last executing test programs:

3m5.389155052s ago: executing program 0 (id=75):
socket$nl_route(0x10, 0x3, 0x0)
r0 = open(&(0x7f0000000540)='./file1\x00', 0x48540, 0x20)
fremovexattr(0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000060a0b040000000000000000020000000900010073797a30000000000900020073797a32000000003800048034"], 0x8c}}, 0x0)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000088fe508a8500000004000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0x18)
set_tid_address(0x0)
connect$inet6(r2, 0x0, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r4, 0xfffffffc)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000c80)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}, @TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x9}]}}]}, 0x40}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

3m5.219003642s ago: executing program 0 (id=77):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x11, 0xa, 0x0)
getsockname$packet(r2, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000080), 0x10)
listen(r4, 0x0)
accept4$llc(r4, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), r5)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="00eb2400e8bb76b80477c2f8f9c00c0557d9c08ba7bda57fea3f9bcbbf10309dfc885e64f48f", @ANYRES16=r6, @ANYBLOB="010000000000000000000400000014000600776c616e31000000000000000000000014000300fe8000000000000700000000000000aa08000400ac141400100002"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="b687f63f2d2d3cf58df0a3d4ce47bda0845a325b2983cd2116f942a8ca1f01ef0c4eda026efdfdb2960377a052d8f33c1231e6f886b963d437ef95672bbdb311a00504504d56ec27515b31f3ddd0462a8807282bc7d8c442438510911060155c4e57743c38169e4fc9cca68f71077f2cdcd9d618392c8e14d4ece7aae2519da5f39ddbd81259680785ee63cf0bc86e21f9687d4bd8ea89e2f4cc9efad13a33c7e0700ada85756b7cb7e19f1b2800160abd283ed2c35eb6d7e810fca733b453ceedb900f1", @ANYRES16=r6, @ANYBLOB="000328bd7000fd037e0352dbdf250800000008000500ac1414bb14000300fe80000000000000000000000000003a14000600776c616e30000000000000000000000014000200fc020000000000000000000000000000080005000a01010114000200fc01000000000000000000000000000085"], 0x74}, 0x1, 0x0, 0x0, 0x4008c40}, 0x4)
epoll_create1(0x80000)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r5)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x4c, r7, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x6}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x10}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x8b}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x51}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24040004}, 0x20008014)
clock_gettime(0x0, 0x0)
r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r8, 0x40186f40, &(0x7f0000000440)=0x20000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40046f41, &(0x7f0000000440)=0x10)

3m4.759190952s ago: executing program 0 (id=79):
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000540)='./file1\x00', 0x48540, 0x20)
fremovexattr(0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}, @TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x9}]}}]}, 0x40}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r4, 0x7, 0x5000, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

3m4.717866198s ago: executing program 0 (id=80):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000000c0), 0x1048b, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x101800, 0x3)
move_mount(r1, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file0\x00', 0x1)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x45}, 0x2)
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x4}]}, 0x2c}}, 0x4000)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x3}}]}}]}, 0x48}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x5, {0x0, "f1b9a81697008d68a0328c49d2ee"}}]}, 0x30}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000010000000100000a34000000030a030000000000000000000a0000010900010073797a310000000008000a4000000000011400000011000100000000000000001f0100000a00"/92], 0x5c}, 0x1, 0x0, 0x0, 0x20008170}, 0x24000840)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000013c0)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0000, 0x5, 0xa0000001, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x9, 0x114b6000, 0xfffffffe, 0x2a70, 0xffff73cc, 0x81, 0x5, 0x0, 0x0, 0x400045, 0x20, 0x8, 0x5, 0x9, 0x3, 0xe, 0xa, 0x2, 0x4, 0x5, 0x2000003, 0xffff, 0x3, 0xffffdff8, 0x2, 0x8, 0x1a0055ee, 0x401, 0x1, 0xffff4229, 0x200000, 0x0, 0x22cc, 0x101, 0x4, 0x1, 0x1, 0x800, 0xf9, 0x9, 0x8, 0x2, 0x8, 0x2f, 0x4000006, 0x0, 0x101, 0x7, 0x7, 0xc5, 0x4, 0x2, 0xffffffff, 0x6, 0x5, 0x5, 0x5, 0x2, 0x9b58, 0x0, 0xb, 0x4be, 0x4, 0x100, 0xa, 0xca6, 0x9fa7, 0x7, 0x38, 0x4, 0xb, 0x7, 0x4d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x46, 0x9, 0x3, 0x7, 0x4, 0xc, 0x7, 0x8001, 0x7, 0x9, 0x1902, 0x400c3c, 0x3, 0x28000000, 0x4000000, 0x30c7, 0xfa9, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xd58, 0x5, 0x2, 0x4, 0x2, 0x2, 0x8, 0x8, 0xea, 0x0, 0x45ba, 0x9, 0x864b, 0xfffffffa, 0x7, 0x9, 0x8001, 0x7, 0x81, 0x3, 0x9, 0x7, 0xffffff80, 0x43, 0x8, 0x1, 0x6, 0x7, 0x9, 0x7fffffff, 0x4, 0x324f035, 0x6, 0x0, 0x7c1, 0x136, 0x2, 0x5, 0x1, 0x3ff, 0x4, 0x0, 0x2, 0x10001, 0xfffffffd, 0x5, 0x4, 0x400, 0x101, 0x4, 0x1b, 0xd589, 0xffffff81, 0x0, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd3d, 0x0, 0xfffffffe, 0x1, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0xffff, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b6, 0x1, 0x4, 0x9, 0x7, 0x4, 0x8, 0x0, 0x6, 0x8, 0x3, 0x7, 0x4, 0x9, 0x4, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0x1000, 0x8000, 0xffffff00, 0x894, 0x1000007, 0x7, 0x6, 0x6, 0x2, 0x9, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000003, 0x7, 0x656, 0x8008, 0x80000001, 0x384, 0x9, 0x58b, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0xfff, 0x0, 0x7, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x0, 0x5, 0x5e1d, 0x8}, 0x9, 0x8, 0x99}}]}}]}, 0x45c}}, 0x8000)
r11 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r11, 0x29, 0x21, &(0x7f0000000380)=0xc, 0x4)
setsockopt$inet6_mreq(r11, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000480)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x5, 0x7fffffff}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

3m4.553289428s ago: executing program 0 (id=81):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000200)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x4, 0x7c}, [@nested={0x8, 0x144, 0x0, 0x1, [@typed={0x4, 0x8}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
inotify_init1(0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r6}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5})
io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3m4.065134014s ago: executing program 0 (id=85):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x11, 0xa, 0x0)
getsockname$packet(r2, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000080), 0x10)
listen(r4, 0x0)
accept4$llc(r4, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), r5)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="00eb2400e8bb76b80477c2f8f9c00c0557d9c08ba7bda57fea3f9bcbbf10309dfc885e64f48f", @ANYRES16=r6, @ANYBLOB="010000000000000000000400000014000600776c616e31000000000000000000000014000300fe8000000000000700000000000000aa08000400ac141400100002"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="b687f63f2d2d3cf58df0a3d4ce47bda0845a325b2983cd2116f942a8ca1f01ef0c4eda026efdfdb2960377a052d8f33c1231e6f886b963d437ef95672bbdb311a00504504d56ec27515b31f3ddd0462a8807282bc7d8c442438510911060155c4e57743c38169e4fc9cca68f71077f2cdcd9d618392c8e14d4ece7aae2519da5f39ddbd81259680785ee63cf0bc86e21f9687d4bd8ea89e2f4cc9efad13a33c7e0700ada85756b7cb7e19f1b2800160abd283ed2c35eb6d7e810fca733b453ceedb900f1", @ANYRES16=r6, @ANYBLOB="000328bd7000fd037e0352dbdf250800000008000500ac1414bb14000300fe80000000000000000000000000003a14000600776c616e30000000000000000000000014000200fc020000000000000000000000000000080005000a01010114000200fc01000000000000000000000000000085"], 0x74}, 0x1, 0x0, 0x0, 0x4008c40}, 0x4)
epoll_create1(0x80000)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r5)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x4c, r7, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x6}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x10}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x8b}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x51}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24040004}, 0x20008014)
clock_gettime(0x0, 0x0)
r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r8, 0x40186f40, &(0x7f0000000440)=0x20000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40046f41, &(0x7f0000000440)=0x10)

3m3.946879169s ago: executing program 32 (id=85):
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x11, 0xa, 0x0)
getsockname$packet(r2, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000080), 0x10)
listen(r4, 0x0)
accept4$llc(r4, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000100), r5)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="00eb2400e8bb76b80477c2f8f9c00c0557d9c08ba7bda57fea3f9bcbbf10309dfc885e64f48f", @ANYRES16=r6, @ANYBLOB="010000000000000000000400000014000600776c616e31000000000000000000000014000300fe8000000000000700000000000000aa08000400ac141400100002"], 0x58}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=ANY=[@ANYBLOB="b687f63f2d2d3cf58df0a3d4ce47bda0845a325b2983cd2116f942a8ca1f01ef0c4eda026efdfdb2960377a052d8f33c1231e6f886b963d437ef95672bbdb311a00504504d56ec27515b31f3ddd0462a8807282bc7d8c442438510911060155c4e57743c38169e4fc9cca68f71077f2cdcd9d618392c8e14d4ece7aae2519da5f39ddbd81259680785ee63cf0bc86e21f9687d4bd8ea89e2f4cc9efad13a33c7e0700ada85756b7cb7e19f1b2800160abd283ed2c35eb6d7e810fca733b453ceedb900f1", @ANYRES16=r6, @ANYBLOB="000328bd7000fd037e0352dbdf250800000008000500ac1414bb14000300fe80000000000000000000000000003a14000600776c616e30000000000000000000000014000200fc020000000000000000000000000000080005000a01010114000200fc01000000000000000000000000000085"], 0x74}, 0x1, 0x0, 0x0, 0x4008c40}, 0x4)
epoll_create1(0x80000)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r5)
sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x4c, r7, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x6}, @IEEE802154_ATTR_TXPOWER={0x5, 0x21, 0x10}, @IEEE802154_ATTR_CCA_ED_LEVEL={0x8}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0x8b}, @IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x4}, @IEEE802154_ATTR_CSMA_RETRIES={0x5, 0x25, 0x51}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24040004}, 0x20008014)
clock_gettime(0x0, 0x0)
r8 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r8, 0x40186f40, &(0x7f0000000440)=0x20000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40046f41, &(0x7f0000000440)=0x10)

3m3.207568396s ago: executing program 3 (id=90):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x18, 0x0)
r1 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r1, 0x0)
open(&(0x7f0000000280)='.\x00', 0x141080, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
landlock_restrict_self(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000240)='asymmetric\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r5, &(0x7f0000001400)={&(0x7f0000000000)=@in={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000001340)=[{&(0x7f0000000140)="a1d9", 0x2}], 0x1, &(0x7f0000001380)=[@init={0x14, 0x84, 0x0, {0x7, 0x200, 0x5}}], 0x14, 0x1}, 0x2400c8d3)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c)
r7 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x24b9)

3m1.266341388s ago: executing program 3 (id=95):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000200)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x4, 0x7c}, [@nested={0x8, 0x144, 0x0, 0x1, [@typed={0x4, 0x8}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
write$bt_hci(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="5300030002"], 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r6}, &(0x7f0000000180)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r5})
io_uring_enter(r7, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3m0.175774719s ago: executing program 3 (id=100):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000200)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x3e, 0x107, 0xfffffffe, 0x0, {0x4, 0x7c}, [@nested={0x8, 0x144, 0x0, 0x1, [@typed={0x4, 0x8}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
write$bt_hci(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="5300030002"], 0x8)
inotify_init1(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r5, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m59.231796527s ago: executing program 3 (id=105):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000000c0), 0x1048b, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x101800, 0x3)
move_mount(r1, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file0\x00', 0x1)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000040)={0x0, 0x45}, 0x2)
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x4}]}, 0x2c}}, 0x4000)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x0, 0x3}}]}}]}, 0x48}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x5, {0x0, "f1b9a81697008d68a0328c49d2ee"}}]}, 0x30}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000010000000100000a34000000030a030000000000000000000a0000010900010073797a310000000008000a4000000000011400000011000100000000000000001f0100000a00"/92], 0x5c}, 0x1, 0x0, 0x0, 0x20008170}, 0x24000840)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000013c0)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0000, 0x5, 0xa0000001, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x9, 0x114b6000, 0xfffffffe, 0x2a70, 0xffff73cc, 0x81, 0x5, 0x0, 0x0, 0x400045, 0x20, 0x8, 0x5, 0x9, 0x3, 0xe, 0xa, 0x2, 0x4, 0x5, 0x2000003, 0xffff, 0x3, 0xffffdff8, 0x2, 0x8, 0x1a0055ee, 0x401, 0x1, 0xffff4229, 0x200000, 0x0, 0x22cc, 0x101, 0x4, 0x1, 0x1, 0x800, 0xf9, 0x9, 0x8, 0x2, 0x8, 0x2f, 0x4000006, 0x0, 0x101, 0x7, 0x7, 0xc5, 0x4, 0x2, 0xffffffff, 0x6, 0x5, 0x5, 0x5, 0x2, 0x9b58, 0x0, 0xb, 0x4be, 0x4, 0x100, 0xa, 0xca6, 0x9fa7, 0x7, 0x38, 0x4, 0xb, 0x7, 0x4d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x46, 0x9, 0x3, 0x7, 0x4, 0xc, 0x7, 0x8001, 0x7, 0x9, 0x1902, 0x400c3c, 0x3, 0x28000000, 0x4000000, 0x30c7, 0xfa9, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xd58, 0x5, 0x2, 0x4, 0x2, 0x2, 0x8, 0x8, 0xea, 0x0, 0x45ba, 0x9, 0x864b, 0xfffffffa, 0x7, 0x9, 0x8001, 0x7, 0x81, 0x3, 0x9, 0x7, 0xffffff80, 0x43, 0x8, 0x1, 0x6, 0x7, 0x9, 0x7fffffff, 0x4, 0x324f035, 0x6, 0x0, 0x7c1, 0x136, 0x2, 0x5, 0x1, 0x3ff, 0x4, 0x0, 0x2, 0x10001, 0xfffffffd, 0x5, 0x4, 0x400, 0x101, 0x4, 0x1b, 0xd589, 0xffffff81, 0x0, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd3d, 0x0, 0xfffffffe, 0x1, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0xffff, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b6, 0x1, 0x4, 0x9, 0x7, 0x4, 0x8, 0x0, 0x6, 0x8, 0x3, 0x7, 0x4, 0x9, 0x4, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0x1000, 0x8000, 0xffffff00, 0x894, 0x1000007, 0x7, 0x6, 0x6, 0x2, 0x9, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000003, 0x7, 0x656, 0x8008, 0x80000001, 0x384, 0x9, 0x58b, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0xfff, 0x0, 0x7, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x0, 0x5, 0x5e1d, 0x8}, 0x9, 0x8, 0x99}}]}}]}, 0x45c}}, 0x8000)
r11 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r11, 0x29, 0x21, &(0x7f0000000380)=0xc, 0x4)
setsockopt$inet6_mreq(r11, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000480)={0x1, &(0x7f0000000200)=[{0x6, 0x1, 0x5, 0x7fffffff}]})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

2m59.056846782s ago: executing program 3 (id=107):
socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000540)='./file1\x00', 0x48540, 0x20)
fremovexattr(0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}, @TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x9}]}}]}, 0x40}}, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r4, 0x7, 0x5000, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

2m58.478974086s ago: executing program 3 (id=109):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f0000000040)={0x1fd, 0x100, 0x400, &(0x7f0000000500)=[0x9b, 0xff, 0xffffffffffff0001, 0xfffffffffffffffc, 0x6, 0xf62, 0xfd45, 0x7, 0xe96, 0x5, 0x6, 0x0, 0x8, 0x3, 0xb, 0x9, 0x9, 0xfffffffffffffff0, 0x9, 0x4, 0x7, 0x8000000000000000, 0x6, 0x0, 0xffffffff7fffffff, 0xb, 0x6, 0x4, 0x8, 0xfffffffffffffff7, 0x4, 0x10001, 0x0, 0xe9e, 0x3, 0x7f, 0x4, 0x1, 0x7fff, 0x740, 0x8, 0x5, 0x7, 0x4eb, 0x74, 0x1, 0x8, 0x80000001, 0x7f, 0x4e4a, 0x1, 0x1, 0x7, 0x3, 0x7, 0x8000, 0x4, 0xe5, 0xe, 0x7fffffffffffffff, 0xfffffffffffffff0, 0x4, 0x0, 0x3ff, 0x4, 0x9, 0xfffffffffffffff8, 0x10001, 0xb, 0xef8, 0x0, 0x7fffffff, 0x6, 0x401, 0x101, 0x31b, 0x7, 0xb0ad, 0x80000001, 0x528, 0x5, 0xb, 0x48, 0x401, 0x100, 0xc42, 0x1, 0x8, 0x9, 0xd9, 0x6, 0x1, 0x7f, 0x904, 0xa6, 0x0, 0x0, 0x75f7, 0xe, 0x2, 0x47ab7c2c0000000, 0x9, 0x10, 0x10000, 0x4, 0x7, 0xa3, 0x7fffffff, 0xff, 0x1, 0x0, 0x8000, 0x1ff, 0x7, 0xffffffffffffffc0, 0x2, 0xfffffffffffffff7, 0x0, 0x5, 0x100, 0x5, 0x4, 0xa7, 0x60000000000000, 0x9, 0x1, 0x4d, 0x1]})
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000002c0)={'nr0\x00', 0x100})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x20000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r3], &(0x7f0000000280), &(0x7f0000000200), &(0x7f00000002c0), 0x0, 0x7f})

2m58.408031115s ago: executing program 33 (id=109):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r0, 0xc018aec0, &(0x7f0000000040)={0x1fd, 0x100, 0x400, &(0x7f0000000500)=[0x9b, 0xff, 0xffffffffffff0001, 0xfffffffffffffffc, 0x6, 0xf62, 0xfd45, 0x7, 0xe96, 0x5, 0x6, 0x0, 0x8, 0x3, 0xb, 0x9, 0x9, 0xfffffffffffffff0, 0x9, 0x4, 0x7, 0x8000000000000000, 0x6, 0x0, 0xffffffff7fffffff, 0xb, 0x6, 0x4, 0x8, 0xfffffffffffffff7, 0x4, 0x10001, 0x0, 0xe9e, 0x3, 0x7f, 0x4, 0x1, 0x7fff, 0x740, 0x8, 0x5, 0x7, 0x4eb, 0x74, 0x1, 0x8, 0x80000001, 0x7f, 0x4e4a, 0x1, 0x1, 0x7, 0x3, 0x7, 0x8000, 0x4, 0xe5, 0xe, 0x7fffffffffffffff, 0xfffffffffffffff0, 0x4, 0x0, 0x3ff, 0x4, 0x9, 0xfffffffffffffff8, 0x10001, 0xb, 0xef8, 0x0, 0x7fffffff, 0x6, 0x401, 0x101, 0x31b, 0x7, 0xb0ad, 0x80000001, 0x528, 0x5, 0xb, 0x48, 0x401, 0x100, 0xc42, 0x1, 0x8, 0x9, 0xd9, 0x6, 0x1, 0x7f, 0x904, 0xa6, 0x0, 0x0, 0x75f7, 0xe, 0x2, 0x47ab7c2c0000000, 0x9, 0x10, 0x10000, 0x4, 0x7, 0xa3, 0x7fffffff, 0xff, 0x1, 0x0, 0x8000, 0x1ff, 0x7, 0xffffffffffffffc0, 0x2, 0xfffffffffffffff7, 0x0, 0x5, 0x100, 0x5, 0x4, 0xa7, 0x60000000000000, 0x9, 0x1, 0x4d, 0x1]})
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000002c0)={'nr0\x00', 0x100})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x20000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r3], &(0x7f0000000280), &(0x7f0000000200), &(0x7f00000002c0), 0x0, 0x7f})

2m13.07214944s ago: executing program 2 (id=345):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
write$bt_hci(r2, 0x0, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYRESDEC=0x0, @ANYBLOB=',gro', @ANYRESDEC=0x0])
inotify_init1(0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m12.045554357s ago: executing program 2 (id=354):
syz_open_dev$tty20(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, 0x0)
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m10.898587392s ago: executing program 2 (id=362):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
write$bt_hci(r2, 0x0, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',gro', @ANYRESDEC=0x0])
inotify_init1(0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m9.959413058s ago: executing program 2 (id=368):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'ip6tnl0\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6}]}}}]}, 0x50}}, 0x0)
mount$bind(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x21a5099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0/file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)
futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={{0x0, 0xea60}, {0x77359400}})

2m9.959279204s ago: executing program 2 (id=369):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x20, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x48d5}, 0x8010)
sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x14, 0x3, 0x7, 0x301, 0x0, 0x0, {0x5}}, 0x14}}, 0x4040000) (fail_nth: 6)

2m9.637970729s ago: executing program 2 (id=374):
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="c400e50066818fc185b8af2f3f217a3dbc3477a7ec0183a902f1629242f08d26e2ea082c7def7a807a4c79a9dec6445290d037fca226c4aee6802c33e25f45cb0ad0b71906dc290afcecb6dc58a4da35df0ed3165b8c7f8c35c68eba0169fbc7fe1d10d6665ebb019f30000000000000", @ANYRES32=r1, @ANYBLOB="081000000300000024001280110001006272696467655f736c617665000000000c0005800500080001000000"], 0x44}, 0x1, 0x0, 0x0, 0x200404c1}, 0x40000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e) (async)
connect$unix(r3, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
socket(0x2, 0x80805, 0x0) (async)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xd78, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}]}, &(0x7f0000000100)=0xc) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xd78, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}]}, &(0x7f0000000100)=0xc)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x66, &(0x7f0000000080), &(0x7f000009de80)=0x8)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010101, @in=@multicast2, 0x0, 0x0, 0xfffe, 0x1, 0x2, 0x0, 0x0, 0x3c}, {0x8000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x4}, {0x0, 0x0, 0xfffffffffffffffe}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0x1, 0x10000000}}, 0xe4) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010101, @in=@multicast2, 0x0, 0x0, 0xfffe, 0x1, 0x2, 0x0, 0x0, 0x3c}, {0x8000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x4}, {0x0, 0x0, 0xfffffffffffffffe}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0x1, 0x10000000}}, 0xe4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0x81}, 0x1c)
r9 = socket$key(0xf, 0x3, 0x2)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0xbe)
ioctl$BLKIOMIN(r8, 0x1278, &(0x7f00000002c0)) (async)
ioctl$BLKIOMIN(r8, 0x1278, &(0x7f00000002c0))
sendmsg$key(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="02090000020000000000000000006ed50d169fd1259a4008814b921f312bdff9490675285f56e698679723b433298a597a017f02c5d6ebed91840ceb992d349e05fa69"], 0x10}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0)
socket(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0)

2m9.588639876s ago: executing program 34 (id=374):
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="c400e50066818fc185b8af2f3f217a3dbc3477a7ec0183a902f1629242f08d26e2ea082c7def7a807a4c79a9dec6445290d037fca226c4aee6802c33e25f45cb0ad0b71906dc290afcecb6dc58a4da35df0ed3165b8c7f8c35c68eba0169fbc7fe1d10d6665ebb019f30000000000000", @ANYRES32=r1, @ANYBLOB="081000000300000024001280110001006272696467655f736c617665000000000c0005800500080001000000"], 0x44}, 0x1, 0x0, 0x0, 0x200404c1}, 0x40000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e) (async)
connect$unix(r3, &(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
socket(0x2, 0x80805, 0x0) (async)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xd78, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}]}, &(0x7f0000000100)=0xc) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xd78, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}]}, &(0x7f0000000100)=0xc)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x66, &(0x7f0000000080), &(0x7f000009de80)=0x8)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010101, @in=@multicast2, 0x0, 0x0, 0xfffe, 0x1, 0x2, 0x0, 0x0, 0x3c}, {0x8000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x4}, {0x0, 0x0, 0xfffffffffffffffe}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0x1, 0x10000000}}, 0xe4) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010101, @in=@multicast2, 0x0, 0x0, 0xfffe, 0x1, 0x2, 0x0, 0x0, 0x3c}, {0x8000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x4}, {0x0, 0x0, 0xfffffffffffffffe}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0x1, 0x10000000}}, 0xe4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0x81}, 0x1c)
r9 = socket$key(0xf, 0x3, 0x2)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r10, 0xae03, 0xbe)
ioctl$BLKIOMIN(r8, 0x1278, &(0x7f00000002c0)) (async)
ioctl$BLKIOMIN(r8, 0x1278, &(0x7f00000002c0))
sendmsg$key(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="02090000020000000000000000006ed50d169fd1259a4008814b921f312bdff9490675285f56e698679723b433298a597a017f02c5d6ebed91840ceb992d349e05fa69"], 0x10}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0)
socket(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0)

2m8.86493256s ago: executing program 5 (id=378):
socket$unix(0x1, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140))
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x84}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xe4}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_script(r2, &(0x7f00000000c0), 0x28)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000400)=ANY=[@ANYBLOB="1808000000000000000000000100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b509020002000000739a00fe00000000b509000004000000c39a04fee1000000bf8700000000000007080000f8ffffffbfa420000000000007040000f0ffffffb70200000800000018220000b9bcdc382a8a5c93c79e1374d6a3a817e672663728211280e7a0a599d3ff383a5f3cd64a4fa927f5793a27e7e68716bb34b021cd767a92ab889e1412c7da11a054e3eba222214e5cdbd781c7bd409ff51ec0fb0ad8ef5df06e779161f135c37ba10e2a0303b745dc4be9508500e17b583b17e47c4abf801199d01a41e5fa5a5e4e1ca1b366c3f96b3edca5ab27cda0c570149f973f5898ab", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b700000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x1c, &(0x7f00000004c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0x3, &(0x7f0000000000)=0x8000004, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00'})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
socket(0x2000000000000021, 0x2, 0x10000000000002)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$TIOCSETD(r8, 0x5423, 0x0)
syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)

2m8.078269978s ago: executing program 5 (id=383):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r6, 0x800, 0x75507}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x20008010)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8010800)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r11=>0x0})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x40000, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r11}]}, 0x20}}, 0x8040)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r11, 0x192}}, 0x20}}, 0x0)
r13 = fsopen(&(0x7f0000000100)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH(r13, 0x3, &(0x7f0000000180)='utf8', &(0x7f0000000340)='./file2\x00', 0xffffffffffffff9c)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r4, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

2m6.084966958s ago: executing program 5 (id=387):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000200)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0xc000)
write$bt_hci(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="5300030002"], 0x8)
inotify_init1(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(0x0, 0x2, 0x101121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r5, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m5.988334165s ago: executing program 5 (id=389):
creat(&(0x7f0000000140)='./bus\x00', 0x140)
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0xa62d, 0x2)
ioctl$vim2m_VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000e80))
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES8=0x0, @ANYBLOB='\x00'/20, @ANYRES32=r0, @ANYRES8=r0, @ANYBLOB='\x00'/28], 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f00000002c0), 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000340)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregset(0x4205, r1, 0x2, &(0x7f00000001c0)={0x0, 0x6c})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r2, 0xc0205710, &(0x7f00000004c0)={0x0, 0x83e56, 0x10, 0x0, 0x3})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(r3, &(0x7f0000002080)={0x2020, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x2020)
prlimit64(r4, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000240), 0x57, 0x200002)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
r6 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x24, 0x4, 0x8, 0x5, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3b}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x888e}]}, 0x24}}, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})

2m5.891281386s ago: executing program 5 (id=390):
socket$packet(0x11, 0x2, 0x300) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 32)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000001c0)={[{@mpol={'mpol', 0x3d, {'bind', '', @void}}, 0x4e}]}) (async, rerun: 32)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async)
r2 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
ioctl$VIDIOC_G_PRIORITY(0xffffffffffffffff, 0x80045643, 0x2) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x69b70}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)

2m5.608480026s ago: executing program 5 (id=391):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48)
listen(r0, 0x1ad72f6)
accept4(r0, 0x0, 0x0, 0x80000)
accept4$netrom(r0, 0x0, 0x0, 0x80000) (fail_nth: 6)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

2m5.555293448s ago: executing program 35 (id=391):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0xa}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default]}, 0x48)
listen(r0, 0x1ad72f6)
accept4(r0, 0x0, 0x0, 0x80000)
accept4$netrom(r0, 0x0, 0x0, 0x80000) (fail_nth: 6)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

8.817431367s ago: executing program 7 (id=1133):
syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
write$char_usb(r0, &(0x7f0000000080)="a4770a9560d9225e162dfe828246801ed4b55417d16a58873fea8940a75c43429ed19ca8c7a0b8ce1e5e7fbbd96100e6c983e0c8c41e0d509b92fb21ad475b0c9371564d44b33b8a71367b89f019b578627a0b16d39e048f8ad00cfcd07f449d114f43c82321941c3f67f329087efcebe82d931ac731dddd511c76bb1bd06a56507fc850d0ae7302db5299d7f04a180a9293643ab7fe", 0x96)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYRES32=r0], &(0x7f0000000040)='syzkaller\x00', 0x400, 0x0, 0x0, 0x41000, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f00000004c0)=""/139, &(0x7f0000000100)=0x8b)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200)='geneve1\x00', 0x10)
syz_usb_connect$uac1(0x1, 0x102, &(0x7f0000000580)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xf0, 0x3, 0x1, 0x9, 0x10, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xec, 0x2}, [@processing_unit={0x8, 0x24, 0x7, 0x6, 0x1, 0x0, "87"}, @selector_unit={0x8, 0x24, 0x5, 0x2, 0xe, "d4aef2"}, @input_terminal={0xc, 0x24, 0x2, 0x1, 0x101, 0x6, 0x2, 0x6, 0x7f, 0x2c}, @processing_unit={0x8, 0x24, 0x7, 0x6, 0x1, 0x2c, "f8"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x2, 0x5, 0x6, "b0198045edaaea5790"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x0, 0x2, 0xc, 0x0, "d0f5ef57"}, @as_header={0x7, 0x24, 0x1, 0xf7, 0x9, 0x2}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0xc0, 0x4, 0x6b, {0x7, 0x25, 0x1, 0x3, 0x8, 0x200}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x5, 0x2, 0x2, 0x6, "261e2e6646d5"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x8, 0x1, 0xd, 0x2, '$', "cf628b"}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x4, 0xb20, 0x5, "9acf1a4ecde3"}, @format_type_ii_discrete={0xe, 0x24, 0x2, 0x2, 0x6, 0x2, 0x4, "4ed3a052ff"}, @format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x4, 0x3, 0xc, "e209929137395c51"}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x5, 0x2, 0x7, {0x7, 0x25, 0x1, 0x0, 0x6, 0x7}}}}}}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x300, 0x9, 0x4, 0x7, 0x20, 0x89}, 0x3e, &(0x7f0000000240)=ANY=[@ANYBLOB="050f3e00040b10010c9800010f02000324100a04460000000f7809000000001f30c00000000000003f000008000000000000000003100b071002085bff0f"], 0x3, [{0xaf, &(0x7f0000000400)=@string={0xaf, 0x3, "ccfed5fe2ed42c41c0dfec24f715a0829d661df2f475e74cf717c80e86366eaed04206b4a6f7b68f689734d4fbc9fdf1ee022e0e0b44e6dd5f1269e5f1210a6c4d8957ebf4115e0bdffd0b09fd3025ea5999f9c09ea788934ef0785efb334dba0f31efb2a6df3ebeecd7014a2411b74cc52b089d271bc569a3265b351d6fa15bdfce732fec1c018f277a26c04f8eee6bfc86ba176b86b25024f6e6da824bad8092dd0b605e4307ae95cddb99d3"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x404}}, {0x59, &(0x7f00000006c0)=ANY=[@ANYBLOB="5903b5b8ab80936b56c369a8929c5af0008424606e6d4c723390a6f1dda9d55b83077e152284c4b34e1bec756e6f35e7e1d79d3813705b35cfe38c453abdeff116d4a364641e09914dbea526f15d7ae326ead672acad75fdcc"]}]})
r2 = memfd_secret(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910dae"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r4 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r3, r2, 0x2e, 0x4608, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r4, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
fsopen(&(0x7f0000000040)='efivarfs\x00', 0x1)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f00000000c0)='rpc_request\x00', r5, 0x0, 0x5}, 0x18)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r7, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x8)
syz_emit_ethernet(0x3a, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @empty}, {0x0, 0x17c1, 0x18, 0x0, @wg=@data}}}}}, 0x0)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

3.505726491s ago: executing program 4 (id=1175):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f0000000000))
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x140)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x480242, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000000)='./file0/file1\x00', 0x10)
write$cgroup_type(r3, &(0x7f00000009c0), 0xd4ba0ff)
r4 = socket(0x2, 0x3, 0x8)
setsockopt$inet_int(r4, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r4, 0x0, 0xfffd, 0x80, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
recvfrom$l2tp6(r4, 0x0, 0x0, 0x40002140, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYRESOCT=r4, @ANYRESHEX=r1], &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r5}, 0x10)
unlink(&(0x7f0000000100)='./file0/file1\x00')
link(&(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00')
lsm_get_self_attr(0x64, &(0x7f0000000240)={0x0, 0x0, 0xf3, 0xd3, ""/212}, &(0x7f0000000200)=0xfffffffffffffd9f, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = openat$nmem0(0xffffff9c, &(0x7f0000000000), 0x664200, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

2.989199688s ago: executing program 7 (id=1176):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xb8, &(0x7f0000000140), &(0x7f00000000c0)=0x4)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)}], 0x1, 0x2040801)
sendmsg$key(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0}}, 0x80)
r1 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
readv(r1, &(0x7f0000000380)=[{&(0x7f0000000200)=""/195, 0xc3}], 0x1)
ioctl$CDROMRESET(r1, 0x5312)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x22}}}}, 0x84)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000001140)={0x3, {{0x2, 0x4e23, @multicast2}}}, 0x90)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32=r6, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002"], 0x44}}, 0x4044001)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x2c, 0x11, 0x1, 0x2000000, 0xffffffff, {0x0, 0x0, 0x0, r6, {}, {}, {0xfff3}}, [{0x8, 0xb, 0x200}]}, 0x2c}}, 0x0)
openat(r3, &(0x7f0000000180)='./file0\x00', 0x11800, 0x24)
ioctl$BSG_GET_RESERVED_SIZE(r3, 0x2272, &(0x7f00000003c0))
sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000013c0)={0x2, 0xe, 0x7, 0x9, 0x181, 0x0, 0x70bd25, 0x25dfdbff, [@sadb_x_sec_ctx={0x17f, 0x18, 0x1, 0x3d, 0xbef, "e341c74782a2c951ab943d71ba3c55224a9fe14b8424ad8458250bcbd05d83b6382e06f01e4996acfb9c112201da2df33fb5cdd666af1beef2377e7a621dc3e8750487b2f1bddd0035b6a72d6be9d61ab73f5be725bbd7e18887d8999e2cefae6ee3604e3a8aa7962aa799aab1b116c10dba4ef6698837b6ba2c9a339af2f57c36df4b2fb797e8cba76a6e8a97a0a3d28462c770892785d8b2abe3189c00cff8aa9e075764cc2867c22e9b41a3cfe9f58356749cf5e7f0535f4d46ecaefff51b45141f8cb288544496dd7b9d6263e5f07ef287789a061d07dd3513b023d3d18cb44ddad8ca653ccdcb353a52ed4bcbc147b3211d8a1423aaf14ed24dd14f12ea2ab66103785cda61c5fc90cbf954fda3552900186b551e63bf7dd6dc092084a65a7ff92714cc4ddfe5a9152d61624ff12400ff15f6f351b5d566434173eaeb3f24320aa36eccdd91b30843848320a137f6993b7fe4f94692dd70ea779533e5f462eacfe6aa326611bcc22e9d626ae460eef961072e127e37a38f6b9ba7352d133af4c0185072cc741439ccbeee4d8b37dd30a5ea82a744251531f95396307d2a23f42a943e6a1b43cfe61e5b636bae621b472897ef8eb94aa1d23a04ed577308d9d0e170d28c965b8aec81400b30c9578e4555c0c7fcdff4de6b44bf82b195b86be4231709a750b18282ed41340f81ed7cf188c0d17b42ec37fd29894f8d8f80850cfa4e0f3a4ed6fbd5121696cbc42b83cfb96574ee91bbbd2f1cce3ff8394190d6a5289efcd050e02a617cd4cfeb77919e4e0eb68c3f5914b8a79cbef1670d5ab0ec0605ba74924908fa6d04bf322f358d356aecb99530c8434018b42b2d8578bde1be21ad4bf2261be1a4b3eb552f934336540a57b6be37c88efffae6201c8ff5e97f50c5bf7ad3b4b26d75d5296cc807cb27c76b61beac93b32edcb136003b65e296a85fa87adcbd5e653c6d4b35697fdc4f50164ca3caa780bd8853191c457c9663229625e3f23b7cecb5031881c328c74bf809435187241f1c3201ac0036da740d57b0c7875f4cf6dc602684191b3255ac3f8f7f035c659a894104082b8b8449ed8cfae2051bd23ecd59388212d6f9a8ef35ff8dae2442c2c1158ce70940a35c6ceec832289938cc7e3124e8b833184e3f2ebc04ad85f4da844fa55b9fc46b761973f25a0b8f4e0b95e78ab2aec17bcd761b296566e11c56cbbd17aa5de69791adc7c61a5a2c580f396db2cf82af79d64c1340110a70fcf7eac53891afae8d6b4a2158379c674cf5f0614ad8441d8e0ae072a17a94e016f6255760144d9fd2aa39f3a5fd14c7ef18364e7de82c9977e4c78feff186eac634f4982161ae1f39658682b6270965f944e2276cb30816a683c476a0cdc8735ed62422e2165376834117bdc47e588a54e30d69bd388a30dbc5f7b49cd6dcb9589f8c0cdd51a70d45c794175ad24ee97bc1fdf5ef662473b41b387c464484d756d72b24cc415ce3b7697b7ccc5a179aa582cef1dfe3764f95632368cebd1094ddf74f2fc6dc549c562f58e77f6d872f72350f94d193d8914d2c4894b6df9208b8d85a22760a37bbbbcaddb069ff613cf332ec9781432e2ca0fc059c5982d78948264e31a6f3605955a17448e390f234d178ccbab0af224efd9b21d760b14b550fe8b4e1c85832f50994109ae733c49ddb84fbe58a9049dbd43c97f289d5c5580708cc627b0261ea7b360675dae117a1cc6be7dfed50f5f2568e70de38755fd1f4f83fc9488942fdff26d38a351ba07c25cb4cf94b4fde5b41aa08821f832aeb3e82bfbfa0be74f013716e565d16b29a17bddcfa5813bb27ea9518aa64fd9df56a3949500f0caba009173ecfa12937bf53428c2f3d4e0484aa026284bf1de23bbac2b5cf9ddf1951c3a2bad32f551c5d8ab95776b4e0f787f2036ee86682c9edc9fc77139dfc1e5cdb3ab94277bbfb6547863193a589e03064aaffdc3e1723a3feb548787e8b83d1880ceacdcf811b0f56c658721a5e2778a895d0304d9016e60e55c8721550748ec5170f14316c409960a4cf3e937719aec380af39004e14e1f3a642128fe776e06c82045e0ce4021e6740757e31feb2dac1c7494686e4511498b6311f719dff835da0afc815d5ddabc7e45a8aa18da7d108df997505cafcb7724b22ad0d99eeb1057b9eae7f344a190474d13ca8cc58ecd4da015d47e30178ce0c56fd5b0633f58d7017ced16d63963a4d60b60418225223cd8ddf9c699c959678656f4591c488c5c1c0270217a8361ec72b73082810f516bb5756a90c0f75fc17c635c85bee3c4e861bc9bab56c45aec7f26779c170d27813b6ff87fc92513c73aafed5016c989adf26cb3755b2c926cca6275cf4da1934ab74b88ae016f806a6f61f4f6efb7ea8007c4f9ed5c0891c1eea9905eee2c1bb0dacc5f3c374f972bbc74649ca32d478a0301939618b0814e03dc455be1416dc711f5de0e46e4a44b5721b719157077c35102dd77819228d6570e1cf94ecfc1e7f781079602aec947bc523e2d383b165187a80a9c967d73c6e30ac3d5674c3ed9d6d2783458c5122d0d64c3f0ab7d322db4fdb3f5f84cde4b6ec444e51f88983fd4e5044303f578e7a16a94047152278f758c3fa3de6c260e271b0be24ec0633ce44e0aa2c03e6b8de87cb317d1824678511b56d5ba62633d8111e488383d8d2663080c657abd67ef7180173256179eab6e25728bebbe694c9a2e84cda86179bfc63e5e919916c8bdb9c440676459ebcef7fa40ea73da1b25e1daa0046f5ed8216e8e3d167c2898694318796234bbdfb74502380ee29bb7fa44f6dcf2afb977f787c6f315d0489bd5c59bc4fd98f9c23c73feedffbf3c5119d288c7a9909ff9c4c665dbded5f277855d786324322b1142e94a97cbafa8b9164ba599afc82463115527acfbeab5b7e7e80c094b437e145f2fb7a0c8563f392974f084bf1e4789a6c21d6c090731d8415d65de14dd4562a33c5642521dc073be805b736e7191e02116d5d8df6f5580d838f7e49acd5f281d27cc414f546075b8a1a2f988969ecfe68e359986fd4753389d66d247b791048e93502ee2aeee623dead1c199677854777957fc1c554515ef938e77911634cd95c2466fd9150b034b74ea46c176b5c59144628b01d1c39b97893e506ee8344739de0a3983dac705178fbab4906f6c3d1b273d7201340652e2aa3246f3cc39576a544b4c5e3262a566483b5b129f3c3489880cacef5f4f96b08bd77fb7517b100189b05337d777b4662efdc741404ddbfc0f3876df0b36d4659aa0423cdd1fae6622e8bdc5ac7bf3cbb43d67ea8cb1353654fdb5e7ad0a8a904b3c199a3f961aeab99f94fd9b30083f5f7a5f1ce4af3d6a2433ec44f0d7083010be88bba987e377d921627f4cd31c63d30cdd5be70c38feffa0009a14668d832d65a3a505c8cc84e4422b81d3cb82b1fcd24bf1c04fd0d973979332d817d603988ed642fb9f07d9f3a90bca788b534d0a9f60c6517961a1e3cce930078098ebb837f21843bd2e26ac9b38457444f12ca96db6989c656aaa31ea6fb43132a68697a6fd0aa80e079b40a9c95dbfad42ed012f0fff6545e92da8b2dce564fb206f2a88a2bf7c8afb3c83c8f710c97a75888b3bdbef1639ac8e9fb6d6cf507fd1077ea8500bfd200520fe4747697ac331196c6792e1f64507263d15fe8e0e3851b957892b00d45eedb93532ed7523fe245d1912e5aa3a295ad150957e6ae012c565a7b2ae914805e216a4cc0f9bfda9fd43d5aa6e40d00ca9489f861d4d2504bb047fec4810ca0b6b58a6a06866d94d900273a224c1fc9f7f8ea2504b32c3bc0ce017caf7294732e30d2fc5f9a0f35bd6666f1bfd57d4ebb02eafdc786b1009538c34ef3a3e158986897e351c4da08d393a9eb1c098b713a3bc5c3622358cc77d9e838bb56e29a0f3fe0a60cd1e9293709158693064830c7580f34cb62ea2d59cd66b88c0162422dbbb64089bf1e07836a549715a1975321c3f9f0edac8d45501feb6eb9ab4235d637a88c94ab196558760b22338cf683a4b3c6e70488b6fcda5db5bb36b6f1b4dbf6b71896430f0b3ae99e4b29bca3d18e865b5d2224cc4cabeb03498da37254a3ae491a3cd45e2a478e4537f03eeef23f1f15f1bab1ac2c21f87f427e74b508e72cc314d4bc9c918c07f31e7c6d4d20f41b0466c88057153ddeb3e8d3c5458078a291e374de672dbeb6c6a76e7dbd8749d07411c0aea880b8bf724e7c796efc8538940024bc54e3c7d3699024b213a4e7876297edf20a42e0056a04256d661739887fe87c7f5f11f797a60df7d75a"}]}, 0xc08}}, 0x0)
unshare(0x46000000)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='ufs\x00', 0x2a08840, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './cgroup\x00'})

2.964190915s ago: executing program 6 (id=1177):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TCSETS(r1, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r3, 0x800, 0x75507}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x20008010)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8010800)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x40000, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r7}]}, 0x20}}, 0x8040)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

2.894904413s ago: executing program 4 (id=1178):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r0}, 0x10)
fcntl$addseals(r1, 0x409, 0xa)

2.837692248s ago: executing program 4 (id=1179):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r4, 0x800, 0x75507}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x20008010)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8010800)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r8=>0x0})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x40000, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r8}]}, 0x20}}, 0x8040)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

2.717467361s ago: executing program 1 (id=1180):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
read$FUSE(r0, &(0x7f00000092c0)={0x2020}, 0x2020)
sendmmsg$unix(r0, &(0x7f0000002000), 0x0, 0x800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0xa)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))

2.698569331s ago: executing program 6 (id=1181):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
socket$nl_route(0x10, 0x3, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
recvmmsg$unix(r3, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

1.612046461s ago: executing program 1 (id=1182):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x85f, &(0x7f0000000100)={0x0, 0x48de3, 0x10310, 0x1, 0x4004a}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2deb, 0x13a0, 0x5a, 0x0, 0x0)
ioctl$VT_RESIZEX(r2, 0x560a, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r6)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2}}, 0x2, 0x0, 0x0, 0x2}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r6, 0x40047459, 0x0)
r9 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r9, 0xc0045005, &(0x7f0000000140)=0x2000)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0xa, 0x7ffffffb, 0x14, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x0, 0x1}, 0x50)
write$dsp(0xffffffffffffffff, &(0x7f0000000300)='U', 0x1)
ppoll(&(0x7f00000000c0)=[{r9, 0x9620}], 0x1, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x100, 0x800, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)

1.605047625s ago: executing program 4 (id=1183):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
write$bt_hci(r2, 0x0, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_', @ANYRESDEC=0x0, @ANYBLOB=',gro', @ANYRESDEC=0x0])
inotify_init1(0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f00000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1254, 0x0, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.591790885s ago: executing program 7 (id=1184):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.584509372s ago: executing program 4 (id=1185):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat2$dir(0xffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240)={0x0, 0xc0, 0x21}, 0x18)
statx(r0, &(0x7f0000000000)='./file0\x00', 0x400, 0x40, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x83}]}, &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getuid()
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x400, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r2, @ANYRES16])
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fanotify_init(0x4c, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10)
ioctl$SOUND_OLD_MIXER_INFO(0xffffffffffffffff, 0x80304d65, &(0x7f0000000280))
shutdown(0xffffffffffffffff, 0x1)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYRESDEC=0x0])
fspick(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x1)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

1.581734945s ago: executing program 6 (id=1186):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (fail_nth: 1)

1.418287455s ago: executing program 7 (id=1187):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r0}, 0x10)
fcntl$addseals(r1, 0x409, 0xa)

1.335966966s ago: executing program 7 (id=1188):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f0000001000)='./file0\x00')
r1 = open(&(0x7f00000030c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x240, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
epoll_create(0x207ffd)
epoll_pwait(r1, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000480)={[0x4]}, 0x8, 0x80000)
r4 = syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0xeffffffd}, &(0x7f0000000240), &(0x7f0000000300))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r4, 0x21, &(0x7f0000000440)=r3, 0x1)
ioctl$FIONREAD(r0, 0x541b, &(0x7f00000004c0))
r5 = dup(r2)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r5}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r9, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000500)=""/109, &(0x7f0000000600)=0x6d)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000640)=ANY=[@ANYBLOB="010000000007afccd664a7ad035ddc6e90a9de55f21affaa9e291c820b000c024e5badbbbedd2f15b04a8701287380b1c8326587d4881fea646b95963de21c5f4f8c710c7c6208c98da71a241997c8dc8a94425142eef7bfe93a0a4c8e9ebe5cc3d764f3b27175ae4d88b4c3651bc7cff6cefbd79e4114e1818200624ec56c13e5493df0f7f837dc85cdc4271a5131ea69f763b050c4d644043bd68e4fb643a62096a6a488a32e8593bfb6d630cd1e58836ac8b1928de8a967aeecb38047285d24ecbc5e77f92658f4217425e0055194d717fed472a7387427ec5da830fc1f93e4809b2bba1d28a122ab3c5c293abb"])
ioctl$KVM_SET_BOOT_CPU_ID(r3, 0xae78, &(0x7f0000000280)=0x2)

727.279882ms ago: executing program 4 (id=1189):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0xc0, 0x30, 0x2, 0x0, 0x0, {}, [{0xac, 0x1, [@m_ct={0x4c, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0xb, 0x6, "c93ab3e13e013c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_mpls={0x5c, 0x7, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_BOS={0x5}]}, {0x25, 0x6, "de1b9c7fd9a876f69ea32cf6723ac15abcb42d608c5e2212c314a6a4399ea68ec0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r2 = socket$inet6(0xa, 0x1, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000040)={{{@in=@loopback, @in=@loopback, 0x4e22, 0x0, 0x4, 0x8, 0x2}, {}, {0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0x0, 0x1}, {{@in=@empty, 0xfffffffd, 0x32}, 0xa, @in6=@private0, 0xfffffffd, 0x4, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x12d102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r6, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r7, &(0x7f0000000100), 0xfffffd9d)
r8 = socket(0x1e, 0x4, 0x0)
connect$tipc(r8, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendfile(r8, r7, 0x0, 0x8010002b)

656.371594ms ago: executing program 6 (id=1190):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x28, r1, 0x4, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000001}, 0x40448c4)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2400292c87738ce8cbf3576d4c51f1c01498a9cbff832b1d9a7e2c1a35c8acb6f173c76d0433e07c8e9d6bb7ec912e4f2373083294f65be94c43e451cf65e6693a99c908be7fc9b668ab549bbe1e240eec513eb9ba861d6ba602c1942e36b9647284350764511fd9c26b6564b366d857bda86033ea08995c7bac0df0bdc2e311eaa9da922cbd582c2a5c2fdc3ef5b1a6b045dfd55c179df04b92729d04b12b973dbbfb2d58054a514bf00883ecd41959f91e7899e2e5ca7a9c4408", @ANYRES16=r3, @ANYBLOB="15012bbd7000fddbdf2517000000040030800c0006000100000001000000"], 0x24}, 0x1, 0x0, 0x0, 0xc79a6edd23b6d10d}, 0x40800)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0x10001, <r4=>0xffffffffffffffff, 0x2})
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x140d, 0x400, 0x70bd29, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x1)

653.435758ms ago: executing program 6 (id=1191):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x2a, 0x2, 0x0) (async)
socket(0x2a, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
openat$vicodec1(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
r4 = openat$vicodec1(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r4, 0xc038563b, &(0x7f0000000280)={0x1, 0x0, {0x2573, 0x5, 0x6, 0x596d67bd}})
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) (async)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r5}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000001d0000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv4_newaddr={0x34, 0x14, 0x1, 0x0, 0x25dfdbfc, {0x2, 0x1f, 0x49, 0xcb, r8}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_LABEL={0x14}]}, 0x34}}, 0x0) (async)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv4_newaddr={0x34, 0x14, 0x1, 0x0, 0x25dfdbfc, {0x2, 0x1f, 0x49, 0xcb, r8}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_LABEL={0x14}]}, 0x34}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118)
r10 = syz_open_dev$ndb(&(0x7f0000000200), 0x0, 0x2000)
ioctl$BLKGETSIZE64(r10, 0x80041272, &(0x7f00000002c0))
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000006c0), r11)
sendmsg$NLBL_CIPSOV4_C_LIST(r11, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r12, 0x1}, 0x14}}, 0x0) (async)
sendmsg$NLBL_CIPSOV4_C_LIST(r11, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x14, r12, 0x1}, 0x14}}, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a80)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000940)="ed26", 0x4, 0x0, 0x7771}, 0x4c)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8})
getpeername$packet(r9, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (async)
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

637.073632ms ago: executing program 1 (id=1192):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r4, 0x800, 0x75507}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x20008010)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8010800)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r8=>0x0})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x40000, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r8}]}, 0x20}}, 0x8040)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

591.29937ms ago: executing program 7 (id=1193):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRES8], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)={0x2c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_CHANNEL={0x5, 0x8, 0x7}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1}]}, 0x2c}}, 0x64000)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004000000410000000000000001"], 0x48)
chdir(&(0x7f00000000c0)='./file0\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r3, &(0x7f0000000180)={0x10, 0x17, 0xfffd, {0x7, './file0'}}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0x33f, 0xff0)

419.389847ms ago: executing program 6 (id=1194):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000040)={0x274e, 0x1, 0x7, 0xf, 0x3, "0982aa2494a49e680d061bb20776a4e7af8bc6", 0x1, 0x6})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
write$bt_hci(r2, 0x0, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_', @ANYRESDEC=0x0, @ANYBLOB=',gro', @ANYRESDEC=0x0])
inotify_init1(0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f00000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1254, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x42, 0x3f, 0x0, r5}, 0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x400000, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

413.493277ms ago: executing program 1 (id=1195):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-160\x00'}, 0x58)
socket$nl_route(0x10, 0x3, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

335.542178ms ago: executing program 1 (id=1196):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x21182, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0xa, 0x1, 0x0, 0x0, 'syz0\x00', 0xe}, 0x6, 0x100, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = gettid()
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x4, 0x3, 0x1, 0x1}, 0x8)
setrlimit(0x7, &(0x7f0000000000)={0x4, 0x6})
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
shmget$private(0x0, 0x3000, 0x10, &(0x7f0000003000/0x3000)=nil)
write$rfkill(r2, &(0x7f0000000080)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000000480)="510a068ea8209e5cc9c1c51119b38c62ff3c1ab3ad7485ed007510fee1470ba298f9d27a0db318c0379e11d9d5d15e3ed835b8a2c661d99ee1b0cd46ffec1c8fb07bc1f6ab98976e4c200aec6f8c41586c7eb1cb6a6704000000000000008974b1a010cbd162125e17ed963997f4cada45540bb5439f3c6cb7da2a9332c08cf8ea96809ae9825f941e914a266a4bbc1324f9e64f3287a5c41d50d9cbf9540b1e4a8ca459633dfdd0e9af22057737380fb564c4fa432508d48f0541d0e204127500002200000000d13d58e14e41dca73d84e3df7a1bebb754625a6f7cd8af3c5590b027644c97b185ed74967d93e5921b43514ac1a518c3a1700622a533d0e9617d46927c0d8bd9a38b1c11a15ef22ef97a425742f44ce0296f3bf0f3d06026c808d30121f7f82b686bc7b174484bd4525d5ea0c857186123fb8002d1acda45008f66416fe0dff7ab2f220899eeec4493ffe4a5df3657a3677b1f04f2", 0x15c}], 0x1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x9, 0x6576, 0x800})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000000)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
unshare(0xc000680)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/mnt\x00')
syz_clone(0xb41a0400, 0x0, 0x0, 0x0, 0x0, 0x0)
write$rfkill(r2, &(0x7f0000000200)={0x1, 0x21, 0x2, 0x81, 0x1}, 0x8)
move_pages(0x0, 0x0, 0x0, &(0x7f0000001180), &(0x7f0000000000), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1830f8ff0800000000000000030000009400000000000000"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x21}, 0x94)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f00000001c0)={0x3, &(0x7f0000000100)=[{0x40, 0x2, 0x8, 0x59}, {0x802, 0xff, 0x6, 0x400}, {0x8000, 0x1f, 0xba, 0x5}]})
socket$igmp6(0xa, 0x3, 0x2)
syz_clone(0x92328480, 0x0, 0xffffffffffffffa3, 0x0, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x8a, &(0x7f0000000240)={0x42, 0x1}, 0x10)

0s ago: executing program 1 (id=1197):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f0000000340)="0000000000000002ff69000000000002fe00001800000002000200861fa72e5b01504104bfeacdd5a9007d16", 0x2c, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
read$FUSE(r0, &(0x7f00000092c0)={0x2020}, 0x2020)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

netlink: 8 bytes leftover after parsing attributes in process `syz.1.654'.
[  165.451331][ T8849] netlink: 8 bytes leftover after parsing attributes in process `syz.1.654'.
[  165.487661][ T8852] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  165.512984][ T8852] 9pnet: p9_errstr2errno: server reported unknown error �@íÎ0x0000000000000008
[  165.575602][ T8859] vlan0: entered allmulticast mode
[  165.577242][ T8859] veth0_to_bond: entered allmulticast mode
[  166.137231][ T8869] FAULT_INJECTION: forcing a failure.
[  166.137231][ T8869] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.141652][ T8869] CPU: 3 UID: 0 PID: 8869 Comm: syz.7.660 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  166.141668][ T8869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.141675][ T8869] Call Trace:
[  166.141679][ T8869]  <TASK>
[  166.141684][ T8869]  dump_stack_lvl+0x16c/0x1f0
[  166.141702][ T8869]  should_fail_ex+0x512/0x640
[  166.141719][ T8869]  _copy_to_user+0x32/0xd0
[  166.141738][ T8869]  simple_read_from_buffer+0xcb/0x170
[  166.141758][ T8869]  proc_fail_nth_read+0x197/0x240
[  166.141771][ T8869]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.141784][ T8869]  ? rw_verify_area+0xcf/0x6c0
[  166.141796][ T8869]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.141807][ T8869]  vfs_read+0x1e4/0xcf0
[  166.141822][ T8869]  ? __pfx_vfs_read+0x10/0x10
[  166.141839][ T8869]  ? find_held_lock+0x2b/0x80
[  166.141854][ T8869]  ? __fget_files+0x20e/0x3c0
[  166.141869][ T8869]  ksys_read+0x12a/0x250
[  166.141881][ T8869]  ? __pfx_ksys_read+0x10/0x10
[  166.141895][ T8869]  ? rcu_is_watching+0x12/0xc0
[  166.141908][ T8869]  __do_fast_syscall_32+0x7c/0x3a0
[  166.141923][ T8869]  do_fast_syscall_32+0x32/0x80
[  166.141938][ T8869]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  166.141952][ T8869] RIP: 0023:0xf7f21579
[  166.141960][ T8869] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  166.141971][ T8869] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  166.141982][ T8869] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5446620
[  166.141989][ T8869] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  166.141995][ T8869] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  166.142001][ T8869] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  166.142007][ T8869] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  166.142021][ T8869]  </TASK>
[  166.204779][    C3] vkms_vblank_simulate: vblank timer overrun
[  166.232909][ T8873] netlink: 'syz.7.662': attribute type 1 has an invalid length.
[  166.245371][ T8873] 8021q: adding VLAN 0 to HW filter on device bond1
[  166.265973][ T8873] 8021q: adding VLAN 0 to HW filter on device bond1
[  166.268357][ T8873] bond1: (slave vti0): The slave device specified does not support setting the MAC address
[  166.272166][ T8873] bond1: (slave vti0): Error -95 calling set_mac_address
[  167.027070][ T1146] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.033315][ T1146] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.036943][ T1146] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.039637][ T1146] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.276768][ T8897] netlink: 72 bytes leftover after parsing attributes in process `syz.6.668'.
[  167.377642][ T8904] FAULT_INJECTION: forcing a failure.
[  167.377642][ T8904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.381787][ T8904] CPU: 1 UID: 0 PID: 8904 Comm: syz.4.669 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  167.381818][ T8904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.381825][ T8904] Call Trace:
[  167.381829][ T8904]  <TASK>
[  167.381834][ T8904]  dump_stack_lvl+0x16c/0x1f0
[  167.381851][ T8904]  should_fail_ex+0x512/0x640
[  167.381869][ T8904]  _copy_from_user+0x2e/0xd0
[  167.381887][ T8904]  snd_pcm_oss_write2+0x1c2/0x410
[  167.381907][ T8904]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  167.381923][ T8904]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  167.381936][ T8904]  ? snd_pcm_oss_prepare+0x11e/0x220
[  167.381954][ T8904]  snd_pcm_oss_write+0x711/0xa10
[  167.381966][ T8904]  ? security_file_permission+0x71/0x210
[  167.381984][ T8904]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  167.381993][ T8904]  vfs_write+0x29d/0x11d0
[  167.382010][ T8904]  ? __pfx_vfs_write+0x10/0x10
[  167.382021][ T8904]  ? find_held_lock+0x2b/0x80
[  167.382033][ T8904]  ? __fget_files+0x204/0x3c0
[  167.382048][ T8904]  ? __fget_files+0x20e/0x3c0
[  167.382063][ T8904]  ksys_write+0x12a/0x250
[  167.382076][ T8904]  ? __pfx_ksys_write+0x10/0x10
[  167.382090][ T8904]  ? rcu_is_watching+0x12/0xc0
[  167.382103][ T8904]  __do_fast_syscall_32+0x7c/0x3a0
[  167.382118][ T8904]  do_fast_syscall_32+0x32/0x80
[  167.382132][ T8904]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.382147][ T8904] RIP: 0023:0xf7f07579
[  167.382155][ T8904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.382166][ T8904] RSP: 002b:00000000f53e455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  167.382177][ T8904] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800001c0
[  167.382184][ T8904] RDX: 00000000ffffffd9 RSI: 0000000000000000 RDI: 0000000000000000
[  167.382190][ T8904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.382196][ T8904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  167.382202][ T8904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.382216][ T8904]  </TASK>
[  168.260388][ T8923] netlink: 'syz.4.674': attribute type 4 has an invalid length.
[  168.268831][ T8923] netlink: 'syz.4.674': attribute type 4 has an invalid length.
[  168.827278][ T6036] usb 52-1: device descriptor read/8, error -110
[  168.865821][ T5983] Bluetooth: hci1: command 0x0405 tx timeout
[  169.113222][ T8936] netlink: 'syz.1.678': attribute type 4 has an invalid length.
[  169.228670][ T6036] usb usb52-port1: attempt power cycle
[  170.042049][ T8952] FAULT_INJECTION: forcing a failure.
[  170.042049][ T8952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.047319][ T8952] CPU: 1 UID: 0 PID: 8952 Comm: syz.4.682 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  170.047346][ T8952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.047354][ T8952] Call Trace:
[  170.047358][ T8952]  <TASK>
[  170.047363][ T8952]  dump_stack_lvl+0x16c/0x1f0
[  170.047381][ T8952]  should_fail_ex+0x512/0x640
[  170.047399][ T8952]  _copy_from_user+0x2e/0xd0
[  170.047416][ T8952]  __sys_bpf+0x21d/0x4de0
[  170.047433][ T8952]  ? rcu_is_watching+0x12/0xc0
[  170.047445][ T8952]  ? trace_sched_exit_tp+0xd0/0x120
[  170.047462][ T8952]  ? __pfx___sys_bpf+0x10/0x10
[  170.047478][ T8952]  ? ksys_write+0x190/0x250
[  170.047503][ T8952]  ? fput+0x9b/0xd0
[  170.047518][ T8952]  ? ksys_write+0x1ac/0x250
[  170.047538][ T8952]  __ia32_sys_bpf+0x76/0xe0
[  170.047556][ T8952]  __do_fast_syscall_32+0x7c/0x3a0
[  170.047572][ T8952]  do_fast_syscall_32+0x32/0x80
[  170.047586][ T8952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.047600][ T8952] RIP: 0023:0xf7f07579
[  170.047609][ T8952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.047620][ T8952] RSP: 002b:00000000f53e455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  170.047631][ T8952] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0
[  170.047638][ T8952] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  170.047644][ T8952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.047650][ T8952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.047657][ T8952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.047670][ T8952]  </TASK>
[  170.051146][ T6036] usb usb52-port1: unable to enumerate USB device
[  170.235171][ T5334] Bluetooth: hci0: command 0x0406 tx timeout
[  170.747819][ T8969] fuse: Bad value for 'fd'
[  170.831105][ T8971] FAULT_INJECTION: forcing a failure.
[  170.831105][ T8971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.835211][ T8971] CPU: 1 UID: 0 PID: 8971 Comm: syz.7.687 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  170.835226][ T8971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.835233][ T8971] Call Trace:
[  170.835237][ T8971]  <TASK>
[  170.835241][ T8971]  dump_stack_lvl+0x16c/0x1f0
[  170.835258][ T8971]  should_fail_ex+0x512/0x640
[  170.835276][ T8971]  _copy_from_iter+0x29f/0x16f0
[  170.835294][ T8971]  ? __alloc_skb+0x200/0x380
[  170.835308][ T8971]  ? __pfx__copy_from_iter+0x10/0x10
[  170.835326][ T8971]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  170.835345][ T8971]  netlink_sendmsg+0x829/0xdd0
[  170.835362][ T8971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.835378][ T8971]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  170.835392][ T8971]  ____sys_sendmsg+0xa95/0xc70
[  170.835411][ T8971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  170.835427][ T8971]  ? get_compat_msghdr+0x11a/0x170
[  170.835447][ T8971]  ___sys_sendmsg+0x134/0x1d0
[  170.835461][ T8971]  ? __pfx____sys_sendmsg+0x10/0x10
[  170.835481][ T8971]  ? find_held_lock+0x2b/0x80
[  170.835502][ T8971]  __sys_sendmsg+0x16d/0x220
[  170.835515][ T8971]  ? __pfx___sys_sendmsg+0x10/0x10
[  170.835539][ T8971]  ? rcu_is_watching+0x12/0xc0
[  170.835552][ T8971]  __do_fast_syscall_32+0x7c/0x3a0
[  170.835568][ T8971]  do_fast_syscall_32+0x32/0x80
[  170.835582][ T8971]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.835609][ T8971] RIP: 0023:0xf7f21579
[  170.835618][ T8971] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.835629][ T8971] RSP: 002b:00000000f540455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  170.835639][ T8971] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000140
[  170.835646][ T8971] RDX: 0000000014040044 RSI: 0000000000000000 RDI: 0000000000000000
[  170.835653][ T8971] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.835659][ T8971] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.835665][ T8971] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.835679][ T8971]  </TASK>
[  171.427188][ T8980] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.691'.
[  171.500890][ T8981] netlink: 52 bytes leftover after parsing attributes in process `syz.1.691'.
[  171.503907][ T8981] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  172.479792][ T8997] fuse: Bad value for 'fd'
[  172.539164][ T8999] openvswitch: netlink: Key type 29 is not supported
[  173.613355][ T9017] FAULT_INJECTION: forcing a failure.
[  173.613355][ T9017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.617735][ T9017] CPU: 3 UID: 0 PID: 9017 Comm: syz.7.703 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  173.617750][ T9017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.617757][ T9017] Call Trace:
[  173.617761][ T9017]  <TASK>
[  173.617765][ T9017]  dump_stack_lvl+0x16c/0x1f0
[  173.617783][ T9017]  should_fail_ex+0x512/0x640
[  173.617800][ T9017]  _copy_to_user+0x32/0xd0
[  173.617818][ T9017]  simple_read_from_buffer+0xcb/0x170
[  173.617838][ T9017]  proc_fail_nth_read+0x197/0x240
[  173.617851][ T9017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.617863][ T9017]  ? rw_verify_area+0xcf/0x6c0
[  173.617874][ T9017]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  173.617886][ T9017]  vfs_read+0x1e4/0xcf0
[  173.617901][ T9017]  ? __pfx_vfs_read+0x10/0x10
[  173.617912][ T9017]  ? find_held_lock+0x2b/0x80
[  173.617926][ T9017]  ? __fget_files+0x20e/0x3c0
[  173.617943][ T9017]  ksys_read+0x12a/0x250
[  173.617955][ T9017]  ? __pfx_ksys_read+0x10/0x10
[  173.617967][ T9017]  ? fput+0x9b/0xd0
[  173.617981][ T9017]  ? rcu_is_watching+0x12/0xc0
[  173.617994][ T9017]  __do_fast_syscall_32+0x7c/0x3a0
[  173.618011][ T9017]  do_fast_syscall_32+0x32/0x80
[  173.618025][ T9017]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  173.618053][ T9017] RIP: 0023:0xf7f21579
[  173.618063][ T9017] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  173.618074][ T9017] RSP: 002b:00000000f5425590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  173.618084][ T9017] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5425620
[  173.618091][ T9017] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  173.618098][ T9017] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  173.618104][ T9017] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  173.618110][ T9017] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  173.618123][ T9017]  </TASK>
[  174.706506][ T9032] fuse: Bad value for 'fd'
[  175.589385][ T9042] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  175.597626][ T9042] CIFS mount error: No usable UNC path provided in device string!
[  175.597626][ T9042] 
[  175.601033][ T9042] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  176.257624][ T9050] FAULT_INJECTION: forcing a failure.
[  176.257624][ T9050] name failslab, interval 1, probability 0, space 0, times 0
[  176.261838][ T9050] CPU: 0 UID: 0 PID: 9050 Comm: syz.6.713 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  176.261855][ T9050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  176.261861][ T9050] Call Trace:
[  176.261865][ T9050]  <TASK>
[  176.261870][ T9050]  dump_stack_lvl+0x16c/0x1f0
[  176.261887][ T9050]  should_fail_ex+0x512/0x640
[  176.261904][ T9050]  should_failslab+0xc2/0x120
[  176.261920][ T9050]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  176.261934][ T9050]  ? sctp_get_port_local+0x54d/0x1670
[  176.261948][ T9050]  sctp_get_port_local+0x54d/0x1670
[  176.261964][ T9050]  ? __pfx_sctp_get_port_local+0x10/0x10
[  176.261976][ T9050]  ? sctp_bind_addr_match+0x193/0x300
[  176.261988][ T9050]  ? sctp_bind_addr_match+0x19d/0x300
[  176.262000][ T9050]  sctp_do_bind+0x223/0x700
[  176.262017][ T9050]  sctp_connect_new_asoc+0x5e7/0x770
[  176.262033][ T9050]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  176.262051][ T9050]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  176.262069][ T9050]  sctp_sendmsg+0x1560/0x1e10
[  176.262087][ T9050]  ? __lock_acquire+0xb97/0x1ce0
[  176.262101][ T9050]  ? __pfx_sctp_sendmsg+0x10/0x10
[  176.262115][ T9050]  ? __pfx___might_resched+0x10/0x10
[  176.262130][ T9050]  ? aa_sk_perm+0x2f4/0xb10
[  176.262145][ T9050]  ? __pfx_aa_sk_perm+0x10/0x10
[  176.262157][ T9050]  ? find_held_lock+0x2b/0x80
[  176.262171][ T9050]  ? __pfx_sctp_sendmsg+0x10/0x10
[  176.262186][ T9050]  inet_sendmsg+0x119/0x140
[  176.262198][ T9050]  ____sys_sendmsg+0x973/0xc70
[  176.262227][ T9050]  ? trace_gfs2_bmap+0xf3/0x230
[  176.262244][ T9050]  ? __pfx_____sys_sendmsg+0x10/0x10
[  176.262260][ T9050]  ? get_compat_msghdr+0x11a/0x170
[  176.262278][ T9050]  ___sys_sendmsg+0x134/0x1d0
[  176.262293][ T9050]  ? __pfx____sys_sendmsg+0x10/0x10
[  176.262313][ T9050]  ? find_held_lock+0x2b/0x80
[  176.262331][ T9050]  __sys_sendmsg+0x16d/0x220
[  176.262345][ T9050]  ? __pfx___sys_sendmsg+0x10/0x10
[  176.262364][ T9050]  ? rcu_is_watching+0x12/0xc0
[  176.262377][ T9050]  __do_fast_syscall_32+0x7c/0x3a0
[  176.262393][ T9050]  do_fast_syscall_32+0x32/0x80
[  176.262407][ T9050]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  176.262421][ T9050] RIP: 0023:0xf70ce579
[  176.262429][ T9050] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  176.262440][ T9050] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  176.262451][ T9050] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000800
[  176.262458][ T9050] RDX: 0000000004048043 RSI: 0000000000000000 RDI: 0000000000000000
[  176.262464][ T9050] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  176.262470][ T9050] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  176.262476][ T9050] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.262489][ T9050]  </TASK>
[  176.610140][ T9063] fuse: Bad value for 'fd'
[  177.534643][ T9080] =======================================================
[  177.534643][ T9080] WARNING: The mand mount option has been deprecated and
[  177.534643][ T9080]          and is ignored by this kernel. Remove the mand
[  177.534643][ T9080]          option from the mount to silence this warning.
[  177.534643][ T9080] =======================================================
[  177.599089][ T9082] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  178.009528][ T9097] FAULT_INJECTION: forcing a failure.
[  178.009528][ T9097] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.013615][ T9097] CPU: 1 UID: 0 PID: 9097 Comm: syz.6.725 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  178.013642][ T9097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.013649][ T9097] Call Trace:
[  178.013654][ T9097]  <TASK>
[  178.013658][ T9097]  dump_stack_lvl+0x16c/0x1f0
[  178.013675][ T9097]  should_fail_ex+0x512/0x640
[  178.013693][ T9097]  _copy_from_iter+0x29f/0x16f0
[  178.013711][ T9097]  ? __alloc_skb+0x200/0x380
[  178.013725][ T9097]  ? __pfx__copy_from_iter+0x10/0x10
[  178.013748][ T9097]  netlink_sendmsg+0x829/0xdd0
[  178.013769][ T9097]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.013785][ T9097]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  178.013800][ T9097]  ____sys_sendmsg+0xa95/0xc70
[  178.013819][ T9097]  ? __pfx_____sys_sendmsg+0x10/0x10
[  178.013835][ T9097]  ? get_compat_msghdr+0x11a/0x170
[  178.013854][ T9097]  ___sys_sendmsg+0x134/0x1d0
[  178.013868][ T9097]  ? __pfx____sys_sendmsg+0x10/0x10
[  178.013889][ T9097]  ? find_held_lock+0x2b/0x80
[  178.013909][ T9097]  __sys_sendmsg+0x16d/0x220
[  178.013923][ T9097]  ? __pfx___sys_sendmsg+0x10/0x10
[  178.013942][ T9097]  ? rcu_is_watching+0x12/0xc0
[  178.013955][ T9097]  __do_fast_syscall_32+0x7c/0x3a0
[  178.013971][ T9097]  do_fast_syscall_32+0x32/0x80
[  178.013985][ T9097]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.013999][ T9097] RIP: 0023:0xf70ce579
[  178.014008][ T9097] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.014019][ T9097] RSP: 002b:00000000f547c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  178.014029][ T9097] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800035c0
[  178.014036][ T9097] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  178.014042][ T9097] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.014048][ T9097] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.014055][ T9097] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.014068][ T9097]  </TASK>
[  178.131957][ T9096] syz.1.723: attempt to access beyond end of device
[  178.131957][ T9096] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  178.300841][ T9100] FAULT_INJECTION: forcing a failure.
[  178.300841][ T9100] name failslab, interval 1, probability 0, space 0, times 0
[  178.304826][ T9100] CPU: 2 UID: 0 PID: 9100 Comm: syz.7.728 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  178.304841][ T9100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.304848][ T9100] Call Trace:
[  178.304852][ T9100]  <TASK>
[  178.304856][ T9100]  dump_stack_lvl+0x16c/0x1f0
[  178.304873][ T9100]  should_fail_ex+0x512/0x640
[  178.304889][ T9100]  ? __kmalloc_noprof+0xbf/0x510
[  178.304904][ T9100]  ? alloc_pipe_info+0x1ec/0x590
[  178.304918][ T9100]  should_failslab+0xc2/0x120
[  178.304932][ T9100]  __kmalloc_noprof+0xd2/0x510
[  178.304946][ T9100]  ? kasan_save_track+0x14/0x30
[  178.304960][ T9100]  alloc_pipe_info+0x1ec/0x590
[  178.304975][ T9100]  splice_direct_to_actor+0x77d/0xa30
[  178.304987][ T9100]  ? __lock_acquire+0x62e/0x1ce0
[  178.305014][ T9100]  ? __pfx_direct_splice_actor+0x10/0x10
[  178.305027][ T9100]  ? __pfx_aa_file_perm+0x10/0x10
[  178.305043][ T9100]  ? find_held_lock+0x2b/0x80
[  178.305054][ T9100]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  178.305064][ T9100]  ? get_pid_task+0xfc/0x250
[  178.305083][ T9100]  do_splice_direct+0x174/0x240
[  178.305094][ T9100]  ? __pfx_do_splice_direct+0x10/0x10
[  178.305106][ T9100]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  178.305119][ T9100]  ? rw_verify_area+0xcf/0x6c0
[  178.305131][ T9100]  do_sendfile+0xb06/0xe50
[  178.305146][ T9100]  ? __pfx_do_sendfile+0x10/0x10
[  178.305157][ T9100]  ? __might_fault+0xe3/0x190
[  178.305169][ T9100]  ? __might_fault+0x13b/0x190
[  178.305185][ T9100]  __ia32_compat_sys_sendfile+0x162/0x220
[  178.305201][ T9100]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  178.305219][ T9100]  ? rcu_is_watching+0x12/0xc0
[  178.305232][ T9100]  __do_fast_syscall_32+0x7c/0x3a0
[  178.305247][ T9100]  do_fast_syscall_32+0x32/0x80
[  178.305262][ T9100]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.305275][ T9100] RIP: 0023:0xf7f21579
[  178.305284][ T9100] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.305295][ T9100] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  178.305306][ T9100] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000003
[  178.305313][ T9100] RDX: 0000000080000080 RSI: 0000000000007f03 RDI: 0000000000000000
[  178.305320][ T9100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.305326][ T9100] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.305332][ T9100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.305357][ T9100]  </TASK>
[  178.551784][ T9107] fuse: Bad value for 'fd'
[  179.171300][ T9117] overlay: Unknown parameter 'fowner<00000000000000000000'
[  180.119882][ T9125] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  180.122019][ T9125] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  180.126180][ T9125] vhci_hcd vhci_hcd.0: Device attached
[  180.141742][ T9127] vhci_hcd: connection closed
[  180.141988][ T1139] vhci_hcd: stop threads
[  180.152036][ T1139] vhci_hcd: release socket
[  180.153698][ T1139] vhci_hcd: disconnect device
[  180.273182][ T9133] FAULT_INJECTION: forcing a failure.
[  180.273182][ T9133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.280826][ T9133] CPU: 3 UID: 0 PID: 9133 Comm: syz.7.738 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  180.280853][ T9133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  180.280859][ T9133] Call Trace:
[  180.280864][ T9133]  <TASK>
[  180.280868][ T9133]  dump_stack_lvl+0x16c/0x1f0
[  180.280886][ T9133]  should_fail_ex+0x512/0x640
[  180.280903][ T9133]  _copy_to_user+0x32/0xd0
[  180.280921][ T9133]  simple_read_from_buffer+0xcb/0x170
[  180.280942][ T9133]  proc_fail_nth_read+0x197/0x240
[  180.280955][ T9133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.280967][ T9133]  ? rw_verify_area+0xcf/0x6c0
[  180.280978][ T9133]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.280990][ T9133]  vfs_read+0x1e4/0xcf0
[  180.281005][ T9133]  ? __pfx_vfs_read+0x10/0x10
[  180.281015][ T9133]  ? find_held_lock+0x2b/0x80
[  180.281030][ T9133]  ? __fget_files+0x20e/0x3c0
[  180.281041][ T9133]  ? handle_mm_fault+0x260/0xd10
[  180.281056][ T9133]  ksys_read+0x12a/0x250
[  180.281068][ T9133]  ? __pfx_ksys_read+0x10/0x10
[  180.281081][ T9133]  ? rcu_is_watching+0x12/0xc0
[  180.281094][ T9133]  __do_fast_syscall_32+0x7c/0x3a0
[  180.281111][ T9133]  do_fast_syscall_32+0x32/0x80
[  180.281125][ T9133]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  180.281139][ T9133] RIP: 0023:0xf7f21579
[  180.281148][ T9133] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  180.281158][ T9133] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  180.281169][ T9133] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[  180.281176][ T9133] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  180.281182][ T9133] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  180.281188][ T9133] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  180.281195][ T9133] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  180.281208][ T9133]  </TASK>
[  180.463842][ T9136] input: syz1 as /devices/virtual/input/input10
[  180.946446][ T9146] netlink: 'syz.7.739': attribute type 4 has an invalid length.
[  180.956185][ T9146] netlink: 'syz.7.739': attribute type 4 has an invalid length.
[  182.706245][ T9172] openvswitch: netlink: Flow actions attr not present in new flow.
[  184.272042][ T9201] fuse: Bad value for 'fd'
[  184.959670][ T9208] netlink: 44 bytes leftover after parsing attributes in process `syz.6.760'.
[  185.794808][ T9219] random: crng reseeded on system resumption
[  185.803149][ T9219] Restarting kernel threads ...
[  185.805306][ T9219] Done restarting kernel threads.
[  186.291178][ T9239] block nbd0: server does not support multiple connections per device.
[  186.300032][ T9239] block nbd0: shutting down sockets
[  186.898381][ T9247] netlink: 12 bytes leftover after parsing attributes in process `syz.6.773'.
[  187.778328][ T9258] FAULT_INJECTION: forcing a failure.
[  187.778328][ T9258] name failslab, interval 1, probability 0, space 0, times 0
[  187.782697][ T9258] CPU: 1 UID: 0 PID: 9258 Comm: syz.4.777 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  187.782713][ T9258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.782719][ T9258] Call Trace:
[  187.782724][ T9258]  <TASK>
[  187.782728][ T9258]  dump_stack_lvl+0x16c/0x1f0
[  187.782746][ T9258]  should_fail_ex+0x512/0x640
[  187.782761][ T9258]  ? __kvmalloc_node_noprof+0x124/0x620
[  187.782776][ T9258]  should_failslab+0xc2/0x120
[  187.782791][ T9258]  __kvmalloc_node_noprof+0x137/0x620
[  187.782804][ T9258]  ? simple_xattr_alloc+0x41/0xa0
[  187.782822][ T9258]  ? simple_xattr_alloc+0x41/0xa0
[  187.782836][ T9258]  simple_xattr_alloc+0x41/0xa0
[  187.782851][ T9258]  simple_xattr_set+0x3d/0x3e0
[  187.782868][ T9258]  shmem_xattr_handler_set+0x31b/0x3b0
[  187.782886][ T9258]  ? __pfx_shmem_xattr_handler_set+0x10/0x10
[  187.782901][ T9258]  __vfs_setxattr+0x175/0x1e0
[  187.782913][ T9258]  ? __pfx___vfs_setxattr+0x10/0x10
[  187.782925][ T9258]  ? apparmor_capable+0x114/0x1d0
[  187.782940][ T9258]  __vfs_setxattr_noperm+0x127/0x660
[  187.782955][ T9258]  __vfs_setxattr_locked+0x182/0x260
[  187.782970][ T9258]  vfs_setxattr+0x145/0x360
[  187.782982][ T9258]  ? lock_acquire+0x179/0x350
[  187.782998][ T9258]  ? __pfx_vfs_setxattr+0x10/0x10
[  187.783010][ T9258]  ? mnt_get_write_access+0x54/0x300
[  187.783026][ T9258]  ? mnt_get_write_access+0x54/0x300
[  187.783043][ T9258]  do_setxattr+0x145/0x180
[  187.783056][ T9258]  file_setxattr+0x139/0x1b0
[  187.783067][ T9258]  ? fdget+0x176/0x210
[  187.783079][ T9258]  path_setxattrat+0x247/0x2a0
[  187.783091][ T9258]  ? __pfx_path_setxattrat+0x10/0x10
[  187.783106][ T9258]  ? ksys_write+0x190/0x250
[  187.783130][ T9258]  ? fput+0x9b/0xd0
[  187.783146][ T9258]  ? ksys_write+0x1ac/0x250
[  187.783158][ T9258]  ? __pfx_ksys_write+0x10/0x10
[  187.783172][ T9258]  __ia32_sys_fsetxattr+0xc4/0x140
[  187.783185][ T9258]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.783199][ T9258]  __do_fast_syscall_32+0x7c/0x3a0
[  187.783215][ T9258]  do_fast_syscall_32+0x32/0x80
[  187.783229][ T9258]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.783243][ T9258] RIP: 0023:0xf7f07579
[  187.783251][ T9258] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.783262][ T9258] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 00000000000000e4
[  187.783273][ T9258] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  187.783280][ T9258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  187.783286][ T9258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.783292][ T9258] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.783299][ T9258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.783312][ T9258]  </TASK>
[  188.275089][   T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  188.425170][   T10] usb 9-1: Using ep0 maxpacket: 8
[  188.430169][   T10] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  188.433189][   T10] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  188.437870][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  188.442581][   T10] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  188.447490][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  188.451904][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  188.457123][   T10] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  188.462270][   T10] usb 9-1: config 168 interface 0 has no altsetting 0
[  188.466918][   T10] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  188.469481][   T10] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  188.474114][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  188.478111][   T10] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  188.481852][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  188.485521][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  188.489145][   T10] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  188.493316][   T10] usb 9-1: config 168 interface 0 has no altsetting 0
[  188.496547][   T10] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  188.498937][   T10] usb 9-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  188.502460][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  188.506169][   T10] usb 9-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  188.509803][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  188.513283][   T10] usb 9-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  188.516947][   T10] usb 9-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  188.521071][   T10] usb 9-1: config 168 interface 0 has no altsetting 0
[  188.526331][   T10] usb 9-1: string descriptor 0 read error: -22
[  188.528892][   T10] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  188.532372][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.544045][   T10] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  188.746325][   T29] usb 9-1: USB disconnect, device number 3
[  189.601433][ T9302] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.792'.
[  189.668854][ T9303] syz.4.792 (9303): drop_caches: 2
[  189.699967][ T9307] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  189.702352][ T9307] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  189.978616][ T9320] atomic_op ffff88804d318198 conn xmit_atomic 0000000000000000
[  190.064594][ T9321] netlink: 4 bytes leftover after parsing attributes in process `syz.4.798'.
[  190.113859][ T9317] netlink: 'syz.4.798': attribute type 10 has an invalid length.
[  190.715920][ T5334] Bluetooth: hci2: command 0x0406 tx timeout
[  190.742172][ T9338] FAULT_INJECTION: forcing a failure.
[  190.742172][ T9338] name failslab, interval 1, probability 0, space 0, times 0
[  190.746831][ T9338] CPU: 0 UID: 0 PID: 9338 Comm: syz.1.804 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  190.746847][ T9338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.746854][ T9338] Call Trace:
[  190.746858][ T9338]  <TASK>
[  190.746862][ T9338]  dump_stack_lvl+0x16c/0x1f0
[  190.746879][ T9338]  should_fail_ex+0x512/0x640
[  190.746895][ T9338]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  190.746908][ T9338]  should_failslab+0xc2/0x120
[  190.746922][ T9338]  __kmalloc_cache_noprof+0x6a/0x3e0
[  190.746934][ T9338]  ? alloc_pipe_info+0x10e/0x590
[  190.746951][ T9338]  alloc_pipe_info+0x10e/0x590
[  190.746966][ T9338]  splice_direct_to_actor+0x77d/0xa30
[  190.746979][ T9338]  ? __lock_acquire+0x62e/0x1ce0
[  190.746993][ T9338]  ? __pfx_direct_splice_actor+0x10/0x10
[  190.747005][ T9338]  ? __pfx_aa_file_perm+0x10/0x10
[  190.747021][ T9338]  ? find_held_lock+0x2b/0x80
[  190.747032][ T9338]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  190.747042][ T9338]  ? get_pid_task+0xfc/0x250
[  190.747060][ T9338]  do_splice_direct+0x174/0x240
[  190.747072][ T9338]  ? __pfx_do_splice_direct+0x10/0x10
[  190.747085][ T9338]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  190.747098][ T9338]  ? rw_verify_area+0xcf/0x6c0
[  190.747110][ T9338]  do_sendfile+0xb06/0xe50
[  190.747124][ T9338]  ? __pfx_do_sendfile+0x10/0x10
[  190.747136][ T9338]  ? __might_fault+0xe3/0x190
[  190.747147][ T9338]  ? __might_fault+0x13b/0x190
[  190.747163][ T9338]  __ia32_compat_sys_sendfile+0x162/0x220
[  190.747179][ T9338]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  190.747196][ T9338]  ? rcu_is_watching+0x12/0xc0
[  190.747210][ T9338]  __do_fast_syscall_32+0x7c/0x3a0
[  190.747226][ T9338]  do_fast_syscall_32+0x32/0x80
[  190.747240][ T9338]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.747254][ T9338] RIP: 0023:0xf703e579
[  190.747262][ T9338] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.747273][ T9338] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  190.747284][ T9338] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000000005
[  190.747291][ T9338] RDX: 00000000800000c0 RSI: 0000000080000504 RDI: 0000000000000000
[  190.747298][ T9338] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.747304][ T9338] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.747310][ T9338] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.747323][ T9338]  </TASK>
[  190.837575][ T9334] nr0: left promiscuous mode
[  190.938452][ T9345] block device autoloading is deprecated and will be removed.
[  190.995870][ T9345] md: md2 stopped.
[  191.108685][ T9357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.809'.
[  191.111563][ T9357] netlink: 'syz.1.809': attribute type 2 has an invalid length.
[  191.113950][ T9357] netlink: 36 bytes leftover after parsing attributes in process `syz.1.809'.
[  191.119295][ T9357] input: syz0 as /devices/virtual/input/input11
[  191.126312][ T9359] FAULT_INJECTION: forcing a failure.
[  191.126312][ T9359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.131577][ T9359] CPU: 3 UID: 0 PID: 9359 Comm: syz.6.810 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  191.131592][ T9359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.131599][ T9359] Call Trace:
[  191.131604][ T9359]  <TASK>
[  191.131608][ T9359]  dump_stack_lvl+0x16c/0x1f0
[  191.131625][ T9359]  should_fail_ex+0x512/0x640
[  191.131643][ T9359]  _copy_from_user+0x2e/0xd0
[  191.131660][ T9359]  kstrtouint_from_user+0xd6/0x1d0
[  191.131674][ T9359]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  191.131686][ T9359]  ? __lock_acquire+0xb97/0x1ce0
[  191.131708][ T9359]  proc_fail_nth_write+0x83/0x220
[  191.131720][ T9359]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  191.131736][ T9359]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  191.131747][ T9359]  vfs_write+0x29d/0x11d0
[  191.131762][ T9359]  ? __pfx_vfs_write+0x10/0x10
[  191.131774][ T9359]  ? find_held_lock+0x2b/0x80
[  191.131788][ T9359]  ? __fget_files+0x20e/0x3c0
[  191.131804][ T9359]  ksys_write+0x12a/0x250
[  191.131816][ T9359]  ? __pfx_ksys_write+0x10/0x10
[  191.131830][ T9359]  ? rcu_is_watching+0x12/0xc0
[  191.131843][ T9359]  __do_fast_syscall_32+0x7c/0x3a0
[  191.131859][ T9359]  do_fast_syscall_32+0x32/0x80
[  191.131873][ T9359]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.131888][ T9359] RIP: 0023:0xf70ce579
[  191.131896][ T9359] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.131907][ T9359] RSP: 002b:00000000f54be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  191.131918][ T9359] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54be620
[  191.131924][ T9359] RDX: 0000000000000001 RSI: 00000000f7434ff4 RDI: 0000000000000000
[  191.131931][ T9359] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  191.131937][ T9359] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.131944][ T9359] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.131957][ T9359]  </TASK>
[  191.239421][    C1] Unknown status report in ack skb
[  191.283667][ T9372] FAULT_INJECTION: forcing a failure.
[  191.283667][ T9372] name failslab, interval 1, probability 0, space 0, times 0
[  191.292572][ T9372] CPU: 3 UID: 0 PID: 9372 Comm: syz.1.815 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  191.292602][ T9372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  191.292609][ T9372] Call Trace:
[  191.292613][ T9372]  <TASK>
[  191.292617][ T9372]  dump_stack_lvl+0x16c/0x1f0
[  191.292640][ T9372]  should_fail_ex+0x512/0x640
[  191.292657][ T9372]  should_failslab+0xc2/0x120
[  191.292673][ T9372]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  191.292686][ T9372]  ? skb_clone+0x190/0x3f0
[  191.292703][ T9372]  skb_clone+0x190/0x3f0
[  191.292717][ T9372]  netlink_deliver_tap+0xabd/0xd30
[  191.292734][ T9372]  netlink_unicast+0x64c/0x870
[  191.292751][ T9372]  ? __pfx_netlink_unicast+0x10/0x10
[  191.292765][ T9372]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  191.292783][ T9372]  netlink_sendmsg+0x8d1/0xdd0
[  191.292800][ T9372]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.292816][ T9372]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  191.292830][ T9372]  ____sys_sendmsg+0xa95/0xc70
[  191.292850][ T9372]  ? __pfx_____sys_sendmsg+0x10/0x10
[  191.292866][ T9372]  ? get_compat_msghdr+0x11a/0x170
[  191.292886][ T9372]  ___sys_sendmsg+0x134/0x1d0
[  191.292901][ T9372]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.292921][ T9372]  ? find_held_lock+0x2b/0x80
[  191.292941][ T9372]  __sys_sendmsg+0x16d/0x220
[  191.292955][ T9372]  ? __pfx___sys_sendmsg+0x10/0x10
[  191.292975][ T9372]  ? rcu_is_watching+0x12/0xc0
[  191.292988][ T9372]  __do_fast_syscall_32+0x7c/0x3a0
[  191.293004][ T9372]  do_fast_syscall_32+0x32/0x80
[  191.293018][ T9372]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  191.293032][ T9372] RIP: 0023:0xf703e579
[  191.293040][ T9372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  191.293051][ T9372] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  191.293062][ T9372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  191.293069][ T9372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  191.293075][ T9372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  191.293081][ T9372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  191.293087][ T9372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  191.293100][ T9372]  </TASK>
[  191.293270][ T9372] netlink: 'syz.1.815': attribute type 10 has an invalid length.
[  191.355283][   T34] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  191.540879][   T34] usb 9-1: config 0 has an invalid interface number: 213 but max is 0
[  191.543909][   T34] usb 9-1: config 0 has no interface number 0
[  191.548368][   T34] usb 9-1: New USB device found, idVendor=0079, idProduct=85eb, bcdDevice=90.b7
[  191.551940][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.554883][   T34] usb 9-1: Product: syz
[  191.558516][   T34] usb 9-1: Manufacturer: syz
[  191.560321][   T34] usb 9-1: SerialNumber: syz
[  191.566572][   T34] usb 9-1: config 0 descriptor??
[  192.189440][ T9384] netlink: 24 bytes leftover after parsing attributes in process `syz.6.819'.
[  192.287538][ T9387] netlink: 'syz.7.820': attribute type 10 has an invalid length.
[  192.291372][ T9387] team0: Device ipvlan1 failed to register rx_handler
[  192.372655][ T9391] JFS: charset not found
[  192.377177][    C3] Unknown status report in ack skb
[  192.417802][ T9401] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  192.422419][ T9401] FAULT_INJECTION: forcing a failure.
[  192.422419][ T9401] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  192.428081][ T9401] CPU: 1 UID: 0 PID: 9401 Comm: syz.1.827 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  192.428113][ T9401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.428120][ T9401] Call Trace:
[  192.428124][ T9401]  <TASK>
[  192.428128][ T9401]  dump_stack_lvl+0x16c/0x1f0
[  192.428145][ T9401]  should_fail_ex+0x512/0x640
[  192.428163][ T9401]  should_fail_alloc_page+0xe7/0x130
[  192.428180][ T9401]  prepare_alloc_pages+0x3c2/0x610
[  192.428198][ T9401]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  192.428212][ T9401]  ? stack_trace_save+0x8e/0xc0
[  192.428225][ T9401]  ? __pfx_stack_trace_save+0x10/0x10
[  192.428238][ T9401]  ? stack_depot_save_flags+0x29/0x9c0
[  192.428255][ T9401]  ? kasan_save_stack+0x42/0x60
[  192.428268][ T9401]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  192.428281][ T9401]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  192.428294][ T9401]  ? __get_vm_area_node+0x1ca/0x330
[  192.428310][ T9401]  ? __vmalloc_node_noprof+0xad/0xf0
[  192.428326][ T9401]  ? copy_process+0x2c70/0x7690
[  192.428340][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.428355][ T9401]  ? kvm_mmu_post_init_vm+0x1b7/0x380
[  192.428366][ T9401]  ? kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  192.428381][ T9401]  ? kvm_vcpu_ioctl+0x5eb/0x1690
[  192.428394][ T9401]  ? kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  192.428413][ T9401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  192.428431][ T9401]  ? policy_nodemask+0xea/0x4e0
[  192.428446][ T9401]  alloc_pages_mpol+0x1fb/0x550
[  192.428461][ T9401]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  192.428480][ T9401]  alloc_pages_noprof+0x131/0x390
[  192.428495][ T9401]  get_free_pages_noprof+0x10/0xb0
[  192.428509][ T9401]  kasan_populate_vmalloc+0x89/0x1f0
[  192.428525][ T9401]  alloc_vmap_area+0x959/0x29c0
[  192.428546][ T9401]  ? __pfx_alloc_vmap_area+0x10/0x10
[  192.428566][ T9401]  __get_vm_area_node+0x1ca/0x330
[  192.428586][ T9401]  __vmalloc_node_range_noprof+0x271/0x14b0
[  192.428609][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.428624][ T9401]  ? local_lock_release+0x99/0x140
[  192.428642][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.428658][ T9401]  ? rcu_read_unlock+0x17/0x60
[  192.428674][ T9401]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  192.428691][ T9401]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[  192.428711][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.428725][ T9401]  __vmalloc_node_noprof+0xad/0xf0
[  192.428743][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.428760][ T9401]  copy_process+0x2c70/0x7690
[  192.428780][ T9401]  ? __pfx_copy_process+0x10/0x10
[  192.428795][ T9401]  ? lockdep_init_map_type+0x5c/0x280
[  192.428812][ T9401]  ? lockdep_init_map_type+0x5c/0x280
[  192.428827][ T9401]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  192.428842][ T9401]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  192.428859][ T9401]  vhost_task_create+0x1d2/0x2e0
[  192.428875][ T9401]  ? __pfx_vhost_task_create+0x10/0x10
[  192.428895][ T9401]  ? __pfx_vhost_task_fn+0x10/0x10
[  192.428917][ T9401]  kvm_mmu_post_init_vm+0x1b7/0x380
[  192.428930][ T9401]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  192.428945][ T9401]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  192.428961][ T9401]  kvm_vcpu_ioctl+0x5eb/0x1690
[  192.428977][ T9401]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  192.428991][ T9401]  ? tomoyo_path_number_perm+0x18d/0x580
[  192.429006][ T9401]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  192.429025][ T9401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  192.429041][ T9401]  ? do_vfs_ioctl+0x128/0x14f0
[  192.429059][ T9401]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  192.429082][ T9401]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  192.429097][ T9401]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  192.429111][ T9401]  ? __fget_files+0x20e/0x3c0
[  192.429125][ T9401]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  192.429152][ T9401]  __ia32_compat_sys_ioctl+0x23f/0x370
[  192.429172][ T9401]  __do_fast_syscall_32+0x7c/0x3a0
[  192.429187][ T9401]  do_fast_syscall_32+0x32/0x80
[  192.429201][ T9401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.429215][ T9401] RIP: 0023:0xf703e579
[  192.429224][ T9401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.429235][ T9401] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  192.429245][ T9401] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  192.429252][ T9401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  192.429258][ T9401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  192.429264][ T9401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.429270][ T9401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.429284][ T9401]  </TASK>
[  192.429620][ T9401] warn_alloc: 1 callbacks suppressed
[  192.429627][ T9401] syz.1.827: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  192.683031][ T9401] CPU: 0 UID: 0 PID: 9401 Comm: syz.1.827 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  192.683049][ T9401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.683056][ T9401] Call Trace:
[  192.683060][ T9401]  <TASK>
[  192.683064][ T9401]  dump_stack_lvl+0x16c/0x1f0
[  192.683082][ T9401]  warn_alloc+0x248/0x3a0
[  192.683096][ T9401]  ? __pfx_warn_alloc+0x10/0x10
[  192.683114][ T9401]  ? kfree+0x2b4/0x4d0
[  192.683146][ T9401]  ? __get_vm_area_node+0x208/0x330
[  192.683173][ T9401]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  192.683200][ T9401]  ? local_lock_release+0x99/0x140
[  192.683229][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.683251][ T9401]  ? rcu_read_unlock+0x17/0x60
[  192.683275][ T9401]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  192.683300][ T9401]  ? __memcg_slab_post_alloc_hook+0x4a0/0x960
[  192.683331][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.683353][ T9401]  __vmalloc_node_noprof+0xad/0xf0
[  192.683380][ T9401]  ? vhost_task_create+0x1d2/0x2e0
[  192.683403][ T9401]  copy_process+0x2c70/0x7690
[  192.683437][ T9401]  ? __pfx_copy_process+0x10/0x10
[  192.683462][ T9401]  ? lockdep_init_map_type+0x5c/0x280
[  192.683486][ T9401]  ? lockdep_init_map_type+0x5c/0x280
[  192.683509][ T9401]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  192.683531][ T9401]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  192.683558][ T9401]  vhost_task_create+0x1d2/0x2e0
[  192.683582][ T9401]  ? __pfx_vhost_task_create+0x10/0x10
[  192.683613][ T9401]  ? __pfx_vhost_task_fn+0x10/0x10
[  192.683653][ T9401]  kvm_mmu_post_init_vm+0x1b7/0x380
[  192.683674][ T9401]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  192.683698][ T9401]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  192.683724][ T9401]  kvm_vcpu_ioctl+0x5eb/0x1690
[  192.683749][ T9401]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  192.683770][ T9401]  ? tomoyo_path_number_perm+0x18d/0x580
[  192.683794][ T9401]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  192.683822][ T9401]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  192.683845][ T9401]  ? do_vfs_ioctl+0x128/0x14f0
[  192.683862][ T9401]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  192.683885][ T9401]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  192.683901][ T9401]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  192.683916][ T9401]  ? __fget_files+0x20e/0x3c0
[  192.683930][ T9401]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  192.683946][ T9401]  __ia32_compat_sys_ioctl+0x23f/0x370
[  192.683965][ T9401]  __do_fast_syscall_32+0x7c/0x3a0
[  192.683982][ T9401]  do_fast_syscall_32+0x32/0x80
[  192.683996][ T9401]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.684010][ T9401] RIP: 0023:0xf703e579
[  192.684020][ T9401] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.684030][ T9401] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  192.684042][ T9401] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  192.684048][ T9401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  192.684055][ T9401] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  192.684076][ T9401] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.684082][ T9401] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.684123][ T9401]  </TASK>
[  192.684206][ T9401] Mem-Info:
[  192.812004][ T9401] active_anon:865 inactive_anon:6921 isolated_anon:0
[  192.812004][ T9401]  active_file:5078 inactive_file:7101 isolated_file:0
[  192.812004][ T9401]  unevictable:1768 dirty:657 writeback:0
[  192.812004][ T9401]  slab_reclaimable:6380 slab_unreclaimable:57557
[  192.812004][ T9401]  mapped:26579 shmem:2310 pagetables:1533
[  192.812004][ T9401]  sec_pagetables:315 bounce:0
[  192.812004][ T9401]  kernel_misc_reclaimable:0
[  192.812004][ T9401]  free:81248 free_pcp:9747 free_cma:0
[  192.829352][ T9401] Node 0 active_anon:2780kB inactive_anon:324kB active_file:528kB inactive_file:324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2488kB dirty:116kB writeback:0kB shmem:3548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8780kB pagetables:1996kB sec_pagetables:1148kB all_unreclaimable? no Balloon:0kB
[  192.846800][ T9401] Node 1 active_anon:680kB inactive_anon:27360kB active_file:19784kB inactive_file:28080kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:103928kB dirty:2512kB writeback:0kB shmem:5692kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5712kB pagetables:4136kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  192.860002][ T9401] Node 0 
[  192.861427][ T9409] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  192.863041][ T9401] DMA free:2480kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:8kB active_file:128kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:212kB local_pcp:0kB free_cma:0kB
[  192.865800][ T9409] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  192.878115][ T9401] lowmem_reserve[]: 0 288 288 288 288
[  192.882363][ T9401] Node 0 DMA32 free:21260kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1364KB active_anon:2804kB inactive_anon:316kB active_file:400kB inactive_file:324kB unevictable:3536kB writepending:116kB present:1032196kB managed:295164kB mlocked:0kB bounce:0kB free_pcp:11528kB local_pcp:2604kB free_cma:0kB
[  192.894626][ T9401] lowmem_reserve[]: 0 0 0 0 0
[  192.896766][ T9401] Node 1 DMA32 free:301252kB boost:6144kB min:53284kB low:65068kB high:76852kB reserved_highatomic:4096KB free_highatomic:4016KB active_anon:676kB inactive_anon:27360kB active_file:19784kB inactive_file:28080kB unevictable:3536kB writepending:2540kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:26948kB local_pcp:856kB free_cma:0kB
[  192.909668][ T9401] lowmem_reserve[]: 0 0 0 0 0
[  192.911245][ T9401] Node 0 DMA: 46*4kB (UM) 21*8kB (UM) 15*16kB (UM) 5*32kB (UM) 5*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2480kB
[  192.915747][ T9409] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  192.916260][ T9401] Node 0 DMA32: 98*4kB (UMEH) 284*8kB (UMEH) 151*16kB (UMEH) 106*32kB (UMEH) 27*64kB (MEH) 30*128kB (UMEH) 22*256kB (UMH) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 21208kB
[  192.918338][ T9409] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  192.923287][ T9401] Node 1 DMA32: 177*4kB (UMEH) 648*8kB (UEH) 764*16kB (UMEH) 870*32kB (UMEH) 429*64kB (UMEH) 158*128kB (UME) 117*256kB (UMEH) 51*512kB (UMH) 30*1024kB (UMH) 23*2048kB (UMH) 18*4096kB (UM) = 301252kB
[  192.931350][ T9401] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  192.935137][ T9401] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  192.936778][ T9409] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  192.938600][ T9401] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  192.941641][ T9409] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  192.943453][ T9401] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  192.943465][ T9401] 14707 total pagecache pages
[  192.943469][ T9401] 222 pages in swap cache
[  192.943473][ T9401] Free swap  = 119244kB
[  192.943477][ T9401] Total swap = 124996kB
[  192.943483][ T9401] 524155 pages RAM
[  192.943486][ T9401] 0 pages HighMem/MovableOnly
[  192.943490][ T9401] 209469 pages reserved
[  192.943494][ T9401] 0 pages cma reserved
[  192.961743][ T9409] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  192.965834][ T9409] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  192.968270][ T9409] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  192.973359][ T9409] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  192.977368][ T9409] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  193.268751][   T34] IPVS: starting estimator thread 0...
[  193.269480][ T9420] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  193.305668][ T9423] FAULT_INJECTION: forcing a failure.
[  193.305668][ T9423] name failslab, interval 1, probability 0, space 0, times 0
[  193.309571][ T9423] CPU: 0 UID: 0 PID: 9423 Comm: syz.7.830 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  193.309588][ T9423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.309595][ T9423] Call Trace:
[  193.309599][ T9423]  <TASK>
[  193.309603][ T9423]  dump_stack_lvl+0x16c/0x1f0
[  193.309621][ T9423]  should_fail_ex+0x512/0x640
[  193.309637][ T9423]  ? __kmalloc_noprof+0xbf/0x510
[  193.309651][ T9423]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  193.309669][ T9423]  should_failslab+0xc2/0x120
[  193.309685][ T9423]  __kmalloc_noprof+0xd2/0x510
[  193.309696][ T9423]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.309712][ T9423]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  193.309733][ T9423]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  193.309750][ T9423]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  193.309771][ T9423]  ? bpf_lsm_capable+0x9/0x10
[  193.309782][ T9423]  ? security_capable+0x7e/0x260
[  193.309794][ T9423]  ? ns_capable+0xd7/0x110
[  193.309807][ T9423]  genl_rcv_msg+0x55c/0x800
[  193.309825][ T9423]  ? __pfx_genl_rcv_msg+0x10/0x10
[  193.309841][ T9423]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  193.309860][ T9423]  netlink_rcv_skb+0x158/0x420
[  193.309874][ T9423]  ? __pfx_genl_rcv_msg+0x10/0x10
[  193.309891][ T9423]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  193.309911][ T9423]  ? netlink_deliver_tap+0x1ae/0xd30
[  193.309927][ T9423]  genl_rcv+0x28/0x40
[  193.309954][ T9423]  netlink_unicast+0x5a7/0x870
[  193.309970][ T9423]  ? __pfx_netlink_unicast+0x10/0x10
[  193.309985][ T9423]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  193.310003][ T9423]  netlink_sendmsg+0x8d1/0xdd0
[  193.310020][ T9423]  ? __pfx_netlink_sendmsg+0x10/0x10
[  193.310036][ T9423]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  193.310050][ T9423]  ____sys_sendmsg+0xa95/0xc70
[  193.310068][ T9423]  ? __pfx_____sys_sendmsg+0x10/0x10
[  193.310084][ T9423]  ? get_compat_msghdr+0x11a/0x170
[  193.310104][ T9423]  ___sys_sendmsg+0x134/0x1d0
[  193.310118][ T9423]  ? __pfx____sys_sendmsg+0x10/0x10
[  193.310139][ T9423]  ? find_held_lock+0x2b/0x80
[  193.310159][ T9423]  __sys_sendmsg+0x16d/0x220
[  193.310173][ T9423]  ? __pfx___sys_sendmsg+0x10/0x10
[  193.310193][ T9423]  ? rcu_is_watching+0x12/0xc0
[  193.310207][ T9423]  __do_fast_syscall_32+0x7c/0x3a0
[  193.310223][ T9423]  do_fast_syscall_32+0x32/0x80
[  193.310237][ T9423]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.310251][ T9423] RIP: 0023:0xf7f21579
[  193.310260][ T9423] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.310271][ T9423] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  193.310284][ T9423] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  193.310291][ T9423] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  193.310297][ T9423] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.310303][ T9423] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.310310][ T9423] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.310323][ T9423]  </TASK>
[  193.445153][ T9421] IPVS: using max 44 ests per chain, 105600 per kthread
[  193.656137][ T9437] FAULT_INJECTION: forcing a failure.
[  193.656137][ T9437] name failslab, interval 1, probability 0, space 0, times 0
[  193.660164][ T9437] CPU: 1 UID: 0 PID: 9437 Comm: syz.1.831 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  193.660180][ T9437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.660187][ T9437] Call Trace:
[  193.660191][ T9437]  <TASK>
[  193.660196][ T9437]  dump_stack_lvl+0x16c/0x1f0
[  193.660213][ T9437]  should_fail_ex+0x512/0x640
[  193.660229][ T9437]  ? __kmalloc_noprof+0xbf/0x510
[  193.660243][ T9437]  ? lsm_blob_alloc+0x68/0x90
[  193.660259][ T9437]  should_failslab+0xc2/0x120
[  193.660273][ T9437]  __kmalloc_noprof+0xd2/0x510
[  193.660286][ T9437]  ? __pfx_perf_event_init_task+0x10/0x10
[  193.660303][ T9437]  ? audit_alloc+0xa2/0x7b0
[  193.660313][ T9437]  ? __pfx_audit_alloc+0x10/0x10
[  193.660324][ T9437]  lsm_blob_alloc+0x68/0x90
[  193.660341][ T9437]  security_task_alloc+0x2d/0x260
[  193.660357][ T9437]  copy_process+0x2205/0x7690
[  193.660390][ T9437]  ? __pfx_copy_process+0x10/0x10
[  193.660411][ T9437]  kernel_clone+0xfc/0x930
[  193.660426][ T9437]  ? __pfx_kernel_clone+0x10/0x10
[  193.660444][ T9437]  ? __mutex_unlock_slowpath+0x163/0x800
[  193.660460][ T9437]  __do_compat_sys_ia32_clone+0xcb/0x110
[  193.660477][ T9437]  ? __pfx___do_compat_sys_ia32_clone+0x10/0x10
[  193.660498][ T9437]  ? ksys_write+0x1ac/0x250
[  193.660511][ T9437]  ? __pfx_ksys_write+0x10/0x10
[  193.660524][ T9437]  ? rcu_is_watching+0x12/0xc0
[  193.660538][ T9437]  __do_fast_syscall_32+0x7c/0x3a0
[  193.660553][ T9437]  do_fast_syscall_32+0x32/0x80
[  193.660571][ T9437]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.660586][ T9437] RIP: 0023:0xf703e579
[  193.660594][ T9437] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.660605][ T9437] RSP: 002b:00000000f53ec50c EFLAGS: 00000202 ORIG_RAX: 0000000000000078
[  193.660616][ T9437] RAX: ffffffffffffffda RBX: 0000000082001000 RCX: 0000000000000000
[  193.660623][ T9437] RDX: 00000000ffffffff RSI: 0000000000000000 RDI: 0000000000000000
[  193.660629][ T9437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.660635][ T9437] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.660642][ T9437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.660655][ T9437]  </TASK>
[  193.750159][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  193.752229][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  193.960785][ T6036] usb 9-1: USB disconnect, device number 4
[  194.758032][ T9460] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  194.786541][ T9460] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.789818][ T9460] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.865204][ T5977] Bluetooth: hci0: command 0x0406 tx timeout
[  194.945101][ T5977] Bluetooth: hci2: command 0x0406 tx timeout
[  194.945271][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout
[  195.025167][ T5334] Bluetooth: hci1: command 0x0405 tx timeout
[  195.714257][ T9472] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  196.032996][ T9489] FAULT_INJECTION: forcing a failure.
[  196.032996][ T9489] name failslab, interval 1, probability 0, space 0, times 0
[  196.038320][ T9489] CPU: 3 UID: 0 PID: 9489 Comm: syz.1.850 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  196.038339][ T9489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.038347][ T9489] Call Trace:
[  196.038350][ T9489]  <TASK>
[  196.038355][ T9489]  dump_stack_lvl+0x16c/0x1f0
[  196.038384][ T9489]  should_fail_ex+0x512/0x640
[  196.038400][ T9489]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  196.038413][ T9489]  should_failslab+0xc2/0x120
[  196.038428][ T9489]  __kmalloc_cache_noprof+0x6a/0x3e0
[  196.038438][ T9489]  ? do_raw_spin_lock+0x12c/0x2b0
[  196.038454][ T9489]  ? find_held_lock+0x2b/0x80
[  196.038464][ T9489]  ? create_io_worker+0xc9/0x5b0
[  196.038477][ T9489]  ? create_io_worker+0x1f/0x5b0
[  196.038487][ T9489]  create_io_worker+0xc9/0x5b0
[  196.038499][ T9489]  io_wq_enqueue+0x4cc/0x980
[  196.038511][ T9489]  ? __pfx_io_wq_enqueue+0x10/0x10
[  196.038522][ T9489]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  196.038540][ T9489]  ? io_prep_async_work+0x654/0x770
[  196.038561][ T9489]  io_queue_iowq+0x246/0x530
[  196.038573][ T9489]  io_req_task_submit+0x142/0x1f0
[  196.038587][ T9489]  io_poll_task_func+0x90d/0x1130
[  196.038602][ T9489]  ? __pfx_snd_rawmidi_poll+0x10/0x10
[  196.038615][ T9489]  ? __pfx_io_poll_task_func+0x10/0x10
[  196.038629][ T9489]  ? find_held_lock+0x2b/0x80
[  196.038640][ T9489]  ? io_handle_tw_list+0x112/0x500
[  196.038652][ T9489]  ? __pfx_io_poll_task_func+0x10/0x10
[  196.038666][ T9489]  io_handle_tw_list+0x155/0x500
[  196.038680][ T9489]  ? __pfx_io_handle_tw_list+0x10/0x10
[  196.038691][ T9489]  ? inotify_read+0x6b0/0x8e0
[  196.038709][ T9489]  tctx_task_work_run+0xac/0x380
[  196.038722][ T9489]  tctx_task_work+0x7a/0xd0
[  196.038734][ T9489]  ? __pfx_tctx_task_work+0x10/0x10
[  196.038745][ T9489]  ? rcu_is_watching+0x12/0xc0
[  196.038757][ T9489]  ? _raw_spin_unlock_irq+0x23/0x50
[  196.038769][ T9489]  ? lockdep_hardirqs_on+0x7c/0x110
[  196.038782][ T9489]  task_work_run+0x150/0x240
[  196.038800][ T9489]  ? __pfx_task_work_run+0x10/0x10
[  196.038818][ T9489]  ? vfs_readv+0x3c6/0x8b0
[  196.038832][ T9489]  get_signal+0x1d1/0x26d0
[  196.038850][ T9489]  ? __pfx_get_signal+0x10/0x10
[  196.038867][ T9489]  arch_do_signal_or_restart+0x8f/0x790
[  196.038881][ T9489]  ? __fget_files+0x20e/0x3c0
[  196.038892][ T9489]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  196.038911][ T9489]  ? __pfx_do_readv+0x10/0x10
[  196.038921][ T9489]  ? syscall_user_dispatch+0x78/0x140
[  196.038941][ T9489]  exit_to_user_mode_loop+0x84/0x110
[  196.038958][ T9489]  do_int80_emulation+0x352/0x460
[  196.038973][ T9489]  asm_int80_emulation+0x1a/0x20
[  196.038984][ T9489] RIP: 0023:0xf703e579
[  196.038993][ T9489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.039003][ T9489] RSP: 002b:00000000f540d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000091
[  196.039014][ T9489] RAX: fffffffffffffe00 RBX: 0000000000000008 RCX: 0000000080000140
[  196.039020][ T9489] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  196.039027][ T9489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.039033][ T9489] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  196.039039][ T9489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.039052][ T9489]  </TASK>
[  196.652223][ T9510] FAULT_INJECTION: forcing a failure.
[  196.652223][ T9510] name failslab, interval 1, probability 0, space 0, times 0
[  196.657085][ T9510] CPU: 0 UID: 0 PID: 9510 Comm: syz.4.854 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  196.657101][ T9510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.657108][ T9510] Call Trace:
[  196.657112][ T9510]  <TASK>
[  196.657116][ T9510]  dump_stack_lvl+0x16c/0x1f0
[  196.657134][ T9510]  should_fail_ex+0x512/0x640
[  196.657150][ T9510]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  196.657165][ T9510]  should_failslab+0xc2/0x120
[  196.657180][ T9510]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  196.657193][ T9510]  ? find_held_lock+0x2b/0x80
[  196.657203][ T9510]  ? __alloc_skb+0x2b2/0x380
[  196.657218][ T9510]  __alloc_skb+0x2b2/0x380
[  196.657242][ T9510]  ? __pfx___alloc_skb+0x10/0x10
[  196.657258][ T9510]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  196.657276][ T9510]  netlink_alloc_large_skb+0x69/0x130
[  196.657295][ T9510]  netlink_sendmsg+0x6a1/0xdd0
[  196.657312][ T9510]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.657329][ T9510]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  196.657343][ T9510]  sock_write_iter+0x4ff/0x5b0
[  196.657361][ T9510]  ? __pfx_sock_write_iter+0x10/0x10
[  196.657382][ T9510]  ? bpf_lsm_file_permission+0x9/0x10
[  196.657398][ T9510]  ? security_file_permission+0x71/0x210
[  196.657413][ T9510]  ? rw_verify_area+0xcf/0x6c0
[  196.657427][ T9510]  vfs_write+0x7d0/0x11d0
[  196.657440][ T9510]  ? __pfx_sock_write_iter+0x10/0x10
[  196.657458][ T9510]  ? __pfx_vfs_write+0x10/0x10
[  196.657470][ T9510]  ? find_held_lock+0x2b/0x80
[  196.657488][ T9510]  ksys_write+0x1f8/0x250
[  196.657501][ T9510]  ? __pfx_ksys_write+0x10/0x10
[  196.657514][ T9510]  ? rcu_is_watching+0x12/0xc0
[  196.657527][ T9510]  __do_fast_syscall_32+0x7c/0x3a0
[  196.657543][ T9510]  do_fast_syscall_32+0x32/0x80
[  196.657557][ T9510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.657571][ T9510] RIP: 0023:0xf7f07579
[  196.657580][ T9510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.657591][ T9510] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  196.657601][ T9510] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  196.657608][ T9510] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000
[  196.657614][ T9510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.657620][ T9510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  196.657626][ T9510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.657639][ T9510]  </TASK>
[  196.945882][ T5334] Bluetooth: hci0: command 0x0406 tx timeout
[  197.025130][ T5977] Bluetooth: hci2: command 0x0406 tx timeout
[  197.027111][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout
[  197.105173][ T5334] Bluetooth: hci1: command 0x0405 tx timeout
[  197.239023][ T9533] netlink: 4 bytes leftover after parsing attributes in process `syz.7.861'.
[  197.256417][ T9533] vlan2: entered promiscuous mode
[  197.258328][ T9533] vlan2: entered allmulticast mode
[  197.260079][ T9533] hsr_slave_1: entered allmulticast mode
[  197.275823][ T9533] FAULT_INJECTION: forcing a failure.
[  197.275823][ T9533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.283688][ T9533] CPU: 2 UID: 0 PID: 9533 Comm: syz.7.861 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  197.283706][ T9533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.283713][ T9533] Call Trace:
[  197.283717][ T9533]  <TASK>
[  197.283722][ T9533]  dump_stack_lvl+0x16c/0x1f0
[  197.283739][ T9533]  should_fail_ex+0x512/0x640
[  197.283757][ T9533]  _copy_from_user+0x2e/0xd0
[  197.283775][ T9533]  get_compat_msghdr+0xa7/0x170
[  197.283789][ T9533]  ? __pfx_get_compat_msghdr+0x10/0x10
[  197.283806][ T9533]  ___sys_sendmsg+0x1ae/0x1d0
[  197.283821][ T9533]  ? __pfx____sys_sendmsg+0x10/0x10
[  197.283843][ T9533]  ? find_held_lock+0x2b/0x80
[  197.283863][ T9533]  __sys_sendmsg+0x16d/0x220
[  197.283877][ T9533]  ? __pfx___sys_sendmsg+0x10/0x10
[  197.283897][ T9533]  ? rcu_is_watching+0x12/0xc0
[  197.283910][ T9533]  __do_fast_syscall_32+0x7c/0x3a0
[  197.283926][ T9533]  do_fast_syscall_32+0x32/0x80
[  197.283940][ T9533]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  197.283954][ T9533] RIP: 0023:0xf7f21579
[  197.283962][ T9533] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  197.283974][ T9533] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  197.283985][ T9533] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000200
[  197.283992][ T9533] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  197.283998][ T9533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  197.284004][ T9533] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  197.284010][ T9533] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  197.284023][ T9533]  </TASK>
[  197.741301][ T9537] netlink: 252 bytes leftover after parsing attributes in process `syz.1.862'.
[  197.785509][ T8251] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  197.827209][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.863'.
[  197.843919][ T9539] vlan1: entered promiscuous mode
[  197.845801][ T9539] vlan1: entered allmulticast mode
[  197.847426][ T9539] hsr_slave_1: entered allmulticast mode
[  197.860604][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.1.863'.
[  197.908940][ T9541] netlink: 4 bytes leftover after parsing attributes in process `syz.6.864'.
[  197.983534][ T9548] netlink: 4 bytes leftover after parsing attributes in process `syz.6.864'.
[  198.012375][ T9550] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  198.099110][ T9548] hsr_slave_1 (unregistering): left promiscuous mode
[  198.566144][ T9559] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  198.569131][ T9559] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.571521][ T9559] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  198.573902][ T9559] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  200.554428][ T5334] Bluetooth: hci0: command 0x0406 tx timeout
[  200.653396][ T5334] Bluetooth: hci1: command 0x0405 tx timeout
[  200.655883][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout
[  200.657862][ T5334] Bluetooth: hci2: command 0x0406 tx timeout
[  202.492039][ T9622] block device autoloading is deprecated and will be removed.
[  202.605382][ T9622] md: md2 stopped.
[  202.705122][ T5977] Bluetooth: hci1: command 0x0405 tx timeout
[  203.650426][ T9635] atomic_op ffff888071211198 conn xmit_atomic 0000000000000000
[  204.381348][ T9647] netlink: 4 bytes leftover after parsing attributes in process `syz.1.890'.
[  204.450248][ T9649] netlink: 'syz.4.891': attribute type 11 has an invalid length.
[  204.456708][ T9645] netlink: 'syz.1.890': attribute type 10 has an invalid length.
[  204.463477][ T9649] ISOFS: Unable to identify CD-ROM format.
[  205.539747][ T9652] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  205.542381][ T9652] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  205.544905][ T9652] vhci_hcd vhci_hcd.0: Device attached
[  205.561331][ T9667] vhci_hcd: connection closed
[  205.563058][ T1146] vhci_hcd: stop threads
[  205.566661][ T1146] vhci_hcd: release socket
[  205.568068][ T1146] vhci_hcd: disconnect device
[  208.746414][ T9724] block nbd0: server does not support multiple connections per device.
[  208.751143][ T9724] block nbd0: shutting down sockets
[  208.809152][ T9723] /dev/sr0: Can't open blockdev
[  208.813920][ T9725] gfs2: gfs2 mount does not exist
[  208.958956][ T9719] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  208.961043][ T9719] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  208.966399][ T9719] vhci_hcd vhci_hcd.0: Device attached
[  208.985312][ T9729] vhci_hcd: connection closed
[  209.002320][   T13] vhci_hcd: stop threads
[  209.071557][   T13] vhci_hcd: release socket
[  209.177496][   T13] vhci_hcd: disconnect device
[  209.205069][ T6055] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  209.988429][ T9739] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  210.000502][ T9742] netlink: 'syz.6.918': attribute type 2 has an invalid length.
[  211.076164][ T9770] netlink: 'syz.1.926': attribute type 11 has an invalid length.
[  211.100358][ T9770] ISOFS: Unable to identify CD-ROM format.
[  211.139088][ T9770] netlink: 332 bytes leftover after parsing attributes in process `syz.1.926'.
[  214.295278][ T6055] vhci_hcd: vhci_device speed not set
[  214.350183][ T9814] block device autoloading is deprecated and will be removed.
[  214.410143][ T9814] md: md2 stopped.
[  216.774792][ T9868] block device autoloading is deprecated and will be removed.
[  216.840980][ T9868] md: md2 stopped.
[  217.511005][ T9883] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  217.513325][ T9883] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  217.516341][ T9883] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  217.518678][ T9883] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.653556][ T9917] netlink: 'syz.6.974': attribute type 11 has an invalid length.
[  218.661711][ T9918] block device autoloading is deprecated and will be removed.
[  218.683006][ T9917] ISOFS: Unable to identify CD-ROM format.
[  218.713352][ T9919] md: md2 stopped.
[  218.728064][ T9917] netlink: 332 bytes leftover after parsing attributes in process `syz.6.974'.
[  219.425876][ T5977] Bluetooth: hci0: command 0x0406 tx timeout
[  219.476287][ T9933] FAULT_INJECTION: forcing a failure.
[  219.476287][ T9933] name failslab, interval 1, probability 0, space 0, times 0
[  219.480183][ T9933] CPU: 1 UID: 0 PID: 9933 Comm: syz.7.979 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  219.480199][ T9933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  219.480205][ T9933] Call Trace:
[  219.480209][ T9933]  <TASK>
[  219.480214][ T9933]  dump_stack_lvl+0x16c/0x1f0
[  219.480231][ T9933]  should_fail_ex+0x512/0x640
[  219.480246][ T9933]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  219.480259][ T9933]  should_failslab+0xc2/0x120
[  219.480274][ T9933]  __kmalloc_cache_noprof+0x6a/0x3e0
[  219.480284][ T9933]  ? __pfx___mutex_trylock_common+0x10/0x10
[  219.480300][ T9933]  ? fuse_lookup_name+0x19f/0x780
[  219.480319][ T9933]  fuse_lookup_name+0x19f/0x780
[  219.480336][ T9933]  ? __mutex_lock+0x1c4/0x10b0
[  219.480350][ T9933]  ? __pfx_fuse_lookup_name+0x10/0x10
[  219.480371][ T9933]  ? __lock_acquire+0x62e/0x1ce0
[  219.480404][ T9933]  ? find_held_lock+0x2b/0x80
[  219.480423][ T9933]  fuse_lookup+0x26a/0x560
[  219.480447][ T9933]  ? __pfx_fuse_lookup+0x10/0x10
[  219.480472][ T9933]  ? do_raw_spin_unlock+0x172/0x230
[  219.480489][ T9933]  ? _raw_spin_unlock+0x28/0x50
[  219.480503][ T9933]  lookup_one_qstr_excl+0x1ce/0x250
[  219.480520][ T9933]  ? mnt_want_write+0x161/0x450
[  219.480531][ T9933]  do_unlinkat+0x284/0x6a0
[  219.480545][ T9933]  ? __pfx_do_unlinkat+0x10/0x10
[  219.480560][ T9933]  ? strncpy_from_user+0x203/0x2e0
[  219.480575][ T9933]  ? getname_flags.part.0+0x1c5/0x550
[  219.480591][ T9933]  ? __pfx_ksys_write+0x10/0x10
[  219.480606][ T9933]  __ia32_sys_unlinkat+0xbf/0x130
[  219.480620][ T9933]  __do_fast_syscall_32+0x7c/0x3a0
[  219.480636][ T9933]  do_fast_syscall_32+0x32/0x80
[  219.480650][ T9933]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  219.480665][ T9933] RIP: 0023:0xf7f21579
[  219.480674][ T9933] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  219.480684][ T9933] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 000000000000012d
[  219.480695][ T9933] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[  219.480702][ T9933] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  219.480708][ T9933] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  219.480714][ T9933] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  219.480720][ T9933] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  219.480733][ T9933]  </TASK>
[  219.585223][ T5977] Bluetooth: hci1: command 0x0405 tx timeout
[  219.585269][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout
[  219.585995][ T5983] Bluetooth: hci2: command 0x0406 tx timeout
[  220.766525][ T9960] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  220.792636][ T9963] fuse: Bad value for 'fd'
[  221.039456][ T9969] FAULT_INJECTION: forcing a failure.
[  221.039456][ T9969] name failslab, interval 1, probability 0, space 0, times 0
[  221.043439][ T9969] CPU: 1 UID: 0 PID: 9969 Comm: syz.7.989 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  221.043454][ T9969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.043461][ T9969] Call Trace:
[  221.043465][ T9969]  <TASK>
[  221.043470][ T9969]  dump_stack_lvl+0x16c/0x1f0
[  221.043487][ T9969]  should_fail_ex+0x512/0x640
[  221.043503][ T9969]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  221.043519][ T9969]  should_failslab+0xc2/0x120
[  221.043534][ T9969]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  221.043547][ T9969]  ? __d_alloc+0x32/0xae0
[  221.043562][ T9969]  __d_alloc+0x32/0xae0
[  221.043577][ T9969]  d_alloc_pseudo+0x1c/0xc0
[  221.043593][ T9969]  alloc_file_pseudo+0xcf/0x230
[  221.043611][ T9969]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  221.043628][ T9969]  ? _raw_spin_unlock+0x28/0x50
[  221.043639][ T9969]  ? alloc_fd+0x471/0x7d0
[  221.043651][ T9969]  __anon_inode_getfile+0xe8/0x280
[  221.043667][ T9969]  anon_inode_getfd+0x52/0xb0
[  221.043681][ T9969]  __ia32_sys_fsopen+0x18f/0x240
[  221.043697][ T9969]  __do_fast_syscall_32+0x7c/0x3a0
[  221.043713][ T9969]  do_fast_syscall_32+0x32/0x80
[  221.043727][ T9969]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.043741][ T9969] RIP: 0023:0xf7f21579
[  221.043749][ T9969] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.043761][ T9969] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 00000000000001ae
[  221.043772][ T9969] RAX: ffffffffffffffda RBX: 0000000080000140 RCX: 0000000000000000
[  221.043778][ T9969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.043785][ T9969] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.043791][ T9969] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.043797][ T9969] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.043809][ T9969]  </TASK>
[  221.124002][ T9970] block device autoloading is deprecated and will be removed.
[  221.184660][ T9970] md: md2 stopped.
[  221.582540][ T9986] netlink: 8 bytes leftover after parsing attributes in process `syz.6.995'.
[  221.657168][ T9992] FAULT_INJECTION: forcing a failure.
[  221.657168][ T9992] name failslab, interval 1, probability 0, space 0, times 0
[  221.661228][ T9992] CPU: 3 UID: 0 PID: 9992 Comm: syz.1.997 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  221.661245][ T9992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.661251][ T9992] Call Trace:
[  221.661255][ T9992]  <TASK>
[  221.661260][ T9992]  dump_stack_lvl+0x16c/0x1f0
[  221.661277][ T9992]  should_fail_ex+0x512/0x640
[  221.661292][ T9992]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  221.661305][ T9992]  should_failslab+0xc2/0x120
[  221.661320][ T9992]  __kmalloc_cache_noprof+0x6a/0x3e0
[  221.661331][ T9992]  ? tcf_chain_create+0x98/0x370
[  221.661346][ T9992]  tcf_chain_create+0x98/0x370
[  221.661358][ T9992]  __tcf_chain_get+0x153/0x1b0
[  221.661373][ T9992]  tc_new_tfilter+0x6ed/0x2340
[  221.661396][ T9992]  ? __pfx_tc_new_tfilter+0x10/0x10
[  221.661412][ T9992]  ? stack_trace_save+0x8e/0xc0
[  221.661428][ T9992]  ? __lock_acquire+0x62e/0x1ce0
[  221.661450][ T9992]  ? find_held_lock+0x2b/0x80
[  221.661461][ T9992]  ? __pfx_tc_new_tfilter+0x10/0x10
[  221.661474][ T9992]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  221.661490][ T9992]  ? __pfx_tc_new_tfilter+0x10/0x10
[  221.661506][ T9992]  rtnetlink_rcv_msg+0x95b/0xe90
[  221.661522][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  221.661540][ T9992]  ? ref_tracker_free+0x37c/0x830
[  221.661558][ T9992]  netlink_rcv_skb+0x158/0x420
[  221.661572][ T9992]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  221.661588][ T9992]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  221.661607][ T9992]  ? netlink_deliver_tap+0x1ae/0xd30
[  221.661624][ T9992]  netlink_unicast+0x5a7/0x870
[  221.661640][ T9992]  ? __pfx_netlink_unicast+0x10/0x10
[  221.661654][ T9992]  ? __pfx___might_resched+0x10/0x10
[  221.661670][ T9992]  netlink_sendmsg+0x8d1/0xdd0
[  221.661686][ T9992]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.661702][ T9992]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  221.661717][ T9992]  ____sys_sendmsg+0xa95/0xc70
[  221.661735][ T9992]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.661751][ T9992]  ? get_compat_msghdr+0x11a/0x170
[  221.661770][ T9992]  ___sys_sendmsg+0x134/0x1d0
[  221.661785][ T9992]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.661805][ T9992]  ? find_held_lock+0x2b/0x80
[  221.661824][ T9992]  __sys_sendmsg+0x16d/0x220
[  221.661838][ T9992]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.661858][ T9992]  ? rcu_is_watching+0x12/0xc0
[  221.661871][ T9992]  __do_fast_syscall_32+0x7c/0x3a0
[  221.661886][ T9992]  do_fast_syscall_32+0x32/0x80
[  221.661900][ T9992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.661914][ T9992] RIP: 0023:0xf703e579
[  221.661927][ T9992] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.661943][ T9992] RSP: 002b:00000000f542e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  221.661954][ T9992] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000580
[  221.661961][ T9992] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 0000000000000000
[  221.661967][ T9992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.661973][ T9992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.661979][ T9992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.661992][ T9992]  </TASK>
[  221.740179][ T9995] block device autoloading is deprecated and will be removed.
[  221.819750][ T9995] md: md2 stopped.
[  222.121992][T10023] fuse: Bad value for 'fd'
[  222.372017][T10033] block device autoloading is deprecated and will be removed.
[  222.435388][T10033] md: md2 stopped.
[  222.634185][T10038] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[  222.636305][T10038] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  222.639687][T10038] vhci_hcd vhci_hcd.0: Device attached
[  222.815132][ T6055] vhci_hcd: vhci_device speed not set
[  222.875111][ T6055] usb 51-1: new low-speed USB device number 2 using vhci_hcd
[  222.960047][T10039] vhci_hcd: connection reset by peer
[  222.969262][ T1139] vhci_hcd: stop threads
[  222.970638][ T1139] vhci_hcd: release socket
[  222.972048][ T1139] vhci_hcd: disconnect device
[  223.921111][T10067] block device autoloading is deprecated and will be removed.
[  223.975137][   T34] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  223.980459][T10067] md: md2 stopped.
[  223.982707][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  223.982880][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  223.985881][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  223.988480][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  223.990538][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  223.993578][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  223.996946][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  223.998731][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.000810][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  224.003890][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.006163][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  224.008958][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.011165][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  224.014190][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.016685][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  224.019091][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.021282][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  224.024328][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.026249][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  224.029294][T10069] binder_alloc: binder_alloc_mmap_handler: 10068 80ffd000-81000000 already mapped failed -16
[  224.031618][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  224.037679][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  224.039755][T10069] binder_alloc: 10068: binder_alloc_buf, no vma
[  224.040017][T10070] binder: BINDER_SET_CONTEXT_MGR already set
[  224.044124][T10070] binder: 10068:10070 ioctl 4018620d 80004a80 returned -16
[  224.125679][   T34] usb 6-1: device descriptor read/64, error -71
[  224.315082][ T5975] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  224.365077][   T34] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  224.466903][ T5975] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  224.469602][ T5975] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  224.472631][ T5975] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  224.475487][ T5975] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  224.478763][ T5975] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  224.484275][ T5975] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  224.487109][ T5975] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  224.489583][ T5975] usb 12-1: Product: syz
[  224.490832][ T5975] usb 12-1: Manufacturer: syz
[  224.496277][ T5975] cdc_wdm 12-1:1.0: skipping garbage
[  224.498620][ T5975] cdc_wdm 12-1:1.0: skipping garbage
[  224.502346][ T5975] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  224.504305][ T5975] cdc_wdm 12-1:1.0: Unknown control protocol
[  224.505121][   T34] usb 6-1: device descriptor read/64, error -71
[  224.615755][   T34] usb usb6-port1: attempt power cycle
[  224.955102][   T34] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  224.976640][   T34] usb 6-1: device descriptor read/8, error -71
[  225.205124][ T6037] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  225.215200][   T34] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  225.235504][   T34] usb 6-1: device descriptor read/8, error -71
[  225.345441][   T34] usb usb6-port1: unable to enumerate USB device
[  225.356782][ T6037] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  225.368824][ T6037] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  225.374976][ T6037] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  225.381301][ T6037] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  225.387316][ T6037] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  225.395381][ T6037] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  225.399314][ T6037] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  225.403841][ T6037] usb 9-1: Product: syz
[  225.406574][ T6037] usb 9-1: Manufacturer: syz
[  225.418773][ T6037] cdc_wdm 9-1:1.0: skipping garbage
[  225.420390][ T6037] cdc_wdm 9-1:1.0: skipping garbage
[  225.425100][ T6037] cdc_wdm 9-1:1.0: cdc-wdm1: USB WDM device
[  225.428551][ T6037] cdc_wdm 9-1:1.0: Unknown control protocol
[  225.699820][T10100] FAULT_INJECTION: forcing a failure.
[  225.699820][T10100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.705188][T10100] CPU: 1 UID: 0 PID: 10100 Comm: syz.4.1028 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  225.705214][T10100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.705224][T10100] Call Trace:
[  225.705230][T10100]  <TASK>
[  225.705238][T10100]  dump_stack_lvl+0x16c/0x1f0
[  225.705265][T10100]  should_fail_ex+0x512/0x640
[  225.705292][T10100]  _copy_to_user+0x32/0xd0
[  225.705320][T10100]  put_old_timespec32+0xb4/0x120
[  225.705343][T10100]  ? __pfx_put_old_timespec32+0x10/0x10
[  225.705365][T10100]  ? ktime_get+0x200/0x310
[  225.705384][T10100]  ? lockdep_hardirqs_on+0x7c/0x110
[  225.705404][T10100]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  225.705431][T10100]  nanosleep_copyout+0x91/0x130
[  225.705449][T10100]  do_nanosleep+0x48a/0x570
[  225.705477][T10100]  ? __hrtimer_setup+0x61/0x280
[  225.705502][T10100]  ? __pfx_do_nanosleep+0x10/0x10
[  225.705530][T10100]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  225.705553][T10100]  ? __hrtimer_setup+0x176/0x280
[  225.705580][T10100]  hrtimer_nanosleep_restart+0x11b/0x190
[  225.705607][T10100]  ? __pfx_hrtimer_nanosleep_restart+0x10/0x10
[  225.705637][T10100]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  225.705665][T10100]  ? rcu_is_watching+0x12/0xc0
[  225.705684][T10100]  do_int80_emulation+0x104/0x460
[  225.705707][T10100]  asm_int80_emulation+0x1a/0x20
[  225.705724][T10100] RIP: 0023:0xf7f07579
[  225.705738][T10100] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  225.705754][T10100] RSP: 002b:00000000f5404440 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
[  225.705771][T10100] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000
[  225.705781][T10100] RDX: 00000000f5404474 RSI: 00000000f540446c RDI: 00000000f5404474
[  225.705791][T10100] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  225.705799][T10100] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  225.705809][T10100] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.705829][T10100]  </TASK>
[  226.626861][T10106] FAULT_INJECTION: forcing a failure.
[  226.626861][T10106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.630943][T10106] CPU: 1 UID: 0 PID: 10106 Comm: syz.1.1033 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  226.630964][T10106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.630971][T10106] Call Trace:
[  226.630976][T10106]  <TASK>
[  226.630980][T10106]  dump_stack_lvl+0x16c/0x1f0
[  226.630998][T10106]  should_fail_ex+0x512/0x640
[  226.631015][T10106]  _copy_from_user+0x2e/0xd0
[  226.631033][T10106]  kstrtouint_from_user+0xd6/0x1d0
[  226.631047][T10106]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  226.631059][T10106]  ? __lock_acquire+0xb97/0x1ce0
[  226.631080][T10106]  proc_fail_nth_write+0x83/0x220
[  226.631093][T10106]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  226.631109][T10106]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  226.631120][T10106]  vfs_write+0x29d/0x11d0
[  226.631136][T10106]  ? __pfx_vfs_write+0x10/0x10
[  226.631147][T10106]  ? find_held_lock+0x2b/0x80
[  226.631161][T10106]  ? __fget_files+0x20e/0x3c0
[  226.631177][T10106]  ksys_write+0x12a/0x250
[  226.631190][T10106]  ? __pfx_ksys_write+0x10/0x10
[  226.631203][T10106]  ? rcu_is_watching+0x12/0xc0
[  226.631217][T10106]  __do_fast_syscall_32+0x7c/0x3a0
[  226.631232][T10106]  do_fast_syscall_32+0x32/0x80
[  226.631247][T10106]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.631261][T10106] RIP: 0023:0xf703e579
[  226.631270][T10106] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.631280][T10106] RSP: 002b:00000000f542e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  226.631291][T10106] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f542e620
[  226.631298][T10106] RDX: 0000000000000001 RSI: 00000000f73a4ff4 RDI: 0000000000000000
[  226.631304][T10106] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  226.631311][T10106] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.631317][T10106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.631330][T10106]  </TASK>
[  226.704001][T10109] block device autoloading is deprecated and will be removed.
[  226.839489][T10109] md: md2 stopped.
[  227.075184][T10117] tmpfs: Unknown parameter 'quyta'
[  227.268087][    C2] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  227.269747][   T10] usb 12-1: USB disconnect, device number 4
[  227.270307][    C2] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  227.274044][    C2] cdc_wdm 12-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  227.278164][   T34] usb 9-1: USB disconnect, device number 5
[  227.975141][ T6055] vhci_hcd: vhci_device speed not set
[  228.225200][T10139] fuse: Bad value for 'fd'
[  228.315839][T10143] fuse: Bad value for 'fd'
[  229.150936][T10159] FAULT_INJECTION: forcing a failure.
[  229.150936][T10159] name failslab, interval 1, probability 0, space 0, times 0
[  229.154897][T10159] CPU: 0 UID: 0 PID: 10159 Comm: syz.7.1049 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  229.154912][T10159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.154919][T10159] Call Trace:
[  229.154923][T10159]  <TASK>
[  229.154927][T10159]  dump_stack_lvl+0x16c/0x1f0
[  229.154945][T10159]  should_fail_ex+0x512/0x640
[  229.154960][T10159]  ? fs_reclaim_acquire+0xae/0x150
[  229.154978][T10159]  ? tomoyo_encode2+0x100/0x3e0
[  229.155005][T10159]  should_failslab+0xc2/0x120
[  229.155021][T10159]  __kmalloc_noprof+0xd2/0x510
[  229.155038][T10159]  ? d_absolute_path+0x136/0x1a0
[  229.155057][T10159]  tomoyo_encode2+0x100/0x3e0
[  229.155074][T10159]  tomoyo_encode+0x29/0x50
[  229.155088][T10159]  tomoyo_realpath_from_path+0x18f/0x6e0
[  229.155108][T10159]  tomoyo_path_number_perm+0x245/0x580
[  229.155121][T10159]  ? tomoyo_path_number_perm+0x237/0x580
[  229.155135][T10159]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  229.155163][T10159]  ? find_held_lock+0x2b/0x80
[  229.155174][T10159]  ? hook_file_ioctl_common+0x145/0x410
[  229.155192][T10159]  ? __fget_files+0x20e/0x3c0
[  229.155206][T10159]  security_file_ioctl_compat+0x9b/0x240
[  229.155221][T10159]  __ia32_compat_sys_ioctl+0xc3/0x370
[  229.155240][T10159]  __do_fast_syscall_32+0x7c/0x3a0
[  229.155257][T10159]  do_fast_syscall_32+0x32/0x80
[  229.155271][T10159]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.155285][T10159] RIP: 0023:0xf7f21579
[  229.155294][T10159] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.155305][T10159] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  229.155315][T10159] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005402
[  229.155322][T10159] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  229.155328][T10159] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.155334][T10159] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.155341][T10159] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.155354][T10159]  </TASK>
[  229.172472][T10167] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  229.174267][T10159] ERROR: Out of memory at tomoyo_realpath_from_path.
[  230.466693][T10201] block device autoloading is deprecated and will be removed.
[  230.471051][T10198] md: md2 stopped.
[  230.509012][T10204] fuse: Bad value for 'fd'
[  230.588048][T10207] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  230.645081][   T34] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  230.826980][   T34] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.830141][   T34] usb 12-1: config 0 has no interfaces?
[  230.831961][   T34] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  230.834874][   T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.839285][   T34] usb 12-1: config 0 descriptor??
[  230.885207][   T10] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  231.040215][   T10] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  231.044521][T10193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.047262][   T10] usb 6-1: config 0 has no interface number 0
[  231.049354][T10193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.051693][   T10] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  231.058162][   T10] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  231.062645][   T34] usb 12-1: USB disconnect, device number 5
[  231.065653][   T10] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  231.072574][   T10] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  231.076311][   T10] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  231.079618][   T10] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  231.194005][   T10] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  231.197177][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.211850][   T10] usb 6-1: config 0 descriptor??
[  231.217319][T10212] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  231.222405][T10212] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  231.886748][   T10] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  231.948275][   T10] usb 6-1: USB disconnect, device number 7
[  232.078921][   T10] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  232.154403][T10238] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1074'.
[  232.296795][T10243] block device autoloading is deprecated and will be removed.
[  232.300621][T10240] md: md2 stopped.
[  232.458431][T10248] tls_set_device_offload_rx: netdev not found
[  233.407802][T10275] block device autoloading is deprecated and will be removed.
[  233.413643][T10272] md: md2 stopped.
[  233.638093][T10280] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.748596][T10280] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.820344][T10280] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.908551][T10280] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.202486][ T1139] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.213453][ T1139] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.284211][ T1146] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.365691][   T88] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.685993][   T53] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  234.828586][T10302] fuse: Bad value for 'fd'
[  234.847199][   T53] usb 11-1: config 0 has no interfaces?
[  234.849026][   T53] usb 11-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  234.852282][   T53] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.860138][   T53] usb 11-1: config 0 descriptor??
[  234.907796][T10308] block device autoloading is deprecated and will be removed.
[  234.912434][T10304] md: md2 stopped.
[  235.032478][T10311] fuse: Bad value for 'fd'
[  235.072435][ T7996] usb 11-1: USB disconnect, device number 3
[  235.459901][T10315] tipc: Started in network mode
[  235.461536][T10315] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  235.464421][T10315] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  235.467901][T10315] tipc: Enabled bearer <udp:syz0>, priority 10
[  236.499764][ T6036] tipc: Node number set to 1
[  236.873271][T10349] FAULT_INJECTION: forcing a failure.
[  236.873271][T10349] name failslab, interval 1, probability 0, space 0, times 0
[  236.877416][T10349] CPU: 2 UID: 0 PID: 10349 Comm: syz.7.1109 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  236.877432][T10349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.877439][T10349] Call Trace:
[  236.877443][T10349]  <TASK>
[  236.877447][T10349]  dump_stack_lvl+0x16c/0x1f0
[  236.877464][T10349]  should_fail_ex+0x512/0x640
[  236.877480][T10349]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  236.877493][T10349]  should_failslab+0xc2/0x120
[  236.877508][T10349]  __kmalloc_cache_noprof+0x6a/0x3e0
[  236.877519][T10349]  ? tcf_block_get_ext+0x3c6/0x1800
[  236.877536][T10349]  tcf_block_get_ext+0x3c6/0x1800
[  236.877550][T10349]  ? __debug_object_init+0x2de/0x3d0
[  236.877565][T10349]  tcf_block_get+0xa8/0x100
[  236.877579][T10349]  ? __pfx_tcf_block_get+0x10/0x10
[  236.877593][T10349]  ? __pfx_tcf_chain_head_change_dflt+0x10/0x10
[  236.877612][T10349]  ? __pfx_qdisc_watchdog+0x10/0x10
[  236.877627][T10349]  ? __hrtimer_setup+0x176/0x280
[  236.877646][T10349]  htb_init+0x1fe/0xd40
[  236.877657][T10349]  ? ref_tracker_alloc+0x305/0x5b0
[  236.877674][T10349]  ? qdisc_alloc+0x900/0xc50
[  236.877685][T10349]  ? qdisc_create+0x71/0xfc0
[  236.877700][T10349]  ? tc_modify_qdisc+0x11d8/0x2170
[  236.877716][T10349]  ? __pfx_htb_init+0x10/0x10
[  236.877726][T10349]  ? netlink_sendmsg+0x8d1/0xdd0
[  236.877747][T10349]  ? qdisc_alloc+0x94f/0xc50
[  236.877759][T10349]  ? __pfx_htb_init+0x10/0x10
[  236.877770][T10349]  qdisc_create+0x454/0xfc0
[  236.877788][T10349]  tc_modify_qdisc+0x11d8/0x2170
[  236.877806][T10349]  ? rcu_is_watching+0x12/0xc0
[  236.877818][T10349]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  236.877835][T10349]  ? __lock_acquire+0x62e/0x1ce0
[  236.877860][T10349]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  236.877881][T10349]  rtnetlink_rcv_msg+0x3c6/0xe90
[  236.877898][T10349]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  236.877917][T10349]  ? ref_tracker_free+0x37c/0x830
[  236.877934][T10349]  netlink_rcv_skb+0x158/0x420
[  236.877948][T10349]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  236.877964][T10349]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  236.877983][T10349]  ? netlink_deliver_tap+0x1ae/0xd30
[  236.877999][T10349]  netlink_unicast+0x5a7/0x870
[  236.878016][T10349]  ? __pfx_netlink_unicast+0x10/0x10
[  236.878030][T10349]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  236.878048][T10349]  netlink_sendmsg+0x8d1/0xdd0
[  236.878064][T10349]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.878080][T10349]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  236.878095][T10349]  ____sys_sendmsg+0xa95/0xc70
[  236.878113][T10349]  ? __pfx_____sys_sendmsg+0x10/0x10
[  236.878129][T10349]  ? get_compat_msghdr+0x11a/0x170
[  236.878148][T10349]  ___sys_sendmsg+0x134/0x1d0
[  236.878163][T10349]  ? __pfx____sys_sendmsg+0x10/0x10
[  236.878183][T10349]  ? find_held_lock+0x2b/0x80
[  236.878202][T10349]  __sys_sendmsg+0x16d/0x220
[  236.878215][T10349]  ? __pfx___sys_sendmsg+0x10/0x10
[  236.878235][T10349]  ? rcu_is_watching+0x12/0xc0
[  236.878247][T10349]  __do_fast_syscall_32+0x7c/0x3a0
[  236.878263][T10349]  do_fast_syscall_32+0x32/0x80
[  236.878277][T10349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  236.878291][T10349] RIP: 0023:0xf7f21579
[  236.878300][T10349] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  236.878310][T10349] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  236.878321][T10349] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800012c0
[  236.878328][T10349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  236.878334][T10349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  236.878340][T10349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  236.878346][T10349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  236.878359][T10349]  </TASK>
[  237.010623][T10353] fuse: Bad value for 'fd'
[  237.077645][T10356] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  237.980716][T10383] block device autoloading is deprecated and will be removed.
[  237.995563][T10381] md: md2 stopped.
[  238.221977][T10386] block device autoloading is deprecated and will be removed.
[  238.258562][T10385] md: md2 stopped.
[  238.492309][T10392] kvm: pic: non byte read
[  238.494831][T10392] kvm: pic: level sensitive irq not supported
[  238.495604][T10392] kvm: pic: non byte read
[  238.499954][T10392] kvm: pic: level sensitive irq not supported
[  238.500191][T10392] kvm: pic: non byte read
[  238.504406][T10392] kvm: pic: level sensitive irq not supported
[  238.504636][T10392] kvm: pic: non byte read
[  238.510043][T10392] kvm: pic: level sensitive irq not supported
[  238.510275][T10392] kvm: pic: non byte read
[  238.533077][T10392] kvm: pic: level sensitive irq not supported
[  238.533320][T10392] kvm: pic: non byte read
[  238.543050][T10392] kvm: pic: level sensitive irq not supported
[  238.543310][T10392] kvm: pic: non byte read
[  238.698432][T10410] fuse: Bad value for 'fd'
[  239.271277][T10423] block device autoloading is deprecated and will be removed.
[  239.274883][T10421] md: md2 stopped.
[  239.349663][T10425] FAULT_INJECTION: forcing a failure.
[  239.349663][T10425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.353841][T10425] CPU: 1 UID: 0 PID: 10425 Comm: syz.7.1132 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  239.353858][T10425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.353865][T10425] Call Trace:
[  239.353869][T10425]  <TASK>
[  239.353873][T10425]  dump_stack_lvl+0x16c/0x1f0
[  239.353894][T10425]  should_fail_ex+0x512/0x640
[  239.353912][T10425]  _copy_to_user+0x32/0xd0
[  239.353930][T10425]  simple_read_from_buffer+0xcb/0x170
[  239.353950][T10425]  proc_fail_nth_read+0x197/0x240
[  239.353962][T10425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.353975][T10425]  ? rw_verify_area+0xcf/0x6c0
[  239.353987][T10425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  239.353998][T10425]  vfs_read+0x1e4/0xcf0
[  239.354013][T10425]  ? __pfx_vfs_read+0x10/0x10
[  239.354024][T10425]  ? find_held_lock+0x2b/0x80
[  239.354039][T10425]  ? __fget_files+0x20e/0x3c0
[  239.354054][T10425]  ksys_read+0x12a/0x250
[  239.354067][T10425]  ? __pfx_ksys_read+0x10/0x10
[  239.354080][T10425]  ? rcu_is_watching+0x12/0xc0
[  239.354094][T10425]  __do_fast_syscall_32+0x7c/0x3a0
[  239.354109][T10425]  do_fast_syscall_32+0x32/0x80
[  239.354123][T10425]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.354137][T10425] RIP: 0023:0xf7f21579
[  239.354146][T10425] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  239.354156][T10425] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  239.354167][T10425] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[  239.354174][T10425] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[  239.354180][T10425] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  239.354186][T10425] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  239.354192][T10425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.354205][T10425]  </TASK>
[  239.675099][ T6036] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  239.825072][ T6036] usb 12-1: Using ep0 maxpacket: 32
[  239.828150][ T6036] usb 12-1: config index 0 descriptor too short (expected 156, got 27)
[  239.833196][ T6036] usb 12-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  239.837255][ T6036] usb 12-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  239.840677][ T6036] usb 12-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  239.844860][ T6036] usb 12-1: config 0 interface 0 has no altsetting 0
[  239.849901][ T6036] usb 12-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  239.852717][ T6036] usb 12-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  239.860208][ T6036] usb 12-1: Product: syz
[  239.861447][ T6036] usb 12-1: Manufacturer: syz
[  239.862859][ T6036] usb 12-1: SerialNumber: syz
[  239.870044][ T6036] usb 12-1: config 0 descriptor??
[  239.873820][ T6036] ldusb 12-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  239.879603][ T6036] ldusb 12-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  239.909319][T10438] FAULT_INJECTION: forcing a failure.
[  239.909319][T10438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.913542][T10438] CPU: 1 UID: 0 PID: 10438 Comm: syz.6.1136 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  239.913558][T10438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.913576][T10438] Call Trace:
[  239.913581][T10438]  <TASK>
[  239.913585][T10438]  dump_stack_lvl+0x16c/0x1f0
[  239.913603][T10438]  should_fail_ex+0x512/0x640
[  239.913621][T10438]  _copy_from_user+0x2e/0xd0
[  239.913639][T10438]  get_compat_msghdr+0xa7/0x170
[  239.913653][T10438]  ? __pfx_get_compat_msghdr+0x10/0x10
[  239.913666][T10438]  ? __lock_acquire+0x62e/0x1ce0
[  239.913684][T10438]  ___sys_recvmsg+0x191/0x1a0
[  239.913699][T10438]  ? __pfx____sys_recvmsg+0x10/0x10
[  239.913714][T10438]  ? find_held_lock+0x2b/0x80
[  239.913730][T10438]  ? __pfx___might_resched+0x10/0x10
[  239.913745][T10438]  do_recvmmsg+0x55d/0x750
[  239.913760][T10438]  ? __pfx_do_recvmmsg+0x10/0x10
[  239.913773][T10438]  ? find_held_lock+0x2b/0x80
[  239.913793][T10438]  ? __fget_files+0x20e/0x3c0
[  239.913804][T10438]  ? handle_mm_fault+0x260/0xd10
[  239.913818][T10438]  __sys_recvmmsg+0x21c/0x280
[  239.913832][T10438]  ? __pfx___sys_recvmmsg+0x10/0x10
[  239.913847][T10438]  ? __pfx_ksys_write+0x10/0x10
[  239.913862][T10438]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  239.913876][T10438]  ? lockdep_hardirqs_on+0x7c/0x110
[  239.913890][T10438]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  239.913904][T10438]  __do_fast_syscall_32+0x7c/0x3a0
[  239.913920][T10438]  do_fast_syscall_32+0x32/0x80
[  239.913934][T10438]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  239.913948][T10438] RIP: 0023:0xf70ce579
[  239.913957][T10438] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  239.913967][T10438] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  239.913978][T10438] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080002440
[  239.913985][T10438] RDX: 00000000ffffff67 RSI: 0000000000000000 RDI: 0000000000000000
[  239.913991][T10438] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  239.913997][T10438] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  239.914003][T10438] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  239.914017][T10438]  </TASK>
[  240.207701][T10427] IPVS: length: 139 != 8
[  240.213153][T10427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.220567][T10427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.668242][T10451] input: syz1 as /devices/virtual/input/input13
[  240.752993][T10459] block device autoloading is deprecated and will be removed.
[  240.758709][T10453] md: md2 stopped.
[  241.590023][T10483] fuse: Bad value for 'fd'
[  242.197592][T10489] FAULT_INJECTION: forcing a failure.
[  242.197592][T10489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  242.202633][T10489] CPU: 1 UID: 0 PID: 10489 Comm: syz.6.1152 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  242.202649][T10489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.202655][T10489] Call Trace:
[  242.202660][T10489]  <TASK>
[  242.202664][T10489]  dump_stack_lvl+0x16c/0x1f0
[  242.202695][T10489]  should_fail_ex+0x512/0x640
[  242.202713][T10489]  _copy_to_user+0x32/0xd0
[  242.202731][T10489]  simple_read_from_buffer+0xcb/0x170
[  242.202751][T10489]  proc_fail_nth_read+0x197/0x240
[  242.202764][T10489]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  242.202777][T10489]  ? rw_verify_area+0xcf/0x6c0
[  242.202788][T10489]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  242.202799][T10489]  vfs_read+0x1e4/0xcf0
[  242.202814][T10489]  ? __pfx_vfs_read+0x10/0x10
[  242.202825][T10489]  ? find_held_lock+0x2b/0x80
[  242.202840][T10489]  ? __fget_files+0x20e/0x3c0
[  242.202856][T10489]  ksys_read+0x12a/0x250
[  242.202868][T10489]  ? __pfx_ksys_read+0x10/0x10
[  242.202881][T10489]  ? rcu_is_watching+0x12/0xc0
[  242.202895][T10489]  __do_fast_syscall_32+0x7c/0x3a0
[  242.202911][T10489]  do_fast_syscall_32+0x32/0x80
[  242.202925][T10489]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  242.202939][T10489] RIP: 0023:0xf70ce579
[  242.202948][T10489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  242.202959][T10489] RSP: 002b:00000000f54be590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  242.202970][T10489] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54be620
[  242.202976][T10489] RDX: 000000000000000f RSI: 00000000f7434ff4 RDI: 0000000000000000
[  242.202982][T10489] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  242.202989][T10489] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  242.202995][T10489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  242.203008][T10489]  </TASK>
[  242.827945][T10506] evm: overlay not supported
[  243.040972][T10510] FAULT_INJECTION: forcing a failure.
[  243.040972][T10510] name failslab, interval 1, probability 0, space 0, times 0
[  243.045539][T10510] CPU: 0 UID: 0 PID: 10510 Comm: syz.6.1160 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  243.045554][T10510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.045561][T10510] Call Trace:
[  243.045565][T10510]  <TASK>
[  243.045569][T10510]  dump_stack_lvl+0x16c/0x1f0
[  243.045586][T10510]  should_fail_ex+0x512/0x640
[  243.045602][T10510]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  243.045618][T10510]  should_failslab+0xc2/0x120
[  243.045632][T10510]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  243.045645][T10510]  ? getname_flags.part.0+0x4c/0x550
[  243.045664][T10510]  getname_flags.part.0+0x4c/0x550
[  243.045683][T10510]  getname_flags+0x93/0xf0
[  243.045694][T10510]  __ia32_sys_mkdir+0x51/0x80
[  243.045708][T10510]  __do_fast_syscall_32+0x7c/0x3a0
[  243.045724][T10510]  do_fast_syscall_32+0x32/0x80
[  243.045738][T10510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.045752][T10510] RIP: 0023:0xf70ce579
[  243.045760][T10510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.045772][T10510] RSP: 002b:00000000f54be55c EFLAGS: 00000296 ORIG_RAX: 0000000000000027
[  243.045782][T10510] RAX: ffffffffffffffda RBX: 00000000800003c0 RCX: 000000000000ff0c
[  243.045789][T10510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  243.045795][T10510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.045801][T10510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.045808][T10510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.045821][T10510]  </TASK>
[  243.492278][T10523] fuse: Bad value for 'fd'
[  243.530798][T10526] dlm: no local IP address has been set
[  243.533737][T10526] dlm: cannot start dlm midcomms -107
[  243.676109][T10532] overlay: Unknown parameter 'smackfstransmute'
[  244.709496][T10548] fuse: Bad value for 'fd'
[  245.196220][T10439] ldusb 12-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110
[  245.268126][ T6036] usb 12-1: USB disconnect, device number 6
[  245.282457][ T6036] ldusb 12-1:0.0: LD USB Device #0 now disconnected
[  245.336970][T10557] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1176'.
[  245.685589][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  245.927367][T10585] fuse: Bad value for 'fd'
[  246.797779][T10601] fuse: Unknown parameter 'group_id00000000000000000000'
[  246.807391][T10601] lo speed is unknown, defaulting to 1000
[  246.815674][T10601] lo speed is unknown, defaulting to 1000
[  246.824109][T10601] lo speed is unknown, defaulting to 1000
[  247.024278][T10601] infiniband s
z1: set active
[  247.025953][T10601] infiniband s
z1: added lo
[  247.041127][ T6036] lo speed is unknown, defaulting to 1000
[  247.052739][T10601] RDS/IB: s
z1: added
[  247.054472][T10601] smc: adding ib device s
z1 with port count 1
[  247.056634][T10601] smc:    ib device s
z1 port 1 has pnetid 
[  247.063161][T10601] lo speed is unknown, defaulting to 1000
[  247.143520][T10601] lo speed is unknown, defaulting to 1000
[  247.225137][T10601] lo speed is unknown, defaulting to 1000
[  247.303780][T10601] lo speed is unknown, defaulting to 1000
[  247.310553][T10620] FAULT_INJECTION: forcing a failure.
[  247.310553][T10620] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  247.315975][T10620] CPU: 2 UID: 0 PID: 10620 Comm: syz.6.1186 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  247.315992][T10620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.315999][T10620] Call Trace:
[  247.316003][T10620]  <TASK>
[  247.316007][T10620]  dump_stack_lvl+0x16c/0x1f0
[  247.316030][T10620]  should_fail_ex+0x512/0x640
[  247.316048][T10620]  should_fail_alloc_page+0xe7/0x130
[  247.316075][T10620]  prepare_alloc_pages+0x3c2/0x610
[  247.316096][T10620]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  247.316112][T10620]  ? is_bpf_text_address+0x94/0x1a0
[  247.316126][T10620]  ? look_up_lock_class+0x59/0x150
[  247.316139][T10620]  ? look_up_lock_class+0x59/0x150
[  247.316153][T10620]  ? register_lock_class+0x41/0x4c0
[  247.316169][T10620]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  247.316184][T10620]  ? __lock_acquire+0xb97/0x1ce0
[  247.316204][T10620]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  247.316222][T10620]  ? policy_nodemask+0xea/0x4e0
[  247.316238][T10620]  alloc_pages_mpol+0x1fb/0x550
[  247.316253][T10620]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  247.316268][T10620]  ? find_held_lock+0x2b/0x80
[  247.316280][T10620]  alloc_pages_noprof+0x131/0x390
[  247.316295][T10620]  get_free_pages_noprof+0x10/0xb0
[  247.316310][T10620]  ? __fget_files+0x20e/0x3c0
[  247.316321][T10620]  __pollwait+0x295/0x490
[  247.316331][T10620]  ? __pfx___pollwait+0x10/0x10
[  247.316342][T10620]  io_uring_poll+0xc4/0x390
[  247.316357][T10620]  ? __pfx_io_uring_poll+0x10/0x10
[  247.316369][T10620]  do_select+0xd3a/0x17e0
[  247.316391][T10620]  ? __pfx_do_select+0x10/0x10
[  247.316401][T10620]  ? trace_mm_page_alloc+0x11f/0x1a0
[  247.316418][T10620]  ? __pfx___pollwait+0x10/0x10
[  247.316431][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316442][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316454][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316465][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316477][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316488][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316500][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316512][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316523][T10620]  ? __pfx_pollwake+0x10/0x10
[  247.316538][T10620]  ? find_held_lock+0x2b/0x80
[  247.316548][T10620]  ? compat_core_sys_select+0x1dd/0x880
[  247.316562][T10620]  ? compat_core_sys_select+0x685/0x880
[  247.316572][T10620]  compat_core_sys_select+0x685/0x880
[  247.316587][T10620]  ? __pfx_compat_core_sys_select+0x10/0x10
[  247.316602][T10620]  ? proc_fail_nth_write+0x9f/0x220
[  247.316625][T10620]  ? set_compat_user_sigmask+0x213/0x2a0
[  247.316637][T10620]  ? __pfx_set_compat_user_sigmask+0x10/0x10
[  247.316652][T10620]  __ia32_compat_sys_pselect6_time32+0x2d1/0x390
[  247.316668][T10620]  ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10
[  247.316682][T10620]  ? ksys_write+0x1ac/0x250
[  247.316694][T10620]  ? __pfx_ksys_write+0x10/0x10
[  247.316708][T10620]  ? rcu_is_watching+0x12/0xc0
[  247.316721][T10620]  __do_fast_syscall_32+0x7c/0x3a0
[  247.316737][T10620]  do_fast_syscall_32+0x32/0x80
[  247.316751][T10620]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  247.316764][T10620] RIP: 0023:0xf70ce579
[  247.316774][T10620] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  247.316785][T10620] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000134
[  247.316799][T10620] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 00000000800001c0
[  247.316806][T10620] RDX: 0000000000000000 RSI: 00000000800002c0 RDI: 0000000000000000
[  247.316812][T10620] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  247.316818][T10620] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  247.316824][T10620] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  247.316838][T10620]  </TASK>
[  247.389889][ T6036] lo speed is unknown, defaulting to 1000
[  248.069168][   T40] audit: type=1804 audit(1754908162.455:401): pid=10646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1193" name="/newroot/191/file0/file0" dev="9p" ino=35913838 res=1 errno=0
[  248.465305][ T1141] ref_tracker: reference already released.
[  248.467422][ T1141] ref_tracker: allocated in:
[  248.468897][ T1141]  netdev_watchdog_up+0x183/0x200
[  248.470509][ T1141]  netif_carrier_on+0xfb/0x120
[  248.472024][ T1141]  e1000_watchdog+0xd13/0x1520
[  248.473529][ T1141]  process_one_work+0x9cc/0x1b70
[  248.475103][ T1141]  worker_thread+0x6c8/0xf10
[  248.476580][ T1141]  kthread+0x3c5/0x780
[  248.477881][ T1141]  ret_from_fork+0x5d4/0x6f0
[  248.479606][ T1141]  ret_from_fork_asm+0x1a/0x30
[  248.481195][ T1141] ref_tracker: freed in:
[  248.482550][ T1141]  dev_deactivate_many+0x28d/0xd50
[  248.484181][ T1141]  dev_deactivate+0xf8/0x1c0
[  248.485645][ T1141]  linkwatch_do_dev+0x11e/0x160
[  248.487200][ T1141]  __linkwatch_run_queue+0x2a7/0x8a0
[  248.488886][ T1141]  linkwatch_event+0x8f/0xc0
[  248.490378][ T1141]  process_one_work+0x9cc/0x1b70
[  248.491961][ T1141]  worker_thread+0x6c8/0xf10
[  248.493427][ T1141]  kthread+0x3c5/0x780
[  248.494734][ T1141]  ret_from_fork+0x5d4/0x6f0
[  248.496226][ T1141]  ret_from_fork_asm+0x1a/0x30
[  248.498074][ T1141] ------------[ cut here ]------------
[  248.500496][ T1141] WARNING: CPU: 0 PID: 1141 at lib/ref_tracker.c:323 ref_tracker_free+0x61a/0x830
[  248.503349][ T1141] Modules linked in:
[  248.505123][ T1141] CPU: 0 UID: 0 PID: 1141 Comm: kworker/u32:7 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  248.509601][ T1141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.512922][ T1141] Workqueue: events_unbound linkwatch_event
[  248.514788][ T1141] RIP: 0010:ref_tracker_free+0x61a/0x830
[  248.516632][ T1141] Code: 00 44 8b 73 18 31 ff 44 89 f6 e8 d1 f2 a6 fc 45 85 f6 0f 85 a6 00 00 00 e8 83 f7 a6 fc 48 8b 34 24 48 89 ef e8 47 cf 7e 06 90 <0f> 0b 90 bb ea ff ff ff e9 50 fd ff ff e8 64 f7 a6 fc 4c 8d 6d 44
[  248.522619][ T1141] RSP: 0018:ffffc90006fff8a8 EFLAGS: 00010202
[  248.524542][ T1141] RAX: 0000000000000201 RBX: ffff8880234272c0 RCX: 0000000000000000
[  248.527076][ T1141] RDX: 0000000000000202 RSI: ffffffff8de4b996 RDI: 0000000000000001
[  248.529562][ T1141] RBP: ffff888043a28610 R08: 0000000000000001 R09: 0000000000000001
[  248.532035][ T1141] R10: ffffffff90ab6b97 R11: 0000000000000000 R12: 1ffff92000dfff17
[  248.534566][ T1141] R13: ffffc90006fff8d8 R14: 0000000003d404f7 R15: ffff8880234272d8
[  248.537136][ T1141] FS:  0000000000000000(0000) GS:ffff8880974c6000(0000) knlGS:0000000000000000
[  248.539911][ T1141] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  248.542006][ T1141] CR2: 0000000081000000 CR3: 0000000052b54000 CR4: 0000000000352ef0
[  248.544479][ T1141] Call Trace:
[  248.545604][ T1141]  <TASK>
[  248.546543][ T1141]  ? __pfx_ref_tracker_free+0x10/0x10
[  248.548228][ T1141]  ? dev_deactivate_many+0x28d/0xd50
[  248.549890][ T1141]  ? dev_deactivate+0xf8/0x1c0
[  248.551406][ T1141]  ? linkwatch_do_dev+0x11e/0x160
[  248.552994][ T1141]  ? __linkwatch_run_queue+0x2a7/0x8a0
[  248.554692][ T1141]  ? linkwatch_event+0x8f/0xc0
[  248.556270][ T1141]  ? process_one_work+0x9cc/0x1b70
[  248.558097][ T1141]  ? worker_thread+0x6c8/0xf10
[  248.559924][ T1141]  ? kthread+0x3c5/0x780
[  248.561277][ T1141]  ? ret_from_fork+0x5d4/0x6f0
[  248.562785][ T1141]  ? ret_from_fork_asm+0x1a/0x30
[  248.564380][ T1141]  ? netif_freeze_queues+0x17d/0x1e0
[  248.566098][ T1141]  dev_deactivate_many+0x28d/0xd50
[  248.567713][ T1141]  ? __pfx_dev_deactivate_many+0x10/0x10
[  248.569480][ T1141]  ? ref_tracker_free+0x2d1/0x830
[  248.571076][ T1141]  ? __pfx_ref_tracker_free+0x10/0x10
[  248.572783][ T1141]  dev_deactivate+0xf8/0x1c0
[  248.574245][ T1141]  ? __pfx_dev_deactivate+0x10/0x10
[  248.576046][ T1141]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  248.578009][ T1141]  linkwatch_do_dev+0x11e/0x160
[  248.579631][ T1141]  __linkwatch_run_queue+0x2a7/0x8a0
[  248.581361][ T1141]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  248.583193][ T1141]  linkwatch_event+0x8f/0xc0
[  248.584672][ T1141]  ? __pfx_linkwatch_event+0x10/0x10
[  248.586379][ T1141]  ? rcu_is_watching+0x12/0xc0
[  248.587899][ T1141]  process_one_work+0x9cc/0x1b70
[  248.589472][ T1141]  ? __pfx_process_one_work+0x10/0x10
[  248.591177][ T1141]  ? assign_work+0x1a0/0x250
[  248.592650][ T1141]  worker_thread+0x6c8/0xf10
[  248.594127][ T1141]  ? __pfx_worker_thread+0x10/0x10
[  248.595806][ T1141]  kthread+0x3c5/0x780
[  248.597092][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.598556][ T1141]  ? rcu_is_watching+0x12/0xc0
[  248.600110][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.601579][ T1141]  ret_from_fork+0x5d4/0x6f0
[  248.603047][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.604521][ T1141]  ret_from_fork_asm+0x1a/0x30
[  248.606095][ T1141]  </TASK>
[  248.607088][ T1141] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  248.609355][ T1141] CPU: 0 UID: 0 PID: 1141 Comm: kworker/u32:7 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  248.612571][ T1141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.615887][ T1141] Workqueue: events_unbound linkwatch_event
[  248.617735][ T1141] Call Trace:
[  248.618791][ T1141]  <TASK>
[  248.619844][ T1141]  dump_stack_lvl+0x3d/0x1f0
[  248.621398][ T1141]  vpanic+0x6e8/0x7a0
[  248.622664][ T1141]  ? __pfx_vpanic+0x10/0x10
[  248.624125][ T1141]  ? ref_tracker_free+0x61a/0x830
[  248.625704][ T1141]  panic+0xca/0xd0
[  248.626902][ T1141]  ? __pfx_panic+0x10/0x10
[  248.628334][ T1141]  ? check_panic_on_warn+0x1f/0xb0
[  248.629954][ T1141]  check_panic_on_warn+0xab/0xb0
[  248.631546][ T1141]  __warn+0xf6/0x3c0
[  248.632805][ T1141]  ? ref_tracker_free+0x61a/0x830
[  248.634395][ T1141]  report_bug+0x3c3/0x580
[  248.635817][ T1141]  ? ref_tracker_free+0x61a/0x830
[  248.637410][ T1141]  handle_bug+0x184/0x210
[  248.638781][ T1141]  exc_invalid_op+0x17/0x50
[  248.640259][ T1141]  asm_exc_invalid_op+0x1a/0x20
[  248.641790][ T1141] RIP: 0010:ref_tracker_free+0x61a/0x830
[  248.643564][ T1141] Code: 00 44 8b 73 18 31 ff 44 89 f6 e8 d1 f2 a6 fc 45 85 f6 0f 85 a6 00 00 00 e8 83 f7 a6 fc 48 8b 34 24 48 89 ef e8 47 cf 7e 06 90 <0f> 0b 90 bb ea ff ff ff e9 50 fd ff ff e8 64 f7 a6 fc 4c 8d 6d 44
[  248.649541][ T1141] RSP: 0018:ffffc90006fff8a8 EFLAGS: 00010202
[  248.651455][ T1141] RAX: 0000000000000201 RBX: ffff8880234272c0 RCX: 0000000000000000
[  248.653927][ T1141] RDX: 0000000000000202 RSI: ffffffff8de4b996 RDI: 0000000000000001
[  248.656400][ T1141] RBP: ffff888043a28610 R08: 0000000000000001 R09: 0000000000000001
[  248.658845][ T1141] R10: ffffffff90ab6b97 R11: 0000000000000000 R12: 1ffff92000dfff17
[  248.661325][ T1141] R13: ffffc90006fff8d8 R14: 0000000003d404f7 R15: ffff8880234272d8
[  248.663789][ T1141]  ? ref_tracker_free+0x619/0x830
[  248.665376][ T1141]  ? __pfx_ref_tracker_free+0x10/0x10
[  248.667059][ T1141]  ? dev_deactivate_many+0x28d/0xd50
[  248.668724][ T1141]  ? dev_deactivate+0xf8/0x1c0
[  248.670247][ T1141]  ? linkwatch_do_dev+0x11e/0x160
[  248.671837][ T1141]  ? __linkwatch_run_queue+0x2a7/0x8a0
[  248.673539][ T1141]  ? linkwatch_event+0x8f/0xc0
[  248.675047][ T1141]  ? process_one_work+0x9cc/0x1b70
[  248.676656][ T1141]  ? worker_thread+0x6c8/0xf10
[  248.678166][ T1141]  ? kthread+0x3c5/0x780
[  248.679501][ T1141]  ? ret_from_fork+0x5d4/0x6f0
[  248.681014][ T1141]  ? ret_from_fork_asm+0x1a/0x30
[  248.682569][ T1141]  ? netif_freeze_queues+0x17d/0x1e0
[  248.684229][ T1141]  dev_deactivate_many+0x28d/0xd50
[  248.685832][ T1141]  ? __pfx_dev_deactivate_many+0x10/0x10
[  248.687592][ T1141]  ? ref_tracker_free+0x2d1/0x830
[  248.689183][ T1141]  ? __pfx_ref_tracker_free+0x10/0x10
[  248.690865][ T1141]  dev_deactivate+0xf8/0x1c0
[  248.692322][ T1141]  ? __pfx_dev_deactivate+0x10/0x10
[  248.693951][ T1141]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  248.695806][ T1141]  linkwatch_do_dev+0x11e/0x160
[  248.697347][ T1141]  __linkwatch_run_queue+0x2a7/0x8a0
[  248.699007][ T1141]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  248.700858][ T1141]  linkwatch_event+0x8f/0xc0
[  248.702316][ T1141]  ? __pfx_linkwatch_event+0x10/0x10
[  248.703984][ T1141]  ? rcu_is_watching+0x12/0xc0
[  248.705578][ T1141]  process_one_work+0x9cc/0x1b70
[  248.707145][ T1141]  ? __pfx_process_one_work+0x10/0x10
[  248.708842][ T1141]  ? assign_work+0x1a0/0x250
[  248.710334][ T1141]  worker_thread+0x6c8/0xf10
[  248.711808][ T1141]  ? __pfx_worker_thread+0x10/0x10
[  248.713417][ T1141]  kthread+0x3c5/0x780
[  248.714719][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.716209][ T1141]  ? rcu_is_watching+0x12/0xc0
[  248.717715][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.719178][ T1141]  ret_from_fork+0x5d4/0x6f0
[  248.720675][ T1141]  ? __pfx_kthread+0x10/0x10
[  248.722142][ T1141]  ret_from_fork_asm+0x1a/0x30
[  248.723660][ T1141]  </TASK>
[  248.725168][ T1141] Kernel Offset: disabled
[  248.726531][ T1141] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:29:23  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85613555 RDI=ffffffff9b0f6600 RBP=ffffffff9b0f65c0 RSP=ffffc90006fff210
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b0f65c0 R15=ffffffff856134f0
RIP=ffffffff8561357f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000081000000 CR3=0000000052b54000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff888043ac0818 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff8b92e423 RDI=ffffed1008758103 RBP=ffff888043ac0818 RSP=ffffc900001e7a00
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffffff8b92e423 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff82206968 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031cf9ff8 CR3=0000000054952000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffffff9b089d38 RCX=ffffc9000331f7bc RDX=0000000000000000
RSI=ffffffff8de2651d RDI=ffffffff8c162880 RBP=0000000000000202 RSP=ffffc9000331f7d8
R8 =0000000000000001 R9 =fffff52000663ef0 R10=0000000000000202 R11=0000000000000000
R12=0000000000000001 R13=0000000000000002 R14=ffff888028a50000 R15=0000000000000001
RIP=ffffffff81975d48 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c6000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080003000 CR3=0000000055e29000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
EAX=00000000 EBX=f73a4ff4 ECX=00000000 EDX=00000000
ESI=00000000 EDI=0003ccbb EBP=fffa6f98 ESP=fffa6ca0
EIP=f7194b4c EFL=00000286 [--S--P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 5689d440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031e10ff8 CR3=0000000055e29000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000