last executing test programs:

3m39.009022096s ago: executing program 3 (id=8232):
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="872486", 0x3}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1804"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

3m38.906007189s ago: executing program 3 (id=8236):
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="8724866f", 0x4}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

3m38.746079788s ago: executing program 3 (id=8239):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r0, &(0x7f0000000100)=""/114, 0x72)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4000)

3m37.865153596s ago: executing program 3 (id=8243):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430", 0xf)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da", 0xbe}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e880", 0xf6}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x2, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

3m35.422010646s ago: executing program 3 (id=8247):
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="9c010000", @ANYRES16, @ANYBLOB="00032dbd7000ffdbdf25180000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b000104000006001600000600000500120000000000060011007500000008000b00060000000800010070636900110002"], 0x19c}, 0x1, 0x0, 0x0, 0x4040}, 0x4000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r1, &(0x7f0000000300))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
fstat(r1, &(0x7f0000000180))
r3 = socket(0x2, 0x2, 0x1)
setreuid(0xee00, 0xee00)
setreuid(0x0, 0xee01)
bind$unix(r3, &(0x7f0000000000)=@abs, 0x6e)
write(r2, &(0x7f0000000340)="18000000010005", 0x7)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000308010100000000000000000500000105000300ff0000000c0004800800014048a91bda"], 0x28}}, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003a00010325bd7000fcffffff07"], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
setsockopt$sock_int(r7, 0x1, 0xc, &(0x7f0000000600)=0x10000009, 0x4)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000600)=0x9, 0x4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x26}}], 0x10)
bind$x25(0xffffffffffffffff, &(0x7f00000002c0), 0x12)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r10, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)

3m35.421529131s ago: executing program 3 (id=8250):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x10, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x3, 0x1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000091}, 0x20000000)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x6fc84b579dfed949, 0x0)
close(r5)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))

3m19.368300523s ago: executing program 32 (id=8250):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x10, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x3, 0x1}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000091}, 0x20000000)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x6fc84b579dfed949, 0x0)
close(r5)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))

1m36.781656425s ago: executing program 0 (id=9625):
syz_init_net_socket$ax25(0x3, 0x5, 0xce)
syz_io_uring_setup(0x8d2, &(0x7f00000001c0)={0x0, 0x54a5, 0x400, 0x1, 0x37a}, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0xf000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r1, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r3 = syz_io_uring_setup(0xad3, &(0x7f0000000140)={0x0, 0xa59f, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0x2a5cc081, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x80, 0x2, 0x0, 0x127, 0x0, 0x1, {0x1}})
io_uring_enter(r3, 0x6efc, 0x3900, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r3, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x0, {0xfffffffffffffffb, 0x41}, 0x1}, 0x1)
r6 = socket(0x2a, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={0xa8, 0x2, 0x6, 0x3, 0x0, 0x0, {0x3}, [@IPSET_ATTR_DATA={0x58, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x5}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x90}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0xa8}}, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x4}}]}, 0x40}}, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000580)={&(0x7f0000000b00)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000030000000c0000000000001204000000005f00843da3f543e14ede9c933bf23a1ca8f96f4811e8f869554f13603040ed324735982631812289eea09f9f73641fcbd403d7ac8e90a688c29f43c8e4b90269385104193ee0e3e567b9e885ca5a7d764ab2d8612361a513290b92f4333d59691f278cf2afebaa7555f4a59b509e24a6d2db30c83f676f873a642562ab121604f9f9bf4ed55480fae212cad6e487336b048514be545fc746"], &(0x7f0000000680)=""/152, 0x27, 0x98, 0x0, 0x523b3245, 0x10000}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x8, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0x36, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)

1m36.39687982s ago: executing program 0 (id=9627):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r4, 0x118, 0x1, &(0x7f0000000040)=0x5bc, 0x4)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000680)={&(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000d00), &(0x7f0000000700)=[<r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a00), 0x0, 0x9, 0x8})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000009c0)={0x100, 0x1, &(0x7f0000000280)=[r3], &(0x7f00000004c0)=[0x3, 0xc, 0x8, 0xfffff800, 0x1, 0x1], &(0x7f0000000600)=[0x0, r5, 0x0, r3], &(0x7f0000000980)=[0xfffffffffffffffe, 0x4, 0xcb55], 0x0, 0x259e})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r6=>0x0], &(0x7f0000000040), 0x1, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000580)={0x201, 0x1, &(0x7f0000000180)=[r2], &(0x7f0000000400)=[0x3], &(0x7f0000000640)=[r6, r6, r6], &(0x7f0000000340), 0x0, 0xffffffffffffffff})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
socket(0x10, 0x803, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
r8 = dup(r7)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r8}, 0x68)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x45, 0x0}, 0x24004045)
r9 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x10000973, 0x1c080, 0x0, 0x44a})
socket$inet(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@deltaction={0x14, 0x31, 0x8, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20008000)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000002c0), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
io_uring_enter(r9, 0x49e2, 0x3d39, 0x16, 0x0, 0x0)

1m36.311324079s ago: executing program 0 (id=9628):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x20)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000009c0)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x24000040)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da25", 0xbf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50e", 0xef}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efca580e1e24cbf53ef2fdb0d3810e8359c20b3938b1cb8574e51adc3cac209dd1c3b0fa44d9ca5ffbc", 0x53}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x2, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1m36.310708286s ago: executing program 0 (id=9629):
r0 = memfd_create(&(0x7f00000001c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0\xbc]\x12\xc0D\x9f\x80\x8f\xfe\xf2\xc2)\xccm\xacz\xc1\xad\xe4\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (fail_nth: 18)

1m36.150639242s ago: executing program 0 (id=9630):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000040)={0x0, 0x7ff, 0x41})
mq_open(0x0, 0xc3, 0x40, 0x0)
mq_open(&(0x7f0000000000)='\xd0O\xe4\xde!\xbd!|]\x85\xf3\xde\xebR76\xf1\xeb\xe9\x8e%q\xc4\xf7\x91\xc52\xf9Z\x04\x9d\x11\xcbv*\xe1\x98d\xa0\xb5\xf3;\x87\x1b\xfdG\xfd\xdb\xf5\xe8[@\xd6\xa7\x9c\xb7\xff\f\xb1\xdd\x9b\xa1f\x89[\x04\xab8\x0e\x86\xd5\xce\xda\x06\n\xd3\xd86q^\x91}r\x87\xf6\xdb5b\x90\x83*\xe94\xf0\xbd\x0f\xb4c\x8ec\xf4o0D#Y', 0x3, 0x181, 0x0)
r2 = creat(&(0x7f0000000580)='./file0\x00', 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000540)={'bond0\x00', &(0x7f0000000300)=@ethtool_eeprom={0xc, 0x4, 0xfffffff5}})
r7 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a242)
poll(0x0, 0x0, 0x101)
writev(r7, &(0x7f0000000480)=[{&(0x7f0000000080)=' B', 0x401f}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f000014f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f00000055c0)=@vmx={0x103, 0x0, 0xbf, {0x6000, 0xd000, {}, 0x1, 0x2}, {"9b274844f368b2a747251cf1a94a5870db8535a3258ed7ba4130c84d13bc1903e6882414875944b82f10a32adad59953b7a890eff248264533942a68add3cd784a01567c6b0d9560e938d5a95542f7c44ffc40a36a3fb7f4578b61af429294817929705e32b6b48f388e93ca051ed017c49a75ba08d2220e3c4a16845c32fbd0f1f02e1fa8845a8982a3ac2a241adabdb23500b7be45c2995db01232accacc0c6a6f39b3cbd4b8009b7608dadf3ae9bd27b6be4aaec5c2666b8d08df62b6b7187cc43faeeed57a95407a81d8677b2f4b7dfd403adeaaa978afe637d027bcdc81ef81ee9345c362621d8eaefff4dac96def624351935f2ac6d573abae93a2ed5e1120a4e28a6f6a29fe2f8ee17582b17b682e66e576a5e42391d6b991f31795a7f3fb1a49a956d3d11d7b3ef39239065a548704677d9bc89f619fcd96d88b7a8674ae9d23da53c9c4a258fdc2d937213bd5b5e43f5550a0a4f4f5df6a428694a2b83b0cd2aeb1eb7dbae38c86f27292eae23e79a33a5264657ccf35ccd4507b8f0d879db556faf8278371ab25ac2c35d7d77fbe00dfdffeb722a90a2a6e78b56fa092bca0eb8a57e9784bedb38403903eaa0948c0611d30f8e2823daf14abd13207cc18f420d8ed21a29c53ee3c821ebefdddec8dd7e80bad1cca1acd2dfce368b6d3d87830517f5c06959ed3d9402664cf167998b3cf784c4787733f5d644e79b670952fb33b6be1f84ce73bd863b87d506dbd517dc247b1d54b6325bdf0f8cc026bb2c7aa64541e8e37c98cb17d5a7bbfe731994f780bcd91f5a7327d849bc718d3b669bde81bce23c0a516684b771dc961273a7e32917231a2b15a0554b3bc631efad8a807f8e8c910e788b59af76f28eddf3261856c2cad8330a0420b757872075201fd7e0a94761ffa10a26da432389e778ffd7d402cbcaed958f979a57fd82efc290d7540e7eff753606c663c046be13526e0a37faf74d9fb2f4518840a67fe687a7616ad6987764d43cde4c295cc7c8720c642e72a6cb821b020385310af2cfc941131718d50c9f53ee807ba969db68a97bef3ebdc0c18c74b9ea64d91d408ca446d6ccf14c24f6153794721752f74ba44f575a1d66f002c49f18f7b35428f1bac27f758872c5624caa0ed3b76ca43a5907153dc0305c608f1498eff49fcae7b775cb1db295b40f59c0d47f18a2a5b2449c8e7a7f042cf6e38b956a9893d6e43b1a9e95c90a1c08326ddb6cf1beac903717d8c2b89be82a2db9f4a42eb6b43368988345689a7ec76c2da4865caff776ed09cc51e6c3343b6d39b1cf318e0d5c251e3c741e384b971b3901ab57b35bd6d517aae1935ddce6296e60109f43f78b3e3d8cc203992015feda1d8036748e1bfa2ccdb7c2939bc4221944974d01d6a31dd1bbf6a6b9b17decedd550f2a8f6d2cdc7410e893375bf363b69d765a285a57762216dd6428f9cc4b4e2fe4f89b1cc92c629e64b29700fe75fe4a7929424769db1de2974473c2ef68cb104e79132e1cf29432a57552472451c78455f14aa3bcd6e2f0afe298a399e23270f3ce6075472e46d5fd22b0cf7f53005bc0a8fbc08bd88533c9a73d290b469b71d4f9f6fbc0c174f19b31dc05e54117d583d2879d90add5d2abbac1880f5459f9c501d39cdc85019401e87f4f1ff44675107e9db6e02bb8b894422cd95a1e1e133abd7a070f4184753973853613760743d618992f9515597297e345c5571731de7031e21faa156944f9cebcc2a2a2f81750766e9be2bc21d66ff24933cda48e387bac6e94f92f5a5beb261a7570d74782d5e7588c963a52b5f8d88b8abb60c9f3a1e23c5d803819a1c5523d23291164d33a4c1303e046a5c9682f1d050d03fc94720fa11f21fda510c32e2406c0f63e47860d59811af2a8d53b7acacecdbcfb60ee38897f02c7d72abab49a16e9c0711122f89a22d1f01db605804d270938a86973fdd517a7178912a8e7b9cc78c88700cf862e524c4d152d2d0201b1d5b080c97a58e25843c1b04e143937dcbd5d2875eb2c3b38003bd9c200a81367a9d6129a121375c89c782cbdb9b92ae006db33085df12dd65ec1e19ca013a284fc5666e8a0f66173c9dc7519a83349c0cea1ba33847ceb5ee150eddc6c7e823f43a336ff06690182515c8230e6ddf69c3e70e08c2900f1fdfe0ba4c6dd10e96cead6a7ed21a261d2e8e15bf041590439db57539d10cae9683a822dd2a6631abe3941a86b05d815ce91fdb0d7a783ef8870a81bda624f65b049b16ad2ec373e0d9af75132ab3cabd0dc424c004b5e90a732f6b6c7ac3c676e779de4a0561c52ffc880c170872143144b133886912263e56b7dfb97d23f0e2491ba46a5053c1a5e42cb0fac52970a834496f1d10310f3b0946e531aacacc9d526a337f77c5a0e35fe6d2ca8c9eb87fce0fcfb659a86dbdc0fe6ff1de1ae8549c29274ec7e2daac612e2e0194974c6b0a9e65e724a76e54d3ebede753cf9f027759c79529eaac74ba94ef0da27cbf2fbdc7f06cd08243716826f7c901e257c3b40cb6392726a523010c4a7f4023043c715973a39db3683804f309bfe045280d204ca000505aa9efe079819f63f08e23adea81e0f8fc73a8ab1827476509410917b0091aa0702dedaae8b1e8bb1aad23b97a23d010c3fec37e625820d9375304cb318a0cd3865ff56f96f19dfd9110fa1ba8ba17bdf992c5aebf165053ce2e2245af1dda0b6af2770e968116ea6735e2f2136ca09d42a43da54801395b9ac182475ec6b2c4ccddec16d8fce4252352bcb9dfdcef2ab1770f8f6707f4ea1630d58edfdb200e5e8ade514b750721ab7c52c614ba51cd437fa238ebae3b09f78c712febe138c754b27bafdbe8859ce1e5133e825ea8d8bd68684a8d2c4db066203f336b54207761b8ce0ed940a8ea494ed18b46c891c4b9c4b580c44cc04e53007a289f734db4d7dbb80d7b5183cf466c549af7ae3a9394e6b6c9fc2cb9e732a66c38acc858a8e12077d2de8827adf521661edfd317887fd9f1d4b8f17478ca2a7d1463c681a12f6abd70d8d12a3aff448182e0e08e1263d9edbad4d0c29aac3794a24e85d47defa58659b945d6add52b074220bc88423a5379819044274be0c23a7e08c08b7411337ddd2a6b3bed2647cf467c2edb78add7410b723577b7eb9a3a368829d250ffd173978b7e0066fe577586c2584442349cd1962104e22b128db56e7a7f1ab59ee963cee9e463647aafb0ba9ef90169c69fcbb2851d8340597f478d7201c67e8990b85f1d47a8dc78d5fe4ef321bdd8d52f79bc7ecb2ec3c29ddb0ab2859074af6635e3bec5e1679ace0b088e76a7f5232cbf93eb52b5435e58d3ae528cc8253009914bb8f9cf26966264243909a8dafc62989eda979a0a05b8e562d518fa3e2d92eafe1f2831a77d06abd69817644519576fb07a88c17f52fc74de32f140d8cc53ba673c7434c328cfd58f343f8ed0f19840ae80f0aaefeede42b74b4b5d0870280e6233890f41e9147bb4a1d8d15f62e4a1d0254b3463402b1300c078f251c8a336e80d003318d8e5b5e2e0afd7dbe3b57022adebc1de85209d24949c63af34bbab681747ef5960f58fd8db1b0c6d59cc9eabd023400e260cf71f8151bdce47b2a694bf7932b6a30639275a612c77f589101f571221bf0d4e64ce2a23301c53a380c53175fcca302563efb50452d3f4419f1f81e9dfd8e40bede6f9c73dfcb79edc8b8c60ffa738718765fd0b65859da8542e67f6ba3556d595cf8859810a83ca6161ef8381d348d7342c3b66edb402e323af4aef6684a7f72f3b49e5dc3c20c154db11fe4807dbb7876c7c7d84e5cf831da693e65b7769950872578ce87ff1696b2f26a8ae900154fd129a62c3dce2620cb753a7f1c96c6628df7b338a00ba20557ab15f8623b7c1bdf3f15e9b662bb65e1bb8dfaadf407d97f468b51dc7817a1f3978848996f99c62bdd12ceeadf2be3d4bbc3e83c01bab738899568f1d90c799b9170c107645f543633e5cca5ba598ce28da37312e50dd3cc1413cb21c596920ab8d5779200682d527267e6564a93549b1ca13a10f57e593de6edfb9e1cd68108903f54e5a78a4c68cdffb31048c735161991fa149268fff0967c379ef1645f7716610c3230b452488f13632563a0d86d02d0e47546123d1e6b1dbeb8d1a38c1a7331a270142a30fbdb1e1daff58d065403dc731a650bf65e9f94492c4ff60ced6a0631cf1d9ddc9318bf067d4d28a0845b6b0b2b448f6c7d22b8490e17fcd602bdf954f7ec0183cb0f6df78935829d0c00372dee9102c9ff0f5423767b9d62d9a8ffd92d3af25fccc23e7961f5fd218903a136478754c53adf93e355ed5f12060c4bb707cd4875015617ab5f1f232a7cf044b7f50a1590613ec30be930edc70cb391d400a1406b02d612918a5c1d99bce875f260e40a3b779b38a1daa1054ad50f9a96d0204d7ce7ee96b3d03ae5c13e0ac53f374676fb457de8dc978c7331810dadbc6444f5fa7596a943b7f7836654e8387cfd07170134eac21428609bac2b85619d87789c51396fb04afefdea95848cc55054b0d3099f974ffee828e255be1a13d7e6a17e81562e55eca306d438f36cd5a9863c76f9d519b0d0afbaf33ebf7c948840b9b8d130339193893c4937cab0b3619f775ff538696c30b9964bd04e2be4b8aaa90a7891c6e8a2806ead78cb170db650c68a7a844590c578788caf13f48d8b375dd725eee00bd0b17b0d2a87418c684ece2fd66db58eb7b601257ad692e8a6f27125f5cf77287a6da495ce839aad3fc9077abfb28e28ef09a1fd103045310e62faaa36198a6a22810585d90599f8d7988ad786057d57888cddb48152afcbcca3979bad2f2a498e96f11855be2481bfa17218c10f8962ca094d898e1f2a60cb7d663569739cd1195fbcb436c9cdbf729206d1d937276b4e67d47ef325c3e1abf7defd3bd69f4b5f47b05ef86f501527694fa16f17d266f4de07654c4e547908da3b8ebf89e87cd633509261418f6009cf53f6d73d4df249642dc9b65e1d7623f6c9a75ad057871b26479c9fd42b9fff1eb59f6817251014f1777a9be2d249dcd3eea21e92444c0e13a019100b7effb9d0c6c95448a72a1ae7ad520fe8809683545052fbe5dbad18ed399e317a0dbfd738f53b2405239b9ef60b076f768274da79bb674782f10789e506c38713d27c7996b6bfe516ac6dbf0fe1188ce65150ffa4e000d9dc1c28b7a8b00830719666c1d6b927fdebf23533be84b8250850f98160e2de1a97221aec2726e64677951dc1af88a1ad05ab3dabbb6407894663648f92e082b8c8cedb3c894c95bdfeea0218f16ed942b9bf7be2ecbae1df061c0d7a6c5f491605c1161deb626eba3587d17610f13cc3aa4bfda536cffcbee7a22de7826ba43047ed98f0474fc24d42246dcad449d346f21f557043099c5bbae70286a09c37f6976d11b31ac6af6e07b87bcf1949e777374314fbc807dfd88c9f0740728898fa88d93ab45731e41cc09ce235fbb4458a65510c67ae3909ed5d5fc56980436dccebedc51b0ca383d2868438c5a10435ec8d13b67f0171b6d67ba15db4d66ddcaec6227d1e3b1d0c9fcd72b99fced4b76e8f6bd4dfb8cd2adec2593d5933fcaff774136da3d754523bbfb68fc388dba190a8bf11238e2536178ba9a480bb5abeba376fcebeb1403e0d223e3afc1a6a6688352056671a3ecde86cc9b7a6b08c1c096c024e12d40410a00487dcafed8520599f678b1f6b74f08ee595534fdd455baf5f7b6400", "06c68ba615bfee5345dc58b23cffc5c643e81123cf65a8d185a9e53e7f9d20a2020cabd00e6cd5420c4fc8fe61efbb8012fec281c1550aa7087060b41a484b5b682068eca9d6936960d6477a239fe120e7433936c058ffa20f15e2ed6c32ae4bd9de18fd5fe31f20ab85f2fb01b792873e66a5cf610bb34322c830d921ca201a82c1557b5a2d7ba0c22555f03c65cc8d2df42064f60eef20d09c493c84c11857ffa5eb8130764e6e21b41a0fb263aedfc3c9be3390087ef0222481b049f72a52ad49e908223a367b40d567a52fde9fc9cc245e733edfdd1b4442a55ed7fe18226e3f7fd28b8d5fd88907fca2350c968c2918f0fe093c91cba0b87bb954b34552bb6823025602d77ef2605b9d2720c269744d29ef36a79f700c0eab33eec64c5b8341d3143cc0d382133e6961216b5802820929b94a7bcb1f581110df1b4c52293b478694f8d147476bb3bc5e5a5018481950c395d42b423899a7c4e06b6befa46e2a67a70194a2d2e80234385db03c4ba693c61b84ff80571643f204ae1c7d42f5461f209f7b559bbb5a0c45d5ead100f30f615dbbccb6139a4afe8fa59496b1aaed900299f1c335ab35ee56a333fa22455c05b1ebb1b9bc3b0ca1e02abe0732b24a4ef6f9310db4dcaf37382f4a69e02829eb46bcf9a8132906f7e5c46afbac699a9618130cb39489d3ae793d8fcc43013198bc2cbe8a0fcffd1b69450d61e9c8e9ce80c19218335c48788ddde3d97c694611c783125d96392ad0295bd9600076978c64ec511106f9422e019b08041a43ef0b8abaec4cef8b8041b773f57068a3869005683700ec78f8799cfe86c143b821ddd9e4d517a2f6ca2e21bbbc3b1f0ea5f6d855c37f8814f15a00df3031328c804e360ca966287cce40b4d57e533e575263d48759428ca6df4154f4699d8f41b8c8e076aa225e0c1c0f278e21463a205bfc0a334f3516eae2c5222f87b57ef5e424505b9993d24a8d225b89517ed3015d5a64950bd265412d07a397bd454698571ab002ac752f7d0c8959025065eba27ea44574379a6a387ef7344a90f828a08afe8c27032c8431d30f323b56e7cbe9edb3c9327a2cabc3ea0dceccf4ec25b2861d5f8940823b57def9c184083586c6534f3402ba8d9d6ba1cfff07fba22d24d40bca43c96c56489ea10500b32b7359c2c296181ac4d5f7872377c40a819a8093859a42fa02a0a4f4b2ce4f44d87cabdb2433dcbc530a03516856417d25b06c38952c80f5348c96bf2549c72c8bb4735f958bf7e02c7a67e530611f2d80d547810bae4f52799a9eb6be5da14693d9d7c84dc0b2bef18e11c87a6977a669608ae4f1d1367687cfbeaec2308d1f2b24a95d8b25e4fe6c7cd47fc5800cc59c2467c778de641662e9a83431b5c014ff3a8cb777b92b5847318a8a525e44d45058fb03db60112a4b35b4370e9cc8e142a216308d987eea38d7b91f29b26535792c28ee9e9f7beb3668b765ca388cd3269f6f017d169196f55eea8f16280ceee95eafb1990b2eaacdb6a36386936a02a70cc8baed1ed7f75df629f618de95ccf62ca5f27fef54a22a94d313f1688526f34a834f14472c5a2d5fe91d828fb228c142c3bda3a7463a528d34d37ac32fa27e9b47f89d817d91fb2dcec4c1c051cc46cfa47ee94f7843cfb8faa99da3569095245cd88674e5503ff2921852bde363894bfab4a13195c960e75940ea3625b3c6780580bc4694b5fe9bc118afa261bf51b8a5f79397cf4b27e84a15339bfe5f04f477ca9b0038a6a309c9ea89261e5da441f35598ee644eb7544d99b1e07f8a0e71b4f70e0faf47413518795a3d247e5f37863a80e83111bc8265dc7ab304e3097a8a825334ab4e507895be0862f5d219bff68ab180c307c6726b74e9197972da8bdc53f70e43c91406349b97d124622b4896c7471421047c8eca382953347c98df1959bcb269814ded7ee1e1bd5d724ba5d0a1af9d87ae96853de2de0798e7ae879513f2a561d3d7be2e04d382bfd2d0a27052c3e14aeae844cb6fcac2737d3f9f916715026a3d19c7401d2162add82a16b8e172c96ee8f0e4e645e7a201bcdf34271ee87eede9d36439c1962bb44b6433b19bad3c3bc841955be66176ceec74c5173a838a77fcc58ece7a7653c87f344c758278eb53b24142bf87472a6cb1367b0940154aac55dcc81dc8032987e9ea9856a5c844853616ffe3daaae85d50a20994126065e79e8e91022a5c8678a10870410361b74a0e37f9acc773c876f50da6776d43dcd80b3850fcbdd22deecacad58fb8b408388efec93d42385fb266044178235fc5fe59dc35aef3eb8e89ada9c0ceb8f9379d9fe9045248196e918411bba64eb740337c0c8015540bebf581465d382f1e214f2f8a7b21b4983d8567de985d5e709ad9a8e0113be44e5f8f6aa9e592115669a494d1eddb3186a688a122ad66cc289e249c47d90168d499cac3fea3f2cac52eb840760837b485c6ce32e6ab2c4e1d2bce37f5105a1da6b34215bc19440189fbce47b4bf386c1ecde35ea39024fcf75e3b92a4d45a12452b8df5fd302faa71ab130d3d350907ff28dc4d62f01912eb5cfa84d2d818937d0ba7af08470128a92fb10e86d8a636c65be67c967f3bdd039a5eed1700e335ed92261b3600fb0f5ba72a8f5f86eaad9d51b8fc3c7fcc9ec7645079c4164398805cde129e8b7bf90c91d7bbdc411228a7f0729228344321eca485ee187fc25bab0f40ab43074558ce7b48f9ef77f5fe6e845dcf0d23b12f3d61ea6435bf16b886bc9fb0af755fa472929f5536aa4a643783dc2749c33e4ec3c0ebf1824fcebceee319d346f34f1569b04dba2284bbe06f6c81794a94b6e470260290fea50c0a3645989ed557feef306815b67bc18025df1a3182b44d805903f438e70ff4dd59cecca60e755b7297c665462c768a1942b447e76d2a244e17295e94e77176f79f32b4734081138cc64f27243c1a2ebe7a094bf81b74208184b3212b769d55531d898eda1ac80c02b4c9564c9f2fd7882b605a445c963f40115908fd07587c4feed6253ba295922495e24d9a6779a8f1ed80ddac801b329ddb5ff32f654cde6c6faf1f917a036937a5d936b2bde8c547362322044d51ba758834a786814aec35c72c5c4f28a49cdb663876f0e82e73024f183823a4f12898bf6a71ec7b8be59e36f2c03186e8187b37856060d4f5d598e72b80672b8eed4206569c2d593b37d9c6cb64eec7d783c3d506c0568c0b205aa548bcac773732b56f8a0910f6c8b6a5cf846e84db67465ed7c3a88909d5ea256300566dc8bcdb279a36eb028e0577f3eedc7f0ae6111cef1445e29f0bf0a92b7c6601e75aecad62a9f21e5e1a4d744b652d4c60b434b9220b7f8169df36d5c172ea6ded7eabed08f91305e9f0748ae9cd56ed50418dc6eab2bc6d153a3d61834f16b3739d93afa510f2ddd26d3f913b6ef9278cb4c81c5b470b1002b63ef31432ca969c27fa3f463b3f3824cabeccfb35c8493d3b4d4dcad1305f37e607359ad219e4598ba7713aa3ca89f0b4ff710b83acf64ac1306d21a450422cc8bc9d0e4526655359ba2c3967dc0b4f7853b83043f66b2bab33d34510829e951cd13036474b2934fbea89b30137f0258b4c22d9e061e76c5cec96d72801295e47a1121bdd526196ce9ea6942197ae990c59a3a71447192ab4bc0bf0904b83a52413c157625a5df9547bc7015f3b48729eb1fcb462c1fe9fbcb2ea9d921107d5dadbce9a2a7f5fce1502b5132500b86978d4132e903f907c62d91d85cf5f5a315f7b8dcd9e143e5b7a66dcdd1411515586b13401b6038af4f4b01f76f438171aec9bfd0b45baf14301d54aa00e6936869f0c92109ec1a5b06433fdf40f928cd754a146f75b8f0da6d47a8e5e24d92e678f63572371f85486ee1dcc071df165f0695df15f8b60587765f4cd49819880a779a7290cbd65b8df57c3f2d1139e8fc8383d9aee5466fbb97d66a85c7ab7091fe00806f862a39a51d998c6efec7727d953fe4e72f218858c5e848456429aeda5e92c40480d9e84e87ee61ade1a82f8838fe1f28bd294af45b9a2fe12462c78dde15bec8723c74825d0d83e9d071f91d57ebe0ba2fc1e6e75d6ef6859289b22fe9d90819d1e99043a365c608dd6ce89c23f62f9772fe6ad59383e01b8bbba61e836d66e7ba91e1e246c9755f023f6b05c452fdcb167b7ebe5e0a113c8681397316761e66239911ba677baf7552090d316bd75cd05fb0caf235c523cf607157b7d4cde8b144d49df4f339a65411a92ee68a4f1e7a63a246bf11a9dc2ddf9fbc3d22ffb986059b3ed0d3f82501554919b37e66cbb5bd75401dfda96092d114bc259860438cfb79ea33607ca30798ddaefef2715a3d91146fc26f94bd269ba7567dcd9c50ad11ee96347bccba629a784c7b662873a866f73f1dda2aa2082ba26d270d6471236823dc05b788de80f94e5c294af129133d34cfb44105a8b40d4f8441c21a098eb04e48bca616dc6915b52fa6a9fb0ab5eef802fd3d8dcf182258567951be20a0ebf49116216432e91033f6085fbf72ed1d60717739f3499b52b6b684e0d42e33f736657a898cb3fa5da70e8710d35fb11e2996031a82cce1d55d8fa4bead1a35e458b8811fd7ad70c566146daf8d9ac29288ca45ab50f7779526be7741ad9f39daac4195fa13914b7151115b06d2d07dd1a4af6efe38a225f7f8b183a43797d5a1d7c046613d78b19bf9d2316fbcdfc935fc54477b095295553bb417e527e3814d165cdeb43c552f05b1f66d13aca2496327760c93b8a1427c2272c405d8b94f8eb275249a0947c332049ee0bad7136669c7df63dc120ea62c79d04a39db50af4d76e9dd5dcd74a77b8fcd1981b6f138a048970e94fe6c4082b49f7e397e0f9b9fc7368aebaf3ba0c051d08f6770e6ddca26f8eca04155575be7b1c41e1e87f52981f2de74bded1a1d5bc41e60d19e4e05de1db2e9700256741fd6e86028fd21aaae7d3978d09baa4ebdf9a39aee448d344f2e5c050fe3293c6b74a7cb16755554747b010f10bff9b6f02c82da4f78b5b5596aafa01b5027ccaad437c125390416f36f16eaadadf42ef52a1d5af117e7866cc9f61b950ce922e3a1a6ff586e14add3e14781116d643e74124e570392572393c56e78906a24cec1ef196ccd22a7e492084a04b8ca069b95d5e12ad19e76b4ced072ce0aac28d7fe3a3750fe541ed053fb3fe08f29a773cb68d2cb8418f1b3bd4949720ae4104ed20d9aa5d2541317367d02db5f60f6b8df2ff596bd166692cee510b59da757532d88ddf3e8944f01a63ca0657ed24ea5b8110cb53731c539e94633e41d71fa59919d96287a505e8c4e9ac3d9b5e9180b93b670e37aeeec29bdabaac747f8bdf2a5275b61cb8f2081c5655fb047e9036d2273d4674e0382c5d5ebb50448ac02b07d851d66f8836fec1ac3e42c5405adcecb31f50b20e6573dad067999b78f7351bea9e8ca6536fc304eede9cdb905c24f475141349a1b00ad68198ca88898f29afcfb63ebf63d7d037529cf8219dbdb85d01cf5fc3d4b045c9400f672a6deb1ff4d197a28b2a7304e751541a046bc4812ba2fa9e430c79a0b34ab764933148ed337d34dfabf055608109bfd85c739f9c2353f1137582bc73a8d4310cb8ca1dd192b9335ce4ffca52907f37f29fd50e96be21e33b5074f0e16d11a08b274150eb876024ae815e67f3c13c6a3f158c4fd7a26bb2f5d19a2f097235d2fc235f67bdc9b11ffeef3168eb360388749f2f8b91fc3249edc58a959577aa205a105af4"}})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000001"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r8, &(0x7f0000000d40), 0x0}, 0x20)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)
r10 = fanotify_init(0xf00, 0x0)
fanotify_mark(r10, 0x2, 0x8000000, r2, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0x40}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r11, &(0x7f0000000180), &(0x7f0000000000)=@udp6, 0x1}, 0x20)

1m35.829550704s ago: executing program 0 (id=9632):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x31, 0x0, &(0x7f0000000100))
setsockopt$packet_int(r0, 0x107, 0x11, &(0x7f0000000080)=0x1, 0x4)
sendfile(0xffffffffffffffff, r0, 0x0, 0x7)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, 0x0)
close_range(r0, r0, 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000040)={[0x80000000004, 0x2, 0x80, 0x25, 0x20000004, 0x7f, 0x44233, 0x0, 0x81, 0x4, 0x8001, 0x1005, 0xc, 0x4db6, 0x0, 0xfffffdfffffffffd], 0xf000, 0x80b00})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
setsockopt$MRT_DEL_MFC(0xffffffffffffffff, 0x0, 0xcd, &(0x7f0000000140)={@empty, @local, 0xffffffffffffffff, "d78492867d04b169ae98201565a3b5b87981e783dd34b07e187cda707a584ede", 0x1, 0xffffff87, 0x48cb, 0x78}, 0x3c)
syz_usb_connect(0x3, 0x8d, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r6=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}})
write$P9_RVERSION(r8, &(0x7f0000000000)=ANY=[@ANYBLOB="150001006bffff"], 0x15)
close(0x3)

1m19.752516712s ago: executing program 33 (id=9632):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x31, 0x0, &(0x7f0000000100))
setsockopt$packet_int(r0, 0x107, 0x11, &(0x7f0000000080)=0x1, 0x4)
sendfile(0xffffffffffffffff, r0, 0x0, 0x7)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, 0x0)
close_range(r0, r0, 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000040)={[0x80000000004, 0x2, 0x80, 0x25, 0x20000004, 0x7f, 0x44233, 0x0, 0x81, 0x4, 0x8001, 0x1005, 0xc, 0x4db6, 0x0, 0xfffffdfffffffffd], 0xf000, 0x80b00})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
setsockopt$MRT_DEL_MFC(0xffffffffffffffff, 0x0, 0xcd, &(0x7f0000000140)={@empty, @local, 0xffffffffffffffff, "d78492867d04b169ae98201565a3b5b87981e783dd34b07e187cda707a584ede", 0x1, 0xffffff87, 0x48cb, 0x78}, 0x3c)
syz_usb_connect(0x3, 0x8d, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r6=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r6}})
write$P9_RVERSION(r8, &(0x7f0000000000)=ANY=[@ANYBLOB="150001006bffff"], 0x15)
close(0x3)

54.619587254s ago: executing program 1 (id=10031):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x34, 0x0, &(0x7f0000000140)={0x0, 0xa, 0x1, 0xc7}, 0x0, 0x0, 0x0, 0x0}) (async)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000005c00), r0)
sendmsg$IEEE802154_SET_MACPARAMS(r0, &(0x7f0000005d00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005c40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fedbdf25230080000a0001007770616e30000000"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x48cc) (async)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYBLOB="04002bbd7000fbdbdf25"], 0x30}, 0x1, 0x0, 0x0, 0x4044051}, 0x40001) (async, rerun: 64)
io_uring_setup(0x7109, &(0x7f0000000080)={0x0, 0xfaa2, 0x10, 0x3, 0x10a}) (async, rerun: 64)
r2 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe) (async)
r3 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r3}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}})

54.009675804s ago: executing program 1 (id=10052):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000110000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100"], 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0xfcff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)

53.92521777s ago: executing program 1 (id=10055):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, &(0x7f0000000700)=ANY=[@ANYBLOB="56c78e3c733d76697274676f2c6e6f65bc33dbde548d51f5638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000300)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000040), 0x20, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c2)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f00000000c0)={0xc000003, 0xb99, &(0x7f0000005440)=[0x1b27, 0x2a, 0xff, 0x4, 0xe7, 0x40, 0x3, 0x0, 0x3, 0x26a4, 0x8001, 0x7d1a, 0x8, 0x6, 0x6, 0x5ec2, 0x7f, 0xc, 0x4, 0x2, 0x0, 0x80000000, 0x3, 0x9, 0x8, 0x7, 0x0, 0x0, 0x242bc054, 0x8000, 0x2, 0x7, 0xffff80f4, 0x6, 0x1, 0x1, 0xb8, 0x6, 0x8da, 0x6, 0xa, 0x6, 0xe1, 0xe7c, 0x64b2, 0xdc9, 0x2, 0x7fffffff, 0x6, 0xe151, 0x5, 0x9, 0x7, 0x1000, 0x80, 0x9, 0x0, 0x8, 0x2, 0x6, 0x8, 0x8, 0x9, 0xffffffff, 0xffffffff, 0x59f10000, 0x1ff, 0x9, 0x3, 0x1, 0x2c, 0x6e, 0xffff, 0xe, 0x10, 0x7, 0x2, 0x4dec, 0xb5c8, 0x8000, 0x77, 0x80000000, 0x400, 0x3, 0x200, 0x1200000, 0x0, 0x8, 0x0, 0x7, 0x8, 0x4, 0x80, 0x1, 0x7, 0x5, 0xffff, 0x4, 0x9, 0x80000001, 0xa0000000, 0x9, 0xe5, 0x2, 0x401, 0xb, 0x7, 0x8, 0x54318d2e, 0x6, 0x4, 0xffffffff, 0x7e33, 0xff, 0x200, 0x0, 0x3, 0x8, 0x9, 0x4, 0x1, 0x6, 0x307d, 0x7, 0x7fff, 0x7db, 0x9, 0xfffffff7, 0x1, 0xf, 0x3, 0x8, 0x9, 0xffffffff, 0x6, 0x7, 0x7, 0x5c, 0x7, 0x81, 0x10000, 0x2, 0xa0, 0xe, 0x8, 0xb, 0x8, 0x8000, 0x10, 0x439, 0x9, 0x3, 0x2, 0x3ff, 0x9, 0x7, 0x8001, 0x80000001, 0x1391, 0x1, 0x6, 0x2, 0x8, 0x3, 0x0, 0x6, 0x0, 0x1, 0x77bf, 0x8, 0x6, 0x6, 0x41b, 0x9, 0x8, 0xec69, 0x200, 0xc, 0x3, 0x4, 0x5, 0x6, 0x8, 0x100, 0x0, 0x10000, 0x0, 0xe, 0xba7, 0xffffff81, 0xa, 0x7, 0x3, 0x9000, 0xd88, 0x4, 0xc, 0x0, 0x100, 0x5, 0x5, 0x0, 0x9, 0x684, 0x4, 0x66c64a25, 0xffffffff, 0x864, 0x4, 0x0, 0x0, 0xffe00000, 0xfffffffc, 0xfff, 0xa, 0xdbe, 0x8, 0x401, 0x2, 0x7, 0x5, 0x7, 0x2, 0x5, 0x0, 0x1000, 0x0, 0xfff, 0x0, 0x3, 0xfffffffa, 0x9, 0x1cb4, 0xfffffe00, 0x8, 0x101, 0x185, 0x8c5, 0xc, 0x0, 0x800, 0x8, 0x6, 0xe, 0x0, 0x80000000, 0x9c, 0x7, 0x4, 0x6, 0x8, 0x2, 0x9, 0x6, 0x9, 0xffe000, 0x1ff, 0x9f, 0x3, 0xe, 0x18000, 0x0, 0x6, 0xffffffff, 0x1, 0x5, 0x18, 0x5, 0x3, 0x8, 0x5, 0x7, 0x3ff, 0xfffff834, 0xfffffffb, 0x80000001, 0x401, 0x210e, 0x10, 0x800, 0x9, 0x0, 0x8366, 0x81a, 0x5, 0x7, 0xffff8c87, 0xffffff8c, 0x9, 0xe, 0x6, 0x5, 0x7, 0x1, 0x0, 0x736, 0xf, 0xfff, 0xb, 0x8, 0x7, 0x9ca0, 0x8d, 0x8, 0x9, 0x7f, 0x0, 0x6, 0x4, 0x7, 0xffffffe5, 0x2, 0x2, 0x503, 0x7, 0x1, 0x4f9d, 0x401, 0x400, 0x2, 0x101, 0x1, 0x6, 0x8, 0x7f, 0xdf, 0xffffffff, 0x2, 0x5c, 0x5, 0x7, 0x5bc, 0x2, 0x4, 0x10000, 0x7, 0x60, 0x4, 0xfffffffe, 0x7, 0xfffffff4, 0x0, 0xb, 0xffffff1a, 0x7, 0x4, 0x1a, 0x445c, 0x0, 0x1, 0x97, 0x3800000, 0x6, 0x200, 0x2, 0x100, 0xcd44, 0x5, 0xff, 0x81, 0x7fffffff, 0x6, 0x1, 0xe, 0x8a1, 0x0, 0x4, 0x0, 0x7fffffff, 0x2, 0x2, 0x5, 0xa, 0x6, 0x3, 0x1, 0x4, 0x1, 0x8, 0x1, 0x4, 0x0, 0x97, 0xc22, 0x2, 0x7, 0xffffffff, 0x27b4fc3c, 0x5, 0x5, 0x4, 0x8d3, 0x3, 0x0, 0x10, 0x101, 0x51, 0x3e, 0x2, 0x20, 0x2a2, 0x5, 0xffff, 0x101, 0x100, 0xcbd, 0x0, 0x8, 0xffff, 0x1000, 0x1ff, 0xfffffff8, 0x9b22, 0xfffffffe, 0x8, 0x2, 0x1, 0x0, 0x1, 0xe484, 0x2, 0x40, 0x43700, 0x40, 0x8, 0xf, 0x45, 0x33, 0x1, 0x0, 0x2ef83ab4, 0x2, 0x40, 0x3, 0x1, 0x80000001, 0x9, 0x3, 0x400, 0x2, 0x3, 0x5, 0x0, 0x3, 0x5, 0x10000, 0xfffffffc, 0x1000, 0x0, 0x0, 0xaa5f, 0xff, 0x6, 0x80000000, 0x7, 0x1, 0x5a9, 0xffff04ee, 0x7, 0x7fff, 0xf, 0x5, 0x6, 0x9, 0x800, 0xf, 0x800, 0x8, 0x6, 0xfe2, 0x10, 0x5, 0xb5, 0x78e6, 0x1, 0x3, 0x6, 0x8, 0x1, 0x7, 0x4, 0x0, 0x3b1, 0xf68, 0xff, 0x81, 0xa, 0x80000000, 0x523dcc8f, 0x1, 0x5, 0x7, 0x800, 0x1, 0x1, 0x7, 0x7, 0x8, 0x1, 0x7, 0x3, 0x3, 0xfffffffe, 0x7, 0x6, 0x1, 0x9, 0x2, 0x80000000, 0x7ff, 0x7, 0x6, 0x7, 0x4, 0x8, 0x0, 0x6, 0x81, 0x9, 0x83, 0x8, 0x8, 0xe, 0x2, 0xf, 0x2, 0x8, 0x10001, 0xfffffff8, 0xe0, 0x7, 0x25, 0x400, 0x4, 0x3d36, 0x9, 0x3, 0x5, 0xfffffffc, 0x9, 0x9, 0x7, 0x2, 0x1, 0x100, 0x0, 0x10, 0xaa2, 0xc17c, 0x3, 0x429, 0x9, 0x92, 0x6, 0x8, 0x8000, 0x3, 0xfffffffe, 0x5, 0x8100, 0x2, 0x401, 0xfffffff8, 0x80, 0xffff, 0xf3ba, 0x3, 0x0, 0xff, 0x120000, 0x4, 0x80000001, 0x0, 0x3, 0x6, 0x4, 0x1000, 0xfd, 0x5, 0x1, 0x1ff, 0x80000001, 0xfffffffa, 0x5, 0xb, 0x4, 0x9c, 0x9, 0x40, 0x7, 0x80, 0x1, 0x7, 0x3ff, 0xa83, 0x4, 0x8, 0x4, 0x1, 0x7272122d, 0x3, 0x7fff, 0x7, 0x3, 0x98, 0x800, 0x1000, 0xd, 0x0, 0x9, 0x1, 0xffff, 0x2, 0x4, 0x7f, 0x4, 0x800, 0x1, 0x5, 0x5, 0x2, 0x693, 0x9, 0x9, 0x82b, 0x7, 0x954, 0x2, 0x5, 0x5, 0x10, 0xf430, 0x2, 0x9, 0x200, 0x3, 0x5, 0xf1b3, 0x6, 0xd9, 0x8001, 0xd, 0x10001, 0xc1, 0x7, 0x1, 0x7, 0x40, 0xd7aa, 0x0, 0x7, 0x2, 0x0, 0x9, 0x0, 0xe, 0x32bdd93c, 0x5, 0x9, 0xc1, 0xb8, 0xc, 0x7fffffff, 0x200, 0xfffffffc, 0x6, 0x2, 0x3, 0xc5e, 0x1, 0x122c, 0xfff, 0x100, 0x0, 0x9, 0x7, 0x5014, 0x4, 0x4, 0xddf, 0xc, 0x9, 0x3, 0x2, 0xe95, 0x0, 0x6, 0x1, 0xc, 0x7fff, 0x3, 0x2, 0x9, 0x400, 0xfffffe00, 0x80000000, 0x4, 0x0, 0x9d42, 0x4, 0x3, 0x68c, 0xac72, 0x0, 0x1, 0x3, 0x3, 0x0, 0x5, 0x0, 0x6, 0x3, 0x1, 0x6, 0x0, 0x8, 0xd, 0x7, 0xffffffff, 0xa6a1, 0x1000, 0xfe, 0x1, 0x200, 0xa269, 0x8, 0xd545, 0x3, 0x6, 0x8, 0x7, 0xd45, 0x9, 0x40000, 0x2, 0x1cb0, 0x8000, 0x4, 0x1, 0xf, 0xe, 0x7a1c0b2a, 0xffff6c48, 0xa, 0x5, 0x9, 0x3, 0xc96e, 0xffffffff, 0xff, 0xf6, 0x1000, 0x916, 0x4, 0x4, 0x1, 0x9, 0x7ff, 0x7b1, 0x6, 0x1, 0x0, 0x7, 0x5, 0x4, 0x7, 0x5, 0x6, 0x1, 0x0, 0xfffffffb, 0x7fff, 0x0, 0xf, 0x1, 0x0, 0x7, 0xd6, 0x5, 0x2, 0xfffffffa, 0xfffffeb9, 0x5, 0x7, 0x1, 0x772, 0x13, 0x7, 0x1, 0x4, 0x5, 0x7, 0x4, 0x5, 0x5, 0x5, 0x4, 0x3, 0xc02, 0x1000, 0x839, 0x9, 0x8000, 0x6, 0x5, 0x7ff, 0x6, 0x2, 0x4, 0x2, 0x9, 0x1, 0x5e64f2d9, 0xad63, 0x204, 0x5, 0x2, 0x3, 0x7, 0x6, 0x513d3be1, 0x39c, 0xfff, 0x40000, 0x1, 0x4, 0xe, 0x0, 0x9, 0x5, 0x9, 0x9, 0x83, 0x5, 0x7, 0x1, 0x8000, 0x1, 0x6b0, 0x9, 0x7, 0x5, 0x40, 0x8000, 0x1, 0x7, 0x3, 0x8, 0x7, 0x9, 0x1e2, 0x3, 0x1000, 0x1, 0x3, 0xfff, 0x1, 0x9, 0x6, 0x401, 0x7fffffff, 0x4, 0x1, 0xb, 0x9, 0x8000, 0x2cff, 0x6, 0x6, 0x5, 0x7, 0x7, 0x1c0b78ee, 0x5d6, 0x10001, 0x10001, 0xfffffff7, 0x5, 0x8, 0x7, 0x8, 0x2, 0xffffff80, 0x80, 0xf7, 0x1, 0x8, 0x10000, 0x80000001, 0xffffffff, 0x8, 0x0, 0x4, 0x2, 0x0, 0x1a7b, 0xfff, 0x8, 0x3, 0x8, 0x9, 0x101, 0xf, 0x6, 0x4, 0x80000001, 0x5, 0xd4, 0x0, 0x8, 0x3fff800, 0x800, 0xffffffff, 0x8, 0x9, 0x229, 0x4, 0x8000, 0x3, 0x5, 0x4, 0x8, 0xe22, 0x400, 0x5, 0x7, 0x6, 0x9, 0x7, 0x2e5, 0x6, 0x7, 0x9, 0x3, 0x1, 0xc5b, 0x10000, 0xc1a, 0x2, 0x6, 0x5, 0x3, 0x33, 0x0, 0x4, 0x7, 0x2, 0x8, 0x5, 0x1, 0x6, 0x10001, 0x9, 0x0, 0x9, 0x8, 0x6, 0x9, 0x3, 0x17600, 0x0, 0x5, 0x10001, 0x4, 0x0, 0x0, 0x6, 0xfffffffe, 0x5, 0x8001, 0x101, 0xfffffff9, 0xfff, 0xffff4306, 0x8, 0x3ff, 0x1ff, 0x1ff, 0x1, 0x4, 0x4, 0x5, 0xffffff62, 0x4, 0x2, 0x3ff, 0x7, 0x1, 0x5, 0x4, 0x8, 0x9, 0xfffffffc, 0x0, 0x3, 0xe74, 0x3, 0x1, 0x0, 0x4, 0x7, 0x9, 0x0, 0x1, 0x0, 0x2, 0x8, 0x8000, 0x3, 0x9, 0x4f, 0x63, 0xfffffffe, 0xe7b, 0x14, 0x2, 0x6, 0x3, 0x3acac487, 0x4, 0x3, 0xfffff71f, 0x100, 0x9, 0x7, 0x10001, 0x7, 0x8, 0x3, 0x3, 0x8f, 0x5, 0x8, 0x7fffffff, 0xdf6, 0x2, 0x8, 0x15, 0x8, 0x3, 0x3, 0xd, 0x6, 0x378, 0x4, 0xfffffff8, 0x6, 0x6, 0x4, 0x3c37, 0xb56, 0x8, 0x1e9b, 0x2, 0x5, 0x7, 0x6, 0x8, 0x7, 0xd2, 0xa, 0xacf, 0x6, 0x401, 0x63, 0x100, 0x2476, 0x1400, 0x400, 0x2, 0xd, 0x0, 0xabd0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1, 0x53, 0x8, 0x3, 0x7f, 0x2, 0x458f, 0x3, 0x4, 0x180000, 0xfff, 0xdd, 0x9, 0xffffffc0, 0xd5, 0xffff, 0x1ff, 0x9, 0x2, 0x3, 0x0, 0x1000, 0x80000000, 0x1, 0x7, 0x2563, 0x1, 0xa86, 0xd4, 0x3, 0x1, 0x2, 0xd204, 0x80000001, 0x1, 0x0, 0x0, 0x6fd, 0x3, 0x3, 0x7, 0x8, 0x9, 0x6, 0x9, 0x7, 0x1, 0x0, 0x7fffffff, 0x7, 0xcf000, 0xf6d, 0xfffffffa, 0x157, 0x8, 0x5, 0x2, 0x7fff, 0x165b, 0x3, 0xfffffff8, 0x4, 0x3, 0x9, 0x1000, 0x9, 0x1, 0x10000, 0x40, 0x7, 0xd4, 0x1, 0x80000001, 0xffff752a, 0x1, 0x4, 0x7, 0xfffffffd, 0x2, 0x0, 0x1, 0xa0c8, 0x6, 0x8000, 0x1, 0x8, 0x81, 0xa960, 0x10001, 0x1, 0x3aa3, 0x43f, 0x6, 0x800, 0x79, 0x5, 0x5, 0x3, 0x80000000, 0x101, 0x3, 0x3, 0xdf, 0x21a1, 0x9, 0x6971, 0x7, 0x80000001, 0x8001, 0x2, 0x2, 0x5, 0x1, 0x9, 0x0, 0x341a, 0x0, 0x8000, 0x8001, 0x8, 0xfffffff9, 0x3, 0x80000000, 0x8, 0x2, 0x4, 0x10001, 0x9, 0x7a16, 0x7ff, 0x9, 0x0, 0x7, 0x657, 0x9, 0x3, 0x400000, 0x7, 0x8, 0x2a, 0xfffffffa, 0x9, 0x47b, 0x3, 0x1, 0x3, 0x401, 0x0, 0x0, 0x2, 0x7fffffff, 0x7, 0xff, 0xb22, 0x4bad, 0x6, 0x0, 0xbd4c, 0xfffffff0, 0x8, 0xfffffffe, 0x101, 0x80, 0x7, 0x7f, 0xffff8000, 0x22d, 0x6, 0xffffffff, 0x1, 0x400, 0x4, 0x7fffffff, 0x9, 0x0, 0x200, 0xc42f, 0x7, 0x5, 0xc, 0x3, 0x3, 0x2, 0xffffff80, 0x31, 0x2, 0x7fff, 0x6c0, 0x8000, 0x1, 0x6, 0x3, 0xf3c, 0xfa2, 0x2, 0x3, 0x4, 0x4, 0x8, 0xc588, 0x4, 0xc, 0x1, 0x8001, 0x3, 0x80000000, 0x7fff, 0x800, 0x7f, 0x80, 0x5, 0xf, 0x7ff, 0x8, 0x4, 0x1, 0x1, 0x1, 0x5, 0x9, 0x9, 0x8, 0xff, 0x63c, 0xcc, 0x0, 0x680, 0xaf, 0xbd53, 0x10, 0x521160da, 0x9, 0x800, 0x4, 0x9, 0x4, 0x9, 0x4, 0x9, 0x2, 0x9, 0x5, 0x776a, 0xffffe85e, 0x3, 0x1f, 0xfffffffa, 0x9, 0x5, 0x7ff, 0x8, 0x4, 0x6, 0x1, 0xfffffff6, 0x4, 0x80000001, 0x200, 0xffff, 0x10, 0x9, 0x4, 0xfffffffd, 0xe7, 0x8, 0x401, 0x3, 0x7, 0x8d, 0x3, 0x4, 0x9, 0x4ce4, 0xffffffff, 0x100, 0xff, 0x9, 0xd, 0x3ff, 0x8, 0x2, 0xffff0001, 0x9, 0x7, 0xc, 0x3, 0x8, 0x9, 0x0, 0x6, 0x5, 0x5f, 0xff, 0x2, 0x7, 0xb99, 0x80, 0x4, 0xe48d, 0x1ff, 0x0, 0x6, 0x9, 0x0, 0xd141, 0x2, 0x7c, 0x4, 0x3, 0x1, 0x0, 0x8, 0x7fffffff, 0x80000000, 0xb1d, 0x8, 0x400, 0xfffffffe, 0x3, 0x3, 0x0, 0xf30f, 0x0, 0x9, 0x3, 0x8001, 0x1, 0x7, 0x4, 0xd3, 0x0, 0x5, 0x6, 0x9, 0xd, 0xf8, 0x4, 0x8000, 0xfffffffa, 0x7f42, 0x0, 0x1146cd38, 0xe96, 0x4df, 0x1, 0xc, 0x7fffffff, 0xfffff800, 0x8, 0x4, 0x80, 0xb, 0xc4, 0x9, 0x2, 0x2, 0x3, 0x7, 0xc919, 0x6, 0x0, 0x3, 0xffffffff, 0x1, 0x5, 0xfffff73f, 0x9, 0xff, 0xffffffff, 0x9, 0x9, 0x7fff, 0x7, 0x0, 0x9, 0x7, 0x7fff, 0xffffffff, 0x8001, 0x2, 0x3, 0xa7, 0x7, 0x61, 0x7ff, 0x3, 0x9, 0x401, 0x3, 0x9, 0x7, 0x8000, 0x4, 0x48c, 0x3, 0x9, 0xfff, 0x3ff, 0x1, 0xe, 0x4, 0x101, 0x7ff0000, 0x768, 0x8, 0x1000, 0x6, 0x1, 0x0, 0x3, 0x6, 0xfffffffa, 0xfffffffe, 0x3, 0x8001, 0x80000000, 0x7dd, 0x0, 0xfff, 0xfffffffc, 0x4, 0xff, 0x9, 0x1, 0x5, 0x1, 0xcf, 0x1, 0xff, 0x8, 0x8, 0x7, 0x1, 0x800, 0x5, 0x400, 0x400, 0x400, 0x10000, 0x5, 0xfffffff1, 0xb7, 0x0, 0x8000, 0x2, 0x0, 0xfffffff2, 0x5, 0xe00, 0x7, 0x1, 0x3, 0x1, 0x3, 0x4, 0x8, 0x4, 0x40, 0x6, 0x0, 0x6, 0x5, 0x9, 0x1, 0xfff, 0x10000, 0x5, 0x6, 0x1, 0x0, 0xeb, 0x6, 0x800, 0x5, 0x4, 0x1, 0xfff, 0x0, 0x4, 0x1, 0x1, 0x6, 0x7, 0x7, 0x4, 0x1, 0x1a3, 0x1, 0x2, 0x4, 0x4, 0x92ec, 0xe, 0xf4c, 0x10000, 0x6, 0x6, 0x6be80000, 0x1, 0xfffffffb, 0x1, 0xc, 0x9, 0x3, 0x5, 0x40, 0x401, 0x7, 0x4, 0xffffffff, 0x1, 0x8, 0x1, 0x4, 0x1, 0xe, 0x4, 0x9, 0xb81, 0x0, 0x80000001, 0x8f, 0x8, 0x7, 0x9, 0x7, 0xa111, 0x1ff, 0x5, 0x1, 0x61, 0x3b, 0xb53, 0x79cb, 0xfffffffe, 0xf3c0, 0x3, 0xf9, 0x9, 0x1, 0x7f, 0x5, 0x2, 0x0, 0x7, 0xfffffffa, 0x1, 0x0, 0x3, 0x5, 0x1ff, 0x5, 0x5, 0x8, 0x6d7, 0x4, 0xfffffff9, 0xb88, 0x7, 0xf, 0x6, 0xc, 0x9, 0x81, 0x18746000, 0x1, 0x9, 0x4, 0x9, 0xd2a3, 0xdcdd, 0xffff, 0xfffff6cc, 0x1b, 0xfffffff6, 0x7, 0x3, 0x4, 0x5, 0xd2c, 0x4, 0x0, 0x1, 0x4, 0x10000, 0x9, 0xcea2, 0x8, 0x2, 0x2, 0x8001, 0x5, 0x55, 0x2, 0x0, 0x7, 0x3, 0xffffffff, 0xfff, 0x800, 0x10000000, 0x0, 0x7, 0x8, 0x2, 0x25, 0x3, 0x0, 0x5, 0x4, 0x4, 0x8, 0x70000, 0x3, 0x1, 0x4, 0x5, 0xb, 0x7, 0x3, 0x280, 0x401, 0x1, 0x0, 0x6, 0x7, 0x3, 0x9, 0x541, 0x101, 0x4, 0x8, 0x56, 0x2, 0x2, 0x1, 0x3, 0x1, 0x9, 0x5, 0xffffffff, 0x2, 0x4, 0x9, 0x5, 0x8, 0x4, 0x1000, 0xfffffffb, 0x7, 0x1, 0x3, 0x5a01f9a, 0x1, 0x9, 0x3, 0xf, 0x3, 0x6, 0x3, 0x11c5, 0x1, 0x9, 0x80000, 0x0, 0x4, 0x8, 0x2, 0x8, 0x65a1, 0x400, 0x7e4, 0xffff, 0xb4, 0x5, 0xfffffc01, 0x4ad, 0x2, 0x40, 0x100, 0x2, 0xa06, 0x45, 0x6d9, 0x0, 0xd26, 0x0, 0x6, 0x8001, 0x8, 0x6, 0x66, 0x74, 0xf5b4, 0x7fff, 0x3, 0xffffffff, 0x2, 0x401, 0xa40c, 0x83, 0x1, 0x0, 0x2, 0x8, 0x1, 0x101, 0xf, 0x5, 0x2, 0xe90, 0x3, 0x9, 0x7ff, 0x5, 0x10, 0x3ff, 0x1, 0x7, 0x1, 0x559, 0x7, 0x8, 0xffffffff, 0x1, 0x401, 0x8, 0x7, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, 0x5, 0x10001, 0x4206, 0x400, 0x10, 0x5, 0x7, 0x7, 0xd939, 0x6, 0x8, 0x1ff, 0xfffffe00, 0x3, 0x6, 0xfffffffe, 0x0, 0x9, 0x4, 0xb5, 0xffffffff, 0x8, 0x5, 0x0, 0xfffff000, 0x8, 0x6, 0x3, 0x2, 0xa5, 0x6, 0xff, 0x1, 0x5, 0xfffffe00, 0xe77, 0x5, 0x0, 0x7, 0x0, 0x7, 0x5, 0x9, 0x9, 0x6, 0x8, 0xebba, 0x8, 0x1, 0x8, 0xf, 0x8001, 0x86, 0x5, 0x4, 0x5, 0x7fff, 0x11b, 0xf8, 0xffff, 0x8, 0x2, 0x3, 0xffff, 0x1ff, 0x0, 0xc, 0x5, 0x9, 0x9d9, 0x7, 0x2, 0x7, 0xc84, 0xd9, 0x6, 0x10000, 0x4, 0x4, 0x0, 0x7fffffff, 0x0, 0x8, 0x8, 0x8, 0x1000, 0x1, 0x3ff, 0x5, 0x8000, 0x3, 0x4, 0x7ff, 0x5, 0xc, 0x1000, 0x80000000, 0x4548, 0x434875b5, 0x3, 0x3, 0xdbc, 0x1000, 0x1, 0x2, 0x0, 0xf4, 0x7, 0x3, 0x51b9, 0x81, 0x1, 0x3, 0x866, 0x1000, 0x1, 0x5, 0xfffffffe, 0x6, 0x8, 0x1, 0x9, 0xfffff001, 0x400, 0x1ff, 0x0, 0x5, 0x6, 0x5, 0x1, 0xb8, 0x1, 0x40, 0x9, 0x2, 0x2, 0x9, 0x3ff, 0x3, 0xffffffff, 0x800, 0x0, 0x3ff, 0xa, 0x2, 0x9, 0x2, 0x9, 0x4a, 0xffff, 0x4, 0x8c, 0x100, 0x1, 0x3, 0xb18, 0x7, 0x4ff0d6e, 0x7fffffff, 0x62, 0xcd, 0x3, 0x1f60000, 0xe3d, 0x1ff, 0x3, 0xb15, 0x4, 0x1, 0x4b, 0x9f0, 0x3, 0x3, 0x200, 0x7fff, 0x80, 0x2, 0x4d8, 0x2, 0x4, 0x131d, 0x7, 0x8, 0x3, 0x602c, 0x5ba, 0xffffd44e, 0x7fffffff, 0x0, 0x3, 0x40, 0x8, 0xff, 0x100, 0x6, 0xe9, 0x3, 0x5, 0xff, 0xc88, 0x7, 0x7, 0x4, 0x9, 0x10, 0x8, 0xb245, 0xfffffe01, 0x1, 0x8, 0x4, 0x79048b67, 0x3, 0x0, 0x80000000, 0x2, 0x9a, 0x10, 0xffff, 0xfffffffb, 0x8, 0x8, 0x6d50d882, 0x1, 0x100, 0x3, 0x0, 0x10001, 0x7, 0x1ff, 0x8, 0x1a, 0xd, 0x0, 0x10, 0x3, 0x1, 0x3, 0x3, 0xfffffff8, 0xfffffffb, 0xb07d, 0x5, 0x2, 0x1, 0x5, 0x6, 0x2, 0xd, 0xed, 0x5, 0x1, 0xc, 0x0, 0x3, 0x0, 0xff, 0x8001, 0x1, 0xd, 0x5, 0x4, 0x7, 0x6, 0x7, 0x8, 0x8, 0x7, 0xd5, 0x7ff, 0xe7, 0x5, 0x7, 0x4, 0xc9c9, 0x4, 0x9, 0x9, 0x7ff, 0x3, 0x975, 0x10001, 0x800, 0x800, 0x2793, 0x5, 0x5, 0xc, 0x4, 0xa, 0x9, 0x0, 0x9, 0x3, 0x1a1, 0xffffffff, 0xfffffffa, 0x9, 0x101, 0x0, 0x4, 0x3, 0x0, 0x7f, 0x10001, 0x8001, 0x1, 0x6, 0x7, 0x8, 0x1, 0x3, 0x8000000, 0x6, 0xd18, 0xffffffff, 0x9, 0x0, 0x0, 0x8, 0x6, 0x6, 0x9, 0x10001, 0x1ff, 0x0, 0x4, 0xb, 0x8, 0x9, 0x0, 0x9, 0x6, 0x7fff, 0x5, 0x4, 0x1, 0x7ff, 0x80000001, 0x5, 0x3, 0xfffffffd, 0x7, 0x6, 0x10, 0x1, 0x400, 0x0, 0x400, 0x8000, 0xfffffff9, 0x3, 0x6, 0x0, 0x9, 0x0, 0xa7d, 0x800, 0xffffff7f, 0x9f, 0x2, 0x200, 0x2a7, 0xa, 0xb, 0x7, 0x80, 0x9, 0xca5, 0xcf43, 0x9, 0x0, 0x0, 0x3, 0x1, 0xf, 0x101, 0x7fff, 0x9, 0x9, 0x7, 0x1, 0x0, 0x9, 0x2, 0x1, 0x7, 0x5, 0x80000001, 0x206, 0x100, 0x4, 0x0, 0x1000, 0x4, 0x71, 0x2, 0x9, 0x1, 0x7, 0x1, 0x1, 0xc7, 0x5, 0xfb78, 0x1, 0x2a, 0x97, 0x6, 0xc83f, 0x9, 0x6, 0x0, 0xfffffffe, 0x6, 0x74a, 0x8, 0x0, 0x9, 0x3, 0xffff, 0x8, 0x25, 0xbb6a, 0x8, 0xa51, 0x1, 0x3, 0x2, 0x73e, 0x8, 0x9d, 0x2, 0xffffffff, 0xf26, 0xf, 0x3, 0x96c, 0xa9000000, 0x81, 0x7, 0x1, 0x7ff, 0x7, 0x0, 0x8000, 0x4, 0x1, 0x6, 0x7, 0x0, 0x1, 0x0, 0x9, 0x2, 0x3, 0x4, 0x0, 0x5, 0x5, 0xc5c, 0x500e, 0xfffffff8, 0x1, 0x1a2e, 0x40, 0xfffffff7, 0x5, 0x5, 0x401, 0x2, 0x10001, 0x4, 0x10000, 0x3, 0x89, 0x80000001, 0x3ff, 0x6, 0x567c, 0xf0, 0x7, 0x9, 0x5, 0x200, 0x3, 0xfff, 0xfffffffc, 0x40, 0x3, 0x5, 0x1000, 0x6, 0x7fffffff, 0x9, 0x81, 0x8, 0x9, 0x7, 0x80000001, 0x4, 0x8001, 0xf74, 0x3, 0x2, 0x7ff, 0x0, 0x0, 0xfffffe00, 0x56, 0x5, 0x7, 0xffffffff, 0x351, 0x9, 0xafa, 0xe, 0xfffffff9, 0x3, 0x7, 0xffffffc0, 0x9f, 0x6, 0x4, 0x7, 0x7, 0x1, 0xd, 0x5, 0x1, 0x4, 0x64ae, 0x7fff, 0x6, 0x1, 0x1, 0x9, 0x0, 0x3, 0x0, 0x0, 0xb, 0x6, 0xfff, 0x75ae, 0x4, 0x8ff, 0xa171, 0x6, 0xc1, 0x0, 0x1, 0x88c, 0x2, 0x8, 0x10000, 0x101, 0x2ed, 0x5, 0x1, 0x8, 0x8, 0x0, 0x7, 0x8, 0x28e, 0x2, 0x8, 0x177, 0x17, 0x3, 0x7, 0x6, 0x7, 0x800, 0x3, 0x400, 0xb0000000, 0x7, 0x8, 0x2, 0x50e, 0x4, 0x6, 0x1, 0x4, 0x401, 0x678, 0x9, 0xe1, 0x0, 0x800, 0x100, 0xf, 0x6, 0x6, 0x8, 0x8, 0x1, 0x8, 0x8, 0x5, 0x6, 0x5, 0x8, 0xfffffffe, 0x6, 0x800, 0x4, 0x6, 0x3ff, 0x3, 0x6, 0x31, 0x2, 0x1, 0x7, 0x0, 0x10001, 0x1b, 0x4, 0xff, 0x23, 0x8fe, 0xfff, 0xfff, 0x2, 0x1, 0xd40a, 0x308, 0x3, 0x8, 0x8, 0x5, 0x0, 0x9, 0x40, 0x800, 0x1ff, 0x3ff, 0xdad6, 0x3, 0x200, 0x800, 0x9, 0xfff, 0x9, 0x9786, 0xf9a9, 0x8, 0x80000000, 0xb302, 0x6, 0x8, 0x2, 0x9, 0x5, 0x9, 0x7, 0x3, 0xb6, 0x7, 0x1, 0xffffde00, 0x4c37, 0x3, 0x8, 0x3, 0x8000, 0x6, 0xffff, 0x2af223a1, 0x6, 0x8, 0xfffffffa, 0xff, 0x97ca, 0x3, 0x9, 0xc, 0x9, 0x7, 0xccb, 0x9, 0x7, 0x1, 0x800, 0x5, 0x1825e132, 0x100, 0x0, 0x0, 0x2, 0x731, 0x1, 0x0, 0x9, 0x2, 0x200, 0x3cf0, 0x3, 0x9, 0x1, 0x2, 0x8, 0xffffffff, 0x10001, 0x915, 0x5, 0x4, 0x2, 0xfff, 0x3, 0x9, 0x7, 0x2f9, 0x8, 0x9, 0x8000, 0x9, 0x0, 0x8, 0x6, 0xce6, 0x3, 0x9c3, 0x0, 0xffff, 0x6, 0x4, 0x5, 0x7fff, 0x0, 0x800, 0x6, 0x8, 0x9, 0x2, 0xf57, 0x0, 0x6, 0x7, 0x80000001, 0x7fff, 0x89, 0x8, 0x7, 0x800, 0x65e, 0x6, 0x4, 0x1, 0x10, 0x40, 0x1, 0x10000, 0x3, 0x80000000, 0xfffffff2, 0x10001, 0x1, 0x5, 0x0, 0x10000, 0x5, 0x8, 0x6, 0x9, 0x6, 0x9, 0x7, 0x8, 0xe3d, 0x1, 0x3ff, 0x3, 0x4, 0x10, 0x6, 0xf, 0x7d, 0x5, 0x4, 0xe7a, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4, 0x6, 0x5, 0x8, 0x2, 0x1, 0x7fffffff, 0x0, 0x6, 0x3, 0x7e, 0xfffffffb, 0x6, 0x8, 0x100, 0x3, 0x2, 0x2, 0xfffffff7, 0x0, 0x6, 0x8000, 0x5, 0x80000001, 0x400, 0x6, 0x7, 0x6, 0xf0, 0x10001, 0xe, 0x10001, 0x10000, 0x7, 0x0, 0x4, 0xffffffff, 0x9, 0x1, 0xc, 0x5, 0x3, 0x3c, 0xfffffffe, 0x80, 0x4, 0xbc48, 0x3, 0x10000, 0x5e09a76d, 0x6, 0x5, 0xd, 0x2, 0x7f, 0x7, 0xffffffff, 0x9, 0xfffffff7, 0x2, 0x200, 0x3, 0x4, 0x1, 0x48, 0x9, 0x1, 0x0, 0x8, 0x8, 0x3, 0x4, 0x4, 0x5, 0x8, 0x6, 0x9, 0x8, 0x5, 0x4, 0x10000, 0x8, 0x3a1286ed, 0x0, 0x2, 0xb, 0x0, 0x6, 0x10001, 0x1b8, 0x9, 0x0, 0x217c74a4, 0x1, 0x8, 0x99, 0xa, 0x3, 0x5, 0x5, 0xffffffd2, 0x80000001, 0x4, 0x5, 0x4, 0x10000, 0x3, 0x5d5, 0x2, 0xfffffe00, 0x6, 0xbd0, 0x1, 0x81, 0x100, 0x473e, 0x6, 0x7fffffff, 0x4, 0x800, 0xd6a, 0x9, 0x5, 0x9, 0x5, 0x5, 0x0, 0x1, 0x519e, 0x7, 0x8000, 0x2, 0xf, 0xd, 0xb, 0x7, 0x5, 0x80, 0x1, 0x8f82, 0xffffff36, 0xc90, 0x8, 0x40, 0x4, 0x8, 0x9, 0x80000000, 0x2ff, 0x6, 0x6, 0x200, 0x2, 0x4, 0xd, 0x5, 0x101, 0xffff, 0xfffffbff, 0xf, 0x0, 0x193f, 0xffff6dc1, 0xfc3, 0x401, 0xffffffe9, 0xb0, 0x9, 0x3, 0x7, 0x1ff, 0xfa50000, 0xffffffc3, 0xcc, 0x0, 0x7ff, 0x1, 0x72a, 0x9, 0x7, 0x8, 0x0, 0x0, 0xc, 0x1, 0xffffffff, 0x7, 0x7fff, 0x0, 0x424, 0x0, 0x40000000, 0x2f7, 0xfffffff8, 0x101000, 0x200, 0x2, 0x100, 0x100, 0xffffffff, 0x1, 0xfffffffc, 0xb, 0x9, 0x401, 0x67, 0xb1d2, 0x793e, 0x8, 0x6, 0x8, 0xfffffffd, 0x6, 0x6, 0xe, 0x3, 0x7, 0x0, 0x2ee8, 0x2, 0x6, 0x1, 0x5, 0x800, 0x7f, 0x7, 0x95, 0x4, 0x7fffffff, 0xe, 0x74e, 0xf, 0x7f, 0x1000, 0x1, 0x9, 0x10000, 0x7fffffff, 0xcf, 0xc, 0x80000000, 0x7, 0x9, 0x4, 0x8000, 0x1, 0x9, 0x6, 0x3, 0xfffff241, 0xffffffff, 0xfffffffb, 0x7ff, 0x3c8, 0x4, 0x0, 0x7, 0x7fff, 0x70a, 0x6, 0x5, 0x8, 0x6, 0xf, 0x4, 0x6, 0xfffffff7, 0x8, 0x48000000, 0x0, 0x5, 0x37066a0, 0x8, 0xbac2, 0x1, 0x5, 0x80, 0x800, 0xc, 0xb3, 0x3, 0x9, 0x5, 0xfffffeff, 0xfff, 0x9, 0x6, 0x1, 0x7, 0x9b4, 0x7, 0x9, 0x8000, 0x4, 0x0, 0xc5a2, 0xe, 0x8, 0x9, 0x2, 0x9, 0x800000, 0x0, 0x1ff, 0x800, 0x8, 0x4, 0xe44, 0x800, 0x800, 0x2fe, 0x6, 0xffffffff, 0x6, 0x7ff, 0x2, 0x1, 0x2, 0xd, 0xd916, 0x200, 0x8000, 0x6, 0x2, 0x8, 0x3, 0x18000, 0xfffffffa, 0xdce, 0x6, 0xffff, 0xe, 0x96, 0x7f, 0x400, 0x40, 0x9, 0x7, 0x3, 0x401, 0x90000, 0x10, 0x9, 0x8, 0x4, 0x5, 0x7, 0x7fffffff, 0xd, 0x5, 0x10, 0x8, 0x400, 0xf, 0x1, 0xbfb, 0x1, 0x4, 0xaee3, 0x9, 0x6, 0x7fffffff, 0x1, 0xfffff000, 0x3ff, 0xfd, 0x1, 0x4], 0x8, 0x1})
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000200)='./file1\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={'trans=virtio,', {[{@directio}, {@mmap}, {@cache_readahead}, {@afid={'afid', 0x3d, 0x8000000000000000}}, {@posixacl}, {@version_9p2000}, {@directio}, {@privport}, {@cachetag={'cachetag', 0x3d, '\x85.-/-]'}}, {@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}], [{@appraise_type}]}})
read$FUSE(r1, &(0x7f0000003400)={0x2020}, 0x2020)

53.849174631s ago: executing program 1 (id=10058):
r0 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x40, 0x0, r3, 0x0, 0x0, 0x0, 0xebec93e830f96115})
io_uring_enter(r0, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000000), 0x101, 0xab02)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x102)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r6, &(0x7f0000000440), 0x10)
listen(r3, 0xffffffff)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xa, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004c8d0}, 0x14)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
clock_gettime(0x0, &(0x7f0000000200)={<r9=>0x0, <r10=>0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8d80, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r13, 0x4008ae89, &(0x7f00000003c0)={0x1, 0x0, [{0x40000021, 0x0, 0x2000000}]})
ppoll(&(0x7f0000000080)=[{r5, 0x328}, {r8, 0x8002}, {r4, 0x532}, {r5, 0x4000}, {r4, 0x200}, {r5, 0x4008}, {r8, 0x20}], 0x7, &(0x7f0000000240)={r9, r10+60000000}, &(0x7f0000000280)={[0x4]}, 0x8)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r14 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_CTRL(r14, 0xc008561c, &(0x7f00000000c0)={0x5, 0x6})
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0\x00')
syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)

53.654332016s ago: executing program 1 (id=10060):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmmsg$inet(r1, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0)
setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e22, 0x3, 'wlc\x00', 0x0, 0x60000000, 0x54}, {@rand_addr=0x64010142, 0x4e26, 0x2000, 0x200, 0x20008001, 0xfffffffe}}, 0x44)

53.423453466s ago: executing program 1 (id=10061):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, 0x0, 0x20000000)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2e, 0x401, 0xf0bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (fail_nth: 14)

53.321345767s ago: executing program 34 (id=10061):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, 0x0, 0x20000000)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2e, 0x401, 0xf0bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (fail_nth: 14)

2.12396618s ago: executing program 6 (id=10611):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a0000002d95000000000000ee05a552d0660000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_udp_int(r2, 0x11, 0x64, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000008c0)={'bridge_slave_1\x00'})
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f01040000000800"], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r5, 0x6b, 0x1, &(0x7f0000000440)=[{0x3, 0x2, {0x2}, {0x0, 0xff, 0x1}, 0xfe, 0x1}, {0x2, 0x3, {0x0, 0xf0, 0x1}, {0x1, 0x0, 0x2}, 0x1, 0x2}, {0x0, 0x0, {0x1, 0xff, 0x2}, {0x1, 0x1}, 0xfe, 0xff}], 0x60)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newtfilter={0x24, 0x11, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x74, r6, {0xb, 0xfff2}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x20000050)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x4000)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r7 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r7, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x1000000000003, 0x3, 0x8000000000007, 0xaa, 0x3, 0x9397, {0x200003, 0x180, 0x20fe, 0x0, 0x84, 0xd615, 0x10000009, 0x9, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r7, r7, &(0x7f0000000080), 0x7f03)

1.809053268s ago: executing program 2 (id=10613):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x6c, r1, 0x5, 0x4, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x39, 0xe, {{{}, {0x1}, @device_a, @broadcast, @from_mac}, 0x0, @random=0x4, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x71, 0x7, {0x1, 0x0, 0x0, 0x1, 0x1, 0xf0, 0x8}}, @void}}, @NL80211_ATTR_IE_PROBE_RESP={0x4}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x6c}, 0x1, 0xc00}, 0x0)

1.808378976s ago: executing program 2 (id=10614):
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x5, 0x14b082)
ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f0000000040)) (async)
ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0) (async)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x1b, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0xffe0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000019980)=@newtfilter={0x854, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0x2}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0x828, 0x2, [@TCA_U32_POLICE={0x824, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x5, 0x1, 0x2, 0x2, 0x3, 0x6f1, 0xb, 0x3, 0x3, 0x6, 0xffff0000, 0x2, 0x10001, 0x3, 0x7, 0x7, 0x6, 0x1ff, 0xffff, 0x2, 0x6, 0xffffff1f, 0x0, 0x6, 0x8, 0xd, 0x36848000, 0x5, 0xce1, 0x2, 0x0, 0x713a7a7c, 0x9, 0x4cee, 0xffff, 0xe4f6, 0xfffffff9, 0x389b, 0x2, 0x7dea0866, 0x9, 0x327b, 0x8, 0x101, 0x70, 0x5, 0x5, 0x5, 0x7f, 0x7fff, 0x0, 0x0, 0x800, 0x5, 0xfff, 0x3, 0x7, 0xf9, 0x1ff, 0xa228, 0x5, 0xa, 0xdc6, 0x3623, 0x76c, 0x54f0, 0xd7, 0x2, 0x4, 0x0, 0x2, 0x7, 0xb, 0x0, 0x5, 0x3, 0xc0, 0x5, 0x20000000, 0x1, 0x7fff, 0x9, 0xb, 0x3, 0xf5ec, 0xd030, 0x8, 0x8, 0x0, 0x7, 0x7, 0x9, 0x2, 0x6, 0xff, 0x5, 0x2b, 0xfffffffc, 0x7, 0xfdfa, 0x6e1, 0xfffffffe, 0x4, 0x3, 0x7, 0x6, 0x9, 0x9, 0x101, 0x30197c9f, 0x100, 0x3c29, 0x1aaa, 0xffff, 0x4, 0x9, 0x6, 0x80000000, 0x1, 0x6, 0x6, 0x2f7377dc, 0xd, 0x3, 0x1d8b, 0x6, 0x5, 0xfff, 0x2, 0x3, 0x2, 0x8, 0x3, 0x1000, 0xd8, 0x52e0, 0x7b70, 0x4, 0x6, 0x7fff, 0x400, 0xfffffffb, 0x100, 0x5, 0x7, 0x3ff, 0x1, 0x4, 0x9, 0x2, 0x0, 0x9, 0x401, 0xd, 0x9b, 0xffff8000, 0x7, 0x6, 0xfffffff7, 0x800, 0x7, 0xfffffbff, 0x0, 0x13, 0x9, 0x3, 0x8, 0x1, 0x0, 0x400, 0x5e4c, 0xa5a0, 0xfffffff8, 0x2, 0x9, 0x8, 0x4, 0x7, 0xed, 0xfca, 0x80000000, 0x5, 0x1, 0x1, 0x5, 0x7fff, 0x8, 0x7, 0x0, 0x100, 0x6, 0x7, 0x5, 0x7, 0x3, 0x4, 0x7, 0x6, 0x1c00000, 0x4, 0x5, 0x0, 0xfffffffe, 0xa, 0xb, 0xfff, 0x6, 0x3, 0x4, 0x8, 0xe6, 0xc4, 0x9, 0xd9, 0x40, 0xe, 0x6, 0x1ff, 0x100, 0xd, 0x8, 0x7, 0x9, 0xb08d, 0x7, 0xe, 0x9, 0x0, 0x10, 0x80, 0x2, 0xc, 0x2, 0xffff, 0x6, 0x400, 0x7, 0x0, 0x3, 0x7, 0x3, 0x7, 0x8, 0x9, 0x5, 0xcc9e, 0x60000, 0x7, 0xffffffff, 0x8, 0x9689, 0xf, 0x502a, 0x8, 0x10000]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3ff, 0x2, 0x8, 0x1, 0x2, 0x8, 0x4, 0x8, 0x7, 0x39, 0x55, 0x0, 0x8, 0x29, 0x8, 0x10000, 0x9, 0x3, 0x7, 0xff, 0xf, 0xb, 0x401, 0x7633, 0x0, 0x3, 0xc, 0x8, 0x0, 0xffffff81, 0xffff, 0x1, 0xe, 0x4d, 0x8c47, 0x6, 0xff, 0x3, 0x1, 0x0, 0xfff, 0x9, 0x7, 0x0, 0x6, 0x1, 0x4, 0x942, 0xffffff16, 0x6, 0x2, 0x9, 0x93b, 0x1, 0x3, 0x90f5, 0x5, 0x891, 0x8001, 0x9, 0x6, 0x3d0, 0x7, 0x4, 0x0, 0x7f, 0x7, 0x180, 0x7, 0x6, 0xa7a8, 0x101, 0x8, 0x3, 0xfffffff3, 0x1, 0x0, 0x10, 0x931b, 0x4, 0x2, 0x1, 0x0, 0x2, 0x12, 0x1, 0x7, 0x1ff, 0x800, 0xfffffff1, 0x7, 0x6, 0xa7, 0x9, 0x10, 0x0, 0x2, 0x8, 0x3, 0x8, 0x7, 0x4, 0x1, 0x3, 0x7fffffff, 0x9, 0x5, 0x8, 0xd2e8, 0x40, 0x3, 0x3, 0x6, 0xe988, 0x1, 0x2, 0x5, 0x0, 0xffff, 0xf8e, 0x3, 0xffff03f7, 0x5, 0x9, 0x101, 0x8, 0x1, 0x5, 0x7, 0x0, 0x2, 0x4, 0x0, 0x29e, 0x8, 0x7, 0x7c, 0xee8, 0x8, 0x1, 0x5513790d, 0x5, 0x9c, 0x2, 0x7, 0xd9e, 0x8000, 0x6, 0x1, 0x101, 0xbf, 0xd812, 0x9, 0xffff, 0x8, 0x3, 0x10db3b3b, 0x13, 0x101, 0x193, 0x5, 0xd, 0x6, 0x1db, 0xfb80, 0x1, 0x8001, 0x4675b341, 0x1ff, 0x4, 0x401, 0x6, 0x80000001, 0x6, 0x0, 0x4, 0x6, 0x7, 0x5, 0x40, 0xfffff000, 0x9, 0x100, 0x0, 0x1, 0x6, 0x1, 0xfffffc01, 0x7, 0x5, 0x1, 0x3, 0x6, 0x9, 0x10000, 0x1000, 0x7ff, 0x6, 0x8, 0x7, 0x401, 0x4, 0xfffffff7, 0x7, 0x7, 0x9, 0x7, 0x5, 0x7, 0x73606b95, 0x2, 0x800, 0x40, 0x2, 0x10, 0x4, 0x7, 0x3, 0x1, 0x80000000, 0x1, 0x101, 0x80, 0x1, 0x9, 0xff, 0x3, 0x4, 0x100, 0x7, 0xfffffb24, 0x2, 0x4, 0xfe, 0x3f, 0x8, 0x8577, 0xfffffc01, 0x10000, 0x3, 0x5, 0x3, 0x8, 0x9, 0xc, 0xf, 0x2, 0x3, 0x6, 0x989, 0x7, 0x4, 0x8, 0x0, 0x1, 0x3]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]}]}}]}, 0x854}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000001c0), 0x9058, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@volatile}, {@userxattr}]})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r5) (async)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f00000029c0)={0x9, {"a2e3ad084fc752f91b29090955f70e0dd038e7ff7fc6e5539b3272078b089b34393b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d336d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b473e2ffd9d44b56871495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3527138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aad66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
socket$kcm(0x10, 0x2, 0x0) (async)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
socket(0x15, 0x5, 0x0) (async)
r9 = socket(0x15, 0x5, 0x0)
getsockopt(r9, 0x200000000114, 0x271b, &(0x7f0000000580)=""/102393, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xfffffffe}})
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) (async)
r11 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r11, 0xc01c64ae, &(0x7f0000000040)={0x0, 0x1, 0x2d259eaa, 0xfffffffe, 0x10, 0x8, 0x100011})
socket(0x10, 0x3, 0x0) (async)
r12 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000019580)=ANY=[@ANYBLOB="14000000000000fe39c9a5218342fb00000000004e0eeaf2251b5fa37e093133f7d486c7b26ae498b31f0c97c289e1d0a5657461f2fa65014c145a3d19a6f087b2ab25d9bd8968d87442c349b56c31443896271524d082ef237e8ab2592eabf71acfa3cb0e19d0c9ad24cd203ece0f3a3068bab943ca4bb88088667603186547cf7af1fd23ceca809dbd3d27f9dcc5ab9ed7ba875df703a1976ca37597911d8d02669c4dabc15d66a8136667debbb3c2dc71d9b4bf38c49db518771b0eb93ea30b797c04d0769eb31a9491eb1d6156458895bf06c515a66fc454e673766f24841d4268251b460b50b69ea94caeb8589f0000000000000000f35773c96ab7fb61963b4268f08074337612833464327f26112af289d8cf26b49fec763912129c442a28e25b21e8cf58fcac802d"], 0x14}}, 0x0)
sendmmsg$unix(r6, &(0x7f0000000480)=[{{&(0x7f0000000240)=@file={0x0, './bus/file0\x00'}, 0xfffffffffffffd9f, &(0x7f0000000340)=[{&(0x7f00000002c0)="e1990fb8b2822c9c0f3b6edf4d1c80faf0954f9f4e82b24c705773873feafaa45a5914b4a3b60ea6d77579be9d578dda793e6404f4a1ebd9719e98926ee3d03cc93c95d050245c1ab314660a932983224546755f4e332457317992f074880fc25ca3d348d5c72db6bf31d7bc3bde6c2e2be3", 0x72}, {&(0x7f0000000100)="a35f4d3a3ad35aea3254221a462d11153613d479a75f7ffb519c8360ad2833e53e07254dd29491a1e64b8b8e", 0x2c}], 0x2, &(0x7f0000019800)=ANY=[@ANYBLOB="20000000000000000100000001000000", @ANYRES32=r7, @ANYRESDEC=r12, @ANYRES64=r4, @ANYRES32=r0, @ANYBLOB="14000000000000000100000001ef0000396694cce6cfdb54c50d34db2de4f4f85cdb86a640d3fbc3a20c1baacf86a802547c8503f45375fc5a93b48dcd6ee741fde4aec306bf30ceb5cc33b459b2702747a14cb16f16c8fe0ee0fbeab89d3dcf2f499d83d07b087f6b6e21cebe43a165b6af2ce1b5aa151dfd912c5a2337dafe79d0979ba4eac7bdface661c4001fae24680766748bbe9efc30575bcf7c7f1007d135ae7d8f28fec363a96351a481383b13ffe67", @ANYRES32=r0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES16=r12, @ANYRES32=r8, @ANYRES32=r0, @ANYRESHEX=r6, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r9, @ANYRESOCT=r5, @ANYRES16=r8, @ANYRES32=r12], 0x80, 0x8801}}], 0x1, 0x20008044) (async)
sendmmsg$unix(r6, &(0x7f0000000480)=[{{&(0x7f0000000240)=@file={0x0, './bus/file0\x00'}, 0xfffffffffffffd9f, &(0x7f0000000340)=[{&(0x7f00000002c0)="e1990fb8b2822c9c0f3b6edf4d1c80faf0954f9f4e82b24c705773873feafaa45a5914b4a3b60ea6d77579be9d578dda793e6404f4a1ebd9719e98926ee3d03cc93c95d050245c1ab314660a932983224546755f4e332457317992f074880fc25ca3d348d5c72db6bf31d7bc3bde6c2e2be3", 0x72}, {&(0x7f0000000100)="a35f4d3a3ad35aea3254221a462d11153613d479a75f7ffb519c8360ad2833e53e07254dd29491a1e64b8b8e", 0x2c}], 0x2, &(0x7f0000019800)=ANY=[@ANYBLOB="20000000000000000100000001000000", @ANYRES32=r7, @ANYRESDEC=r12, @ANYRES64=r4, @ANYRES32=r0, @ANYBLOB="14000000000000000100000001ef0000396694cce6cfdb54c50d34db2de4f4f85cdb86a640d3fbc3a20c1baacf86a802547c8503f45375fc5a93b48dcd6ee741fde4aec306bf30ceb5cc33b459b2702747a14cb16f16c8fe0ee0fbeab89d3dcf2f499d83d07b087f6b6e21cebe43a165b6af2ce1b5aa151dfd912c5a2337dafe79d0979ba4eac7bdface661c4001fae24680766748bbe9efc30575bcf7c7f1007d135ae7d8f28fec363a96351a481383b13ffe67", @ANYRES32=r0, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES16=r12, @ANYRES32=r8, @ANYRES32=r0, @ANYRESHEX=r6, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r9, @ANYRESOCT=r5, @ANYRES16=r8, @ANYRES32=r12], 0x80, 0x8801}}], 0x1, 0x20008044)
r13 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000140)={0x1, 0x1, 0x8, 0x9, @vifc_lcl_addr=@private=0xa010100, @empty}, 0x10)
setsockopt$sock_int(r13, 0x1, 0xe, &(0x7f0000000040)=0x1, 0x4)

1.700897312s ago: executing program 2 (id=10615):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000009c0)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x24000040)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da25", 0xbf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e880", 0xf6}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f", 0x21}, {&(0x7f0000000c00)}, {&(0x7f0000000cc0)}], 0x3, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efca580e1e24cbf53ef2fdb0d3810e8359c20b3938b1cb8574e51adc3cac209dd1c3b0fa44d9ca5ffbccfd9", 0x55}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.699353992s ago: executing program 2 (id=10616):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty=0xa4, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

1.624923108s ago: executing program 2 (id=10619):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x18, 0x301, 0x270bd24, 0x25dfdbfa, {0xf}}, 0x14}}, 0x0)
getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f0000000180)=0xe)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000110000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100"], 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./file3\x00', &(0x7f00000001c0), 0x218006, &(0x7f0000000240)={[{@name={'name', 0x3d, '&^!'}}]})
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)

1.39007134s ago: executing program 5 (id=10623):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x41000, 0x2a, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x2, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff0001}, 0x94)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_readv(r1, &(0x7f0000000440)=[{&(0x7f0000000200)=""/219, 0xdb}], 0x1, &(0x7f0000000680)=[{&(0x7f0000000740)=""/4096, 0x1000}], 0x1, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001ac0)={0x3c4, 0x2e, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x119}, @nested={0x3b0, 0x11, 0x0, 0x1, [@nested={0x3ac, 0xcf, 0x0, 0x1, [@nested={0x3a7, 0x146, 0x0, 0x1, [@generic="f5ef56146c91147563276660e594de86923b901b9c31b5127825f1868b4db9469c2df41906c1f5ee49", @typed={0x8, 0x124, 0x0, 0x0, @u32=0x7}, @nested={0x269, 0x6c, 0x0, 0x1, [@generic="8b82111c59", @nested={0x248, 0x10f, 0x0, 0x1, [@nested={0x241, 0x11b, 0x0, 0x1, [@generic="44e4ba7c0b0ff113b095b181686c69e6901606a6035b241060d1ba9b116c80da82d5b88cc6363112ecfcfe146d3396e45fbbf0a08b22fd28c11b96cceeebb143edb758f38e41e6198a4aac1b4f64403c0297fdc66d55feb17b3a47961e32432008a761d761630abd62e074f1aeda6ad0a673e1e2f1ef46c79d906ae0a1b56a1cb49371c5044e8535c676535532d332e91b4270db1184a76120ede03ed5473adf06033298dbeef6a61dc38f79dcbab66a59547791ab5c867c0e0244d06d7eeb09d3b84e9bad5626f647e62bd3f0", @typed={0x5, 0x6b, 0x0, 0x0, @str='\x00'}, @typed={0xc, 0x105, 0x0, 0x0, @u64=0xfffffffffffffffd}, @typed={0xc1, 0x82, 0x0, 0x0, @binary="9da6d2cfd0d56814fd84a9b4e09bfefb7e71aa6b1338a2f4b0bcf5b7da34e38272c0fb396e8da9fe6bafa86982b217883dc0a99d6f8cc8d02d65ac33bf40d09bc28a90cbe72d692943aa8ec74169b9f54f99da2135cef1a3b948b4bb65653d617abfa325b7ece7ef3a395ab715205e14add6497c4d4ccd9950c466a2121433263671d206265ab7a4afb86bcfc88d39c8da199e34acdfd9f19a20d74af1508d9ef7e25cbdbcb597005c8fd2c532208d87b50f917122d979574773357159"}, @nested={0x90, 0xa9, 0x0, 0x1, [@nested={0x8c, 0xb6, 0x0, 0x1, [@typed={0x8, 0x54, 0x0, 0x0, @pid=r1}, @nested={0x80, 0x118, 0x0, 0x1, [@typed={0x14, 0xf3, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @generic="28bd6933fed508cb45592e34ff2d38209eb172abe35f994c8510122b8f8a0a4e9835b2cdbcd8c073bb7ea57060cc1693dc2dda0693c8cce67456fafc25bb0067add67fcaae1ae223931d7ab06bb984095398d3515e9e28899bb95f7c93d5bf998c918039", @typed={0x4, 0x151}]}]}]}, @typed={0x8, 0xb8, 0x0, 0x0, @pid}]}]}, @nested={0x4, 0xef}, @nested={0x4}, @typed={0x4, 0xfe}, @nested={0x4, 0x62}, @nested={0x4, 0x87}, @nested={0x4, 0x76}]}, @typed={0x8, 0x65, 0x0, 0x0, @pid}, @typed={0x8, 0x2b, 0x0, 0x0, @ipv4=@multicast2}, @generic="db89061eb9fbad2bf82b2a9418649da868c869b4397ab66e7f39863979f0bdf348067f0b5606ca8cdcb5b5080280648f010c688d62984d051b094fe343cb1fa22295cdcf66ca2b1cc8152ecb85f43f28d04aa546812ddb957608dc2f3b52e0e98745cc4aa9b20ab28754d0d7c05b9139d8ff8509fbe0d7d56d5710ea94b935782d99259af1a87cf89bcca8f33c9878df0b153753b7ccc2d3d65b5d8e92f7230c8b3b3d434ce7cd2f1e8dbf2cbfca3103a770996f13ed41af6f046964853f276bf8c18987b616eb8c1c752f52389cd54b7a7874ba1d9b4d2612518c8c3c9220ded49fd5ff56d71b5b5569f9421c6d", @typed={0x8, 0xb8, 0x0, 0x0, @u32=0xfffffff8}]}]}]}]}, 0x3c4}], 0x1, 0x0, 0x0, 0x84}, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r3 = socket(0x1, 0x803, 0x0)
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000003000000090001"], 0x2c}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x58, 0x10, 0x403, 0x300, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1e, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffc}]}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x58}}, 0x8000)

1.16602214s ago: executing program 4 (id=10625):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000009c0)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x24000040)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da25", 0xbf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e880", 0xf6}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f", 0x21}, {&(0x7f0000000c00)}, {&(0x7f0000000cc0)}], 0x3, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efca580e1e24cbf53ef2fdb0d3810e8359c20b3938b1cb8574e51adc3cac209dd1c3b0fa44d9ca5ffbccfd9", 0x55}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.165595685s ago: executing program 5 (id=10626):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x54, 0x30, 0x1, 0x0, 0x0, {}, [{0x40, 0x1, [@m_tunnel_key={0x3c, 0x18, 0x0, 0x0, {{0xf}, {0xc, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @local}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x804}, 0x0)
unshare(0x26020480)
gettid()
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000240), 0x80000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000380)={'wlan1\x00', 0x8000})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050003030000000000000600000008000300", @ANYRES32=r7, @ANYBLOB="0a0018000303"], 0x28}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000040)={0x18, 0x0, {0x3, @random="00ff00", 'bond0\x00'}}, 0x1e)
sendmmsg(r9, &(0x7f0000002340)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}}], 0x3e8, 0x0)
setsockopt$inet_mtu(0xffffffffffffffff, 0x111, 0xa, &(0x7f0000000000)=0x3, 0x4)

1.164534205s ago: executing program 4 (id=10627):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000000)='\xee\xe5nc', 0x0)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f0000010240)={&(0x7f0000000180), 0xc, &(0x7f0000010200)={&(0x7f00000001c0)={0x28, 0x3f7, 0x0, 0x0, 0x0, {0x7, 0x7, './file0', './file0'}}, 0x28}, 0x1, 0x0, 0x0, 0x19f777b384a4a141}, 0x8000)
listen(0xffffffffffffffff, 0x0) (async)
listen(0xffffffffffffffff, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) (async)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x200, 0x0) (async)
r2 = syz_open_dev$dri(0x0, 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000026c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x3, 0x4, 0x0, 0x10000, 0x406, 0x0, "427f4d0561864078b7f952fc7ebbfea1deee063e520cc38c6a002000"}})
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x0, 0x2)
ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f0000000140))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0) (async)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f00000000c0)=0x3ff)
socket(0x10, 0x807, 0x2)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0) (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x24040000) (async)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x24040000)
syz_open_dev$swradio(&(0x7f0000000380), 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000340), 0x7, 0x412040)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)}, 0x0) (async)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ifreq(r6, 0x89f0, &(0x7f0000000300)={'bond0\x00', @ifru_names='wg0\x00'}) (async)
ioctl$sock_ifreq(r6, 0x89f0, &(0x7f0000000300)={'bond0\x00', @ifru_names='wg0\x00'})
socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="0000e2c3ea30000000008e3d0000000000001200607d0448b5e408ce223d6eee097d86e67747aac776a11ee1ddfbe8f7c900a1c782cca4e6b2b5b904ecefd0a2aa52cf0d058887356aa4c20382155c9341043e88828b896301c24e", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000003000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1.048364457s ago: executing program 4 (id=10628):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x3, @random="00ff00", 'bond0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}, 0x3000000}], 0x3e8, 0x0)

963.050425ms ago: executing program 4 (id=10629):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
mlock2(&(0x7f0000381000/0x4000)=nil, 0x4000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0xffffffffffff8001, 0x979c23d9cdf07d32)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20020009, 0x0, &(0x7f0000000240)={0x20, 0x0, 0xfffc, 0x360, 0x7}, 0x1a, 0x7, 0x60000000, 0x0, 0x4, 0x101, 0x0})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r2, @ANYRES16=r2, @ANYBLOB="050004000000fedbdf250f00000008000300", @ANYRES32=r4, @ANYBLOB="39000e0080000100080211000000ffffffffffff0802110000000000000000000000000004000000000601010101010171070100000201f0080000000400800008000c006400000008000d0000000000"], 0x6c}}, 0x0)

888.140246ms ago: executing program 4 (id=10630):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r0, &(0x7f000000c1c0)={0x0, 0x0, &(0x7f000000c080)}, 0x20)

663.65638ms ago: executing program 2 (id=10631):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r2}, 0x38)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="3fdf0000", @ANYRES16, @ANYBLOB="010426bd7000f8dbdf2502000000"], 0x1c}}, 0x8d0)
write$nci(0xffffffffffffffff, 0x0, 0x7)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getpgid(0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
ioctl$PPPIOCGCHAN(r3, 0x80047437, 0x0)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xb5, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x200000b, 0x42032, 0xffffffffffffffff, 0x200000000000000)
connect$rose(r4, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, 0x3, [@bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)
connect$rose(r4, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @bcast, @default]}, 0x40)

663.44157ms ago: executing program 6 (id=10632):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2e, 0x401, 0xf0bd26, 0x25dfdbfc, {0x4, 0x0, 0xe00}, [@typed={0x8, 0xc, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

538.957619ms ago: executing program 6 (id=10633):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="6d86fbf1e9188f55e7a78decf6d9b9deaf4e12b3bc0f4b17f7505824750c0f5d54a1af353a966d4d65c43d5312f8355f0408087002bc4f0f88ed43ae0e785b94d111efe0a080095c47e20e33bcb7e2b98ef1a963d9b78f99e59afd39c9ab90afbcd851f207c4321204a38865704215e39fdcbb1c51bf61c7fb3166ea147fa1a3e7df3de9473bdb3ad931940cb38fea306d8b01ce70f89cf6015d5d186ad35f14a4b927a50a538fbbfae1e8015269108e9dc4b91239c3d75ee22d38544ed19101b46e2a85425a5b45fb9a698dc3c855c5e05c3f75be4b8527b5c3195d3e8864237d3b98da8f091dc56f2932bd4c98f3731bf2e2a9db1b47b574d8bcbb9c705085dfaed590e21981dfb18f3216ba0ac979a632c948798b920d09820c666d0ed3e41b79daadfa0536a1e6881b39987c83e46f34b27cd1a7dd19f4a312bb42fc55982726130d36df32d897a72919a64460eeb5cebd063cb5c2b24b1df83077a645574c08af604948736958fe7e1e1cd4ea6f37fb5ec8946802"], 0x50}}, 0x4000850)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file3\x00', 0x105042, 0x0)
mount(0x0, &(0x7f0000000300)='./file3\x00', &(0x7f00000000c0)='pvfs2\x00', 0x0, &(0x7f0000000380)='acl')
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

538.652379ms ago: executing program 5 (id=10634):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="24000000400007010a18b333e12cc3a1017c003a0e2782800c00018008003a00", @ANYRES32, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
socket(0x10, 0x803, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x973, 0x1c080, 0x0, 0x44a})
socket$inet(0x2, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@deltaction={0x14, 0x31, 0x8, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20008000)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000003c0), 0x200100, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000440)={&(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000200)="fde790976654f1b4a675f66953477891a037c96267135401706f5f92f613d056468e26a6906889cab38125ceadbe0348187a094627f48eeeb6adc4f175516a306373", 0x42, r3}, 0x68)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000002c0), 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="88000000031401002bbd7000fcdbdf250900020073797a310000000008004100736977001400330076657468315f746f5f687308000000000000000073797a310000000008004100736977001400330076657468305f6d6163767461700000000900020073797a310000000008004100736977001400330076657468315f766972745f7769666900"], 0x88}, 0x1, 0x0, 0x0, 0x8001}, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000000)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_SREG={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_CSUM_OFFSET={0x8, 0x7, 0x1, 0x0, 0x4}, @NFTA_PAYLOAD_CSUM_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x4000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f0000000200)={0x80000000, 0x0, &(0x7f0000000140)=[{}, {{}, {<r7=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_ENTITIES(r6, 0xc1007c01, &(0x7f0000001380)={r7})
getsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, 0x0, &(0x7f0000000040))

536.767418ms ago: executing program 6 (id=10635):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffefe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x3, 0x0, 0x0, @uid}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044045}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf2500000000000000000000000000000000ff010000000000000000000000000001000400004e210001000000002e000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac1414bb000000000000000000000000000004d632000000e0000002000000000000000000000000020000000000000000000000000000000000000000000000090000000000000001000000ffffffff00000000000000003f0000000000000043050000000000000400000000000000ffffffffffffff7fffffffffffffffff07000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000080000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32, @ANYRES32], 0x15c}, 0x1, 0x0, 0x0, 0x890}, 0x2014)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r4, {0x9}}, './file0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x10, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xdc, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x1000, &(0x7f0000000800)=""/4096, 0x41100, 0x0, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f00000001c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x0, 0x9, 0x6, 0x800}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000300)=[r0, r0, r0, r0], &(0x7f0000000340)=[{0x5, 0x2, 0x10, 0xc}, {0x4, 0x1, 0xe, 0x3}, {0x1, 0x2, 0x6, 0x1}], 0x10, 0x200000}, 0x94)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000110000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(r7, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @empty}, 0x1c)

536.207879ms ago: executing program 5 (id=10636):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, &(0x7f0000000700)=ANY=[@ANYBLOB="56c78e3c733d76697274676f2c6e6f65bc33dbde548d51f5638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000300)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000040), 0x20, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c2)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f00000000c0)={0xc000003, 0xb99, &(0x7f0000005440)=[0x1b27, 0x2a, 0xff, 0x4, 0xe7, 0x40, 0x3, 0x0, 0x3, 0x26a4, 0x8001, 0x7d1a, 0x8, 0x6, 0x6, 0x5ec2, 0x7f, 0xc, 0x4, 0x2, 0x0, 0x80000000, 0x3, 0x9, 0x8, 0x7, 0x0, 0x0, 0x242bc054, 0x8000, 0x2, 0x7, 0xffff80f4, 0x6, 0x1, 0x1, 0xb8, 0x6, 0x8da, 0x6, 0xa, 0x6, 0xe1, 0xe7c, 0x64b2, 0xdc9, 0x2, 0x7fffffff, 0x6, 0xe151, 0x5, 0x9, 0x7, 0x1000, 0x80, 0x9, 0x0, 0x8, 0x2, 0x6, 0x8, 0x8, 0x9, 0xffffffff, 0xffffffff, 0x59f10000, 0x1ff, 0x9, 0x3, 0x1, 0x2c, 0x6e, 0xffff, 0xe, 0x10, 0x7, 0x2, 0x4dec, 0xb5c8, 0x8000, 0x77, 0x80000000, 0x400, 0x3, 0x200, 0x1200000, 0x0, 0x8, 0x0, 0x7, 0x8, 0x4, 0x80, 0x1, 0x7, 0x5, 0xffff, 0x4, 0x9, 0x80000001, 0xa0000000, 0x9, 0xe5, 0x2, 0x401, 0xb, 0x7, 0x8, 0x54318d2e, 0x6, 0x4, 0xffffffff, 0x7e33, 0xff, 0x200, 0x0, 0x3, 0x8, 0x9, 0x4, 0x1, 0x6, 0x307d, 0x7, 0x7fff, 0x7db, 0x9, 0xfffffff7, 0x1, 0xf, 0x3, 0x8, 0x9, 0xffffffff, 0x6, 0x7, 0x7, 0x5c, 0x7, 0x81, 0x10000, 0x2, 0xa0, 0xe, 0x8, 0xb, 0x8, 0x8000, 0x10, 0x439, 0x9, 0x3, 0x2, 0x3ff, 0x9, 0x7, 0x8001, 0x80000001, 0x1391, 0x1, 0x6, 0x2, 0x8, 0x3, 0x0, 0x6, 0x0, 0x1, 0x77bf, 0x8, 0x6, 0x6, 0x41b, 0x9, 0x8, 0xec69, 0x200, 0xc, 0x3, 0x4, 0x5, 0x6, 0x8, 0x100, 0x0, 0x10000, 0x0, 0xe, 0xba7, 0xffffff81, 0xa, 0x7, 0x3, 0x9000, 0xd88, 0x4, 0xc, 0x0, 0x100, 0x5, 0x5, 0x0, 0x9, 0x684, 0x4, 0x66c64a25, 0xffffffff, 0x864, 0x4, 0x0, 0x0, 0xffe00000, 0xfffffffc, 0xfff, 0xa, 0xdbe, 0x8, 0x401, 0x2, 0x7, 0x5, 0x7, 0x2, 0x5, 0x0, 0x1000, 0x0, 0xfff, 0x0, 0x3, 0xfffffffa, 0x9, 0x1cb4, 0xfffffe00, 0x8, 0x101, 0x185, 0x8c5, 0xc, 0x0, 0x800, 0x8, 0x6, 0xe, 0x0, 0x80000000, 0x9c, 0x7, 0x4, 0x6, 0x8, 0x2, 0x9, 0x6, 0x9, 0xffe000, 0x1ff, 0x9f, 0x3, 0xe, 0x18000, 0x0, 0x6, 0xffffffff, 0x1, 0x5, 0x18, 0x5, 0x3, 0x8, 0x5, 0x7, 0x3ff, 0xfffff834, 0xfffffffb, 0x80000001, 0x401, 0x210e, 0x10, 0x800, 0x9, 0x0, 0x8366, 0x81a, 0x5, 0x7, 0xffff8c87, 0xffffff8c, 0x9, 0xe, 0x6, 0x5, 0x7, 0x1, 0x0, 0x736, 0xf, 0xfff, 0xb, 0x8, 0x7, 0x9ca0, 0x8d, 0x8, 0x9, 0x7f, 0x0, 0x6, 0x4, 0x7, 0xffffffe5, 0x2, 0x2, 0x503, 0x7, 0x1, 0x4f9d, 0x401, 0x400, 0x2, 0x101, 0x1, 0x6, 0x8, 0x7f, 0xdf, 0xffffffff, 0x2, 0x5c, 0x5, 0x7, 0x5bc, 0x2, 0x4, 0x10000, 0x7, 0x60, 0x4, 0xfffffffe, 0x7, 0xfffffff4, 0x0, 0xb, 0xffffff1a, 0x7, 0x4, 0x1a, 0x445c, 0x0, 0x1, 0x97, 0x3800000, 0x6, 0x200, 0x2, 0x100, 0xcd44, 0x5, 0xff, 0x81, 0x7fffffff, 0x6, 0x1, 0xe, 0x8a1, 0x0, 0x4, 0x0, 0x7fffffff, 0x2, 0x2, 0x5, 0xa, 0x6, 0x3, 0x1, 0x4, 0x1, 0x8, 0x1, 0x4, 0x0, 0x97, 0xc22, 0x2, 0x7, 0xffffffff, 0x27b4fc3c, 0x5, 0x5, 0x4, 0x8d3, 0x3, 0x0, 0x10, 0x101, 0x51, 0x3e, 0x2, 0x20, 0x2a2, 0x5, 0xffff, 0x101, 0x100, 0xcbd, 0x0, 0x8, 0xffff, 0x1000, 0x1ff, 0xfffffff8, 0x9b22, 0xfffffffe, 0x8, 0x2, 0x1, 0x0, 0x1, 0xe484, 0x2, 0x40, 0x43700, 0x40, 0x8, 0xf, 0x45, 0x33, 0x1, 0x0, 0x2ef83ab4, 0x2, 0x40, 0x3, 0x1, 0x80000001, 0x9, 0x3, 0x400, 0x2, 0x3, 0x5, 0x0, 0x3, 0x5, 0x10000, 0xfffffffc, 0x1000, 0x0, 0x0, 0xaa5f, 0xff, 0x6, 0x80000000, 0x7, 0x1, 0x5a9, 0xffff04ee, 0x7, 0x7fff, 0xf, 0x5, 0x6, 0x9, 0x800, 0xf, 0x800, 0x8, 0x6, 0xfe2, 0x10, 0x5, 0xb5, 0x78e6, 0x1, 0x3, 0x6, 0x8, 0x1, 0x7, 0x4, 0x0, 0x3b1, 0xf68, 0xff, 0x81, 0xa, 0x80000000, 0x523dcc8f, 0x1, 0x5, 0x7, 0x800, 0x1, 0x1, 0x7, 0x7, 0x8, 0x1, 0x7, 0x3, 0x3, 0xfffffffe, 0x7, 0x6, 0x1, 0x9, 0x2, 0x80000000, 0x7ff, 0x7, 0x6, 0x7, 0x4, 0x8, 0x0, 0x6, 0x81, 0x9, 0x83, 0x8, 0x8, 0xe, 0x2, 0xf, 0x2, 0x8, 0x10001, 0xfffffff8, 0xe0, 0x7, 0x25, 0x400, 0x4, 0x3d36, 0x9, 0x3, 0x5, 0xfffffffc, 0x9, 0x9, 0x7, 0x2, 0x1, 0x100, 0x0, 0x10, 0xaa2, 0xc17c, 0x3, 0x429, 0x9, 0x92, 0x6, 0x8, 0x8000, 0x3, 0xfffffffe, 0x5, 0x8100, 0x2, 0x401, 0xfffffff8, 0x80, 0xffff, 0xf3ba, 0x3, 0x0, 0xff, 0x120000, 0x4, 0x80000001, 0x0, 0x3, 0x6, 0x4, 0x1000, 0xfd, 0x5, 0x1, 0x1ff, 0x80000001, 0xfffffffa, 0x5, 0xb, 0x4, 0x9c, 0x9, 0x40, 0x7, 0x80, 0x1, 0x7, 0x3ff, 0xa83, 0x4, 0x8, 0x4, 0x1, 0x7272122d, 0x3, 0x7fff, 0x7, 0x3, 0x98, 0x800, 0x1000, 0xd, 0x0, 0x9, 0x1, 0xffff, 0x2, 0x4, 0x7f, 0x4, 0x800, 0x1, 0x5, 0x5, 0x2, 0x693, 0x9, 0x9, 0x82b, 0x7, 0x954, 0x2, 0x5, 0x5, 0x10, 0xf430, 0x2, 0x9, 0x200, 0x3, 0x5, 0xf1b3, 0x6, 0xd9, 0x8001, 0xd, 0x10001, 0xc1, 0x7, 0x1, 0x7, 0x40, 0xd7aa, 0x0, 0x7, 0x2, 0x0, 0x9, 0x0, 0xe, 0x32bdd93c, 0x5, 0x9, 0xc1, 0xb8, 0xc, 0x7fffffff, 0x200, 0xfffffffc, 0x6, 0x2, 0x3, 0xc5e, 0x1, 0x122c, 0xfff, 0x100, 0x0, 0x9, 0x7, 0x5014, 0x4, 0x4, 0xddf, 0xc, 0x9, 0x3, 0x2, 0xe95, 0x0, 0x6, 0x1, 0xc, 0x7fff, 0x3, 0x2, 0x9, 0x400, 0xfffffe00, 0x80000000, 0x4, 0x0, 0x9d42, 0x4, 0x3, 0x68c, 0xac72, 0x0, 0x1, 0x3, 0x3, 0x0, 0x5, 0x0, 0x6, 0x3, 0x1, 0x6, 0x0, 0x8, 0xd, 0x7, 0xffffffff, 0xa6a1, 0x1000, 0xfe, 0x1, 0x200, 0xa269, 0x8, 0xd545, 0x3, 0x6, 0x8, 0x7, 0xd45, 0x9, 0x40000, 0x2, 0x1cb0, 0x8000, 0x4, 0x1, 0xf, 0xe, 0x7a1c0b2a, 0xffff6c48, 0xa, 0x5, 0x9, 0x3, 0xc96e, 0xffffffff, 0xff, 0xf6, 0x1000, 0x916, 0x4, 0x4, 0x1, 0x9, 0x7ff, 0x7b1, 0x6, 0x1, 0x0, 0x7, 0x5, 0x4, 0x7, 0x5, 0x6, 0x1, 0x0, 0xfffffffb, 0x7fff, 0x0, 0xf, 0x1, 0x0, 0x7, 0xd6, 0x5, 0x2, 0xfffffffa, 0xfffffeb9, 0x5, 0x7, 0x1, 0x772, 0x13, 0x7, 0x1, 0x4, 0x5, 0x7, 0x4, 0x5, 0x5, 0x5, 0x4, 0x3, 0xc02, 0x1000, 0x839, 0x9, 0x8000, 0x6, 0x5, 0x7ff, 0x6, 0x2, 0x4, 0x2, 0x9, 0x1, 0x5e64f2d9, 0xad63, 0x204, 0x5, 0x2, 0x3, 0x7, 0x6, 0x513d3be1, 0x39c, 0xfff, 0x40000, 0x1, 0x4, 0xe, 0x0, 0x9, 0x5, 0x9, 0x9, 0x83, 0x5, 0x7, 0x1, 0x8000, 0x1, 0x6b0, 0x9, 0x7, 0x5, 0x40, 0x8000, 0x1, 0x7, 0x3, 0x8, 0x7, 0x9, 0x1e2, 0x3, 0x1000, 0x1, 0x3, 0xfff, 0x1, 0x9, 0x6, 0x401, 0x7fffffff, 0x4, 0x1, 0xb, 0x9, 0x8000, 0x2cff, 0x6, 0x6, 0x5, 0x7, 0x7, 0x1c0b78ee, 0x5d6, 0x10001, 0x10001, 0xfffffff7, 0x5, 0x8, 0x7, 0x8, 0x2, 0xffffff80, 0x80, 0xf7, 0x1, 0x8, 0x10000, 0x80000001, 0xffffffff, 0x8, 0x0, 0x4, 0x2, 0x0, 0x1a7b, 0xfff, 0x8, 0x3, 0x8, 0x9, 0x101, 0xf, 0x6, 0x4, 0x80000001, 0x5, 0xd4, 0x0, 0x8, 0x3fff800, 0x800, 0xffffffff, 0x8, 0x9, 0x229, 0x4, 0x8000, 0x3, 0x5, 0x4, 0x8, 0xe22, 0x400, 0x5, 0x7, 0x6, 0x9, 0x7, 0x2e5, 0x6, 0x7, 0x9, 0x3, 0x1, 0xc5b, 0x10000, 0xc1a, 0x2, 0x6, 0x5, 0x3, 0x33, 0x0, 0x4, 0x7, 0x2, 0x8, 0x5, 0x1, 0x6, 0x10001, 0x9, 0x0, 0x9, 0x8, 0x6, 0x9, 0x3, 0x17600, 0x0, 0x5, 0x10001, 0x4, 0x0, 0x0, 0x6, 0xfffffffe, 0x5, 0x8001, 0x101, 0xfffffff9, 0xfff, 0xffff4306, 0x8, 0x3ff, 0x1ff, 0x1ff, 0x1, 0x4, 0x4, 0x5, 0xffffff62, 0x4, 0x2, 0x3ff, 0x7, 0x1, 0x5, 0x4, 0x8, 0x9, 0xfffffffc, 0x0, 0x3, 0xe74, 0x3, 0x1, 0x0, 0x4, 0x7, 0x9, 0x0, 0x1, 0x0, 0x2, 0x8, 0x8000, 0x3, 0x9, 0x4f, 0x63, 0xfffffffe, 0xe7b, 0x14, 0x2, 0x6, 0x3, 0x3acac487, 0x4, 0x3, 0xfffff71f, 0x100, 0x9, 0x7, 0x10001, 0x7, 0x8, 0x3, 0x3, 0x8f, 0x5, 0x8, 0x7fffffff, 0xdf6, 0x2, 0x8, 0x15, 0x8, 0x3, 0x3, 0xd, 0x6, 0x378, 0x4, 0xfffffff8, 0x6, 0x6, 0x4, 0x3c37, 0xb56, 0x8, 0x1e9b, 0x2, 0x5, 0x7, 0x6, 0x8, 0x7, 0xd2, 0xa, 0xacf, 0x6, 0x401, 0x63, 0x100, 0x2476, 0x1400, 0x400, 0x2, 0xd, 0x0, 0xabd0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x1, 0x53, 0x8, 0x3, 0x7f, 0x2, 0x458f, 0x3, 0x4, 0x180000, 0xfff, 0xdd, 0x9, 0xffffffc0, 0xd5, 0xffff, 0x1ff, 0x9, 0x2, 0x3, 0x0, 0x1000, 0x80000000, 0x1, 0x7, 0x2563, 0x1, 0xa86, 0xd4, 0x3, 0x1, 0x2, 0xd204, 0x80000001, 0x1, 0x0, 0x0, 0x6fd, 0x3, 0x3, 0x7, 0x8, 0x9, 0x6, 0x9, 0x7, 0x1, 0x0, 0x7fffffff, 0x7, 0xcf000, 0xf6d, 0xfffffffa, 0x157, 0x8, 0x5, 0x2, 0x7fff, 0x165b, 0x3, 0xfffffff8, 0x4, 0x3, 0x9, 0x1000, 0x9, 0x1, 0x10000, 0x40, 0x7, 0xd4, 0x1, 0x80000001, 0xffff752a, 0x1, 0x4, 0x7, 0xfffffffd, 0x2, 0x0, 0x1, 0xa0c8, 0x6, 0x8000, 0x1, 0x8, 0x81, 0xa960, 0x10001, 0x1, 0x3aa3, 0x43f, 0x6, 0x800, 0x79, 0x5, 0x5, 0x3, 0x80000000, 0x101, 0x3, 0x3, 0xdf, 0x21a1, 0x9, 0x6971, 0x7, 0x80000001, 0x8001, 0x2, 0x2, 0x5, 0x1, 0x9, 0x0, 0x341a, 0x0, 0x8000, 0x8001, 0x8, 0xfffffff9, 0x3, 0x80000000, 0x8, 0x2, 0x4, 0x10001, 0x9, 0x7a16, 0x7ff, 0x9, 0x0, 0x7, 0x657, 0x9, 0x3, 0x400000, 0x7, 0x8, 0x2a, 0xfffffffa, 0x9, 0x47b, 0x3, 0x1, 0x3, 0x401, 0x0, 0x0, 0x2, 0x7fffffff, 0x7, 0xff, 0xb22, 0x4bad, 0x6, 0x0, 0xbd4c, 0xfffffff0, 0x8, 0xfffffffe, 0x101, 0x80, 0x7, 0x7f, 0xffff8000, 0x22d, 0x6, 0xffffffff, 0x1, 0x400, 0x4, 0x7fffffff, 0x9, 0x0, 0x200, 0xc42f, 0x7, 0x5, 0xc, 0x3, 0x3, 0x2, 0xffffff80, 0x31, 0x2, 0x7fff, 0x6c0, 0x8000, 0x1, 0x6, 0x3, 0xf3c, 0xfa2, 0x2, 0x3, 0x4, 0x4, 0x8, 0xc588, 0x4, 0xc, 0x1, 0x8001, 0x3, 0x80000000, 0x7fff, 0x800, 0x7f, 0x80, 0x5, 0xf, 0x7ff, 0x8, 0x4, 0x1, 0x1, 0x1, 0x5, 0x9, 0x9, 0x8, 0xff, 0x63c, 0xcc, 0x0, 0x680, 0xaf, 0xbd53, 0x10, 0x521160da, 0x9, 0x800, 0x4, 0x9, 0x4, 0x9, 0x4, 0x9, 0x2, 0x9, 0x5, 0x776a, 0xffffe85e, 0x3, 0x1f, 0xfffffffa, 0x9, 0x5, 0x7ff, 0x8, 0x4, 0x6, 0x1, 0xfffffff6, 0x4, 0x80000001, 0x200, 0xffff, 0x10, 0x9, 0x4, 0xfffffffd, 0xe7, 0x8, 0x401, 0x3, 0x7, 0x8d, 0x3, 0x4, 0x9, 0x4ce4, 0xffffffff, 0x100, 0xff, 0x9, 0xd, 0x3ff, 0x8, 0x2, 0xffff0001, 0x9, 0x7, 0xc, 0x3, 0x8, 0x9, 0x0, 0x6, 0x5, 0x5f, 0xff, 0x2, 0x7, 0xb99, 0x80, 0x4, 0xe48d, 0x1ff, 0x0, 0x6, 0x9, 0x0, 0xd141, 0x2, 0x7c, 0x4, 0x3, 0x1, 0x0, 0x8, 0x7fffffff, 0x80000000, 0xb1d, 0x8, 0x400, 0xfffffffe, 0x3, 0x3, 0x0, 0xf30f, 0x0, 0x9, 0x3, 0x8001, 0x1, 0x7, 0x4, 0xd3, 0x0, 0x5, 0x6, 0x9, 0xd, 0xf8, 0x4, 0x8000, 0xfffffffa, 0x7f42, 0x0, 0x1146cd38, 0xe96, 0x4df, 0x1, 0xc, 0x7fffffff, 0xfffff800, 0x8, 0x4, 0x80, 0xb, 0xc4, 0x9, 0x2, 0x2, 0x3, 0x7, 0xc919, 0x6, 0x0, 0x3, 0xffffffff, 0x1, 0x5, 0xfffff73f, 0x9, 0xff, 0xffffffff, 0x9, 0x9, 0x7fff, 0x7, 0x0, 0x9, 0x7, 0x7fff, 0xffffffff, 0x8001, 0x2, 0x3, 0xa7, 0x7, 0x61, 0x7ff, 0x3, 0x9, 0x401, 0x3, 0x9, 0x7, 0x8000, 0x4, 0x48c, 0x3, 0x9, 0xfff, 0x3ff, 0x1, 0xe, 0x4, 0x101, 0x7ff0000, 0x768, 0x8, 0x1000, 0x6, 0x1, 0x0, 0x3, 0x6, 0xfffffffa, 0xfffffffe, 0x3, 0x8001, 0x80000000, 0x7dd, 0x0, 0xfff, 0xfffffffc, 0x4, 0xff, 0x9, 0x1, 0x5, 0x1, 0xcf, 0x1, 0xff, 0x8, 0x8, 0x7, 0x1, 0x800, 0x5, 0x400, 0x400, 0x400, 0x10000, 0x5, 0xfffffff1, 0xb7, 0x0, 0x8000, 0x2, 0x0, 0xfffffff2, 0x5, 0xe00, 0x7, 0x1, 0x3, 0x1, 0x3, 0x4, 0x8, 0x4, 0x40, 0x6, 0x0, 0x6, 0x5, 0x9, 0x1, 0xfff, 0x10000, 0x5, 0x6, 0x1, 0x0, 0xeb, 0x6, 0x800, 0x5, 0x4, 0x1, 0xfff, 0x0, 0x4, 0x1, 0x1, 0x6, 0x7, 0x7, 0x4, 0x1, 0x1a3, 0x1, 0x2, 0x4, 0x4, 0x92ec, 0xe, 0xf4c, 0x10000, 0x6, 0x6, 0x6be80000, 0x1, 0xfffffffb, 0x1, 0xc, 0x9, 0x3, 0x5, 0x40, 0x401, 0x7, 0x4, 0xffffffff, 0x1, 0x8, 0x1, 0x4, 0x1, 0xe, 0x4, 0x9, 0xb81, 0x0, 0x80000001, 0x8f, 0x8, 0x7, 0x9, 0x7, 0xa111, 0x1ff, 0x5, 0x1, 0x61, 0x3b, 0xb53, 0x79cb, 0xfffffffe, 0xf3c0, 0x3, 0xf9, 0x9, 0x1, 0x7f, 0x5, 0x2, 0x0, 0x7, 0xfffffffa, 0x1, 0x0, 0x3, 0x5, 0x1ff, 0x5, 0x5, 0x8, 0x6d7, 0x4, 0xfffffff9, 0xb88, 0x7, 0xf, 0x6, 0xc, 0x9, 0x81, 0x18746000, 0x1, 0x9, 0x4, 0x9, 0xd2a3, 0xdcdd, 0xffff, 0xfffff6cc, 0x1b, 0xfffffff6, 0x7, 0x3, 0x4, 0x5, 0xd2c, 0x4, 0x0, 0x1, 0x4, 0x10000, 0x9, 0xcea2, 0x8, 0x2, 0x2, 0x8001, 0x5, 0x55, 0x2, 0x0, 0x7, 0x3, 0xffffffff, 0xfff, 0x800, 0x10000000, 0x0, 0x7, 0x8, 0x2, 0x25, 0x3, 0x0, 0x5, 0x4, 0x4, 0x8, 0x70000, 0x3, 0x1, 0x4, 0x5, 0xb, 0x7, 0x3, 0x280, 0x401, 0x1, 0x0, 0x6, 0x7, 0x3, 0x9, 0x541, 0x101, 0x4, 0x8, 0x56, 0x2, 0x2, 0x1, 0x3, 0x1, 0x9, 0x5, 0xffffffff, 0x2, 0x4, 0x9, 0x5, 0x8, 0x4, 0xfffffffb, 0x7, 0x1, 0x3, 0x5a01f9a, 0x1, 0x9, 0x3, 0xf, 0x3, 0x6, 0x3, 0x11c5, 0x1, 0x9, 0x80000, 0x0, 0x4, 0x8, 0x2, 0x8, 0x65a1, 0x400, 0x4, 0x7e4, 0xffff, 0xb4, 0x5, 0xfffffc01, 0x4ad, 0x2, 0x40, 0x100, 0x2, 0xa06, 0x45, 0x6d9, 0x0, 0xd26, 0x0, 0x6, 0x8001, 0x8, 0x6, 0x66, 0x74, 0xf5b4, 0x7fff, 0x3, 0xffffffff, 0x2, 0x401, 0xa40c, 0x83, 0x1, 0x0, 0x2, 0x8, 0x1, 0x101, 0xf, 0x5, 0x2, 0xe90, 0x3, 0x9, 0x7ff, 0x5, 0x10, 0x3ff, 0x1, 0x7, 0x1, 0x559, 0x7, 0x8, 0xffffffff, 0x1, 0x401, 0x8, 0x7, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, 0x5, 0x10001, 0x4206, 0x400, 0x10, 0x5, 0x7, 0x7, 0xd939, 0x6, 0x8, 0x1ff, 0xfffffe00, 0x3, 0x6, 0xfffffffe, 0x0, 0x9, 0x4, 0xb5, 0xffffffff, 0x8, 0x5, 0x0, 0xfffff000, 0x8, 0x6, 0x3, 0x2, 0xa5, 0x6, 0xff, 0x1, 0x5, 0xfffffe00, 0xe77, 0x5, 0x0, 0x7, 0x0, 0x7, 0x5, 0x9, 0x9, 0x6, 0x8, 0xebba, 0x8, 0x1, 0x8, 0xf, 0x8001, 0x86, 0x5, 0x4, 0x5, 0x7fff, 0x11b, 0xf8, 0xffff, 0x8, 0x2, 0x3, 0xffff, 0x1ff, 0x0, 0xc, 0x5, 0x9, 0x9d9, 0x7, 0x2, 0x7, 0xc84, 0xd9, 0x6, 0x10000, 0x4, 0x4, 0x0, 0x7fffffff, 0x0, 0x8, 0x8, 0x8, 0x1000, 0x1, 0x3ff, 0x5, 0x8000, 0x3, 0x4, 0x7ff, 0x5, 0xc, 0x1000, 0x80000000, 0x4548, 0x434875b5, 0x3, 0x3, 0xdbc, 0x1000, 0x1, 0x2, 0x0, 0xf4, 0x7, 0x3, 0x51b9, 0x81, 0x1, 0x3, 0x866, 0x1000, 0x1, 0x5, 0xfffffffe, 0x6, 0x8, 0x1, 0x9, 0xfffff001, 0x400, 0x1ff, 0x0, 0x5, 0x6, 0x5, 0x1, 0xb8, 0x1, 0x40, 0x9, 0x2, 0x2, 0x9, 0x3ff, 0x3, 0xffffffff, 0x800, 0x0, 0x3ff, 0xa, 0x2, 0x9, 0x2, 0x9, 0x4a, 0xffff, 0x4, 0x8c, 0x100, 0x1, 0x3, 0xb18, 0x7, 0x4ff0d6e, 0x7fffffff, 0x62, 0xcd, 0x3, 0x1f60000, 0xe3d, 0x1ff, 0x3, 0xb15, 0x4, 0x1, 0x4b, 0x9f0, 0x3, 0x3, 0x200, 0x7fff, 0x80, 0x2, 0x4d8, 0x2, 0x4, 0x131d, 0x7, 0x8, 0x3, 0x602c, 0x5ba, 0xffffd44e, 0x7fffffff, 0x0, 0x3, 0x40, 0x8, 0xff, 0x100, 0x6, 0xe9, 0x3, 0x5, 0xff, 0xc88, 0x7, 0x7, 0x4, 0x9, 0x10, 0x8, 0xb245, 0xfffffe01, 0x1, 0x8, 0x4, 0x79048b67, 0x3, 0x0, 0x80000000, 0x2, 0x9a, 0x10, 0xffff, 0xfffffffb, 0x8, 0x8, 0x6d50d882, 0x1, 0x100, 0x3, 0x0, 0x10001, 0x7, 0x1ff, 0x8, 0x1a, 0xd, 0x0, 0x10, 0x3, 0x1, 0x3, 0x3, 0xfffffff8, 0xfffffffb, 0xb07d, 0x5, 0x2, 0x1, 0x5, 0x6, 0x2, 0xd, 0xed, 0x5, 0x1, 0xc, 0x0, 0x3, 0x0, 0xff, 0x8001, 0x1, 0xd, 0x5, 0x4, 0x7, 0x6, 0x7, 0x8, 0x8, 0x7, 0xd5, 0x7ff, 0xe7, 0x5, 0x7, 0x4, 0xc9c9, 0x4, 0x9, 0x9, 0x7ff, 0x3, 0x975, 0x10001, 0x800, 0x800, 0x2793, 0x5, 0x5, 0xc, 0x4, 0xa, 0x9, 0x0, 0x9, 0x3, 0x1a1, 0xffffffff, 0xfffffffa, 0x9, 0x101, 0x0, 0x4, 0x3, 0x0, 0x7f, 0x10001, 0x8001, 0x1, 0x6, 0x7, 0x8, 0x1, 0x3, 0x8000000, 0x6, 0xd18, 0xffffffff, 0x9, 0x0, 0x0, 0x8, 0x6, 0x6, 0x9, 0x10001, 0x1ff, 0x0, 0x4, 0xb, 0x8, 0x9, 0x0, 0x9, 0x6, 0x7fff, 0x5, 0x4, 0x1, 0x7ff, 0x80000001, 0x5, 0x3, 0xfffffffd, 0x7, 0x6, 0x10, 0x1, 0x400, 0x0, 0x400, 0x8000, 0xfffffff9, 0x3, 0x6, 0x0, 0x9, 0x0, 0xa7d, 0x800, 0xffffff7f, 0x9f, 0x2, 0x200, 0x2a7, 0xa, 0xb, 0x7, 0x80, 0x9, 0xca5, 0xcf43, 0x9, 0x0, 0x0, 0x3, 0x1, 0xf, 0x101, 0x7fff, 0x9, 0x9, 0x7, 0x1, 0x0, 0x9, 0x2, 0x1, 0x7, 0x5, 0x80000001, 0x206, 0x100, 0x4, 0x0, 0x1000, 0x4, 0x71, 0x2, 0x9, 0x1, 0x7, 0x1, 0x1, 0xc7, 0x5, 0xfb78, 0x1, 0x2a, 0x97, 0x6, 0xc83f, 0x9, 0x6, 0x0, 0xfffffffe, 0x6, 0x74a, 0x8, 0x0, 0x9, 0x3, 0xffff, 0x8, 0x25, 0xbb6a, 0x8, 0xa51, 0x1, 0x3, 0x2, 0x73e, 0x8, 0x9d, 0x2, 0xffffffff, 0xf26, 0xf, 0x3, 0x96c, 0xa9000000, 0x81, 0x7, 0x1, 0x7ff, 0x7, 0x0, 0x8000, 0x4, 0x1, 0x6, 0x7, 0x0, 0x1, 0x0, 0x9, 0x2, 0x3, 0x4, 0x0, 0x5, 0x5, 0xc5c, 0x500e, 0xfffffff8, 0x1, 0x1a2e, 0x40, 0xfffffff7, 0x5, 0x5, 0x401, 0x2, 0x10001, 0x4, 0x10000, 0x3, 0x89, 0x80000001, 0x3ff, 0x6, 0x567c, 0xf0, 0x7, 0x9, 0x5, 0x200, 0x3, 0xfff, 0xfffffffc, 0x40, 0x3, 0x5, 0x1000, 0x6, 0x7fffffff, 0x9, 0x81, 0x8, 0x9, 0x7, 0x80000001, 0x4, 0x8001, 0xf74, 0x3, 0x2, 0x7ff, 0x0, 0x0, 0xfffffe00, 0x56, 0x5, 0x7, 0xffffffff, 0x351, 0x9, 0xafa, 0xe, 0xfffffff9, 0x3, 0x7, 0xffffffc0, 0x9f, 0x6, 0x4, 0x7, 0x7, 0x1, 0xd, 0x5, 0x1, 0x4, 0x64ae, 0x7fff, 0x6, 0x1, 0x1, 0x9, 0x0, 0x3, 0x0, 0x0, 0xb, 0x6, 0xfff, 0x75ae, 0x4, 0x8ff, 0xa171, 0x6, 0xc1, 0x0, 0x1, 0x88c, 0x2, 0x8, 0x10000, 0x101, 0x2ed, 0x5, 0x1, 0x8, 0x8, 0x0, 0x7, 0x8, 0x28e, 0x2, 0x8, 0x177, 0x17, 0x3, 0x7, 0x6, 0x7, 0x800, 0x3, 0x400, 0xb0000000, 0x7, 0x8, 0x2, 0x50e, 0x4, 0x6, 0x1, 0x4, 0x401, 0x678, 0x9, 0xe1, 0x0, 0x800, 0x100, 0xf, 0x6, 0x6, 0x8, 0x8, 0x1, 0x8, 0x8, 0x5, 0x6, 0x5, 0x8, 0xfffffffe, 0x6, 0x800, 0x4, 0x6, 0x3ff, 0x3, 0x6, 0x31, 0x2, 0x1, 0x7, 0x0, 0x10001, 0x1b, 0x4, 0xff, 0x23, 0x8fe, 0xfff, 0xfff, 0x2, 0x1, 0xd40a, 0x308, 0x3, 0x8, 0x8, 0x5, 0x0, 0x9, 0x40, 0x800, 0x1ff, 0x3ff, 0xdad6, 0x3, 0x200, 0x800, 0x9, 0xfff, 0x9, 0x9786, 0xf9a9, 0x8, 0x80000000, 0xb302, 0x6, 0x8, 0x2, 0x9, 0x5, 0x9, 0x7, 0x3, 0xb6, 0x7, 0x1, 0xffffde00, 0x4c37, 0x3, 0x8, 0x3, 0x8000, 0x6, 0xffff, 0x2af223a1, 0x6, 0x8, 0xfffffffa, 0xff, 0x97ca, 0x3, 0x9, 0xc, 0x9, 0x7, 0xccb, 0x9, 0x7, 0x1, 0x800, 0x5, 0x1825e132, 0x100, 0x0, 0x0, 0x2, 0x731, 0x1, 0x0, 0x9, 0x2, 0x200, 0x3cf0, 0x3, 0x9, 0x1, 0x2, 0x8, 0xffffffff, 0x10001, 0x915, 0x5, 0x4, 0x2, 0xfff, 0x3, 0x9, 0x7, 0x2f9, 0x8, 0x9, 0x8000, 0x9, 0x0, 0x8, 0x6, 0xce6, 0x3, 0x9c3, 0x0, 0xffff, 0x6, 0x4, 0x5, 0x7fff, 0x0, 0x800, 0x6, 0x8, 0x9, 0x2, 0xf57, 0x0, 0x6, 0x7, 0x80000001, 0x7fff, 0x89, 0x8, 0x7, 0x800, 0x65e, 0x6, 0x4, 0x1, 0x10, 0x40, 0x1, 0x10000, 0x3, 0x80000000, 0xfffffff2, 0x10001, 0x1, 0x5, 0x0, 0x10000, 0x5, 0x8, 0x6, 0x9, 0x6, 0x9, 0x7, 0x8, 0xe3d, 0x1, 0x3ff, 0x3, 0x4, 0x10, 0x6, 0xf, 0x7d, 0x5, 0x4, 0xe7a, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4, 0x6, 0x5, 0x8, 0x2, 0x1, 0x7fffffff, 0x0, 0x6, 0x3, 0x7e, 0xfffffffb, 0x6, 0x8, 0x100, 0x3, 0x2, 0x2, 0xfffffff7, 0x0, 0x6, 0x8000, 0x5, 0x80000001, 0x400, 0x6, 0x7, 0x6, 0xf0, 0x10001, 0xe, 0x10001, 0x10000, 0x7, 0x0, 0x4, 0xffffffff, 0x9, 0x1, 0xc, 0x5, 0x3, 0x3c, 0xfffffffe, 0x80, 0x4, 0xbc48, 0x3, 0x10000, 0x5e09a76d, 0x6, 0x5, 0xd, 0x2, 0x7f, 0x7, 0xffffffff, 0x9, 0xfffffff7, 0x2, 0x200, 0x3, 0x4, 0x1, 0x48, 0x9, 0x1, 0x0, 0x8, 0x8, 0x3, 0x4, 0x4, 0x5, 0x8, 0x6, 0x9, 0x8, 0x5, 0x4, 0x10000, 0x8, 0x3a1286ed, 0x0, 0x2, 0xb, 0x0, 0x6, 0x10001, 0x1b8, 0x9, 0x0, 0x217c74a4, 0x1, 0x8, 0x99, 0xa, 0x3, 0x5, 0x5, 0xffffffd2, 0x80000001, 0x4, 0x5, 0x4, 0x10000, 0x3, 0x5d5, 0x2, 0xfffffe00, 0x6, 0xbd0, 0x1, 0x81, 0x100, 0x473e, 0x6, 0x7fffffff, 0x4, 0x800, 0xd6a, 0x9, 0x5, 0x9, 0x5, 0x5, 0x0, 0x1, 0x519e, 0x7, 0x8000, 0x2, 0xf, 0xd, 0xb, 0x7, 0x5, 0x80, 0x1, 0x8f82, 0xffffff36, 0xc90, 0x8, 0x40, 0x4, 0x8, 0x9, 0x80000000, 0x2ff, 0x6, 0x6, 0x200, 0x2, 0x4, 0xd, 0x5, 0x101, 0xffff, 0xfffffbff, 0xf, 0x0, 0x193f, 0xffff6dc1, 0xfc3, 0x401, 0xffffffe9, 0xb0, 0x9, 0x3, 0x7, 0x1ff, 0xfa50000, 0xffffffc3, 0xcc, 0x0, 0x7ff, 0x1, 0x72a, 0x9, 0x7, 0x8, 0x0, 0x0, 0xc, 0x1, 0xffffffff, 0x7, 0x7fff, 0x0, 0x424, 0x0, 0x40000000, 0x2f7, 0xfffffff8, 0x101000, 0x200, 0x2, 0x100, 0x100, 0xffffffff, 0x1, 0xfffffffc, 0xb, 0x9, 0x401, 0x67, 0xb1d2, 0x793e, 0x8, 0x6, 0x8, 0xfffffffd, 0x6, 0x6, 0xe, 0x3, 0x7, 0x0, 0x2ee8, 0x2, 0x6, 0x1, 0x5, 0x800, 0x7f, 0x7, 0x95, 0x4, 0x7fffffff, 0xe, 0x74e, 0xf, 0x7f, 0x1000, 0x1, 0x9, 0x10000, 0x7fffffff, 0xcf, 0xc, 0x80000000, 0x7, 0x9, 0x4, 0x8000, 0x1, 0x9, 0x6, 0x3, 0xfffff241, 0xffffffff, 0xfffffffb, 0x7ff, 0x3c8, 0x4, 0x0, 0x7, 0x7fff, 0x70a, 0x6, 0x5, 0x8, 0x6, 0xf, 0x4, 0x6, 0xfffffff7, 0x8, 0x48000000, 0x0, 0x5, 0x37066a0, 0x8, 0xbac2, 0x1, 0x5, 0x80, 0x800, 0xc, 0xb3, 0x3, 0x9, 0x5, 0xfffffeff, 0xfff, 0x9, 0x6, 0x1, 0x7, 0x9b4, 0x7, 0x9, 0x8000, 0x4, 0x0, 0xc5a2, 0xe, 0x8, 0x9, 0x2, 0x9, 0x800000, 0x0, 0x1ff, 0x800, 0x8, 0x4, 0xe44, 0x800, 0x800, 0x2fe, 0x6, 0xffffffff, 0x6, 0x7ff, 0x2, 0x1, 0x2, 0xd, 0xd916, 0x200, 0x8000, 0x6, 0x2, 0x8, 0x3, 0x18000, 0xfffffffa, 0xdce, 0x6, 0xffff, 0xe, 0x96, 0x7f, 0x400, 0x40, 0x9, 0x7, 0x3, 0x401, 0x90000, 0x10, 0x9, 0x8, 0x4, 0x5, 0x7, 0x7fffffff, 0xd, 0x5, 0x10, 0x8, 0x400, 0xf, 0x1, 0xbfb, 0x1, 0x4, 0xaee3, 0x9, 0x6, 0x7fffffff, 0x1, 0xfffff000, 0x3ff, 0xfd, 0x1, 0x4], 0x8, 0x1})
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000200)='./file1\x00', &(0x7f0000000240), 0x0, &(0x7f0000000500)={'trans=virtio,', {[{@directio}, {@mmap}, {@cache_readahead}, {@afid={'afid', 0x3d, 0x8000000000000000}}, {@posixacl}, {@version_9p2000}, {@directio}, {@privport}, {@cachetag={'cachetag', 0x3d, '\x85.-/-]'}}, {@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}], [{@appraise_type}]}})
read$FUSE(r1, &(0x7f0000003400)={0x2020}, 0x2020)

449.955172ms ago: executing program 5 (id=10637):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000000c0)={'wpan1\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x3c, r3, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x1}, @NL802154_ATTR_EXTENDED_ADDR={0xc}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x3c}, 0x1, 0x0, 0xfffe, 0x84}, 0x4000004)

307.829214ms ago: executing program 5 (id=10638):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0xb, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000001000)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x38, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x10, 0x6071, 0x0, 0xe7, {[@generic={0x8, 0xe, "2b2f8f075a7d7f3875ad9477"}]}}}}}}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x800}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, &(0x7f0000000440)={0x3e30, 0x1, [{0xf}]})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000000)=0x1ffd, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "910100", 0x10, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)

139.417552ms ago: executing program 6 (id=10639):
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350064756d6d793000000000000000001f0008000a00", @ANYRES32=r3], 0x3c}}, 0x8000)

211.43µs ago: executing program 6 (id=10640):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67030000005f69643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0xc2, 0xffff}}}}}}}, 0x0)
mount$afs(&(0x7f0000000180)=@cell={0x23, 'syz0:', 'syz0'}, &(0x7f00000001c0)='./file0\x00', &(0x7f00000003c0), 0x204021, &(0x7f0000000480)=ANY=[@ANYBLOB="666c6f636b3d77726974652c66686f6317aa7b6c6341fb6b3d6f70656e6166732c64796e2c666c6f636b3d6c6f63616c2c6175746f63656c6c2c64796e2c7375626a5f747970653d726f6f746d6f64652c00"])
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = dup(r2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000640)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x70bd28, 0x25dfdbfd, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x0, 0x2, {@in6_addr=@local, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8090}, 0x4c050)
close(0x3)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x40400, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYS_PRIO={0x6, 0x18, 0xfff}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0xfff3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x10, 0x80000000, 0x4, {0x0, 0x0, 0x0, 0x0, {0xd}, {0xa, 0xfff2}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x1a}, @TCA_FQ_PIE_ECN={0x8, 0xa, 0x40001}]}}]}, 0x44}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x32, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x80854}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}, @IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @loopback}}]}]}, 0x50}, 0x1, 0x1000000, 0x0, 0x24004800}, 0x4)

0s ago: executing program 4 (id=10641):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
unshare(0xc020680)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r0, 0x80106720, &(0x7f0000000480)={0x5, &(0x7f00000003c0)=[{0x8, 0x1000, &(0x7f0000000780)="61d491faa5b9f6f0743f9e08fcbbdb7b2e1efb5ae439f8857c6fb3a919522e39be743da428b8d961960dbe97a8b73155decfbca6c38ad740092c9077f0ce6449d02dbb9103705966fccab02f9ee20dc69997d9037e25dfe77f51f6eeee36b131fe4c21557c3198ecd3424dc2ca57e7e7da526feb8035a29f4fd5dd5761bab318e6df787969244331138fddd4afaac00c4d189ec6efbc279a4d5295e8f3f6e6c2f45f8fbe2bb8931a9ab4ea3a45689bf3b98bfdf92a73aa152e8e87ec15c81bc35ca0a896faaf7cecc180a2bda1d80b8263405b8e20925cc5c62c87e1f548c0f99d27342df44e71a3f8ab3432b1dd23f881be0e1b01f3637feee4377c54040f4b5933e67d7bd716b8804cd73f1b4dd2a2cae14a215a380f82d4d7b22c610cf345139717b284beb84f1502f50ff01bee4ac833a25136025570d276e2832765c79c897a8d30e134c6d2890fe3b6a241f2be6678afd9befefaeef2706b826ab5984de131b2ff6bfafccc2127fad0ffc4e2945623cf6fd186ba616a7a4f37e3a4580944dab18c646f24d9adf37152718808a561891c05ca0fc2e4cc4cea585ed5d1793eebaf383df69bec6da218cb7a7fc71304d1ee226bc644435157efeeb7a18b9565b1e0c29f142ce7ecb6d3502509897d4681e7e1674a8f0ec3b60c7e1eccb3a96d9484d5bff200a5b82460ba5e2a1ab2e1ae9d576e079d24f131f5c60cf2c001476840c2ee0219aa0edb57a7782c222924b07e52afcea7b7fed9e1ba97a4d905b0f011a56c9be50e58713d17319812e7cbb3ed9beeb794a0d42ade02274f2bb15a0c453e67167bfe86b88d18a59f9bcf9d2934dc6090fdc9227d4bbc343f1e5393f8725493b5ef6e2e9179673e4630c76bdc8c97386380793bd5d113232dfea10893c8f827abe7516e2811f7ee14fa36d8018174163baf2d063d6a6220d6d1d9d21d1b1f762376bfae7d7b883b6b9c6a1018ee2d5e1ddd1a3d639006022cb1c55f26266a5403b218859f19b9469e8865e7d59d60f741b47cbcca0d350bd8226f5dbefa5006aa7ca39da18abc29ded901c10c5b7392e68d4df74e0d54b144ec0f11706cc90f022137d8dc6c3b2ea7e6798c44616a369818483995c86d7093f07ecacd4779012cbb6837a0978292a2263c460b7e3138c961ab3ae053325ff291b00effe0e1e95f5b8c4b085c90df4b47ad6f69284631cb9669e3be35e21cb5eaf50384a7afb476487d15fabd670907e2e935dd19cd8da237c445e0bddb73318c445f828e1155f1b2957c31e5c12f1277c7d5aae5fefb7d1bbac750ab395db6b184b1653163a9dd0e393de9f40ca31294385181f7d91e701268301affe63ed3b87d9cc3175a275ae9ff4237348fcae5c008e92f95f8f10f651d93d5d6fd5e9fa8cc40986102cf1c1b626f2e1d7fbd137d83f979c4c460c98e48ef88f9e892fa5817ec714499692dd3faf0101988d47857f1e00093d88f5445738fc8cb23dcb93c4c2b6c07017f637f04fe0ce6ed77f9113600b2afaec4913b7e1e431fb54f464c94d1cae03e24386e19d09b9ab15d7aa4735fac574fe886844cbd41cf6983a04c8f16b02b17494b75a4453b65ad0e3fdf0fa682d6577e5b2d4657f6b4540be20d92d94783866972b1903682f7ee73861857f74c1e7cc8e99187bf5b330d105bc3d2d31ae84d14767ca272556951d8f9854eaee54291f3a6a631b788a5294cc2662830c4d68a8f0ddf40faa9813e2c6f9b245a285a50bda8d425d5144b57bdc987c99bb127bda3d860d345a5ccc51159d580cec10d783e7e4921a0d9903d558fed50a114993be8d7883dc56b1134542e64692fdb9ea2b64748105d80161cb5863eb717076be8dc426dcb12a88212c2641f2421c8ccfe4334df3ccf0c41f1c599696ef5fb02b6584034d920a9ff489428470da02c3e7225b2866667def04cf64a89b5e4cb7567520abe5d29297cfe116919d9d4771b61af6194ae3a0da9d541ffbeaadcedfbd88339c464e6ee7947f7321f539e5878bb4fca1eec7089b557e105372757d82d07dc2475dd901ceb13595808333bfc611a18aae06060a8378506c3ef89d35695f6083b24bc2b74f0ae302eab9b054a91632dc6d12421b784f56fb9b3faa7e93ab041703d5056bad57a6935905c7481b0233bbf932724f1de2a7bc2dd86e6ff24b6554cb8870a94e63350eac83fd199eeb7abfb40b857c55250080cac012c4635c6fda0468a489210e101768e28e6ad005cf7416000a0e9a6e0b16a315fbd82ca9c1b5e964f6aec8bff05431d62e8bac0637fe788246219919243ed3f347ee5c6a7a0f8ac77768167c4c54e3b6ab578a405bc987d4d26f44c58b74eb64446db799bc42f6692bb21fb20cf5335be5c8b9cbf6abfb8e2a805a4c88d43c6f01e7f979df4bee3ef870b3b13d2857996d3ae28168e6171331f5f856eb3a6e81fe46713aa668e4f269bc65546c5e6d2950baaad145235817bb3e0c9fb913dc185e288d0fbd6df5608a719a6f87b8810ab46c565039ad3f7fdac89c7e6d62d0764775dcec499b761057c8e42b72301118b6c2891175cfc7d6f10b0bd32f6b712f903a7247dc58b3c3a62d8037fbfa43106298797f36ed2c51b9e94e9cdaa883f2ada0e6aa3355715a5a66daeb73986eaff20cafa081a657f3628fa29e08ff393be7781f5a83a07244e90734ee5c0a8566e101d877ceee8090af78d9d1c4a0306537220608048296390f6a8060fbdd772d70d13dabccfa46b359efd13c1b939c22bb95e41f4ff9f98d88ba84e39f0d551671d5cf2bc4f7b244bce7757315d5b3b5d6149167a204cbf9a5c9b5d96d8cc7fbc97ffc9c30cfa3d8933459b97458390af830683314e169a68692c27c12db0915fde5b4420c5f5cbc7915c7187feb2b0688374cc422710b0881a979c203fde604360d878e76f7a18c2adb413497a128ae4e1021f995280b8a8e4005fee60a2531844950b514397af5df1e7cd7338739ed8ef6438d864ac231cd6740f53023ae5b4ab8a32a563c87f3a9684972a7a170dd1ff45805055d3ec8aca0f2e7aca583265576539a1a47ac07b14e2c457f26da983b546e4851d3572519c076e9f92d82ced00727d58c1a82a04799c88b879ef37305ad8aff51b65f3d6212afd1904d79caae579c2c1db88c3faf21d3a91263009d04ce30392b4fcf29bcc353c1c8099c6f1d5064fd2129e99e58ea9f415e48e11c697109a8ef3728df9ab2e656beb7b41ec3b1fc6edf006f8426e0ef5b504f4a1afde75f938dea9e453d2cc70430d77498317ab8a5aa39843cfe79f064fc627fd44ab7483de76bea0b48803fbd92f4da8958e8f1671cfd4fc6c89adfbf02c222736a11490e1319a9f567697df49fc491ee59d5567d2ab5ca9cfa59d5be5800a9f5c11794fcc5dc4cefcc8d93cbb2b8ca279f9905cdd4cd242fd3b88412531dd52350d7be2ff2ce0b52253186284fb2373d30b4d395357e25011e586d51928d20206fc6a16b2afd74ed0722753c23e64ee57fb54e0ca5a9b9c1cd14b0b8c0c9896132cda22fcc8ffd7546e4103fb3a7d9f1aeed460f27abd06e9286951862086ed3912368697fc762e908d95b8b2ed57661eda71cd69325fa72cf7bef01fa4ada6fa4b7d14c68c88df84ebbc47e68b565bbe0bd03249b302f4b3cb29fece9e48d5aacc2d25aaa76232a06b4536de1c46e3954474388fd9b348d4f9249b415cbffc2b9c12c06487693d6699b06e29a1bd810692e53456d7fc6131b3e71fdefcacb1a1596a978ee35ce4c36642be9ac4e14eff358960be4675877cb0dc22b6cdb670837c182aaf5e057b26fd9a76a2c784f596cb18cd2596db3da609218b9af799fc633744259eff7afe2786f5d9d8540d86ad912e10797a2f11e4550952ced94c35ee9c7ca4359d4725672bffc5d5e53efeee78657bc677887beb373298f568e3005560d2597d27ed0fa3f19609e45f4c74edab8f8e4840267ba72c164d32a12488c0f68a67e8cf2535c857f4d7f4f640588b740d3eef4e5083d2a1254e6d179526a7a10f63e646a59dc1e807467f676539aab11b0038494148c14a5f5b1b6d2d0d7aa5df022b0167adf3035e8f86bc9dac374b62ffb16b7facab748e66731d426d607c8b1d1200bb5034fe242b2c554530c84de3c53b26262ccc636c9285c1c226f974b868d67ce62a0f7facb55204764cff139389f9845b7104d4f98aa2c4efbb96aa5bfafec03632b43ee96b88e4167e9ab89e16d1faa849a4c4e1da5ae2f36a9727e0fa6e3e492bd9bd91c47e5a7cc62e7ef959f108e04460ef6d24f7b337740b695a65a8a62cabce0399b79319dbb70ca29a25b16078fff529c7b031b662527058c2423e1f8ef7edcf80d88c968f7c8315d754c1836b4106136281e38d8c538466960a07ef26a5f113a52088eab6af147b0101dda44c8fc52b3a8e6606559e4ce138b3fcaf77d1d55603124973d34ce7ec7249348ba993a4b1f37d33346398f7b45f298b3a4b049768bb75f1c978007831aed5d115f56f1b5efcf2c9752af0fdf6738e6c9e59c797129a4aafcca4576b6dad48428ac5bb23331bed111200a2e911d3f81062c1c10ab543232c5f46f54d7bdfb1d1fb2167e69c5ec7683595b8d804502dfa2ede6cb0e7837b9e3c30f3a021889e41e4c5c5dcb5e0489234cbff4247a9a8b8f7840642fb650fec7ca8cd3f243780fb84e4d3b4f08f34af2d163fee50c838242c5f9f85ea039f043f3c10e49e693bbd6d30734cf7214eb2d8cb7e19ffba0df209a9d36d06d93866228b7acceae25d82906a12dc24ac9a896ceb0b0fe7d57f29cbb3f0815c341eeeb37a434adb6f80f4232a1efdeba435b36dfb934371535b185ac171ea9889e874748cee0c05f34f78dcbd1ea6bdb7298c86f01fa28894951b76b3b65723a47c5a2fafd5a219f6abd7ade61a11f76db5b8ddd91ffc4a70d849a938b9be82c3a2a9aebe38ed4b118463900f6d36991cb6406ecca671d999f2b18d4b56650ac78a1dad655e05bcca8c53205aaad01c79083d60632a6758895f1b270ed545886b324c0880cb13d5d1a22c136889db3c8508d4db373f789a1f364032b698119e5c1818c5acb0f88d679a32cd75036466c45d82f7a9d437c499d77a06990a31debb9fa92e9ffafd1259ab16d24e0ac2da2bd0eb9e9696e4264f8a03af3b391576db3fb46523f7aea90c86dfa2caa919480c65d55006ea9b0c1dada0831a18ed7dc330cb43e97ea91bc615de849cc8854d1a6c7500c81155a30ffa3f9e81af324bde3f144336049ba48a7239680679e192b10b82afcefbb6daccf35b4f7fbc711409b6298b29c10b6f93a564f33ddc6ab200f7d60c47b6ed4d759dbfaf95a7d5f10e0e80b96f45d820ae6b08a6fc66b462fd9100479e6354784b362aade7f1bc6a6728d5e1b7ce9714a1cceae0e3320960767c454dab69dde6cde205eed4723e1e5fb2671ad184bb574cf131629a9d356f65c44dae7d84b548ba61c8113a26eae7e2639ab3eb4af5c062dabc40cb76c011274ed3742ee141a6bb11a29ad9900528e9174c936bd5bb1ca74b0ee882f02aa5aa8a6dcba4124876e131b23e424f931ce711a51161ea880548da1bd1f6670f0ecc760996c1037e6329b81e885709cf5e85808e007b94fb3801928baab05dd3dee667acff4e45eb7023b33ded5887d516b1a0befcf218d7255ac116856d7ca71549bc24251f6d335fcaacff26652875f39a746b62fb54bbe09ced797ccd3b648c1b9b9470d911ce6db5cae2bb5d548a58de57c1af1d407c4b2422e411c8f8e92a201f05ae01b319", 0x1}, {0xfffffff8, 0x5b, &(0x7f0000000000)="d59f2034c1435d544afe7e7db8ffa8fcfa8272b30c83407fd50e8122bc0a4364f01fc3fddd53a27f1f7e02ca1510ff2b447357544041b71248e8250b23b4cc8b30bef384d2e370da52e77ec580948e86bdc250197b9c9faf1114fe"}, {0x4, 0xb5, &(0x7f0000000240)="db2845cbae76a4a891be15d70f3f8b6c921ae4fa2f701e259760ba4bc20541c6e4c6d4af1e9bcccff7fdeef8f70356079672cfe27c86f0c4e68e24f5d3fb44319d5bfa6b4615000ea4c889f974a9319ceeea758f600f75337351f8cbdbdc8bfb2cff8642cc2fdeca7574b558dfee32e8343fe63c6460068fabd31a493e7f7264cd390df2e149ab2f700d23adad52deb3ff0454b4c3d82c72ba72e62a8b2ae107bb31fc1b695659907a99630cc052a57be46c62a58e"}, {0x1, 0xab, &(0x7f0000000300)="8dc5017acc7468434b095fe5fc1f7175a889c102be1d2785f44ed6fa7e62d32b3d98d8c4088d3bbdcb844a1863b604f44b0b70ce9d30e55910d925394f2d8e98bb141cf498db5911fc9903ac2b9c3a6c1981ead28ad264d1e8b2da65fd9842cd127b048afb537c6297d1edc3b70e6b7e3a8b6670e23f73d029aa4198572a8eb7f3219751ae6f946dd0efcc3a98ad6ac7e14fabc111222cb2b2923189a5bd49fa10ef10f1c76f89f95d6686", 0x0, 0x1}, {0x1, 0x1d, &(0x7f00000001c0)="dc8a6f0a5597dc225cf9a782f9750a5505dfe1744f56af056fca9da36c"}]})
write$nci(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="500403"], 0x7)

kernel console output (not intermixed with test programs):

 batadv_slave_1
[  481.461741][   T74] veth1_macvtap: left promiscuous mode
[  481.463517][   T74] veth0_macvtap: left promiscuous mode
[  481.467566][   T74] veth1_vlan: left promiscuous mode
[  481.470023][   T74] veth0_vlan: left promiscuous mode
[  481.571642][ T5946] Bluetooth: hci5: command tx timeout
[  481.742958][T30666] overlayfs: conflicting options: userxattr,metacopy=on
[  481.756566][T30666] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.
[  481.836950][   T74] team0 (unregistering): Port device team_slave_1 removed
[  481.872380][   T74] team0 (unregistering): Port device team_slave_0 removed
[  482.112613][   T74] lo (unregistering): left allmulticast mode
[  482.458165][T30683] netlink: 'syz.5.9855': attribute type 4 has an invalid length.
[  482.505541][   T74] IPVS: stop unused estimator thread 0...
[  482.535737][T30686] netlink: 48 bytes leftover after parsing attributes in process `syz.5.9855'.
[  483.395485][T30690] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9849'.
[  483.785499][ T5946] Bluetooth: hci5: command tx timeout
[  484.640270][T30660] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  484.749072][T30704] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9854'.
[  484.779167][T30704] netlink: 'syz.5.9854': attribute type 10 has an invalid length.
[  484.785816][T30704] team0: Device vxcan1 is of different type
[  485.257800][T30709] Set syz1 is full, maxelem 65536 reached
[  485.287249][  T843] IPVS: starting estimator thread 0...
[  485.390725][T30738] IPVS: using max 46 ests per chain, 110400 per kthread
[  485.609165][   T40] audit: type=1400 audit(1770385919.596:2365): avc:  denied  { recv } for  pid=30728 comm="kworker/u32:12" saddr=fe80::2 daddr=ff02::1 netif=eth0 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  485.884613][   T40] audit: type=1400 audit(1770385919.848:2366): avc:  denied  { create } for  pid=30749 comm="syz.5.9867" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  485.891949][   T40] audit: type=1400 audit(1770385919.848:2367): avc:  denied  { write } for  pid=30749 comm="syz.5.9867" name="file0" dev="tmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  485.899651][   T40] audit: type=1400 audit(1770385919.848:2368): avc:  denied  { open } for  pid=30749 comm="syz.5.9867" path="/23/file0" dev="tmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  485.912410][   T40] audit: type=1400 audit(1770385919.848:2369): avc:  denied  { ioctl } for  pid=30749 comm="syz.5.9867" path="/23/file0" dev="tmpfs" ino=137 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  485.979095][   T40] audit: type=1400 audit(1770385919.942:2370): avc:  denied  { unlink } for  pid=30445 comm="syz-executor" name="file0" dev="tmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  486.002317][T30754] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9868'.
[  486.010199][ T5936] Bluetooth: hci5: command tx timeout
[  486.049417][T30756] overlay: ./file1 is not a directory
[  486.056552][T30756] 9p: Bad value for 'afid'
[  486.441934][T30765] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  486.450169][T30765] CIFS mount error: No usable UNC path provided in device string!
[  486.450169][T30765] 
[  486.453811][T30765] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  487.903338][ T5936] Bluetooth: hci3: command 0x0406 tx timeout
[  488.110380][T30713] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  488.193184][T30775] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9877'.
[  488.228601][T30777] overlay: ./file1 is not a directory
[  488.245562][T30777] 9p: Bad value for 'afid'
[  488.339324][T30791] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9884'.
[  488.378919][   T40] audit: type=1400 audit(1770385922.186:2371): avc:  denied  { write } for  pid=30793 comm="syz.2.9882" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  488.390594][   T40] audit: type=1400 audit(1770385922.186:2372): avc:  denied  { map } for  pid=30793 comm="syz.2.9882" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  488.423836][T30799] netlink: 'syz.5.9885': attribute type 5 has an invalid length.
[  488.441926][T30797] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.9886'.
[  488.501592][T30805] kvm: kvm [30804]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x4000000d)
[  488.602567][T30808] FAULT_INJECTION: forcing a failure.
[  488.602567][T30808] name failslab, interval 1, probability 0, space 0, times 0
[  488.606729][T30808] CPU: 2 UID: 0 PID: 30808 Comm: syz.1.9890 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  488.606746][T30808] Tainted: [L]=SOFTLOCKUP
[  488.606750][T30808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  488.606757][T30808] Call Trace:
[  488.606761][T30808]  <TASK>
[  488.606766][T30808]  dump_stack_lvl+0x100/0x190
[  488.606803][T30808]  should_fail_ex.cold+0x5/0xa
[  488.606815][T30808]  should_failslab+0xc2/0x120
[  488.606831][T30808]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[  488.606844][T30808]  ? __pfx_vsnprintf+0x10/0x10
[  488.606863][T30808]  ? find_held_lock+0x2b/0x80
[  488.606878][T30808]  ? pcpu_alloc+0x2ca/0x350
[  488.606899][T30808]  ? kasprintf+0xc7/0x100
[  488.606916][T30808]  ? kvasprintf+0xbc/0x150
[  488.606930][T30808]  kvasprintf+0xbc/0x150
[  488.606945][T30808]  ? __pfx_kvasprintf+0x10/0x10
[  488.606961][T30808]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  488.606971][T30808]  ? lockdep_hardirqs_on+0x78/0x100
[  488.606983][T30808]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  488.606995][T30808]  kasprintf+0xc7/0x100
[  488.607010][T30808]  ? __pfx_kasprintf+0x10/0x10
[  488.607031][T30808]  ieee80211_alloc_led_names+0x11b/0x420
[  488.607048][T30808]  ieee80211_alloc_hw_nm+0x1934/0x22a0
[  488.607067][T30808]  mac80211_hwsim_new_radio+0x1e1/0x57c0
[  488.607088][T30808]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  488.607105][T30808]  ? __nla_validate_parse+0x1e7/0x28b0
[  488.607116][T30808]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  488.607134][T30808]  hwsim_new_radio_nl+0xc1f/0x1340
[  488.607147][T30808]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  488.607161][T30808]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  488.607179][T30808]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[  488.607194][T30808]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  488.607215][T30808]  genl_family_rcv_msg_doit+0x214/0x300
[  488.607236][T30808]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  488.607262][T30808]  ? bpf_lsm_capable+0x9/0x10
[  488.607286][T30808]  ? security_capable+0x80/0x260
[  488.607303][T30808]  ? ns_capable+0xd2/0xf0
[  488.607319][T30808]  genl_rcv_msg+0x560/0x800
[  488.607331][T30808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  488.607342][T30808]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  488.607357][T30808]  ? __lock_acquire+0x4a5/0x2630
[  488.607370][T30808]  netlink_rcv_skb+0x159/0x420
[  488.607386][T30808]  ? __pfx_genl_rcv_msg+0x10/0x10
[  488.607397][T30808]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  488.607418][T30808]  ? netlink_deliver_tap+0x1ae/0xcc0
[  488.607435][T30808]  genl_rcv+0x28/0x40
[  488.607444][T30808]  netlink_unicast+0x5aa/0x870
[  488.607463][T30808]  ? __pfx_netlink_unicast+0x10/0x10
[  488.607484][T30808]  netlink_sendmsg+0x8b0/0xda0
[  488.607502][T30808]  ? __pfx_netlink_sendmsg+0x10/0x10
[  488.607517][T30808]  ? __might_fault+0x90/0x140
[  488.607533][T30808]  ____sys_sendmsg+0xa54/0xc30
[  488.607545][T30808]  ? __pfx_____sys_sendmsg+0x10/0x10
[  488.607561][T30808]  ___sys_sendmsg+0x190/0x1e0
[  488.607573][T30808]  ? __pfx____sys_sendmsg+0x10/0x10
[  488.607591][T30808]  ? find_held_lock+0x2b/0x80
[  488.607613][T30808]  __sys_sendmsg+0x170/0x220
[  488.607633][T30808]  ? __pfx___sys_sendmsg+0x10/0x10
[  488.607656][T30808]  do_syscall_64+0xc9/0xf80
[  488.607670][T30808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.607681][T30808] RIP: 0033:0x7f5d0179aeb9
[  488.607691][T30808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  488.607702][T30808] RSP: 002b:00007f5d02606028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  488.607714][T30808] RAX: ffffffffffffffda RBX: 00007f5d01a15fa0 RCX: 00007f5d0179aeb9
[  488.607725][T30808] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003
[  488.607735][T30808] RBP: 00007f5d02606090 R08: 0000000000000000 R09: 0000000000000000
[  488.607745][T30808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  488.607757][T30808] R13: 00007f5d01a16038 R14: 00007f5d01a15fa0 R15: 00007ffe1c565988
[  488.607782][T30808]  </TASK>
[  488.944664][T30821] overlay: ./file1 is not a directory
[  488.952572][T30821] 9p: Bad value for 'afid'
[  489.232438][T30832] xt_ecn: cannot match TCP bits for non-tcp packets
[  489.233989][T30830] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.9897'.
[  489.245832][T30832] virt_wifi0 speed is unknown, defaulting to 1000
[  489.405060][   T40] audit: type=1326 audit(1770385923.130:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30804 comm="syz.2.9889" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11cf9aeb9 code=0x7fc00000
[  489.413941][   T40] audit: type=1326 audit(1770385923.130:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30804 comm="syz.2.9889" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb11cf9aeb9 code=0x7fc00000
[  489.557515][T30853] overlay: ./file1 is not a directory
[  489.565378][T30853] 9p: Bad value for 'afid'
[  491.913851][ T5946] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  491.916720][ T5936] Bluetooth: hci6: command 0x1003 tx timeout
[  491.921164][T30859] FAULT_INJECTION: forcing a failure.
[  491.921164][T30859] name failslab, interval 1, probability 0, space 0, times 0
[  491.925121][T30859] CPU: 3 UID: 0 PID: 30859 Comm: syz.2.9906 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  491.925139][T30859] Tainted: [L]=SOFTLOCKUP
[  491.925143][T30859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  491.925149][T30859] Call Trace:
[  491.925154][T30859]  <TASK>
[  491.925159][T30859]  dump_stack_lvl+0x100/0x190
[  491.925178][T30859]  should_fail_ex.cold+0x5/0xa
[  491.925190][T30859]  should_failslab+0xc2/0x120
[  491.925206][T30859]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  491.925221][T30859]  ? __alloc_skb+0x156/0x410
[  491.925237][T30859]  ? __alloc_skb+0x156/0x410
[  491.925249][T30859]  __alloc_skb+0x156/0x410
[  491.925261][T30859]  ? __alloc_skb+0x35d/0x410
[  491.925274][T30859]  ? __pfx___alloc_skb+0x10/0x10
[  491.925288][T30859]  ? netlink_has_listeners+0x20f/0x430
[  491.925304][T30859]  ? netlink_has_listeners+0x20f/0x430
[  491.925321][T30859]  alloc_uevent_skb+0x7d/0x210
[  491.925337][T30859]  kobject_uevent_env+0xd2d/0x18b0
[  491.925355][T30859]  ? bus_to_subsys+0x114/0x150
[  491.925372][T30859]  device_del+0x605/0x9b0
[  491.925384][T30859]  ? __pfx_device_del+0x10/0x10
[  491.925394][T30859]  ? kfree_const+0x5f/0x70
[  491.925407][T30859]  ? kobject_put+0xb9/0x640
[  491.925422][T30859]  hci_unregister_dev+0x372/0x670
[  491.925439][T30859]  hci_uart_tty_close+0x270/0x2d0
[  491.925457][T30859]  ? __pfx_hci_uart_tty_close+0x10/0x10
[  491.925474][T30859]  tty_ldisc_close+0x114/0x1a0
[  491.925487][T30859]  tty_ldisc_kill+0x8e/0x150
[  491.925500][T30859]  tty_ldisc_release+0x107/0x2f0
[  491.925514][T30859]  tty_release_struct+0x23/0xe0
[  491.925529][T30859]  tty_release+0xd7a/0x1300
[  491.925546][T30859]  ? __pfx_tty_release+0x10/0x10
[  491.925560][T30859]  __fput+0x3ff/0xb40
[  491.925578][T30859]  fput_close_sync+0x118/0x250
[  491.925595][T30859]  ? __pfx_fput_close_sync+0x10/0x10
[  491.925633][T30859]  __x64_sys_close+0x8b/0x120
[  491.925651][T30859]  do_syscall_64+0xc9/0xf80
[  491.925665][T30859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.925676][T30859] RIP: 0033:0x7fb11cf9aeb9
[  491.925685][T30859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  491.925697][T30859] RSP: 002b:00007fb11debd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  491.925708][T30859] RAX: ffffffffffffffda RBX: 00007fb11d215fa0 RCX: 00007fb11cf9aeb9
[  491.925715][T30859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  491.925721][T30859] RBP: 00007fb11debd090 R08: 0000000000000000 R09: 0000000000000000
[  491.925727][T30859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  491.925733][T30859] R13: 00007fb11d216038 R14: 00007fb11d215fa0 R15: 00007ffdb504c128
[  491.925747][T30859]  </TASK>
[  492.518644][T30875] netlink: 'syz.2.9911': attribute type 12 has an invalid length.
[  492.521057][T30875] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9911'.
[  492.547618][T30838] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  492.550669][T30870] netlink: 'syz.4.9910': attribute type 2 has an invalid length.
[  492.678322][ T5936] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  492.688774][ T5936] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  492.695929][ T5936] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  492.700344][ T5936] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  492.715585][ T5936] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  492.752740][T30896] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9917'.
[  492.767744][T30888] virt_wifi0 speed is unknown, defaulting to 1000
[  492.847442][T30906] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9921'.
[  492.923635][T30888] chnl_net:caif_netlink_parms(): no params data found
[  492.989010][T30888] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.991252][T30888] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.993534][T30888] bridge_slave_0: entered allmulticast mode
[  492.997278][T30888] bridge_slave_0: entered promiscuous mode
[  493.000460][T30888] bridge0: port 2(bridge_slave_1) entered blocking state
[  493.002668][T30888] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.006532][T30888] bridge_slave_1: entered allmulticast mode
[  493.009493][T30888] bridge_slave_1: entered promiscuous mode
[  493.026104][T30888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.030961][T30888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  493.046247][T30888] team0: Port device team_slave_0 added
[  493.049619][T30888] team0: Port device team_slave_1 added
[  493.072473][T30915] ceph: Path missing in source
[  493.126731][T30888] batman_adv: batadv0: Adding interface: batadv_slave_0
[  493.133051][T30888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  493.141330][T30888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  493.149495][T30888] batman_adv: batadv0: Adding interface: batadv_slave_1
[  493.152142][T30888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  493.161028][T30888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.210931][T30888] hsr_slave_0: entered promiscuous mode
[  493.213491][T30888] hsr_slave_1: entered promiscuous mode
[  493.215767][T30888] debugfs: 'hsr0' already exists in 'hsr'
[  493.217663][T30888] Cannot create hsr debugfs directory
[  493.219780][T30917] syzkaller0: entered promiscuous mode
[  493.221800][T30917] syzkaller0: entered allmulticast mode
[  493.351963][T30919] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9925'.
[  493.519588][T30925] virt_wifi0 speed is unknown, defaulting to 1000
[  493.584767][   T40] kauditd_printk_skb: 430 callbacks suppressed
[  493.584782][   T40] audit: type=1326 audit(1770385927.048:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30924 comm="syz.4.9928" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f674859aeb9 code=0x0
[  493.801139][T30938] syzkaller0: entered promiscuous mode
[  493.807038][T30938] syzkaller0: entered allmulticast mode
[  493.809035][T30938] tipc: Resetting bearer <eth:syzkaller0>
[  493.882613][T30942] netlink: 200 bytes leftover after parsing attributes in process `syz.2.9934'.
[  494.364905][  T220] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  494.395806][  T220] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  494.426848][  T220] bond0 (unregistering): Released all slaves
[  494.468967][T30949] overlay: ./file1 is not a directory
[  494.484317][T30949] 9p: Bad value for 'afid'
[  494.615564][  T220] bond1 (unregistering): Released all slaves
[  494.692220][T30888] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  494.703635][T30888] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  494.712969][T30888] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  494.722868][T30888] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  494.792430][T30964] netlink: 'syz.2.9940': attribute type 1 has an invalid length.
[  494.794917][T30964] netlink: 44 bytes leftover after parsing attributes in process `syz.2.9940'.
[  494.798120][T30964] ptrace attach of "/syz-executor exec"[30965] was attempted by "/syz-executor exec"[30964]
[  494.800177][T30888] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.812941][T30888] 8021q: adding VLAN 0 to HW filter on device team0
[  494.818493][T30726] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.820757][T30726] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.831428][T30726] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.833948][T30726] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.871234][T30888] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  494.875263][T30888] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  494.892603][T30929] Set syz1 is full, maxelem 65536 reached
[  494.908562][T26519] Bluetooth: hci6: command tx timeout
[  494.981351][T30981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9945'.
[  495.006971][T30976] sit0: entered promiscuous mode
[  495.013691][T30976] netlink: 'syz.5.9943': attribute type 1 has an invalid length.
[  495.018101][T30976] netlink: 1 bytes leftover after parsing attributes in process `syz.5.9943'.
[  495.024935][T30976] Set syz1 is full, maxelem 65536 reached
[  495.045327][T30888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  495.089771][T30888] veth0_vlan: entered promiscuous mode
[  495.096406][T30989] FAULT_INJECTION: forcing a failure.
[  495.096406][T30989] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  495.106895][T30888] veth1_vlan: entered promiscuous mode
[  495.111842][T30989] CPU: 2 UID: 0 PID: 30989 Comm: syz.2.9947 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  495.111873][T30989] Tainted: [L]=SOFTLOCKUP
[  495.111879][T30989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  495.111890][T30989] Call Trace:
[  495.111896][T30989]  <TASK>
[  495.111903][T30989]  dump_stack_lvl+0x100/0x190
[  495.111931][T30989]  should_fail_ex.cold+0x5/0xa
[  495.111950][T30989]  _copy_from_user+0x2e/0xd0
[  495.111973][T30989]  copy_msghdr_from_user+0x9f/0x4f0
[  495.111994][T30989]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  495.112021][T30989]  ___sys_sendmsg+0x106/0x1e0
[  495.112037][T30989]  ? __pfx____sys_sendmsg+0x10/0x10
[  495.112054][T30989]  ? find_held_lock+0x2b/0x80
[  495.112076][T30989]  __sys_sendmsg+0x170/0x220
[  495.112091][T30989]  ? __pfx___sys_sendmsg+0x10/0x10
[  495.112114][T30989]  do_syscall_64+0xc9/0xf80
[  495.112127][T30989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.112138][T30989] RIP: 0033:0x7fb11cf9aeb9
[  495.112148][T30989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  495.112159][T30989] RSP: 002b:00007fb11debd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.112169][T30989] RAX: ffffffffffffffda RBX: 00007fb11d215fa0 RCX: 00007fb11cf9aeb9
[  495.112176][T30989] RDX: 0000000004008054 RSI: 0000200000000200 RDI: 0000000000000005
[  495.112183][T30989] RBP: 00007fb11debd090 R08: 0000000000000000 R09: 0000000000000000
[  495.112189][T30989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.112196][T30989] R13: 00007fb11d216038 R14: 00007fb11d215fa0 R15: 00007ffdb504c128
[  495.112209][T30989]  </TASK>
[  495.156507][T30888] veth0_macvtap: entered promiscuous mode
[  495.244934][T30888] veth1_macvtap: entered promiscuous mode
[  495.276426][T30888] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.282004][T30888] batman_adv: batadv0: Interface activated: batadv_slave_1
[  495.297532][   T60] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.300320][   T60] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.300822][T31005] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9952'.
[  495.306334][   T60] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  495.309283][   T60] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  495.331267][T31008] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9953'.
[  495.375797][T31011] netlink: 'syz.5.9954': attribute type 2 has an invalid length.
[  495.399417][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  495.406525][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  495.423734][T31005] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  495.429960][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  495.435750][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  495.464854][T31017] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9955'.
[  495.554814][T31022] random: crng reseeded on system resumption
[  495.559909][   T40] audit: type=1400 audit(1770385928.899:2806): avc:  denied  { read } for  pid=31021 comm="syz.1.9916" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  495.613616][T31023] sg_write: data in/out 489/10 bytes for SCSI command 0xeb-- guessing data in;
[  495.613616][T31023]    program syz.1.9916 not setting count and/or reply_len properly
[  495.686556][T31029] netlink: 'syz.5.9959': attribute type 4 has an invalid length.
[  495.692106][T31025] sit0: entered promiscuous mode
[  495.693845][T31025] netlink: 'syz.2.9957': attribute type 1 has an invalid length.
[  495.700741][T31025] netlink: 1 bytes leftover after parsing attributes in process `syz.2.9957'.
[  495.704670][T31029] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9959'.
[  495.705232][T31025] Set syz1 is full, maxelem 65536 reached
[  495.752989][T31031] netlink: 'syz.1.9960': attribute type 142 has an invalid length.
[  495.793275][  T220] hsr_slave_0: left promiscuous mode
[  495.795484][  T220] hsr_slave_1: left promiscuous mode
[  495.821007][T31035] netlink: 'syz.2.9961': attribute type 39 has an invalid length.
[  495.938415][T31040] overlay: ./file1 is not a directory
[  495.944306][T31040] 9p: Bad value for 'afid'
[  496.358274][  T220] team0 (unregistering): Port device vxcan1 removed
[  496.499686][T31046] comedi comedi3: comedi_config --init_data is deprecated
[  496.699341][   T40] audit: type=1400 audit(1770385929.965:2807): avc:  denied  { read append } for  pid=31055 comm="syz.2.9969" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  496.712823][   T40] audit: type=1400 audit(1770385929.965:2808): avc:  denied  { open } for  pid=31055 comm="syz.2.9969" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  496.738258][   T40] audit: type=1400 audit(1770385930.002:2809): avc:  denied  { bind } for  pid=31054 comm="syz.5.9970" lport=53081 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  496.747114][   T40] audit: type=1400 audit(1770385930.002:2810): avc:  denied  { name_bind } for  pid=31054 comm="syz.5.9970" src=20002 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  496.756005][   T40] audit: type=1400 audit(1770385930.002:2811): avc:  denied  { node_bind } for  pid=31054 comm="syz.5.9970" src=20002 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  496.785639][T31064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9973'.
[  496.830815][T31066] ipt_REJECT: ECHOREPLY no longer supported.
[  496.876676][T31069] FAULT_INJECTION: forcing a failure.
[  496.876676][T31069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.882329][T31069] CPU: 2 UID: 0 PID: 31069 Comm: syz.1.9974 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  496.882358][T31069] Tainted: [L]=SOFTLOCKUP
[  496.882364][T31069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  496.882375][T31069] Call Trace:
[  496.882381][T31069]  <TASK>
[  496.882388][T31069]  dump_stack_lvl+0x100/0x190
[  496.882415][T31069]  should_fail_ex.cold+0x5/0xa
[  496.882432][T31069]  _copy_from_iter+0x1f4/0x1690
[  496.882456][T31069]  ? _copy_from_iter+0x270/0x1690
[  496.882477][T31069]  ? __pfx__copy_from_iter+0x10/0x10
[  496.882501][T31069]  ? __pfx__copy_from_iter+0x10/0x10
[  496.882518][T31069]  ? _copy_from_iter+0x270/0x1690
[  496.882538][T31069]  copy_page_from_iter+0xde/0x180
[  496.882564][T31069]  skb_copy_datagram_from_iter+0x399/0x720
[  496.882593][T31069]  tun_get_user+0x1884/0x3e10
[  496.882628][T31069]  ? __pfx_tun_get_user+0x10/0x10
[  496.882653][T31069]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  496.882682][T31069]  ? find_held_lock+0x2b/0x80
[  496.882706][T31069]  ? tun_get+0x191/0x370
[  496.882727][T31069]  ? tun_get+0x191/0x370
[  496.882756][T31069]  tun_chr_write_iter+0xdc/0x200
[  496.882782][T31069]  vfs_write+0x6ac/0x1070
[  496.882804][T31069]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  496.882831][T31069]  ? __pfx_vfs_write+0x10/0x10
[  496.882854][T31069]  ? find_held_lock+0x2b/0x80
[  496.882888][T31069]  ksys_write+0x12a/0x250
[  496.882906][T31069]  ? __pfx_ksys_write+0x10/0x10
[  496.882925][T31069]  ? fput+0x79/0x100
[  496.882948][T31069]  do_syscall_64+0xc9/0xf80
[  496.882969][T31069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.882986][T31069] RIP: 0033:0x7fbd7899aeb9
[  496.883001][T31069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  496.883017][T31069] RSP: 002b:00007fbd76bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  496.883035][T31069] RAX: ffffffffffffffda RBX: 00007fbd78c15fa0 RCX: 00007fbd7899aeb9
[  496.883045][T31069] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003
[  496.883055][T31069] RBP: 00007fbd76bf6090 R08: 0000000000000000 R09: 0000000000000000
[  496.883064][T31069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  496.883074][T31069] R13: 00007fbd78c16038 R14: 00007fbd78c15fa0 R15: 00007ffcd890e2f8
[  496.883096][T31069]  </TASK>
[  496.992970][  T220] IPVS: stop unused estimator thread 0...
[  497.111683][T26782] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  497.134128][ T5936] Bluetooth: hci6: command tx timeout
[  497.208545][T31073] xt_hashlimit: size too large, truncated to 1048576
[  497.285405][T26782] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  497.288152][T26782] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  497.291751][T26782] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  497.294781][T26782] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  497.298211][T26782] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  497.303065][T26782] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  497.309090][T26782] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  497.311566][T26782] usb 7-1: Product: syz
[  497.312943][T26782] usb 7-1: Manufacturer: syz
[  497.320213][T26782] cdc_wdm 7-1:1.0: skipping garbage
[  497.321852][T26782] cdc_wdm 7-1:1.0: skipping garbage
[  497.326835][T26782] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  497.328698][T26782] cdc_wdm 7-1:1.0: Unknown control protocol
[  497.352020][T31079] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  497.355696][   T40] audit: type=1400 audit(1770385930.573:2812): avc:  denied  { listen } for  pid=31078 comm="syz.5.9978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  497.657171][   T76] usb 10-1: new low-speed USB device number 2 using dummy_hcd
[  497.819546][   T76] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  497.822050][   T76] usb 10-1: config 0 has no interface number 0
[  497.823969][   T76] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  497.827551][   T76] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  497.832671][   T76] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  497.835470][   T76] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.840008][   T76] usb 10-1: config 0 descriptor??
[  497.842259][T31079] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  497.847759][   T76] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  498.063568][   T76] usb 10-1: USB disconnect, device number 2
[  498.231183][T30983] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  498.299739][T31085] overlay: ./file1 is not a directory
[  498.307245][T31085] 9p: Bad value for 'afid'
[  498.506898][T31092] IPv6: syztnl0: Disabled Multicast RS
[  498.540694][T31094] lo: entered allmulticast mode
[  498.543566][T31093] lo: left allmulticast mode
[  498.574688][T31096] netlink: 'syz.4.9983': attribute type 10 has an invalid length.
[  498.847375][ T5936] Bluetooth: hci4: command 0x0406 tx timeout
[  498.944091][   T40] audit: type=1400 audit(1770385932.059:2813): avc:  denied  { listen } for  pid=31108 comm="syz.5.9988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  499.007576][T26782] IPVS: starting estimator thread 0...
[  499.111744][T31114] IPVS: using max 46 ests per chain, 110400 per kthread
[  499.218787][   T40] audit: type=1400 audit(1770385932.312:2814): avc:  denied  { accept } for  pid=31123 comm="syz.1.9994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  499.368800][T26519] Bluetooth: hci6: command tx timeout
[  499.410555][T31128] __nla_validate_parse: 3 callbacks suppressed
[  499.410567][T31128] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9995'.
[  499.442352][   T40] audit: type=1400 audit(1770385932.518:2815): avc:  denied  { connect } for  pid=31129 comm="syz.4.9996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  499.449162][   T40] audit: type=1400 audit(1770385932.536:2816): avc:  denied  { read } for  pid=31129 comm="syz.4.9996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  499.974970][T31146] syzkaller0: entered promiscuous mode
[  499.976805][    T9] usb 7-1: USB disconnect, device number 13
[  499.976969][T31146] syzkaller0: entered allmulticast mode
[  500.200377][T31153] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.10002'.
[  501.582283][T26519] Bluetooth: hci6: command tx timeout
[  501.601982][T31176] netlink: get zone limit has 4 unknown bytes
[  501.622630][T31183] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10009'.
[  501.674949][T31191] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10011'.
[  501.707237][T31190] overlay: ./file1 is not a directory
[  501.716564][T31197] 9pnet_virtio: no channels available for device syz
[  501.716903][   T40] audit: type=1400 audit(1770385934.649:2817): avc:  denied  { write } for  pid=31194 comm="syz.5.10014" name="binder0" dev="binder" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  501.719030][T31190] 9p: Bad value for 'afid'
[  501.788494][T31201] bridge0: entered promiscuous mode
[  501.790370][T31201] macvlan2: entered promiscuous mode
[  501.838701][T31206] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10017'.
[  501.842148][T31206] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10017'.
[  501.846089][T31209] netlink: 'syz.1.10019': attribute type 1 has an invalid length.
[  501.849397][T31209] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10019'.
[  501.995931][T31229] netlink: 'syz.5.10024': attribute type 2 has an invalid length.
[  502.027469][T31233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10025'.
[  502.068284][T31237] overlay: ./file1 is not a directory
[  502.073863][T31241] xt_hashlimit: Unknown mode mask 84, kernel too old?
[  502.078454][T31237] 9p: Bad value for 'afid'
[  502.165759][T31253] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10032'.
[  502.172863][T31253] binder: 31251:31253 ioctl 3b81 2000000002c0 returned -22
[  502.178215][T31253] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=31253 comm=syz.5.10032
[  502.207513][T31273] IPVS: set_ctl: invalid protocol: 28771 115.116.97.116:0
[  502.210372][T31273] IPVS: set_ctl: invalid protocol: 53 0.0.0.0:0
[  502.213812][T31273] IPVS: set_ctl: invalid protocol: 53 0.0.0.0:0
[  502.240591][T31275] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10037'.
[  502.312155][T26519] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  502.680204][T31309] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=31309 comm=syz.2.10048
[  502.690914][T31309] netlink: 'syz.2.10048': attribute type 1 has an invalid length.
[  502.704697][T31309] 8021q: adding VLAN 0 to HW filter on device bond3
[  502.735609][T31321] tipc: Resetting bearer <eth:syzkaller0>
[  502.740420][T31321] program syz.2.10051 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  502.745031][T31319] tipc: Resetting bearer <eth:syzkaller0>
[  502.870073][T31335] overlay: ./file1 is not a directory
[  502.878910][T31335] 9p: Bad value for 'afid'
[  503.070957][T31344] overlayfs: workdir and upperdir must be separate subtrees
[  503.079813][ T5933] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  503.218652][ T5933] usb 9-1: device descriptor read/64, error -71
[  503.322635][T31263] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.456601][T31263] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.486388][ T5933] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  503.532110][ T5936] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  503.538290][ T5936] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  503.552131][ T5936] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  503.560349][ T5936] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  503.562397][T31263] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.563334][ T5936] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  503.593004][T31350] virt_wifi0 speed is unknown, defaulting to 1000
[  503.625166][ T5933] usb 9-1: device descriptor read/64, error -71
[  503.655083][T31260] tipc: Resetting bearer <eth:syzkaller0>
[  503.693379][T31263] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.707836][   T40] audit: type=1400 audit(1770385936.510:2818): avc:  denied  { read } for  pid=31356 comm="syz.5.10066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  503.743249][ T5933] usb usb9-port1: attempt power cycle
[  503.746478][T31350] chnl_net:caif_netlink_parms(): no params data found
[  503.783062][   T40] audit: type=1400 audit(1770385936.585:2819): avc:  denied  { connect } for  pid=31363 comm="syz.5.10068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  503.834500][T31350] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.836809][T31350] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.839605][T31350] bridge_slave_0: entered allmulticast mode
[  503.842553][T31350] bridge_slave_0: entered promiscuous mode
[  503.847526][T31350] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.850587][T31350] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.853551][T31350] bridge_slave_1: entered allmulticast mode
[  503.857272][T31350] bridge_slave_1: entered promiscuous mode
[  503.875147][T31370] lo: entered allmulticast mode
[  503.900642][T31350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  503.910857][T31350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  503.915436][T31369] lo: left allmulticast mode
[  503.964722][T31350] team0: Port device team_slave_0 added
[  503.967961][T31350] team0: Port device team_slave_1 added
[  503.975438][T31263] bridge_slave_1: left allmulticast mode
[  503.977757][T31263] bridge_slave_1: left promiscuous mode
[  503.979955][T31263] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.983579][T31263] bridge_slave_0: left allmulticast mode
[  503.985416][T31263] bridge_slave_0: left promiscuous mode
[  503.987289][T31263] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.031837][T31377] binder: 31373:31377 ioctl c0306201 2000000003c0 returned -14
[  504.117056][ T5933] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  504.139315][ T5933] usb 9-1: device descriptor read/8, error -71
[  504.293940][T31263] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  504.300654][T31263] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  504.306492][T31263] bond0 (unregistering): Released all slaves
[  504.336604][T31350] batman_adv: batadv0: Adding interface: batadv_slave_0
[  504.339383][T31350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  504.349031][T31350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  504.354822][T31350] batman_adv: batadv0: Adding interface: batadv_slave_1
[  504.357009][T31350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  504.365319][T31350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  504.369692][T31374] virt_wifi0 speed is unknown, defaulting to 1000
[  504.381259][T31380] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  504.401645][ T5933] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  504.409482][T31350] hsr_slave_0: entered promiscuous mode
[  504.411894][T31350] hsr_slave_1: entered promiscuous mode
[  504.414199][T31350] debugfs: 'hsr0' already exists in 'hsr'
[  504.416071][T31350] Cannot create hsr debugfs directory
[  504.434424][ T5933] usb 9-1: device descriptor read/8, error -71
[  504.486230][T31385] FAULT_INJECTION: forcing a failure.
[  504.486230][T31385] name failslab, interval 1, probability 0, space 0, times 0
[  504.490759][T31385] CPU: 3 UID: 0 PID: 31385 Comm: syz.2.10075 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  504.490777][T31385] Tainted: [L]=SOFTLOCKUP
[  504.490782][T31385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  504.490788][T31385] Call Trace:
[  504.490793][T31385]  <TASK>
[  504.490798][T31385]  dump_stack_lvl+0x100/0x190
[  504.490816][T31385]  should_fail_ex.cold+0x5/0xa
[  504.490828][T31385]  should_failslab+0xc2/0x120
[  504.490844][T31385]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[  504.490857][T31385]  ? __pfx_vsnprintf+0x10/0x10
[  504.490869][T31385]  ? kasprintf+0xc7/0x100
[  504.490886][T31385]  ? kvasprintf+0xbc/0x150
[  504.490900][T31385]  kvasprintf+0xbc/0x150
[  504.490915][T31385]  ? __pfx_kvasprintf+0x10/0x10
[  504.490931][T31385]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  504.490941][T31385]  ? lockdep_hardirqs_on+0x78/0x100
[  504.490953][T31385]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  504.490966][T31385]  kasprintf+0xc7/0x100
[  504.490980][T31385]  ? __pfx_kasprintf+0x10/0x10
[  504.491001][T31385]  ieee80211_alloc_led_names+0x1b0/0x420
[  504.491019][T31385]  ieee80211_alloc_hw_nm+0x1934/0x22a0
[  504.491037][T31385]  mac80211_hwsim_new_radio+0x1e1/0x57c0
[  504.491074][T31385]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  504.491093][T31385]  ? __nla_validate_parse+0x1e7/0x28b0
[  504.491104][T31385]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  504.491123][T31385]  hwsim_new_radio_nl+0xc1f/0x1340
[  504.491137][T31385]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[  504.491150][T31385]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  504.491169][T31385]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290
[  504.491179][T31385]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  504.491193][T31385]  genl_family_rcv_msg_doit+0x214/0x300
[  504.491205][T31385]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  504.491233][T31385]  ? bpf_lsm_capable+0x9/0x10
[  504.491249][T31385]  ? security_capable+0x80/0x260
[  504.491266][T31385]  ? ns_capable+0xd2/0xf0
[  504.491282][T31385]  genl_rcv_msg+0x560/0x800
[  504.491294][T31385]  ? __pfx_genl_rcv_msg+0x10/0x10
[  504.491305][T31385]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  504.491320][T31385]  ? __lock_acquire+0x4a5/0x2630
[  504.491334][T31385]  netlink_rcv_skb+0x159/0x420
[  504.491349][T31385]  ? __pfx_genl_rcv_msg+0x10/0x10
[  504.491360][T31385]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  504.491382][T31385]  ? netlink_deliver_tap+0x1ae/0xcc0
[  504.491400][T31385]  genl_rcv+0x28/0x40
[  504.491409][T31385]  netlink_unicast+0x5aa/0x870
[  504.491427][T31385]  ? __pfx_netlink_unicast+0x10/0x10
[  504.491448][T31385]  netlink_sendmsg+0x8b0/0xda0
[  504.491466][T31385]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.491481][T31385]  ? __might_fault+0x90/0x140
[  504.491503][T31385]  ____sys_sendmsg+0xa54/0xc30
[  504.491515][T31385]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.491532][T31385]  ___sys_sendmsg+0x190/0x1e0
[  504.491544][T31385]  ? __pfx____sys_sendmsg+0x10/0x10
[  504.491561][T31385]  ? find_held_lock+0x2b/0x80
[  504.491585][T31385]  __sys_sendmsg+0x170/0x220
[  504.491600][T31385]  ? __pfx___sys_sendmsg+0x10/0x10
[  504.491623][T31385]  do_syscall_64+0xc9/0xf80
[  504.491637][T31385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.491648][T31385] RIP: 0033:0x7fb11cf9aeb9
[  504.491658][T31385] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.491668][T31385] RSP: 002b:00007fb11debd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.491680][T31385] RAX: ffffffffffffffda RBX: 00007fb11d215fa0 RCX: 00007fb11cf9aeb9
[  504.491687][T31385] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003
[  504.491693][T31385] RBP: 00007fb11debd090 R08: 0000000000000000 R09: 0000000000000000
[  504.491699][T31385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  504.491705][T31385] R13: 00007fb11d216038 R14: 00007fb11d215fa0 R15: 00007ffdb504c128
[  504.491720][T31385]  </TASK>
[  504.565715][ T5933] usb usb9-port1: unable to enumerate USB device
[  504.747459][T31350] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  504.756409][T31350] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  504.767825][T31390] overlay: ./file1 is not a directory
[  504.778903][T31390] 9p: Bad value for 'afid'
[  504.800072][T31350] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  504.808870][T31350] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  504.853992][T31350] 8021q: adding VLAN 0 to HW filter on device bond0
[  504.874637][T31263] hsr_slave_0: left promiscuous mode
[  504.878225][T31263] hsr_slave_1: left promiscuous mode
[  504.882409][T31263] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  504.885607][T31263] batman_adv: batadv0: Removing interface: batadv_slave_0
[  504.891058][T31263] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  504.894208][T31263] batman_adv: batadv0: Removing interface: batadv_slave_1
[  504.912894][T31263] veth1_macvtap: left promiscuous mode
[  504.915393][T31263] veth0_macvtap: left promiscuous mode
[  504.917856][T31263] veth1_vlan: left promiscuous mode
[  504.920193][T31263] veth0_vlan: left promiscuous mode
[  505.279780][T31263] team0 (unregistering): Port device team_slave_1 removed
[  505.308972][T31263] team0 (unregistering): Port device team_slave_0 removed
[  505.623454][T31350] 8021q: adding VLAN 0 to HW filter on device team0
[  505.632883][T31269] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.635872][T31269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  505.643031][T31318] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.645326][T31318] bridge0: port 2(bridge_slave_1) entered forwarding state
[  505.785213][T31350] 8021q: adding VLAN 0 to HW filter on device batadv0
[  505.787758][T26519] Bluetooth: hci3: command tx timeout
[  505.976027][T31350] veth0_vlan: entered promiscuous mode
[  505.985096][T31350] veth1_vlan: entered promiscuous mode
[  506.011594][T31350] veth0_macvtap: entered promiscuous mode
[  506.016586][T31263] IPVS: stop unused estimator thread 0...
[  506.020218][T31350] veth1_macvtap: entered promiscuous mode
[  506.041235][T31350] batman_adv: batadv0: Interface activated: batadv_slave_0
[  506.054234][T31350] batman_adv: batadv0: Interface activated: batadv_slave_1
[  506.068362][T31266] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  506.071319][T31266] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  506.132326][T31421] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.136097][T31421] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.257987][   T40] audit: type=1400 audit(1770385938.904:2820): avc:  denied  { ioctl } for  pid=31425 comm="syz.4.10081" path="socket:[139877]" dev="sockfs" ino=139877 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  506.258211][T31421] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  506.280932][T31421] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  506.387129][T31428] syz.4.10081 (31428): /proc/31425/oom_adj is deprecated, please use /proc/31425/oom_score_adj instead.
[  506.431862][T31266] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  506.435720][T31266] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  506.451324][T31266] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.455189][T31266] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.488280][T31430] netlink: 'syz.4.10082': attribute type 3 has an invalid length.
[  506.526860][T31266] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.556445][T31266] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  506.561048][   T40] audit: type=1400 audit(1770385939.184:2821): avc:  denied  { lock } for  pid=31429 comm="syz.4.10082" path="socket:[139907]" dev="sockfs" ino=139907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  506.606841][T31269] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.615435][T31269] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.627886][T31269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.640235][T31269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.790191][T31451] __nla_validate_parse: 5 callbacks suppressed
[  506.790208][T31451] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10089'.
[  506.796453][T31451] netlink: 24 bytes leftover after parsing attributes in process `syz.6.10089'.
[  506.799332][T31451] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10089'.
[  506.803987][T31451] netlink: 24 bytes leftover after parsing attributes in process `syz.6.10089'.
[  506.880658][   T40] audit: type=1326 audit(1770385939.483:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31457 comm="syz.4.10092" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f674859aeb9 code=0x0
[  507.447996][T31466] veth0: entered promiscuous mode
[  507.451195][T31466] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10094'.
[  507.999441][T26519] Bluetooth: hci3: command tx timeout
[  508.196003][T31402] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  508.249342][   T40] audit: type=1326 audit(1770385940.764:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31480 comm="syz.2.10099" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb11cf9aeb9 code=0x0
[  508.341807][T31485] overlay: ./file1 is not a directory
[  508.347709][T31485] 9p: Bad value for 'afid'
[  508.429554][T31490] syzkaller0: entered promiscuous mode
[  508.431721][T31490] syzkaller0: entered allmulticast mode
[  508.436460][T31490] 0: reclassify loop, rule prio 0, protocol 800
[  508.493735][T31496] syzkaller0: entered promiscuous mode
[  508.495600][T31496] syzkaller0: entered allmulticast mode
[  508.656486][T31500] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10107'.
[  509.188625][   T40] audit: type=1400 audit(1770385941.634:2824): avc:  denied  { mounton } for  pid=31514 comm="syz.2.10109" path="/358/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  509.204079][T31515] 9pnet_fd: p9_fd_create_unix (31515): problem connecting socket: ./file0: -30
[  509.249060][T31515] 9pnet_fd: Insufficient options for proto=fd
[  509.762145][T31433] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  510.224046][T26519] Bluetooth: hci3: command tx timeout
[  510.910469][T31583] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=31583 comm=syz.5.10118
[  510.918888][T31583] netlink: 'syz.5.10118': attribute type 1 has an invalid length.
[  510.946736][T31583] 8021q: adding VLAN 0 to HW filter on device bond1
[  510.952579][T31583] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10118'.
[  511.300177][T31590] netlink: 56 bytes leftover after parsing attributes in process `syz.2.10122'.
[  511.401950][T31600] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10124'.
[  511.403405][T31592] kvm: kvm [31587]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x20000000000000
[  511.406589][T31596] FAULT_INJECTION: forcing a failure.
[  511.406589][T31596] name failslab, interval 1, probability 0, space 0, times 0
[  511.410003][T31593] kvm: kvm [31587]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x20000000000000
[  511.415224][T31596] CPU: 3 UID: 0 PID: 31596 Comm: syz.2.10123 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  511.415243][T31596] Tainted: [L]=SOFTLOCKUP
[  511.415247][T31596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  511.415253][T31596] Call Trace:
[  511.415257][T31596]  <TASK>
[  511.415262][T31596]  dump_stack_lvl+0x100/0x190
[  511.415280][T31596]  should_fail_ex.cold+0x5/0xa
[  511.415292][T31596]  should_failslab+0xc2/0x120
[  511.415308][T31596]  kmem_cache_alloc_noprof+0x83/0x780
[  511.415322][T31596]  ? skb_clone+0x190/0x400
[  511.415346][T31596]  ? skb_clone+0x190/0x400
[  511.415362][T31596]  skb_clone+0x190/0x400
[  511.415383][T31596]  netlink_broadcast_filtered+0xb6a/0xf50
[  511.415414][T31596]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  511.415436][T31596]  ? netlink_has_listeners+0x20f/0x430
[  511.415456][T31596]  ? netlink_has_listeners+0x20f/0x430
[  511.415475][T31596]  netlink_broadcast+0x39/0x50
[  511.415491][T31596]  kobject_uevent_env+0xcdd/0x18b0
[  511.415510][T31596]  ? bus_to_subsys+0x114/0x150
[  511.415527][T31596]  device_del+0x605/0x9b0
[  511.415540][T31596]  ? __pfx_device_del+0x10/0x10
[  511.415550][T31596]  ? kfree_const+0x5f/0x70
[  511.415563][T31596]  ? kobject_put+0xb9/0x640
[  511.415579][T31596]  hci_unregister_dev+0x372/0x670
[  511.415596][T31596]  hci_uart_tty_close+0x270/0x2d0
[  511.415613][T31596]  ? __pfx_hci_uart_tty_close+0x10/0x10
[  511.415630][T31596]  tty_ldisc_close+0x114/0x1a0
[  511.415644][T31596]  tty_ldisc_kill+0x8e/0x150
[  511.415657][T31596]  tty_ldisc_release+0x107/0x2f0
[  511.415671][T31596]  tty_release_struct+0x23/0xe0
[  511.415686][T31596]  tty_release+0xd7a/0x1300
[  511.415703][T31596]  ? __pfx_tty_release+0x10/0x10
[  511.415717][T31596]  __fput+0x3ff/0xb40
[  511.415741][T31596]  fput_close_sync+0x118/0x250
[  511.415758][T31596]  ? __pfx_fput_close_sync+0x10/0x10
[  511.415778][T31596]  __x64_sys_close+0x8b/0x120
[  511.415795][T31596]  do_syscall_64+0xc9/0xf80
[  511.415808][T31596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.415819][T31596] RIP: 0033:0x7fb11cf9aeb9
[  511.415830][T31596] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  511.415841][T31596] RSP: 002b:00007fb11debd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  511.415852][T31596] RAX: ffffffffffffffda RBX: 00007fb11d215fa0 RCX: 00007fb11cf9aeb9
[  511.415859][T31596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  511.415865][T31596] RBP: 00007fb11debd090 R08: 0000000000000000 R09: 0000000000000000
[  511.415871][T31596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  511.415877][T31596] R13: 00007fb11d216038 R14: 00007fb11d215fa0 R15: 00007ffdb504c128
[  511.415891][T31596]  </TASK>
[  511.463204][   T40] audit: type=1400 audit(1770385943.766:2825): avc:  denied  { nlmsg_read } for  pid=31601 comm="syz.4.10125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  511.467449][T31592] pimreg: entered allmulticast mode
[  511.606157][T31609] overlay: ./file1 is not a directory
[  511.617411][T31609] 9p: Bad value for 'afid'
[  511.682073][T31611] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10129'.
[  511.844112][T31615] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  511.861907][   T24] hid-generic 0004:0006:0002.0003: item fetching failed at offset 1/2
[  511.867267][   T24] hid-generic 0004:0006:0002.0003: probe with driver hid-generic failed with error -22
[  511.990314][T31639] syzkaller0: entered promiscuous mode
[  511.992276][T31639] syzkaller0: entered allmulticast mode
[  512.089863][T31641] netlink: 'syz.6.10135': attribute type 5 has an invalid length.
[  512.091730][T31644] overlay: ./file1 is not a directory
[  512.099929][   T40] audit: type=1400 audit(1770385944.364:2826): avc:  denied  { ioctl } for  pid=31649 comm="syz.2.10137" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 ioctlcmd=0x9367 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  512.102908][T31644] 9p: Bad value for 'afid'
[  512.290827][   T40] audit: type=1400 audit(1770385944.532:2827): avc:  denied  { getopt } for  pid=31653 comm="syz.2.10141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  512.298480][   T40] audit: type=1400 audit(1770385944.532:2828): avc:  denied  { write } for  pid=31653 comm="syz.2.10141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  512.459839][T26519] Bluetooth: hci3: command tx timeout
[  515.208914][T31645] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  515.287362][T31694] syzkaller0: entered promiscuous mode
[  515.289232][T31694] syzkaller0: entered allmulticast mode
[  515.299271][T31694] 0: reclassify loop, rule prio 0, protocol 800
[  515.402620][   T46] Bluetooth: (null): Invalid header checksum
[  515.421955][T31706] netlink: 48 bytes leftover after parsing attributes in process `syz.2.10147'.
[  515.529298][   T46] Bluetooth: (null): Too short H5 packet
[  515.531449][   T46] Bluetooth: (null): Invalid header checksum
[  515.544853][T31713] overlay: ./file1 is not a directory
[  515.550804][T31713] 9p: Bad value for 'afid'
[  515.731979][T12708] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  515.732039][T31719] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  515.736739][T31719] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  515.741126][T31719] vhci_hcd vhci_hcd.0: Device attached
[  515.758796][T31719] all: renamed from bridge_slave_0
[  515.786183][T31723] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  515.819738][   T40] audit: type=1400 audit(1770385947.833:2829): avc:  denied  { setattr } for  pid=31722 comm="syz.4.10156" name="file0" dev="overlay" ino=72614207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  515.829510][T31720] vhci_hcd: connection closed
[  515.833732][   T46] vhci_hcd vhci_hcd.2: stop threads
[  515.837969][   T46] vhci_hcd vhci_hcd.2: release socket
[  515.840547][   T40] audit: type=1400 audit(1770385947.852:2830): avc:  denied  { create } for  pid=31722 comm="syz.4.10156" name="#1e" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  515.854074][   T46] vhci_hcd vhci_hcd.2: disconnect device
[  515.856911][   T40] audit: type=1400 audit(1770385947.861:2831): avc:  denied  { associate } for  pid=31722 comm="syz.4.10156" name="#1e" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  515.875784][   T40] audit: type=1400 audit(1770385947.880:2832): avc:  denied  { setattr } for  pid=31722 comm="syz.4.10156" name="#1e" dev="tmpfs" ino=2295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  515.888319][   T40] audit: type=1400 audit(1770385947.880:2833): avc:  denied  { rename } for  pid=31722 comm="syz.4.10156" name="#1e" dev="tmpfs" ino=2295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  515.892386][T12708] usb 10-1: Using ep0 maxpacket: 8
[  515.904829][   T40] audit: type=1400 audit(1770385947.880:2834): avc:  denied  { reparent } for  pid=31722 comm="syz.4.10156" name="#1e" dev="tmpfs" ino=2295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  515.916936][   T40] audit: type=1400 audit(1770385947.898:2835): avc:  denied  { write open } for  pid=31722 comm="syz.4.10156" path=2F202864656C6574656429 dev="tmpfs" ino=2296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  515.928196][T12708] usb 10-1: config 0 interface 0 has no altsetting 0
[  515.930770][T12708] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  515.941924][T31726] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048)
[  515.948392][T12708] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.953215][T12708] usb 10-1: config 0 descriptor??
[  516.261099][T31733] omfs: Invalid superblock (0)
[  516.300771][T31733] openvswitch: netlink: Actions may not be safe on all matching packets
[  516.367170][T31733] 0x000000000001-0x00000000000a : ""
[  516.371099][T31733] ftl_cs: FTL header corrupt!
[  516.430302][T12708] mcp2221 0003:04D8:00DD.0004: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  516.698349][   T24] usb 10-1: USB disconnect, device number 3
[  516.871264][T31763] xt_hashlimit: size too large, truncated to 1048576
[  516.925907][T31765] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10170'.
[  517.103979][T31774] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10173'.
[  517.377579][T31792] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=31792 comm=syz.4.10179
[  517.386394][T31792] netlink: 'syz.4.10179': attribute type 1 has an invalid length.
[  517.411365][T31792] 8021q: adding VLAN 0 to HW filter on device bond8
[  517.418251][T31792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10179'.
[  517.442247][T31796] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10180'.
[  517.512490][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  517.512502][   T40] audit: type=1400 audit(1770385949.422:2842): avc:  denied  { read } for  pid=31805 comm="syz.4.10184" path="socket:[143519]" dev="sockfs" ino=143519 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  517.666354][T31820] netlink: 'syz.5.10188': attribute type 1 has an invalid length.
[  517.686811][T31820] bond2: entered promiscuous mode
[  517.688673][T31820] 8021q: adding VLAN 0 to HW filter on device bond2
[  517.694045][T31820] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10188'.
[  517.698070][T31820] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10188'.
[  517.701984][T31820] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10188'.
[  517.798784][T31833] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10191'.
[  517.831003][T31835] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  517.877671][   T40] audit: type=1400 audit(1770385949.759:2843): avc:  denied  { ioctl } for  pid=31836 comm="syz.2.10193" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  517.900019][   T40] audit: type=1800 audit(1770385949.778:2844): pid=31837 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.10193" name="file1" dev="overlay" ino=2006 res=0 errno=0
[  518.030075][   T40] audit: type=1400 audit(1770385949.899:2845): avc:  denied  { unmount } for  pid=27153 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  518.062208][T31851] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10197'.
[  518.759123][T10960] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  518.786393][T31866] binder: 31860:31866 ioctl c0306201 2000000004c0 returned -14
[  518.806449][T31866] xt_connbytes: Forcing CT accounting to be enabled
[  518.807337][T31865] overlay: ./file1 is not a directory
[  518.809582][T31866] xt_CT: You must specify a L4 protocol and not use inversions on it
[  518.820626][T31865] 9p: Bad value for 'afid'
[  518.934388][T10960] usb 11-1: Using ep0 maxpacket: 8
[  518.937492][T10960] usb 11-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  518.940653][T10960] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.954301][T10960] pvrusb2: Hardware description: Terratec Grabster AV400
[  518.956579][T10960] pvrusb2: **********
[  518.957885][T10960] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  518.961045][T10960] pvrusb2: Important functionality might not be entirely working.
[  518.965441][T10960] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  518.969070][T10960] pvrusb2: **********
[  519.032782][T31877] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  519.036600][T31877] lo: entered allmulticast mode
[  519.088425][   T40] audit: type=1400 audit(1770385950.890:2846): avc:  denied  { create } for  pid=31876 comm="syz.2.10206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  519.092741][T31876] lo: left allmulticast mode
[  519.097295][   T40] audit: type=1400 audit(1770385950.890:2847): avc:  denied  { setopt } for  pid=31876 comm="syz.2.10206" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  519.182074][ T2494] pvrusb2: Invalid write control endpoint
[  519.198537][T31884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=31884 comm=syz.2.10207
[  519.228479][ T2494] pvrusb2: Invalid write control endpoint
[  519.233258][ T2494] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  519.239406][ T2494] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  519.243301][ T2494] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  519.248180][ T2494] pvrusb2: Device being rendered inoperable
[  519.254317][ T2494] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  519.257877][ T2494] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  519.266478][ T2494] pvrusb2: Attached sub-driver cx25840
[  519.269505][ T2494] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  519.273960][ T2494] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  519.397123][T31856] pvrusb2: Attempted to execute control transfer when device not ok
[  519.402617][T31856] CUSE: unknown device info "�<�5����<Z�j5������9�$�+��r�(�0X�8"
[  519.406104][T31856] CUSE: unknown device info "eQ���mŀ%���P;T������38R�2߫Jg���$�O��k�J�;fA��v#ܗ�5��i�R/Ab?`W4���w�F��odADxa�*��"
[  519.412483][T31856] CUSE: unknown device info "��dP�"
[  519.415028][T31856] CUSE: unknown device info "O{S�n`�����W�A{����F4Q���>�\���
�z��0z,~XY�+A}s��F'%���:�Ij!�@�Q��mߑR��GQ��q6*�5p)�x�?,"
[  519.420866][T31856] CUSE: unknown device info "��&b��%Z��W��)��3\my�	��"
[  519.424618][T31856] CUSE: unknown device info "ҭS��������mM��i�_��0˱�ݯ;q�]�{�i��79�{�0Ե�t��~��>V����Z�\�.9��OC����U�&�q����msf�k��c��""
[  519.430403][T31856] CUSE: DEVNAME unspecified
[  519.433910][T31856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  519.438746][T31856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  519.444815][T31856] pvrusb2: Killing an I2C write to 0 that is too large (desired=81 limit=61)
[  519.452395][T10960] usb 11-1: USB disconnect, device number 2
[  520.046395][T31266] Bluetooth: hci6: Frame reassembly failed (-84)
[  521.879754][T31866] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  521.933182][T31890] virt_wifi0 speed is unknown, defaulting to 1000
[  521.996623][T31899] netlink: 92 bytes leftover after parsing attributes in process `syz.5.10213'.
[  522.032240][T31901] syzkaller0: entered promiscuous mode
[  522.035153][T31901] syzkaller0: entered allmulticast mode
[  522.202663][T26519] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  522.203538][ T5936] Bluetooth: hci6: command 0x1003 tx timeout
[  522.213107][T31888] FAULT_INJECTION: forcing a failure.
[  522.213107][T31888] name failslab, interval 1, probability 0, space 0, times 0
[  522.216624][T31910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10218'.
[  522.236253][T31888] CPU: 2 UID: 0 PID: 31888 Comm: syz.6.10208 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  522.236284][T31888] Tainted: [L]=SOFTLOCKUP
[  522.236291][T31888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  522.236303][T31888] Call Trace:
[  522.236309][T31888]  <TASK>
[  522.236318][T31888]  dump_stack_lvl+0x100/0x190
[  522.236347][T31888]  should_fail_ex.cold+0x5/0xa
[  522.236368][T31888]  should_failslab+0xc2/0x120
[  522.236391][T31888]  kmem_cache_alloc_noprof+0x83/0x780
[  522.236415][T31888]  ? skb_clone+0x190/0x400
[  522.236445][T31888]  ? skb_clone+0x190/0x400
[  522.236466][T31888]  skb_clone+0x190/0x400
[  522.236491][T31888]  netlink_broadcast_filtered+0xb6a/0xf50
[  522.236529][T31888]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  522.236555][T31888]  ? netlink_has_listeners+0x20f/0x430
[  522.236579][T31888]  ? netlink_has_listeners+0x20f/0x430
[  522.236607][T31888]  netlink_broadcast+0x39/0x50
[  522.236634][T31888]  kobject_uevent_env+0xcdd/0x18b0
[  522.236670][T31888]  ? bus_to_subsys+0x114/0x150
[  522.236699][T31888]  device_del+0x605/0x9b0
[  522.236720][T31888]  ? __pfx_device_del+0x10/0x10
[  522.236737][T31888]  ? kfree_const+0x5f/0x70
[  522.236757][T31888]  ? kobject_put+0xb9/0x640
[  522.236782][T31888]  hci_unregister_dev+0x372/0x670
[  522.236809][T31888]  hci_uart_tty_close+0x270/0x2d0
[  522.236836][T31888]  ? __pfx_hci_uart_tty_close+0x10/0x10
[  522.236863][T31888]  tty_ldisc_close+0x114/0x1a0
[  522.236887][T31888]  tty_ldisc_kill+0x8e/0x150
[  522.236908][T31888]  tty_ldisc_release+0x107/0x2f0
[  522.236932][T31888]  tty_release_struct+0x23/0xe0
[  522.236956][T31888]  tty_release+0xd7a/0x1300
[  522.236984][T31888]  ? __pfx_tty_release+0x10/0x10
[  522.237007][T31888]  __fput+0x3ff/0xb40
[  522.237039][T31888]  fput_close_sync+0x118/0x250
[  522.237067][T31888]  ? __pfx_fput_close_sync+0x10/0x10
[  522.237101][T31888]  __x64_sys_close+0x8b/0x120
[  522.237128][T31888]  do_syscall_64+0xc9/0xf80
[  522.237150][T31888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.237168][T31888] RIP: 0033:0x7f27cb39aeb9
[  522.237200][T31888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  522.237216][T31888] RSP: 002b:00007f27cc310028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  522.237234][T31888] RAX: ffffffffffffffda RBX: 00007f27cb615fa0 RCX: 00007f27cb39aeb9
[  522.237245][T31888] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  522.237256][T31888] RBP: 00007f27cc310090 R08: 0000000000000000 R09: 0000000000000000
[  522.237266][T31888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  522.237277][T31888] R13: 00007f27cb616038 R14: 00007f27cb615fa0 R15: 00007ffd62534cd8
[  522.237309][T31888]  </TASK>
[  522.376530][T31921] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.380158][T31922] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.380246][T31923] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.383013][T31922] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.395445][T31923] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.399680][T31922] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10222'.
[  522.538584][T31936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10228'.
[  522.594625][T31940] syz.2.10230(31940): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  522.662616][   T53] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  522.822906][   T53] usb 9-1: Using ep0 maxpacket: 16
[  522.827255][   T53] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  522.832374][   T53] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  522.835630][   T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.838241][   T53] usb 9-1: Product: syz
[  522.839594][   T53] usb 9-1: Manufacturer: syz
[  522.841146][   T53] usb 9-1: SerialNumber: syz
[  522.843963][   T53] usb 9-1: config 0 descriptor??
[  522.848233][   T53] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  522.851506][   T53] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  522.986175][T31949] SELinux:  Context ����� �E��|e��W��p�����rz�����$Z��͚��H>�2��Y�K,��٪�l�]?`'_:4cgJ����ыq�Q����yGT�V���!�PCl�fG���&�#É����DK�}N�*����Z/�{~F.��I��ab�Q��Zp����ޓ`}�JLB�^u��6͗�Dgf�m:`z:ݾ�%1 is not valid (left unmapped).
[  522.996564][T31949] SELinux:  Context ΍2��
[  522.996564][T31949] ��hً�y�|"�g��:�A�6$�?#�n-�Ү����ڐ�6^-!
[  522.996564][T31949] ��9j>4�,a6 is not valid (left unmapped).
[  523.002376][T31949] SELinux:  Context J�0�D�Q飄�be��'fa������nO��pk�B���T3���?�M����U��~�W'Ϯ?�=��G]c�P�3��)�Dz�j4���{OX=�SB��w is not valid (left unmapped).
[  523.009595][T31949] SELinux:  Context �g�?S��.�˜�,��k�wWq�	��	0��\p�u�m��M��S,GM��,��A� is not valid (left unmapped).
[  523.494738][   T53] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  523.686144][T31965] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10239'.
[  523.931025][   T53] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  523.935042][   T53] em28xx 9-1:0.0: board has no eeprom
[  524.213758][T31925] em28xx 9-1:0.0: read from i2c device at 0xfe00 failed with unknown error (status=65)
[  524.513075][   T53] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  524.515999][   T53] em28xx 9-1:0.0: dvb set to bulk mode.
[  524.518093][   T24] em28xx 9-1:0.0: Binding DVB extension
[  524.522896][   T53] usb 9-1: USB disconnect, device number 19
[  524.525713][   T53] em28xx 9-1:0.0: Disconnecting em28xx
[  524.541360][   T24] em28xx 9-1:0.0: Registering input extension
[  524.543676][   T53] em28xx 9-1:0.0: Closing input extension
[  524.551748][   T53] em28xx 9-1:0.0: Freeing device
[  525.273703][T31984] netlink: 'syz.4.10242': attribute type 10 has an invalid length.
[  526.192631][T31949] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  526.288015][T31991] : entered promiscuous mode
[  526.316796][T31994] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  526.369379][T32000] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=32000 comm=syz.6.10249
[  526.376224][T32000] netlink: 'syz.6.10249': attribute type 1 has an invalid length.
[  526.399833][T32000] 8021q: adding VLAN 0 to HW filter on device bond1
[  526.403274][T31986] syzkaller0: entered promiscuous mode
[  526.405532][T31986] syzkaller0: entered allmulticast mode
[  526.505969][T32015] ������: renamed from wg2 (while UP)
[  526.539994][T32018] FAULT_INJECTION: forcing a failure.
[  526.539994][T32018] name failslab, interval 1, probability 0, space 0, times 0
[  526.544045][T32018] CPU: 2 UID: 0 PID: 32018 Comm: syz.6.10255 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  526.544064][T32018] Tainted: [L]=SOFTLOCKUP
[  526.544067][T32018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  526.544074][T32018] Call Trace:
[  526.544079][T32018]  <TASK>
[  526.544084][T32018]  dump_stack_lvl+0x100/0x190
[  526.544119][T32018]  should_fail_ex.cold+0x5/0xa
[  526.544131][T32018]  should_failslab+0xc2/0x120
[  526.544145][T32018]  ? tomoyo_realpath_from_path+0xb6/0x690
[  526.544166][T32018]  __kmalloc_noprof+0xf6/0x9c0
[  526.544181][T32018]  ? tomoyo_realpath_from_path+0xb6/0x690
[  526.544193][T32018]  tomoyo_realpath_from_path+0xb6/0x690
[  526.544208][T32018]  tomoyo_path_number_perm+0x23c/0x580
[  526.544225][T32018]  ? tomoyo_path_number_perm+0x22e/0x580
[  526.544243][T32018]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  526.544274][T32018]  ? find_held_lock+0x2b/0x80
[  526.544301][T32018]  ? hook_file_ioctl_common+0x146/0x410
[  526.544316][T32018]  ? __fget_files+0x215/0x3d0
[  526.544332][T32018]  ? __fget_files+0x21f/0x3d0
[  526.544347][T32018]  security_file_ioctl+0xd3/0x230
[  526.544360][T32018]  __x64_sys_ioctl+0xb7/0x210
[  526.544372][T32018]  do_syscall_64+0xc9/0xf80
[  526.544395][T32018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.544406][T32018] RIP: 0033:0x7f27cb39aeb9
[  526.544416][T32018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  526.544427][T32018] RSP: 002b:00007f27cc310028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  526.544438][T32018] RAX: ffffffffffffffda RBX: 00007f27cb615fa0 RCX: 00007f27cb39aeb9
[  526.544445][T32018] RDX: 0000200000000000 RSI: 00000000800442d2 RDI: 0000000000000004
[  526.544452][T32018] RBP: 00007f27cc310090 R08: 0000000000000000 R09: 0000000000000000
[  526.544458][T32018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.544464][T32018] R13: 00007f27cb616038 R14: 00007f27cb615fa0 R15: 00007ffd62534cd8
[  526.544478][T32018]  </TASK>
[  526.544560][T32018] ERROR: Out of memory at tomoyo_realpath_from_path.
[  526.654261][T32020] loop7: detected capacity change from 0 to 7
[  526.654666][T32025] No source specified
[  526.659935][    C3] blk_print_req_error: 10 callbacks suppressed
[  526.659947][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.665042][    C3] buffer_io_error: 10 callbacks suppressed
[  526.665051][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.669927][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.672950][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.676138][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.679172][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.685860][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.688854][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.691680][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.694698][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.697321][   T40] audit: type=1400 audit(1770385958.006:2848): avc:  denied  { read } for  pid=32024 comm="syz.4.10257" path="socket:[141119]" dev="sockfs" ino=141119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  526.705467][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.708518][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.717927][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.721398][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.724346][T32020] ldm_validate_partition_table(): Disk read failed.
[  526.729626][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.732653][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.735814][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.739529][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.746111][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  526.750047][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  526.754032][T32020] Dev loop7: unable to read RDB block 0
[  526.757166][T32020]  loop7: unable to read partition table
[  526.759814][T32020] loop7: partition table beyond EOD, truncated
[  526.765535][T32020] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  526.780865][T32033] netlink: 'syz.6.10260': attribute type 9 has an invalid length.
[  526.783393][T32033] netlink: 'syz.6.10260': attribute type 11 has an invalid length.
[  526.785955][T32033] netlink: 'syz.6.10260': attribute type 12 has an invalid length.
[  526.850041][T32041] binder_alloc: 32039: binder_alloc_buf, no vma
[  526.929269][T32046] netlink: 'syz.2.10265': attribute type 10 has an invalid length.
[  526.932633][T32046] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  526.936110][T32046] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  526.939986][T32046] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  526.972807][   T40] audit: type=1400 audit(1770385958.268:2849): avc:  denied  { name_bind } for  pid=32047 comm="syz.2.10266" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  526.980028][   T40] audit: type=1400 audit(1770385958.268:2850): avc:  denied  { node_bind } for  pid=32047 comm="syz.2.10266" saddr=fe88::3 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  527.020116][T32055] ufs: You didn't specify the type of your ufs filesystem
[  527.020116][T32055] 
[  527.020116][T32055] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  527.020116][T32055] 
[  527.020116][T32055] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  527.033034][T32055] ufs: failed to set blocksize
[  528.189416][    C3] vcan0: j1939_tp_rxtimer: 0xffff888022bb4000: rx timeout, send abort
[  528.192217][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888022bb4000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  528.642442][T32085] __nla_validate_parse: 4 callbacks suppressed
[  528.642460][T32085] netlink: 96 bytes leftover after parsing attributes in process `syz.4.10278'.
[  528.650483][T32085] syzkaller0: entered promiscuous mode
[  528.652589][T32085] syzkaller0: entered allmulticast mode
[  528.804347][T26519] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  530.202554][T32050] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  530.417650][T32116] overlay: ./file1 is not a directory
[  530.435622][T32116] 9p: Bad value for 'afid'
[  530.512034][T32105] kvm: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0xfa01
[  530.519045][T32105] kvm: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0xf9ff
[  530.524736][T32120] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.10292'.
[  530.542050][T32105] kvm: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xf801
[  530.556533][T32122] siw: device registration error -23
[  530.574790][T32105] kvm: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0xf301
[  530.580456][T32105] kvm: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0xf2ff
[  530.599018][T32128] netlink: 'syz.5.10295': attribute type 1 has an invalid length.
[  530.612565][T32105] kvm_intel: kvm [32103]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0xf101
[  530.623228][T32128] bond3: entered promiscuous mode
[  530.625014][T32128] bond3: entered allmulticast mode
[  530.636092][T32128] bond3: (slave ip6gretap1): making interface the new active one
[  530.641122][T32128] ip6gretap1: entered promiscuous mode
[  530.643527][T32128] ip6gretap1: entered allmulticast mode
[  530.646655][T32128] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  530.655059][T32128] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10295'.
[  530.664855][T32128] bond3: left promiscuous mode
[  530.666851][T32128] ip6gretap1: left promiscuous mode
[  530.668694][T32128] bond3: left allmulticast mode
[  530.670351][T32128] ip6gretap1: left allmulticast mode
[  530.672836][T32128] 8021q: adding VLAN 0 to HW filter on device bond3
[  530.721613][T32135] tmpfs: Bad value for 'mpol'
[  530.723573][T32135] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10298'.
[  530.779384][T32137] overlay: ./file1 is not a directory
[  530.784993][T32137] 9p: Bad value for 'afid'
[  531.173839][T32170] netlink: 'syz.2.10310': attribute type 29 has an invalid length.
[  531.176942][T32170] netlink: 'syz.2.10310': attribute type 3 has an invalid length.
[  531.179446][T32170] netlink: 76 bytes leftover after parsing attributes in process `syz.2.10310'.
[  531.186640][   T24] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  531.239843][T32171] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10310'.
[  531.327436][T32175] overlay: ./file1 is not a directory
[  531.333314][T32175] 9p: Bad value for 'afid'
[  531.357744][   T24] usb 9-1: Using ep0 maxpacket: 16
[  531.361123][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  531.366551][   T24] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  531.371051][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  531.373925][   T24] usb 9-1: Product: syz
[  531.375832][   T24] usb 9-1: Manufacturer: syz
[  531.377791][   T24] usb 9-1: SerialNumber: syz
[  531.381041][   T24] usb 9-1: config 0 descriptor??
[  531.385448][   T24] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  531.388434][   T24] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  531.583501][T32179] genirq: Flags mismatch irq 34. 00200000 (comedi_parport) vs. 00200000 (eth1-tx-0)
[  531.967310][T32186] xt_hashlimit: size too large, truncated to 1048576
[  532.029961][   T24] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  532.196176][T32197] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10318'.
[  532.200196][T32197] SELinux: syz.2.10318 (32197) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  532.335315][T32173] Set syz1 is full, maxelem 65536 reached
[  532.463406][   T24] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  532.469929][   T24] em28xx 9-1:0.0: board has no eeprom
[  532.843140][   T40] audit: type=1800 audit(1770385963.756:2851): pid=32230 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.10330" name="SYSV00000000" dev="tmpfs" ino=3 res=0 errno=0
[  532.981265][T32233] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10331'.
[  533.840784][T32152] em28xx 9-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  533.903705][   T24] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  533.906256][   T24] em28xx 9-1:0.0: dvb set to bulk mode.
[  533.908730][ T6017] em28xx 9-1:0.0: Binding DVB extension
[  533.914518][   T24] usb 9-1: USB disconnect, device number 20
[  533.916838][   T24] em28xx 9-1:0.0: Disconnecting em28xx
[  533.923104][T32236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10332'.
[  533.936930][ T6017] em28xx 9-1:0.0: Registering input extension
[  533.939432][   T24] em28xx 9-1:0.0: Closing input extension
[  533.945873][   T24] em28xx 9-1:0.0: Freeing device
[  534.051019][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803f989400: rx timeout, send abort
[  534.053811][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803f989400: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  534.443518][T32250] syz_tun: entered allmulticast mode
[  534.446523][T32250] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  534.449197][T32250] mroute: pending queue full, dropping entries
[  534.452394][T32249] syz_tun: left allmulticast mode
[  534.717211][T32260] rtc_cmos 00:05: Alarms can be up to one day in the future
[  534.842083][ T5933] rtc_cmos 00:05: Alarms can be up to one day in the future
[  534.848649][ T5933] rtc_cmos 00:05: Alarms can be up to one day in the future
[  534.852861][ T5933] rtc_cmos 00:05: Alarms can be up to one day in the future
[  534.856428][ T5933] rtc_cmos 00:05: Alarms can be up to one day in the future
[  534.858883][ T5933] rtc rtc0: __rtc_set_alarm: err=-22
[  534.895166][T32263] Set syz1 is full, maxelem 65536 reached
[  535.158660][   T40] audit: type=1400 audit(1770385965.925:2852): avc:  denied  { accept } for  pid=32276 comm="syz.6.10348" laddr=::ffff:127.0.0.1 lport=20001 faddr=::ffff:127.0.0.1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  535.168335][   T40] audit: type=1400 audit(1770385965.935:2853): avc:  denied  { transfer } for  pid=32276 comm="syz.6.10348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  535.169162][T32277] netlink: 'syz.6.10348': attribute type 12 has an invalid length.
[  535.178181][T32277] netlink: 'syz.6.10348': attribute type 29 has an invalid length.
[  535.181547][T32277] netlink: 148 bytes leftover after parsing attributes in process `syz.6.10348'.
[  535.185342][T32277] netlink: 'syz.6.10348': attribute type 2 has an invalid length.
[  535.188751][T32277] netlink: 23 bytes leftover after parsing attributes in process `syz.6.10348'.
[  535.271500][T32281] ptrace attach of "/syz-executor exec"[31350] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                b\x0a��\x0c  !��      \x07
  �����     �      �   �   �       �       ?�j}6ٱ����Ğ� ����Dl����\x0a���9:���$�V�Q���\x09<Y�k^Ο6�\x0d
\x0cPwڀ��,� �l�HJA[v�a�Ou$\x1b\x07.�  -uY:(  �>d�'�Z���bW�zr‘�Q������``V�\x5c4fL\x0a�6\x0az^k`q0ȟ
[  535.274989][   T40] audit: type=1326 audit(1770385966.028:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.283922][T32281] xt_SECMARK: invalid mode: 2
[  535.305321][   T40] audit: type=1326 audit(1770385966.028:2855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.317207][T32281] ALSA: mixer_oss: invalid OSS volume 'PHl�6��q
ӆ���ONEOUT'
[  535.322406][   T40] audit: type=1326 audit(1770385966.028:2856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.323432][T32281] ALSA: mixer_oss: invalid index 1374389
[  535.333080][   T40] audit: type=1326 audit(1770385966.028:2857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.341511][   T40] audit: type=1326 audit(1770385966.028:2858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.348916][   T40] audit: type=1326 audit(1770385966.028:2859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.356230][   T40] audit: type=1326 audit(1770385966.028:2860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.6.10350" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27cb39aeb9 code=0x7ffc0000
[  535.458222][T32286] fuse: Unknown parameter ''
[  535.538135][T32293] FAULT_INJECTION: forcing a failure.
[  535.538135][T32293] name failslab, interval 1, probability 0, space 0, times 0
[  535.543846][T32293] CPU: 1 UID: 0 PID: 32293 Comm: syz.4.10354 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  535.543877][T32293] Tainted: [L]=SOFTLOCKUP
[  535.543882][T32293] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  535.543888][T32293] Call Trace:
[  535.543893][T32293]  <TASK>
[  535.543898][T32293]  dump_stack_lvl+0x100/0x190
[  535.543933][T32293]  should_fail_ex.cold+0x5/0xa
[  535.543945][T32293]  should_failslab+0xc2/0x120
[  535.543961][T32293]  kmem_cache_alloc_noprof+0x83/0x780
[  535.543974][T32293]  ? __pfx_map_id_range_down+0x10/0x10
[  535.543990][T32293]  ? security_inode_alloc+0x3b/0x2c0
[  535.544010][T32293]  ? security_inode_alloc+0x3b/0x2c0
[  535.544019][T32293]  security_inode_alloc+0x3b/0x2c0
[  535.544029][T32293]  inode_init_always_gfp+0xced/0x1040
[  535.544046][T32293]  alloc_inode+0x8e/0x250
[  535.544056][T32293]  new_inode+0x22/0x1c0
[  535.544067][T32293]  proc_pid_make_inode+0x22/0x160
[  535.544085][T32293]  proc_pident_instantiate+0x85/0x310
[  535.544104][T32293]  proc_pident_lookup+0x1e3/0x270
[  535.544125][T32293]  __lookup_slow+0x251/0x460
[  535.544142][T32293]  ? __pfx___lookup_slow+0x10/0x10
[  535.544171][T32293]  lookup_slow+0x50/0x70
[  535.544188][T32293]  link_path_walk+0x1712/0x1cc0
[  535.544210][T32293]  path_lookupat+0x74/0xc40
[  535.544224][T32293]  filename_lookup+0x202/0x590
[  535.544238][T32293]  ? __pfx_filename_lookup+0x10/0x10
[  535.544258][T32293]  ? __pfx_kfree_link+0x10/0x10
[  535.544271][T32293]  ? getname_kernel+0x52/0x370
[  535.544287][T32293]  ? __asan_memcpy+0x3c/0x60
[  535.544301][T32293]  kern_path+0x35/0x50
[  535.544312][T32293]  tomoyo_realpath_nofollow+0x8c/0x100
[  535.544326][T32293]  ? __pfx_tomoyo_realpath_nofollow+0x10/0x10
[  535.544340][T32293]  ? tomoyo_profile+0x47/0x60
[  535.544353][T32293]  ? tomoyo_init_request_info+0x101/0x370
[  535.544370][T32293]  tomoyo_find_next_domain+0x2a8/0x2010
[  535.544387][T32293]  ? __pfx___kernel_read+0x10/0x10
[  535.544398][T32293]  ? __lock_acquire+0x4a5/0x2630
[  535.544412][T32293]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  535.544433][T32293]  tomoyo_bprm_check_security+0x12d/0x1d0
[  535.544448][T32293]  ? tomoyo_bprm_check_security+0x11f/0x1d0
[  535.544463][T32293]  security_bprm_check+0x87/0x1e0
[  535.544480][T32293]  bprm_execve+0x84b/0x1620
[  535.544495][T32293]  ? __pfx_bprm_execve+0x10/0x10
[  535.544506][T32293]  ? copy_string_kernel+0x365/0x510
[  535.544521][T32293]  do_execveat_common.isra.0+0x4dc/0x5b0
[  535.544536][T32293]  __x64_sys_execveat+0xda/0x120
[  535.544550][T32293]  do_syscall_64+0xc9/0xf80
[  535.544572][T32293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.544583][T32293] RIP: 0033:0x7f674859aeb9
[  535.544594][T32293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  535.544604][T32293] RSP: 002b:00007f674939f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  535.544616][T32293] RAX: ffffffffffffffda RBX: 00007f6748815fa0 RCX: 00007f674859aeb9
[  535.544623][T32293] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  535.544629][T32293] RBP: 00007f674939f090 R08: 0000000000001000 R09: 0000000000000000
[  535.544635][T32293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  535.544642][T32293] R13: 00007f6748816038 R14: 00007f6748815fa0 R15: 00007ffcaa29ee58
[  535.544656][T32293]  </TASK>
[  535.679540][T32296] hugetlbfs: Unknown parameter '��ͤ�j�V`�f�G��G��΄�jñMxO�G��w�am��ٺ�!9�����6�C'
[  535.803940][T32298] kvm: emulating exchange as write
[  535.842361][T32303] syzkaller0: entered promiscuous mode
[  535.844174][T32303] syzkaller0: entered allmulticast mode
[  535.999315][T32321] netlink: 'syz.4.10367': attribute type 21 has an invalid length.
[  536.001922][T32321] netlink: 128 bytes leftover after parsing attributes in process `syz.4.10367'.
[  536.004806][T32321] netlink: 'syz.4.10367': attribute type 4 has an invalid length.
[  536.007278][T32321] netlink: 'syz.4.10367': attribute type 5 has an invalid length.
[  536.009837][T32321] netlink: 3 bytes leftover after parsing attributes in process `syz.4.10367'.
[  536.160766][T32337] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10371'.
[  536.200076][T32344] XFS (nullb0): Invalid superblock magic number
[  537.011148][T32379] mkiss: ax0: crc mode is auto.
[  537.482780][T31318] Bluetooth: (null): Invalid header checksum
[  537.635762][T32400] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10390'.
[  537.691265][T32387] syz.6.10387 (32387): drop_caches: 2
[  537.695435][T32404] siw: device registration error -23
[  537.761129][T32408] overlay: ./file1 is not a directory
[  537.766262][T32408] 9p: Bad value for 'afid'
[  537.936734][T32426] netlink: 48 bytes leftover after parsing attributes in process `syz.2.10393'.
[  538.000200][T32432] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10397'.
[  538.001352][T32428] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10399'.
[  540.325270][T32380] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  540.378040][   T40] kauditd_printk_skb: 39 callbacks suppressed
[  540.378051][   T40] audit: type=1400 audit(1770385970.806:2900): avc:  denied  { shutdown } for  pid=32435 comm="syz.5.10401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  540.903664][T32444] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  541.022594][T32421] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  541.158280][T32450] overlay: ./file1 is not a directory
[  541.164335][T32450] 9p: Bad value for 'afid'
[  541.178158][T32457] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10410'.
[  541.194171][T32460] tmpfs: Group quota inode hardlimit too large.
[  541.252675][T32464] tipc: Resetting bearer <eth:syzkaller0>
[  541.300258][T32463] tipc: Resetting bearer <eth:syzkaller0>
[  541.304764][T32469] netlink: 32 bytes leftover after parsing attributes in process `syz.6.10412'.
[  541.341298][T32472] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10415'.
[  541.348316][T32474] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10415'.
[  541.407008][T32479] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10418'.
[  541.422076][   T46] Bluetooth: (null): Invalid header checksum
[  541.460924][T32480] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10416'.
[  541.477565][T32482] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  541.481940][T32482] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  541.571807][T32486] overlay: ./file1 is not a directory
[  541.572137][T31264] tipc: Resetting bearer <eth:syzkaller0>
[  541.584620][T32486] 9p: Bad value for 'afid'
[  541.609247][T32491] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10423'.
[  541.771770][T32501] syzkaller0: entered promiscuous mode
[  541.773898][T32501] syzkaller0: entered allmulticast mode
[  541.839422][   T40] audit: type=1400 audit(1770385972.171:2901): avc:  denied  { write } for  pid=32512 comm="syz.4.10431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  541.847007][T32513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10431'.
[  542.609591][T32524] F2FS-fs (nbd4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  542.613335][T32524] F2FS-fs (nbd4): Can't find valid F2FS filesystem in 1th superblock
[  542.617197][T32524] F2FS-fs (nbd4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  542.620751][T32524] F2FS-fs (nbd4): Can't find valid F2FS filesystem in 2th superblock
[  543.507901][T32521] netlink: 68 bytes leftover after parsing attributes in process `syz.4.10434'.
[  543.548890][T32528] libceph: resolve 'c����' (ret=-3): failed
[  543.562857][  T843] libceph: connect (1)[b::]:6789 error -101
[  543.565446][  T843] libceph: mon0 (1)[b::]:6789 connect error
[  543.678239][T32543] overlay: ./file1 is not a directory
[  543.684724][T32543] 9p: Bad value for 'afid'
[  543.806875][T12708] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  543.841833][  T843] libceph: connect (1)[b::]:6789 error -101
[  543.844503][  T843] libceph: mon0 (1)[b::]:6789 connect error
[  543.983925][T12708] usb 9-1: Using ep0 maxpacket: 16
[  543.988939][T12708] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  543.995006][T12708] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  543.999154][T12708] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.003727][T12708] usb 9-1: Product: syz
[  544.005486][T12708] usb 9-1: Manufacturer: syz
[  544.007340][T12708] usb 9-1: SerialNumber: syz
[  544.011663][T12708] usb 9-1: config 0 descriptor??
[  544.016853][T12708] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  544.020621][T12708] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  544.384557][  T843] libceph: connect (1)[b::]:6789 error -101
[  544.386628][  T843] libceph: mon0 (1)[b::]:6789 connect error
[  544.433244][T32528] ceph: No mds server is up or the cluster is laggy
[  544.487138][T32552] netlink: 'syz.2.10445': attribute type 4 has an invalid length.
[  544.674044][T12708] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  544.702182][T32565] overlay: ./file1 is not a directory
[  544.711051][T32565] 9p: Bad value for 'afid'
[  544.752994][T32569] kernel profiling enabled (shift: 5)
[  544.820447][T32578] FAULT_INJECTION: forcing a failure.
[  544.820447][T32578] name failslab, interval 1, probability 0, space 0, times 0
[  544.826091][T32578] CPU: 1 UID: 0 PID: 32578 Comm: syz.6.10456 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  544.826120][T32578] Tainted: [L]=SOFTLOCKUP
[  544.826127][T32578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  544.826138][T32578] Call Trace:
[  544.826145][T32578]  <TASK>
[  544.826153][T32578]  dump_stack_lvl+0x100/0x190
[  544.826210][T32578]  should_fail_ex.cold+0x5/0xa
[  544.826231][T32578]  should_failslab+0xc2/0x120
[  544.826255][T32578]  kmem_cache_alloc_lru_noprof+0x8e/0x7d0
[  544.826278][T32578]  ? _raw_spin_unlock+0x28/0x50
[  544.826305][T32578]  ? d_splice_alias_ops+0x5c3/0x1320
[  544.826324][T32578]  ? __d_alloc+0x34/0xa80
[  544.826351][T32578]  ? __d_alloc+0x34/0xa80
[  544.826372][T32578]  __d_alloc+0x34/0xa80
[  544.826394][T32578]  ? __lock_acquire+0x4a5/0x2630
[  544.826414][T32578]  d_alloc_parallel+0x111/0x14e0
[  544.826437][T32578]  ? look_up_lock_class+0x64/0x120
[  544.826456][T32578]  ? register_lock_class+0x40/0x560
[  544.826474][T32578]  ? do_raw_spin_lock+0x128/0x260
[  544.826493][T32578]  ? find_held_lock+0x2b/0x80
[  544.826516][T32578]  ? __pfx_d_alloc_parallel+0x10/0x10
[  544.826538][T32578]  ? lockdep_init_map_type+0x5c/0x250
[  544.826558][T32578]  ? lockdep_init_map_type+0x5c/0x250
[  544.826581][T32578]  __lookup_slow+0x193/0x460
[  544.826609][T32578]  ? __pfx___lookup_slow+0x10/0x10
[  544.826651][T32578]  ? __d_lookup+0x266/0x4a0
[  544.826674][T32578]  lookup_slow+0x50/0x70
[  544.826701][T32578]  path_lookupat+0x5e8/0xc40
[  544.826724][T32578]  filename_lookup+0x202/0x590
[  544.826747][T32578]  ? __pfx_filename_lookup+0x10/0x10
[  544.826780][T32578]  ? __pfx_kfree_link+0x10/0x10
[  544.826802][T32578]  ? getname_kernel+0x52/0x370
[  544.826829][T32578]  ? __asan_memcpy+0x3c/0x60
[  544.826851][T32578]  kern_path+0x35/0x50
[  544.826871][T32578]  tomoyo_realpath_nofollow+0x8c/0x100
[  544.826903][T32578]  ? __pfx_tomoyo_realpath_nofollow+0x10/0x10
[  544.826925][T32578]  ? tomoyo_profile+0x47/0x60
[  544.826945][T32578]  ? tomoyo_init_request_info+0x101/0x370
[  544.826973][T32578]  tomoyo_find_next_domain+0x2a8/0x2010
[  544.827000][T32578]  ? __pfx___kernel_read+0x10/0x10
[  544.827017][T32578]  ? __lock_acquire+0x4a5/0x2630
[  544.827046][T32578]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  544.827081][T32578]  tomoyo_bprm_check_security+0x12d/0x1d0
[  544.827103][T32578]  ? tomoyo_bprm_check_security+0x11f/0x1d0
[  544.827128][T32578]  security_bprm_check+0x87/0x1e0
[  544.827155][T32578]  bprm_execve+0x84b/0x1620
[  544.827180][T32578]  ? __pfx_bprm_execve+0x10/0x10
[  544.827205][T32578]  ? copy_string_kernel+0x365/0x510
[  544.827230][T32578]  do_execveat_common.isra.0+0x4dc/0x5b0
[  544.827256][T32578]  __x64_sys_execveat+0xda/0x120
[  544.827278][T32578]  do_syscall_64+0xc9/0xf80
[  544.827301][T32578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.827319][T32578] RIP: 0033:0x7f27cb39aeb9
[  544.827334][T32578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  544.827371][T32578] RSP: 002b:00007f27cc310028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  544.827391][T32578] RAX: ffffffffffffffda RBX: 00007f27cb615fa0 RCX: 00007f27cb39aeb9
[  544.827402][T32578] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  544.827413][T32578] RBP: 00007f27cc310090 R08: 0000000000001000 R09: 0000000000000000
[  544.827424][T32578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  544.827435][T32578] R13: 00007f27cb616038 R14: 00007f27cb615fa0 R15: 00007ffd62534cd8
[  544.827459][T32578]  </TASK>
[  544.894097][T32580] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.10457'.
[  545.112583][T12708] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  545.116023][T12708] em28xx 9-1:0.0: board has no eeprom
[  545.130872][T32589] overlay: ./file1 is not a directory
[  545.140698][T32589] 9p: Bad value for 'afid'
[  545.392607][T32606] virt_wifi0 speed is unknown, defaulting to 1000
[  545.440443][   T40] audit: type=1400 audit(1770385975.528:2902): avc:  denied  { name_bind } for  pid=32605 comm="syz.6.10466" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  545.565890][T32619] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  545.579373][T32619] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  545.589048][   T40] audit: type=1400 audit(1770385975.668:2903): avc:  denied  { ioctl } for  pid=32618 comm="syz.6.10469" path="socket:[146075]" dev="sockfs" ino=146075 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  545.589826][T32619] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  546.127931][T32647] syzkaller0: entered promiscuous mode
[  546.129801][T32647] syzkaller0: entered allmulticast mode
[  546.331109][T32527] em28xx 9-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  546.388814][T32656] syzkaller0: entered promiscuous mode
[  546.390571][T32656] syzkaller0: entered allmulticast mode
[  546.395064][T12708] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  546.397789][T12708] em28xx 9-1:0.0: dvb set to bulk mode.
[  546.399841][ T6051] em28xx 9-1:0.0: Binding DVB extension
[  546.402630][T32656] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  546.404027][T12708] usb 9-1: USB disconnect, device number 21
[  546.409572][T12708] em28xx 9-1:0.0: Disconnecting em28xx
[  546.432008][ T6051] em28xx 9-1:0.0: Registering input extension
[  546.434232][T12708] em28xx 9-1:0.0: Closing input extension
[  546.441668][T12708] em28xx 9-1:0.0: Freeing device
[  546.464042][   T40] audit: type=1400 audit(1770385976.491:2904): avc:  denied  { mount } for  pid=32658 comm="syz.5.10485" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  546.503975][   T40] audit: type=1400 audit(1770385976.528:2905): avc:  denied  { unmount } for  pid=30445 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  546.711092][   T40] audit: type=1400 audit(1770385976.724:2906): avc:  denied  { map } for  pid=32674 comm="syz.6.10490" path="socket:[147759]" dev="sockfs" ino=147759 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  546.719064][   T40] audit: type=1400 audit(1770385976.734:2907): avc:  denied  { read accept } for  pid=32674 comm="syz.6.10490" path="socket:[147759]" dev="sockfs" ino=147759 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  546.728172][T32675] nft_compat: unsupported protocol 0
[  546.731504][T32675] vlan0: entered promiscuous mode
[  546.737211][T32675] team0: Port device vlan0 added
[  546.799267][T32682] netlink: 'syz.6.10492': attribute type 72 has an invalid length.
[  546.881394][T32687] xt_bpf: check failed: parse error
[  546.973468][T32703] overlay: ./file1 is not a directory
[  546.981674][T32703] 9p: Bad value for 'afid'
[  546.991501][T32707] netlink: 'syz.6.10501': attribute type 72 has an invalid length.
[  547.251352][T32717] __nla_validate_parse: 5 callbacks suppressed
[  547.251369][T32717] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10505'.
[  547.292108][T32726] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10508'.
[  547.295509][T32717] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  547.363332][T32732] tipc: Resetting bearer <eth:syzkaller0>
[  547.424952][T32736] syzkaller0: left promiscuous mode
[  547.427272][T32736] syzkaller0: left allmulticast mode
[  547.458330][T32735] overlay: ./file1 is not a directory
[  547.463632][T32735] 9p: Bad value for 'afid'
[  547.568424][T32743] netlink: 'syz.4.10514': attribute type 10 has an invalid length.
[  548.165277][T32732] tipc: Resetting bearer <eth:syzkaller0>
[  548.256285][T31264] tipc: Resetting bearer <eth:syzkaller0>
[  548.377990][T32766] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10522'.
[  548.428643][  T300] overlay: ./file1 is not a directory
[  548.434493][  T300] 9p: Bad value for 'afid'
[  548.573693][  T304] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.10525'.
[  548.618602][   T40] audit: type=1400 audit(1770385978.501:2908): avc:  denied  { execute } for  pid=305 comm="syz.4.10526" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=148696 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  548.649870][  T306] overlayfs: conflicting options: userxattr,redirect_dir=on
[  548.663271][  T306] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=306 comm=syz.4.10526
[  548.673402][  T308] virt_wifi0 speed is unknown, defaulting to 1000
[  548.741714][  T316] xt_hashlimit: size too large, truncated to 1048576
[  548.807612][  T320] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10531'.
[  548.810695][  T320] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10531'.
[  548.880075][  T325] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:20002
[  548.885306][  T323] overlay: ./file1 is not a directory
[  548.893060][  T323] 9p: Bad value for 'afid'
[  549.009233][  T331] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=331 comm=syz.5.10537
[  549.018398][  T331] netlink: 'syz.5.10537': attribute type 1 has an invalid length.
[  549.031885][  T331] 8021q: adding VLAN 0 to HW filter on device bond4
[  549.044294][  T331] bond4: (slave dummy0): making interface the new active one
[  549.048311][  T331] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  549.077862][  T340] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=60 sclass=netlink_route_socket pid=340 comm=syz.4.10540
[  549.082463][  T340] bridge: RTM_NEWNEIGH with invalid state 0x4
[  550.046040][  T363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10548'.
[  550.085533][  T365] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10549'.
[  550.089335][  T365] netlink: 'syz.4.10549': attribute type 10 has an invalid length.
[  550.534274][   T76] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  550.715896][   T76] usb 9-1: Using ep0 maxpacket: 16
[  550.719207][   T76] usb 9-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  550.723207][   T76] usb 9-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.728144][   T76] usb 9-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.732019][   T76] usb 9-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  550.737150][   T76] usb 9-1: config 7 interface 0 has no altsetting 0
[  550.741189][   T76] usb 9-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  550.744780][   T76] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.782630][  T384] overlay: ./file1 is not a directory
[  550.789223][  T384] 9p: Bad value for 'afid'
[  551.185443][   T76] input: HID 0458:5010 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:7.0/0003:0458:5010.0005/input/input35
[  551.260977][   T76] kye 0003:0458:5010.0005: input,hiddev0,hidraw1: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.4-1/input0
[  551.339761][  T408] overlay: ./file1 is not a directory
[  551.345397][  T408] 9p: Bad value for 'afid'
[  551.488020][   T76] usb 9-1: USB disconnect, device number 22
[  551.716332][  T419] FAULT_INJECTION: forcing a failure.
[  551.716332][  T419] name failslab, interval 1, probability 0, space 0, times 0
[  551.725504][  T419] CPU: 1 UID: 0 PID: 419 Comm: syz.6.10570 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  551.725531][  T419] Tainted: [L]=SOFTLOCKUP
[  551.725555][  T419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  551.725566][  T419] Call Trace:
[  551.725572][  T419]  <TASK>
[  551.725578][  T419]  dump_stack_lvl+0x100/0x190
[  551.725622][  T419]  should_fail_ex.cold+0x5/0xa
[  551.725639][  T419]  should_failslab+0xc2/0x120
[  551.725659][  T419]  kmem_cache_alloc_lru_noprof+0x8e/0x7d0
[  551.725680][  T419]  ? proc_alloc_inode+0x25/0x200
[  551.725697][  T419]  ? __pfx_proc_alloc_inode+0x10/0x10
[  551.725709][  T419]  ? proc_alloc_inode+0x25/0x200
[  551.725721][  T419]  proc_alloc_inode+0x25/0x200
[  551.725734][  T419]  alloc_inode+0x68/0x250
[  551.725748][  T419]  new_inode+0x22/0x1c0
[  551.725764][  T419]  proc_pid_make_inode+0x22/0x160
[  551.725785][  T419]  ? do_raw_spin_unlock+0x145/0x1e0
[  551.725804][  T419]  proc_fd_instantiate+0x57/0x230
[  551.725824][  T419]  proc_lookupfd+0x11f/0x200
[  551.725842][  T419]  ? __pfx_proc_lookupfd+0x10/0x10
[  551.725860][  T419]  ? lockdep_init_map_type+0x5c/0x250
[  551.725878][  T419]  __lookup_slow+0x251/0x460
[  551.725900][  T419]  ? __pfx___lookup_slow+0x10/0x10
[  551.725930][  T419]  ? __d_lookup+0x266/0x4a0
[  551.725949][  T419]  lookup_slow+0x50/0x70
[  551.725969][  T419]  path_lookupat+0x5e8/0xc40
[  551.725987][  T419]  filename_lookup+0x202/0x590
[  551.726005][  T419]  ? __pfx_filename_lookup+0x10/0x10
[  551.726031][  T419]  ? __pfx_kfree_link+0x10/0x10
[  551.726053][  T419]  ? getname_kernel+0x52/0x370
[  551.726074][  T419]  ? __asan_memcpy+0x3c/0x60
[  551.726091][  T419]  kern_path+0x35/0x50
[  551.726106][  T419]  tomoyo_realpath_nofollow+0x8c/0x100
[  551.726133][  T419]  ? __pfx_tomoyo_realpath_nofollow+0x10/0x10
[  551.726150][  T419]  ? tomoyo_profile+0x47/0x60
[  551.726167][  T419]  ? tomoyo_init_request_info+0x101/0x370
[  551.726187][  T419]  tomoyo_find_next_domain+0x2a8/0x2010
[  551.726208][  T419]  ? __pfx___kernel_read+0x10/0x10
[  551.726222][  T419]  ? __lock_acquire+0x4a5/0x2630
[  551.726240][  T419]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[  551.726267][  T419]  tomoyo_bprm_check_security+0x12d/0x1d0
[  551.726284][  T419]  ? tomoyo_bprm_check_security+0x11f/0x1d0
[  551.726304][  T419]  security_bprm_check+0x87/0x1e0
[  551.726324][  T419]  bprm_execve+0x84b/0x1620
[  551.726343][  T419]  ? __pfx_bprm_execve+0x10/0x10
[  551.726357][  T419]  ? copy_string_kernel+0x365/0x510
[  551.726376][  T419]  do_execveat_common.isra.0+0x4dc/0x5b0
[  551.726395][  T419]  __x64_sys_execveat+0xda/0x120
[  551.726412][  T419]  do_syscall_64+0xc9/0xf80
[  551.726440][  T419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.726455][  T419] RIP: 0033:0x7f27cb39aeb9
[  551.726467][  T419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  551.726481][  T419] RSP: 002b:00007f27cc310028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  551.726495][  T419] RAX: ffffffffffffffda RBX: 00007f27cb615fa0 RCX: 00007f27cb39aeb9
[  551.726504][  T419] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  551.726512][  T419] RBP: 00007f27cc310090 R08: 0000000000001000 R09: 0000000000000000
[  551.726520][  T419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  551.726528][  T419] R13: 00007f27cb616038 R14: 00007f27cb615fa0 R15: 00007ffd62534cd8
[  551.726548][  T419]  </TASK>
[  552.079416][  T428] sp0: Synchronizing with TNC
[  552.115147][  T430] overlay: ./file1 is not a directory
[  552.132125][  T430] 9p: Bad value for 'afid'
[  552.207897][T26519] Bluetooth: hci5: adv larger than maximum supported
[  552.212521][  T440] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10577'.
[  552.246385][  T442] virt_wifi0 speed is unknown, defaulting to 1000
[  552.344986][  T440] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  553.389006][  T474] syzkaller0: entered promiscuous mode
[  553.392820][  T474] syzkaller0: entered allmulticast mode
[  553.395392][  T474] tipc: Resetting bearer <eth:syzkaller0>
[  553.446416][  T480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10588'.
[  553.607425][  T493] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.10592'.
[  553.663737][  T495] overlay: ./file1 is not a directory
[  553.670724][  T495] 9p: Bad value for 'afid'
[  553.838933][ T6017] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  553.919195][   T40] audit: type=1326 audit(1770385983.466:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=506 comm="syz.4.10599" exe="/syz-executor" sig=9 arch=c000003e syscall=157 compat=0 ip=0x7f674859aeb9 code=0x0
[  553.970176][   T40] audit: type=1400 audit(1770385983.513:2910): avc:  denied  { watch watch_reads } for  pid=511 comm="syz.4.10600" path="/proc/1421/projid_map" dev="proc" ino=150815 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  554.021299][ T6017] usb 10-1: Using ep0 maxpacket: 8
[  554.026860][ T6017] usb 10-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  554.030062][ T6017] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.037198][ T6017] pvrusb2: Hardware description: Terratec Grabster AV400
[  554.039660][ T6017] pvrusb2: **********
[  554.041001][ T6017] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  554.045766][ T6017] pvrusb2: Important functionality might not be entirely working.
[  554.049120][ T6017] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  554.054082][ T6017] pvrusb2: **********
[  554.061026][  T514] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.10601'.
[  554.251693][ T2494] pvrusb2: Invalid write control endpoint
[  554.292557][ T2494] pvrusb2: Invalid write control endpoint
[  554.295233][ T2494] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  554.299750][ T2494] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  554.302480][ T2494] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  554.306575][ T2494] pvrusb2: Device being rendered inoperable
[  554.309182][ T2494] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  554.311787][ T2494] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  554.317144][ T2494] pvrusb2: Attached sub-driver cx25840
[  554.319016][ T2494] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  554.322447][ T2494] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  554.364424][  T521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10604'.
[  554.466029][  T491] pvrusb2: Killing an I2C write to 7 that is too large (desired=125 limit=61)
[  554.475950][  T527] comedi: No check for data length of config insn id 6 is implemented
[  554.479406][  T527] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  554.483647][  T527] comedi: Assuming n=18415 is correct
[  554.518476][ T6017] usb 10-1: USB disconnect, device number 4
[  554.578994][  T532] overlay: ./file1 is not a directory
[  554.585490][  T532] 9p: Bad value for 'afid'
[  554.883663][  T540] netlink: 48 bytes leftover after parsing attributes in process `syz.2.10612'.
[  554.952372][  T544] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10614'.
[  554.965741][ T6017] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  554.970480][  T544] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=544 comm=syz.2.10614
[  555.112912][  T550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10616'.
[  555.135373][ T6017] usb 11-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  555.138857][ T6017] usb 11-1: config 220 has 1 interface, different from the descriptor's value: 3
[  555.141780][ T6017] usb 11-1: config 220 interface 0 has no altsetting 0
[  555.147626][ T6017] usb 11-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  555.150657][ T6017] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.153267][ T6017] usb 11-1: Product: syz
[  555.155141][ T6017] usb 11-1: Manufacturer: syz
[  555.156742][ T6017] usb 11-1: SerialNumber: syz
[  555.159249][  T558] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10619'.
[  555.225285][  T565] cgroup: Invalid name
[  555.229283][   T40] audit: type=1400 audit(1770385984.681:2911): avc:  denied  { mounton } for  pid=557 comm="syz.2.10619" path="/487/file3" dev="tmpfs" ino=2565 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  555.260538][  T563] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10621'.
[  555.365835][  T570] workqueue: name exceeds WQ_NAME_LEN. Truncating to: �π�F���Vl�uc'f`�ކ�;��1�
[  555.402858][  T570] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10623'.
[  555.445079][ T6017] uvcvideo 11-1:220.0: Found UVC 0.00 device syz (8086:0b07)
[  555.448880][ T6017] uvcvideo 11-1:220.0: No valid video chain found.
[  555.451979][ T6017] usb 11-1: USB disconnect, device number 3
[  555.587449][  T585] netlink: 'syz.5.10626': attribute type 10 has an invalid length.
[  555.601647][  T585] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  555.645273][  T589] bond0: (slave wg0): Error: Device can not be enslaved while up
[  555.648069][  T587] bond0: (slave wg0): Error: Device can not be enslaved while up
[  556.057081][ T5936] Bluetooth: hci0: link tx timeout
[  556.060673][ T5936] Bluetooth: hci0: link tx timeout
[  556.180298][  T604] Device name not specified.
[  556.180298][  T604] 
[  556.186556][  T606] openvswitch: netlink: Flow actions attr not present in new flow.
[  556.248591][  T610] overlay: ./file1 is not a directory
[  556.253989][  T610] 9p: Bad value for 'afid'
[  556.516220][  T622] xt_hashlimit: size too large, truncated to 1048576
[  556.646200][  T626] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=626 comm=syz.6.10639
[  556.654530][  T626] netlink: 'syz.6.10639': attribute type 1 has an invalid length.
[  556.671698][  T626] 8021q: adding VLAN 0 to HW filter on device bond3
[  556.680446][  T626] bond3: (slave dummy0): making interface the new active one
[  556.683550][  T626] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  556.716096][  T629] fuse: Unknown parameter 'g'
[  556.782255][  T629] bond5: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  556.787265][  T629] bond5 (unregistering): Released all slaves
[  556.795501][T31269] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  556.798602][T31269] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  556.801391][T31269] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  556.804428][T31269] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  556.854949][    C0] ------------[ cut here ]------------
[  556.857454][    C0] ODEBUG: free active (active state 0) object: ffff888033415090 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150
[  556.861557][    C0] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#0: swapper/0/0
[  556.864655][    C0] Modules linked in:
[  556.867523][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  556.870762][    C0] Tainted: [L]=SOFTLOCKUP
[  556.872169][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  556.875439][    C0] RIP: 0010:debug_print_object+0x19b/0x2a0
[  556.877340][    C0] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d c2 08 d2 0b 41 56 48 8b 14 dd e0 47 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c f0 c7 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  556.883342][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  556.885262][    C0] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  556.887886][    C0] RDX: ffffffff8bfa4720 RSI: ffffffff8bfa4340 RDI: ffffffff90c19550
[  556.890398][    C0] RBP: 0000000000000001 R08: ffff888033415090 R09: ffffffff8b92b880
[  556.892898][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa4340
[  556.895488][    C0] R13: ffffffff8b92b8c0 R14: ffffffff8a663af0 R15: ffffc90000007b18
[  556.898130][    C0] FS:  0000000000000000(0000) GS:ffff8880d65d9000(0000) knlGS:0000000000000000
[  556.900927][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  556.903052][    C0] CR2: 0000000000000000 CR3: 0000000032c82000 CR4: 0000000000352ef0
[  556.905581][    C0] Call Trace:
[  556.906666][    C0]  <IRQ>
[  556.907601][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  556.909505][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  556.911355][    C0]  debug_check_no_obj_freed+0x4da/0x630
[  556.913173][    C0]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  556.915289][    C0]  ? mark_held_locks+0x40/0x70
[  556.916923][    C0]  ? kasan_quarantine_put+0x104/0x240
[  556.918775][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  556.920438][    C0]  kfree+0x34c/0x690
[  556.921742][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  556.923564][    C0]  ? rose_timer_expiry+0x53f/0x630
[  556.925318][    C0]  ? rose_timer_expiry+0x53f/0x630
[  556.926979][    C0]  rose_timer_expiry+0x53f/0x630
[  556.928902][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  556.930713][    C0]  call_timer_fn+0x19a/0x590
[  556.932204][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  556.933879][    C0]  ? __run_timers+0x747/0xac0
[  556.935389][    C0]  ? __run_timers+0x747/0xac0
[  556.936908][    C0]  ? rcu_is_watching+0x12/0xc0
[  556.938461][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  556.940266][    C0]  __run_timers+0x757/0xac0
[  556.941783][    C0]  ? __pfx___run_timers+0x10/0x10
[  556.943464][    C0]  run_timer_base+0x114/0x190
[  556.944997][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  556.946666][    C0]  ? rcu_is_watching+0x12/0xc0
[  556.948196][    C0]  run_timer_softirq+0x1a/0x50
[  556.949773][    C0]  handle_softirqs+0x1ea/0x910
[  556.951371][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  556.953066][    C0]  __irq_exit_rcu+0xef/0x150
[  556.954591][    C0]  irq_exit_rcu+0x9/0x30
[  556.955946][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  556.957761][    C0]  </IRQ>
[  556.958726][    C0]  <TASK>
[  556.959728][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  556.961663][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  556.963511][    C0] Code: 56 78 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 ae 14 00 fb f4 <e9> fc 31 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  556.969589][    C0] RSP: 0018:ffffffff8e207e00 EFLAGS: 00000202
[  556.971513][    C0] RAX: 0000000000582a23 RBX: ffffffff8e297ac0 RCX: ffffffff8b76d4b5
[  556.974155][    C0] RDX: 0000000000000000 RSI: ffffffff8dc45bb3 RDI: ffffffff8bfa3620
[  556.976671][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100d48673d
[  556.979177][    C0] R10: ffff88806a4339eb R11: 0000000000000000 R12: fffffbfff1c52f58
[  556.981710][    C0] R13: 0000000000000000 R14: ffffffff90b749d0 R15: 0000000000000000
[  556.984290][    C0]  ? ct_kernel_exit+0x125/0x180
[  556.985857][    C0]  default_idle+0x9/0x10
[  556.987220][    C0]  default_idle_call+0x6c/0xb0
[  556.988777][    C0]  do_idle+0x35b/0x4b0
[  556.990148][    C0]  ? __pfx_do_idle+0x10/0x10
[  556.991602][    C0]  cpu_startup_entry+0x4f/0x60
[  556.993178][    C0]  rest_init+0x251/0x260
[  556.994669][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  556.996446][    C0]  start_kernel+0x47a/0x480
[  556.997946][    C0]  x86_64_start_reservations+0x24/0x30
[  556.999672][    C0]  x86_64_start_kernel+0x122/0x130
[  557.001363][    C0]  common_startup_64+0x13e/0x148
[  557.002969][    C0]  </TASK>
[  557.004345][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  557.007363][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  557.011339][    C0] Tainted: [L]=SOFTLOCKUP
[  557.012710][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  557.016447][    C0] Call Trace:
[  557.017527][    C0]  <IRQ>
[  557.018457][    C0]  dump_stack_lvl+0x100/0x190
[  557.019952][    C0]  vpanic+0x20d/0x630
[  557.021253][    C0]  panic+0xd1/0xd1
[  557.022442][    C0]  ? __pfx_panic+0x10/0x10
[  557.023901][    C0]  ? check_panic_on_warn+0x1f/0x90
[  557.025523][    C0]  check_panic_on_warn.cold+0x19/0x34
[  557.027197][    C0]  ? debug_print_object+0x18e/0x2a0
[  557.028824][    C0]  __warn.cold+0x191/0x2f8
[  557.030362][    C0]  __report_bug+0x296/0x3d0
[  557.031991][    C0]  ? debug_print_object+0x18e/0x2a0
[  557.033669][    C0]  ? __pfx___report_bug+0x10/0x10
[  557.035215][    C0]  ? stack_trace_save+0x8e/0xc0
[  557.036704][    C0]  report_bug_entry+0xe1/0x290
[  557.038217][    C0]  ? debug_print_object+0x19b/0x2a0
[  557.039814][    C0]  handle_bug+0x1c9/0x2a0
[  557.041180][    C0]  exc_invalid_op+0x17/0x50
[  557.042663][    C0]  asm_exc_invalid_op+0x1a/0x20
[  557.044655][    C0] RIP: 0010:debug_print_object+0x19b/0x2a0
[  557.047171][    C0] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d c2 08 d2 0b 41 56 48 8b 14 dd e0 47 fa 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c f0 c7 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  557.055047][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  557.057552][    C0] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  557.060723][    C0] RDX: ffffffff8bfa4720 RSI: ffffffff8bfa4340 RDI: ffffffff90c19550
[  557.064011][    C0] RBP: 0000000000000001 R08: ffff888033415090 R09: ffffffff8b92b880
[  557.067410][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8bfa4340
[  557.069930][    C0] R13: ffffffff8b92b8c0 R14: ffffffff8a663af0 R15: ffffc90000007b18
[  557.072492][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  557.074387][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  557.076236][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  557.078331][    C0]  debug_check_no_obj_freed+0x4da/0x630
[  557.080678][    C0]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  557.083242][    C0]  ? mark_held_locks+0x40/0x70
[  557.085006][    C0]  ? kasan_quarantine_put+0x104/0x240
[  557.086828][    C0]  ? lockdep_hardirqs_on+0x78/0x100
[  557.088548][    C0]  kfree+0x34c/0x690
[  557.089839][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  557.091608][    C0]  ? rose_timer_expiry+0x53f/0x630
[  557.093265][    C0]  ? rose_timer_expiry+0x53f/0x630
[  557.094915][    C0]  rose_timer_expiry+0x53f/0x630
[  557.096511][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  557.098546][    C0]  call_timer_fn+0x19a/0x590
[  557.100023][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  557.101660][    C0]  ? __run_timers+0x747/0xac0
[  557.103184][    C0]  ? __run_timers+0x747/0xac0
[  557.104670][    C0]  ? rcu_is_watching+0x12/0xc0
[  557.106217][    C0]  ? __pfx_rose_timer_expiry+0x10/0x10
[  557.107936][    C0]  __run_timers+0x757/0xac0
[  557.109472][    C0]  ? __pfx___run_timers+0x10/0x10
[  557.111088][    C0]  run_timer_base+0x114/0x190
[  557.112577][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  557.114585][    C0]  ? rcu_is_watching+0x12/0xc0
[  557.116603][    C0]  run_timer_softirq+0x1a/0x50
[  557.118633][    C0]  handle_softirqs+0x1ea/0x910
[  557.120635][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  557.122850][    C0]  __irq_exit_rcu+0xef/0x150
[  557.124839][    C0]  irq_exit_rcu+0x9/0x30
[  557.126694][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  557.129079][    C0]  </IRQ>
[  557.130355][    C0]  <TASK>
[  557.131617][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  557.134178][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  557.136000][    C0] Code: 56 78 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 03 ae 14 00 fb f4 <e9> fc 31 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  557.142110][    C0] RSP: 0018:ffffffff8e207e00 EFLAGS: 00000202
[  557.144321][    C0] RAX: 0000000000582a23 RBX: ffffffff8e297ac0 RCX: ffffffff8b76d4b5
[  557.147130][    C0] RDX: 0000000000000000 RSI: ffffffff8dc45bb3 RDI: ffffffff8bfa3620
[  557.150165][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100d48673d
[  557.153543][    C0] R10: ffff88806a4339eb R11: 0000000000000000 R12: fffffbfff1c52f58
[  557.156717][    C0] R13: 0000000000000000 R14: ffffffff90b749d0 R15: 0000000000000000
[  557.159989][    C0]  ? ct_kernel_exit+0x125/0x180
[  557.162021][    C0]  default_idle+0x9/0x10
[  557.163814][    C0]  default_idle_call+0x6c/0xb0
[  557.165866][    C0]  do_idle+0x35b/0x4b0
[  557.167596][    C0]  ? __pfx_do_idle+0x10/0x10
[  557.169541][    C0]  cpu_startup_entry+0x4f/0x60
[  557.171546][    C0]  rest_init+0x251/0x260
[  557.173257][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  557.175634][    C0]  start_kernel+0x47a/0x480
[  557.177181][    C0]  x86_64_start_reservations+0x24/0x30
[  557.178882][    C0]  x86_64_start_kernel+0x122/0x130
[  557.180487][    C0]  common_startup_64+0x13e/0x148
[  557.182081][    C0]  </TASK>
[  557.183915][    C0] Kernel Offset: disabled
[  557.185435][    C0] Rebooting in 86400 seconds..