio_noacct+0x93a/0x1e20
[  107.557358][ T9276]        block_read_full_folio+0x812/0xa50
[  107.559360][ T9276]        filemap_read_folio+0xc6/0x2a0
[  107.561234][ T9276]        do_read_cache_folio+0x263/0x5c0
[  107.563163][ T9276]        read_part_sector+0xd4/0x310
[  107.565043][ T9276]        adfspart_check_ICS+0x94/0x940
[  107.566961][ T9276]        bdev_disk_changed+0x71f/0x1520
[  107.568927][ T9276]        blkdev_get_whole+0x187/0x290
[  107.570815][ T9276]        bdev_open+0x2c7/0xe20
[  107.572466][ T9276]        blkdev_open+0x329/0x400
[  107.574159][ T9276]        do_dentry_open+0xf59/0x1ea0
[  107.575969][ T9276]        vfs_open+0x82/0x3f0
[  107.577558][ T9276]        path_openat+0x1e6a/0x2d60
[  107.579314][ T9276]        do_filp_open+0x20c/0x470
[  107.581047][ T9276]        do_sys_openat2+0x17a/0x1e0
[  107.582838][ T9276]        __x64_sys_openat+0x175/0x210
[  107.584798][ T9276]        do_syscall_64+0xcd/0x250
[  107.586590][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.588783][ T9276] 
[  107.588783][ T9276] -> #0 (set->srcu){.+.+}-{0:0}:
[  107.591218][ T9276]        __lock_acquire+0x249e/0x3c40
[  107.593102][ T9276]        lock_sync+0xf5/0x190
[  107.594745][ T9276]        __synchronize_srcu+0xa9/0x2a0
[  107.596667][ T9276]        blk_mq_quiesce_queue+0x149/0x1b0
[  107.598765][ T9276]        elevator_disable+0x70/0x490
[  107.600704][ T9276]        __blk_mq_update_nr_hw_queues+0x3bb/0x14e0
[  107.602987][ T9276]        blk_mq_update_nr_hw_queues+0x2a/0x40
[  107.605083][ T9276]        nbd_start_device+0x15b/0xd70
[  107.607003][ T9276]        nbd_ioctl+0x21a/0xfd0
[  107.608683][ T9276]        blkdev_ioctl+0x276/0x6d0
[  107.610453][ T9276]        __x64_sys_ioctl+0x190/0x200
[  107.612309][ T9276]        do_syscall_64+0xcd/0x250
[  107.614088][ T9276]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.616342][ T9276] 
[  107.616342][ T9276] other info that might help us debug this:
[  107.616342][ T9276] 
[  107.619853][ T9276] Chain exists of:
[  107.619853][ T9276]   set->srcu --> &q->q_usage_counter(io)#50 --> &q->sysfs_lock
[  107.619853][ T9276] 
[  107.624483][ T9276]  Possible unsafe locking scenario:
[  107.624483][ T9276] 
[  107.627101][ T9276]        CPU0                    CPU1
[  107.628983][ T9276]        ----                    ----
[  107.630866][ T9276]   lock(&q->sysfs_lock);
[  107.632548][ T9276]                                lock(&q->q_usage_counter(io)#50);
[  107.635392][ T9276]                                lock(&q->sysfs_lock);
[  107.637801][ T9276]   sync(set->srcu);
[  107.639238][ T9276] 
[  107.639238][ T9276]  *** DEADLOCK ***
[  107.639238][ T9276] 
[  107.642132][ T9276] 5 locks held by syz.1.893/9276:
[  107.643869][ T9276]  #0: ffff888025b9f998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xfd0
[  107.646297][ T9276]  #1: ffff888025b9f8d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x20/0x40
[  107.649113][ T9276]  #2: ffff888025ae9438 (&q->q_usage_counter(io)#50){++++}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x14e0
[  107.652159][ T9276]  #3: ffff888025ae9470 (&q->q_usage_counter(queue)#34){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x14e0
[  107.655272][ T9276]  #4: ffff888025ae9968 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x14e0
[  107.658085][ T9276] 
[  107.658085][ T9276] stack backtrace:
[  107.659702][ T9276] CPU: 1 UID: 0 PID: 9276 Comm: syz.1.893 Not tainted 6.13.0-rc2-syzkaller-00018-g7cb1b4663150 #0
[  107.662696][ T9276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.665659][ T9276] Call Trace:
[  107.666520][ T9276]  <TASK>
[  107.667305][ T9276]  dump_stack_lvl+0x116/0x1f0
[  107.668552][ T9276]  print_circular_bug+0x419/0x5d0
[  107.669872][ T9276]  check_noncircular+0x31a/0x400
[  107.671154][ T9276]  ? __pfx_check_noncircular+0x10/0x10
[  107.672587][ T9276]  ? lockdep_lock+0xc6/0x200
[  107.673800][ T9276]  ? __pfx_lockdep_lock+0x10/0x10
[  107.675138][ T9276]  __lock_acquire+0x249e/0x3c40
[  107.676424][ T9276]  ? __pfx___lock_acquire+0x10/0x10
[  107.677767][ T9276]  ? hlock_class+0x4e/0x130
[  107.678956][ T9276]  ? mark_lock+0xb5/0xc60
[  107.680110][ T9276]  ? __pfx___lock_acquire+0x10/0x10
[  107.681464][ T9276]  ? __synchronize_srcu+0x99/0x2a0
[  107.682798][ T9276]  lock_sync+0xf5/0x190
[  107.683912][ T9276]  ? __synchronize_srcu+0x99/0x2a0
[  107.685251][ T9276]  __synchronize_srcu+0xa9/0x2a0
[  107.686549][ T9276]  ? __pfx___synchronize_srcu+0x10/0x10
[  107.687987][ T9276]  ? __pfx_lock_release+0x10/0x10
[  107.689309][ T9276]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  107.690833][ T9276]  blk_mq_quiesce_queue+0x149/0x1b0
[  107.692292][ T9276]  elevator_disable+0x70/0x490
[  107.693686][ T9276]  __blk_mq_update_nr_hw_queues+0x3bb/0x14e0
[  107.695384][ T9276]  ? __mutex_trylock_common+0xea/0x250
[  107.696889][ T9276]  ? __pfx___mutex_trylock_common+0x10/0x10
[  107.698439][ T9276]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  107.699935][ T9276]  ? rcu_is_watching+0x12/0xc0
[  107.701199][ T9276]  ? __pfx___blk_mq_update_nr_hw_queues+0x10/0x10
[  107.702970][ T9276]  ? blk_mq_update_nr_hw_queues+0x20/0x40
[  107.704492][ T9276]  ? __pfx___mutex_lock+0x10/0x10
[  107.705833][ T9276]  ? lockdep_hardirqs_on+0x7c/0x110
[  107.707271][ T9276]  ? __mutex_lock+0x1cc/0xa60
[  107.708553][ T9276]  ? nbd_ioctl+0x151/0xfd0
[  107.709739][ T9276]  ? __pfx___mutex_lock+0x10/0x10
[  107.711060][ T9276]  blk_mq_update_nr_hw_queues+0x2a/0x40
[  107.712501][ T9276]  nbd_start_device+0x15b/0xd70
[  107.713765][ T9276]  ? bpf_lsm_capable+0x9/0x10
[  107.715007][ T9276]  nbd_ioctl+0x21a/0xfd0
[  107.716125][ T9276]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  107.717790][ T9276]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  107.719469][ T9276]  ? __pfx_nbd_ioctl+0x10/0x10
[  107.720720][ T9276]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  107.722497][ T9276]  ? __pfx_lock_release+0x10/0x10
[  107.723829][ T9276]  ? __pfx_nbd_ioctl+0x10/0x10
[  107.725083][ T9276]  blkdev_ioctl+0x276/0x6d0
[  107.726278][ T9276]  ? __pfx_blkdev_ioctl+0x10/0x10
[  107.727603][ T9276]  ? selinux_file_ioctl+0x180/0x270
[  107.728961][ T9276]  ? selinux_file_ioctl+0xb4/0x270
[  107.730262][ T9276]  ? __pfx_blkdev_ioctl+0x10/0x10
[  107.731589][ T9276]  __x64_sys_ioctl+0x190/0x200
[  107.732840][ T9276]  do_syscall_64+0xcd/0x250
[  107.734040][ T9276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.735593][ T9276] RIP: 0033:0x7fef3877ff19
[  107.736771][ T9276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.741970][ T9276] RSP: 002b:00007fef3962f058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  107.744370][ T9276] RAX: ffffffffffffffda RBX: 00007fef38946080 RCX: 00007fef3877ff19
[  107.746552][ T9276] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000008
[  107.748652][ T9276] RBP: 00007fef387f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  107.750703][ T9276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  107.752753][ T9276] R13: 0000000000000000 R14: 00007fef38946080 R15: 00007ffc6c6f0c28
[  107.754795][ T9276]  </TASK>
[  107.755652][    C1] vkms_vblank_simulate: vblank timer overrun
[  107.857466][ T9275] block nbd1: shutting down sockets

VM DIAGNOSIS:
02:47:04  Registers:
info registers vcpu 0

CPU#0
RAX=000000000012a4f9 RBX=0000000000000000 RCX=ffffffff8b28e679 RDX=0000000000000000
RSI=ffffffff8b6cd860 RDI=ffffffff8bd1d280 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905f15d0 R15=0000000000000000
RIP=ffffffff8b28fa5f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f62545142d8 CR3=00000000358aa000 CR4=00352ef0
DR0=0000000000003000 DR1=0000000000006e50 DR2=0000000000000000 DR3=0000000000000f80 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff767b1ad00
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594f1471e 0000555594f136c0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594f1471e 0000555594f136c0
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594ea0940 0000555594eae700
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555594ea0980
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b9c018002000710 10000b8004128208 000ffe0800010000 0008060a0145cc01
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d00300100001c003 02100001b00301e8 100006900302d402 00080007000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20100006004be820 a080100001800401 0800060137e60008 0001e00300100001
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8003118004078003 0780042003000800 100303ffffffff04 0003200800061000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102a08010000004 0100000008060601 44c2000800600300 1000500300100040
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03021000300314d0 1000079003040000 0a80000600068001 000c000000040000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7c01000000000000 00000107003d0000 05284a0811800311 8004078003078004
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2003000800100303 ffffffff04000320 0800061000201000 06004be820a08010
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851b9525 RDI=ffffffff9ab0ac20 RBP=ffffffff9ab0abe0 RSP=ffffc90003c4f0b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000036 R14=ffffffff851b94c0 R15=0000000000000000
RIP=ffffffff851b954f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fef3962f6c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fef3960ed58 CR3=0000000055072000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc6c6f0fb0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fef387f4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000009be3c RBX=0000000000000002 RCX=ffffffff8b28e679 RDX=ffffed100d506fee
RSI=ffffffff8bd1d200 RDI=ffffffff81708549 RBP=ffffed1003a50000 RSP=ffffc90000197e08
R8 =0000000000000000 R9 =ffffed100d506fed R10=ffff88806a837f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801d280000 R14=ffffffff905f15d0 R15=0000000000000000
RIP=ffffffff8b28fa5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffda05ebf40 CR3=000000000df7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f62543f4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000009dfe4 RBX=0000000000000003 RCX=ffffffff8b28e679 RDX=ffffed100d526fee
RSI=ffffffff8bd1d200 RDI=ffffffff81708549 RBP=ffffed1003a50488 RSP=ffffc900001a7e08
R8 =0000000000000000 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d282440 R14=ffffffff905f15d0 R15=0000000000000000
RIP=ffffffff8b28fa5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcd92f142d8 CR3=0000000031ef6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdaf47e20 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcd92df4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000