last executing test programs:

1m9.470427908s ago: executing program 3 (id=1060):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)={0x600, 0x0, 0xfa5})
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, 0x0, 0x0)
syz_emit_ethernet(0x92, &(0x7f0000000180)={@multicast, @remote, @void, {@mpls_uc={0x8847, {[{0x200}, {0x7}], @ipv4=@icmp={{0x1a, 0x4, 0x1, 0x3e, 0x7c, 0x66, 0x0, 0x2, 0x1, 0x0, @rand_addr=0x64010101, @rand_addr=0x64010100, {[@timestamp_addr={0x44, 0x17, 0xf9, 0x1, 0xd, [{@broadcast, 0x7fffffff}, {@broadcast}, {@loopback}, {@broadcast}, {@private=0xa010100}, {@broadcast, 0x3}, {@broadcast, 0x800}, {@broadcast, 0x8}, {@multicast2, 0x200}]}, @cipso={0x86, 0x8, 0x2, [{0x0, 0x2}]}]}}, @timestamp_reply={0xe, 0x0, 0x0, 0x800, 0x5, 0xe, 0x6fa, 0xd002}}}}}}, 0x0)

1m9.46980862s ago: executing program 3 (id=1061):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a0000000000006113b800000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000480), 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r8 = io_uring_setup(0x4d05, &(0x7f0000000000)={0x0, 0x70e2, 0x2, 0x2, 0xf2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r8, 0x13, &(0x7f0000000080)=[0x5, 0xa22], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r9, 0x400448cb, 0x0)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r11 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x2e, &(0x7f0000000e80)=ANY=[@ANYBLOB="180000000000008000000000f8ffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000ec2464f1027dd5ff00008500000083000000bf09000000000000550901000000000095000000000000008520000005000000183b000003000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="00000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000006580600000800001800000099000000000000000300000018340000040000000000000000000000182a0000", @ANYRES32=r2, @ANYBLOB="000000000b00000018400000020000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r12, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$dsp(r2, &(0x7f0000000140)="02000000", 0x4)
ioctl$SNDCTL_DSP_SETFMT(r11, 0x40045010, &(0x7f0000000300)=0x3)
ioctl$SNDCTL_DSP_RESET(r11, 0x5000, 0x0)
bind$bt_hci(r10, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r10, &(0x7f0000000040)="05000000010000", 0x7)

1m9.070199167s ago: executing program 3 (id=1062):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
symlinkat(&(0x7f0000000080)='./file0\x00', r2, &(0x7f00000000c0)='./file0\x00')
unlinkat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x30, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

1m9.035312615s ago: executing program 3 (id=1064):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x810c5701, &(0x7f0000000440))
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x20000, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(r3, &(0x7f0000006380)=""/1024, 0x400)
open_tree(r3, &(0x7f0000000000)='./file0\x00', 0x81100)
syz_fuse_handle_req(r0, &(0x7f0000006780), 0x2000, &(0x7f0000008780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000008800)={0x10}, 0x0, 0x0, 0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a30000000000c000780080012000000000011000300686173683a6e65742c6e6574000000000500050002000000050004"], 0x58}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
sched_setscheduler(r2, 0x5, &(0x7f0000000180)=0x3ff00000)
ioctl$SG_GET_COMMAND_Q(0xffffffffffffffff, 0x2270, &(0x7f0000000200))
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x20, 0x1404, 0x200, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x4)
setitimer(0x2, 0x0, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f0000000400)=[{&(0x7f0000000000)="390000001000111867090707a640400f0021ff3f31000000170a001700000000040037000900030001372564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
ptrace(0x10, r6)
ptrace$peeksig(0x4209, r6, &(0x7f0000000700)={0x0, 0x0, 0x2}, &(0x7f0000000280)=[{}, {}])
r8 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f00000001c0)=r5, 0x4)

1m8.176761217s ago: executing program 3 (id=1079):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000005fc0), &(0x7f0000006000)=0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
write$tun(r2, &(0x7f00000002c0)={@val={0x0, 0xa01}, @void, @eth={@broadcast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x1, 0x32, 0x0, @rand_addr=0x64010102, @multicast1}, {0x4e21, 0x0, 0x8}}}}}}, 0x2e)
mkdir(&(0x7f0000000140)='./file0\x00', 0x20)
setreuid(0xffffffffffffffff, 0xee00)
setfsuid(0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000140)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r6 = getpid()
r7 = syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
kcmp(r6, r7, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r6, r8, 0x0, 0x5, &(0x7f00000001c0)='IPVS\x00'}, 0x30)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
move_pages(0x0, 0x5d, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m7.921066476s ago: executing program 3 (id=1080):
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18203085ea29d9c64a0ea1bd67bd84bb25c60000f9ffffffffff840000006d000000e1"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r0, 0x0, 0xffffffffffff8000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff9}, @in6={0xa, 0x4e24, 0x8, @local, 0xfffffe5b}, @in={0x2, 0x4e21, @multicast1}], 0x48)
close(r3)

1m7.855180216s ago: executing program 32 (id=1080):
pipe(&(0x7f0000000600)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18203085ea29d9c64a0ea1bd67bd84bb25c60000f9ffffffffff840000006d000000e1"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
pipe(&(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r0, 0x0, 0xffffffffffff8000, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff9}, @in6={0xa, 0x4e24, 0x8, @local, 0xfffffe5b}, @in={0x2, 0x4e21, @multicast1}], 0x48)
close(r3)

40.75070901s ago: executing program 2 (id=1293):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r0, &(0x7f00000000c0)=ANY=[], 0xe)
socket(0x80000000000000a, 0x2, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
r3 = syz_open_dev$vim2m(&(0x7f0000000680), 0x10007ff, 0x2)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x5c2a, 0x0, 0x1, 0x4, 0x0, 0x7, 0x0, 0x8}, 0x0, &(0x7f0000000140)={0x1ff, 0xfffffffff, 0x3, 0x4, 0x0, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe}, 0x0, 0x0)
r4 = socket$isdn_base(0x22, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f0000000100)=0x300000000)
write$vhost_msg_v2(r6, &(0x7f0000001700)={0x2, 0x0, {&(0x7f0000000500)=""/71, 0xfffffffffffffed0, 0x0, 0x2, 0x2}}, 0x48)
getsockopt$inet6_int(r5, 0x29, 0x16, 0x0, &(0x7f00000000c0))
bind$isdn_base(r4, &(0x7f0000002780), 0x6)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
unshare(0x22020400)
socket$can_j1939(0x1d, 0x2, 0x7)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x7f, 0x2, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f0000000240)={0x1b, 0x8000000000, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0)
bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000040)={0xf0f024})
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f0000000980)={0x2, @pix_mp={0xa, 0x81, 0x50565559, 0x4, 0xb, [{0x8f, 0x1}, {0xfffffff7, 0x9}, {0x5, 0x5}, {0x0, 0x4}, {0x8, 0x9d8}, {0x10, 0x4}, {0x1}, {0xfffff000, 0xffffffff}], 0xcb, 0x9, 0x8, 0x4, 0x6}})
pwritev2(r3, &(0x7f00000004c0)=[{&(0x7f0000000a80)="f31d71f10eb2447a0544f2047b8251195e99bbc3f46c48db31fd9c20ce12be48e106687e2bc65bbe806bd05e6f7d38b11bad6fcff147caefc852427d7c82021b91357bacbdc28bc476564e5878f4d5045de3fcaae86fc9ee60df0d34d23a55db786a7da23ed01ddc2c4aaf4c6140ee36b1aa68fe023ed3240a17ca501cc4d718810b7cb81685a477d8265845891843b57facec1bac13b40a41176d8d0b2fdd2aa2a85fa92f3e2d51de55fcd3501de01d71fd190eb16cc4cf1a608da3a7c838f093c9343899445e14242a685acbbf134f0c7e5db4f011fd4c082b22591332dfe8aae4d07161dac65e107bc40b0fe5f2e3e63d5be076dc372ca8c5b9c53eccc28fe3bb0d46d351e11dbcb4ffed6aee70640c847fb882a3b1e6d18518ddfe7d503eb39e37cac25e59c26ab845b9df9e58f3065abc88d1896f23b5933d81b4bba14414428fb79679c6abc04af72c78d82fa57833841e27cc30fd86b709d7ab97d416b58a950037b01674fbac6c48decfb263fe11a54558f7daf8ad3b7999540dc84f987a4f7155cb15478668ce4543d239d0ddd946d94f0322a4f1fe3bd8ffa726718822cf4d78abd51ed4fff8af6374be1a55413b1a5571eefdaa054b511a44fe846f0a4092d4a9acf9aa42bea7b687e95de9dfb6181be6da1bdcdb4beb7eb1bf0f5384f03e8957cfc265e415837de02257496c0fd507357aafed2bc8ecf6a7b93ba2704be4ebee7e61f39e3364edc28962324a60c2d265f5a4f8454feb82e2b21304771668522225a3a6712e650a5c04a85c7c8f6d768caff356c7ade62bf887dd8605b64cfd5302e2c641a61ee03cfc3c6dc6ee85724d5f03fa444619797b2e22c2ea2492d06b47364178bb8459fdb133b0704e8a6d7f8b477298cd3b5a9d18936a678fd00cb3b55b637e9ae8168cbee3fd084a40b820badd99c9e54ac746eecb055986049bdac799fa3f57b3ccd5ab835585cdb8bd429a36fde234cbeab8503685d2e479ea734d1b485a51ac91097aaf2ed80842d1a8ceb7117592da6c8ea06a686598cd9dbf5db2423421d404c2663fbb40a09d523d6111d9d27221b25b0bc4ffa8153f1435875805eafe180ad6c52b39bb7efd51afbd98c18042da2c25b31d2c6782fa06307919cf609f1bab9632bf91612c067a4f6e2dcfc9ca4198e944af8c2deef0483debbf6f1ad3bccb1ddb6d1be1e62c29357faba78007e5eba2cbdff77b0dc1d7536b1cb8f932b008e9e03ba742a3a735825218bb5956ba02aa3b65d1e73a10e8c742f600b752acd9b3901fee26ef615a7bd66aeea1ff4ea4b8d0d3268cbfe0ba7ecc7b2890f55e23f7eb67ff8977add0ccd74d500416034ba0ec600deb850468d3b696e26a2a139b9c1c4e482a183d70c46cfb56c2f3a5ba5a5813297d495e0de6ef541fe0bad6ada55e7d43af3fe7d0c0644eb17d0c217b2a34ee618b8d1849275b3611d281d595717560063ac26bb00233315d503c195c085a3436794e53a6fea868db7f28f96215829cfce37f9ee0e04c55f41a4c1ecc6aa58644829fb55e4912d312e54c4822ba408d1c9c02f626c3edd8ea3707c96385587ede66c6d11aa7977349dae4f4a87505fe2a573ddf26ccf8636108e4b593bbfce5b2bdaaf6c95b26f98aeabf6016065298e16154b19d97bb98bdae9e7da460901624a473edb45d5d9dac95c0e08ba0f43d9a1412312e1a82c6c06eaa6eda5119ad52241c4819180318c60b887000fcd39cd15c75f384f41b282fafa585b0b42f86b5d8fb24f12620cf7af0ab0a31793e551b73bd027fc8c4881d052b821c9c7064d7c9b3dac298595e8e0831d8f627ae89732e434a5ae45e5819459d6b8de6a7fb32ebb4addefe1e7c8baffdce22d7b7890d3ebb1ffb75b5badd6e5a94870280eb0295b01d5e3d938e8a16ee51e033aa61c6e420f2f2c05beca68407ffa32d7f403631db162bad1bf2c3e94f119f29b1913a5c631780d84058f48cb511195b923165ac514410a0e5c7c40123904bc67a8e47dfc424453888f6c2542b57495ab6dfc6cf519dee88572ab3906b6a9a80ceabf80bd09c233408051db37bab825780ebb9a7d6ea8599363ac0f31fb258ba8dc0eff5cb52cb6b31bf721dc68a1a3c61a5830c6c5ebbc7ea1be0815c7f3840d31eaca539569fc8910f71793f4fc2014c65e2db5478814b44ed1913634e79070370ee4e7784a69ae6aa62a50b7c79e288bc75f933ac1d117a41c243583908aa34f0264a2825724afa743e7f55b7287beae106579dc906ebc9d49a98440739e680c49b417d81ddc28c440b9737697c14220bec53fc6a1a4df76cbe28599d70198e867bf89d8c195fde7942ff03ab19fa5ee70a88b00a1529401cd81c8518279cf88f15e44b32255df6dae1101feffaf14cbf11e694226e580c9bdc0f9d4e128ae8d27cc8c57760db614261ba59cef0f3ffac12beddeb44baa852e002a723208855aa43f787fdb67dfd9742a5a8b26e54a0407e99ec95adf265bba9317ddc916dd54206d8bd0af6765fa7ca7ffe01e0c957f8c21f93eeb3fd653da43159cbefb63fe679f50c82920312055cc3813da093b555940a97919daab2adb6eb160b784d7e5918ebedb8a0383aaaf068c908ed3830eac8216e194b921a7465e989873067d10655c45a1c92cb73e7d9c61a61a3aa4b578e4e1c401a37211a4c3d702e902a9e963a309d574e78a510b15c94e7831815c1712fa57b8a37dc6a2940cd2682d1836b26c6a8ac7fcae41e8a32b00d1ba788fb24c501aa70b8eb81f1d062ff23a55212a332d986e2c944b220e30e417c92cb1e0458dff1257cce242bb0cbf9f8a185390975d65ec485139cde9613c17fb3babb57953b989d9c44c1986635f478e9e3e71f42be31cd36e82710d489c737484c9b125875ac934da0123835e99981ae75500393bcb723bc0283f01fdcdc226fa2f98d4fdf921cc83ed2f87b76d9f82d53a44b5f5d63fcce6925ca7c763148d9f302658549a87f8b541a2b4de80149c056dd9001780ee1dca18beea4394c897dccb4e1a93cdb68d6b88dfa3d149469a71a3aa605d3c3da01e284c057b9ea1019e613906edcbb68c9b9685409959c91b7083b0b9a5417c584ab1ae97ef8f6a16db28ac3c38faf97499f7eb6ce3aeaf39b6c233da246df6cfcfdf7182839de1445b13f66a09cf3d3da3603db7a807f5b0a184617a1e4f85103f611232e5ce4f4568890c2ba80eb8704a1ebb863ae3b5e7742cfa0a2c761f5947726d2b75630e5c4a8f5ceb3652d8ad9d1c437ad239b52201ac864d7d0d588f48f01cc9204d98d815b870ee07f0171cb0ee3869843fd65781ae6f0154d960f1a5f8177a12de42e996dd13e37f40a55618912564859079e1d1cf9da228f3f1edf331f992a4ec8cba1b818fd24f02c0c471a45bd486f2903c86346a9ee2ccfdf7adb14507c7bb4271efcaf453e96706d8dae986fd66332378f72fefe7d267df4a273aad11d1282d4c2a2d15d7ab4a0a9e0f911047205285d7373074f1de0217a0b307945d12fdd953ff3fa7259e260178e1749348857ca08b2dbeb6f04f7eb6b79eae75f6f61039870cb8a75bc1c6f2f2d6d1f51f154deb678c1af566b66ffb66c232b1e6870c9e3e6736794a14c3719e01568f634b779d538d74b27a73948f7cf8bf2a846ee9f2d1d3e1f2043c9f5515619bbb2988bfc7b12ba65fde43e43868467ed799a5ac2b01f33717b2badea3254dbf8e7ad96a6cd12808c14fd69c1403e8999e7df0f9050ebb92e5150cf238cbef26b5483c4d07740f1bbacb9db13e80fcb0b6599249299a6c2f196898049971e4dd490c75574e27bc3480ea2a1933fd6b27914e607ac0c2a92d7844826a60849bd9ef7b91f5b432b9f33d3d589967c4b6ce7b53dbf8ea62a2754b18cf849f833982bb759669884b07999ff451dbc61f912d7a1ee7267e3efc66b5a4cbf60b424e23ff0f50cf3bba0abd724cad4e2f3db48579e49e8f64c68028473e61afd4856eadafa585364654f0ab009db81b93416d72d913013cbbf86773decc49a0d222dd2666c28c549aa466355c0053b1af947673de90e7d7f5204a37d1f7dd0c64828701f5128d5b83af3eed313438ca27eaa7aaeb03ddd7c6b76084f40792af49b1203c0470a7b61b06ab41d06222557171cc0befd585d5151d3c7009c2bba4cdef7f251a3a897890ab38cb206e31f9063f79fc576beab840d504d018003acf7f5c8e908c16deea6ca28246dfa138744853b6857c94681eafcfc449c57c30195dd9790292f2567c3570970d142de5bd8c3d448e8a7320e8db7815fbed896b68a49109182ae0520aaf756edc4e980c9b40327cfb35c0278e1b55d720851d86a7ec2edec4cc9a472466abf7052a15308950879cf30ab2a36e8a458497c0aec3c99484b600cb6e8fb1b7e9a72e741e4b005870d1432d6ce2c5db975d0d912dd746b486667b92e3eec33f714b3f9e8867c86326b548f88c1f1b89fad5a8375607ba682941371e367b7b2b442c12ff679c122c32705ab0735aaa87fef8ad460cf1777ad31d772578954d8640b38c5e4da6f41d145e46bebfd6b48a93d2408ddb3cd52e43fef87720c6479978edc61ffeac5ed367e62d0e8d1fe3e91835776bdca36130377a7bcda8d16f92bedb8f05632d7e9a4a9a2f6c354b8006919fb065ac327f2f611a9d9b0fda6f1087aca6d607a2af561fc8aa668b5b12cd5892e710c0f26d2fdc0c6c76d7c5ebb0c559145dedb6fe7c92fd4a28a89331870911422de9a9c00c8a0a4868912c3ba981df249c227a99e925a2301fa2850de0a4406cc330144642a6a4c0528e2c2e7fe654cf4a3e7bf684790be05021735399bfa9826e00283c5dc1d454ee7db265707a95d645ef61aafbd5ac1a5a1f63376392b80aef49187e44f958e71d4cc7f54efe2454ada9cea10bf156ec080d409a6dc07885842b5a0b76942653593c1b6a53b9710384b6a564cfc5feda0c54f89cfef9fdd1cdb2ade60ff393fa9db6333afa945a05d98e2214e30c436a41538df67ccf3ed541c117fb5e096fb459f5adec2b3f6cb02e97a538aea96d61f975b81b441557c4b", 0xe00}, {&(0x7f00000001c0)="bc9360fa96a8f9b0df1f110f4a140c03c897b779e298b5cbc5b8203b92a51397f9e1decbf65050c23e32a00a0797140bd81c5959372bfc8ab48536c45e5a9a95aaacf1", 0x43}, {&(0x7f0000000300)="3544a4ac7020d0386db317ff489e8195cb14cbfd7151d748b7292c5ef385df9de2359da1c98cefaa541fdd1920e2ce7a8bc11421bfbebf2dea8a74890a2da0595e68b0ae94642f654877be72b730ec6fa3b61554c36d7a6041ede8479bef267c7427b115fe08c543791e95bb97e671900b7b2d9a0d", 0x75}, {&(0x7f00000027c0)="a46a0c839fbdd64612d49faf488e2fca0befc4c53c5a85d68de88cd324184c140d1570eb9a1a420fdaed04e77b55f268fc2d72ff007ab7ba3e97a3ba513ca543a44b373fb38bc7246838cb7c4d6d3cb9c3a2667a644ef11c224e03753a97a81026e5e4d86889815e9af3de7687f4d12ff2b51efec724aa7c5c0361714ca138b7f1e38bdf52e787a13b40fdb93d09f3ebadeb9170afd8a9fb19bd447caa1ad78804a57df11c91cb7d6be457e9b5ed870d425fc84e7ae0a2f232cf344a117d7fac52ac43923c13fff1621d0a846308d99ff7008095db2585214a140ccf96527e5892b1e93c5cf0794cf84bab1bb9ffb385ce54db2112e176dfc41cfa147f140839132d27e77d230bd8eddc4803505a2fbf64d41c365a07cfb3d5e005acde746446b36c1da8f8135dc1afe9d12f6e0ca7474d2fd28f0bfbba218bf6e31c5fc118c971bda7b068f0c1baa26736b96fb27b8dfaf30e6c6b8540fccb0c341f312fe19f3edc92cf871d1710f8a44db471b3145b86f419868cdb51bd51d65c71d64b59f0b08ded347580380955589846ef413e50770ac879a70948bfb2288bf9163891c22e6a7ef16a4581a3acf8dc568cf42fe38bcd3d356aff2a8149309c782447939ba43c40a6197131f3b57002d555181493b72ac89dec733efb7b17a34149c2637434a2ac72fbcc9bbb65efc07def668aec0ba9b032dade864460c3481d6d91486aaffbb3cfa6f17f591461bec3a06fbe5c59f04747ca4b9e979901fe08c20f871a49d95d2663fa602d1b868f99110dd9acbd72ded4d9e4820078c43d949de96de83435766d7e31772f493c0ce224240592e806793e96da81cd35cf02446ff12120f70676ae2a42cc52d06abb7dae61faec8f03a2ce290cf4a4f8857872ccbec82170f7e0b3a0cfeb2baa56bdd7c6c9b3551d238cedae2d3a76a1f813ea839484e39bae4a7b056f2eb1f77da4d86653f1556495e5e3405c61a3f1af6e16ed340555c970a5a6beec5dc47427a6236cf6778550c33b08cbc4ed8df617e24e768dcf0677430a1a8474157a3b79d0e14a3cad1160c5125b4aa5c7b478a96c6b98c7ee8f92899acdc4a65cf128b8adfe0af49e8bc9774a2db049e4b12949accf41201b11089c83835ac93d00b5a48661109caf7f1ac96e394be91bab42285525ec8f656b5da7ae3bc452307b4b23e0f794506e3b3d0f56884ff5113b4b43508bf62d5d18c00feef662a2b26fa97ed2529e9fb086f4133cd1b5f9f5a133d51799f112a7ae59acac9ae287cea48ec9b5e67f740515514386ebaf5bf176228e721c99df922513c5d3f5de70e7dcded7b2829cfe217ed7a91bb601456cfabd2c9dd50847f23031f6656d01586c5a483f64dfc902908c49e2f7328110aaaf9ad0997d6ec6e627133ef8b08803cd43e58e5dd18fb5dd46103fbcb224cc33c7a2c772e619dcfedc7bdfb77da0cb4874ac5400f860c7aa7a5cd0be05ccee27a521c530d1459e8f43c70a1d639fe13c99222b1e01e856b4d33bd03970f799c5b91758e5cf247411e321c63c6905e6a4819b03a5458c767c71140eda891a4a97913f94414d88dcba1d37f1dffd7ace4e259d0a07f1fab589b6090756b942003a4c71a786956226b9f95f523aa0cc16261027c26f28a7cabe64203880857f65884668cb5e52cfec5d394bc8b0051d268a3ab22e7097409e727a2c8d046acf603d1dace01c2274bd1f19854e5745f8cd983d6579a94b3602348234d4c58f7af6fc65e0c0b2319e922400842a9698016c3b550558a85f46221c044aa02ca6ddc37a6e3cf879e166149978f55abbc121537e2a4546a0d8390b31637261c2f8da026f3a231a6bed2d661d74eb01767df229b39bcdc8e89dc8bc23e0070212e8288c6e33b00479958eb85c2b1646ebbee40c130132e83a300cd28571a93321860ecc9b1d2b076e3e0c7b060ffaafdb9e30763cc049ec924b4227678394811f8f465e7f776f49da491116c692538c8bb1828001f0f0f709973211a5d3c3cd8b8689e7c168397ce85bb80d361c0ccf7345d7b0e1d46a49c3f3a23e289b49a25000fa2e62d67d03ba67c49eb6328a1b84660d82cfe69b7f33bbc12443132dc11f0c3fed6ecb127c129a5edeb08d2ee06ea816489a8b2f95a731a5a3a776430b1645f4f2e35ee37874413ed9472fc91e950b17c5a05946ee7b15e0889270221010bc078e4d3b56e21ca81f2c3c635ad7cec450475db87a88fa35f0bdf26656e333f78d9cd94e6c66465763aee4361effb39becf5cf54c20ed6094b6cff6d6bd3f8108a17d4b6c8a4ce530d0aaf005061b0c252574047712b00cf05b6f662dfb8b5a78d571c5d857abed8e9d26b2f8eb2e5be7083f7a2a28e4ac29fc5ea02628dfc824b48391949d6c72d0b43f5c69aff37906d2d685d6cdec175d2357f4a2ae6598e906f412169ab974bcf5d5c608c289fcbce4854ffe085f5b51c4e55bf3ae1d4c66647cf418e211495e17b1ea3666762eb2266fe958e82a5ba651c42d0c5ae65ee0e9f8f03568ee8771e03ddf33ef410336c7f2d968d530fb5e0b15473bdce88656b54e24c396211efd3ffa118be79560989a0cbb2b4002e53aa53ae70371f6748ba4dac3d792cb998c715be7691ec7b3564c9f2dfa614c68c7a7fb32fd64ba6905e66640b4d3bef3c1de4e5f5c827951a63094219fc687d085e3e6e216213598bc5c2916462dd192e35222ae2645536a7d140f2e9266e1786950db27231a09a0d4bdfb6a8a61c24d87bfcf101484e4be08f5f496b018307d30090b49ffabc86455d084a9365da1dcef0d84479fa05848904cc2f8b0efbf7d97337e1f0e1acb8e6294ec0c448bbce07cbe2e0a84cc59357466837bf3897b846a7874fe170f1edebd3e4cf371276de5dc89b394fa039f43d9eef73fa4c19818ab5469e26958ff40a62ce55ab9947bbd45496e4de8e413496e83b3b7dcc6d1dd3131613cfd9de8695f6f86bde2fc79b8c315be1dd50a6c87e9155d8dcd3215e5e3b6e8b0281a7326f284727d5581a560566c1af7d4d6c56bd55ffbfabfac850cfc4b0540705d9e49da8b14499fc19109c359aa2c8f930d7aad2227b0bec5c1209ec278981c5984dc344aa8f5e506cc67b357944d172e53b86031b3478b77c266f447b6a5cd5405ed5f863151110cfd614deaf910400ab7fd99d9e50bcbf65a92285e73b2332afac12e0212ab406ccd4e1acde666fa3c76a296921f06352927e6dcdb6e543354948de9f8081809600c5c4899c4ee9e1a7825a193c413b16d4ecb09247e66335f9c884ace010dca5e46551e811a62b4f355ac353b6cd36308ffcd722a9561ebf62079bddb77cca9ee002ff4e32ba79363cc9a9fbf58efa60d48200a9742ca78cb594d61d20582f6bbb987c621862caf692db9eef55ddb42967d036b6ba356c4bd6d2c112384cf90d0cb723cf66c913815ce26e3d7364f9992a6cbbf0e30ad9e8607992f77e60f437a5f5d91faa9e1b6e41cdb18c368a357316f940fae9a91b1c18759aed672781b4a7b94453297032846a5ac2df3a7d127a8dd835534cd0f3185a36449b2e03b29ad894df45b0c99f7868577d52d30b50221d5369ef5e51980f3dd4b60820c9977f766bf96abeb72d91812ad83de8ec82049ed4c5543e3c48a667eddf6364d0a61533a2dc89d6c1e069ba82cc51db6b1ed89dbdd988c90288d7071b8411147a16f1fe96c8ba0352a3e452b94e031577b5615727aa869d142a6a24279d8eca2ca0713e324a9be2c3cce080f232c6901ba549ec464ec3003ff75aeb9c3d6c450077fce43c24cd9a99c3ad806cbafd4eb518672bdfcb3ae235a2f108f1d966a95293c134b69e17d1c15b80b1de0be7cf5b341595043048abac20c2a0b1f5f9b30ce250c91b6001aa67f78873d6cb9aad12214a05777ef5a831760b6807037323d3792b8b2a0dcff515ca24ef0408671739ef0face18006cf318e38c52b9b28e2325bbde89889e33330c47d4bc4d7d13c998113a6e5b075d41b8c6df057223c53fafc52dab2b274e6433cf425418a7db3218f0cbf5627c4c5faf49015cc63ee7b9071ebac7f69b8ef38a54f423085a50177cda96f6c647f9f4688ec2c3159ce85960eb5261bb146d587f5d2ed7f40d9cf0543745defc5928145f8c5a8049e12d76cc089ae3e2e606a2c8e2cb5aef0f33a7b3007f8bc5ece24b85926b51c4a72791854f9692b2dfef45b6cdfbab1edcef4a3b2684435601343784d101487fb2c3ffec6f0ae126749aa75a2b29d3fa04bd668364a21ffd11a3617b2ce5a34e903e6a7202e022846e4bebbb2d2eed64576d71d6da398471af1dacefe2a9e81fc87c80b71950485012aa5eaa0cf0577b8d1b318a572b72993728d4e4dddf3e5b23ff8be4d29cdea39dae5069ff7c8b3365db965748a2b0f05ff45da5b972a6addb98065bb67a09e9cd78d64725ce7931f36f9ccb28f3f166ec8098847e324f839a56f98f7431569d72237ccd80916056f41bb089aac8aec70ef821e2d5dbfcce2a4aa761b77173a789c5462aeb34875557a7ef6455e4788c6f763f204954839bf056e516d2f9dc1766220c79dace0042060e92f7aab2014b2ca121fc690065840b8fb9515f19a8fd042d60f59cd03474d8c47e447b336fcd56889a2d08e4fdaace54b4e641a8645cd6cb4fac5333a153238b9ff0e4c0dce63291a61acbac4c73ceec96bdfa25a375eebb2364faf09a969cbe3fc21079a35cdacd7c5ad4180fb706cde95686f8d172a3ed984d6c0b4bf7f60511a0852a04bdfe10b5b1208ffcb265930339100b438dffb150fff4b9c33d1f4f37074674921a56b091c9d388882bb0168558a9b27c8faa1f9cd0692a8fcc9763ff1ac9d29c5deab3ec43ac9603841c23cb75a755e3d605633bf12529e4a4a96c53983dbcd3efe3d9648f2c47fab64d10af0e1f2ddb040b630094246c6cddfc17c3bfadd9b024016a8a8b3c9dd39d3a5f6f7e5a1c7d25b875208f1b310473110bd3f0972e05f215288cfd502d2a25a25f9086ef6f1655d3f9417cf853c3fcee7617c555dd7e513f1250d217a4f8587ab510df878773acc58858640676cb19531927bd323d7ba4aa1640046633605d5a8caaaeccf19017f782279774a80214647d414e08a6f5f3261558c5231f59dc2660772480b7be7309d9dbd2e00de4442fe779ed72a47cf2abaca133a9dcd98bb9900640678ec4a4c4a55a9eca2af41546f190ec741c5bb3b87f046aaf9785b3bc1348c1a7987629fc4b2debb027c9695fa28b1428584643ca6318e573dbd7c03cbfb80a024796a168ba208a5d9579ee25d9dbd7f20084c794a3e78ec673fff734e5a747f1047722577e381b2c9ce4c7b8ead90a36f8d37c2dea57f66b180f3ebdb86d9b621ad59fb75b437821d78281cd81b3e66b57fb85dc03298ad17befc443d38ceabf31e4d4734b8c2b9027f6fe571dbcbb8198c2a05de784b1746bfac6a91c6a86d6db2a7fd21b0bdcd4aaa84921c8d125d23ccef69081af208c6252d069295392e67cf3ccce65c1ac08d4627d67b6516be55d9df104afe4978f2c81b330b6956403161a5bbddf019c2444736649e96216ca1adbaf7230f03eb6d9e1fad3204827d5558eff9150cc6065eb8f8bb8ddc3ddfbac56744aa20c5e6bbcea3f0c62eb9b1f6be646052b530d9f3718e70f63c70e8ea451fd520a83f412e5c139f4bb22859a7e903ed7217450b95630875b23f0611a8d5261e633b1d4b1202100fb746080602aced8ef59db8d204fccb89b1150ab4845fab9792bda7fb02c9dcf927c9fc304466bf6f", 0xffc}, {&(0x7f0000000380)="bec17833ac47f55e64f0dd6c8c963c5315db69c06c7fece7b157e76aff278df1bc27d0d01b4ecdd3fa85f086c09fec05a98b24fc094f89292ffe20e9774506f414670eeb96054ce32ef1f37e950f12ced328895d8e3690a53895d03eb1e5a45e4dc6863d7917ecac471fdd377cf84a1ddf2f4983f186a22c33199d874d6b8ee4678246e50cedb48a514fa25ff8fbfc7b5ec3ff24485ba2f504e168", 0x9b}, {&(0x7f0000000280)="a2686505e4f9c6e91f2a65f0", 0xc}, {&(0x7f0000000440)="42e9d535916a2bca94e2f06fb082b9597a691e63258bdeb8c23e83f09fcaaa3f5980990a75ead042f620c7a9980b", 0x2e}], 0x7, 0x10000, 0x3, 0x10)
write$bt_hci(r7, &(0x7f0000000180)=ANY=[@ANYBLOB="0e00010002"], 0x8)

39.491036141s ago: executing program 2 (id=1304):
r0 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
symlinkat(&(0x7f0000000080)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00')
unlinkat(r1, &(0x7f0000000040)='./file0\x00', 0x0)

39.490655271s ago: executing program 2 (id=1305):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0xf0ff, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x40, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x6, 0xb, 0x2}}}}]}, 0x40}}, 0x0)

39.430798434s ago: executing program 2 (id=1306):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r1=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$UHID_INPUT(r2, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x2, 0x0, 0x40, 0xd0fb}, {0x7f, 0x2d, 0x2, 0x12}, {0xa1cf, 0x5, 0x4, 0x7}, {0x5, 0x6, 0xa, 0x5}]})
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$pokeuser(0x6, r6, 0x118, 0x20089)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3, 0x10012, r2, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="212800000000000000000b00000008000300", @ANYRES32=r1], 0x3c}}, 0x0)

39.20916863s ago: executing program 2 (id=1308):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x100, r1, 0xe701ac47a3d23ccd, 0x0, 0x2, {}, [@NLBL_MGMT_A_DOMAIN={0xda, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\v\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93UK\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3i\xb0Z\xbf_\xfe~gJ\x13\xfc\x15om~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\a\x00\x00\x00\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~=\xe5\xdc\x90\a\xe7M\x9c<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x28}]}, 0x100}, 0x1, 0x0, 0x0, 0x20084880}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000400), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r7, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000100010004"], 0x408100)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r4, 0x0, 0x7}, 0x18)
r8 = syz_io_uring_setup(0x236, &(0x7f0000000740)={0x0, 0x1c2a, 0x1, 0x4, 0x0, 0x0, r4}, &(0x7f0000000080)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
r11 = syz_open_dev$sndctrl(&(0x7f00000012c0), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r11, 0xc2c45512, &(0x7f0000000a00)={{0xa, 0x6, 0x0, 0x0, '\x00', 0xffff}, 0x0, [0x0, 0x0, 0x0, 0xfffffffc, 0x10000, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x429a3bbf, 0xffffffff, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x4000000, 0x355e, 0x200, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x390, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0xfffffffc, 0x0, 0x0, 0xeec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x400, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0xff, 0x0, 0x79d6, 0x0, 0x0, 0x1]})
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r8, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r13 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f00000001c0)={'wlan0\x00', &(0x7f0000000780)=@ethtool_gstrings={0x1b, 0x1}})
read(r12, &(0x7f0000000440)=""/247, 0x26)
fsetxattr$security_ima(r2, &(0x7f0000000300), &(0x7f0000000340)=@sha1={0x1, "7e254171459d8515ffa71034b9c38434ae8407b2"}, 0x15, 0x1)
r14 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r14, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000001000010400000080fedd32b9abff038e", @ANYRES32=0x0, @ANYBLOB="1d800000000000001c00128009000100626f6e64000000000c00028008000880ac1414aa"], 0x3c}}, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r15, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x35dfdbff, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_ARPTABLES={0x5}]}}}]}, 0x3c}}, 0x0)
syz_open_dev$MSR(&(0x7f0000000100), 0x7, 0x0)

38.790053397s ago: executing program 2 (id=1317):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x20000000000003b0, 0x0, 0xd)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000001000000000000000000000079120e000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

38.651989019s ago: executing program 33 (id=1317):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x20000000000003b0, 0x0, 0xd)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000001000000000000000000000079120e000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

32.556958803s ago: executing program 1 (id=1342):
r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x40, 0x82)
mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x1, 0x0)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00'}, 0x14)
r2 = openat2$dir(0xffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0xc580, 0x15, 0x2}, 0x18)
symlinkat(&(0x7f0000000100)='./file0\x00', r2, &(0x7f00000001c0)='./file0\x00')
r3 = openat$sr(0xffffff9c, &(0x7f0000000200), 0x880, 0x0)
ioctl$VIDIOC_S_MODULATOR(r3, 0x40445637, &(0x7f0000000240)={0x7, "3fee5139aab566f25526aefdd70b3e3bcabd7b33d880e3a71ea439912862d850", 0x100, 0xe7c, 0x1, 0x1, 0x3})
r4 = dup2(r0, r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00'})
ioctl$KVM_DIRTY_TLB(r4, 0x400caeaa, &(0x7f0000000300)={0x8, 0xd55})
sendmsg$key(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x2, 0xb, 0xfa, 0x5, 0x22, 0x0, 0x70bd25, 0x25dfdbfb, [@sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e24, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}, @in6={0xa, 0x4e20, 0x40, @private0, 0x3ff}}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e22, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, 0x3b630df6}, @in={0x2, 0x4e21, @remote}}, @sadb_x_filter={0x5, 0x1a, @in6=@private0, @in6=@mcast1, 0x11, 0x10}, @sadb_x_nat_t_type={0x1, 0x14, 0xf}, @sadb_ident={0x2, 0xa, 0x2, 0x0, 0x100}, @sadb_x_sa2={0x2, 0x13, 0x5d, 0x0, 0x0, 0x70bd26}, @sadb_address={0x3, 0x7, 0x2b, 0x90, 0x0, @in={0x2, 0x4e21, @empty}}, @sadb_address={0x3, 0x7, 0x32, 0x180, 0x0, @in={0x2, 0x4e24, @local}}, @sadb_x_nat_t_type={0x1, 0x14, 0x4}]}, 0x110}}, 0x200480c4)
mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x13000, 0x3, &(0x7f0000fed000/0x13000)=nil)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000500)=0x20)
stat64(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580))
r5 = dup2(r3, r1)
write$binfmt_misc(r4, 0xfffffffffffffffe, 0x0)
socket$inet6(0xa, 0x2, 0x81)
r6 = socket(0x26, 0x3, 0x5)
fdatasync(r2)
sendmsg$key(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)={0x2, 0x2, 0x2, 0x3, 0x27, 0x0, 0x70bd2a, 0x25dfdbfd, [@sadb_spirange={0x2, 0x10, 0x4d4, 0x4d2}, @sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e20, 0x3, @mcast1, 0xe}, @in6={0xa, 0x4e22, 0xf628, @dev={0xfe, 0x80, '\x00', 0xc}, 0x2d}}, @sadb_lifetime={0x4, 0x4, 0x0, 0x4, 0x5, 0xd}, @sadb_spirange={0x2, 0x10, 0x4d4, 0x4d3}, @sadb_sa={0x2, 0x1, 0x4d4, 0xf7, 0x5, 0xbd, 0x0, 0x5dacfd0cd19098fe}, @sadb_address={0x3, 0x5, 0xff, 0x80, 0x0, @in={0x2, 0x4e21, @loopback}}, @sadb_x_policy={0x8, 0x12, 0x1, 0x1, 0x0, 0x6e6bb9, 0x3, {0x6, 0x32, 0x3, 0x7, 0x0, 0x6, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@loopback}}, @sadb_x_policy={0x8, 0x12, 0x3, 0x1, 0x0, 0x6e6bba, 0x6a7b, {0x6, 0x32, 0x4, 0x33, 0x0, 0x81, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@remote}}]}, 0x138}}, 0x80c1)
io_uring_setup(0x595f, &(0x7f00000007c0)={0x0, 0xb2bf, 0x4, 0x0, 0x126, 0x0, r3})
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000840), 0xffffffffffffffff)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000880)={<r7=>0x0}, &(0x7f00000008c0)=0xc)
sched_setaffinity(r7, 0x8, &(0x7f0000000900)=0x8)
readlinkat(r3, &(0x7f0000000940)='./file0\x00', &(0x7f0000000980)=""/46, 0x2e)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000009c0)={0x3, 0x6, 0x8000004, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x3, &(0x7f0000001ac0)={0x0, 0x23, 0x2, @thr={&(0x7f0000000a00)="40b49e22beed815a5c086e396d34ca18b88391c75627610daea25b79a57b5afa0664ee18c5c98c90df71d8f292885664cd8d2565ef0481074192fdb8b244b1a3b0c7a689933fefd3cc8e2a33e03468c9663ceffae8b7b9fbc2eb742b53a3b9525afff78952a98964649cca4de3fffae1b1af9e20deb6a63f4fe09b571330ba979466e74948f57273492abee49123dac834e8dc1a74bd69c70be5dbf0c771950e154cc9ab86fb510761a6cf0f97b5617d859931c0087dc88f757858bd31d25adc65f0e73abdd22101d5c8224f2520f3126e396e59d47522a71b94b4eb269b155b7d37418941e0d292b46d2932f142cb9ca3f7f3b8d5d529bb7292b09bd7a4c3a3b2c0050c6184413e371c72ad7202914b0fad428356fab27ab1d2077b0dd50d40d6102046e2c14622460a310b78810ec154e8b4bde939a13d849f4c607222afb128790d62cf8d84900c10cdc4357abea7ea4d262b9188c23997ad92b867550c3de526ecbc7c11d2c4fe8c07e4114a42c0b77e54d93b4eb3192e5292d9b77c814c71bfce81309f5a8c2d48efed58cca7fac6c63008658635169f67bef9d78bee6f3de2c2850be056533b1278c51a6e0cc58af4f497cd64c2507911e78e863f940d0e6d6b58c6b9655c3fb9cf8e8eadd9cbd7225c03ce8d0c31237e83363315bb60e33eefbccdc8f2515a30e0b218be3fc84ed171c569a293e94042065ac9fcb45fb471be7521d0b2d406fcf0240c9362beb33880295ab75758ad593a407415356fe995391a309bd036680b19f64375d573ced1f3c100c104424dcc5aa49643186673ae39343647b7c63079ce99ad130114a454b7c6982924fa0f4f8c58e96992ff5c8970e41813e31e4106e600ec316dc4c177ed42e3dd1f80665906ac5f6b444924a69719a3c7df928b074524610de04fda9725bd85b1a79b1f2b01a2310a6f58c26c4fc447555902a5ca9b9e2e3f5455ac2cddab3cc4db183faf3dcb68d3c067c5817e464057c826ed445fcb8e812145bcac8e490e6df9b43dda11e2bf49446d31be6ba5f94001555ce16315590dddf048bf586379368ffd373621a823aecd5415187cf7c1baa9f59010529e0f2b7939f8e632c6f3ea60284c5fb921f6676fc8af9a733dfb7cb82c21d0a95f616828a3a957ef0d8f5342ecca1df73f9258d153aa105a35a1d254b9b076fe4ce761e0bc5d67660f0a5f032a59e115a63d70b7b4d5aa61194ad9675c1681fcfe5b7bb5a2ad9e0dc6dfcb8d94f14982f4d5f97243d5e2bed0042a00658b97657e2e6e2d9831d864805244046332d868b84610be09c8e7faf44a0941b4abedef361cf0b15aa6e897e04d0a8ef1af388202f43a7d3a7b98e859bc0e89daa446944e15ab9478e5195bb995f470f7797f1d16480fcd92058a2dbee968f927fd2cc76aaf67440a3362c6d12b2f57a1bd1ada3aa0477d1bd30b446344cf89ca0faffc3b163073584809af4a5b830b2307789ed9dda43887a7633ef88058479fe11ced48cfcf3247ea0c9e41cb08aedcaba506dc751dc80ce29813bcd582a59d1dabcf0ffed1211f251bd5c4d735bc95fcb7d1c8499bc0952e1cdd88e0bd330a2649062239a02f6aed55d4bbd0a23215b651c1711491ea9f37e6b93d62af02f6a00a40c569ab6d4015c9a3be92096d4e32e63cfcc247d4a0476b0c9ac80a0b35dd007115cb4825635e80ae931e6f0451033746d8a0afef0de416cdb0f33029d0f895386e3461ff3fb169dbcc37dc8fef34abf3f4ba5af5b81f7c33fe807486fcfebfa47f24295ea72a2a48b26f90041852fecff9751fbf067682260e268531fc6b58b9087af59d2947b0b6812820e7c87a4d7b650fd69739d9c64fefa124aaf86767432c5afeeaf43335ad4c657a0c8479f3ffad91143d640656b19782cc5e0abd0eba5fea530d11cb3afc8df26580dcd33e53f2becb263638a113977f812a4ca54e56e1f3c3d5b87b60e3d07240e58069e06bfd89a968de056093d03789ce54e55fb123d93d3493f727f34991a49bcd139749d21e3bfe17506ffe4591e7c21ec53032235da2033207ad7b16facb346516f3a7ae8682fcfa0ebf9af96d86cb1bd20036a15356519cacf1ddac7c81c51a1a7a890e68a6a5d4216f39dff737421b879a292262e7f3269083fc864385d7b9d46677eb90e332278f251f93bcb144af064135ece9267965ef0e637318b576e035ed5aae43f72f18c2300a7390b1fa8c0f0f9b9110a34f7d523480e4e4121b2477857e8b3c2891f07f61f496b55ea10ab1415dae14d51e71c7cd27dcc6da6d1c2598485aa7676ee11d109e405c7b30908cd079692332236f3fe7ec6f1a8aa532c4432733852c4a7c1cb9586428b9dfc79d57283bcdbbf153eaa4a25ed8e56579f9ec3b2640a249172b0be3c9cb3642b878e3a747a43f5b23332634d67a4d7cbed596f97cbe1e37324ee5355bd32ed65bae1c15e04fb5ede950e27b6a9b9f9b816c94714b323ef58982652e3f5c7e7766245a3ff3b9d6e6ba9ec52ecce864867401c496eb6936873a929d1ec5904ebab5ba457c4333b64691a83eb83e02c00247e74c1ad69bd8345d7bbcbf56a442856e756d5c8e0f4236e1829dfd414f20a12f37020456eb055b6efa853300596a0e1ae31b04a2b59bd0bc1ac7136326b977f309803bd2cdd3dc95f4eddb4e61f8d6d974dfa1c24f4491b692d392c7604344abdd07358840ba6bfd368fd78e93c5820d990770823270207eb2c906bdde353d59bb9c04b94f0a20f7a99b3b252a37f02388b34b257a4eb415522798d52f4b1315f7cbd66613ca7693c546bdb358a599210d2c77ec3f94d7b39232b5a79cb9af3f3b1a199e8ab894f34ae3b2b2f46af481e01eb74b8867d1edb076aec0e3f84b8bfd6e2d5e2fb8ed372a9c0ac0b3ab824ba434e7f48e6d688fe70db31990c5b4d0a861f402c630b05450423725c4cddbd5471eee6e2ced75e14f58683cd86a5ca0e8ff7cc535b5175850bc7cf479913b29c96124673dde2cebf2f70c76853124e2805b079485e8c260e23a5bcf156b697d353e6c24f94739cca45761f403d8d80cc6cf8de4b97f5d53e69c4722785bd053bb7998462b9038be32b674bba1afe9f9921793adabc460a0dfa65fbc1c8040ee9b184a188f6d7be7c4d17802ff985315bbd00ef38de82fd125f167f4515fdb9fe57035f9993739b57bb2b5d83dfdd75d653460fd188a11f36deb96de617c814c976355e65a7b0b7e97ec418b985ae4ed6d1c45f8eed17ffcf8943f7af625b1c46fa5b6d19e8adc205e5e73840d2f6958e19db0a612c69fb7741d688747662062edbd4243b8b31a0037cbadd3c5604f4869b96921ac2277f7477d98c5bb4fd080fa28f3359b1b70b61d7f886558ff053ced604d8e9dc518be8811bc9cc53fe6de28fc9e3b4acc796b9e9b795d9018b251ca501408fd2ea5b58864ae063689474e7a235e9d27f060e0f0e3dd96421a8a0756bfcf844b86fe324466b6cd26afc9cd1597ba48487b817b67f30a86769473496fd6eb18ec6c036fd59f1fdafad672c8f55d925e381e9fc2a5b8b8c838960bb9a71bf876b4043470455241499dbf0a7165d6b7926d3908c3bd73a875149fd53ce89b1da4f17a72b51ad2116cc2887d6ca1b941bf46a2e6d12490696ec60a3ba890450cc99c141da2671c12cb29a7507685598aef3ae97932e92ac50441f6a65c7d065cccfb4ca664e4e97ea23db9e12f662104f2897e0f286df63e7cbd06dbceef278722ee88539a52273f3b11db4aaa70d554dbfb065500cc3c2a4c6279108f401cff646bfb21c9aed6c13d2b6ceefa70b8bf41f67210f40ef1a086709229304df6e893523f48b19c6dd857277d4354687b260d627872f12950dc3bff4b924a281c2b3f300bdc63b5c2c320f2df12a988dcfbe55f2638a7c7369423b2d3e2399782414bdd9672865eecda312308eac73240612306edc36726ba0ee2f887b99d89f8836257cdd9e86a1c30c5f5548e715533b4ac126c62378792d51005169e393cafaccfa876740cc28b85bbcea1a92118c53fa501d6ca98551cf44fc80105b6abe556a3794cdde61d80082681c2433dc0d2edb64706cb3d51257417fc22a74e4bab19f3c3087a07bcad7035a26ecb4a73a5f925adcba9b2f9c5ac4d6b7a342c48217c67a29bbeca1d35c472b383dcfd4c825fb71886fc58955ba9869d7ab458b4dada6b636d6a5772a6b65bd640132358412c83afc2f5663024d330562dba31b4b609c4d37b37fb02e5eca27be629ba46c758760ba9767afe2f205339a531dcf99de4f81305dbc10c753dcbacfa215c5cf520693c3e76626a3c831d4bae10408602c4adaa051f07cddc873592c254cf344341ccded84941dc74a3a659699dfd47404ba11815dc37d6a66dd0e677de9496cf0ee5ed47381ac57a54bd51da5b513d103bf3a935460feb9665920fd3736b8c6377c4dd820f9a5ac6f61cc656ff2bd9dd77de31babce510629237a0798f48078d6a6096aad99e98261b363fdd165b8f7f6f9539ca6d10ce0b91d6f4bbf1b986d210b7511ccda8f4e33a06695adf5904a84e5b03bfeae14114fde7407faa1a79b9cc63e97396d84db0227462b10f034be0641a0c035d488e7060e40ca1d72a06089205cb297b03382d324f1c8b756ad7462cc3722d732450bf6c4bbf279fa195b9dedb6b23f9e9b2acfbad5dd52a6f52458973a985ef12d04293aa9b8f0279bcad1026251df64957a9188780240c7dec5f8272d8ba3bfe049f9595866b1226da4325abc751bda36e6bc920a4c8b07517d81bec7b60cd9707a0ac77c63ca18e919e3442e06d9d6ccafa785e19c870fc6410c5ce92b76b79b78a8beb7054c8545f8e8a8a4b93f14378e673974d3fb3ccf8b45c13d70bb79b2a1de1ead8e9ff2e20ce24706b0463c22dc25b59d7fa729d9edd768a032e03ea29fc09bbc9ac989f2cf15f9661cefd3b06b62bf909e8cdf5c693ac906b647b5285bee5c4e22dfb82a8440511e5b6b5570e3abdcb5f40ce1f4b827034a089f39938fd9fe6d2f889c2ec37fd45496f850980f9460ac5747f537b6f244248d67b6b906908d1ee71f983b07ec938359feb2037a372ead755c0b62fc672e4a15c19f92f444c946daadf534444d68e1b4f343a2d25f3ce3ab7480cc3be3b39b0a312ca19ab36751ac5250d6b3742572af2c237d48abdf725d77d2891554bdf4700746a4952300b206e97a43fa5dda3a6dbf847ee5b31e4540e521095aa30a39f28cac8eae5b7590e2bd3499b06994a5a0f267c167edb33c4333a3c3f5cc2cea6b2144f5993556a2d4b65ff0016a1540c12c95db01f19d011c8d8727da4cf90511eb40e9e98edcc739830d58331f4423a44031378a1f425a2f8898b0218da3fdc53c783639f10b28751fa54f25c39c1506e31e77c72030841b2528d6b3b9201043450c71e7ee187896f8ff90d48d20eb6dfaec81cb2dd6b83fd7545631499d63b93e7799097877f8caf80c7bfc1cb3d0d1d5f512762946820e214b799700749bb8f7385fa9a70b3f5da58ddc5a29aa75da98dc5771559944b44347752f4aaebdc1a05937a68355987275039d5a17c70fd3e49cc1462d9b02f2deb8304c217b55de2dafde783f0b75067352c53ba56f7f45dcc3834b3055b22bfa1ea22b6f315aa28a72d1cc2f6a16f66c1cbdb749ea33c431ede4ad2f16e329e47c90fc6e5330b788c80e83c0a8a24da1d3700072e1b2342612cf511303b0b27642989e044cb4df2df2e315a8ccd0ea227a95a278846434016f446bef9e8acf9ee993168e63cf054585a", &(0x7f0000001a00)="2dcdb5d9517f7ecad2f4cf0270577d4a78ea6f5665558db9d83d73313134870277c0997e801d8a69257f8cf0ebf5b44d62e6c05acecc492ff66cc700b6984fc7486661a9a400ee97b651b94199f47e41a43628752ed44ceae5e37dd8151d2e7fe6480645c8e4f51b2ce08ac83a3c36ed520dae47de800047861dcd1638791160f6465b0f8030"}}, &(0x7f0000001b00)=<r8=>0x0)
timer_delete(r8)
setrlimit(0x9, &(0x7f0000001b40)={0x0, 0x3})

32.556751397s ago: executing program 1 (id=1343):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x1, 0xff}, 0x8)
sendfile(r3, r4, 0x0, 0x1)
write$cgroup_int(r4, &(0x7f0000000040)=0x7, 0x12)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x800000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

32.556665264s ago: executing program 1 (id=1344):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000001a80)=0x5, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0xfe800000}, 0x1c)

32.541191952s ago: executing program 1 (id=1346):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'macvtap0\x00', {0x2, 0x4e23, @rand_addr=0x64010100}})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r1, 0x8949, &(0x7f0000000000))
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001f", 0x0, 0x100, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

29.282147818s ago: executing program 1 (id=1355):
r0 = semget(0x3, 0x0, 0x403)
semctl$GETVAL(r0, 0x2, 0xc, &(0x7f0000000000)=""/185)
semctl$IPC_RMID(r0, 0x0, 0x0)
semctl$GETNCNT(r0, 0x1, 0xe, &(0x7f00000000c0)=""/151)
r1 = semget(0x3, 0x375346be3f90772, 0x240)
semctl$GETNCNT(r1, 0x2, 0xe, &(0x7f0000000180)=""/52)
semctl$SEM_STAT(r1, 0x1, 0x12, &(0x7f00000001c0)=""/153)
semget(0x0, 0x1, 0x200)
semget(0x0, 0x0, 0x8)

29.27970734s ago: executing program 1 (id=1358):
r0 = getpid()
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000280)={{0xffffffffffffffff, 0x3, 0xe, 0x1, 0x8001}})
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080))
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000140)="3751f02b82f73ccfc7c431617753f5732f765c975ebce8947e5388c4ff26fa3893119fd147a1576d9456136ab5f15493d175754e4b666e989869d01d418adc376ca22d8077c1b54bea92b5977a41d70ebcc4735ce6c012a5fe5ab7fef98e864216699a235d615ded3292397894b34a794bc14a2edfdc6978c0c97bcb02de69264d", 0x81}, {&(0x7f0000000200)="d0f2c13a3028c25f419badebc5eba629dffd4c836f512ca2b57abe2b67a6665aedfeaa392d738e830b94958751bc4b3721b5f33c04933169a3c1dfb5534eee", 0x3f}, {&(0x7f0000000440)="da", 0x1}], 0x3)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000740)="54ac030f99afc1ba1eb47ce715a85099f6796a06eac80c6dc1b4978e1dcba045cd97255419b8c3254d0e0af73b857edce63fe034773cbe4dbc80ab8d70ba416551f35351f2a4f5b3b7d51a005fd9e70e26c61479e2f438b940f478c6455530028c9dd7e7c8ac2d101594e2e93a172a7718f77dc605cdfe96dc70994bee230d483dc4dc3e28d5bb75c3abb3dde5e1b8028a0722b9a1e842e3076699ce888299d076928a58bc951041c9233414a08db3928ac1381a9abc199a758e5a80687bcc3b16cbf518cea2883dba236c38668d71cc03a36dc3f4b352013155bf59c3f160ea5778ae1ac5", 0xe5}, {&(0x7f0000000680)="3e00b13c72e981d71167510c4a267d568a7f7d78da5ddca0a56a887672790a1b87aa221e723be3fb7fcac2d8839606ea830353942ff9da7adcde748b8b148346a8fb0af106572fb72fe376ba7435d85580d2", 0x52}, {&(0x7f0000000040)="bf4d14d516c3d60296", 0x9}, {&(0x7f0000000a00)="ab120da200b0bef376b252c8b0d9faa257bcf18615efd72268652414333c2ac026c5faaf4479a02e5ef7b064d5f0d333ac27d2f7d8f05fa08168fce222c344ff765ba2a1447dc844ed9b9acff30944", 0x4f}, {&(0x7f0000000a80)="2a4fbb53d80ab7148d79dc4174c3d07df86753abb575be8cfd227453cca5228a4dbe095c2d286333d813b630103368e6953f30fcdb5937c70de043293f9476db81bc677bdb18b2eee0f9f7776f092207a4ca3b0d34b12df8575b2e548b5f", 0x5e}, {&(0x7f0000001740)="75a183df33ad4b45a344b698513a01a8e2afd77aa87c0aa2274d19ecc17e2872b175df592d9634da1183e546751775e91674dc68e1513e61953f44df84fa3d296aef0d6a68c8c8b70a73ce6d8e2c734347596ca08917a8a4d3de0f2fca31e3b554d2e6046af6864c028a6af7af1f3fd19ad6aee5508d6e4fed20a0fedf58b5e2c64f89463854b2106927fb3ee13da4625775b5d79f80b6df38a0707fc4aa03cc5de3a9cfbb973e8e3fc4a7c11af7c9bd0337c97a9f1e31f682b29681683b97c24e985537524da654aa4f856961880cc464e8807525a62a39a6124d0d81cdb4d4b94c793a9f3676f0e39bb9ecea4753c062756a05e23a6b8fc93bdb7fd6a2f09027640b84c73c85b5ec6c701dae94df74be28340da06bc8e501bcdf2b27acba6924aeeaed469e95d944af8bd4102db68eff2341e3fd9a5a298d6385179c357039da765e34e1906b044c909182e03636af13ebc71fd2bad512dd87ca59ec0ba54da023f9110b118d1a1eddf996d9ec4f55f138ce66cf2dcf09e20974edfb02b36eca74508bc4c418fa63716749faea4abb39f607b92aae0f2745417d7c118200ad21a58a8aed6357b876ad34bf2bd7b8a6cc0da19d466ee9073e18bf4a19d6e94fd2f20eece20443452abedc56a72d364607c73984954afe0a2a9a23b916885b039d554821f78da20d5b69574c83dc6f56183715bd273ad045e4ede096b64871a37cb64d74bcf6c7e56c0aaf9e50549b58e3d21a8142543aa7294039153f38e19e7d1b565c71d344db9b32cd12940e42f99a208a44250eab761c6dee1f4bebae72f67afe5995eb7b532105d38e39a3d93b74e8ab1061d9e8c732a01cf14db467ac5196cbfacc1dff785793201c93eeb487fc779ea28e15b3b56838caba14015e01cad091fbfc0408e18cc84fea0571eccae2a7dd32dc0326ad3aa850ec433713b4aa47606f82f265199a14ae0ca884c548078d4613a195072a9685dcfef10e8c0c79b3120c94ccbaeb91a8106e6958a7832581d85e7950543166cbbdbcaf5c0ffd96900e71d9475a673225d804f7bbeab279522ce7a1ad6ddaaecce91bf787a8cd39c206d05565c8100a8baefa8e7f0675da4630ec93eeed4997028c18dae717e9f138096dcfe9a8e5f7afaa9a9e4bfd4687fe907b029c0ceaeee93f4edf49e2fb46135a297a9bfe8e11d55ad9679eac11e76080e094007b458efc85aa312934009f806c734de78ed433a2beca852d2826d585a36b669502013536bf48c94e57d835e764e54024eff864f30cdae8cb905e240cb38f95572e964512dfec1f75aac64041dbbec34807733ecb2b30237ae726a07266322a570543a1656e9b174ed2666c009f51252fb02608901bb6eb40637d444719e23963d59df406960c711dc772f8760d9c22924bb8a2cd14b7a6f91749f39d4a381fe86fa0a9b0a2e987f8680c5804dd1a4af865e387e28b15f3af2d75dbdb604c3e3e6d0728cad5c8d078ced867e83212f1d634170873593345102e1eb02abd9fb7cef4d3801a68c023f94f9a9ccf208709a5aa68544535c32b4f9ffb335cd181644be1e27cf16c1021d94128c735d53dd75be5e7503e9bd5fecd8117d3ba02afc7888fb8156cb8fd0367cba6422be2153faa709e34024954560b48f1f9bf2c8af3ec9a0c66531357c6973d87d92266487b11aa4f9b18a1188ff9b11eafec513d97ab1039145abd78e48b2638bd6b6d334f2ad05dd6c2810289ccd5cedd0ba32e66d8e4185ed24b30b74a412e4ed64215e74244626544f19b7d5de7aa19d5a9e99f49408560f2ba58efbaadc290530dcc2b850109b558bc4b6e4d40709a9e177faf5223fc6864e17d2380bca629ede7f419f92affaf39383f2077fbf45a4047ac6246089ae2c5300890550dc4afbe9b96e7123626f9581f5f7b0dacc8edc9b6c134767f58343d612c4ad31dd9be392c26e72d5bec6d2aecfb90274e1c6ef722692bc4a47ceadc5775bd15b67250dc27d199706d8767bf07564901ae52a5d3a6e5b14c945f877450299d39078f0553e9a626f17bace2c12c7af672a825e85902fa49f656394c21c2d341c4fa519f1c5f9f25258043dcd22543a50db1fbbe61d7d3c8522c0593960a4a50e1a40bb642f0e35255d1490c6bad33fb48a9653a0166d86d15d8897444301111282428ebf5936c32a7bc7f508b23ddd2d7e14e35f786372431c8a26e23f3d39940b3ad7039ef3dae60782b8c841accbe87fe01ed42d02157ee961f054545aa5ce8eaf36b67dc6a3eadfeaa68f77dd701a89f0162f9f7bb7e56b2dfd69b42a757e41a04cccae301ba9a5a073bc05254dc7849f8b41e866b65543484b643f3bc735e00b605a00914405fdcadf043109c86eb33679c0d7bde9f8d43eda2d07f2a4f999b4a21c55aaf8a5bb4e8a5bd377b793d353aebd6d44ef208d3f79d4ed24e53389b705bbe97d9552edea678e7f6c1a0c3dbcd0ba1cc2727b5de95b095d029ab70b3f427a176177d39f06007ddea615598d29dcbe2cce3d0ec61389c1fc274ca39d08288a14ae1ea176574a2165cc00ac247d4143d332b1742e0d0da0e040868f9109ebaa22ad662f58e9f64f0267c9f6e0f90b8136856159378d7fed7b4d217ffb64cd83058b7639c51fc64f7e0c308439203c914517cb37e335f9d224f6d91af6b2f546fc622408060683792e6b1f49854b4a2e4499254dd97c36b1c3d76d5991e72e69b139f659054e3beef8214346f535bf64c4c6c5a48fabf73204ba0f294b0e22638a462f0d5b33c46c22ffb37fc618813d8878f2609b4e92606ea824f9616f37318fdbc7b4df441228a4a6276a15409677d27c29efaabc882cf5db3d657362ca932726597953c4555b7eb192a59c359c7cd862763129978d45806889a5c28d8f1b489f2d44b9844f9c999b9e6735fb8dc8a9b93d74051b29565e99e840414e6f074dc59519886bda2ff51a9151af5ceff9175f3288efa22356f3a765d447ac6d3a8f7bbace7dd8542ac0bb01ac065f14d3e09c5cc3b25c6409408f2eb2c6b7df95d8084236ffd84ebc100224473fda027dba7ea540923cf8c2b6680f1a745c5ee9221f8f2cd09234785e9fbfed39a0cb4b6bc6b8efcaf59290399defc1e63bec3d3b68b1a58f362b6f0f84c49919512dc1ef322b9a3b58ad8896987e051002e53f6da412a8010efa9795bc6fa998eca12fa836311b0d2ab841546bec1765759aa719267217aa79c0b936ce39f0abfd33a251112f2da83de15d5e13bb3c6a4e51e227d118318fb3e350bd47fc5cf9613afc6037cfaa8423692cc17ecf181e4ba767364f0c2b5e7c9998c268a6260d11f87bc9b040e2f2d36527329fc1ac90e1c7076a9f32c19ee02ff20d0900f30e245a99f8bc7a80e1f7aa50520d6e9eb42ed92981ff3dc32afc8dc9d5512b5320080ba2d8898c60440d792efc9681b5412b74351b10adfe2a888bfb2a706ef0138fdd956e8378c6ba407fbfc5700fbb51f723d0d6e2007dff813510ac7a1228e212cd2144f690a4db89085065d89fcb4c1ea82a24134a3190ced1dbf3a5d203506a3139c892e1fc1447c0be7f0305f190c7465269ae9f36594909a07297a2d15d24da6f7deecb01c391abd56335e774fede50bde8802e8a617c9a045d01937154fb8bda6b2a41a370221451f8e2415dbc30a2bac827fc9efe964c1dd2e8d8e468b4c389e3502eb6e7d6a98f73ffce1988c7b52fa2232994a7483ed3e8d5456de22d6eaf69e0c05c591c25b06a96bed3709d4f932926012415219433ebe074a48a31f782d2bf6342de4452dc63cda17c918f1f49786d9304cc2e3d7e499de8310231249b844da98da04def7fa29054b69c70ba6d011941f69f1e6b307ac72c061a66db046d23b5b2da538a859fcb2ce8d0b1b89529873d908d1a3518528a2fdf954e8c52a8c953ec6e89818833f2c0565faf43535957cfb28e58c01f5e3ee03fa26c02b229128e5a2bfbd9434e5269891d395205c82f945a37ff00bb5a37cf00c61c904ff0142a69d30f0530acdb16b3844a2af98e8dc252b27ac9ba0e688bda4a5d605af10942f9c9a6e7a079bf004e6a035bdca06577c930a88fd04dadf07a06cc6a1640c140d1c298a58cf7a401afac341f9670721250103c6ce2f866f3a834ab89afdae8d085578e5e55b2bb0892e031a92dc1eeeac1bf77ed153509e3ae8e9a0ae909b94085e83145601e1b4a8922d9388f2ac71f387dd04ffc88a38362eae70ab3197b9a33ee396ebd4de965d034f3805d03aaf6d0bf682d6fd6cb1e4cf0ec64812eb5f7819e064921bee44f60fb1983a77346c77e64ea84bc08a2e2d3d63d34a1e6d21e8a030e18859f5dea3236d63ce99429908ddb510c85bd507b4babea6aa70c68c47fd3404f7693f9f31b2f7e46b4534a45bb28a4daf8e67ede671db573f38c6079e69a733938bd146a1c9180bfc9f9803f9c42d3475a481c905d733462c9cb7b673b6aec7df3163522ef48677a52a66f5ba25e6cad029e8b2556ab281e8ab0c2259282349e65c539c4afe8e76651d7c787cf2ba39c214e9baf7147a3bb9c8de095c29858f7511503137c7643b9ad0c335df7de17053e3553792cb68178a26ffb2368549380aa93377703f02a8a33e92aafbf55827d5aadb28de0122c76630c66edc5150234812d8837bfdc0025eceeb1bac3afcb8482cf971551a21fb517e52cc477cc546a274c5d597f44909a35cb38c8ad986e3e835ccb63f49901eaaa0d49ec7ae165e69c40da495c0d647f942e4a09518a1868a1f0b3c99869abc0ef8da726a444ba2d1efbb6c52e065118dd5b5c23083f5a9287679d541c88a442d8ec87ea5b982c1685bca1a5ad86c54a3af95fc5af2a7b97c83ae535f90bd8a77a66c0d92eb163ad59dda53ea990d6119d088314e80d4bee9cde51140f0d4932675b1ac15176034405d04eea0974a3806bf205b9d67b2839350f057d2a38e06a0a7e5d0510907393fce237032550d617e924825b33a4c186890186efbbbf79da551cb9aff73da3d82015a6456e11cb5a4841f728ad3d0227798b0136c649e6f92fa63f37a2f4f53b929e0a20382adaaeefdf046532480c50e2cadfb044565f43b3b1656cb6e7072b8c6cb29ba8f8295eee54f41a9bd31ec5cd576f273a3871e59e4a25cb9757d34a17964024c4b1ed53443655159b9ec97625c1ee9aab6b3b02ffbf69d6260647e021e551df8ae2c58dd7027d05b5bc94a1c3e627fd4187f16c5693cdcfa8ef79e23bb23df06567429cfac4bc8bf1d39c6c83c8ac0c4c6f14d9ae0d7269af6b36749bb1487da59fcd132be78ab70424bd5d9c2270ac5d4de77d4bd7694114b2e92b4f7a21e4c581b3430069ca0f638d4d862288078dbe4d7f50d8ab5a14dd6833275bb2c636c8a315dba21ca488cbaac9d516cbb5179d11dd57d838e7b9c10634533c7cae7dbd09f3940552f42715ba0a2360f60726d6c9937d0eeaf27cb9d5c8b6e41a41d3a06ed0832cde6114c2395451c93efaa2bdd56e8c6b5532c93fae079fe3459f1f033a6e6ed45ff4e96b62dc5609aebb91c6d476f54860faccd1fff8f0c2831b5ddf3bf570ce2888177e9434db4ced4956788ccd6f8b20eee7f71b9330f2ae2f840aa607859a909d1f59b1482be2ef8bc65a1138322aa1eb50c0bc00ab584a9dda129d77f224fa307aa909fdbdec390554f649d2a5ffb3c1e64f203b430a3dc81e3322981266abad086b904ab15624a01ae09e392da9d132f8b0c72a9753d7b6b12e846f1c595bc032121946d005acd6d54411d57d26ccde05fedeeecfb565a5ce9c30923", 0x1000}, {&(0x7f0000000b00)="2be34f93f796231f9c8a69d73fe02526814c7995df715a8093c87bce18ca1813626117b6c41c86b09fd832a3935afd68e5842661184677f8468c4892fb6de528ddff641c5712af47c5558ea339e05039797de60ae6ef403def3bca18356c44cc63d04ee40dbbb92436fb43e7fa93233953f0e75cfb1480f88f24e91ebabb47f3b8acb05e1509851d559cc7c9ba5cfb06c34772d0b6fb22314408837647c687fb786ef9a22366d36d549354d9077a19ed06670f0fa2fa33e189037bbd7a9a86cb98792d3c20f39323b1996249eeeb6347b55f7e572767384250582333b33e", 0xde}, {&(0x7f0000000400)}, {&(0x7f0000000c80)="3be600fd3f310335e1d19dbc57fad589de2914e2a7c6501250164b173e22abc2c7ae22602030c73adde10b31f07711e147ee38416bf5a59d07467dc51dba2051f808f1d35b77a070dba37fba6139e54a2b8049ea1d2a0a905eb42446f59f31c4b28402c97117a91d107efb61c4ed63aa4f1fdc972396f5c7e38f0f93aad51d8840f650b3ab5bd502e9241c6b97012cd9534f60d75f3ce94b1ac879358577852c788f042b246c7bd2e46f0f7487b28d2a5d4962770e8942adb6ff5c4a9c7a74383050e6db4eb250f2cacdd634c9976e88af4b", 0xd2}], 0x9, &(0x7f0000000e00)=ANY=[@ANYBLOB="1800000001000000020000005147a6d5523710fe1eef77a4562d335ae094693aae747844eddf", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="140000000100000001000000", @ANYRES32=r1, @ANYRES32], 0x44, 0x8000}}], 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r1}, 0x8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f0000000480)='%pK    \x00'}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0c000000b10e0000020000000400000005000000", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fbffffffffffffff00000000000900"/28], 0x50)
r5 = socket(0x1, 0x4, 0x10001)
socket$unix(0x1, 0x2, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56441, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xfff9, 0x3}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000070000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtfilter={0x5c, 0x2c, 0xd27, 0x30bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {}, {0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x4, 0x4, 0x100}, [@TCA_EM_META_HDR={0xc, 0x1, {{0xf000, 0x1, 0x2}, {0xffff, 0x8, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x81}}]}]}}]}, 0x5c}}, 0x2008c014)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000400)=r2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000001c000000000018110000", @ANYRES32=r4, @ANYBLOB="00000000000000007b8af8ff00000000bf1f00000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000e5ef52046e4ed994fd507a10dd369dcafc6a7d753cf0e4cf50a4b4f78b747f6f5a8d245911b50d412ea981097e6229fa9b5c11ea578af46d1646142f89f967be8d57f16eed460af1543149541e85ad9e6fa36ee1ffcc3c205e62f34aeedf569e7632c2078539f01b31fac9b88b65b2bbf94e8b60e76cd21be3fd7eb8ddd218f1224188ca1c025ec03d4a2e125e38ca2d5b697d4fa407f748085df7e15a70ac32af883257dbab5db90000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102382, 0xfffffffffffffdab)

21.710483634s ago: executing program 5 (id=1387):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
rt_sigaction(0x19, &(0x7f00000000c0)={&(0x7f0000000080)="366465f029144d00000081f30fc27f5e06ae0d0fd82e2e460f01d626f00994aff7000000c4c1796f960600000040cd00c4e2f1453c99f340a56544ca0c00", 0x84000004, 0x0}, 0x0, 0x8, &(0x7f0000000000))
ftruncate(r0, 0x3292e291)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10)

21.709859359s ago: executing program 5 (id=1388):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
sendto$inet(r0, 0x0, 0x0, 0x24000f3d, &(0x7f0000e68000)={0x2, 0x4e23, @multicast1}, 0x13)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0x3, 0xc}, {0xfff3, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x1}, @TCA_CAKE_MPU={0x8, 0xe, 0xc3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0xb, &(0x7f0000000100)=0x3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x12, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023"], 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg2\x00', <r7=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x9c, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_PEERS={0x54, 0x8, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "2767b524f45e9dfaf001c414581741c92349c3b6661d9864680582bd184ef1a6"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r7}]}, 0x9c}}, 0x0)
listen(r4, 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc)

20.44036633s ago: executing program 5 (id=1394):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="100000000100000101000000", @ANYRES32=r1], 0x10}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x24, 0x0, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x28b}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)
close(0x3)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xd, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xd70}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getpeername$packet(0xffffffffffffffff, &(0x7f00000042c0), 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0x10, 0x3, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x2c}}, 0x0)

20.340602875s ago: executing program 5 (id=1395):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a200000ff000a010300000000000000000500000009000100737905000000b300540000000309f0030000000100010000170000000900010073797a30000000002800048008000140000000011400040076657468315f766972745f77696669000800024000000000090003df47ee5195a6395a8466c31f2f3ab90b099bc1c63f982089840fe093c2d28317dee86b2b68dcd08fc1d7c27b28450c815169b9f62f3782578533e5ff08a6bb89353f825dcb08b633d73bd5eaaeb6085d055e4c557cfd0ba10ddf87da3d7605d5dcc7b20644f416b30557a762bcfa9a38bb32ac7bbad2feb6492f9d786dfd17a9ec287092dc7d7d0e99af46db77ba5d376a06f6ec081a17353b05ba2729049913aa54e0c307b4fc3333c201f6e79cf91f92047fa40dc964fce81652f441fe31d67dfbd3fe895738b2e7b4bcc8e7424f4f80e3e63e13f10caa1b6a"], 0x9c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
syz_open_dev$MSR(&(0x7f0000000000), 0x7fffffff, 0x0)

20.047505653s ago: executing program 5 (id=1396):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
rt_sigaction(0x19, &(0x7f00000000c0)={&(0x7f0000000080)="366465f029144d00000081f30fc27f5e06ae0d0fd82e2e460f01d626f00994aff7000000c4c1796f960600000040cd00c4e2f1453c99f340a56544ca0c00", 0x84000004, 0x0}, 0x0, 0x8, &(0x7f0000000000))
ftruncate(r0, 0x3292e291)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10)

20.047228933s ago: executing program 5 (id=1397):
ioperm(0x284, 0x7f, 0xe3)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0xc0384707, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000280)=[{0x3, 0x5, 0xf0, 0x80000}, {0x5, 0x8, 0xd, 0x8}, {0x9, 0x85, 0x3, 0x200}]})
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
socket$inet(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

19.569613947s ago: executing program 4 (id=1398):
modify_ldt$write(0x1, &(0x7f0000000080)={0xb}, 0x10)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ptrace(0x10, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYBLOB="1808000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b88f8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

19.569349072s ago: executing program 4 (id=1399):
openat$sr(0xffffff9c, &(0x7f00000000c0), 0x46001, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000240)={0x0})
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r2, 0x9, 0x0, 0x30, 0x0, @in6={0x1b, 0x4e23, 0x2, @empty, 0x1}, @ib={0x1b, 0xfff, 0xcf3, {"cb5e6f51e5c7e54b670c143e8fa27113"}, 0xffff, 0x6, 0x3}}}, 0x118)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10)

17.860410341s ago: executing program 4 (id=1400):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ptrace(0x10, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYBLOB="1808000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b88", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000080)={&(0x7f00000000c0)=""/120, 0x78})

17.860047352s ago: executing program 4 (id=1401):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000015000100000000000000080005000300080001001c"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x2000c080)

17.770726831s ago: executing program 4 (id=1402):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xe, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
io_cancel(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x4, 0x1000, 0xffffffffffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000011424203"], 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b02be5e8", 0x427}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x28}}, 0x0)

17.010458034s ago: executing program 4 (id=1403):
socket$nl_crypto(0x10, 0x3, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000fef000/0x1000)=nil})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newtaction={0x120, 0x30, 0x2, 0x0, 0x0, {}, [{0x10c, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9b, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0xc4, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x7d, 0x6, "ed0657f7a28b2d6552a6d8024f8b01c85e71580f09710fb93ae5d262d8c361fd30cb11477c7a1963c98828358580ca2703b6914334d19ae6b02871818d3a6eb4a2b107d75e9ddd7acfaa5d65c48efdf59dfd39a8f5eb28ac346b7871c92f6bfb0c214e79e4be13866d715fc8a0e423adc214da1afb6f7e535d"}, {0xc}, {0xc}}}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x1, 0x1, 0x0, "adbdeec74e9e4aea00000000000000a902552f08cefca462dda36c7451f8e500"})
ioctl$TCFLSH(r4, 0x400455c8, 0x4)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
close(r4)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
r8 = socket(0x1e, 0x4, 0x0)
connect$tipc(r8, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r8, r3, 0x0, 0x8010002b)

13.957678512s ago: executing program 34 (id=1358):
r0 = getpid()
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000280)={{0xffffffffffffffff, 0x3, 0xe, 0x1, 0x8001}})
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080))
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000140)="3751f02b82f73ccfc7c431617753f5732f765c975ebce8947e5388c4ff26fa3893119fd147a1576d9456136ab5f15493d175754e4b666e989869d01d418adc376ca22d8077c1b54bea92b5977a41d70ebcc4735ce6c012a5fe5ab7fef98e864216699a235d615ded3292397894b34a794bc14a2edfdc6978c0c97bcb02de69264d", 0x81}, {&(0x7f0000000200)="d0f2c13a3028c25f419badebc5eba629dffd4c836f512ca2b57abe2b67a6665aedfeaa392d738e830b94958751bc4b3721b5f33c04933169a3c1dfb5534eee", 0x3f}, {&(0x7f0000000440)="da", 0x1}], 0x3)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000740)="54ac030f99afc1ba1eb47ce715a85099f6796a06eac80c6dc1b4978e1dcba045cd97255419b8c3254d0e0af73b857edce63fe034773cbe4dbc80ab8d70ba416551f35351f2a4f5b3b7d51a005fd9e70e26c61479e2f438b940f478c6455530028c9dd7e7c8ac2d101594e2e93a172a7718f77dc605cdfe96dc70994bee230d483dc4dc3e28d5bb75c3abb3dde5e1b8028a0722b9a1e842e3076699ce888299d076928a58bc951041c9233414a08db3928ac1381a9abc199a758e5a80687bcc3b16cbf518cea2883dba236c38668d71cc03a36dc3f4b352013155bf59c3f160ea5778ae1ac5", 0xe5}, {&(0x7f0000000680)="3e00b13c72e981d71167510c4a267d568a7f7d78da5ddca0a56a887672790a1b87aa221e723be3fb7fcac2d8839606ea830353942ff9da7adcde748b8b148346a8fb0af106572fb72fe376ba7435d85580d2", 0x52}, {&(0x7f0000000040)="bf4d14d516c3d60296", 0x9}, {&(0x7f0000000a00)="ab120da200b0bef376b252c8b0d9faa257bcf18615efd72268652414333c2ac026c5faaf4479a02e5ef7b064d5f0d333ac27d2f7d8f05fa08168fce222c344ff765ba2a1447dc844ed9b9acff30944", 0x4f}, {&(0x7f0000000a80)="2a4fbb53d80ab7148d79dc4174c3d07df86753abb575be8cfd227453cca5228a4dbe095c2d286333d813b630103368e6953f30fcdb5937c70de043293f9476db81bc677bdb18b2eee0f9f7776f092207a4ca3b0d34b12df8575b2e548b5f", 0x5e}, {&(0x7f0000001740)="75a183df33ad4b45a344b698513a01a8e2afd77aa87c0aa2274d19ecc17e2872b175df592d9634da1183e546751775e91674dc68e1513e61953f44df84fa3d296aef0d6a68c8c8b70a73ce6d8e2c734347596ca08917a8a4d3de0f2fca31e3b554d2e6046af6864c028a6af7af1f3fd19ad6aee5508d6e4fed20a0fedf58b5e2c64f89463854b2106927fb3ee13da4625775b5d79f80b6df38a0707fc4aa03cc5de3a9cfbb973e8e3fc4a7c11af7c9bd0337c97a9f1e31f682b29681683b97c24e985537524da654aa4f856961880cc464e8807525a62a39a6124d0d81cdb4d4b94c793a9f3676f0e39bb9ecea4753c062756a05e23a6b8fc93bdb7fd6a2f09027640b84c73c85b5ec6c701dae94df74be28340da06bc8e501bcdf2b27acba6924aeeaed469e95d944af8bd4102db68eff2341e3fd9a5a298d6385179c357039da765e34e1906b044c909182e03636af13ebc71fd2bad512dd87ca59ec0ba54da023f9110b118d1a1eddf996d9ec4f55f138ce66cf2dcf09e20974edfb02b36eca74508bc4c418fa63716749faea4abb39f607b92aae0f2745417d7c118200ad21a58a8aed6357b876ad34bf2bd7b8a6cc0da19d466ee9073e18bf4a19d6e94fd2f20eece20443452abedc56a72d364607c73984954afe0a2a9a23b916885b039d554821f78da20d5b69574c83dc6f56183715bd273ad045e4ede096b64871a37cb64d74bcf6c7e56c0aaf9e50549b58e3d21a8142543aa7294039153f38e19e7d1b565c71d344db9b32cd12940e42f99a208a44250eab761c6dee1f4bebae72f67afe5995eb7b532105d38e39a3d93b74e8ab1061d9e8c732a01cf14db467ac5196cbfacc1dff785793201c93eeb487fc779ea28e15b3b56838caba14015e01cad091fbfc0408e18cc84fea0571eccae2a7dd32dc0326ad3aa850ec433713b4aa47606f82f265199a14ae0ca884c548078d4613a195072a9685dcfef10e8c0c79b3120c94ccbaeb91a8106e6958a7832581d85e7950543166cbbdbcaf5c0ffd96900e71d9475a673225d804f7bbeab279522ce7a1ad6ddaaecce91bf787a8cd39c206d05565c8100a8baefa8e7f0675da4630ec93eeed4997028c18dae717e9f138096dcfe9a8e5f7afaa9a9e4bfd4687fe907b029c0ceaeee93f4edf49e2fb46135a297a9bfe8e11d55ad9679eac11e76080e094007b458efc85aa312934009f806c734de78ed433a2beca852d2826d585a36b669502013536bf48c94e57d835e764e54024eff864f30cdae8cb905e240cb38f95572e964512dfec1f75aac64041dbbec34807733ecb2b30237ae726a07266322a570543a1656e9b174ed2666c009f51252fb02608901bb6eb40637d444719e23963d59df406960c711dc772f8760d9c22924bb8a2cd14b7a6f91749f39d4a381fe86fa0a9b0a2e987f8680c5804dd1a4af865e387e28b15f3af2d75dbdb604c3e3e6d0728cad5c8d078ced867e83212f1d634170873593345102e1eb02abd9fb7cef4d3801a68c023f94f9a9ccf208709a5aa68544535c32b4f9ffb335cd181644be1e27cf16c1021d94128c735d53dd75be5e7503e9bd5fecd8117d3ba02afc7888fb8156cb8fd0367cba6422be2153faa709e34024954560b48f1f9bf2c8af3ec9a0c66531357c6973d87d92266487b11aa4f9b18a1188ff9b11eafec513d97ab1039145abd78e48b2638bd6b6d334f2ad05dd6c2810289ccd5cedd0ba32e66d8e4185ed24b30b74a412e4ed64215e74244626544f19b7d5de7aa19d5a9e99f49408560f2ba58efbaadc290530dcc2b850109b558bc4b6e4d40709a9e177faf5223fc6864e17d2380bca629ede7f419f92affaf39383f2077fbf45a4047ac6246089ae2c5300890550dc4afbe9b96e7123626f9581f5f7b0dacc8edc9b6c134767f58343d612c4ad31dd9be392c26e72d5bec6d2aecfb90274e1c6ef722692bc4a47ceadc5775bd15b67250dc27d199706d8767bf07564901ae52a5d3a6e5b14c945f877450299d39078f0553e9a626f17bace2c12c7af672a825e85902fa49f656394c21c2d341c4fa519f1c5f9f25258043dcd22543a50db1fbbe61d7d3c8522c0593960a4a50e1a40bb642f0e35255d1490c6bad33fb48a9653a0166d86d15d8897444301111282428ebf5936c32a7bc7f508b23ddd2d7e14e35f786372431c8a26e23f3d39940b3ad7039ef3dae60782b8c841accbe87fe01ed42d02157ee961f054545aa5ce8eaf36b67dc6a3eadfeaa68f77dd701a89f0162f9f7bb7e56b2dfd69b42a757e41a04cccae301ba9a5a073bc05254dc7849f8b41e866b65543484b643f3bc735e00b605a00914405fdcadf043109c86eb33679c0d7bde9f8d43eda2d07f2a4f999b4a21c55aaf8a5bb4e8a5bd377b793d353aebd6d44ef208d3f79d4ed24e53389b705bbe97d9552edea678e7f6c1a0c3dbcd0ba1cc2727b5de95b095d029ab70b3f427a176177d39f06007ddea615598d29dcbe2cce3d0ec61389c1fc274ca39d08288a14ae1ea176574a2165cc00ac247d4143d332b1742e0d0da0e040868f9109ebaa22ad662f58e9f64f0267c9f6e0f90b8136856159378d7fed7b4d217ffb64cd83058b7639c51fc64f7e0c308439203c914517cb37e335f9d224f6d91af6b2f546fc622408060683792e6b1f49854b4a2e4499254dd97c36b1c3d76d5991e72e69b139f659054e3beef8214346f535bf64c4c6c5a48fabf73204ba0f294b0e22638a462f0d5b33c46c22ffb37fc618813d8878f2609b4e92606ea824f9616f37318fdbc7b4df441228a4a6276a15409677d27c29efaabc882cf5db3d657362ca932726597953c4555b7eb192a59c359c7cd862763129978d45806889a5c28d8f1b489f2d44b9844f9c999b9e6735fb8dc8a9b93d74051b29565e99e840414e6f074dc59519886bda2ff51a9151af5ceff9175f3288efa22356f3a765d447ac6d3a8f7bbace7dd8542ac0bb01ac065f14d3e09c5cc3b25c6409408f2eb2c6b7df95d8084236ffd84ebc100224473fda027dba7ea540923cf8c2b6680f1a745c5ee9221f8f2cd09234785e9fbfed39a0cb4b6bc6b8efcaf59290399defc1e63bec3d3b68b1a58f362b6f0f84c49919512dc1ef322b9a3b58ad8896987e051002e53f6da412a8010efa9795bc6fa998eca12fa836311b0d2ab841546bec1765759aa719267217aa79c0b936ce39f0abfd33a251112f2da83de15d5e13bb3c6a4e51e227d118318fb3e350bd47fc5cf9613afc6037cfaa8423692cc17ecf181e4ba767364f0c2b5e7c9998c268a6260d11f87bc9b040e2f2d36527329fc1ac90e1c7076a9f32c19ee02ff20d0900f30e245a99f8bc7a80e1f7aa50520d6e9eb42ed92981ff3dc32afc8dc9d5512b5320080ba2d8898c60440d792efc9681b5412b74351b10adfe2a888bfb2a706ef0138fdd956e8378c6ba407fbfc5700fbb51f723d0d6e2007dff813510ac7a1228e212cd2144f690a4db89085065d89fcb4c1ea82a24134a3190ced1dbf3a5d203506a3139c892e1fc1447c0be7f0305f190c7465269ae9f36594909a07297a2d15d24da6f7deecb01c391abd56335e774fede50bde8802e8a617c9a045d01937154fb8bda6b2a41a370221451f8e2415dbc30a2bac827fc9efe964c1dd2e8d8e468b4c389e3502eb6e7d6a98f73ffce1988c7b52fa2232994a7483ed3e8d5456de22d6eaf69e0c05c591c25b06a96bed3709d4f932926012415219433ebe074a48a31f782d2bf6342de4452dc63cda17c918f1f49786d9304cc2e3d7e499de8310231249b844da98da04def7fa29054b69c70ba6d011941f69f1e6b307ac72c061a66db046d23b5b2da538a859fcb2ce8d0b1b89529873d908d1a3518528a2fdf954e8c52a8c953ec6e89818833f2c0565faf43535957cfb28e58c01f5e3ee03fa26c02b229128e5a2bfbd9434e5269891d395205c82f945a37ff00bb5a37cf00c61c904ff0142a69d30f0530acdb16b3844a2af98e8dc252b27ac9ba0e688bda4a5d605af10942f9c9a6e7a079bf004e6a035bdca06577c930a88fd04dadf07a06cc6a1640c140d1c298a58cf7a401afac341f9670721250103c6ce2f866f3a834ab89afdae8d085578e5e55b2bb0892e031a92dc1eeeac1bf77ed153509e3ae8e9a0ae909b94085e83145601e1b4a8922d9388f2ac71f387dd04ffc88a38362eae70ab3197b9a33ee396ebd4de965d034f3805d03aaf6d0bf682d6fd6cb1e4cf0ec64812eb5f7819e064921bee44f60fb1983a77346c77e64ea84bc08a2e2d3d63d34a1e6d21e8a030e18859f5dea3236d63ce99429908ddb510c85bd507b4babea6aa70c68c47fd3404f7693f9f31b2f7e46b4534a45bb28a4daf8e67ede671db573f38c6079e69a733938bd146a1c9180bfc9f9803f9c42d3475a481c905d733462c9cb7b673b6aec7df3163522ef48677a52a66f5ba25e6cad029e8b2556ab281e8ab0c2259282349e65c539c4afe8e76651d7c787cf2ba39c214e9baf7147a3bb9c8de095c29858f7511503137c7643b9ad0c335df7de17053e3553792cb68178a26ffb2368549380aa93377703f02a8a33e92aafbf55827d5aadb28de0122c76630c66edc5150234812d8837bfdc0025eceeb1bac3afcb8482cf971551a21fb517e52cc477cc546a274c5d597f44909a35cb38c8ad986e3e835ccb63f49901eaaa0d49ec7ae165e69c40da495c0d647f942e4a09518a1868a1f0b3c99869abc0ef8da726a444ba2d1efbb6c52e065118dd5b5c23083f5a9287679d541c88a442d8ec87ea5b982c1685bca1a5ad86c54a3af95fc5af2a7b97c83ae535f90bd8a77a66c0d92eb163ad59dda53ea990d6119d088314e80d4bee9cde51140f0d4932675b1ac15176034405d04eea0974a3806bf205b9d67b2839350f057d2a38e06a0a7e5d0510907393fce237032550d617e924825b33a4c186890186efbbbf79da551cb9aff73da3d82015a6456e11cb5a4841f728ad3d0227798b0136c649e6f92fa63f37a2f4f53b929e0a20382adaaeefdf046532480c50e2cadfb044565f43b3b1656cb6e7072b8c6cb29ba8f8295eee54f41a9bd31ec5cd576f273a3871e59e4a25cb9757d34a17964024c4b1ed53443655159b9ec97625c1ee9aab6b3b02ffbf69d6260647e021e551df8ae2c58dd7027d05b5bc94a1c3e627fd4187f16c5693cdcfa8ef79e23bb23df06567429cfac4bc8bf1d39c6c83c8ac0c4c6f14d9ae0d7269af6b36749bb1487da59fcd132be78ab70424bd5d9c2270ac5d4de77d4bd7694114b2e92b4f7a21e4c581b3430069ca0f638d4d862288078dbe4d7f50d8ab5a14dd6833275bb2c636c8a315dba21ca488cbaac9d516cbb5179d11dd57d838e7b9c10634533c7cae7dbd09f3940552f42715ba0a2360f60726d6c9937d0eeaf27cb9d5c8b6e41a41d3a06ed0832cde6114c2395451c93efaa2bdd56e8c6b5532c93fae079fe3459f1f033a6e6ed45ff4e96b62dc5609aebb91c6d476f54860faccd1fff8f0c2831b5ddf3bf570ce2888177e9434db4ced4956788ccd6f8b20eee7f71b9330f2ae2f840aa607859a909d1f59b1482be2ef8bc65a1138322aa1eb50c0bc00ab584a9dda129d77f224fa307aa909fdbdec390554f649d2a5ffb3c1e64f203b430a3dc81e3322981266abad086b904ab15624a01ae09e392da9d132f8b0c72a9753d7b6b12e846f1c595bc032121946d005acd6d54411d57d26ccde05fedeeecfb565a5ce9c30923", 0x1000}, {&(0x7f0000000b00)="2be34f93f796231f9c8a69d73fe02526814c7995df715a8093c87bce18ca1813626117b6c41c86b09fd832a3935afd68e5842661184677f8468c4892fb6de528ddff641c5712af47c5558ea339e05039797de60ae6ef403def3bca18356c44cc63d04ee40dbbb92436fb43e7fa93233953f0e75cfb1480f88f24e91ebabb47f3b8acb05e1509851d559cc7c9ba5cfb06c34772d0b6fb22314408837647c687fb786ef9a22366d36d549354d9077a19ed06670f0fa2fa33e189037bbd7a9a86cb98792d3c20f39323b1996249eeeb6347b55f7e572767384250582333b33e", 0xde}, {&(0x7f0000000400)}, {&(0x7f0000000c80)="3be600fd3f310335e1d19dbc57fad589de2914e2a7c6501250164b173e22abc2c7ae22602030c73adde10b31f07711e147ee38416bf5a59d07467dc51dba2051f808f1d35b77a070dba37fba6139e54a2b8049ea1d2a0a905eb42446f59f31c4b28402c97117a91d107efb61c4ed63aa4f1fdc972396f5c7e38f0f93aad51d8840f650b3ab5bd502e9241c6b97012cd9534f60d75f3ce94b1ac879358577852c788f042b246c7bd2e46f0f7487b28d2a5d4962770e8942adb6ff5c4a9c7a74383050e6db4eb250f2cacdd634c9976e88af4b", 0xd2}], 0x9, &(0x7f0000000e00)=ANY=[@ANYBLOB="1800000001000000020000005147a6d5523710fe1eef77a4562d335ae094693aae747844eddf", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="140000000100000001000000", @ANYRES32=r1, @ANYRES32], 0x44, 0x8000}}], 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r1}, 0x8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{0xffffffffffffffff, <r3=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f0000000480)='%pK    \x00'}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0c000000b10e0000020000000400000005000000", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fbffffffffffffff00000000000900"/28], 0x50)
r5 = socket(0x1, 0x4, 0x10001)
socket$unix(0x1, 0x2, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56441, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xfff9, 0x3}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000070000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtfilter={0x5c, 0x2c, 0xd27, 0x30bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {}, {0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x4, 0x4, 0x100}, [@TCA_EM_META_HDR={0xc, 0x1, {{0xf000, 0x1, 0x2}, {0xffff, 0x8, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x81}}]}]}}]}, 0x5c}}, 0x2008c014)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000400)=r2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000001c000000000018110000", @ANYRES32=r4, @ANYBLOB="00000000000000007b8af8ff00000000bf1f00000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000e5ef52046e4ed994fd507a10dd369dcafc6a7d753cf0e4cf50a4b4f78b747f6f5a8d245911b50d412ea981097e6229fa9b5c11ea578af46d1646142f89f967be8d57f16eed460af1543149541e85ad9e6fa36ee1ffcc3c205e62f34aeedf569e7632c2078539f01b31fac9b88b65b2bbf94e8b60e76cd21be3fd7eb8ddd218f1224188ca1c025ec03d4a2e125e38ca2d5b697d4fa407f748085df7e15a70ac32af883257dbab5db90000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRESDEC], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0xb, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102382, 0xfffffffffffffdab)

8.646059083s ago: executing program 0 (id=1409):
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
sendfile(r0, r0, 0x0, 0x8)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000380)='./bus\x00')
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e1a0d011b0001cfffffffffff0003fd0408050006aaaaaaddc3daa1"], 0x1d)
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
memfd_secret(0x0)
io_submit(r1, 0x0, &(0x7f00000002c0))

8.090626575s ago: executing program 0 (id=1410):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000000d06010100000000000000006269746d61703a69702c6d6163000000050001000700000005000500"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4004050)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000)=0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r5, r4, 0x0, 0x20000023893)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r6, 0x2285, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000400)={0xf0f016, 0x2})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d320987f70e06d038e7ff7fc6e5539b3247298b089b070d366e090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
mkdir(&(0x7f0000000400)='./file0\x00', 0x33)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00'})
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="71756f74612c0076803d1ef1e21d15ecae5550b872972cd5fd8e642f1e64ccb6bbcfe6ba65a7cf4fdbc772c2977e319ff8f2cc885c06cc0d16a110373fa6cff7b62d0d527d078b3154bfe4913a1a66b19475a0a4d0c5831d8f2c3697d547a24e519af5b610225e5ed819cdd7c1676f08c149c1769b8d66861e3aeddb1cfbce19e76c1b822025d12ad2d4c98f62c117e2b3a0681f7893eeef0f20e8f7c2f8a903b3d0a783c57a9c7ac98e6c5543386319ed2da8a82aeae272314d630385666757fd0b0f29af1a8170ad7173"])

6.451885848s ago: executing program 0 (id=1411):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xe, 0x4, 0x8, 0x8, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$can_bcm(0x1d, 0x2, 0x2)
io_submit(0x0, 0x0, 0x0)
io_cancel(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x4, 0x1000, 0xffffffffffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000011424203"], 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c14498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b02be5e8", 0x427}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x28}}, 0x0)

5.070651911s ago: executing program 0 (id=1412):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000023000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000080)="0fbaf914f380fff50f20d86635080000000f22d80f20610f0966b9800000c00f326635000800000f309a03002001660f3880193ef2ae", 0x36}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
pipe2(&(0x7f00000003c0), 0x0)
r4 = getpid()
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x7, &(0x7f0000000180), 0x4)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000200), 0x98100, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x1, 0x2080)
r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0xf46359406b7d878a)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
r8 = syz_io_uring_setup(0x38ff, &(0x7f0000000240)={0x0, 0x963e, 0x0, 0x0, 0x1bb}, &(0x7f0000000180)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
inotify_init1(0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r6})
io_uring_enter(r8, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r11 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
close(r11)
r12 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r12, &(0x7f00000000c0)=ANY=[@ANYBLOB="746172676574205043493ada9631623a31353a31342e313400"], 0x17)
socket$packet(0x11, 0x2, 0x300)

4.059432496s ago: executing program 35 (id=1397):
ioperm(0x284, 0x7f, 0xe3)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0xc0384707, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8f9d20000000000001000000200000500"})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000280)=[{0x3, 0x5, 0xf0, 0x80000}, {0x5, 0x8, 0xd, 0x8}, {0x9, 0x85, 0x3, 0x200}]})
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
socket$inet(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

1.943384433s ago: executing program 36 (id=1403):
socket$nl_crypto(0x10, 0x3, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000fef000/0x1000)=nil})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newtaction={0x120, 0x30, 0x2, 0x0, 0x0, {}, [{0x10c, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9b, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0xc4, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x7d, 0x6, "ed0657f7a28b2d6552a6d8024f8b01c85e71580f09710fb93ae5d262d8c361fd30cb11477c7a1963c98828358580ca2703b6914334d19ae6b02871818d3a6eb4a2b107d75e9ddd7acfaa5d65c48efdf59dfd39a8f5eb28ac346b7871c92f6bfb0c214e79e4be13866d715fc8a0e423adc214da1afb6f7e535d"}, {0xc}, {0xc}}}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x1, 0x1, 0x0, "adbdeec74e9e4aea00000000000000a902552f08cefca462dda36c7451f8e500"})
ioctl$TCFLSH(r4, 0x400455c8, 0x4)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
close(r4)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
r8 = socket(0x1e, 0x4, 0x0)
connect$tipc(r8, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r8, r3, 0x0, 0x8010002b)

1.049244836s ago: executing program 0 (id=1415):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000140)=0xf7e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000080), &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@newtaction={0x48, 0x30, 0x0, 0x10000, 0x0, {0x9}, [{0x34, 0x1, [@m_police={0x30, 0x1d, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x1, [[]]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x48}}, 0x44010)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000190a0102"], 0x14}}, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r4, 0xc, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
write(r10, &(0x7f0000000240)="94", 0x1)
vmsplice(r11, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0xc4}], 0x1, 0x0)
tee(r9, r11, 0x8f5, 0x100000000000000)

0s ago: executing program 0 (id=1416):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = shmget(0x3, 0x2000, 0x1, &(0x7f0000ffe000/0x2000)=nil)
shmctl$IPC_RMID(r1, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_DEV(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x15a11}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r4}, @IFLA_HSR_SLAVE1={0x8, 0x1, r6}]}}}]}, 0x40}}, 0x44)
syz_emit_ethernet(0x22, &(0x7f0000000380)={@multicast, @empty, @void, {@ipv4={0x88fb, @generic={{0x5, 0x4, 0x1, 0x16, 0x14, 0x64, 0x0, 0x2, 0x6c, 0x0, @broadcast, @multicast2}}}}}, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'security\x00', 0x3, [{}, {}, {}]}, 0x54)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@getchain={0x54, 0x66, 0x4, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0xffff, 0xfff2}, {0xffe0, 0xfff1}, {0xd, 0xd}}, [{0x8, 0xb, 0x1}, {0x8}, {0x8, 0xb, 0xc}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0xb}, {0x8}]}, 0x54}}, 0x40)
r10 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r10}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
readv(r11, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

kernel console output (not intermixed with test programs):

  176.939502][ T9066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.939507][ T9066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  176.939519][ T9066]  </TASK>
[  177.107268][ T6027] usb usb5-port1: unable to enumerate USB device
[  177.877812][ T9083] input: syz0 as /devices/virtual/input/input14
[  177.942838][ T9083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.825'.
[  178.828377][ T9103] FAULT_INJECTION: forcing a failure.
[  178.828377][ T9103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.833768][ T9103] CPU: 3 UID: 0 PID: 9103 Comm: syz.3.830 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  178.833790][ T9103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.833800][ T9103] Call Trace:
[  178.833806][ T9103]  <TASK>
[  178.833811][ T9103]  dump_stack_lvl+0x16c/0x1f0
[  178.833838][ T9103]  should_fail_ex+0x512/0x640
[  178.833860][ T9103]  _copy_to_iter+0x2a4/0x15a0
[  178.833881][ T9103]  ? chacha_block_generic+0x189/0x260
[  178.833900][ T9103]  ? __pfx__copy_to_iter+0x10/0x10
[  178.833922][ T9103]  ? lockdep_hardirqs_on+0x7c/0x110
[  178.833944][ T9103]  ? crng_make_state+0x48e/0x6d0
[  178.833964][ T9103]  get_random_bytes_user+0x17f/0x3c0
[  178.833984][ T9103]  ? __pfx_get_random_bytes_user+0x10/0x10
[  178.834008][ T9103]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  178.834037][ T9103]  ? import_ubuf+0x1b6/0x220
[  178.834056][ T9103]  __ia32_sys_getrandom+0x186/0x2b0
[  178.834077][ T9103]  ? __pfx___ia32_sys_getrandom+0x10/0x10
[  178.834096][ T9103]  ? fput+0x70/0xf0
[  178.834117][ T9103]  ? rcu_is_watching+0x12/0xc0
[  178.834141][ T9103]  __do_fast_syscall_32+0x73/0x120
[  178.834166][ T9103]  do_fast_syscall_32+0x32/0x80
[  178.834189][ T9103]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.834209][ T9103] RIP: 0023:0xf7f62579
[  178.834228][ T9103] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.834244][ T9103] RSP: 002b:00000000f506555c EFLAGS: 00000296 ORIG_RAX: 0000000000000163
[  178.834260][ T9103] RAX: ffffffffffffffda RBX: 0000000080000240 RCX: 00000000ffffff9a
[  178.834270][ T9103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  178.834279][ T9103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.834288][ T9103] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.834297][ T9103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.834318][ T9103]  </TASK>
[  179.110126][ T9108] netlink: 36 bytes leftover after parsing attributes in process `syz.3.832'.
[  181.136085][ T9157] 8021q: adding VLAN 0 to HW filter on device bond9
[  181.197110][ T9161] netlink: 36 bytes leftover after parsing attributes in process `syz.3.846'.
[  182.005251][ T9172] syzkaller1: entered promiscuous mode
[  182.006920][ T9172] syzkaller1: entered allmulticast mode
[  182.180400][ T9183] bridge0: port 1(syz_tun) entered blocking state
[  182.182924][ T9183] bridge0: port 1(syz_tun) entered disabled state
[  182.185803][ T9183] syz_tun: entered allmulticast mode
[  182.189642][ T9183] syz_tun: entered promiscuous mode
[  182.438593][ T9188] mac80211_hwsim hwsim3 
: renamed from wlan1
[  182.816816][ T9199] netlink: 8 bytes leftover after parsing attributes in process `syz.0.856'.
[  184.889414][ T9268] hub 6-0:1.0: USB hub found
[  184.891556][ T9268] hub 6-0:1.0: 1 port detected
[  185.601845][ T9274] netlink: 'syz.1.876': attribute type 1 has an invalid length.
[  185.632518][ T9274] bond14: entered promiscuous mode
[  185.635093][ T9274] bond14: entered allmulticast mode
[  185.923112][ T5988] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  186.075571][ T5988] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  186.079220][ T5988] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  186.082410][ T5988] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  186.085636][ T5988] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  186.089403][ T5988] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  186.091995][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.097222][ T5988] usb 8-1: config 0 descriptor??
[  186.100718][ T9276] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  186.509034][ T5988] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd
[  186.513496][ T5988] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  186.522300][ T5988] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  186.983563][ T9327] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  187.865962][   T34] usb 8-1: reset high-speed USB device number 13 using dummy_hcd
[  187.904291][   T40] audit: type=1800 audit(1744003870.831:87): pid=9342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.893" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  187.910637][   T40] audit: type=1326 audit(1744003870.841:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  187.912485][ T9344] FAULT_INJECTION: forcing a failure.
[  187.912485][ T9344] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.917002][   T40] audit: type=1326 audit(1744003870.841:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=161 compat=1 ip=0xf748e579 code=0x7ffc0000
[  187.923146][ T9344] CPU: 2 UID: 0 PID: 9344 Comm: syz.0.895 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  187.923166][ T9344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  187.923175][ T9344] Call Trace:
[  187.923181][ T9344]  <TASK>
[  187.923187][ T9344]  dump_stack_lvl+0x16c/0x1f0
[  187.923213][ T9344]  should_fail_ex+0x512/0x640
[  187.923234][ T9344]  _copy_from_iter+0x2a4/0x15b0
[  187.923258][ T9344]  ? alloc_pages_mpol+0x25a/0x550
[  187.923272][ T9344]  ? __pfx__copy_from_iter+0x10/0x10
[  187.923289][ T9344]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  187.923302][ T9344]  ? __kmalloc_noprof+0x242/0x510
[  187.923333][ T9344]  af_alg_sendmsg+0x10dc/0x2920
[  187.923366][ T9344]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  187.923389][ T9344]  ? find_held_lock+0x2b/0x80
[  187.923410][ T9344]  ? skcipher_check_key.isra.0+0x78/0x1e0
[  187.923435][ T9344]  ? rcu_is_watching+0x12/0xc0
[  187.923460][ T9344]  ? __local_bh_enable_ip+0xa4/0x120
[  187.923481][ T9344]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.923501][ T9344]  ? skcipher_check_key.isra.0+0x78/0x1e0
[  187.923524][ T9344]  ? __local_bh_enable_ip+0xa4/0x120
[  187.923547][ T9344]  skcipher_sendmsg_nokey+0x12c/0x190
[  187.923569][ T9344]  __sys_sendto+0x495/0x510
[  187.923590][ T9344]  ? __pfx___sys_sendto+0x10/0x10
[  187.923627][ T9344]  ? ksys_write+0x1b9/0x240
[  187.923648][ T9344]  ? __pfx_ksys_write+0x10/0x10
[  187.923671][ T9344]  __ia32_sys_sendto+0xdd/0x1b0
[  187.923689][ T9344]  ? lockdep_hardirqs_on+0x7c/0x110
[  187.923709][ T9344]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  187.923730][ T9344]  __do_fast_syscall_32+0x73/0x120
[  187.923754][ T9344]  do_fast_syscall_32+0x32/0x80
[  187.923777][ T9344]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  187.923796][ T9344] RIP: 0023:0xf7f36579
[  187.923809][ T9344] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  187.923824][ T9344] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  187.923839][ T9344] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  187.923849][ T9344] RDX: 00000000ffffff9d RSI: 0000000000000000 RDI: 0000000000000000
[  187.923857][ T9344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  187.923866][ T9344] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  187.923875][ T9344] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  187.923913][ T9344]  </TASK>
[  187.999535][   T40] audit: type=1326 audit(1744003870.841:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.006494][   T40] audit: type=1326 audit(1744003870.841:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.012214][   T40] audit: type=1326 audit(1744003870.841:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.018572][   T40] audit: type=1326 audit(1744003870.841:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.025382][   T40] audit: type=1326 audit(1744003870.841:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.031743][   T40] audit: type=1326 audit(1744003870.841:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.038873][   T40] audit: type=1326 audit(1744003870.841:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9340 comm="syz.2.894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  188.129764][ T5951] Bluetooth: hci1: connection err: -111
[  188.514661][ T9356] FAULT_INJECTION: forcing a failure.
[  188.514661][ T9356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  188.518533][ T9356] CPU: 2 UID: 0 PID: 9356 Comm: syz.0.899 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  188.518549][ T9356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  188.518555][ T9356] Call Trace:
[  188.518559][ T9356]  <TASK>
[  188.518563][ T9356]  dump_stack_lvl+0x16c/0x1f0
[  188.518580][ T9356]  should_fail_ex+0x512/0x640
[  188.518594][ T9356]  _copy_from_user+0x2e/0xd0
[  188.518607][ T9356]  copy_from_buffer+0x7f/0xc0
[  188.518618][ T9356]  copy_uabi_to_xstate+0x3c5/0x670
[  188.518631][ T9356]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  188.518644][ T9356]  ? __fpu_restore_sig+0xa79/0x13a0
[  188.518652][ T9356]  ? rcu_is_watching+0x12/0xc0
[  188.518664][ T9356]  ? __local_bh_enable_ip+0xa4/0x120
[  188.518679][ T9356]  __fpu_restore_sig+0xfdc/0x13a0
[  188.518689][ T9356]  ? __lock_acquire+0xaa4/0x1ba0
[  188.518698][ T9356]  ? __pfx___fpu_restore_sig+0x10/0x10
[  188.518714][ T9356]  ? __might_fault+0xe3/0x190
[  188.518728][ T9356]  ? __might_fault+0x13b/0x190
[  188.518745][ T9356]  fpu__restore_sig+0x115/0x190
[  188.518755][ T9356]  ia32_restore_sigcontext+0x44a/0x630
[  188.518767][ T9356]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  188.518781][ T9356]  ? rcu_is_watching+0x12/0xc0
[  188.518792][ T9356]  ? _raw_spin_unlock_irq+0x23/0x50
[  188.518804][ T9356]  ? lockdep_hardirqs_on+0x7c/0x110
[  188.518819][ T9356]  __do_compat_sys_rt_sigreturn+0x120/0x1f0
[  188.518830][ T9356]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  188.518843][ T9356]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  188.518856][ T9356]  do_int80_emulation+0x104/0x200
[  188.518871][ T9356]  asm_int80_emulation+0x1a/0x20
[  188.518880][ T9356] RIP: 0023:0xf7f36577
[  188.518888][ T9356] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  188.518898][ T9356] RSP: 002b:00000000f505655c EFLAGS: 00000296
[  188.518906][ T9356] RAX: 00000000000000b4 RBX: 0000000000000003 RCX: 0000000000000000
[  188.518912][ T9356] RDX: 0000000000000000 RSI: 0000000000000ce2 RDI: 0000000000000000
[  188.518917][ T9356] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  188.518922][ T9356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.518928][ T9356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  188.518939][ T9356]  </TASK>
[  188.638903][ T9358] futex_wake_op: syz.3.900 tries to shift op by -1; fix this program
[  188.826245][ T9366] input: syz0 as /devices/virtual/input/input16
[  189.163178][ T9385] sp0: Synchronizing with TNC
[  189.202910][ T9386] 8021q: adding VLAN 0 to HW filter on device bond15
[  189.248938][ T9391] netlink: 72 bytes leftover after parsing attributes in process `syz.0.908'.
[  189.409540][ T1339] usb 8-1: USB disconnect, device number 13
[  189.592927][ T9393] netlink: 36 bytes leftover after parsing attributes in process `syz.3.909'.
[  190.312795][ T9419] can: request_module (can-proto-5) failed.
[  190.407822][ T9422] syz_tun: entered allmulticast mode
[  190.716276][ T9429] netlink: 8 bytes leftover after parsing attributes in process `syz.3.918'.
[  190.748170][ T9431] netlink: 36 bytes leftover after parsing attributes in process `syz.3.919'.
[  191.495722][ T9450] 8021q: adding VLAN 0 to HW filter on device bond16
[  191.973439][ T9460] netlink: 36 bytes leftover after parsing attributes in process `syz.1.926'.
[  193.379203][ T9427] syz_tun: left allmulticast mode
[  193.459261][ T9479] netlink: 'syz.2.933': attribute type 1 has an invalid length.
[  193.486762][ T9479] 8021q: adding VLAN 0 to HW filter on device bond10
[  193.625431][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  193.677023][ T9495] ubi31: detaching mtd0
[  193.697460][ T9495] ubi31: mtd0 is detached
[  194.349753][ T9505] netlink: 36 bytes leftover after parsing attributes in process `syz.1.938'.
[  194.444461][ T9507] loop6: detected capacity change from 0 to 524287999
[  194.448776][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.452519][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.456499][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.460110][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.463987][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.466612][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.469396][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.472857][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.476091][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.478972][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.482386][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.485816][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.488993][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.492372][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.513926][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.517451][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.520534][ T9507] ldm_validate_partition_table(): Disk read failed.
[  194.532471][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.536045][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.540205][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.543721][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  194.548559][ T9507] Dev loop6: unable to read RDB block 0
[  194.551611][ T9507]  loop6: unable to read partition table
[  194.555208][ T9507] loop_reread_partitions: partition scan of loop6 (ÿŸ¾‚³˜±Ä6�tPΪŔ±³×AÝÁ¬8ï*V^ñè3c) failed (rc=-5)
[  194.794675][ T9512] block nbd3: NBD_DISCONNECT
[  194.796687][ T9512] block nbd3: Send disconnect failed -22
[  194.836965][ T9506] block nbd3: Disconnected due to user request.
[  194.839417][ T9506] block nbd3: shutting down sockets
[  195.354003][ T9531] batman_adv: batadv0: Adding interface: dummy0
[  195.355864][ T9531] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.363982][ T9531] batman_adv: batadv0: Interface activated: dummy0
[  195.387029][ T9531] batadv0: mtu less than device minimum
[  195.392794][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.396316][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.399716][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.403263][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.406627][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.409943][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.413914][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.418746][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  195.423674][ T9531] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  196.503191][ T6012] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  196.673235][ T6012] usb 8-1: Using ep0 maxpacket: 8
[  196.677339][ T6012] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  196.680350][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  196.684983][ T6012] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  196.688775][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  196.691559][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  196.695181][ T6012] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  196.697099][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  196.700117][ T6012] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  196.703112][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  196.706003][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  196.710195][ T6012] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  196.712304][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  196.716011][ T6012] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  196.716310][ T9552] syz.2.950 (9552) used greatest stack depth: 20664 bytes left
[  196.721313][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  196.724112][ T6012] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  196.730371][ T6012] usb 8-1: string descriptor 0 read error: -22
[  196.731988][ T6012] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  196.734525][ T6012] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.742633][ T6012] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  196.745561][ T9557] netlink: 32 bytes leftover after parsing attributes in process `syz.2.951'.
[  196.748954][ T9557] tipc: Invalid UDP bearer configuration
[  196.748994][ T9557] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  196.795957][ T9559] netlink: 36 bytes leftover after parsing attributes in process `syz.2.952'.
[  197.712474][ T9574] fuse: Unknown parameter '׈söœ¤tÏ'
[  198.958312][ T9597] hugetlbfs: Bad value for 'mode'
[  199.295699][ T6012] usb 8-1: USB disconnect, device number 14
[  199.541661][ T9608] 8021q: adding VLAN 0 to HW filter on device bond15
[  200.176518][ T9618] wireguard0: entered promiscuous mode
[  200.178822][ T9618] wireguard0: entered allmulticast mode
[  200.346564][ T9622] fuse: Unknown parameter ''
[  200.348943][ T9622] No control pipe specified
[  200.377740][   T40] kauditd_printk_skb: 39 callbacks suppressed
[  200.377750][   T40] audit: type=1326 audit(1744003883.311:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.3.968" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x0
[  200.613397][ T1339] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  200.774355][ T1339] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  200.777454][ T1339] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  200.781177][ T1339] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  200.784670][ T1339] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  200.787673][ T1339] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  200.791963][ T1339] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  200.794661][ T1339] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  200.796833][ T1339] usb 6-1: Product: syz
[  200.798011][ T1339] usb 6-1: Manufacturer: syz
[  200.804257][ T1339] cdc_wdm 6-1:1.0: skipping garbage
[  200.805760][ T1339] cdc_wdm 6-1:1.0: skipping garbage
[  200.809020][ T1339] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  200.810759][ T1339] cdc_wdm 6-1:1.0: Unknown control protocol
[  201.009639][    C3] raw-gadget.0 gadget.1: ignoring, device is not running
[  201.011968][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  201.013913][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  201.015763][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  201.017622][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  201.019559][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  201.021395][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  201.023268][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  201.025094][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  201.026909][ T1339] usb 6-1: USB disconnect, device number 10
[  201.028933][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  201.028949][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  201.028961][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  201.769568][ T9642] FAULT_INJECTION: forcing a failure.
[  201.769568][ T9642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.773345][ T9642] CPU: 3 UID: 0 PID: 9642 Comm: syz.2.973 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  201.773358][ T9642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.773364][ T9642] Call Trace:
[  201.773367][ T9642]  <TASK>
[  201.773371][ T9642]  dump_stack_lvl+0x16c/0x1f0
[  201.773388][ T9642]  should_fail_ex+0x512/0x640
[  201.773403][ T9642]  strncpy_from_user+0x3b/0x2e0
[  201.773414][ T9642]  __do_sys_add_key+0xce/0x470
[  201.773430][ T9642]  ? __pfx___do_sys_add_key+0x10/0x10
[  201.773443][ T9642]  ? ksys_write+0x1b9/0x240
[  201.773459][ T9642]  ? rcu_is_watching+0x12/0xc0
[  201.773473][ T9642]  __do_fast_syscall_32+0x73/0x120
[  201.773488][ T9642]  do_fast_syscall_32+0x32/0x80
[  201.773502][ T9642]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  201.773513][ T9642] RIP: 0023:0xf748e579
[  201.773521][ T9642] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  201.773530][ T9642] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  201.773539][ T9642] RAX: ffffffffffffffda RBX: 0000000080000080 RCX: 0000000080000100
[  201.773545][ T9642] RDX: 0000000080000140 RSI: 0000000000000001 RDI: 000000003410bcf7
[  201.773551][ T9642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  201.773556][ T9642] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  201.773561][ T9642] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  201.773573][ T9642]  </TASK>
[  201.981548][   T40] audit: type=1326 audit(1744003884.911:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  201.989718][   T40] audit: type=1326 audit(1744003884.911:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  201.998055][   T40] audit: type=1326 audit(1744003884.911:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.010684][   T40] audit: type=1326 audit(1744003884.911:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.019040][   T40] audit: type=1326 audit(1744003884.911:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.033276][   T40] audit: type=1326 audit(1744003884.931:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.041178][   T40] audit: type=1326 audit(1744003884.931:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.053188][   T40] audit: type=1326 audit(1744003884.931:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  202.055707][ T9651] 8021q: adding VLAN 0 to HW filter on device bond17
[  202.061151][   T40] audit: type=1326 audit(1744003884.931:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9652 comm="syz.2.976" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf748e579 code=0x7ffc0000
[  203.273251][ T5988] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  203.403951][ T5988] usb 7-1: device descriptor read/64, error -71
[  203.643409][ T5988] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  203.773140][ T5988] usb 7-1: device descriptor read/64, error -71
[  203.884472][ T5988] usb usb7-port1: attempt power cycle
[  204.193638][ T9681] netlink: 28 bytes leftover after parsing attributes in process `syz.0.983'.
[  204.223127][ T5988] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  204.243978][ T5988] usb 7-1: device descriptor read/8, error -71
[  204.483120][ T5988] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  204.503519][ T5988] usb 7-1: device descriptor read/8, error -71
[  204.613303][ T5988] usb usb7-port1: unable to enumerate USB device
[  204.822447][ T9689] 8021q: adding VLAN 0 to HW filter on device bond18
[  205.360934][ T9697] syz.3.988: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  205.366848][ T9697] CPU: 0 UID: 0 PID: 9697 Comm: syz.3.988 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  205.366872][ T9697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  205.366882][ T9697] Call Trace:
[  205.366888][ T9697]  <TASK>
[  205.366895][ T9697]  dump_stack_lvl+0x16c/0x1f0
[  205.366923][ T9697]  warn_alloc+0x248/0x3a0
[  205.366948][ T9697]  ? __pfx_warn_alloc+0x10/0x10
[  205.366970][ T9697]  ? stack_depot_save_flags+0x3e6/0xa50
[  205.366996][ T9697]  ? kasan_save_stack+0x42/0x60
[  205.367015][ T9697]  ? kasan_save_stack+0x33/0x60
[  205.367035][ T9697]  ? kasan_save_track+0x14/0x30
[  205.367063][ T9697]  ? __kasan_kmalloc+0xaa/0xb0
[  205.367084][ T9697]  ? xskq_create+0x52/0x1d0
[  205.367102][ T9697]  ? do_sock_setsockopt+0x221/0x470
[  205.367124][ T9697]  ? __sys_setsockopt+0x1a0/0x230
[  205.367140][ T9697]  ? __ia32_sys_setsockopt+0xbc/0x160
[  205.367163][ T9697]  __vmalloc_node_range_noprof+0x10ea/0x1540
[  205.367191][ T9697]  ? xskq_create+0xfb/0x1d0
[  205.367214][ T9697]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  205.367241][ T9697]  ? xskq_create+0xfb/0x1d0
[  205.367260][ T9697]  vmalloc_user_noprof+0x6b/0x90
[  205.367280][ T9697]  ? xskq_create+0xfb/0x1d0
[  205.367297][ T9697]  xskq_create+0xfb/0x1d0
[  205.367317][ T9697]  xsk_setsockopt+0x640/0x840
[  205.367337][ T9697]  ? __pfx_xsk_setsockopt+0x10/0x10
[  205.367353][ T9697]  ? __pfx_aa_sk_perm+0x10/0x10
[  205.367380][ T9697]  ? __pfx_xsk_setsockopt+0x10/0x10
[  205.367398][ T9697]  do_sock_setsockopt+0x221/0x470
[  205.367419][ T9697]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  205.367456][ T9697]  __sys_setsockopt+0x1a0/0x230
[  205.367479][ T9697]  __ia32_sys_setsockopt+0xbc/0x160
[  205.367496][ T9697]  ? lockdep_hardirqs_on+0x7c/0x110
[  205.367518][ T9697]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  205.367541][ T9697]  __do_fast_syscall_32+0x73/0x120
[  205.367565][ T9697]  do_fast_syscall_32+0x32/0x80
[  205.367587][ T9697]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  205.367606][ T9697] RIP: 0023:0xf7f62579
[  205.367620][ T9697] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  205.367634][ T9697] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  205.367648][ T9697] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b
[  205.367658][ T9697] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[  205.367667][ T9697] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  205.367676][ T9697] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  205.367684][ T9697] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  205.367706][ T9697]  </TASK>
[  205.367712][ T9697] Mem-Info:
[  205.468467][ T9697] active_anon:8632 inactive_anon:28 isolated_anon:0
[  205.468467][ T9697]  active_file:9520 inactive_file:29511 isolated_file:0
[  205.468467][ T9697]  unevictable:1768 dirty:666 writeback:0
[  205.468467][ T9697]  slab_reclaimable:7737 slab_unreclaimable:59989
[  205.468467][ T9697]  mapped:24720 shmem:5289 pagetables:1429
[  205.468467][ T9697]  sec_pagetables:309 bounce:0
[  205.468467][ T9697]  kernel_misc_reclaimable:0
[  205.468467][ T9697]  free:44555 free_pcp:7340 free_cma:0
[  205.484751][ T9697] Node 0 active_anon:476kB inactive_anon:20kB active_file:1304kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2424kB dirty:1016kB writeback:0kB shmem:3616kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9704kB pagetables:1976kB sec_pagetables:1124kB all_unreclaimable? no Balloon:0kB
[  205.498800][ T9697] Node 1 active_anon:34052kB inactive_anon:92kB active_file:36776kB inactive_file:118032kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96244kB dirty:1648kB writeback:0kB shmem:17540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5560kB pagetables:3840kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  205.514185][ T9697] Node 0 DMA free:2080kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:36kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:600kB local_pcp:96kB free_cma:0kB
[  205.522157][ T9697] lowmem_reserve[]: 0 290 290 290 290
[  205.523916][ T9697] Node 0 DMA32 free:16844kB boost:0kB min:13336kB low:16668kB high:20000kB reserved_highatomic:2048KB active_anon:440kB inactive_anon:12kB active_file:1304kB inactive_file:12kB unevictable:3536kB writepending:1016kB present:1032196kB managed:297488kB mlocked:0kB bounce:0kB free_pcp:5244kB local_pcp:2852kB free_cma:0kB
[  205.532132][ T9697] lowmem_reserve[]: 0 0 0 0 0
[  205.533919][ T9697] Node 1 DMA32 free:157592kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:34052kB inactive_anon:92kB active_file:36776kB inactive_file:118032kB unevictable:3536kB writepending:1648kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:24572kB local_pcp:804kB free_cma:0kB
[  205.545421][ T9697] lowmem_reserve[]: 0 0 0 0 0
[  205.547290][ T9697] Node 0 DMA: 22*4kB (M) 13*8kB (UM) 12*16kB (UM) 7*32kB (M) 1*64kB (M) 1*128kB (M) 3*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 2080kB
[  205.552902][ T9697] Node 0 DMA32: 52*4kB (UMH) 82*8kB (UMEH) 26*16kB (UMEH) 115*32kB (UME) 75*64kB (UME) 30*128kB (UME) 16*256kB (UME) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 18720kB
[  205.559365][ T9697] Node 1 DMA32: 68*4kB (UME) 125*8kB (UME) 136*16kB (UME) 313*32kB (UME) 282*64kB (UME) 134*128kB (UME) 59*256kB (UME) 47*512kB (UM) 40*1024kB (UM) 6*2048kB (UM) 3*4096kB (U) = 153368kB
[  205.566621][ T9697] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  205.569835][ T9697] Node 0 hugepages_total=24 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  205.572412][ T9697] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  205.575254][ T9697] Node 1 hugepages_total=4294967280 hugepages_free=2 hugepages_surp=4 hugepages_size=2048kB
[  205.578299][ T9697] 44797 total pagecache pages
[  205.579626][ T9697] 477 pages in swap cache
[  205.580837][ T9697] Free swap  = 119960kB
[  205.582009][ T9697] Total swap = 124996kB
[  205.583824][ T9697] 524155 pages RAM
[  205.584911][ T9697] 0 pages HighMem/MovableOnly
[  205.586360][ T9697] 208872 pages reserved
[  205.587522][ T9697] 0 pages cma reserved
[  205.653141][  T832] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  205.803103][  T832] usb 8-1: Using ep0 maxpacket: 32
[  205.806766][  T832] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  205.810030][  T832] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  205.814098][  T832] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  205.818104][  T832] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  205.822954][  T832] usb 8-1: config 0 interface 0 has no altsetting 0
[  205.827506][  T832] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  205.830861][  T832] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  205.834143][  T832] usb 8-1: Product: syz
[  205.835716][  T832] usb 8-1: Manufacturer: syz
[  205.837422][  T832] usb 8-1: SerialNumber: syz
[  205.844656][  T832] usb 8-1: config 0 descriptor??
[  205.851607][  T832] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  205.857290][  T832] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  206.053679][  T832] usb 8-1: USB disconnect, device number 15
[  206.059295][  T832] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  207.082783][ T9725] netlink: 36 bytes leftover after parsing attributes in process `syz.3.994'.
[  208.201689][ T9740] loop0: detected capacity change from 0 to 7
[  208.214796][ T9740] Dev loop0: unable to read RDB block 7
[  208.216433][ T9740]  loop0: unable to read partition table
[  208.218468][ T9740] loop0: partition table beyond EOD, truncated
[  208.220305][ T9740] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  208.220305][ T9740] 
) failed (rc=-5)
[  208.613144][ T5949] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  208.763147][ T5949] usb 8-1: Using ep0 maxpacket: 8
[  208.767617][ T5949] usb 8-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  208.770079][ T5949] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.772493][ T5949] usb 8-1: Product: syz
[  208.776726][ T5949] usb 8-1: Manufacturer: syz
[  208.778299][ T5949] usb 8-1: SerialNumber: syz
[  208.781086][ T5949] usb 8-1: config 0 descriptor??
[  208.795712][ T5949] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  208.797990][ T5949] usb 8-1: setting power ON
[  208.799565][ T5949] dvb-usb: bulk message failed: -22 (2/0)
[  208.805999][ T5949] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  208.809354][ T5949] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  208.812148][ T5949] usb 8-1: media controller created
[  208.821999][ T5949] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  208.841374][ T5949] usb 8-1: selecting invalid altsetting 6
[  208.844476][ T5949] usb 8-1: digital interface selection failed (-22)
[  208.846783][ T5949] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  208.854048][ T5949] usb 8-1: setting power OFF
[  208.855500][ T5949] dvb-usb: bulk message failed: -22 (2/0)
[  208.857759][ T5949] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  208.860550][ T5949] (NULL device *): no alternate interface
[  208.882814][ T5949] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  208.949499][ T9735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.820586][ T9768] FAULT_INJECTION: forcing a failure.
[  209.820586][ T9768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.827166][ T9768] CPU: 0 UID: 0 PID: 9768 Comm: syz.2.1005 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  209.827192][ T9768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.827202][ T9768] Call Trace:
[  209.827207][ T9768]  <TASK>
[  209.827213][ T9768]  dump_stack_lvl+0x16c/0x1f0
[  209.827239][ T9768]  should_fail_ex+0x512/0x640
[  209.827261][ T9768]  _copy_from_iter+0x2a4/0x15b0
[  209.827282][ T9768]  ? __asan_memset+0x23/0x50
[  209.827303][ T9768]  ? __pfx__copy_from_iter+0x10/0x10
[  209.827322][ T9768]  ? __alloc_skb+0x200/0x380
[  209.827341][ T9768]  ? __pfx___alloc_skb+0x10/0x10
[  209.827358][ T9768]  ? __pfx___mutex_lock+0x10/0x10
[  209.827385][ T9768]  skb_copy_datagram_from_iter+0x124/0x740
[  209.827412][ T9768]  tun_get_user+0x17ac/0x3b10
[  209.827447][ T9768]  ? __pfx_tun_get_user+0x10/0x10
[  209.827467][ T9768]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  209.827495][ T9768]  ? find_held_lock+0x2b/0x80
[  209.827515][ T9768]  ? tun_get+0x191/0x370
[  209.827540][ T9768]  tun_chr_write_iter+0xdc/0x210
[  209.827563][ T9768]  vfs_write+0x5ba/0x1180
[  209.827585][ T9768]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  209.827608][ T9768]  ? __pfx_vfs_write+0x10/0x10
[  209.827626][ T9768]  ? find_held_lock+0x2b/0x80
[  209.827660][ T9768]  ksys_write+0x12a/0x240
[  209.827680][ T9768]  ? __pfx_ksys_write+0x10/0x10
[  209.827702][ T9768]  ? rcu_is_watching+0x12/0xc0
[  209.827724][ T9768]  __do_fast_syscall_32+0x73/0x120
[  209.827748][ T9768]  do_fast_syscall_32+0x32/0x80
[  209.827770][ T9768]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.827790][ T9768] RIP: 0023:0xf748e579
[  209.827802][ T9768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.827818][ T9768] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  209.827834][ T9768] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  209.827844][ T9768] RDX: 0000000000000072 RSI: 0000000000000000 RDI: 0000000000000000
[  209.827854][ T9768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.827863][ T9768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.827873][ T9768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.827895][ T9768]  </TASK>
[  210.253790][ T9772] netlink: 'syz.2.1006': attribute type 11 has an invalid length.
[  210.256544][ T9772] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1006'.
[  211.163279][ T6217] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  211.231362][ T1339] usb 8-1: USB disconnect, device number 16
[  211.298852][ T9786] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�z
[  211.336343][ T6217] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  211.339540][ T6217] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  211.342201][ T6217] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  211.344984][ T6217] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.350527][ T9781] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  211.354629][ T6217] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  211.382842][ T9792] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1013'.
[  212.059553][ T5949] usb 7-1: USB disconnect, device number 13
[  212.506790][ T9811] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  212.891865][ T9821] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1020'.
[  212.927198][ T9823] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1021'.
[  213.001542][ T9827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1023'.
[  213.006916][ T9829] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1024'.
[  213.163771][ T9841] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1028'.
[  213.215591][ T9846] FAULT_INJECTION: forcing a failure.
[  213.215591][ T9846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.219303][ T9846] CPU: 0 UID: 0 PID: 9846 Comm: syz.1.1028 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  213.219317][ T9846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.219323][ T9846] Call Trace:
[  213.219327][ T9846]  <TASK>
[  213.219331][ T9846]  dump_stack_lvl+0x16c/0x1f0
[  213.219348][ T9846]  should_fail_ex+0x512/0x640
[  213.219362][ T9846]  _copy_from_iter+0x2a4/0x15b0
[  213.219375][ T9846]  ? __alloc_skb+0x200/0x380
[  213.219387][ T9846]  ? __pfx__copy_from_iter+0x10/0x10
[  213.219400][ T9846]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  213.219418][ T9846]  netlink_sendmsg+0x829/0xdd0
[  213.219434][ T9846]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.219448][ T9846]  ? __import_iovec+0x1c8/0x660
[  213.219463][ T9846]  ____sys_sendmsg+0xa95/0xc70
[  213.219479][ T9846]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.219493][ T9846]  ? get_compat_msghdr+0x11a/0x170
[  213.219510][ T9846]  ___sys_sendmsg+0x134/0x1d0
[  213.219523][ T9846]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.219550][ T9846]  __sys_sendmsg+0x16d/0x220
[  213.219562][ T9846]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.219580][ T9846]  ? rcu_is_watching+0x12/0xc0
[  213.219594][ T9846]  __do_fast_syscall_32+0x73/0x120
[  213.219609][ T9846]  do_fast_syscall_32+0x32/0x80
[  213.219622][ T9846]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.219635][ T9846] RIP: 0023:0xf7f24579
[  213.219643][ T9846] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  213.219652][ T9846] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  213.219662][ T9846] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  213.219668][ T9846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  213.219673][ T9846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.219678][ T9846] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  213.219684][ T9846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.219695][ T9846]  </TASK>
[  213.319661][ T9849] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1030'.
[  213.429723][ T9855] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1031'.
[  213.537315][ T9857] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1033'.
[  214.056417][ T5949] libceph: connect (1)[c::]:6789 error -101
[  214.058853][ T5949] libceph: mon0 (1)[c::]:6789 connect error
[  214.115102][ T9882] ceph: No mds server is up or the cluster is laggy
[  214.239231][ T9889] 8021q: adding VLAN 0 to HW filter on device bond10
[  215.571943][ T9927] smc: adding net device wg1 with user defined pnetid SYZ1
[  215.794255][ T9927] ebtables: wrong size: *len 80, entries_size 144, replsz 144
[  216.210428][ T9944] fuse: Bad value for 'fd'
[  216.499929][ T9939] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  216.503440][ T9939] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  216.504112][ T9949] 8021q: adding VLAN 0 to HW filter on device bond19
[  216.505769][ T9939] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  216.509703][ T9939] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  216.647904][ T9958] __nla_validate_parse: 2 callbacks suppressed
[  216.647915][ T9958] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1057'.
[  216.652189][ T9958] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1057'.
[  216.792411][ T9961] program syz.3.1060 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.919595][ T9965] bridge_slave_0: left allmulticast mode
[  216.921290][ T9965] bridge_slave_0: left promiscuous mode
[  216.924083][ T9965] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.940217][ T9965] bridge_slave_1: left allmulticast mode
[  216.941873][ T9965] bridge_slave_1: left promiscuous mode
[  216.945729][ T9965] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.992809][ T9964] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  217.019976][ T9965] bond0: (slave bond_slave_0): Releasing backup interface
[  217.041204][ T9965] bond0: (slave bond_slave_1): Releasing backup interface
[  217.090986][ T9965] team0: Port device team_slave_0 removed
[  217.117530][ T9965] team0: Port device team_slave_1 removed
[  217.126164][ T9965] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.128581][ T9965] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.134835][ T9965] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.138647][ T9965] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.150198][ T9965] bond0: (slave netdevsim0): Releasing backup interface
[  217.421665][ T9973] syz.3.1064 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  217.500471][ T9973] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1064'.
[  217.510282][ T9973] 0·: renamed from hsr0 (while UP)
[  217.513982][ T9973] 0·: entered allmulticast mode
[  217.524569][ T9973] hsr_slave_0: entered allmulticast mode
[  217.526207][ T9973] hsr_slave_1: entered allmulticast mode
[  217.528136][ T9973] net_ratelimit: 10 callbacks suppressed
[  217.528144][ T9973] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  217.628893][ T9995] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1073'.
[  217.770328][T10000] 8021q: adding VLAN 0 to HW filter on device bond20
[  218.179657][ T9511] syz_tun (unregistering): left allmulticast mode
[  218.181482][ T9511] syz_tun (unregistering): left promiscuous mode
[  218.183727][ T9511] bridge0: port 1(syz_tun) entered disabled state
[  218.407007][ T7023] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.501661][ T7023] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.573448][ T5956] Bluetooth: hci3: command 0x0405 tx timeout
[  218.573446][ T5305] Bluetooth: hci1: command 0x0c1a tx timeout
[  218.590414][ T5305] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  218.590666][ T7023] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.595648][ T5305] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  218.596459][ T5305] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  218.600810][ T5305] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  218.603117][ T5305] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  218.725772][ T7023] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.737537][T10028] chnl_net:caif_netlink_parms(): no params data found
[  219.053232][ T5951] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  220.006528][ T7023] bond0 (unregistering): Released all slaves
[  220.071971][ T7023] bond1 (unregistering): Released all slaves
[  220.131180][ T7023] bond2 (unregistering): Released all slaves
[  220.199447][ T7023] bond3 (unregistering): Released all slaves
[  220.263631][ T7023] bond4 (unregistering): Released all slaves
[  220.337051][ T7023] bond5 (unregistering): Released all slaves
[  220.401539][ T7023] bond6 (unregistering): Released all slaves
[  220.461859][ T7023] bond7 (unregistering): Released all slaves
[  220.470867][ T7023] bond8 (unregistering): Released all slaves
[  220.531926][ T7023] bond9 (unregistering): Released all slaves
[  220.597555][ T7023] bond10 (unregistering): Released all slaves
[  220.660285][ T7023] bond11 (unregistering): Released all slaves
[  220.663314][ T5951] Bluetooth: hci2: command tx timeout
[  220.722986][ T7023] bond12 (unregistering): Released all slaves
[  220.785922][ T7023] bond13 (unregistering): Released all slaves
[  220.851917][ T7023] bond14 (unregistering): Released all slaves
[  220.920409][ T7023] bond15 (unregistering): Released all slaves
[  220.955605][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1089'.
[  220.960802][T10051] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  221.121288][T10028] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.126710][T10028] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.128731][T10028] bridge_slave_0: entered allmulticast mode
[  221.131277][T10028] bridge_slave_0: entered promiscuous mode
[  221.142814][T10028] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.145558][T10028] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.147544][T10028] bridge_slave_1: entered allmulticast mode
[  221.149955][T10028] bridge_slave_1: entered promiscuous mode
[  221.227685][T10028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.244468][T10028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.287902][T10028] team0: Port device team_slave_0 added
[  221.291838][T10028] team0: Port device team_slave_1 added
[  221.347582][ T7023] hsr_slave_0: left promiscuous mode
[  221.349983][ T7023] hsr_slave_1: left promiscuous mode
[  221.372915][ T7023] veth1_macvtap: left promiscuous mode
[  221.375686][ T7023] veth0_macvtap: left promiscuous mode
[  221.378569][ T7023] veth1_vlan: left promiscuous mode
[  222.114564][T10095] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1100'.
[  222.687137][T10028] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.689789][T10028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.700025][T10028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.716488][T10028] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.718433][T10028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.725983][T10028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.733163][ T5951] Bluetooth: hci2: command tx timeout
[  222.740021][T10093] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌÌULÙvy¸ÚØ¢
…D£øUDŒw˜}�zR3'
[  222.744149][T10093] CPU: 1 UID: 0 PID: 10093 Comm: syz.2.1099 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  222.744175][T10093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.744186][T10093] Call Trace:
[  222.744192][T10093]  <TASK>
[  222.744200][T10093]  dump_stack_lvl+0x16c/0x1f0
[  222.744231][T10093]  sysfs_warn_dup+0x7f/0xa0
[  222.744259][T10093]  sysfs_do_create_link_sd+0x124/0x140
[  222.744289][T10093]  sysfs_create_link+0x61/0xc0
[  222.744316][T10093]  device_add+0x62c/0x1a70
[  222.744339][T10093]  ? __pfx_device_add+0x10/0x10
[  222.744356][T10093]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  222.744377][T10093]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  222.744409][T10093]  wiphy_register+0x1c9c/0x2850
[  222.744427][T10093]  ? netdev_run_todo+0x864/0x1320
[  222.744452][T10093]  ? __dev_printk+0x240/0x270
[  222.744480][T10093]  ? __pfx_wiphy_register+0x10/0x10
[  222.744513][T10093]  ieee80211_register_hw+0x2432/0x4020
[  222.744540][T10093]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  222.744562][T10093]  ? find_held_lock+0x2b/0x80
[  222.744585][T10093]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  222.744605][T10093]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  222.744631][T10093]  ? __hrtimer_setup+0x176/0x280
[  222.744653][T10093]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  222.744689][T10093]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  222.744719][T10093]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  222.744742][T10093]  ? __asan_memcpy+0x3c/0x60
[  222.744769][T10093]  hwsim_new_radio_nl+0xb51/0x12c0
[  222.744800][T10093]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  222.744831][T10093]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  222.744863][T10093]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  222.744900][T10093]  genl_family_rcv_msg_doit+0x206/0x2f0
[  222.744932][T10093]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  222.744962][T10093]  ? trace_cap_capable+0x18d/0x200
[  222.744987][T10093]  ? bpf_lsm_capable+0x9/0x10
[  222.745010][T10093]  ? security_capable+0x7e/0x260
[  222.745028][T10093]  ? ns_capable+0xd7/0x110
[  222.745087][T10093]  genl_rcv_msg+0x55c/0x800
[  222.745109][T10093]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.745127][T10093]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  222.745151][T10093]  ? __lock_acquire+0xaa4/0x1ba0
[  222.745172][T10093]  netlink_rcv_skb+0x16a/0x440
[  222.745198][T10093]  ? __pfx_genl_rcv_msg+0x10/0x10
[  222.745216][T10093]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  222.745256][T10093]  ? __pfx_down_read+0x10/0x10
[  222.745286][T10093]  ? netlink_deliver_tap+0x1ae/0xd30
[  222.745315][T10093]  genl_rcv+0x28/0x40
[  222.745338][T10093]  netlink_unicast+0x53a/0x7f0
[  222.745366][T10093]  ? __pfx_netlink_unicast+0x10/0x10
[  222.745399][T10093]  netlink_sendmsg+0x8d1/0xdd0
[  222.745429][T10093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.745456][T10093]  ? __import_iovec+0x1c8/0x660
[  222.745486][T10093]  ____sys_sendmsg+0xa95/0xc70
[  222.745517][T10093]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.745543][T10093]  ? get_compat_msghdr+0x11a/0x170
[  222.745570][T10093]  ? try_to_wake_up+0xa2f/0x1680
[  222.745596][T10093]  ___sys_sendmsg+0x134/0x1d0
[  222.745621][T10093]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.745689][T10093]  __sys_sendmsg+0x16d/0x220
[  222.745713][T10093]  ? __pfx___sys_sendmsg+0x10/0x10
[  222.745736][T10093]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  222.745772][T10093]  ? rcu_is_watching+0x12/0xc0
[  222.745821][T10093]  ? rcu_is_watching+0x12/0xc0
[  222.745848][T10093]  __do_fast_syscall_32+0x73/0x120
[  222.745878][T10093]  do_fast_syscall_32+0x32/0x80
[  222.745905][T10093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.745927][T10093] RIP: 0023:0xf748e579
[  222.745941][T10093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  222.745959][T10093] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  222.745976][T10093] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  222.745987][T10093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  222.745997][T10093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  222.746007][T10093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.746017][T10093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.746040][T10093]  </TASK>
[  222.905752][T10028] hsr_slave_0: entered promiscuous mode
[  222.908336][T10028] hsr_slave_1: entered promiscuous mode
[  222.910887][T10028] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.916558][T10028] Cannot create hsr debugfs directory
[  223.046342][T10108] netlink: 'syz.0.1102': attribute type 15 has an invalid length.
[  223.048660][T10108] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1102'.
[  223.140425][T10028] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  223.144933][T10028] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  223.152131][T10028] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  223.159289][T10028] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  223.175682][T10121] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1108'.
[  223.177532][T10125] overlayfs: missing 'lowerdir'
[  223.206227][T10028] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.208337][T10129] FAULT_INJECTION: forcing a failure.
[  223.208337][T10129] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  223.213393][T10129] CPU: 3 UID: 0 PID: 10129 Comm: syz.0.1110 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  223.213416][T10129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.213426][T10129] Call Trace:
[  223.213431][T10129]  <TASK>
[  223.213437][T10129]  dump_stack_lvl+0x16c/0x1f0
[  223.213459][T10129]  should_fail_ex+0x512/0x640
[  223.213481][T10129]  should_fail_alloc_page+0xe7/0x130
[  223.213499][T10129]  prepare_alloc_pages+0x3c2/0x610
[  223.213519][T10129]  ? rcu_is_watching+0x12/0xc0
[  223.213540][T10129]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  223.213566][T10129]  ? __lock_acquire+0x5ca/0x1ba0
[  223.213591][T10129]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  223.213620][T10129]  ? __lock_acquire+0x5ca/0x1ba0
[  223.213637][T10129]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  223.213656][T10129]  ? policy_nodemask+0xea/0x4e0
[  223.213681][T10129]  alloc_pages_mpol+0x1fb/0x550
[  223.213698][T10129]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  223.213714][T10129]  ? __lock_acquire+0x5ca/0x1ba0
[  223.213729][T10129]  folio_alloc_mpol_noprof+0x36/0x2f0
[  223.213749][T10129]  vma_alloc_folio_noprof+0xed/0x1e0
[  223.213767][T10129]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  223.213792][T10129]  do_pte_missing+0x223d/0x3fb0
[  223.213824][T10129]  __handle_mm_fault+0x103d/0x2a40
[  223.213853][T10129]  ? __pfx___handle_mm_fault+0x10/0x10
[  223.213884][T10129]  ? find_vma+0xbf/0x140
[  223.213900][T10129]  ? __pfx_find_vma+0x10/0x10
[  223.213918][T10129]  handle_mm_fault+0x3fe/0xad0
[  223.213940][T10129]  do_user_addr_fault+0x7a6/0x1370
[  223.213961][T10129]  ? rcu_is_watching+0x12/0xc0
[  223.213983][T10129]  exc_page_fault+0x5c/0xc0
[  223.214005][T10129]  asm_exc_page_fault+0x26/0x30
[  223.214021][T10129] RIP: 0010:rep_stos_alternative+0x40/0x80
[  223.214037][T10129] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  223.214051][T10129] RSP: 0018:ffffc900037479a8 EFLAGS: 00050202
[  223.214065][T10129] RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000380
[  223.214075][T10129] RDX: ffff88802551c880 RSI: ffffffff84cb8fdd RDI: 0000000080015000
[  223.214086][T10129] RBP: ffffc90003747d30 R08: 1525ca5b0a5321be R09: 0000000000000001
[  223.214096][T10129] R10: 0000000000000000 R11: 0000000000000000 R12: 000000007ffff000
[  223.214104][T10129] R13: 0000000080014380 R14: 0000000000013000 R15: 0000000000001000
[  223.214118][T10129]  ? iov_iter_zero+0x3dd/0x13c0
[  223.214144][T10129]  iov_iter_zero+0x3ed/0x13c0
[  223.214167][T10129]  ? __pfx_iov_iter_zero+0x10/0x10
[  223.214186][T10129]  ? aa_file_perm+0x4d6/0xfb0
[  223.214212][T10129]  ? _kstrtoull+0x145/0x200
[  223.214234][T10129]  ? __pfx_aa_file_perm+0x10/0x10
[  223.214257][T10129]  read_iter_zero+0x13b/0x340
[  223.214274][T10129]  ? copy_compat_iovec_from_user+0x141/0x180
[  223.214296][T10129]  do_iter_readv_writev+0x735/0x950
[  223.214319][T10129]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  223.214340][T10129]  ? bpf_lsm_file_permission+0x9/0x10
[  223.214359][T10129]  ? security_file_permission+0x71/0x210
[  223.214381][T10129]  ? rw_verify_area+0xcf/0x680
[  223.214403][T10129]  vfs_readv+0x4c5/0x8a0
[  223.214429][T10129]  ? __pfx_vfs_readv+0x10/0x10
[  223.214458][T10129]  ? find_held_lock+0x2b/0x80
[  223.214498][T10129]  ? __fget_files+0x20e/0x3c0
[  223.214525][T10129]  ? do_preadv+0x1af/0x270
[  223.214543][T10129]  do_preadv+0x1af/0x270
[  223.214563][T10129]  ? __pfx_do_preadv+0x10/0x10
[  223.214582][T10129]  ? fput+0x70/0xf0
[  223.214597][T10129]  ? ksys_write+0x1b9/0x240
[  223.214616][T10129]  ? __pfx_ksys_write+0x10/0x10
[  223.214640][T10129]  __ia32_compat_sys_preadv2+0x121/0x1b0
[  223.214664][T10129]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  223.214690][T10129]  __do_fast_syscall_32+0x73/0x120
[  223.214715][T10129]  do_fast_syscall_32+0x32/0x80
[  223.214738][T10129]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.214757][T10129] RIP: 0023:0xf7f36579
[  223.214770][T10129] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  223.214783][T10129] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 000000000000017a
[  223.214796][T10129] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001540
[  223.214806][T10129] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  223.214815][T10129] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.214825][T10129] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  223.214834][T10129] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.214855][T10129]  </TASK>
[  223.217797][T10128] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1109'.
[  223.356788][T10132] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1111'.
[  223.362157][T10128] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  223.364397][T10132] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1111'.
[  223.364410][T10132] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1111'.
[  223.364431][T10132] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1111'.
[  223.400544][T10128] IPv6: NLM_F_CREATE should be set when creating new route
[  223.402794][T10128] IPv6: NLM_F_CREATE should be set when creating new route
[  223.410763][T10028] 8021q: adding VLAN 0 to HW filter on device team0
[  223.418969][ T7035] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.421797][ T7035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.433817][ T7037] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.435833][ T7037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.568515][T10028] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  223.687697][T10028] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.814478][T10028] veth0_vlan: entered promiscuous mode
[  223.820334][T10028] veth1_vlan: entered promiscuous mode
[  223.838686][T10028] veth0_macvtap: entered promiscuous mode
[  223.842403][T10028] veth1_macvtap: entered promiscuous mode
[  223.853717][T10028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.856632][T10028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.859344][T10028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.862327][T10028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.866675][T10028] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.873635][T10028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.876467][T10028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.879107][T10028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.881987][T10028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.885704][T10028] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.890592][T10028] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.894392][T10028] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.897997][T10028] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.901416][T10028] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.987281][ T7037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  223.989578][ T7037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.014570][ T7036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.016796][ T7036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.299457][T10168] FAULT_INJECTION: forcing a failure.
[  224.299457][T10168] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  224.302977][T10168] CPU: 1 UID: 0 PID: 10168 Comm: syz.1.1118 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  224.302991][T10168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  224.302997][T10168] Call Trace:
[  224.303001][T10168]  <TASK>
[  224.303005][T10168]  dump_stack_lvl+0x16c/0x1f0
[  224.303054][T10168]  should_fail_ex+0x512/0x640
[  224.303074][T10168]  should_fail_alloc_page+0xe7/0x130
[  224.303085][T10168]  prepare_alloc_pages+0x3c2/0x610
[  224.303099][T10168]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  224.303118][T10168]  ? __lock_acquire+0x5ca/0x1ba0
[  224.303129][T10168]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  224.303150][T10168]  ? filemap_get_entry+0x1a7/0x3b0
[  224.303162][T10168]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.303174][T10168]  ? policy_nodemask+0xea/0x4e0
[  224.303190][T10168]  alloc_pages_mpol+0x1fb/0x550
[  224.303200][T10168]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  224.303209][T10168]  ? _raw_spin_unlock+0x28/0x50
[  224.303221][T10168]  ? swap_entry_swapped+0x122/0x190
[  224.303230][T10168]  ? __pfx_swap_entry_swapped+0x10/0x10
[  224.303240][T10168]  folio_alloc_mpol_noprof+0x36/0x2f0
[  224.303252][T10168]  __read_swap_cache_async+0x3b6/0x5a0
[  224.303267][T10168]  ? __pfx___read_swap_cache_async+0x10/0x10
[  224.303280][T10168]  ? swp_swap_info+0xce/0x130
[  224.303294][T10168]  ? __pfx_swp_swap_info+0x10/0x10
[  224.303309][T10168]  swap_cluster_readahead+0x3eb/0x710
[  224.303325][T10168]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  224.303337][T10168]  ? xa_get_order+0x152/0x2c0
[  224.303353][T10168]  ? __pfx_shmem_split_large_entry.isra.0+0x10/0x10
[  224.303367][T10168]  ? cgroup_rstat_updated+0x2a/0xb20
[  224.303383][T10168]  ? shmem_swapin_folio+0x61b/0x2220
[  224.303399][T10168]  shmem_swapin_folio+0x1933/0x2220
[  224.303429][T10168]  ? __pfx_shmem_swapin_folio+0x10/0x10
[  224.303443][T10168]  ? __pfx_filemap_get_entry+0x10/0x10
[  224.303459][T10168]  shmem_get_folio_gfp+0x2c6/0x1530
[  224.303477][T10168]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  224.303495][T10168]  shmem_fault+0x1fe/0xa30
[  224.303511][T10168]  ? __pfx_shmem_fault+0x10/0x10
[  224.303526][T10168]  ? rcu_is_watching+0x12/0xc0
[  224.303538][T10168]  ? __mark_inode_dirty+0x2a7/0xe50
[  224.303553][T10168]  ? __pfx_filemap_map_pages+0x10/0x10
[  224.303562][T10168]  __do_fault+0x10a/0x490
[  224.303572][T10168]  ? __pfx_filemap_map_pages+0x10/0x10
[  224.303580][T10168]  do_pte_missing+0x1a6/0x3fb0
[  224.303595][T10168]  ? __handle_mm_fault+0x1010/0x2a40
[  224.303609][T10168]  __handle_mm_fault+0x103d/0x2a40
[  224.303626][T10168]  ? __pfx___handle_mm_fault+0x10/0x10
[  224.303639][T10168]  ? __pte_offset_map_lock+0x155/0x2f0
[  224.303649][T10168]  ? find_held_lock+0x2b/0x80
[  224.303660][T10168]  ? find_held_lock+0x2b/0x80
[  224.303681][T10168]  handle_mm_fault+0x3fe/0xad0
[  224.303696][T10168]  __get_user_pages+0x771/0x36f0
[  224.303711][T10168]  ? get_pid_task+0x106/0x250
[  224.303721][T10168]  ? __pfx___get_user_pages+0x10/0x10
[  224.303734][T10168]  ? __lock_acquire+0xaa4/0x1ba0
[  224.303746][T10168]  faultin_page_range+0x249/0x980
[  224.303761][T10168]  madvise_do_behavior+0x233/0x3b0
[  224.303773][T10168]  ? __pfx_madvise_do_behavior+0x10/0x10
[  224.303787][T10168]  ? fput+0x70/0xf0
[  224.303803][T10168]  do_madvise+0x10b/0x170
[  224.303814][T10168]  __ia32_sys_madvise+0xa7/0x110
[  224.303824][T10168]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  224.303839][T10168]  __do_fast_syscall_32+0x73/0x120
[  224.303853][T10168]  do_fast_syscall_32+0x32/0x80
[  224.303867][T10168]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  224.303879][T10168] RIP: 0023:0xf7f24579
[  224.303887][T10168] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  224.303896][T10168] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[  224.303906][T10168] RAX: ffffffffffffffda RBX: 00000000800ec000 RCX: 0000000000800000
[  224.303912][T10168] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000000
[  224.303917][T10168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  224.303922][T10168] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  224.303928][T10168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  224.303940][T10168]  </TASK>
[  224.819649][ T5951] Bluetooth: hci2: command tx timeout
[  225.698048][T10202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1124'.
[  225.845764][T10212] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  225.959579][T10216] netlink: 'syz.2.1130': attribute type 11 has an invalid length.
[  226.495202][T10228] netlink: 'syz.4.1133': attribute type 15 has an invalid length.
[  226.498780][T10228] netlink: 666 bytes leftover after parsing attributes in process `syz.4.1133'.
[  226.681632][T10232] netlink: 'syz.0.1135': attribute type 15 has an invalid length.
[  226.893164][ T5988] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  226.895140][ T5956] Bluetooth: hci2: command tx timeout
[  227.045995][ T5988] usb 9-1: config 2 has no interfaces?
[  227.055226][ T5988] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.22
[  227.058472][ T5988] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.061177][ T5988] usb 9-1: Product: syz
[  227.062826][ T5988] usb 9-1: Manufacturer: syz
[  227.063162][ T1339] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  227.064725][ T5988] usb 9-1: SerialNumber: syz
[  227.223645][ T1339] usb 5-1: Using ep0 maxpacket: 8
[  227.228944][ T1339] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  227.232929][ T1339] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  227.236296][ T1339] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.241106][ T1339] usb 5-1: config 0 descriptor??
[  227.290593][ T5988] usb 9-1: USB disconnect, device number 2
[  227.296305][T10164] udevd[10164]: setting owner of /dev/bus/usb/009/002 to uid=0, gid=0 failed: No such file or directory
[  227.463433][ T1339] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  227.489030][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  227.489107][   T40] audit: type=1326 audit(1744003910.421:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10229 comm="syz.4.1134" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  227.678688][ T5988] usb 5-1: USB disconnect, device number 15
[  227.696633][T10246] netlink: 'syz.4.1139': attribute type 15 has an invalid length.
[  227.698731][T10246] __nla_validate_parse: 1 callbacks suppressed
[  227.698739][T10246] netlink: 666 bytes leftover after parsing attributes in process `syz.4.1139'.
[  227.907075][T10257] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1143'.
[  228.351186][T10266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1144'.
[  228.785004][T10276] netlink: 'syz.1.1148': attribute type 15 has an invalid length.
[  228.787892][T10276] netlink: 666 bytes leftover after parsing attributes in process `syz.1.1148'.
[  229.019438][T10282] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1150'.
[  229.022019][T10282] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1150'.
[  229.801047][T10300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1155'.
[  229.836907][T10302] FAULT_INJECTION: forcing a failure.
[  229.836907][T10302] name failslab, interval 1, probability 0, space 0, times 0
[  229.841469][T10302] CPU: 0 UID: 0 PID: 10302 Comm: syz.4.1156 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  229.841489][T10302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.841499][T10302] Call Trace:
[  229.841505][T10302]  <TASK>
[  229.841511][T10302]  dump_stack_lvl+0x16c/0x1f0
[  229.841531][T10302]  should_fail_ex+0x512/0x640
[  229.841542][T10302]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  229.841559][T10302]  should_failslab+0xc2/0x120
[  229.841568][T10302]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  229.841582][T10302]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  229.841593][T10302]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  229.841608][T10302]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  229.841620][T10302]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  229.841635][T10302]  mmu_topup_memory_caches+0x25/0x170
[  229.841651][T10302]  kvm_mmu_load+0xd9/0x22a0
[  229.841666][T10302]  ? kvm_apic_has_interrupt+0xb5/0x190
[  229.841680][T10302]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  229.841693][T10302]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  229.841707][T10302]  ? __pfx_kvm_mmu_load+0x10/0x10
[  229.841721][T10302]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  229.841733][T10302]  ? kvm_check_and_inject_events+0x71c/0x1310
[  229.841750][T10302]  vcpu_run+0x33d9/0x52d0
[  229.841766][T10302]  ? __lock_acquire+0xaa4/0x1ba0
[  229.841778][T10302]  ? __pfx_vcpu_run+0x10/0x10
[  229.841795][T10302]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[  229.841809][T10302]  ? __local_bh_enable_ip+0xa4/0x120
[  229.841826][T10302]  ? kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  229.841840][T10302]  kvm_arch_vcpu_ioctl_run+0x51c/0x18c0
[  229.841859][T10302]  kvm_vcpu_ioctl+0x5e9/0x1680
[  229.841876][T10302]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  229.841891][T10302]  ? tomoyo_path_number_perm+0x18d/0x580
[  229.841904][T10302]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  229.841915][T10302]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.841926][T10302]  ? do_vfs_ioctl+0x512/0x1990
[  229.841938][T10302]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  229.841961][T10302]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  229.841976][T10302]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  229.841992][T10302]  ? __fget_files+0x20e/0x3c0
[  229.842008][T10302]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  229.842023][T10302]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  229.842036][T10302]  __do_fast_syscall_32+0x73/0x120
[  229.842051][T10302]  do_fast_syscall_32+0x32/0x80
[  229.842065][T10302]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.842083][T10302] RIP: 0023:0xf744e579
[  229.842091][T10302] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.842100][T10302] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  229.842110][T10302] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  229.842116][T10302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  229.842121][T10302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.842126][T10302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.842131][T10302] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.842144][T10302]  </TASK>
[  229.857860][T10305] netlink: 'syz.2.1157': attribute type 10 has an invalid length.
[  229.958651][T10305] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  230.098903][T10324] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  230.112378][T10326] netlink: 'syz.2.1165': attribute type 15 has an invalid length.
[  230.114790][T10326] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1165'.
[  230.577495][T10334] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1166'.
[  230.580127][T10334] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1166'.
[  232.159384][T10392] program syz.2.1186 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  232.163002][T10392] ata1.00: invalid multi_count 1 ignored
[  232.186145][T10395] No control pipe specified
[  232.313191][    T9] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  232.399418][T10406] random: crng reseeded on system resumption
[  232.489272][    T9] usb 9-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  232.492137][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.495576][    T9] usb 9-1: Product: syz
[  232.497224][    T9] usb 9-1: Manufacturer: syz
[  232.498969][    T9] usb 9-1: SerialNumber: syz
[  232.509254][    T9] usb 9-1: config 0 descriptor??
[  232.716675][    T9] usb 9-1: Firmware version (0.0) predates our first public release.
[  232.721922][    T9] usb 9-1: Please update to version 0.2 or newer
[  232.776079][    T9] usb 9-1: USB disconnect, device number 3
[  232.776125][    C3] ata1: illegal qc_active transition (00000000->00400000)
[  233.110995][T10425] __nla_validate_parse: 1 callbacks suppressed
[  233.111005][T10425] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1195'.
[  233.118402][ T1103] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  233.125797][ T1103] ata1.00: configured for UDMA/100
[  233.263873][   T40] audit: type=1800 audit(1744003916.191:158): pid=10429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1197" name="bus" dev="tmpfs" ino=107 res=0 errno=0
[  233.388985][T10432] FAULT_INJECTION: forcing a failure.
[  233.388985][T10432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.392596][T10432] CPU: 3 UID: 0 PID: 10432 Comm: syz.4.1198 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  233.392609][T10432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.392615][T10432] Call Trace:
[  233.392619][T10432]  <TASK>
[  233.392623][T10432]  dump_stack_lvl+0x16c/0x1f0
[  233.392640][T10432]  should_fail_ex+0x512/0x640
[  233.392654][T10432]  _copy_from_user+0x2e/0xd0
[  233.392667][T10432]  memdup_user+0x6b/0xe0
[  233.392677][T10432]  kvm_arch_vcpu_ioctl+0x281a/0x4f00
[  233.392690][T10432]  ? is_bpf_text_address+0x94/0x1a0
[  233.392701][T10432]  ? __kernel_text_address+0xd/0x40
[  233.392714][T10432]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  233.392732][T10432]  ? stack_trace_save+0x8e/0xc0
[  233.392746][T10432]  ? __lock_acquire+0xaa4/0x1ba0
[  233.392758][T10432]  ? kasan_save_stack+0x42/0x60
[  233.392772][T10432]  ? kasan_save_track+0x14/0x30
[  233.392786][T10432]  ? __mutex_trylock_common+0xe9/0x250
[  233.392796][T10432]  ? __pfx___mutex_trylock_common+0x10/0x10
[  233.392806][T10432]  ? __pfx___might_resched+0x10/0x10
[  233.392821][T10432]  ? rcu_is_watching+0x12/0xc0
[  233.392833][T10432]  ? trace_contention_end+0xdd/0x130
[  233.392842][T10432]  ? __mutex_lock+0x1ca/0xb90
[  233.392857][T10432]  ? kvm_vcpu_ioctl+0x27e/0x1680
[  233.392873][T10432]  ? __pfx___mutex_lock+0x10/0x10
[  233.392891][T10432]  ? kasan_quarantine_put+0x10a/0x240
[  233.392906][T10432]  ? kvm_vcpu_ioctl+0x1232/0x1680
[  233.392921][T10432]  kvm_vcpu_ioctl+0x1232/0x1680
[  233.392937][T10432]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  233.392973][T10432]  ? tomoyo_path_number_perm+0x18d/0x580
[  233.392992][T10432]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  233.393024][T10432]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  233.393043][T10432]  ? do_vfs_ioctl+0x512/0x1990
[  233.393056][T10432]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  233.393078][T10432]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  233.393094][T10432]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  233.393109][T10432]  ? __fget_files+0x20e/0x3c0
[  233.393126][T10432]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  233.393141][T10432]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  233.393153][T10432]  __do_fast_syscall_32+0x73/0x120
[  233.393168][T10432]  do_fast_syscall_32+0x32/0x80
[  233.393182][T10432]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.393194][T10432] RIP: 0023:0xf744e579
[  233.393202][T10432] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.393211][T10432] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  233.393221][T10432] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004008ae89
[  233.393226][T10432] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  233.393232][T10432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  233.393237][T10432] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  233.393242][T10432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.393254][T10432]  </TASK>
[  233.451306][T10434] "syz.2.1196" (10434) uses obsolete ecb(arc4) skcipher
[  233.813799][T10450] 8021q: adding VLAN 0 to HW filter on device bond21
[  233.843143][T10455] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  234.407187][T10459] mkiss: ax0: crc mode is auto.
[  234.821818][T10464] FAULT_INJECTION: forcing a failure.
[  234.821818][T10464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.825537][T10464] CPU: 1 UID: 0 PID: 10464 Comm: syz.1.1205 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  234.825560][T10464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  234.825566][T10464] Call Trace:
[  234.825570][T10464]  <TASK>
[  234.825574][T10464]  dump_stack_lvl+0x16c/0x1f0
[  234.825591][T10464]  should_fail_ex+0x512/0x640
[  234.825604][T10464]  _copy_from_user+0x2e/0xd0
[  234.825617][T10464]  move_addr_to_kernel+0x65/0x170
[  234.825628][T10464]  __sys_connect+0xaf/0x170
[  234.825638][T10464]  ? __pfx___sys_connect+0x10/0x10
[  234.825653][T10464]  ? __pfx_ksys_write+0x10/0x10
[  234.825670][T10464]  __ia32_sys_connect+0x71/0xb0
[  234.825680][T10464]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  234.825694][T10464]  __do_fast_syscall_32+0x73/0x120
[  234.825709][T10464]  do_fast_syscall_32+0x32/0x80
[  234.825723][T10464]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  234.825735][T10464] RIP: 0023:0xf7f24579
[  234.825743][T10464] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  234.825752][T10464] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  234.825762][T10464] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000180
[  234.825767][T10464] RDX: 000000000000006e RSI: 0000000000000000 RDI: 0000000000000000
[  234.825773][T10464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  234.825778][T10464] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  234.825784][T10464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  234.825795][T10464]  </TASK>
[  235.022665][T10466] befs: (nullb0): No write support. Marking filesystem read-only
[  235.027485][T10466] befs: (nullb0): invalid magic header
[  235.250479][T10470] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  235.269640][T10470] overlayfs: missing 'lowerdir'
[  235.392270][T10470] cdrom: dropping to single frame dma
[  235.633633][T10473] syz.4.1208: attempt to access beyond end of device
[  235.633633][T10473] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  235.637800][T10473] XFS (nbd4): SB validate failed with error -5.
[  235.683606][T10473] overlay: ./file0 is not a directory
[  235.736551][T10488] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1212'.
[  235.744339][T10488] batman_adv: batadv0: Interface deactivated: dummy0
[  235.746817][T10488] batman_adv: batadv0: Removing interface: dummy0
[  235.750922][T10488] bridge_slave_0: left allmulticast mode
[  235.752506][T10488] bridge_slave_0: left promiscuous mode
[  235.754523][T10488] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.758290][T10488] bridge_slave_1: left allmulticast mode
[  235.759892][T10488] bridge_slave_1: left promiscuous mode
[  235.761569][T10488] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.765599][T10488] bond0: (slave bond_slave_0): Releasing backup interface
[  235.769830][T10488] bond0: (slave bond_slave_1): Releasing backup interface
[  235.787048][T10488] team0: Port device team_slave_0 removed
[  235.794648][T10488] team0: Port device team_slave_1 removed
[  235.794891][T10489] netlink: 'syz.1.1212': attribute type 10 has an invalid length.
[  235.796679][T10488] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.800702][T10488] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.803882][T10488] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.806283][T10488] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.838424][T10489] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  235.852453][T10490] syz.2.1207: attempt to access beyond end of device
[  235.852453][T10490] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  235.856587][T10490] XFS (nbd2): SB validate failed with error -5.
[  235.881809][T10497] tipc: Started in network mode
[  235.883286][T10497] tipc: Node identity 4, cluster identity 4711
[  235.885123][T10497] tipc: Node number set to 4
[  236.274076][T10504] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1216'.
[  236.289805][T10505] netlink: 'syz.0.1215': attribute type 15 has an invalid length.
[  236.292159][T10505] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1215'.
[  236.417510][T10517] Cache volume key already in use (9p,syz,)
[  236.684691][T10530] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1225'.
[  236.708403][T10530] syzkaller1: entered promiscuous mode
[  236.709996][T10530] syzkaller1: entered allmulticast mode
[  237.009154][T10550] 8021q: adding VLAN 0 to HW filter on device bond1
[  239.450770][T10600] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.552413][T10600] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.660365][T10600] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.784139][T10600] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.856704][T10600] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.864396][T10600] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.870499][T10600] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.879258][T10600] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.995107][T10615] Cannot find add_set index 3 as target
[  240.531082][T10631] ucma_write: process 1124 (syz.1.1256) changed security contexts after opening file descriptor, this is not allowed.
[  240.567484][T10624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1254'.
[  240.623871][T10624] syz.2.1254: attempt to access beyond end of device
[  240.623871][T10624] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  240.628975][T10624] XFS (nbd2): SB validate failed with error -5.
[  240.926468][T10641] ubi31: attaching mtd0
[  240.927689][T10641] ubi31 error: ubi_attach_mtd_dev: bad VID header (146210816) or data offsets (146210880)
[  241.011248][T10643] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1259'.
[  241.059827][T10651] fuse: Unknown parameter 'usSç_id'
[  241.293421][ T5992] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  241.445767][ T5992] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  241.449312][ T5992] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  241.453502][ T5992] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  241.456967][ T5992] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  241.461275][ T5992] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  241.467621][ T5992] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  241.471444][ T5992] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  241.474626][ T5992] usb 7-1: Product: syz
[  241.476386][ T5992] usb 7-1: Manufacturer: syz
[  241.487482][ T5992] cdc_wdm 7-1:1.0: skipping garbage
[  241.489623][ T5992] cdc_wdm 7-1:1.0: skipping garbage
[  241.493804][ T5992] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  241.496156][ T5992] cdc_wdm 7-1:1.0: Unknown control protocol
[  241.751727][T10676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1270'.
[  241.839504][T10677] syzkaller1: entered promiscuous mode
[  241.840985][T10677] syzkaller1: entered allmulticast mode
[  241.849606][T10677] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1270'.
[  243.540703][T10703] overlay: Unknown parameter 'obj_role'
[  243.637052][T10712] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1276'.
[  243.682888][T10714] IPv6: NLM_F_CREATE should be specified when creating new route
[  243.853721][T10719] syzkaller1: entered promiscuous mode
[  243.855277][T10719] syzkaller1: entered allmulticast mode
[  244.059897][ T5992] usb 7-1: USB disconnect, device number 14
[  244.826142][   T40] audit: type=1326 audit(1744003927.761:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.832340][   T40] audit: type=1326 audit(1744003927.761:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=445 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.838609][   T40] audit: type=1326 audit(1744003927.761:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.845047][   T40] audit: type=1326 audit(1744003927.761:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.851190][   T40] audit: type=1326 audit(1744003927.761:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.857484][   T40] audit: type=1326 audit(1744003927.761:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.863726][   T40] audit: type=1326 audit(1744003927.761:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.869539][   T40] audit: type=1326 audit(1744003927.771:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.875644][   T40] audit: type=1326 audit(1744003927.771:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.881751][   T40] audit: type=1326 audit(1744003927.771:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10733 comm="syz.0.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x7ffc0000
[  244.955236][T10738] FAULT_INJECTION: forcing a failure.
[  244.955236][T10738] name failslab, interval 1, probability 0, space 0, times 0
[  244.959904][T10738] CPU: 0 UID: 0 PID: 10738 Comm: syz.2.1285 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  244.959927][T10738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.959937][T10738] Call Trace:
[  244.959943][T10738]  <TASK>
[  244.959949][T10738]  dump_stack_lvl+0x16c/0x1f0
[  244.960018][T10738]  should_fail_ex+0x512/0x640
[  244.960036][T10738]  ? __kmalloc_noprof+0xbf/0x510
[  244.960061][T10738]  ? fib6_info_alloc+0x40/0x160
[  244.960078][T10738]  should_failslab+0xc2/0x120
[  244.960093][T10738]  __kmalloc_noprof+0xd2/0x510
[  244.960120][T10738]  fib6_info_alloc+0x40/0x160
[  244.960139][T10738]  ip6_route_info_create+0x33f/0x18e0
[  244.960171][T10738]  ? __pfx_ip6_route_info_create+0x10/0x10
[  244.960195][T10738]  ? find_held_lock+0x2b/0x80
[  244.960216][T10738]  ? addrconf_f6i_alloc+0x15d/0x670
[  244.960235][T10738]  addrconf_f6i_alloc+0x391/0x670
[  244.960254][T10738]  ? __pfx_addrconf_f6i_alloc+0x10/0x10
[  244.960294][T10738]  ipv6_add_addr+0x531/0x1fe0
[  244.960322][T10738]  ? __pfx_ipv6_add_addr+0x10/0x10
[  244.960343][T10738]  ? __local_bh_enable_ip+0xa4/0x120
[  244.960364][T10738]  ? lockdep_hardirqs_on+0x7c/0x110
[  244.960385][T10738]  ? ip6_route_add+0x97/0x1c0
[  244.960413][T10738]  ? addrconf_add_linklocal+0x2a5/0x500
[  244.960432][T10738]  addrconf_add_linklocal+0x2a5/0x500
[  244.960453][T10738]  ? __pfx_addrconf_add_linklocal+0x10/0x10
[  244.960479][T10738]  ? __asan_memcpy+0x3c/0x60
[  244.960503][T10738]  addrconf_addr_gen+0x36d/0x3c0
[  244.960524][T10738]  ? __pfx_addrconf_addr_gen+0x10/0x10
[  244.960553][T10738]  ? addrconf_init_auto_addrs+0x446/0x820
[  244.960572][T10738]  addrconf_init_auto_addrs+0x446/0x820
[  244.960594][T10738]  addrconf_notify+0xe93/0x19e0
[  244.960618][T10738]  ? ip6mr_device_event+0x1bc/0x230
[  244.960646][T10738]  notifier_call_chain+0xb9/0x410
[  244.960669][T10738]  ? __pfx_addrconf_notify+0x10/0x10
[  244.960702][T10738]  call_netdevice_notifiers_info+0xbe/0x140
[  244.960730][T10738]  __dev_notify_flags+0x12c/0x2e0
[  244.960751][T10738]  ? __pfx___dev_notify_flags+0x10/0x10
[  244.960769][T10738]  ? __dev_change_flags+0x3d5/0x720
[  244.960791][T10738]  ? __pfx___dev_change_flags+0x10/0x10
[  244.960811][T10738]  ? rcu_is_watching+0x12/0xc0
[  244.960837][T10738]  netif_change_flags+0x108/0x160
[  244.960879][T10738]  dev_change_flags+0xba/0x250
[  244.960904][T10738]  devinet_ioctl+0x11d5/0x1f50
[  244.960932][T10738]  ? __pfx_devinet_ioctl+0x10/0x10
[  244.960955][T10738]  ? _copy_from_user+0x59/0xd0
[  244.960979][T10738]  inet_ioctl+0x3a7/0x3f0
[  244.961003][T10738]  ? __pfx_inet_ioctl+0x10/0x10
[  244.961031][T10738]  ? kasan_quarantine_put+0x10a/0x240
[  244.961071][T10738]  packet_ioctl+0xb3/0x280
[  244.961095][T10738]  sock_do_ioctl+0x115/0x280
[  244.961118][T10738]  ? do_vfs_ioctl+0x512/0x1990
[  244.961137][T10738]  ? __pfx_sock_do_ioctl+0x10/0x10
[  244.961159][T10738]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  244.961190][T10738]  compat_sock_ioctl+0x301/0x7c0
[  244.961208][T10738]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  244.961224][T10738]  ? hook_file_ioctl_common+0x145/0x410
[  244.961247][T10738]  ? __fget_files+0x20e/0x3c0
[  244.961274][T10738]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  244.961292][T10738]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  244.961313][T10738]  __do_fast_syscall_32+0x73/0x120
[  244.961338][T10738]  do_fast_syscall_32+0x32/0x80
[  244.961361][T10738]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  244.961380][T10738] RIP: 0023:0xf748e579
[  244.961393][T10738] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  244.961408][T10738] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  244.961424][T10738] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000008914
[  244.961434][T10738] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000
[  244.961443][T10738] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  244.961452][T10738] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  244.961461][T10738] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  244.961482][T10738]  </TASK>
[  245.762079][T10771] xt_CONNSECMARK: invalid mode: 0
[  245.984146][T10776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1297'.
[  245.990546][T10776] netlink: 'syz.4.1297': attribute type 1 has an invalid length.
[  245.993348][T10776] netlink: 'syz.4.1297': attribute type 2 has an invalid length.
[  246.002562][T10776] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1297'.
[  246.098975][T10780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1299'.
[  246.142933][T10784] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1301'.
[  247.419841][T10829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1315'.
[  247.433204][T10827] 8021q: adding VLAN 0 to HW filter on device bond2
[  247.770858][ T5951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  247.777568][ T5951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  247.781011][ T5951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  247.784729][ T5951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  247.788883][ T5951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  247.905802][T10835] chnl_net:caif_netlink_parms(): no params data found
[  248.015801][T10835] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.017996][T10835] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.020072][T10835] bridge_slave_0: entered allmulticast mode
[  248.022570][T10835] bridge_slave_0: entered promiscuous mode
[  248.025979][T10835] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.028178][T10835] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.030415][T10835] bridge_slave_1: entered allmulticast mode
[  248.032936][T10835] bridge_slave_1: entered promiscuous mode
[  248.082876][T10835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.089564][T10835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.137219][T10835] team0: Port device team_slave_0 added
[  248.141680][T10835] team0: Port device team_slave_1 added
[  248.196388][T10835] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.199082][T10835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.209567][T10835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.215302][T10835] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.217944][T10835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  248.227748][T10835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.320743][T10835] hsr_slave_0: entered promiscuous mode
[  248.332207][T10835] hsr_slave_1: entered promiscuous mode
[  248.338210][T10835] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  248.341101][T10835] Cannot create hsr debugfs directory
[  248.740082][T10835] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  248.745176][T10835] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  248.748938][T10835] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  248.753798][T10835] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  248.796323][T10835] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.808009][T10835] 8021q: adding VLAN 0 to HW filter on device team0
[  248.814459][ T7037] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.816659][ T7037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.826206][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.828736][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.940472][T10835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  249.077711][T10835] veth0_vlan: entered promiscuous mode
[  249.082697][T10835] veth1_vlan: entered promiscuous mode
[  249.097319][T10835] veth0_macvtap: entered promiscuous mode
[  249.101890][T10835] veth1_macvtap: entered promiscuous mode
[  249.110403][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.113303][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.116147][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  249.119261][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.122861][T10835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.131092][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.134833][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.137539][T10835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  249.140416][T10835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  249.144129][T10835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.149228][T10835] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.151730][T10835] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.154768][T10835] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.157187][T10835] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.198086][ T7036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.201156][ T7036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.212930][ T7037] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.215247][ T7037] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.526582][T10879] FAULT_INJECTION: forcing a failure.
[  249.526582][T10879] name failslab, interval 1, probability 0, space 0, times 0
[  249.530195][T10879] CPU: 1 UID: 0 PID: 10879 Comm: syz.5.1318 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  249.530218][T10879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  249.530224][T10879] Call Trace:
[  249.530229][T10879]  <TASK>
[  249.530232][T10879]  dump_stack_lvl+0x16c/0x1f0
[  249.530250][T10879]  should_fail_ex+0x512/0x640
[  249.530262][T10879]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  249.530276][T10879]  should_failslab+0xc2/0x120
[  249.530286][T10879]  __kmalloc_cache_noprof+0x6a/0x3e0
[  249.530299][T10879]  ? __rdma_create_id+0x5b/0x630
[  249.530313][T10879]  ? __pfx_ucma_event_handler+0x10/0x10
[  249.530323][T10879]  __rdma_create_id+0x5b/0x630
[  249.530336][T10879]  ? __pfx_ucma_event_handler+0x10/0x10
[  249.530347][T10879]  rdma_create_user_id+0x7d/0xe0
[  249.530360][T10879]  ucma_create_id+0x188/0x380
[  249.530370][T10879]  ? __pfx_ucma_create_id+0x10/0x10
[  249.530379][T10879]  ? __might_fault+0xe3/0x190
[  249.530393][T10879]  ? __might_fault+0x13b/0x190
[  249.530411][T10879]  ? __pfx_ucma_create_id+0x10/0x10
[  249.530421][T10879]  ucma_write+0x1f8/0x330
[  249.530435][T10879]  ? __pfx_ucma_write+0x10/0x10
[  249.530449][T10879]  ? bpf_lsm_file_permission+0x9/0x10
[  249.530461][T10879]  ? security_file_permission+0x71/0x210
[  249.530474][T10879]  ? rw_verify_area+0xcf/0x680
[  249.530487][T10879]  vfs_write+0x25c/0x1180
[  249.530500][T10879]  ? __pfx_ucma_write+0x10/0x10
[  249.530516][T10879]  ? __pfx_vfs_write+0x10/0x10
[  249.530528][T10879]  ? find_held_lock+0x2b/0x80
[  249.530541][T10879]  ? __fget_files+0x204/0x3c0
[  249.530556][T10879]  ? __fget_files+0x20e/0x3c0
[  249.530573][T10879]  ksys_write+0x205/0x240
[  249.530586][T10879]  ? __pfx_ksys_write+0x10/0x10
[  249.530599][T10879]  ? rcu_is_watching+0x12/0xc0
[  249.530613][T10879]  __do_fast_syscall_32+0x73/0x120
[  249.530628][T10879]  do_fast_syscall_32+0x32/0x80
[  249.530642][T10879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  249.530655][T10879] RIP: 0023:0xf7f72579
[  249.530663][T10879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  249.530672][T10879] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  249.530682][T10879] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000080
[  249.530688][T10879] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[  249.530693][T10879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  249.530698][T10879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  249.530703][T10879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  249.530715][T10879]  </TASK>
[  249.605530][    C1] vkms_vblank_simulate: vblank timer overrun
[  249.863610][ T5956] Bluetooth: hci0: command tx timeout
[  250.349779][T10891] FAULT_INJECTION: forcing a failure.
[  250.349779][T10891] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  250.353496][T10891] CPU: 1 UID: 0 PID: 10891 Comm: syz.4.1328 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  250.353509][T10891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  250.353516][T10891] Call Trace:
[  250.353519][T10891]  <TASK>
[  250.353523][T10891]  dump_stack_lvl+0x16c/0x1f0
[  250.353541][T10891]  should_fail_ex+0x512/0x640
[  250.353555][T10891]  should_fail_alloc_page+0xe7/0x130
[  250.353566][T10891]  prepare_alloc_pages+0x3c2/0x610
[  250.353578][T10891]  ? rcu_is_watching+0x12/0xc0
[  250.353598][T10891]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  250.353618][T10891]  ? __pfx___might_resched+0x10/0x10
[  250.353633][T10891]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  250.353652][T10891]  ? __lock_acquire+0x5ca/0x1ba0
[  250.353664][T10891]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  250.353675][T10891]  ? policy_nodemask+0xea/0x4e0
[  250.353692][T10891]  alloc_pages_mpol+0x1fb/0x550
[  250.353701][T10891]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  250.353711][T10891]  ? __lock_acquire+0x5ca/0x1ba0
[  250.353721][T10891]  folio_alloc_mpol_noprof+0x36/0x2f0
[  250.353733][T10891]  vma_alloc_folio_noprof+0xed/0x1e0
[  250.353744][T10891]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  250.353758][T10891]  do_pte_missing+0x223d/0x3fb0
[  250.353776][T10891]  __handle_mm_fault+0x103d/0x2a40
[  250.353793][T10891]  ? __pfx___handle_mm_fault+0x10/0x10
[  250.353806][T10891]  ? __pte_offset_map_lock+0x155/0x2f0
[  250.353817][T10891]  ? find_held_lock+0x2b/0x80
[  250.353828][T10891]  ? find_held_lock+0x2b/0x80
[  250.353848][T10891]  handle_mm_fault+0x3fe/0xad0
[  250.353863][T10891]  __get_user_pages+0x771/0x36f0
[  250.353878][T10891]  ? get_pid_task+0x106/0x250
[  250.353889][T10891]  ? __pfx___get_user_pages+0x10/0x10
[  250.353901][T10891]  ? __lock_acquire+0xaa4/0x1ba0
[  250.353913][T10891]  faultin_page_range+0x249/0x980
[  250.353929][T10891]  madvise_do_behavior+0x233/0x3b0
[  250.353941][T10891]  ? __pfx_madvise_do_behavior+0x10/0x10
[  250.353955][T10891]  ? fput+0x70/0xf0
[  250.353967][T10891]  do_madvise+0x10b/0x170
[  250.353978][T10891]  __ia32_sys_madvise+0xa7/0x110
[  250.353988][T10891]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  250.354002][T10891]  __do_fast_syscall_32+0x73/0x120
[  250.354017][T10891]  do_fast_syscall_32+0x32/0x80
[  250.354031][T10891]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  250.354043][T10891] RIP: 0023:0xf744e579
[  250.354051][T10891] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  250.354060][T10891] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[  250.354070][T10891] RAX: ffffffffffffffda RBX: 00000000800ec000 RCX: 0000000000800000
[  250.354076][T10891] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000000
[  250.354081][T10891] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  250.354086][T10891] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  250.354092][T10891] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  250.354104][T10891]  </TASK>
[  250.519937][T10898] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1331'.
[  251.073094][ T6217] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  251.223840][ T6217] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  251.228116][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.231822][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.236618][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.240218][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.244622][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.248912][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.252476][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.256503][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.260802][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.265681][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.269391][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.274289][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.277803][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.281519][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.286323][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.289758][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.293609][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.297778][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.301382][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.306906][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.311109][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.314726][ T6217] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  251.318417][ T6217] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  251.322539][ T6217] usb 5-1: config 0 interface 0 has no altsetting 0
[  251.327085][ T6217] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  251.330752][ T6217] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  251.334402][ T6217] usb 5-1: Product: syz
[  251.336059][ T6217] usb 5-1: Manufacturer: syz
[  251.337900][ T6217] usb 5-1: SerialNumber: syz
[  251.350886][ T6217] usb 5-1: config 0 descriptor??
[  251.359341][ T6217] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  251.618241][    C3] usb 5-1: yurex_control_callback - control failed: -71
[  251.618660][   T64] usb 5-1: USB disconnect, device number 16
[  251.625596][   T64] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  251.629079][T10922] 9pnet_fd: Insufficient options for proto=fd
[  251.634994][ T5956] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  251.637984][ T5956] CPU: 3 UID: 0 PID: 5956 Comm: kworker/u33:5 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  251.637998][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.638007][ T5956] Workqueue: hci0 hci_rx_work
[  251.638022][ T5956] Call Trace:
[  251.638026][ T5956]  <TASK>
[  251.638030][ T5956]  dump_stack_lvl+0x16c/0x1f0
[  251.638046][ T5956]  sysfs_warn_dup+0x7f/0xa0
[  251.638063][ T5956]  sysfs_create_dir_ns+0x24b/0x2b0
[  251.638079][ T5956]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  251.638094][ T5956]  ? find_held_lock+0x2b/0x80
[  251.638110][ T5956]  ? do_raw_spin_unlock+0x172/0x230
[  251.638122][ T5956]  kobject_add_internal+0x2c4/0x9b0
[  251.638140][ T5956]  kobject_add+0x16e/0x240
[  251.638155][ T5956]  ? __pfx_kobject_add+0x10/0x10
[  251.638171][ T5956]  ? do_raw_spin_unlock+0x172/0x230
[  251.638182][ T5956]  ? kobject_put+0xab/0x5a0
[  251.638200][ T5956]  device_add+0x288/0x1a70
[  251.638212][ T5956]  ? __pfx_dev_set_name+0x10/0x10
[  251.638224][ T5956]  ? __pfx_device_add+0x10/0x10
[  251.638234][ T5956]  ? mgmt_send_event_skb+0x2fb/0x460
[  251.638249][ T5956]  hci_conn_add_sysfs+0x17e/0x230
[  251.638262][ T5956]  le_conn_complete_evt+0x1075/0x1d70
[  251.638276][ T5956]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  251.638286][ T5956]  ? hci_event_packet+0x43c/0x1190
[  251.638300][ T5956]  hci_le_conn_complete_evt+0x23c/0x370
[  251.638313][ T5956]  hci_le_meta_evt+0x2f3/0x5e0
[  251.638326][ T5956]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  251.638343][ T5956]  hci_event_packet+0x669/0x1190
[  251.638358][ T5956]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  251.638374][ T5956]  ? __pfx_hci_event_packet+0x10/0x10
[  251.638393][ T5956]  ? kcov_remote_start+0x3c9/0x6d0
[  251.638408][ T5956]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.638433][ T5956]  hci_rx_work+0x2c5/0x16b0
[  251.638453][ T5956]  ? rcu_is_watching+0x12/0xc0
[  251.638475][ T5956]  process_one_work+0x9cc/0x1b70
[  251.638495][ T5956]  ? __pfx_process_one_work+0x10/0x10
[  251.638510][ T5956]  ? assign_work+0x1a0/0x250
[  251.638522][ T5956]  worker_thread+0x6c8/0xf10
[  251.638539][ T5956]  ? __pfx_worker_thread+0x10/0x10
[  251.638550][ T5956]  kthread+0x3c2/0x780
[  251.638561][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638569][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638578][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638587][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638596][ T5956]  ? rcu_is_watching+0x12/0xc0
[  251.638608][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638619][ T5956]  ret_from_fork+0x45/0x80
[  251.638638][ T5956]  ? __pfx_kthread+0x10/0x10
[  251.638653][ T5956]  ret_from_fork_asm+0x1a/0x30
[  251.638690][ T5956]  </TASK>
[  251.638712][ T5956] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  251.734596][ T5956] Bluetooth: hci0: failed to register connection device
[  251.943121][ T5951] Bluetooth: hci0: command tx timeout
[  251.975269][T10937] netlink: 'syz.5.1341': attribute type 2 has an invalid length.
[  252.027205][T10933] Bluetooth: MGMT ver 1.23
[  252.049888][T10941] bond0: option ad_select: unable to set because the bond device is up
[  253.614282][ T5988] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  253.884929][T10963] bridge0: port 3(netdevsim0) entered blocking state
[  253.887719][T10963] bridge0: port 3(netdevsim0) entered disabled state
[  253.892135][T10963] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  253.900982][T10963] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  253.905047][T10963] bridge0: port 3(netdevsim0) entered blocking state
[  253.908111][T10963] bridge0: port 3(netdevsim0) entered forwarding state
[  253.921084][T10965] bridge_slave_0: left allmulticast mode
[  253.925201][T10963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1348'.
[  253.933908][T10965] bridge_slave_0: left promiscuous mode
[  253.936275][T10965] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.947783][T10965] bridge_slave_1: left allmulticast mode
[  253.950025][T10965] bridge_slave_1: left promiscuous mode
[  253.952471][T10965] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.960590][T10965] bond0: (slave bond_slave_0): Releasing backup interface
[  253.966947][T10965] bond0: (slave bond_slave_1): Releasing backup interface
[  253.991472][T10965] team0: Port device team_slave_0 removed
[  254.000176][T10965] team0: Port device team_slave_1 removed
[  254.006131][T10965] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.009237][T10965] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.013925][ T5951] Bluetooth: hci0: command tx timeout
[  254.015137][T10965] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.018429][T10965] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.055303][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  255.934434][ T6217] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  256.093476][ T5951] Bluetooth: hci0: command tx timeout
[  257.973428][   T64] e1000 0000:00:06.0 eth0: Reset adapter
[  259.972462][T11025] 8021q: adding VLAN 0 to HW filter on device bond1
[  260.094355][   T64] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  261.186106][T11031] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1371'.
[  261.198217][T11030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1370'.
[  261.911673][T11050] 8021q: adding VLAN 0 to HW filter on device bond3
[  262.279591][T11054] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input21
[  262.426804][T11047] Cannot find add_set index 0 as target
[  263.076762][T11071] trusted_key: syz.4.1380 sent an empty control message without MSG_MORE.
[  263.079790][ T1339] kernel write not supported for file /media2 (pid: 1339 comm: kworker/3:2)
[  264.136745][T11087] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1384'.
[  264.238248][T11089] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1385'.
[  264.556763][T11097] 9pnet_virtio: no channels available for device syz
[  265.048310][T11102] netlink: 204 bytes leftover after parsing attributes in process `syz.0.1389'.
[  265.053876][T11102] netlink: 'syz.0.1389': attribute type 8 has an invalid length.
[  266.219239][T11125] 9pnet_virtio: no channels available for device syz
[  272.547034][ T5956] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  272.551497][ T5956] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  272.556999][ T5956] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  272.563674][ T5956] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  272.567560][ T5956] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  272.728556][T11147] chnl_net:caif_netlink_parms(): no params data found
[  274.653312][ T5951] Bluetooth: hci4: command tx timeout
[  276.733553][ T5951] Bluetooth: hci4: command tx timeout
[  277.475246][T11147] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.477644][T11147] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.479715][T11147] bridge_slave_0: entered allmulticast mode
[  277.491194][T11147] bridge_slave_0: entered promiscuous mode
[  277.496032][T11147] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.498034][T11147] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.500123][T11147] bridge_slave_1: entered allmulticast mode
[  277.502467][T11147] bridge_slave_1: entered promiscuous mode
[  277.560868][T11147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  277.566210][T11147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.618837][T11147] team0: Port device team_slave_0 added
[  277.622138][T11164] nft_compat: unsupported protocol 0
[  277.622563][T11147] team0: Port device team_slave_1 added
[  277.625857][T11164] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1408'.
[  277.668236][T11166] overlayfs: failed to resolve './file1': -2
[  277.671059][ T5951] Bluetooth: hci1: Malformed LE Event: 0x0d
[  277.671764][T11147] batman_adv: batadv0: Adding interface: batadv_slave_0
[  277.676039][T11147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.683494][T11147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  277.687444][T11147] batman_adv: batadv0: Adding interface: batadv_slave_1
[  277.689491][T11147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  277.698522][T11147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.210460][T11168] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1410'.
[  278.325968][T11147] hsr_slave_0: entered promiscuous mode
[  278.328015][T11147] hsr_slave_1: entered promiscuous mode
[  278.330147][T11147] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  278.332242][T11147] Cannot create hsr debugfs directory
[  278.813193][ T5951] Bluetooth: hci4: command tx timeout
[  280.893338][ T5951] Bluetooth: hci4: command tx timeout
[  281.940112][T11147] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  282.096235][T11147] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  282.354262][ T5956] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  282.357530][ T5956] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  282.360793][ T5956] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  282.365841][ T5956] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  282.368078][ T5956] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  282.371035][T11147] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  282.516116][T11147] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  283.975640][T11147] 8021q: adding VLAN 0 to HW filter on device bond0
[  283.987911][T11147] 8021q: adding VLAN 0 to HW filter on device team0
[  283.994989][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.997771][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  284.006737][T11182] chnl_net:caif_netlink_parms(): no params data found
[  284.022336][ T7031] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.024958][ T7031] bridge0: port 2(bridge_slave_1) entered forwarding state
[  284.415581][ T5951] Bluetooth: hci5: command tx timeout
[  284.474523][ T5956] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  284.478320][ T5956] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  284.481782][ T5956] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  284.486063][ T5956] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  284.488456][ T5956] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  286.048328][T11147] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  286.052477][T11147] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  286.301856][T10888] ==================================================================
[  286.304183][T10888] BUG: KASAN: slab-out-of-bounds in __list_del_entry_valid_or_report+0x1d4/0x200
[  286.306861][T10888] Read of size 8 at addr ffff888079929550 by task syz.5.1326/10888
[  286.310934][T10888] 
[  286.311661][T10888] CPU: 3 UID: 0 PID: 10888 Comm: syz.5.1326 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  286.311675][T10888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.311681][T10888] Call Trace:
[  286.311685][T10888]  <TASK>
[  286.311689][T10888]  dump_stack_lvl+0x116/0x1f0
[  286.311706][T10888]  print_report+0xc3/0x670
[  286.311721][T10888]  ? __virt_addr_valid+0x5e/0x590
[  286.311736][T10888]  ? __phys_addr+0xc6/0x150
[  286.311750][T10888]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  286.311764][T10888]  kasan_report+0xe0/0x110
[  286.311772][T10888]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  286.311786][T10888]  __list_del_entry_valid_or_report+0x1d4/0x200
[  286.311800][T10888]  bt_accept_unlink+0x34/0x2e0
[  286.311810][T10888]  l2cap_sock_teardown_cb+0x1a3/0x3c0
[  286.311824][T10888]  l2cap_chan_del+0xba/0x8f0
[  286.311839][T10888]  l2cap_conn_del+0x37a/0x730
[  286.311860][T10888]  ? hci_cmd_sync_dequeue+0x191/0x1f0
[  286.311880][T10888]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  286.311899][T10888]  l2cap_disconn_cfm+0x96/0xd0
[  286.311920][T10888]  hci_conn_hash_flush+0x10b/0x260
[  286.311942][T10888]  hci_dev_close_sync+0x602/0x11d0
[  286.311961][T10888]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  286.311980][T10888]  ? up_write+0x1b2/0x520
[  286.311998][T10888]  hci_dev_do_close+0x2e/0x90
[  286.312016][T10888]  hci_unregister_dev+0x213/0x620
[  286.312036][T10888]  ? __pfx_vhci_release+0x10/0x10
[  286.312059][T10888]  vhci_release+0x79/0xf0
[  286.312080][T10888]  __fput+0x3ff/0xb70
[  286.312098][T10888]  task_work_run+0x14d/0x240
[  286.312114][T10888]  ? __pfx_task_work_run+0x10/0x10
[  286.312127][T10888]  do_exit+0xafb/0x2c30
[  286.312137][T10888]  ? __pfx_do_exit+0x10/0x10
[  286.312144][T10888]  ? cgroup_update_frozen_flag+0x107/0x210
[  286.312160][T10888]  ? find_held_lock+0x2b/0x80
[  286.312172][T10888]  do_group_exit+0xd3/0x2a0
[  286.312180][T10888]  get_signal+0x2673/0x26d0
[  286.312194][T10888]  ? hrtimer_nanosleep+0x187/0x380
[  286.312206][T10888]  ? __pfx_get_signal+0x10/0x10
[  286.312219][T10888]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  286.312229][T10888]  arch_do_signal_or_restart+0x8f/0x7d0
[  286.312249][T10888]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  286.312264][T10888]  ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10
[  286.312278][T10888]  syscall_exit_to_user_mode+0x150/0x2a0
[  286.312292][T10888]  __do_fast_syscall_32+0x80/0x120
[  286.312306][T10888]  do_fast_syscall_32+0x32/0x80
[  286.312320][T10888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.312332][T10888] RIP: 0023:0xf7f72579
[  286.312342][T10888] Code: Unable to access opcode bytes at 0xf7f7254f.
[  286.312349][T10888] RSP: 002b:00000000f5096460 EFLAGS: 00000293 ORIG_RAX: 000000000000010b
[  286.312363][T10888] RAX: fffffffffffffdfc RBX: 0000000000000000 RCX: 0000000000000000
[  286.312373][T10888] RDX: 00000000f5096494 RSI: 00000000f509648c RDI: 00000000f5096494
[  286.312383][T10888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.312392][T10888] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  286.312400][T10888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.312413][T10888]  </TASK>
[  286.312418][T10888] 
[  286.409736][T10888] Allocated by task 11147:
[  286.410970][T10888]  kasan_save_stack+0x33/0x60
[  286.412298][T10888]  kasan_save_track+0x14/0x30
[  286.413612][T10888]  __kasan_kmalloc+0xaa/0xb0
[  286.414889][T10888]  __kvmalloc_node_noprof+0x279/0x600
[  286.416378][T10888]  alloc_netdev_mqs+0xd2/0x1570
[  286.417776][T10888]  rtnl_create_link+0xc10/0xfa0
[  286.419131][T10888]  veth_newlink+0x1fc/0xa00
[  286.420385][T10888]  rtnl_newlink+0xc42/0x2000
[  286.421684][T10888]  rtnetlink_rcv_msg+0x95b/0xe90
[  286.423072][T10888]  netlink_rcv_skb+0x16a/0x440
[  286.424345][T10888]  netlink_unicast+0x53a/0x7f0
[  286.425740][T10888]  netlink_sendmsg+0x8d1/0xdd0
[  286.427168][T10888]  __sys_sendto+0x495/0x510
[  286.428518][T10888]  __do_compat_sys_socketcall+0x60a/0x720
[  286.430102][T10888]  __do_fast_syscall_32+0x73/0x120
[  286.431528][T10888]  do_fast_syscall_32+0x32/0x80
[  286.432919][T10888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.434660][T10888] 
[  286.435341][T10888] The buggy address belongs to the object at ffff888079928000
[  286.435341][T10888]  which belongs to the cache kmalloc-cg-4k of size 4096
[  286.439227][T10888] The buggy address is located 1960 bytes to the right of
[  286.439227][T10888]  allocated 3496-byte region [ffff888079928000, ffff888079928da8)
[  286.443211][T10888] 
[  286.443883][T10888] The buggy address belongs to the physical page:
[  286.445672][T10888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79928
[  286.448064][T10888] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  286.450394][T10888] memcg:ffff888074dc9dc1
[  286.451564][T10888] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  286.454036][T10888] page_type: f5(slab)
[  286.455573][T10888] raw: 04fff00000000040 ffff88801b44c280 dead000000000122 0000000000000000
[  286.458818][T10888] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff888074dc9dc1
[  286.462029][T10888] head: 04fff00000000040 ffff88801b44c280 dead000000000122 0000000000000000
[  286.465283][T10888] head: 0000000000000000 0000000000040004 00000000f5000000 ffff888074dc9dc1
[  286.468572][T10888] head: 04fff00000000003 ffffea0001e64a01 00000000ffffffff 00000000ffffffff
[  286.471831][T10888] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  286.475084][T10888] page dumped because: kasan: bad access detected
[  286.477518][T10888] page_owner tracks the page as allocated
[  286.479693][T10888] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd60c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 11147, tgid 11147 (syz-executor), ts 278335539189, free_ts 278325385665
[  286.486498][T10888]  post_alloc_hook+0x181/0x1b0
[  286.488020][T10888]  get_page_from_freelist+0x1193/0x39b0
[  286.489651][T10888]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  286.491900][T10888]  alloc_pages_mpol+0x1fb/0x550
[  286.493790][T10888]  new_slab+0x23c/0x330
[  286.495400][T10888]  ___slab_alloc+0xd9c/0x1940
[  286.497198][T10888]  __slab_alloc.constprop.0+0x56/0xb0
[  286.499237][T10888]  __kvmalloc_node_noprof+0x3a6/0x600
[  286.501277][T10888]  alloc_netdev_mqs+0xd2/0x1570
[  286.503144][T10888]  rtnl_create_link+0xc10/0xfa0
[  286.505024][T10888]  veth_newlink+0x1fc/0xa00
[  286.506790][T10888]  rtnl_newlink+0xc42/0x2000
[  286.508619][T10888]  rtnetlink_rcv_msg+0x95b/0xe90
[  286.510507][T10888]  netlink_rcv_skb+0x16a/0x440
[  286.512306][T10888]  netlink_unicast+0x53a/0x7f0
[  286.514155][T10888]  netlink_sendmsg+0x8d1/0xdd0
[  286.516000][T10888] page last free pid 11147 tgid 11147 stack trace:
[  286.518299][T10888]  __free_frozen_pages+0x69d/0xff0
[  286.519709][T10888]  __put_partials+0x16d/0x1c0
[  286.521072][T10888]  qlist_free_all+0x4e/0x120
[  286.522574][T10888]  kasan_quarantine_reduce+0x195/0x1e0
[  286.524610][T10888]  __kasan_slab_alloc+0x69/0x90
[  286.526202][T10888]  __kmalloc_noprof+0x1d4/0x510
[  286.527987][T10888]  __register_sysctl_table+0xea2/0x1900
[  286.530105][T10888]  __devinet_sysctl_register+0x1b9/0x360
[  286.532248][T10888]  devinet_sysctl_register+0x17b/0x200
[  286.534350][T10888]  inetdev_init+0x2b8/0x5a0
[  286.536114][T10888]  inetdev_event+0xc5f/0x18a0
[  286.537938][T10888]  notifier_call_chain+0xb9/0x410
[  286.539900][T10888]  call_netdevice_notifiers_info+0xbe/0x140
[  286.542156][T10888]  register_netdevice+0x182e/0x2270
[  286.544143][T10888]  hsr_dev_finalize+0x6cb/0xbe0
[  286.546034][T10888]  hsr_newlink+0x46e/0xa00
[  286.547747][T10888] 
[  286.548718][T10888] Memory state around the buggy address:
[  286.550844][T10888]  ffff888079929400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.553870][T10888]  ffff888079929480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.556914][T10888] >ffff888079929500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.559433][T10888]                                                  ^
[  286.561301][T10888]  ffff888079929580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.563875][T10888]  ffff888079929600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  286.566760][T10888] ==================================================================
[  286.573437][T10888] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  286.575472][T10888] CPU: 2 UID: 0 PID: 10888 Comm: syz.5.1326 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) 
[  286.578697][T10888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.581659][T10888] Call Trace:
[  286.582640][T10888]  <TASK>
[  286.583491][T10888]  dump_stack_lvl+0x3d/0x1f0
[  286.584817][T10888]  panic+0x71c/0x800
[  286.585927][T10888]  ? __pfx_panic+0x10/0x10
[  286.587169][T10888]  ? irqentry_exit+0x3b/0x90
[  286.588497][T10888]  ? lockdep_hardirqs_on+0x7c/0x110
[  286.589939][T10888]  ? preempt_schedule_thunk+0x16/0x30
[  286.591426][T10888]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  286.593364][T10888]  ? preempt_schedule_common+0x44/0xc0
[  286.594880][T10888]  ? check_panic_on_warn+0x1f/0xb0
[  286.596307][T10888]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  286.598070][T10888]  check_panic_on_warn+0xab/0xb0
[  286.599456][T10888]  end_report+0x107/0x170
[  286.600682][T10888]  kasan_report+0xee/0x110
[  286.601957][T10888]  ? __list_del_entry_valid_or_report+0x1d4/0x200
[  286.603765][T10888]  __list_del_entry_valid_or_report+0x1d4/0x200
[  286.605513][T10888]  bt_accept_unlink+0x34/0x2e0
[  286.606843][T10888]  l2cap_sock_teardown_cb+0x1a3/0x3c0
[  286.608349][T10888]  l2cap_chan_del+0xba/0x8f0
[  286.609690][T10888]  l2cap_conn_del+0x37a/0x730
[  286.611043][T10888]  ? hci_cmd_sync_dequeue+0x191/0x1f0
[  286.612673][T10888]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  286.614231][T10888]  l2cap_disconn_cfm+0x96/0xd0
[  286.615573][T10888]  hci_conn_hash_flush+0x10b/0x260
[  286.617000][T10888]  hci_dev_close_sync+0x602/0x11d0
[  286.618459][T10888]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  286.619998][T10888]  ? up_write+0x1b2/0x520
[  286.621225][T10888]  hci_dev_do_close+0x2e/0x90
[  286.622672][T10888]  hci_unregister_dev+0x213/0x620
[  286.624058][T10888]  ? __pfx_vhci_release+0x10/0x10
[  286.625481][T10888]  vhci_release+0x79/0xf0
[  286.626815][T10888]  __fput+0x3ff/0xb70
[  286.627821][T10888]  task_work_run+0x14d/0x240
[  286.629219][T10888]  ? __pfx_task_work_run+0x10/0x10
[  286.630640][T10888]  do_exit+0xafb/0x2c30
[  286.631838][T10888]  ? __pfx_do_exit+0x10/0x10
[  286.633133][T10888]  ? cgroup_update_frozen_flag+0x107/0x210
[  286.634729][T10888]  ? find_held_lock+0x2b/0x80
[  286.636080][T10888]  do_group_exit+0xd3/0x2a0
[  286.637413][T10888]  get_signal+0x2673/0x26d0
[  286.638709][T10888]  ? hrtimer_nanosleep+0x187/0x380
[  286.640134][T10888]  ? __pfx_get_signal+0x10/0x10
[  286.641543][T10888]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  286.642931][T10888]  arch_do_signal_or_restart+0x8f/0x7d0
[  286.644474][T10888]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  286.646185][T10888]  ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10
[  286.648088][T10888]  syscall_exit_to_user_mode+0x150/0x2a0
[  286.649685][T10888]  __do_fast_syscall_32+0x80/0x120
[  286.651114][T10888]  do_fast_syscall_32+0x32/0x80
[  286.652561][T10888]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  286.654303][T10888] RIP: 0023:0xf7f72579
[  286.655440][T10888] Code: Unable to access opcode bytes at 0xf7f7254f.
[  286.657267][T10888] RSP: 002b:00000000f5096460 EFLAGS: 00000293 ORIG_RAX: 000000000000010b
[  286.659551][T10888] RAX: fffffffffffffdfc RBX: 0000000000000000 RCX: 0000000000000000
[  286.661788][T10888] RDX: 00000000f5096494 RSI: 00000000f509648c RDI: 00000000f5096494
[  286.663945][T10888] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  286.666126][T10888] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  286.668315][T10888] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  286.670503][T10888]  </TASK>
[  286.671892][T10888] Kernel Offset: disabled
[  286.673112][T10888] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:28:33  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90029837b60 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff84ffd784 RDI=ffffc90029837b60 RBP=ffffffff84ffd770 RSP=ffffc90000007f68
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000000 R13=dffffc0000000000 R14=0000000000000000 R15=ffffc90029837b28
RIP=ffffffff84ffd7ad RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002e20fffc CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b948feaaa1a4c735 4fa25d3aa587cf11
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 25c72a49ef9719ff fffc1bba31b04745
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c2e62b83092eaf1 a30348e81d5a1dc7
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bcd66b8961a2d491 0de5fd7f03114a43
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d3c15605ddaa4a83 0bb653e897b2a474
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e3814e2a090fa33 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f4125ac6c10d9a7 36385c6bbb457ae6
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f75e0d9400000000 58472a6535067e74
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 87bbbd068b5fe792 8c469c425958a3b7
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 56f1c8615fa2aa16 4eb331c2052659f3
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88802b339f00 RCX=0000000000000000 RDX=1ffff110056a7546
RSI=0000000000000004 RDI=ffff88802b53aa30 RBP=ffff88802b539f00 RSP=ffffc9000046fae8
R8 =0000000000000001 R9 =fffff5200008df49 R10=0000000000000003 R11=0000000000000000
R12=ffff88802b239f00 R13=0000000000000002 R14=ffff88802b339f00 R15=dffffc0000000000
RIP=ffffffff8189acd4 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008056a000 CR3=000000006918e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 14d854b77352963a 8b850e54469d723f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9b837f2855db5b1a ce821a62661e27c2
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bdaa43ce69d33cec 00ed84c6ea2e1e6b
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1276b6f017f2d33c 8cc83a5a37fd8843
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63743737f66ee774 4c8b4cfb5ae3dcde
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aaa050e99d98c485 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d42e68eb6620add4 97bc393745585c58
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 502e071d00000000 af4b6fd7e8b5e22a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ded81a22625d4049 9aef1b44c2db0e32
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f039737b6227d743 d1a54ebe695dbf51
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000007 RBX=ffff888023730b40 RCX=00000000d422b9a2 RDX=0000000000000000
RSI=ffff888023730b40 RDI=ffff888023730b40 RBP=ffff888023730af0 RSP=ffffc900046567c8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000002 R11=0000000000000000
R12=0000000000000007 R13=0000000000000001 R14=ffff888023730000 R15=0000000000000000
RIP=ffffffff8197ad33 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7224790 CR3=000000005df92000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff854bd305 RDI=ffffffff9ae12bc0 RBP=ffffffff9ae12b80 RSP=ffffc90021dff248
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3730383838666666
R12=0000000000000000 R13=0000000000000005 R14=ffffffff9ae12b80 R15=ffffffff854bd2a0
RIP=ffffffff854bd32f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ab9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f255c0 CR3=000000004d2b4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=0f4c7ee8f185541f c556d0106d155822 0f4c7ee8f185541f c556d0106d155822 0f4c7ee8f185541f c556d0106d155822 0f4c7ee8f185541f c556d0106d155822
ZMM18=352eb6dbdabfbd50 83a75bbb8f6f0673 352eb6dbdabfbd50 83a75bbb8f6f0673 352eb6dbdabfbd50 83a75bbb8f6f0673 352eb6dbdabfbd50 83a75bbb8f6f0673
ZMM19=ce0a000000000000 0000000000000018 ce0a000000000000 0000000000000017 ce0a000000000000 0000000000000016 ce0a000000000000 0000000000000015
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=c556d010c556d010 c556d010c556d010 c556d010c556d010 c556d010c556d010 c556d010c556d010 c556d010c556d010 c556d010c556d010 c556d010c556d010
ZMM22=f185541ff185541f f185541ff185541f f185541ff185541f f185541ff185541f f185541ff185541f f185541ff185541f f185541ff185541f f185541ff185541f
ZMM23=0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8 0f4c7ee80f4c7ee8
ZMM24=8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673 8f6f06738f6f0673
ZMM25=83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb 83a75bbb83a75bbb
ZMM26=dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50 dabfbd50dabfbd50
ZMM27=352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db 352eb6db352eb6db
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000 ce0a0000ce0a0000