last executing test programs:

6m58.993478912s ago: executing program 3 (id=456):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2716, 0x0, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x20020680)
r4 = syz_io_uring_setup(0x10b, &(0x7f00000000c0)={0x0, 0x0, 0x80, 0x1, 0x2000008}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000009c0)='net/tcp6\x00')
r8 = openat$nvram(0xffffff9c, &(0x7f00000000c0), 0x2880, 0x0)
read$FUSE(r8, &(0x7f0000000d40)={0x2020}, 0xfffffffffffffd7c)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r9, 0x0)
read$FUSE(r7, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r10, 0x0, 0x31, &(0x7f0000000d00)=0x1, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x50, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, r0)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x44)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
r12 = syz_open_dev$media(&(0x7f0000000040), 0x20, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r12, 0xc0487c04, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/../file0\x00', 0x2b442, 0x2)

6m58.544013812s ago: executing program 3 (id=458):
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r3, &(0x7f0000001040)=[{&(0x7f0000000040)='\n', 0x1}], 0x1)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x910ec27568a00e35, 0x40000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1a00fe00000000bda100000000000007010000f8ffffffb702000008000000b70300000000000085000000760000009500000000000000d36b59ac17a5"], &(0x7f0000000180)='GPL\x00', 0x9}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$cdrom(0xffffff9c, &(0x7f00000012c0), 0x42880, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d20"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
syz_usbip_server_init(0x3)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000080)='./file1\x00', 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r5, 0x1, &(0x7f0000000340)={0x2040, r4}, 0x0)
landlock_restrict_self(r5, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000500000004000000000000070200000000002e0000d0674e9301023d7abd46b3e5001453ae9e8f90701d69b5840c6970fab948c27ff62c4a2231c76875e7c58d69b65c2c3a73551a4377"], 0x0, 0x29}, 0x28)
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)

6m57.176538441s ago: executing program 3 (id=460):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x1200040, &(0x7f0000000540)={[{@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x6b]}}]})
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r3, 0x0, 0x0, 0x0, 0x80000})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000340)=@IORING_OP_FSYNC={0x3, 0x22, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r6}})
mknodat(0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000100)='./file5\x00', r1, &(0x7f0000000600)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

6m57.103900258s ago: executing program 3 (id=462):
r0 = socket$kcm(0x2d, 0x2, 0x0)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x40041)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x4, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x20000000, 0x4041}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0)
getsockname$packet(r5, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x40)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, 0x2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, 0x20878, 0x1a201}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80d0}, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x2080)
ioctl$LOOP_SET_FD(r7, 0x4c00, r3)
dup2(r3, r1)

6m56.995856711s ago: executing program 3 (id=463):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x8b2c, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRES32=0x0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xc2354000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
chdir(0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000000)={0x12f, &(0x7f0000000080)=[{}, {}, {}]}) (fail_nth: 4)

6m56.753880077s ago: executing program 3 (id=465):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f00000002c0)='./file1\x00', 0x20)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000007c0)='usrquota')
chdir(&(0x7f0000000100)='./file1\x00')
r0 = open(&(0x7f0000000080)='./bus\x00', 0x4001410c2, 0x766c618eb221465a)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, 0x0, &(0x7f0000000040)={0x1, 0xfffffffffffffffc})
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x210f, &(0x7f0000000480)={0x0, 0xe7ae, 0x0, 0x2, 0x3}, &(0x7f0000000440)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
get_robust_list(0x0, 0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x0, &(0x7f0000000300)=0x3, 0x0, 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
getpeername$ax25(r4, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x99, 0x11e40e7a, 0x7, 0xffffffff, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x0, 0x0, 0x7fffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x20000002)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x300, 0x0, 0x24000000}, 0x0)

6m56.714821864s ago: executing program 32 (id=465):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f00000002c0)='./file1\x00', 0x20)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000007c0)='usrquota')
chdir(&(0x7f0000000100)='./file1\x00')
r0 = open(&(0x7f0000000080)='./bus\x00', 0x4001410c2, 0x766c618eb221465a)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, 0x0, &(0x7f0000000040)={0x1, 0xfffffffffffffffc})
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x210f, &(0x7f0000000480)={0x0, 0xe7ae, 0x0, 0x2, 0x3}, &(0x7f0000000440)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
get_robust_list(0x0, 0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x0, &(0x7f0000000300)=0x3, 0x0, 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
getpeername$ax25(r4, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x99, 0x11e40e7a, 0x7, 0xffffffff, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x0, 0x0, 0x7fffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x20000002)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x300, 0x0, 0x24000000}, 0x0)

4m17.203966695s ago: executing program 1 (id=1384):
r0 = io_uring_setup(0x7ee1, &(0x7f0000000bc0)={0x0, 0x1cc1, 0x40, 0x2, 0x383})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000040)={{@local, 0x200001}, @local, 0x8, 0x6, 0x401, 0x80000004, 0x24d, 0x10001, 0x9})
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)

4m17.182078674s ago: executing program 1 (id=1385):
r0 = io_uring_setup(0x7ee1, &(0x7f0000000bc0)={0x0, 0x1cc1, 0x40, 0x2, 0x383})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
fstat(r2, 0x0)
ioctl$CDROM_SELECT_DISK(r2, 0x5322, 0xb)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000040)={{@local, 0x200001}, @local, 0x8, 0x6, 0x401, 0x80000004, 0x24d, 0x10001, 0x9})
r3 = openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f00000000c0)={@my=0x0, 0x3})
close_range(r0, 0xffffffffffffffff, 0x0)

4m16.877172006s ago: executing program 1 (id=1386):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='uid_map\x00')
write$FUSE_BMAP(r0, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000e00), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x9, 0xffff, 0x0, 0x0, 0x0})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="80000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffe02}, {}, {0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0xc5}}]}, &(0x7f00000002c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_elf64(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="9d"], 0x40)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae09, &(0x7f0000000000))
ioctl$USBDEVFS_SETCONFIGURATION(r1, 0x80045505, &(0x7f0000000040)=0xfff)

4m16.850807864s ago: executing program 1 (id=1387):
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe11)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90424fc60", 0x14}], 0x1}, 0x0)

4m16.811925588s ago: executing program 1 (id=1388):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x28}, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x10000, 0x200, 0x1, 0x10880, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x5}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, 0x0)
openat$nvme_fabrics(0xffffff9c, &(0x7f0000000280), 0x103, 0x0)
r4 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0xc20, 0x80]}, 0x8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0x0, 0xb}, 0xc)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280)=[r7]}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r7}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0x5, &(0x7f0000000040)=@raw=[@call={0x85, 0x0, 0x0, 0x15}, @call={0x85, 0x0, 0x0, 0xd0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x2ef2, 0x0, 0x0, 0x0, 0x8}, @alu={0x7, 0x0, 0x2, 0xa, 0x9, 0x30}], &(0x7f00000000c0)='syzkaller\x00', 0x3, 0x1000, &(0x7f00000004c0)=""/4096, 0x40f00, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x4, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x152b, r1, 0x0, &(0x7f0000000140)=[r2, r3, 0xffffffffffffffff, r4, r5, r6, r7], 0x0, 0x10, 0x7ff}, 0x94)

4m16.810114336s ago: executing program 1 (id=1389):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)

4m2.291012466s ago: executing program 33 (id=1389):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)

3.603259092s ago: executing program 2 (id=2781):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="340000001300000007006800", @ANYRES8=r2, @ANYBLOB="000900006522020014001a8009000100766c616e0000000004000480"], 0x34}, 0x1, 0x0, 0x0, 0x20080081}, 0x8004)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x2000000000000117, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES16=0x0, @ANYRES64=r0], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x44, '\x00', r1, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f00000009c0)={&(0x7f0000000200)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x20040000)
ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x1, 0x100, &(0x7f0000000a00)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
ioctl$VT_DISALLOCATE(r5, 0x5608)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x9)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000"], 0x7c}}, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x2404c857)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x18)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r9, 0x3f00)
ppoll(&(0x7f00000002c0)=[{r8, 0x101}], 0x1, 0x0, &(0x7f0000000340)={[0x3]}, 0x8)

3.178598409s ago: executing program 2 (id=2783):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4080)

2.719188921s ago: executing program 4 (id=2787):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000002000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r1, 0x58, &(0x7f0000000100)}, 0x87)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, 0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000a40)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

2.601859369s ago: executing program 4 (id=2789):
r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r0, 0x0)
syz_clone(0x820fff5, 0x0, 0x0, 0x0, 0x0, 0x0)

2.51969379s ago: executing program 4 (id=2790):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000140)="b3", 0x1}], 0xfffb)

2.328484272s ago: executing program 0 (id=2791):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x3)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000005010040"])
r2 = dup(r0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
getsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000000280)={@remote, @initdev, <r4=>0x0}, &(0x7f0000000380)=0xc)
ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f00000003c0)={@loopback, 0x23, r4})
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='block_split\x00', r2, 0x0, 0x25cd7166}, 0x18)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b00000000000119078000000000000000000004e20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f17d5db8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x2, &(0x7f00000000c0)=[{0x2b, 0xff, 0x2, 0x17d}, {0x8, 0xf9, 0x80}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'geneve0\x00'})
recvmmsg(r5, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}, 0xa1}, {{0x0, 0x0, 0x0}, 0x1ff}], 0x2, 0x0, 0x0)

2.230905684s ago: executing program 2 (id=2792):
fsopen(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x48)
socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x1c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x300)
fsmount(r4, 0x0, 0x3)

1.662193606s ago: executing program 5 (id=2795):
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_getevents(r1, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0)
io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0}])
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)={0x34, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x96c}]]}, 0x34}}, 0x40)
sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r4, 0x200, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4050)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305828, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x2, 0xa4b1, 0x2, 0x100000000fc})
write$sysctl(r5, &(0x7f00000002c0)='1\x00', 0x2)

1.389088562s ago: executing program 0 (id=2796):
r0 = syz_open_dev$sndctrl(&(0x7f0000002800), 0x1f, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000040)={0x9, 0x3, 0x1c4, 0x7d, '\x00', '\x00', '\x00', 0x8, 0x3, 0x3, 0x0, "54e91addb61d16b9d4c5ff739c5cb0f6"})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000000)=0x40006)
close(r1)

1.308471756s ago: executing program 2 (id=2797):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c60ebab1b4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc28d0072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd5adb8e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d01006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff6f16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c64ac4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b059bc295aa0e38ff07edc3492b96e73d2060acfd8145e4a5851bc4d6fdc5ad939de5bfce461b42acd7da8842572825d1587795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb284fcfde9015769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e10000000000000008c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f010a5e83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443a6a64c7803760880af23fb3f430a5d11fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d172a9c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630ed5a0c2261bc2d5de6ee174534b8dfc0432ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79aa2832c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574bda31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca67905e877893646d185a75582f866785af6b0149e336c31fb177e3e85f4c60cbbde4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec387a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398552694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3045b9c790984c6fb65fd7887bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212dedd245b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e000000000000000000000087b97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699f61acdc8e36010d76093ddd227df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfb832e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eebf33a260a9b26477267"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff02c66b0d698cb89e2fe086dd1f74ffff061a0e00fe80000000ffff00ac14140746647b7954c4c06b580febc28eb143d0f6c0bad63a67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

1.300216156s ago: executing program 0 (id=2798):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000002000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r1, 0x58, &(0x7f0000000100)}, 0x87)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, 0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000a40)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

1.194186625s ago: executing program 2 (id=2799):
r0 = io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r1, 0x3)
io_setup(0x81, &(0x7f0000001440)=<r2=>0x0)
r3 = syz_io_uring_setup(0x22af8, &(0x7f0000000600)={0x0, 0x0, 0x1000, 0x20004, 0x71, 0x0, r0}, &(0x7f0000000200), &(0x7f00000001c0))
io_submit(r2, 0x2, &(0x7f0000000400)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2, 0x3, r1, &(0x7f0000000500)="0554cf4041f7ee3d025c9aaf23a690051ffc1a742a899ff3afd99ebe6c11b00f30528f2c5d4c93c0d1ef6b04ae940d8176c42f9bd270b7b08ddad5bfcec16b19527fa5d711d917ecf391a3d9b7157c0a4df0907ff5a0fe4714b167f791927b43576518c55698ec73d603edee747f0a532c8a37805b649e17bf7bca2ac1a280da6664a060fb8881175e639aabee041d7af9f0769270872331fafa1041a166748df2a685f7", 0xa4, 0x71, 0x0, 0x3}])
accept4(r1, 0x0, 0x0, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000000), 0x800, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x8000, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000380), 0x85881)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r5, &(0x7f0000000040)=[{0x1e, 0xb7, 0x0, 0x0, @tick, {0x0, 0xfb}, {}, @raw32}], 0x1c)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x309700)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r6, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x3}, 0x7ff})
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
write$sndseq(r7, &(0x7f0000000180)=[{0x20, 0x0, 0x8, 0xfd, @time={0x800009, 0x4}, {}, {}, @time=@time={0x8, 0x3}}, {0x3, 0x2, 0x1, 0x0, @tick=0x45e, {0x24, 0x9}, {0x7}, @raw8={"c60e2e727ebc8bd0449d9edb"}}], 0x38)
fadvise64(r1, 0x9, 0x3, 0x5)
r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xec1e, &(0x7f0000006680))
semget$private(0x0, 0x2, 0x26a)
getsockopt$bt_BT_DEFER_SETUP(r10, 0x112, 0xf, &(0x7f0000000040), &(0x7f0000000080)=0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r9, 0x0)
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f00000000c0)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400000000000001, 0x4, 0x2, 0x1, 0x0, 0xfffffffffffffffc, 0xf043, 0x0, 0x5, 0x1, 0xfffffffffffffffd], 0x100001, 0xa100})
r11 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='auxv\x00')
preadv(r11, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/110, 0x6e}, {0x0, 0x34}], 0x2, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

1.165385813s ago: executing program 0 (id=2800):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4080)

1.031354423s ago: executing program 2 (id=2801):
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x40)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = openat$uinput(0xffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_SET_PHYS(r1, 0x4004556c, &(0x7f00000000c0)='syz1\x00')
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)={0x34, r3, 0x1, 0x0, 0x0, {0x54}, [@nsim={{0xe, 0x2}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x15)
writev(r7, &(0x7f0000000280)=[{&(0x7f00000001c0)}], 0x1)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f60c01a83d88008135048567c566a31077d12879017186ecd8521f2b5fb"], 0x0)

1.030697687s ago: executing program 4 (id=2802):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='inet_sk_error_report\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0xc, &(0x7f0000001480)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
lseek(r1, 0x1800000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r6, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0xbf00, 0xbf})
syz_io_uring_submit(0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3fe, 0x5, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r4, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000640)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, &(0x7f0000000680)=[0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x13, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f0000000740), 0x0, 0x0, 0xb2, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x5, 0x13, &(0x7f0000000b00)=ANY=[@ANYBLOB, @ANYRES64=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000308b020010000000b50201000100000018000000840000000000000003000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], 0x0, 0x1, 0x5d, &(0x7f0000000500)=""/93, 0x40f00, 0x61, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x2, 0x4}, 0x8, 0x10, 0x0, 0x0, r8, 0xffffffffffffffff, 0x1, 0x0, &(0x7f00000003c0)=[{0x5, 0x5, 0xb, 0x1}], 0x10, 0x6}, 0x94)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="3000000010000108000000000000002000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000080004004400000008001b0000000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r9=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0xa49a, 0x30}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000240)={r9, @in={{0x2, 0x4e22, @rand_addr=0x64010102}}, 0x0, 0x6}, 0x88)

485.135909ms ago: executing program 5 (id=2803):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xc, 0x160, &(0x7f00000000c0)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x5, 0xff92, &(0x7f00000003c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x36c, 0x10, &(0x7f0000000000), 0x26}, 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0x280)

481.355657ms ago: executing program 5 (id=2811):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x4, 0xfa, &(0x7f00000007c0)=""/250}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe90, 0x30, 0x25, 0x0, 0x0, {}, [{0xe7c, 0x1, [@m_pedit={0xe78, 0x1, 0x0, 0x0, {{0xa}, {0xe4c, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x28, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe90}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x5, 0x6, 0x8, 0x8, 0x0, 0x2, 0x0, 0x8}, &(0x7f0000000180)={0x9, 0x2, 0x7fff, 0x22c, 0x5, 0x0, 0xa9e, 0x7}, &(0x7f00000001c0)={0x7fffffff, 0x9, 0x81, 0xa1, 0x3, 0xff, 0x1, 0xffff}, &(0x7f0000000200)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000240)={[0xc6]}, 0x8})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="050000000000080000000001fcffff00", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000000000000000000005b979e01d2038d84"], 0x48}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c00000002060108000034e400000000000000020500010006000000050004000000fe000900020073797a3100000000050005000200000012000300686173683a6e65742c706f7274000000ff5b3b87675a"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700e30000000c00018008000140850101010c00028008000140"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

188.729711ms ago: executing program 0 (id=2804):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff0000820095"], &(0x7f0000000100)='GPL\x00', 0x4, 0xfa, &(0x7f00000007c0)=""/250}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newtaction={0xe90, 0x30, 0x25, 0x0, 0x0, {}, [{0xe7c, 0x1, [@m_pedit={0xe78, 0x1, 0x0, 0x0, {{0xa}, {0xe4c, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x28, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe90}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x5, 0x6, 0x8, 0x8, 0x0, 0x2, 0x0, 0x8}, &(0x7f0000000180)={0x9, 0x2, 0x7fff, 0x22c, 0x5, 0x0, 0xa9e, 0x7}, &(0x7f00000001c0)={0x7fffffff, 0x9, 0x81, 0xa1, 0x3, 0xff, 0x1, 0xffff}, &(0x7f0000000200)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000240)={[0xc6]}, 0x8})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="050000000000080000000001fcffff00", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000000000000000000005b979e01d2038d84"], 0x48}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c00000002060108000034e400000000000000020500010006000000050004000000fe000900020073797a3100000000050005000200000012000300686173683a6e65742c706f7274000000ff5b3b87675a"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005000700e30000000c00018008000140850101010c00028008000140"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

188.025925ms ago: executing program 5 (id=2805):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
lsetxattr$security_capability(&(0x7f0000000040)='./bus\x00', &(0x7f0000000100), 0x0, 0x0, 0xf000)

143.213851ms ago: executing program 0 (id=2806):
syz_clone(0x2000211, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x7e00, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', 0x230)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3de, 0x1, &(0x7f0000002440))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000027c0)=@delchain={0x3dc, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x6}, {0x0, 0x1}, {0xe, 0x7}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0xa, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x3a0, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x4}, @TCA_BPF_ACT={0x384, 0x1, [@m_ct={0x2c, 0x4, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_connmark={0x94, 0xa, 0x0, 0x0, {{0xd}, {0x4}, {0x61, 0x6, "55dfaba1400693f529d6afa25b8eb7d54bed2219557eb279b5e086635faf86a5dc7976c30161450eedae7553b4b65af5720b2fda3b8e15951fd7daf40e37b5e0a4b000dab68ce7fb11f95b4f7ac9159c30ce151c2657ddcb721c37f706"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ife={0xfc, 0x4, 0x0, 0x0, {{0x8}, {0x6c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x5, 0x9, 0x4, 0x9, 0xf406}, 0x1}}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x83b7, 0x8, 0x4, 0x10000, 0x9}}}, @TCA_IFE_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, @TCA_IFE_TYPE={0x6, 0x5, 0x2}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x400, 0x20000000}, 0x1}}]}, {0x69, 0x6, "6d6f725e1cb5c003127037e219da497267a6b694eb3849f80000f8728e3a5b80edceea7a6d77bce61308004396843901985b9d7a1b61f8a95ff64b6d0e3e3f9cb358a5a4ffa52b05d767d71c96c10b786049df83bf30ea54c357cc76f6429cf6aa41585994"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_mirred={0x198, 0x19, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x0, 0x3, 0x80, 0x8}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x800, 0x0, 0x0, 0x4, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffff3c, 0x7fff, 0xffffffffffffffff, 0x5, 0x40d1}, 0x5}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xa, 0xf, 0x0, 0x5, 0x5220}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x5, 0x3, 0xffff, 0x4}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x298, 0x5, 0x7, 0x8000, 0x4}, 0x1}}]}, {0xa9, 0x6, "755d2f92bc5e3627dbf0cf9a948f8dc4d750ec51a8a1fdea25fe672647977e3f2edd58177283e71324e5a4f85c6e1f349d2b567228f136118d8122b7716d4bd1d492a9bb1a2488fff0981cd3a0e4d97d329aacca7037fd3e46095ef25f4ae47324a7998d9d3203613bc369c0c03fe927f74dd7a2160dbc027388ae65c18b01b5bc3f05fb96a7c60fb03f250909e9b0470c95a778600e98554adf6512e24893e6d60d6e3b40"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x2c, 0x11, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x3dc}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
r2 = signalfd4(r0, &(0x7f0000002280)={[0x62e0f1a6, 0x8]}, 0x8, 0x80400)
r3 = syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
ioctl$MEDIA_IOC_G_TOPOLOGY(r3, 0xc0487c04, &(0x7f0000002f00)={0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x4, 0x0, &(0x7f0000002d80)=[{}, {0x0, <r4=>0x80000000}, {}, {0x0, 0x80000000, 0x0, {<r5=>0x0}}], 0x0, 0x0, 0x0})
ioctl$MEDIA_IOC_SETUP_LINK(r3, 0xc0347c03, &(0x7f00000009c0)={{0x80000000, r5, 0x4, [0xc, 0x2]}, {r4, 0x0, 0x3, [0xfffffff9, 0xffffff79]}, 0x2, [0x3]})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000140)=0xe4)
syz_emit_ethernet(0x36, &(0x7f0000000fc0)=ANY=[@ANYBLOB="bbbbbb3bbbbbaaaaaaaaaa7f0000002e2caa00003200fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)
r7 = openat$fuse(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
read$FUSE(r7, &(0x7f0000000240)={0x2020, 0x0, 0x0, <r8=>0x0}, 0x2020)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
mmap(&(0x7f00002ff000/0x1000)=nil, 0x1000, 0x2000004, 0xe7ee32aa24a8b8f2, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
wait4(0x0, 0x0, 0x20000000, 0x0)
setreuid(r6, r8)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
write$uinput_user_dev(r2, &(0x7f0000002d00)={'syz1\x00', {0xffff, 0x9, 0x6, 0x4}, 0x1f, [0xd263, 0x1, 0x1, 0x5, 0x5, 0xffffffff, 0x7ff, 0x9, 0xb90, 0x40000100, 0xf, 0x9a4b, 0x2800000, 0xb2, 0x401, 0x8001, 0x6, 0x3, 0x1ff, 0x7, 0x6, 0x6, 0x7, 0x2008000, 0x0, 0x0, 0x7f, 0x87, 0x7, 0x1, 0x81, 0x80000000, 0x3, 0x100, 0x4, 0xb, 0x8, 0x174, 0x985, 0xfe, 0x609, 0xacd4, 0x8, 0x6, 0x8000, 0x4, 0x3, 0x3, 0x2be6c0c0, 0x81, 0x800, 0x3, 0x18, 0x10, 0x0, 0x2, 0x100, 0x7, 0x7, 0x9, 0xa, 0xd, 0x8, 0x9], [0x9, 0x1, 0x6, 0x9, 0x2, 0x8, 0x5, 0x7ff, 0x73, 0x2, 0x9850, 0x9, 0x7, 0xff, 0x2, 0x3ff, 0x1, 0x80000001, 0x5, 0x20000004, 0x9373, 0x3, 0x7a, 0x6, 0x0, 0x8, 0x7, 0x3, 0xdc, 0x40000, 0x4, 0xea, 0xf952, 0x8000, 0x1, 0x9, 0x10000000, 0x6, 0x1, 0x9, 0x5, 0x9, 0x10000, 0x6, 0x7fffffff, 0x7, 0x8, 0x8, 0x0, 0x80, 0xb83, 0x93, 0x80000001, 0x7, 0x5, 0x5, 0xb, 0x3, 0x7, 0x9, 0x8, 0xa, 0x6000, 0x9], [0x6, 0x6, 0x3, 0x5, 0x101, 0x7, 0x6, 0x6, 0x1, 0xaca7, 0xf5, 0xd9, 0xfff, 0x0, 0xfffeffff, 0x5, 0x9, 0x3, 0x10, 0x9, 0x3, 0x0, 0x10, 0x9, 0x401, 0x0, 0x7, 0x2, 0xfff, 0x8, 0x80, 0x1, 0xb9, 0x8819, 0x3, 0x6, 0x4, 0xb6, 0x101, 0xab13, 0x10000, 0x400, 0xf232, 0x6, 0x7, 0x3, 0x1, 0x1, 0x9, 0x5f32, 0x401, 0x2, 0x8, 0x0, 0x8, 0x1, 0xffffffff, 0x1, 0x6, 0x9, 0x6, 0x0, 0x9, 0x5], [0x6, 0xb3d0, 0x800, 0xf, 0x4ca1, 0x2, 0x7f80, 0x1, 0xfff, 0x1, 0x10001, 0x6, 0x66e7, 0x4, 0xffffffff, 0x7bc4a45a, 0x0, 0x2, 0xc, 0xff, 0x8, 0x2, 0x10000, 0x0, 0xb, 0x3, 0x6, 0x1, 0x5, 0x5, 0xf0000000, 0xb9, 0x5, 0x3, 0x7, 0x2, 0x8488, 0x0, 0x7, 0x5, 0x1000, 0xffffff6d, 0xa, 0x8, 0x800, 0xff, 0x9, 0x4, 0xe0f, 0x0, 0x0, 0x4, 0x22, 0x9, 0x3, 0xfffffffa, 0x6, 0x9, 0x0, 0x7b, 0x9, 0x1, 0x4, 0xb]}, 0x45c)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

114.588393ms ago: executing program 4 (id=2807):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
setresuid(0x0, 0xee00, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000500)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000079b0bb3a53ab1200f5d01a68a4acdec49d6a7aa90b8e8b9c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929b3c2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce207e5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b00700bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b4198a5a06850c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad204c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502960a1dde9dbf62586ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e6795156e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae94b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecd20286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25f8d4e65d243b7eab91063a7bfd8b7b239e39fbbb32b5c9517886287a1877cd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d128c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca803422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)

69.427072ms ago: executing program 4 (id=2808):
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x8040, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000a00)=""/4096, 0x1000}], 0x1, 0xa3, 0x1)

35.832918ms ago: executing program 5 (id=2809):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000002000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f00000006c0)={r1, 0x58, &(0x7f0000000100)}, 0x87)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, 0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000a40)={0x24, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

0s ago: executing program 5 (id=2810):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x105, 0x1800003a, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x41009432, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
epoll_create1(0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x38}}, 0x44080)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xf}, {0xa, 0xa}, {0x6}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x48, 0x2, {{0x7, 0x8, 0x4, 0x0, 0x7}, 0xf0, 0x1, 0x31a, 0x3, 0x88a, 0xd, 0x8e, 0x1f, 0x3, 0xff, {0x4415, 0x2, 0x800, 0x5, 0x0, 0x5}}}}]}, 0x78}}, 0x4000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

kernel console output (not intermixed with test programs):

9 Comm: syz.4.1899 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  376.291291][T13379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  376.291299][T13379] Call Trace:
[  376.291303][T13379]  <TASK>
[  376.291307][T13379]  dump_stack_lvl+0x16c/0x1f0
[  376.291328][T13379]  should_fail_ex+0x512/0x640
[  376.291346][T13379]  _copy_to_user+0x32/0xd0
[  376.291357][T13379]  con_get_unimap+0x2de/0x460
[  376.291374][T13379]  vt_compat_ioctl+0x47c/0x4e0
[  376.291389][T13379]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  376.291402][T13379]  ? hook_file_ioctl_common+0x145/0x410
[  376.291417][T13379]  ? __fget_files+0x20e/0x3c0
[  376.291432][T13379]  ? __pfx_fput+0x10/0x10
[  376.291443][T13379]  ? __pfx_vt_compat_ioctl+0x10/0x10
[  376.291456][T13379]  tty_compat_ioctl+0x2f1/0x4d0
[  376.291466][T13379]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  376.291476][T13379]  __ia32_compat_sys_ioctl+0x23f/0x370
[  376.291491][T13379]  __do_fast_syscall_32+0x7c/0x3a0
[  376.291509][T13379]  do_fast_syscall_32+0x32/0x80
[  376.291525][T13379]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  376.291539][T13379] RIP: 0023:0xf7f78579
[  376.291546][T13379] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  376.291557][T13379] RSP: 002b:00000000f505455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  376.291567][T13379] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000004b66
[  376.291573][T13379] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  376.291579][T13379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  376.291584][T13379] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  376.291590][T13379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.291603][T13379]  </TASK>
[  376.689098][ T5954] Bluetooth: hci1: command 0x0c1a tx timeout
[  376.840365][ T5954] Bluetooth: hci4: command 0x0405 tx timeout
[  377.737541][T13410] fuse: Bad value for 'user_id'
[  377.739161][T13410] fuse: Bad value for 'user_id'
[  377.817368][T13404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1904'.
[  377.820064][T13404] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1904'.
[  377.826393][T13404] bridge7: entered promiscuous mode
[  377.827985][T13404] bridge7: entered allmulticast mode
[  377.869978][T13403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1905'.
[  377.873515][T13403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1905'.
[  377.883200][T13403] bridge9: entered promiscuous mode
[  377.885372][T13403] bridge9: entered allmulticast mode
[  378.006509][T13420] FAULT_INJECTION: forcing a failure.
[  378.006509][T13420] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  378.010777][T13420] CPU: 3 UID: 0 PID: 13420 Comm: syz.4.1911 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  378.010795][T13420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  378.010802][T13420] Call Trace:
[  378.010806][T13420]  <TASK>
[  378.010810][T13420]  dump_stack_lvl+0x16c/0x1f0
[  378.010830][T13420]  should_fail_ex+0x512/0x640
[  378.010848][T13420]  should_fail_alloc_page+0xe7/0x130
[  378.010861][T13420]  prepare_alloc_pages+0x3c2/0x610
[  378.010876][T13420]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  378.010894][T13420]  ? __pfx_stack_trace_save+0x10/0x10
[  378.010907][T13420]  ? stack_depot_save_flags+0x28/0xa40
[  378.010936][T13420]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  378.010954][T13420]  ? kasan_save_stack+0x42/0x60
[  378.010969][T13420]  ? kasan_save_stack+0x33/0x60
[  378.010984][T13420]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  378.010999][T13420]  ? __pmd_alloc+0xbf/0x930
[  378.011010][T13420]  ? handle_mm_fault+0x589/0xd10
[  378.011023][T13420]  ? exc_page_fault+0x5c/0xb0
[  378.011037][T13420]  ? asm_exc_page_fault+0x26/0x30
[  378.011047][T13420]  ? _copy_from_user+0x93/0xd0
[  378.011055][T13420]  ? move_addr_to_kernel+0x65/0x170
[  378.011068][T13420]  ? __sys_bind+0x11b/0x260
[  378.011079][T13420]  ? __ia32_sys_bind+0x71/0xb0
[  378.011090][T13420]  ? __do_fast_syscall_32+0x7c/0x3a0
[  378.011116][T13420]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  378.011133][T13420]  ? policy_nodemask+0xea/0x4e0
[  378.011144][T13420]  alloc_pages_mpol+0x1fb/0x550
[  378.011155][T13420]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  378.011165][T13420]  ? css_rstat_updated+0x9d/0xd30
[  378.011180][T13420]  alloc_pages_noprof+0x131/0x390
[  378.011191][T13420]  pte_alloc_one+0x1c/0x3a0
[  378.011201][T13420]  __pte_alloc+0x6d/0x3c0
[  378.011212][T13420]  ? __pfx___pte_alloc+0x10/0x10
[  378.011223][T13420]  ? _raw_spin_unlock+0x28/0x50
[  378.011236][T13420]  ? __pmd_alloc+0x3fb/0x930
[  378.011249][T13420]  __handle_mm_fault+0x4358/0x5490
[  378.011267][T13420]  ? __pfx___handle_mm_fault+0x10/0x10
[  378.011281][T13420]  ? __pfx_mt_find+0x10/0x10
[  378.011298][T13420]  ? find_vma+0xbf/0x140
[  378.011309][T13420]  ? __pfx_find_vma+0x10/0x10
[  378.011321][T13420]  handle_mm_fault+0x589/0xd10
[  378.011336][T13420]  ? __pkru_allows_pkey+0x41/0xb0
[  378.011351][T13420]  do_user_addr_fault+0x7a6/0x1370
[  378.011367][T13420]  ? rcu_is_watching+0x12/0xc0
[  378.011380][T13420]  exc_page_fault+0x5c/0xb0
[  378.011394][T13420]  asm_exc_page_fault+0x26/0x30
[  378.011404][T13420] RIP: 0010:_copy_from_user+0x93/0xd0
[  378.011413][T13420] Code: 81 e2 fc 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 69 6c 48 fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 95 7c
[  378.011424][T13420] RSP: 0018:ffffc90025ff7d78 EFLAGS: 00050246
[  378.011432][T13420] RAX: 0000000000000001 RBX: 0000000080000000 RCX: 0000000000000074
[  378.011438][T13420] RDX: fffff52004bfefce RSI: 0000000080000000 RDI: ffffc90025ff7df8
[  378.011444][T13420] RBP: 0000000000000074 R08: 0000000000000001 R09: fffff52004bfefcd
[  378.011450][T13420] R10: ffffc90025ff7e6b R11: 0000000000000001 R12: 0000000000000000
[  378.011456][T13420] R13: ffffc90025ff7df8 R14: ffff88802486c000 R15: ffff88804f927800
[  378.011469][T13420]  ? _copy_from_user+0x87/0xd0
[  378.011479][T13420]  move_addr_to_kernel+0x65/0x170
[  378.011492][T13420]  __sys_bind+0x11b/0x260
[  378.011505][T13420]  ? __pfx___sys_bind+0x10/0x10
[  378.011516][T13420]  ? __fget_files+0x20e/0x3c0
[  378.011536][T13420]  ? __pfx_ksys_write+0x10/0x10
[  378.011554][T13420]  __ia32_sys_bind+0x71/0xb0
[  378.011567][T13420]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  378.011583][T13420]  __do_fast_syscall_32+0x7c/0x3a0
[  378.011600][T13420]  do_fast_syscall_32+0x32/0x80
[  378.011616][T13420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  378.011628][T13420] RIP: 0023:0xf7f78579
[  378.011636][T13420] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  378.011646][T13420] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169
[  378.011654][T13420] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  378.011661][T13420] RDX: 0000000000000074 RSI: 0000000000000000 RDI: 0000000000000000
[  378.011666][T13420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  378.011672][T13420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  378.011678][T13420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  378.011690][T13420]  </TASK>
[  378.372695][T13429] netlink: 'syz.4.1912': attribute type 1 has an invalid length.
[  378.375270][T13429] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1912'.
[  378.821991][ T5954] Bluetooth: hci4: command 0x0405 tx timeout
[  379.338687][T13453] bridge7: left promiscuous mode
[  379.340719][T13453] bridge7: left allmulticast mode
[  380.006220][T13469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1926'.
[  380.009073][T13469] netlink: 'syz.0.1926': attribute type 5 has an invalid length.
[  380.011347][T13469] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1926'.
[  380.253779][T13484] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1930'.
[  380.698143][T13504] FAULT_INJECTION: forcing a failure.
[  380.698143][T13504] name failslab, interval 1, probability 0, space 0, times 0
[  380.702053][T13504] CPU: 2 UID: 0 PID: 13504 Comm: syz.4.1938 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  380.702071][T13504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  380.702078][T13504] Call Trace:
[  380.702082][T13504]  <TASK>
[  380.702087][T13504]  dump_stack_lvl+0x16c/0x1f0
[  380.702108][T13504]  should_fail_ex+0x512/0x640
[  380.702124][T13504]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  380.702143][T13504]  should_failslab+0xc2/0x120
[  380.702167][T13504]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  380.702185][T13504]  ? kstrdup_const+0x63/0x80
[  380.702203][T13504]  kstrdup+0x53/0x100
[  380.702219][T13504]  kstrdup_const+0x63/0x80
[  380.702235][T13504]  __kernfs_new_node+0x9b/0x8e0
[  380.702252][T13504]  ? __pfx___kernfs_new_node+0x10/0x10
[  380.702270][T13504]  ? find_held_lock+0x2b/0x80
[  380.702283][T13504]  ? kernfs_root+0xee/0x2a0
[  380.702300][T13504]  kernfs_new_node+0x13c/0x1e0
[  380.702320][T13504]  kernfs_create_dir_ns+0x4c/0x1a0
[  380.702332][T13504]  sysfs_create_dir_ns+0x13a/0x2b0
[  380.702347][T13504]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  380.702361][T13504]  ? find_held_lock+0x2b/0x80
[  380.702373][T13504]  ? class_dir_child_ns_type+0xd/0x60
[  380.702386][T13504]  kobject_add_internal+0x2c4/0x9b0
[  380.702399][T13504]  kobject_add+0x16e/0x240
[  380.702409][T13504]  ? __pfx_kobject_add+0x10/0x10
[  380.702420][T13504]  ? get_device_parent+0x1c5/0x4e0
[  380.702431][T13504]  ? kobject_put+0xab/0x5a0
[  380.702441][T13504]  ? device_add+0xbff/0x1a70
[  380.702454][T13504]  device_add+0x288/0x1a70
[  380.702466][T13504]  ? __pfx_device_add+0x10/0x10
[  380.702476][T13504]  ? kfree+0x24f/0x4d0
[  380.702494][T13504]  device_create_groups_vargs+0x1f8/0x270
[  380.702508][T13504]  device_create+0xed/0x130
[  380.702520][T13504]  ? __pfx_device_create+0x10/0x10
[  380.702533][T13504]  ? do_init_timer+0xc9/0x110
[  380.702546][T13504]  ? ieee80211_roc_setup+0x136/0x270
[  380.702562][T13504]  ? ieee80211_alloc_hw_nm+0x231/0x2260
[  380.702575][T13504]  mac80211_hwsim_new_radio+0x369/0x54d0
[  380.702598][T13504]  ? rcu_is_watching+0x12/0xc0
[  380.702609][T13504]  ? trace_kmalloc+0x2b/0xd0
[  380.702619][T13504]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  380.702637][T13504]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  380.702655][T13504]  ? __asan_memcpy+0x3c/0x60
[  380.702679][T13504]  hwsim_new_radio_nl+0xb51/0x12c0
[  380.702704][T13504]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  380.702736][T13504]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  380.702758][T13504]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  380.702785][T13504]  genl_family_rcv_msg_doit+0x206/0x2f0
[  380.702800][T13504]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  380.702813][T13504]  ? trace_cap_capable+0x18d/0x200
[  380.702828][T13504]  ? bpf_lsm_capable+0x9/0x10
[  380.702841][T13504]  ? security_capable+0x7e/0x260
[  380.702852][T13504]  ? ns_capable+0xd7/0x110
[  380.702865][T13504]  genl_rcv_msg+0x55c/0x800
[  380.702879][T13504]  ? __pfx_genl_rcv_msg+0x10/0x10
[  380.702892][T13504]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  380.702910][T13504]  ? __lock_acquire+0x622/0x1c90
[  380.702926][T13504]  netlink_rcv_skb+0x155/0x420
[  380.702937][T13504]  ? __pfx_genl_rcv_msg+0x10/0x10
[  380.702951][T13504]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  380.702968][T13504]  ? netlink_deliver_tap+0x1ae/0xd30
[  380.702978][T13504]  ? is_vmalloc_addr+0x86/0xa0
[  380.702995][T13504]  genl_rcv+0x28/0x40
[  380.703006][T13504]  netlink_unicast+0x53d/0x7f0
[  380.703018][T13504]  ? __pfx_netlink_unicast+0x10/0x10
[  380.703033][T13504]  netlink_sendmsg+0x8d1/0xdd0
[  380.703047][T13504]  ? __pfx_netlink_sendmsg+0x10/0x10
[  380.703059][T13504]  ? __import_iovec+0x1dd/0x650
[  380.703077][T13504]  ____sys_sendmsg+0xa95/0xc70
[  380.703091][T13504]  ? __pfx_____sys_sendmsg+0x10/0x10
[  380.703102][T13504]  ? get_compat_msghdr+0x11a/0x170
[  380.703125][T13504]  ___sys_sendmsg+0x134/0x1d0
[  380.703141][T13504]  ? __pfx____sys_sendmsg+0x10/0x10
[  380.703164][T13504]  ? find_held_lock+0x2b/0x80
[  380.703183][T13504]  __sys_sendmsg+0x16d/0x220
[  380.703199][T13504]  ? __pfx___sys_sendmsg+0x10/0x10
[  380.703221][T13504]  ? rcu_is_watching+0x12/0xc0
[  380.703234][T13504]  __do_fast_syscall_32+0x7c/0x3a0
[  380.703251][T13504]  do_fast_syscall_32+0x32/0x80
[  380.703268][T13504]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  380.703281][T13504] RIP: 0023:0xf7f78579
[  380.703289][T13504] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  380.703300][T13504] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  380.703310][T13504] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  380.703316][T13504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  380.703322][T13504] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  380.703327][T13504] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  380.703333][T13504] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  380.703346][T13504]  </TASK>
[  380.703363][T13504] kobject: kobject_add_internal failed for hwsim21 (error: -12 parent: mac80211_hwsim)
[  380.867508][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  381.078687][   T40] audit: type=1326 audit(1751718923.016:6433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  381.085688][   T40] audit: type=1326 audit(1751718923.026:6434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  381.097392][T13510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1941'.
[  381.100247][T13510] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1941'.
[  381.103469][   T40] audit: type=1326 audit(1751718923.035:6435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.106277][T13511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1940'.
[  381.110826][   T40] audit: type=1326 audit(1751718923.035:6436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.136839][   T40] audit: type=1326 audit(1751718923.035:6437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.157083][   T40] audit: type=1326 audit(1751718923.035:6438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.164197][   T40] audit: type=1326 audit(1751718923.035:6439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.172019][   T40] audit: type=1326 audit(1751718923.035:6440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.179954][   T40] audit: type=1326 audit(1751718923.063:6441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  381.188346][   T40] audit: type=1326 audit(1751718923.063:6442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13492 comm="syz.5.1934" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  382.796482][T13560] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1950'.
[  382.812748][T13560] bridge8: entered promiscuous mode
[  382.814527][T13560] bridge8: entered allmulticast mode
[  383.878030][   T59] IPVS: starting estimator thread 0...
[  383.968557][T13577] IPVS: using max 50 ests per chain, 120000 per kthread
[  384.163769][T13587] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  384.441335][T13606] FAULT_INJECTION: forcing a failure.
[  384.441335][T13606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.449083][T13606] CPU: 3 UID: 0 PID: 13606 Comm: syz.2.1968 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  384.449100][T13606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  384.449107][T13606] Call Trace:
[  384.449111][T13606]  <TASK>
[  384.449126][T13606]  dump_stack_lvl+0x16c/0x1f0
[  384.449148][T13606]  should_fail_ex+0x512/0x640
[  384.449166][T13606]  _copy_from_iter+0x29f/0x16f0
[  384.449185][T13606]  ? __alloc_skb+0x200/0x380
[  384.449201][T13606]  ? __pfx__copy_from_iter+0x10/0x10
[  384.449218][T13606]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  384.449234][T13606]  netlink_sendmsg+0x829/0xdd0
[  384.449248][T13606]  ? __pfx_netlink_sendmsg+0x10/0x10
[  384.449260][T13606]  ? __import_iovec+0x1dd/0x650
[  384.449272][T13606]  ____sys_sendmsg+0xa95/0xc70
[  384.449295][T13606]  ? __pfx_____sys_sendmsg+0x10/0x10
[  384.449308][T13606]  ? get_compat_msghdr+0x11a/0x170
[  384.449327][T13606]  ? rcu_is_watching+0x12/0xc0
[  384.449338][T13606]  ? finish_task_switch.isra.0+0x221/0xc10
[  384.449352][T13606]  ___sys_sendmsg+0x134/0x1d0
[  384.449369][T13606]  ? __pfx____sys_sendmsg+0x10/0x10
[  384.449391][T13606]  ? find_held_lock+0x2b/0x80
[  384.449411][T13606]  __sys_sendmsg+0x16d/0x220
[  384.449427][T13606]  ? __pfx___sys_sendmsg+0x10/0x10
[  384.449448][T13606]  ? rcu_is_watching+0x12/0xc0
[  384.449461][T13606]  __do_fast_syscall_32+0x7c/0x3a0
[  384.449479][T13606]  do_fast_syscall_32+0x32/0x80
[  384.449495][T13606]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  384.449509][T13606] RIP: 0023:0xf707e579
[  384.449517][T13606] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  384.449527][T13606] RSP: 002b:00000000f504d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  384.449537][T13606] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[  384.449543][T13606] RDX: 00000000240008c4 RSI: 0000000000000000 RDI: 0000000000000000
[  384.449549][T13606] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  384.449555][T13606] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  384.449561][T13606] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  384.449573][T13606]  </TASK>
[  384.588675][  T838] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  384.770431][  T838] usb 10-1: Using ep0 maxpacket: 8
[  384.776043][  T838] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  384.787100][  T838] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  384.799692][  T838] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  384.804252][  T838] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  384.808568][  T838] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  384.811689][  T838] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.045572][  T838] usb 10-1: GET_CAPABILITIES returned 0
[  385.047431][  T838] usbtmc 10-1:16.0: can't read capabilities
[  385.699495][T13602] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  386.171031][T13625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1971'.
[  387.369420][T13642] FAULT_INJECTION: forcing a failure.
[  387.369420][T13642] name failslab, interval 1, probability 0, space 0, times 0
[  387.373271][T13642] CPU: 3 UID: 0 PID: 13642 Comm: syz.2.1975 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  387.373285][T13642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  387.373292][T13642] Call Trace:
[  387.373296][T13642]  <TASK>
[  387.373300][T13642]  dump_stack_lvl+0x16c/0x1f0
[  387.373320][T13642]  should_fail_ex+0x512/0x640
[  387.373336][T13642]  ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0
[  387.373354][T13642]  should_failslab+0xc2/0x120
[  387.373365][T13642]  kmem_cache_alloc_bulk_noprof+0x85/0xbc0
[  387.373383][T13642]  ? trace_kmem_cache_alloc+0x28/0xc0
[  387.373395][T13642]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  387.373411][T13642]  ? mas_alloc_nodes+0x18b/0x8b0
[  387.373426][T13642]  ? mas_alloc_nodes+0x2f1/0x8b0
[  387.373439][T13642]  mas_alloc_nodes+0x2f1/0x8b0
[  387.373455][T13642]  mas_node_count_gfp+0x105/0x130
[  387.373471][T13642]  mas_preallocate+0x7e0/0xde0
[  387.373484][T13642]  ? __pfx_mas_preallocate+0x10/0x10
[  387.373500][T13642]  ? anon_vma_name+0x75/0x100
[  387.373514][T13642]  __split_vma+0x34a/0x1070
[  387.373532][T13642]  ? __pfx___split_vma+0x10/0x10
[  387.373545][T13642]  ? mark_held_locks+0x49/0x80
[  387.373563][T13642]  ? rcu_is_watching+0x12/0xc0
[  387.373575][T13642]  ? trace_sched_exit_tp+0xde/0x130
[  387.373590][T13642]  vma_modify+0xee1/0x2030
[  387.373609][T13642]  ? __pfx_vma_modify+0x10/0x10
[  387.373628][T13642]  vma_modify_flags+0x212/0x2d0
[  387.373644][T13642]  ? __pfx_vma_modify_flags+0x10/0x10
[  387.373669][T13642]  mlock_fixup+0x27c/0xe50
[  387.373687][T13642]  apply_vma_lock_flags+0x261/0x390
[  387.373704][T13642]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  387.373719][T13642]  ? __pfx___might_resched+0x10/0x10
[  387.373734][T13642]  ? __pfx_down_write_killable+0x10/0x10
[  387.373746][T13642]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  387.373765][T13642]  do_mlock+0x2ac/0x810
[  387.373780][T13642]  ? __fget_files+0x20e/0x3c0
[  387.373794][T13642]  ? handle_mm_fault+0x2a0/0xd10
[  387.373807][T13642]  ? __pfx_do_mlock+0x10/0x10
[  387.373839][T13642]  ? fput+0x70/0xf0
[  387.373849][T13642]  ? ksys_write+0x1ac/0x250
[  387.373864][T13642]  ? __pfx_ksys_write+0x10/0x10
[  387.373882][T13642]  __ia32_sys_mlock+0x57/0x80
[  387.373897][T13642]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  387.373913][T13642]  __do_fast_syscall_32+0x7c/0x3a0
[  387.373931][T13642]  do_fast_syscall_32+0x32/0x80
[  387.373947][T13642]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  387.373960][T13642] RIP: 0023:0xf707e579
[  387.373968][T13642] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  387.373978][T13642] RSP: 002b:00000000f504d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000096
[  387.373988][T13642] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000800000
[  387.373995][T13642] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  387.374001][T13642] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  387.374006][T13642] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  387.374012][T13642] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  387.374025][T13642]  </TASK>
[  387.553633][   T59] usb 10-1: USB disconnect, device number 3
[  387.779224][T13648] 8021q: adding VLAN 0 to HW filter on device bond0
[  387.782125][T13648] 8021q: adding VLAN 0 to HW filter on device team0
[  387.790571][T13648] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  387.834811][T13648] usb 1-1: USB disconnect, device number 2
[  387.888462][T13655] syzkaller1: entered promiscuous mode
[  387.890247][T13655] syzkaller1: entered allmulticast mode
[  390.791088][T13722] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1996'.
[  390.807601][T13722] bridge10: entered promiscuous mode
[  390.809340][T13722] bridge10: entered allmulticast mode
[  391.000917][T13716] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  391.300318][T13730] 9pnet_virtio: no channels available for device syz
[  391.913442][T13750] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  393.568661][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20470 ms
[  393.571209][    C0] sl0: transmit timed out, driver error?
[  393.654282][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  393.903288][T13775] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2010'.
[  393.916733][T13775] bridge1: entered promiscuous mode
[  393.918445][T13775] bridge1: entered allmulticast mode
[  394.122679][T13777] ALSA: mixer_oss: invalid OSS volume ''
[  394.526263][T13785] netlink: 'syz.4.2012': attribute type 16 has an invalid length.
[  394.543502][T13785] bridge9: entered promiscuous mode
[  394.545210][T13785] bridge9: entered allmulticast mode
[  394.889087][T13791] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  395.888577][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  396.387857][T13821] netlink: 'syz.0.2020': attribute type 16 has an invalid length.
[  396.408290][T13821] bridge17: entered promiscuous mode
[  396.410036][T13821] bridge17: entered allmulticast mode
[  396.779657][T13824] netlink: 'syz.5.2022': attribute type 7 has an invalid length.
[  396.785306][T13824] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  396.788396][T13824] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  396.791114][T13824] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  396.794098][T13824] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  396.933109][T13829] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2024'.
[  396.936044][T13829] 0ªX¹¦D: renamed from macvtap0
[  396.939378][T13829] 0ªX¹¦D: entered allmulticast mode
[  396.941029][T13829] veth0_macvtap: entered allmulticast mode
[  396.943496][T13829] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  397.558854][T13842] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  400.006462][T13859] syz_tun: entered allmulticast mode
[  400.010477][T13859] syz_tun: left allmulticast mode
[  400.208121][T13875] bridge18: entered promiscuous mode
[  400.209857][T13875] bridge18: entered allmulticast mode
[  400.347252][   T53] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  400.347505][T13877] fuse: Bad value for 'user_id'
[  400.351844][T13877] fuse: Bad value for 'user_id'
[  400.518981][   T53] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  400.522145][   T53] usb 10-1: config 0 interface 0 has no altsetting 0
[  400.526048][   T53] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  400.529287][   T53] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  400.532008][   T53] usb 10-1: Product: syz
[  400.533454][   T53] usb 10-1: Manufacturer: syz
[  400.534972][   T53] usb 10-1: SerialNumber: syz
[  400.538135][   T53] usb 10-1: config 0 descriptor??
[  400.542748][   T53] usb 10-1: selecting invalid altsetting 0
[  400.758643][T13870] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2034'.
[  400.763632][  T838] usb 10-1: USB disconnect, device number 4
[  403.834154][T13942] netlink: 'syz.4.2056': attribute type 3 has an invalid length.
[  403.836851][T13942] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2056'.
[  404.151994][T13940] FAULT_INJECTION: forcing a failure.
[  404.151994][T13940] name failslab, interval 1, probability 0, space 0, times 0
[  404.157170][T13940] CPU: 3 UID: 0 PID: 13940 Comm: syz.5.2055 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  404.157186][T13940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  404.157193][T13940] Call Trace:
[  404.157197][T13940]  <TASK>
[  404.157202][T13940]  dump_stack_lvl+0x16c/0x1f0
[  404.157222][T13940]  should_fail_ex+0x512/0x640
[  404.157238][T13940]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  404.157254][T13940]  should_failslab+0xc2/0x120
[  404.157265][T13940]  __kmalloc_cache_noprof+0x6a/0x3e0
[  404.157279][T13940]  ? lockdep_init_map_type+0x5c/0x280
[  404.157294][T13940]  ? register_netdevice+0x4eb/0x2270
[  404.157307][T13940]  register_netdevice+0x4eb/0x2270
[  404.157320][T13940]  ? __pfx_register_netdevice+0x10/0x10
[  404.157331][T13940]  ? dev_addr_mod+0x316/0x540
[  404.157346][T13940]  veth_newlink+0x30f/0xa00
[  404.157360][T13940]  ? netlink_rcv_skb+0x155/0x420
[  404.157371][T13940]  ? __pfx_veth_newlink+0x10/0x10
[  404.157383][T13940]  ? ___sys_sendmsg+0x134/0x1d0
[  404.157421][T13940]  ? validate_linkmsg+0x57c/0xb60
[  404.157438][T13940]  ? __pfx_validate_linkmsg+0x10/0x10
[  404.157454][T13940]  ? alloc_netdev_mqs+0xe7e/0x1570
[  404.157473][T13940]  ? rtnl_create_link+0xa4a/0xf90
[  404.157489][T13940]  ? __pfx_veth_newlink+0x10/0x10
[  404.157503][T13940]  rtnl_newlink+0xc42/0x2000
[  404.157517][T13940]  ? __pfx_rtnl_newlink+0x10/0x10
[  404.157525][T13940]  ? kasan_quarantine_put+0x10a/0x240
[  404.157540][T13940]  ? lockdep_hardirqs_on+0x7c/0x110
[  404.157557][T13940]  ? kfree_skbmem+0x1a4/0x1f0
[  404.157577][T13940]  ? rcu_is_watching+0x12/0xc0
[  404.157588][T13940]  ? trace_cap_capable+0x18d/0x200
[  404.157603][T13940]  ? find_held_lock+0x2b/0x80
[  404.157613][T13940]  ? __pfx_rtnl_newlink+0x10/0x10
[  404.157621][T13940]  ? __pfx_rtnl_newlink+0x10/0x10
[  404.157629][T13940]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  404.157639][T13940]  ? __pfx_rtnl_newlink+0x10/0x10
[  404.157649][T13940]  rtnetlink_rcv_msg+0x95e/0xe90
[  404.157688][T13940]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  404.157706][T13940]  ? ref_tracker_free+0x37c/0x830
[  404.157724][T13940]  netlink_rcv_skb+0x155/0x420
[  404.157736][T13940]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  404.157746][T13940]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  404.157763][T13940]  ? netlink_deliver_tap+0x1ae/0xd30
[  404.157776][T13940]  netlink_unicast+0x53d/0x7f0
[  404.157788][T13940]  ? __pfx_netlink_unicast+0x10/0x10
[  404.157804][T13940]  netlink_sendmsg+0x8d1/0xdd0
[  404.157817][T13940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.157829][T13940]  ? __import_iovec+0x1dd/0x650
[  404.157843][T13940]  ____sys_sendmsg+0xa95/0xc70
[  404.157856][T13940]  ? __pfx_____sys_sendmsg+0x10/0x10
[  404.157867][T13940]  ? get_compat_msghdr+0x11a/0x170
[  404.157890][T13940]  ___sys_sendmsg+0x134/0x1d0
[  404.157908][T13940]  ? __pfx____sys_sendmsg+0x10/0x10
[  404.157931][T13940]  ? find_held_lock+0x2b/0x80
[  404.157950][T13940]  __sys_sendmsg+0x16d/0x220
[  404.157966][T13940]  ? __pfx___sys_sendmsg+0x10/0x10
[  404.157988][T13940]  ? rcu_is_watching+0x12/0xc0
[  404.158001][T13940]  __do_fast_syscall_32+0x7c/0x3a0
[  404.158018][T13940]  do_fast_syscall_32+0x32/0x80
[  404.158034][T13940]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  404.158047][T13940] RIP: 0023:0xf7fc6579
[  404.158056][T13940] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  404.158067][T13940] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  404.158078][T13940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  404.158084][T13940] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.158090][T13940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  404.158095][T13940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  404.158101][T13940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  404.158114][T13940]  </TASK>
[  404.360144][T13950] bridge1: left promiscuous mode
[  404.361744][T13950] bridge1: left allmulticast mode
[  404.364315][T13950] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.367752][T13950] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.370966][T13950] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.373680][T13950] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.464899][T13958] input: syz1 as /devices/virtual/input/input18
[  404.848006][T13966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2064'.
[  405.535935][T13971] random: crng reseeded on system resumption
[  405.623061][T13975] overlayfs: failed to resolve './file0': -2
[  405.680167][T13980] loop6: detected capacity change from 0 to 63
[  405.694029][T13086] Buffer I/O error on dev loop6, logical block 0, async page read
[  405.697257][T13086] Buffer I/O error on dev loop6, logical block 0, async page read
[  405.699979][T13086] Buffer I/O error on dev loop6, logical block 0, async page read
[  405.703738][T13086] Buffer I/O error on dev loop6, logical block 0, async page read
[  405.706854][T13086] Buffer I/O error on dev loop6, logical block 0, async page read
[  405.820185][   T10] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  405.991168][   T10] usb 5-1: Using ep0 maxpacket: 32
[  405.994643][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  405.998125][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  406.001139][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  406.004882][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  406.008323][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  406.013893][   T10] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  406.016737][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.019284][   T10] usb 5-1: Product: syz
[  406.020668][   T10] usb 5-1: Manufacturer: syz
[  406.022179][   T10] usb 5-1: SerialNumber: syz
[  406.025486][   T10] usb 5-1: config 0 descriptor??
[  406.027636][T13973] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  406.032566][   T10] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input19
[  406.036478][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.043347][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.047621][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.054332][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.068431][T12734] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.073310][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.078086][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.081789][ T5351] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  406.259245][  T838] usb 5-1: USB disconnect, device number 27
[  406.295852][T13987] netlink: 220 bytes leftover after parsing attributes in process `syz.4.2071'.
[  406.714007][T13993] fuse: Invalid rootmode
[  407.203723][T14002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2074'.
[  407.331304][T14003] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  407.883731][T14010] veth0_macvtap: left allmulticast mode
[  407.892852][T14010] 0ªX¹¦D: left allmulticast mode
[  407.896513][T14010] bridge9: left promiscuous mode
[  407.898634][T14010] bridge9: left allmulticast mode
[  407.900920][T14010] bridge10: left promiscuous mode
[  407.903069][T14010] bridge10: left allmulticast mode
[  408.078300][T14028] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2083'.
[  408.145927][T14032] syzkaller1: entered promiscuous mode
[  408.145942][T14032] syzkaller1: entered allmulticast mode
[  408.418610][T14036] 9pnet_virtio: no channels available for device syz
[  409.117521][   T40] kauditd_printk_skb: 345 callbacks suppressed
[  409.117533][   T40] audit: type=1326 audit(1751718949.245:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.132048][   T40] audit: type=1326 audit(1751718949.245:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.141267][   T40] audit: type=1326 audit(1751718949.245:6790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.149892][   T40] audit: type=1326 audit(1751718949.245:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.159509][   T40] audit: type=1326 audit(1751718949.245:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.166029][   T40] audit: type=1326 audit(1751718949.245:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.172719][   T40] audit: type=1326 audit(1751718949.245:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.179167][   T40] audit: type=1326 audit(1751718949.245:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  409.185670][   T40] audit: type=1326 audit(1751718949.245:6796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  409.192385][   T40] audit: type=1326 audit(1751718949.245:6797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14045 comm="syz.4.2087" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  409.480966][T14060] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2089'.
[  409.969959][T14063] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  410.295871][T14070] fuse: Bad value for 'rootmode'
[  410.407321][T14072] netlink: 360 bytes leftover after parsing attributes in process `syz.2.2095'.
[  410.410112][T14072] netlink: 360 bytes leftover after parsing attributes in process `syz.2.2095'.
[  410.592915][T14074] tmpfs: Bad value for 'mpol'
[  411.042799][T14081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2097'.
[  411.046140][T14081] netlink: 'syz.0.2097': attribute type 5 has an invalid length.
[  411.049049][T14081] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2097'.
[  411.743890][T14093] netlink: 5364 bytes leftover after parsing attributes in process `syz.4.2102'.
[  412.602723][T14111] program syz.2.2103 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  412.611185][T14111] nfs: Unknown parameter 'ntext'
[  413.128384][T14115] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  414.170637][T14156] vivid-004: =================  START STATUS  =================
[  414.180255][T14156] vivid-004: Radio HW Seek Mode: Bounded
[  414.183450][T14156] vivid-004: Radio Programmable HW Seek: false
[  414.188076][T14156] vivid-004: RDS Rx I/O Mode: Block I/O
[  414.191279][T14156] vivid-004: Generate RBDS Instead of RDS: false
[  414.193666][T14156] vivid-004: RDS Reception: true
[  414.195535][T14156] vivid-004: RDS Program Type: 0 inactive
[  414.198316][T14156] vivid-004: RDS PS Name:  inactive
[  414.200212][T14156] vivid-004: RDS Radio Text:  inactive
[  414.202621][T14156] vivid-004: RDS Traffic Announcement: false inactive
[  414.204704][T14156] vivid-004: RDS Traffic Program: false inactive
[  414.206628][T14156] vivid-004: RDS Music: false inactive
[  414.208302][T14156] vivid-004: ==================  END STATUS  ==================
[  414.217278][T14156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2121'.
[  414.481777][T14170] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  414.665328][T14177] loop6: detected capacity change from 0 to 524287999
[  415.507869][T14198] FAULT_INJECTION: forcing a failure.
[  415.507869][T14198] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.512373][T14198] CPU: 2 UID: 0 PID: 14198 Comm: syz.2.2134 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  415.512393][T14198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  415.512400][T14198] Call Trace:
[  415.512404][T14198]  <TASK>
[  415.512408][T14198]  dump_stack_lvl+0x16c/0x1f0
[  415.512427][T14198]  should_fail_ex+0x512/0x640
[  415.512446][T14198]  _copy_from_iter+0x29f/0x16f0
[  415.512464][T14198]  ? __alloc_skb+0x200/0x380
[  415.512480][T14198]  ? __pfx__copy_from_iter+0x10/0x10
[  415.512497][T14198]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  415.512513][T14198]  netlink_sendmsg+0x829/0xdd0
[  415.512526][T14198]  ? __pfx_netlink_sendmsg+0x10/0x10
[  415.512538][T14198]  ? __import_iovec+0x1dd/0x650
[  415.512551][T14198]  ____sys_sendmsg+0xa95/0xc70
[  415.512564][T14198]  ? __pfx_____sys_sendmsg+0x10/0x10
[  415.512575][T14198]  ? get_compat_msghdr+0x11a/0x170
[  415.512598][T14198]  ___sys_sendmsg+0x134/0x1d0
[  415.512614][T14198]  ? __pfx____sys_sendmsg+0x10/0x10
[  415.512636][T14198]  ? find_held_lock+0x2b/0x80
[  415.512656][T14198]  __sys_sendmsg+0x16d/0x220
[  415.512672][T14198]  ? __pfx___sys_sendmsg+0x10/0x10
[  415.512694][T14198]  ? rcu_is_watching+0x12/0xc0
[  415.512707][T14198]  __do_fast_syscall_32+0x7c/0x3a0
[  415.512725][T14198]  do_fast_syscall_32+0x32/0x80
[  415.512741][T14198]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  415.512754][T14198] RIP: 0023:0xf707e579
[  415.512762][T14198] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  415.512772][T14198] RSP: 002b:00000000f506e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  415.512782][T14198] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[  415.512788][T14198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  415.512795][T14198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  415.512801][T14198] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  415.512807][T14198] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  415.512819][T14198]  </TASK>
[  415.585533][    C2] hpet_rtc_timer_reinit: 617 callbacks suppressed
[  415.585549][    C2] hpet: Lost 3 RTC interrupts
[  415.627720][T14200] binder: 14199:14200 ioctl c0046209 0 returned -22
[  416.330489][   T10] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  416.490787][   T10] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  416.494046][   T10] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  416.496929][   T10] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  416.499863][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.521688][T14209] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  416.525464][   T10] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  416.574135][T14216] ALSA: mixer_oss: invalid OSS volume ''
[  417.332886][T14232] dns_resolver: Unsupported content type (5)
[  417.347174][  T838] usb 9-1: USB disconnect, device number 21
[  417.389167][T14235] bridge8: left promiscuous mode
[  417.390755][T14235] bridge8: left allmulticast mode
[  417.393106][T14235] bridge9: left promiscuous mode
[  417.394608][T14235] bridge9: left allmulticast mode
[  417.633309][T14245] FAULT_INJECTION: forcing a failure.
[  417.633309][T14245] name failslab, interval 1, probability 0, space 0, times 0
[  417.639053][T14245] CPU: 3 UID: 0 PID: 14245 Comm: syz.2.2145 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  417.639070][T14245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  417.639077][T14245] Call Trace:
[  417.639081][T14245]  <TASK>
[  417.639085][T14245]  dump_stack_lvl+0x16c/0x1f0
[  417.639118][T14245]  should_fail_ex+0x512/0x640
[  417.639134][T14245]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  417.639152][T14245]  should_failslab+0xc2/0x120
[  417.639163][T14245]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  417.639178][T14245]  ? netlink_sendmsg+0x8d1/0xdd0
[  417.639189][T14245]  ? sock_write_iter+0x4ff/0x5b0
[  417.639200][T14245]  ? __alloc_skb+0x2b2/0x380
[  417.639215][T14245]  ? do_fast_syscall_32+0x32/0x80
[  417.639233][T14245]  __alloc_skb+0x2b2/0x380
[  417.639247][T14245]  ? __pfx___alloc_skb+0x10/0x10
[  417.639262][T14245]  ? aa_get_newest_label+0x280/0x680
[  417.639274][T14245]  ? __pfx_aa_get_newest_label+0x10/0x10
[  417.639288][T14245]  netlink_dump+0x678/0xce0
[  417.639298][T14245]  ? apparmor_capable+0x114/0x1d0
[  417.639309][T14245]  ? __pfx_netlink_dump+0x10/0x10
[  417.639324][T14245]  ? __inet_diag_dump_start+0x434/0x7f0
[  417.639339][T14245]  __netlink_dump_start+0x6d6/0x990
[  417.639352][T14245]  inet_diag_handler_cmd+0x282/0x2e0
[  417.639364][T14245]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  417.639375][T14245]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  417.639385][T14245]  ? __pfx_inet_diag_dump+0x10/0x10
[  417.639395][T14245]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  417.639407][T14245]  ? sock_diag_lock_handler+0x10f/0x2e0
[  417.639425][T14245]  sock_diag_rcv_msg+0x438/0x790
[  417.639443][T14245]  netlink_rcv_skb+0x155/0x420
[  417.639454][T14245]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  417.639469][T14245]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  417.639485][T14245]  ? netlink_deliver_tap+0x1ae/0xd30
[  417.639495][T14245]  ? is_vmalloc_addr+0x86/0xa0
[  417.639512][T14245]  netlink_unicast+0x53d/0x7f0
[  417.639525][T14245]  ? __pfx_netlink_unicast+0x10/0x10
[  417.639535][T14245]  ? mark_held_locks+0x49/0x80
[  417.639553][T14245]  netlink_sendmsg+0x8d1/0xdd0
[  417.639566][T14245]  ? __pfx_netlink_sendmsg+0x10/0x10
[  417.639583][T14245]  sock_write_iter+0x4ff/0x5b0
[  417.639595][T14245]  ? __pfx_sock_write_iter+0x10/0x10
[  417.639613][T14245]  ? __lock_acquire+0x622/0x1c90
[  417.639628][T14245]  do_iter_readv_writev+0x657/0x950
[  417.639644][T14245]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  417.639661][T14245]  ? bpf_lsm_file_permission+0x9/0x10
[  417.639673][T14245]  ? security_file_permission+0x71/0x210
[  417.639688][T14245]  ? rw_verify_area+0xcf/0x680
[  417.639702][T14245]  vfs_writev+0x35f/0xde0
[  417.639721][T14245]  ? __pfx_vfs_writev+0x10/0x10
[  417.639736][T14245]  ? find_held_lock+0x2b/0x80
[  417.639755][T14245]  ? __fget_files+0x20e/0x3c0
[  417.639768][T14245]  ? __fget_files+0x1c0/0x3c0
[  417.639785][T14245]  ? do_writev+0x28c/0x340
[  417.639799][T14245]  do_writev+0x28c/0x340
[  417.639812][T14245]  ? __pfx_do_writev+0x10/0x10
[  417.639828][T14245]  ? rcu_is_watching+0x12/0xc0
[  417.639841][T14245]  __do_fast_syscall_32+0x7c/0x3a0
[  417.639858][T14245]  do_fast_syscall_32+0x32/0x80
[  417.639874][T14245]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  417.639887][T14245] RIP: 0023:0xf707e579
[  417.639896][T14245] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  417.639906][T14245] RSP: 002b:00000000f502c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000092
[  417.639916][T14245] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000780
[  417.639922][T14245] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  417.639928][T14245] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  417.639933][T14245] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  417.639939][T14245] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  417.639952][T14245]  </TASK>
[  417.870001][T14247] fuse: Unknown parameter 'user_i00000000000000000000'
[  418.839931][T14258] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  418.976593][T14261] 9pnet_virtio: no channels available for device syz
[  420.277070][T14284] wireguard0: entered promiscuous mode
[  420.278928][T14284] wireguard0: entered allmulticast mode
[  420.414680][T14286] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2155'.
[  421.028815][T14299] fuse: Unknown parameter 'user_i00000000000000000000'
[  421.140669][T14302] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  422.247188][T14315] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2171'.
[  422.263024][T14315] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2171'.
[  422.275837][T14317] netlink: 'syz.4.2170': attribute type 4 has an invalid length.
[  422.367304][T14317] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2170'.
[  422.432690][T14323] netlink: 'syz.4.2170': attribute type 4 has an invalid length.
[  422.604488][ T6021] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  422.775483][ T6021] usb 10-1: Using ep0 maxpacket: 8
[  422.779181][ T6021] usb 10-1: config index 0 descriptor too short (expected 28277, got 36)
[  422.782756][ T6021] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.787194][ T6021] usb 10-1: config 0 has no interfaces?
[  422.789659][ T6021] usb 10-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  422.793583][ T6021] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.799238][ T6021] usb 10-1: config 0 descriptor??
[  423.793473][T14335] fuse: Unknown parameter 'roÿV»otmode'
[  424.173078][T14348] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  425.515223][   T24] usb 10-1: USB disconnect, device number 5
[  426.250224][T14385] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  427.435511][T14413] wireguard0: entered promiscuous mode
[  427.437334][T14413] wireguard0: entered allmulticast mode
[  428.426856][T14427] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  428.697755][T14439] syz.2.2210: attempt to access beyond end of device
[  428.697755][T14439] sr0: rw=4096, sector=0, nr_sectors = 4 limit=0
[  429.360976][T14463] 9pnet_virtio: no channels available for device syz
[  430.251899][T14483] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  430.275126][T14487] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[  430.275126][T14487]    program syz.0.2228 not setting count and/or reply_len properly
[  430.559565][T14501] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2228'.
[  430.577954][T14501] batadv1: entered allmulticast mode
[  431.275142][T14516] fuse: Bad value for 'fd'
[  431.293199][T14498] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  431.299274][T14498] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  431.494105][T14523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2237'.
[  431.496877][T14523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2237'.
[  431.937005][T14539] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  432.308621][T14548] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2246'.
[  432.311477][T14549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2246'.
[  432.664323][ T5963] Bluetooth: hci1: command 0x0c1a tx timeout
[  433.168292][T14560] FAULT_INJECTION: forcing a failure.
[  433.168292][T14560] name failslab, interval 1, probability 0, space 0, times 0
[  433.172312][T14560] CPU: 0 UID: 0 PID: 14560 Comm: syz.5.2249 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  433.172326][T14560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.172332][T14560] Call Trace:
[  433.172336][T14560]  <TASK>
[  433.172340][T14560]  dump_stack_lvl+0x16c/0x1f0
[  433.172361][T14560]  should_fail_ex+0x512/0x640
[  433.172379][T14560]  should_failslab+0xc2/0x120
[  433.172391][T14560]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  433.172408][T14560]  ? __alloc_skb+0x2b2/0x380
[  433.172425][T14560]  __alloc_skb+0x2b2/0x380
[  433.172440][T14560]  ? __pfx___alloc_skb+0x10/0x10
[  433.172455][T14560]  ? lock_acquire+0x179/0x350
[  433.172470][T14560]  ? find_held_lock+0x2b/0x80
[  433.172482][T14560]  fdb_notify+0xa4/0x1a0
[  433.172497][T14560]  fdb_delete+0x6f9/0x1230
[  433.172514][T14560]  br_fdb_delete+0x326/0x7d0
[  433.172530][T14560]  ? __pfx_br_fdb_delete+0x10/0x10
[  433.172544][T14560]  rtnl_fdb_del+0x525/0xc50
[  433.172557][T14560]  ? __pfx_rtnl_fdb_del+0x10/0x10
[  433.172567][T14560]  ? rtnetlink_rcv_msg+0x371/0xe90
[  433.172585][T14560]  ? __pfx_rtnl_fdb_del+0x10/0x10
[  433.172599][T14560]  rtnetlink_rcv_msg+0x3c9/0xe90
[  433.172610][T14560]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  433.172623][T14560]  ? __lock_acquire+0x622/0x1c90
[  433.172639][T14560]  netlink_rcv_skb+0x155/0x420
[  433.172650][T14560]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  433.172661][T14560]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  433.172677][T14560]  ? netlink_deliver_tap+0x1ae/0xd30
[  433.172686][T14560]  ? is_vmalloc_addr+0x86/0xa0
[  433.172704][T14560]  netlink_unicast+0x53d/0x7f0
[  433.172717][T14560]  ? __pfx_netlink_unicast+0x10/0x10
[  433.172731][T14560]  netlink_sendmsg+0x8d1/0xdd0
[  433.172745][T14560]  ? __pfx_netlink_sendmsg+0x10/0x10
[  433.172757][T14560]  ? __import_iovec+0x1dd/0x650
[  433.172770][T14560]  ____sys_sendmsg+0xa95/0xc70
[  433.172783][T14560]  ? __pfx_____sys_sendmsg+0x10/0x10
[  433.172794][T14560]  ? get_compat_msghdr+0x11a/0x170
[  433.172817][T14560]  ___sys_sendmsg+0x134/0x1d0
[  433.172833][T14560]  ? __pfx____sys_sendmsg+0x10/0x10
[  433.172855][T14560]  ? find_held_lock+0x2b/0x80
[  433.172874][T14560]  __sys_sendmsg+0x16d/0x220
[  433.172889][T14560]  ? __pfx___sys_sendmsg+0x10/0x10
[  433.172911][T14560]  ? rcu_is_watching+0x12/0xc0
[  433.172924][T14560]  __do_fast_syscall_32+0x7c/0x3a0
[  433.172942][T14560]  do_fast_syscall_32+0x32/0x80
[  433.172958][T14560]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.172971][T14560] RIP: 0023:0xf7fc6579
[  433.172979][T14560] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.172989][T14560] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  433.172999][T14560] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  433.173005][T14560] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  433.173011][T14560] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.173017][T14560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.173023][T14560] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.173035][T14560]  </TASK>
[  433.479587][T14567] fuse: Bad value for 'fd'
[  433.508898][ T5963] Bluetooth: hci4: command 0x0405 tx timeout
[  433.549736][T14566] bridge17: left promiscuous mode
[  433.551445][T14566] bridge17: left allmulticast mode
[  433.557135][T14566] bridge18: left promiscuous mode
[  433.565789][T14566] bridge18: left allmulticast mode
[  433.754254][T14575] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  433.757132][T14575] syzkaller0: entered promiscuous mode
[  433.758936][T14575] syzkaller0: entered allmulticast mode
[  433.775858][T14575] tipc: Resetting bearer <eth:syzkaller0>
[  433.781530][T14574] tipc: Resetting bearer <eth:syzkaller0>
[  433.794918][T14574] tipc: Disabling bearer <eth:syzkaller0>
[  434.386320][T14589] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  435.312993][T14607] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2263'.
[  436.150046][T14624] fuse: Bad value for 'fd'
[  437.371139][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  437.375113][ T7547] sl0: compressed packet ignored
[  437.801191][T14649] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2276'.
[  440.431179][T14677] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  440.510205][T14675] fuse: Unknown parameter '0x0000000000000004'
[  441.200554][T14699] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2291'.
[  442.174388][T14714] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[  442.428388][T14719] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  443.155096][T14730] fuse: Unknown parameter '0x0000000000000004'
[  443.658719][T14737] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2302'.
[  444.083944][T14746] program syz.0.2306 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  444.231649][ T6021] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  444.844669][T14759] FAULT_INJECTION: forcing a failure.
[  444.844669][T14759] name failslab, interval 1, probability 0, space 0, times 0
[  444.848558][T14759] CPU: 1 UID: 0 PID: 14759 Comm: syz.4.2310 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  444.848572][T14759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.848578][T14759] Call Trace:
[  444.848592][T14759]  <TASK>
[  444.848598][T14759]  dump_stack_lvl+0x16c/0x1f0
[  444.848618][T14759]  should_fail_ex+0x512/0x640
[  444.848634][T14759]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  444.848652][T14759]  should_failslab+0xc2/0x120
[  444.848663][T14759]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  444.848679][T14759]  ? __kernfs_new_node+0xd2/0x8e0
[  444.848696][T14759]  __kernfs_new_node+0xd2/0x8e0
[  444.848711][T14759]  ? kernfs_add_one+0x37d/0x840
[  444.848720][T14759]  ? __pfx___kernfs_new_node+0x10/0x10
[  444.848739][T14759]  ? find_held_lock+0x2b/0x80
[  444.848751][T14759]  ? kernfs_root+0xee/0x2a0
[  444.848768][T14759]  kernfs_new_node+0x13c/0x1e0
[  444.848787][T14759]  __kernfs_create_file+0x53/0x350
[  444.848801][T14759]  sysfs_add_file_mode_ns+0x207/0x3c0
[  444.848819][T14759]  sysfs_create_file_ns+0x13d/0x1d0
[  444.848833][T14759]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  444.848845][T14759]  ? down_read+0x13d/0x480
[  444.848855][T14759]  ? __pfx___up_read+0x10/0x10
[  444.848871][T14759]  ? acpi_device_notify+0x351/0x480
[  444.848890][T14759]  device_create_file+0xf2/0x1e0
[  444.848904][T14759]  device_add+0x2bf/0x1a70
[  444.848916][T14759]  ? __pfx_dev_set_name+0x10/0x10
[  444.848929][T14759]  ? __pfx_device_add+0x10/0x10
[  444.848940][T14759]  ? lockdep_init_map_type+0x5c/0x280
[  444.848955][T14759]  ? __init_waitqueue_head+0xca/0x150
[  444.848968][T14759]  netdev_register_kobject+0x182/0x3a0
[  444.848982][T14759]  register_netdevice+0x13dc/0x2270
[  444.848996][T14759]  ? __pfx_register_netdevice+0x10/0x10
[  444.849007][T14759]  ? dev_addr_mod+0x316/0x540
[  444.849022][T14759]  veth_newlink+0x30f/0xa00
[  444.849036][T14759]  ? netlink_rcv_skb+0x155/0x420
[  444.849048][T14759]  ? __pfx_veth_newlink+0x10/0x10
[  444.849060][T14759]  ? ___sys_sendmsg+0x134/0x1d0
[  444.849099][T14759]  ? validate_linkmsg+0x57c/0xb60
[  444.849116][T14759]  ? __pfx_validate_linkmsg+0x10/0x10
[  444.849132][T14759]  ? alloc_netdev_mqs+0xe7e/0x1570
[  444.849152][T14759]  ? rtnl_create_link+0xa4a/0xf90
[  444.849168][T14759]  ? __pfx_veth_newlink+0x10/0x10
[  444.849182][T14759]  rtnl_newlink+0xc42/0x2000
[  444.849196][T14759]  ? __pfx_rtnl_newlink+0x10/0x10
[  444.849206][T14759]  ? arch_stack_walk+0xa6/0x100
[  444.849227][T14759]  ? rcu_is_watching+0x12/0xc0
[  444.849238][T14759]  ? trace_cap_capable+0x18d/0x200
[  444.849254][T14759]  ? find_held_lock+0x2b/0x80
[  444.849263][T14759]  ? __pfx_rtnl_newlink+0x10/0x10
[  444.849272][T14759]  ? __pfx_rtnl_newlink+0x10/0x10
[  444.849280][T14759]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  444.849309][T14759]  ? __pfx_rtnl_newlink+0x10/0x10
[  444.849319][T14759]  rtnetlink_rcv_msg+0x95e/0xe90
[  444.849330][T14759]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  444.849343][T14759]  ? __lock_acquire+0x622/0x1c90
[  444.849360][T14759]  netlink_rcv_skb+0x155/0x420
[  444.849371][T14759]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  444.849381][T14759]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  444.849398][T14759]  ? netlink_deliver_tap+0x1ae/0xd30
[  444.849407][T14759]  ? is_vmalloc_addr+0x86/0xa0
[  444.849425][T14759]  netlink_unicast+0x53d/0x7f0
[  444.849438][T14759]  ? __pfx_netlink_unicast+0x10/0x10
[  444.849453][T14759]  netlink_sendmsg+0x8d1/0xdd0
[  444.849466][T14759]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.849479][T14759]  ? __import_iovec+0x1dd/0x650
[  444.849495][T14759]  ____sys_sendmsg+0xa95/0xc70
[  444.849509][T14759]  ? __pfx_____sys_sendmsg+0x10/0x10
[  444.849520][T14759]  ? get_compat_msghdr+0x11a/0x170
[  444.849543][T14759]  ___sys_sendmsg+0x134/0x1d0
[  444.849559][T14759]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.849582][T14759]  ? find_held_lock+0x2b/0x80
[  444.849602][T14759]  __sys_sendmsg+0x16d/0x220
[  444.849618][T14759]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.849640][T14759]  ? rcu_is_watching+0x12/0xc0
[  444.849653][T14759]  __do_fast_syscall_32+0x7c/0x3a0
[  444.849670][T14759]  do_fast_syscall_32+0x32/0x80
[  444.849686][T14759]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.849699][T14759] RIP: 0023:0xf7f78579
[  444.849708][T14759] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.849718][T14759] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  444.849728][T14759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  444.849734][T14759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  444.849740][T14759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.849745][T14759] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  444.849751][T14759] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.849765][T14759]  </TASK>
[  445.003403][    C1] vkms_vblank_simulate: vblank timer overrun
[  445.081383][ T6021] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  445.085143][ T6021] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  445.091193][ T6021] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  445.094339][ T6021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.132517][ T6021] usb 7-1: config 0 descriptor??
[  445.276609][T14771] program syz.0.2315 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  445.455186][T14786] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2321'.
[  445.692979][T14793] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2319'.
[  445.711993][ T6021] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0
[  445.733183][ T6021] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  446.879366][T14804] ceph: No mds server is up or the cluster is laggy
[  446.941825][ T6021] libceph: connect (1)[c::]:6789 error -101
[  446.943929][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  447.113763][T14818] Invalid ELF header magic: != ELF
[  447.168680][T14821] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2329'.
[  447.174770][   T40] audit: type=1800 audit(1751718984.846:7415): pid=14818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.2330" name="/" dev="sockfs" ino=49308 res=0 errno=0
[  447.511169][ T6021] usb 7-1: USB disconnect, device number 24
[  447.894021][T14829] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  448.445436][T14837] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2334'.
[  448.889710][ T5963] Bluetooth: hci4: Unable to find connection with handle 0x00c8
[  448.894488][T14849] tmpfs: Bad value for 'mpol'
[  449.276719][T14858] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2341'.
[  450.182307][T14888] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  452.525428][ T5963] Bluetooth: hci1: Unable to find connection with handle 0x00c8
[  452.525945][T14939] tmpfs: Bad value for 'mpol'
[  454.679724][T14981] tmpfs: Bad value for 'mpol'
[  454.886636][T14988] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  454.895236][T14985] fuse: Unknown parameter 'fd0x0000000000000004'
[  455.300363][T15004] fuse: Unknown parameter 'fd0x0000000000000004'
[  456.733703][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  456.742558][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  456.746709][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  456.754248][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  456.758311][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  457.128117][   T40] audit: type=1326 audit(1751718994.153:7416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  457.137030][   T40] audit: type=1326 audit(1751718994.153:7417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  457.145469][   T40] audit: type=1326 audit(1751718994.153:7418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  457.154276][   T40] audit: type=1326 audit(1751718994.153:7419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  457.162753][   T40] audit: type=1326 audit(1751718994.153:7420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  457.171259][   T40] audit: type=1326 audit(1751718994.153:7421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  457.188664][   T40] audit: type=1326 audit(1751718994.153:7422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  457.202245][   T40] audit: type=1326 audit(1751718994.153:7423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  457.213649][   T40] audit: type=1326 audit(1751718994.153:7424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  457.220265][   T40] audit: type=1326 audit(1751718994.153:7425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15036 comm="syz.5.2371" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  458.774130][T15033] chnl_net:caif_netlink_parms(): no params data found
[  458.909797][ T5963] Bluetooth: hci3: command tx timeout
[  459.408338][T15058] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  459.417270][T15033] bridge0: port 1(bridge_slave_0) entered blocking state
[  459.423762][T15033] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.427139][T15033] bridge_slave_0: entered allmulticast mode
[  459.439609][T15033] bridge_slave_0: entered promiscuous mode
[  459.454521][T15033] bridge0: port 2(bridge_slave_1) entered blocking state
[  459.463960][T15033] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.470681][T15033] bridge_slave_1: entered allmulticast mode
[  459.473407][T15033] bridge_slave_1: entered promiscuous mode
[  460.464043][T15033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  460.468906][T15033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  460.575123][T15033] team0: Port device team_slave_0 added
[  460.592934][T15033] team0: Port device team_slave_1 added
[  460.640015][T15033] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.642583][T15033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.651299][T15033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.677918][T15033] batman_adv: batadv0: Adding interface: batadv_slave_1
[  460.680139][T15033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.714331][T15033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.954971][T15033] hsr_slave_0: entered promiscuous mode
[  460.957249][T15033] hsr_slave_1: entered promiscuous mode
[  460.959325][T15033] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  460.961775][T15033] Cannot create hsr debugfs directory
[  461.128351][T15093] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2383'.
[  461.133986][ T5963] Bluetooth: hci3: command tx timeout
[  461.980017][T15033] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  462.376236][T15033] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  462.400629][T15033] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  462.410243][T15033] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  462.435145][T15126] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2388'.
[  462.506669][T15033] 8021q: adding VLAN 0 to HW filter on device bond0
[  462.515880][T15033] 8021q: adding VLAN 0 to HW filter on device team0
[  462.536897][ T7544] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.539166][ T7544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  462.556331][ T7550] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.558618][ T7550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  462.747164][T15140] netlink: 'syz.5.2389': attribute type 1 has an invalid length.
[  462.751265][T15140] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2389'.
[  462.904554][T15033] 8021q: adding VLAN 0 to HW filter on device batadv0
[  462.947312][T15033] veth0_vlan: entered promiscuous mode
[  462.954319][T15033] veth1_vlan: entered promiscuous mode
[  462.979779][T15033] veth0_macvtap: entered promiscuous mode
[  462.985076][T15033] veth1_macvtap: entered promiscuous mode
[  462.996846][T15033] batman_adv: batadv0: Interface activated: batadv_slave_0
[  463.013904][T15033] batman_adv: batadv0: Interface activated: batadv_slave_1
[  463.023426][T15033] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  463.026346][T15033] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  463.029627][T15033] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  463.032707][T15033] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  463.085986][ T7553] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.089375][ T7553] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.103275][ T7544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.105957][ T7544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.357602][ T5963] Bluetooth: hci3: command tx timeout
[  463.810973][T15157] netlink: 'syz.5.2392': attribute type 16 has an invalid length.
[  463.829309][T15157] bridge2: entered promiscuous mode
[  463.831031][T15157] bridge2: entered allmulticast mode
[  465.591449][ T5963] Bluetooth: hci3: command tx timeout
[  465.899474][T15187] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2401'.
[  468.340033][T15223] bridge2: left promiscuous mode
[  468.341665][T15223] bridge2: left allmulticast mode
[  468.471592][   T24] IPVS: starting estimator thread 0...
[  468.832754][T15238] IPVS: using max 50 ests per chain, 120000 per kthread
[  469.767711][T15250] 9pnet_virtio: no channels available for device syz
[  471.191896][T15282] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2425'.
[  472.846527][T15308] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  475.425595][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  475.431667][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  475.443456][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  475.460190][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  475.469869][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  475.502884][  T838] IPVS: starting estimator thread 0...
[  475.601272][T15352] IPVS: using max 49 ests per chain, 117600 per kthread
[  475.672327][T15364] 9pnet_virtio: no channels available for device syz
[  476.227015][T15343] chnl_net:caif_netlink_parms(): no params data found
[  476.721634][T15343] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.723997][T15343] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.726366][T15343] bridge_slave_0: entered allmulticast mode
[  476.729075][T15343] bridge_slave_0: entered promiscuous mode
[  476.734445][T15343] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.736672][T15343] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.738880][T15343] bridge_slave_1: entered allmulticast mode
[  476.741953][T15343] bridge_slave_1: entered promiscuous mode
[  477.639766][ T5954] Bluetooth: hci0: command tx timeout
[  478.621481][T15395] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2457'.
[  478.776104][T15343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.785410][T15343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  478.881723][T15343] team0: Port device team_slave_0 added
[  478.886137][T15343] team0: Port device team_slave_1 added
[  478.921686][   T40] kauditd_printk_skb: 4327 callbacks suppressed
[  478.921698][   T40] audit: type=1326 audit(1751719014.536:11753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  478.932016][   T40] audit: type=1326 audit(1751719014.536:11754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  478.941388][   T40] audit: type=1326 audit(1751719014.536:11755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  478.950382][T15343] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.950414][   T40] audit: type=1326 audit(1751719014.536:11756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  478.952539][T15343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.952565][T15343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.954796][T15343] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.959323][   T40] audit: type=1326 audit(1751719014.536:11757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  478.967910][T15343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.970258][   T40] audit: type=1326 audit(1751719014.536:11758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  478.972335][T15343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.979979][   T40] audit: type=1326 audit(1751719014.536:11759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  479.014801][   T40] audit: type=1326 audit(1751719014.536:11760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  479.025636][   T40] audit: type=1326 audit(1751719014.536:11761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  479.039674][   T40] audit: type=1326 audit(1751719014.536:11762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15401 comm="syz.4.2459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  479.053733][T15343] hsr_slave_0: entered promiscuous mode
[  479.056063][T15343] hsr_slave_1: entered promiscuous mode
[  479.058320][T15343] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  479.060759][T15343] Cannot create hsr debugfs directory
[  479.524999][T15343] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  479.529470][T15343] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  479.541349][T15343] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  479.545681][T15343] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  479.594038][T15343] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.622771][T15343] 8021q: adding VLAN 0 to HW filter on device team0
[  479.633240][ T7550] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.635483][ T7550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.643634][ T7547] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.645975][ T7547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.763628][T15343] 8021q: adding VLAN 0 to HW filter on device batadv0
[  479.793345][T15343] veth0_vlan: entered promiscuous mode
[  479.798631][T15343] veth1_vlan: entered promiscuous mode
[  479.818406][T15343] veth0_macvtap: entered promiscuous mode
[  479.823679][T15343] veth1_macvtap: entered promiscuous mode
[  479.840882][T15343] batman_adv: batadv0: Interface activated: batadv_slave_0
[  479.861435][T15343] batman_adv: batadv0: Interface activated: batadv_slave_1
[  479.864016][ T5954] Bluetooth: hci0: command tx timeout
[  479.867576][T15343] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  479.870405][T15343] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  479.873127][T15343] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  479.876289][T15343] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  479.920939][ T7547] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.923631][ T7547] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.962174][ T7551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.967017][ T7551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  480.106720][T15430] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2463'.
[  482.087777][ T5954] Bluetooth: hci0: command tx timeout
[  484.105256][T15474] atomic_op ffff888054485198 conn xmit_atomic 0000000000000000
[  484.310829][ T5954] Bluetooth: hci0: command tx timeout
[  484.880144][T15482] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.882587][T15482] bridge0: port 1(bridge_slave_0) entered disabled state
[  484.955696][T15482] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  484.969131][T15482] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  485.034576][T15482] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  485.037285][T15482] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  485.041663][T15482] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  485.044254][T15482] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  485.620951][   T40] kauditd_printk_skb: 225 callbacks suppressed
[  485.620963][   T40] audit: type=1326 audit(1751719020.803:11988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[  485.636315][   T40] audit: type=1326 audit(1751719020.803:11989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.643176][   T40] audit: type=1326 audit(1751719020.803:11990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.650533][   T40] audit: type=1326 audit(1751719020.803:11991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.657111][   T40] audit: type=1326 audit(1751719020.803:11992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.665122][   T40] audit: type=1326 audit(1751719020.803:11993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.671884][   T40] audit: type=1326 audit(1751719020.803:11994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.678279][   T40] audit: type=1326 audit(1751719020.803:11995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.687046][   T40] audit: type=1326 audit(1751719020.803:11996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.693612][   T40] audit: type=1326 audit(1751719020.803:11997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15493 comm="syz.4.2479" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f78598 code=0x7ffc0000
[  485.763385][T15499] FAULT_INJECTION: forcing a failure.
[  485.763385][T15499] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.773662][T15499] CPU: 3 UID: 0 PID: 15499 Comm: syz.4.2481 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  485.773680][T15499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  485.773686][T15499] Call Trace:
[  485.773690][T15499]  <TASK>
[  485.773694][T15499]  dump_stack_lvl+0x16c/0x1f0
[  485.773714][T15499]  should_fail_ex+0x512/0x640
[  485.773732][T15499]  _copy_from_iter+0x29f/0x16f0
[  485.773750][T15499]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  485.773769][T15499]  ? __pfx__copy_from_iter+0x10/0x10
[  485.773785][T15499]  ? alloc_pages_mpol+0x25a/0x550
[  485.773798][T15499]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  485.773811][T15499]  copy_page_from_iter+0xde/0x180
[  485.773829][T15499]  anon_pipe_write+0xbe7/0x1a70
[  485.773851][T15499]  ? __pfx_anon_pipe_write+0x10/0x10
[  485.773868][T15499]  ? apparmor_file_permission+0x251/0x400
[  485.773881][T15499]  ? bpf_lsm_file_permission+0x9/0x10
[  485.773893][T15499]  ? security_file_permission+0x71/0x210
[  485.773908][T15499]  ? rw_verify_area+0xcf/0x680
[  485.773922][T15499]  vfs_write+0x6c7/0x1150
[  485.773938][T15499]  ? __pfx_anon_pipe_write+0x10/0x10
[  485.773956][T15499]  ? __pfx_vfs_write+0x10/0x10
[  485.773969][T15499]  ? find_held_lock+0x2b/0x80
[  485.773989][T15499]  ksys_write+0x1f8/0x250
[  485.774004][T15499]  ? __pfx_ksys_write+0x10/0x10
[  485.774020][T15499]  ? rcu_is_watching+0x12/0xc0
[  485.774033][T15499]  __do_fast_syscall_32+0x7c/0x3a0
[  485.774050][T15499]  do_fast_syscall_32+0x32/0x80
[  485.774066][T15499]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.774079][T15499] RIP: 0023:0xf7f78579
[  485.774088][T15499] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  485.774103][T15499] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  485.774112][T15499] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000340
[  485.774119][T15499] RDX: 0000000000011000 RSI: 0000000000000000 RDI: 0000000000000000
[  485.774124][T15499] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  485.774130][T15499] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  485.774135][T15499] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  485.774148][T15499]  </TASK>
[  487.586365][T15516] FAULT_INJECTION: forcing a failure.
[  487.586365][T15516] name failslab, interval 1, probability 0, space 0, times 0
[  487.590647][T15516] CPU: 0 UID: 0 PID: 15516 Comm: syz.2.2489 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  487.590672][T15516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.590690][T15516] Call Trace:
[  487.590694][T15516]  <TASK>
[  487.590699][T15516]  dump_stack_lvl+0x16c/0x1f0
[  487.590719][T15516]  should_fail_ex+0x512/0x640
[  487.590734][T15516]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  487.590753][T15516]  should_failslab+0xc2/0x120
[  487.590764][T15516]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  487.590782][T15516]  ? ovl_parse_param+0x6f0/0x1570
[  487.590795][T15516]  kstrdup+0x53/0x100
[  487.590812][T15516]  ovl_parse_param+0x6f0/0x1570
[  487.590825][T15516]  ? __pfx_ovl_parse_param+0x10/0x10
[  487.590836][T15516]  ? trace_kmalloc+0x2b/0xd0
[  487.590846][T15516]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  487.590863][T15516]  ? static_key_count+0x5a/0x70
[  487.590877][T15516]  ? __pfx_ovl_parse_param+0x10/0x10
[  487.590888][T15516]  vfs_parse_fs_param+0x208/0x3c0
[  487.590905][T15516]  vfs_parse_fs_string+0xe9/0x150
[  487.590920][T15516]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  487.590939][T15516]  ? ovl_next_opt+0x143/0x1c0
[  487.590949][T15516]  ? __pfx_ovl_next_opt+0x10/0x10
[  487.590959][T15516]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  487.590974][T15516]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  487.590991][T15516]  ? alloc_fs_context+0x59b/0x9c0
[  487.591009][T15516]  path_mount+0x13cd/0x2020
[  487.591019][T15516]  ? kmem_cache_free+0x2d1/0x4d0
[  487.591034][T15516]  ? __pfx_path_mount+0x10/0x10
[  487.591043][T15516]  ? getname_flags.part.0+0x1c5/0x550
[  487.591057][T15516]  ? putname+0x154/0x1a0
[  487.591069][T15516]  __ia32_sys_mount+0x28b/0x310
[  487.591079][T15516]  ? __pfx___ia32_sys_mount+0x10/0x10
[  487.591090][T15516]  ? rcu_is_watching+0x12/0xc0
[  487.591103][T15516]  __do_fast_syscall_32+0x7c/0x3a0
[  487.591121][T15516]  do_fast_syscall_32+0x32/0x80
[  487.591137][T15516]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  487.591154][T15516] RIP: 0023:0xf709e579
[  487.591162][T15516] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  487.591172][T15516] RSP: 002b:00000000f508e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  487.591182][T15516] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  487.591189][T15516] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000080000180
[  487.591195][T15516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  487.591200][T15516] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  487.591206][T15516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.591218][T15516]  </TASK>
[  487.592304][T15518] FAULT_INJECTION: forcing a failure.
[  487.592304][T15518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  487.684539][T15518] CPU: 0 UID: 0 PID: 15518 Comm: syz.5.2487 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  487.684555][T15518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.684561][T15518] Call Trace:
[  487.684565][T15518]  <TASK>
[  487.684569][T15518]  dump_stack_lvl+0x16c/0x1f0
[  487.684589][T15518]  should_fail_ex+0x512/0x640
[  487.684606][T15518]  _copy_from_user+0x2e/0xd0
[  487.684616][T15518]  cdrom_ioctl+0xbcc/0x3190
[  487.684630][T15518]  ? __pfx_cdrom_ioctl+0x10/0x10
[  487.684642][T15518]  ? rpm_resume+0x80c/0x1310
[  487.684658][T15518]  ? rcu_is_watching+0x12/0xc0
[  487.684670][T15518]  ? rpm_resume+0x80c/0x1310
[  487.684684][T15518]  ? trace_rpm_return_int+0x196/0x220
[  487.684705][T15518]  ? __pfx_rpm_resume+0x10/0x10
[  487.684720][T15518]  ? do_raw_spin_lock+0x12c/0x2b0
[  487.684738][T15518]  ? find_held_lock+0x2b/0x80
[  487.684749][T15518]  ? mark_held_locks+0x49/0x80
[  487.684762][T15518]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  487.684777][T15518]  ? lockdep_hardirqs_on+0x7c/0x110
[  487.684792][T15518]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  487.684806][T15518]  ? __pm_runtime_resume+0xc3/0x170
[  487.684817][T15518]  sr_block_ioctl+0x1b0/0x250
[  487.684835][T15518]  ? __pfx_sr_block_ioctl+0x10/0x10
[  487.684851][T15518]  blkdev_compat_ptr_ioctl+0x9f/0xe0
[  487.684865][T15518]  ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10
[  487.684877][T15518]  compat_blkdev_ioctl+0x2ee/0x7a0
[  487.684891][T15518]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  487.684919][T15518]  ? __pfx_fput+0x10/0x10
[  487.684932][T15518]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  487.684946][T15518]  __ia32_compat_sys_ioctl+0x23f/0x370
[  487.684962][T15518]  __do_fast_syscall_32+0x7c/0x3a0
[  487.684979][T15518]  do_fast_syscall_32+0x32/0x80
[  487.684996][T15518]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  487.685009][T15518] RIP: 0023:0xf7fc6579
[  487.685017][T15518] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  487.685027][T15518] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  487.685037][T15518] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005310
[  487.685044][T15518] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  487.685049][T15518] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  487.685055][T15518] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  487.685061][T15518] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  487.685073][T15518]  </TASK>
[  488.138816][ T6021] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  488.320327][ T6021] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  488.327963][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.330925][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.334348][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.337848][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.340559][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.343924][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.346764][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.349882][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.354120][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.365206][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.368130][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.371503][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.375004][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.377699][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.381293][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.396204][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.399138][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.402959][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.407981][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.410822][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.414091][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.417236][ T6021] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  488.420007][ T6021] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  488.423338][ T6021] usb 9-1: config 0 interface 0 has no altsetting 0
[  488.447751][ T6021] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  488.450854][ T6021] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  488.453405][ T6021] usb 9-1: Product: syz
[  488.455223][ T6021] usb 9-1: Manufacturer: syz
[  488.456862][ T6021] usb 9-1: SerialNumber: syz
[  488.466321][ T6021] usb 9-1: config 0 descriptor??
[  488.486702][ T6021] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  490.507067][T15560] netlink: 'syz.5.2503': attribute type 11 has an invalid length.
[  490.510448][T15560] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2503'.
[  491.133734][   T61] usb 9-1: USB disconnect, device number 22
[  491.147902][   T61] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  491.455515][T15578] netlink: 'syz.0.2509': attribute type 1 has an invalid length.
[  491.458160][T15578] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2509'.
[  491.574169][T15580] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.576694][T15580] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.648989][T15580] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  491.655825][T15580] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.707873][T15580] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.713112][T15580] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.716433][T15580] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  491.719521][T15580] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  492.588476][T15573] atomic_op ffff88804d962998 conn xmit_atomic 0000000000000000
[  492.712039][T15590] IPVS: Error connecting to the multicast addr
[  494.315530][T15616] IPVS: Error connecting to the multicast addr
[  494.668217][T15605] syz.2.2516 (15605) used greatest stack depth: 19240 bytes left
[  495.255479][T15636] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  496.249770][T15648] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2535'.
[  496.324221][T15655] hsr0: entered promiscuous mode
[  496.326149][T15654] hsr0: left promiscuous mode
[  497.185255][   T40] kauditd_printk_skb: 261 callbacks suppressed
[  497.185487][   T40] audit: type=1326 audit(1751719031.626:12259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.195081][   T40] audit: type=1326 audit(1751719031.626:12260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.214386][   T40] audit: type=1326 audit(1751719031.626:12261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.220927][   T40] audit: type=1326 audit(1751719031.626:12262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.228796][   T40] audit: type=1326 audit(1751719031.626:12263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf709e579 code=0x7ffc0000
[  497.235411][   T40] audit: type=1326 audit(1751719031.626:12264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.2.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  499.076313][T15709] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  499.734189][T15712] lo speed is unknown, defaulting to 1000
[  499.736172][T15712] lo speed is unknown, defaulting to 1000
[  499.739662][T15712] lo speed is unknown, defaulting to 1000
[  499.745989][T15712] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  499.752228][T15712] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  499.823561][T15712] lo speed is unknown, defaulting to 1000
[  499.828070][T15712] lo speed is unknown, defaulting to 1000
[  499.830987][T15712] lo speed is unknown, defaulting to 1000
[  499.834845][T15712] lo speed is unknown, defaulting to 1000
[  499.838084][T15712] lo speed is unknown, defaulting to 1000
[  499.840832][T15712] lo speed is unknown, defaulting to 1000
[  500.250386][T15720] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2553'.
[  501.330119][ T6021] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  501.366858][T15737] xt_SECMARK: invalid mode: 0
[  501.492287][ T6021] usb 5-1: Using ep0 maxpacket: 8
[  501.592747][ T6021] usb 5-1: config index 0 descriptor too short (expected 46192, got 35)
[  501.596028][ T6021] usb 5-1: config 116 has too many interfaces: 209, using maximum allowed: 32
[  501.599622][ T6021] usb 5-1: config 116 has an invalid descriptor of length 112, skipping remainder of the config
[  501.603680][ T6021] usb 5-1: config 116 has 0 interfaces, different from the descriptor's value: 209
[  501.618810][ T6021] usb 5-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[  501.621538][ T6021] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.624261][ T6021] usb 5-1: Product: syz
[  501.626049][ T6021] usb 5-1: Manufacturer: syz
[  501.627955][ T6021] usb 5-1: SerialNumber: syz
[  502.956541][T15752] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  503.045139][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  503.291339][ T6021] usb 5-1: USB disconnect, device number 28
[  503.623271][   T40] audit: type=1326 audit(1751719037.640:12265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.632209][   T40] audit: type=1326 audit(1751719037.640:12266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.641128][   T40] audit: type=1326 audit(1751719037.659:12267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.649938][   T40] audit: type=1326 audit(1751719037.659:12268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.659063][   T40] audit: type=1326 audit(1751719037.659:12269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.669000][   T40] audit: type=1326 audit(1751719037.659:12270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.675328][T15768] overlay: Unknown parameter 'permit_directio'
[  503.679342][   T40] audit: type=1326 audit(1751719037.659:12271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  503.687508][   T40] audit: type=1326 audit(1751719037.659:12272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15765 comm="syz.2.2568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  504.089617][T15777] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  504.987074][   T40] audit: type=1326 audit(1751719038.922:12273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15792 comm="syz.0.2578" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  505.002808][   T40] audit: type=1326 audit(1751719038.922:12274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15792 comm="syz.0.2578" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  505.284400][T15800] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2576'.
[  506.204630][T15817] ip6t_srh: unknown srh invflags 6BE9
[  506.724823][T15822] FAULT_INJECTION: forcing a failure.
[  506.724823][T15822] name failslab, interval 1, probability 0, space 0, times 0
[  506.735613][T15822] CPU: 2 UID: 0 PID: 15822 Comm: syz.2.2588 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
[  506.735640][T15822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  506.735647][T15822] Call Trace:
[  506.735651][T15822]  <TASK>
[  506.735655][T15822]  dump_stack_lvl+0x16c/0x1f0
[  506.735676][T15822]  should_fail_ex+0x512/0x640
[  506.735694][T15822]  should_failslab+0xc2/0x120
[  506.735706][T15822]  __kmalloc_cache_noprof+0x6a/0x3e0
[  506.735721][T15822]  ? sctp_add_bind_addr+0xae/0x3f0
[  506.735739][T15822]  sctp_add_bind_addr+0xae/0x3f0
[  506.735756][T15822]  sctp_copy_local_addr_list+0x39d/0x5a0
[  506.735769][T15822]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  506.735782][T15822]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  506.735796][T15822]  ? sctp_bind_addr_copy+0xe0/0x530
[  506.735811][T15822]  sctp_bind_addr_copy+0xe0/0x530
[  506.735830][T15822]  sctp_connect_new_asoc+0x1d7/0x790
[  506.735844][T15822]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  506.735861][T15822]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  506.735875][T15822]  sctp_sendmsg+0x15f9/0x1ee0
[  506.735892][T15822]  ? __pfx_sctp_sendmsg+0x10/0x10
[  506.735906][T15822]  ? __pfx___might_resched+0x10/0x10
[  506.735922][T15822]  ? __might_fault+0xe3/0x190
[  506.735939][T15822]  ? __pfx_aa_sk_perm+0x10/0x10
[  506.735955][T15822]  ? __pfx_sctp_sendmsg+0x10/0x10
[  506.735968][T15822]  inet_sendmsg+0x119/0x140
[  506.735984][T15822]  __sys_sendto+0x43c/0x520
[  506.735999][T15822]  ? __pfx___sys_sendto+0x10/0x10
[  506.736026][T15822]  ? ksys_write+0x1ac/0x250
[  506.736045][T15822]  __ia32_sys_sendto+0xdd/0x1b0
[  506.736058][T15822]  ? lockdep_hardirqs_on+0x7c/0x110
[  506.736074][T15822]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  506.736090][T15822]  __do_fast_syscall_32+0x7c/0x3a0
[  506.736108][T15822]  do_fast_syscall_32+0x32/0x80
[  506.736124][T15822]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  506.736137][T15822] RIP: 0023:0xf709e579
[  506.736146][T15822] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  506.736155][T15822] RSP: 002b:00000000f508e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  506.736166][T15822] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  506.736172][T15822] RDX: 000000000000ff80 RSI: 000000002000c8d4 RDI: 00000000800000c0
[  506.736178][T15822] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  506.736183][T15822] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  506.736189][T15822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  506.736203][T15822]  </TASK>
[  506.820558][T15823] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  507.059246][T15834] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2593'.
[  507.059253][T15833] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2593'.
[  507.471195][T15863] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  507.473774][T15863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2600'.
[  508.012300][T15872] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  508.064257][T15878] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2603'.
[  509.042058][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  509.042069][   T40] audit: type=1326 audit(1751719042.710:12293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.050809][   T40] audit: type=1326 audit(1751719042.710:12294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.057548][   T40] audit: type=1326 audit(1751719042.710:12295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.064630][   T40] audit: type=1326 audit(1751719042.710:12296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.072036][   T40] audit: type=1326 audit(1751719042.710:12297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.078662][   T40] audit: type=1326 audit(1751719042.710:12298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15887 comm="syz.5.2608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  509.660065][T15904] input: syz0 as /devices/virtual/input/input23
[  510.800226][   T40] audit: type=1326 audit(1751719044.356:12299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15919 comm="syz.2.2618" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  510.809918][   T40] audit: type=1326 audit(1751719044.356:12300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15919 comm="syz.2.2618" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  510.834034][   T40] audit: type=1326 audit(1751719044.356:12301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15919 comm="syz.2.2618" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf709e579 code=0x7ffc0000
[  510.847779][   T40] audit: type=1326 audit(1751719044.356:12302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15919 comm="syz.2.2618" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  511.018023][T15939] openvswitch: netlink: IP tunnel dst address not specified
[  511.023229][T15933] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  511.024460][T15939] fuse: Unknown parameter 'grox<�R"00000000000000000000'
[  511.956157][T15955] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2629'.
[  513.220105][T15974] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2633'.
[  513.291187][T15974] bridge3: port 1(ip6gretap1) entered blocking state
[  513.293707][T15974] bridge3: port 1(ip6gretap1) entered disabled state
[  513.295885][T15974] ip6gretap1: entered allmulticast mode
[  513.298797][T15974] ip6gretap1: entered promiscuous mode
[  513.452445][T15983] fuse: Bad value for 'fd'
[  514.199108][T15991] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  514.956588][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  514.956600][   T40] audit: type=1326 audit(1751719048.238:12313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  514.976968][   T40] audit: type=1326 audit(1751719048.238:12314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.006995][   T40] audit: type=1326 audit(1751719048.238:12315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.014491][   T40] audit: type=1326 audit(1751719048.238:12316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.021931][   T40] audit: type=1326 audit(1751719048.238:12317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.028895][   T40] audit: type=1326 audit(1751719048.238:12318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.035529][   T40] audit: type=1326 audit(1751719048.238:12319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.041844][   T40] audit: type=1326 audit(1751719048.238:12320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15997 comm="syz.5.2642" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  515.052414][T16006] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  515.235443][T16020] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2646'.
[  516.234718][T16036] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  516.714317][ T6021] libceph: connect (1)[c::]:6789 error -101
[  516.717657][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  516.920256][T16048] ip6t_srh: unknown srh invflags 6BE9
[  516.926976][T16048] ubi31: attaching mtd0
[  516.933341][T16048] ubi31: scanning is finished
[  516.935200][T16048] ubi31: empty MTD device detected
[  516.992057][ T6021] libceph: connect (1)[c::]:6789 error -101
[  516.995166][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  517.032091][T16048] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  517.035630][T16048] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  517.039205][T16048] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  517.042325][T16048] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  517.044687][T16048] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  517.046966][T16048] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  517.049573][T16048] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1866817020
[  517.052706][T16048] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  517.056600][T16050] ubi31: background thread "ubi_bgt31d" started, PID 16050
[  517.141678][T16053] input: syz0 as /devices/virtual/input/input24
[  517.548379][ T6021] libceph: connect (1)[c::]:6789 error -101
[  517.550308][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  517.783375][T16043] ceph: No mds server is up or the cluster is laggy
[  519.344378][T16062] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2659'.
[  519.368770][T16082] netlink: 'syz.5.2662': attribute type 10 has an invalid length.
[  519.371383][T16082] veth0_vlan: left promiscuous mode
[  519.397943][T16082] veth0_vlan: entered promiscuous mode
[  519.401521][T16082] team0: Device veth0_vlan failed to register rx_handler
[  519.647382][T16093] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2670'.
[  521.047115][T16110] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  521.080497][T16113] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2678'.
[  521.100486][T16113] bridge11: port 1(ip6gretap1) entered blocking state
[  521.102740][T16113] bridge11: port 1(ip6gretap1) entered disabled state
[  521.104972][T16113] ip6gretap1: entered allmulticast mode
[  521.118459][T16113] ip6gretap1: entered promiscuous mode
[  521.364380][T16115] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2677'.
[  521.915222][   T40] audit: type=1326 audit(1751719054.758:12321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  521.927593][   T40] audit: type=1326 audit(1751719054.758:12322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  521.936681][   T40] audit: type=1326 audit(1751719054.758:12323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  521.946093][   T40] audit: type=1326 audit(1751719054.758:12324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  521.955129][   T40] audit: type=1326 audit(1751719054.758:12325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  521.964318][   T40] audit: type=1326 audit(1751719054.758:12326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000
[  521.973351][   T40] audit: type=1326 audit(1751719054.758:12327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  521.982363][   T40] audit: type=1326 audit(1751719054.758:12328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  521.991362][   T40] audit: type=1326 audit(1751719054.758:12329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  522.000704][   T40] audit: type=1326 audit(1751719054.758:12330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16147 comm="syz.5.2689" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7ffc0000
[  522.662018][T16168] 9pnet_virtio: no channels available for device syz
[  523.410069][T16179] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2699'.
[  523.781017][T16193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2704'.
[  525.768857][   T61] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  525.929185][   T61] usb 5-1: Using ep0 maxpacket: 16
[  525.933029][   T61] usb 5-1: config 0 has an invalid descriptor of length 217, skipping remainder of the config
[  525.936377][   T61] usb 5-1: config 0 interface 0 altsetting 253 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  525.937117][T16239] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  525.940828][   T61] usb 5-1: config 0 interface 0 has no altsetting 0
[  525.945360][   T61] usb 5-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  525.948311][   T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.952223][   T61] usb 5-1: config 0 descriptor??
[  525.982658][  T838] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  526.145282][  T838] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  526.148742][  T838] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 24623, setting to 1024
[  526.152217][  T838] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  526.155449][  T838] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  526.158300][  T838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.167324][T16230] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  526.172563][  T838] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  526.752186][T16246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2718'.
[  527.135138][   T61] usb 5-1: string descriptor 0 read error: -71
[  527.144276][   T61] usb 5-1: USB disconnect, device number 29
[  527.828663][T16266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2724'.
[  527.870401][T16269] team0: No ports can be present during mode change
[  527.873689][T16269] netlink: 'syz.5.2725': attribute type 10 has an invalid length.
[  527.878317][T16269] 8021q: adding VLAN 0 to HW filter on device bond0
[  527.881899][T16269] team0: Port device bond0 added
[  527.885179][T16269] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2725'.
[  527.963848][T16269] team0 (unregistering): Port device team_slave_0 removed
[  527.967254][T16269] team0 (unregistering): Port device team_slave_1 removed
[  527.976766][T16269] team0 (unregistering): Port device bond0 removed
[  528.366420][T16273] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  528.959424][ T6042] usb 7-1: USB disconnect, device number 25
[  529.062199][T16283] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  529.189313][T16287] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  529.230533][T16289] overlayfs: missing 'lowerdir'
[  529.248717][   T40] kauditd_printk_skb: 275 callbacks suppressed
[  529.248727][   T40] audit: type=1326 audit(1751719061.614:12606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16290 comm="syz.2.2733" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf709e579 code=0x0
[  531.254684][T16317] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  531.987079][T16325] syzkaller0: entered promiscuous mode
[  531.989042][T16325] syzkaller0: entered allmulticast mode
[  532.551176][T16333] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2744'.
[  534.182332][   T61] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  534.274158][T16372] ieee802154 phy0 wpan0: encryption failed: -22
[  534.351725][T16370] netlink: 'syz.0.2756': attribute type 10 has an invalid length.
[  534.353469][   T61] usb 9-1: Using ep0 maxpacket: 32
[  534.358910][   T61] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  534.362379][   T61] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  534.366153][   T61] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  534.369815][   T61] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  534.372710][   T61] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  534.376931][   T61] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  534.379716][   T61] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.380996][T16370] veth0_vlan: left promiscuous mode
[  534.390064][   T61] usb 9-1: config 0 descriptor??
[  534.395076][T16370] veth0_vlan: entered promiscuous mode
[  534.426418][T16370] team0: Device veth0_vlan failed to register rx_handler
[  534.613641][ T1023] usb 9-1: USB disconnect, device number 23
[  535.041607][T16359] netlink: 'syz.4.2754': attribute type 1 has an invalid length.
[  535.044036][T16359] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2754'.
[  535.105740][T16379] tipc: Invalid UDP bearer configuration
[  535.105766][T16379] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  535.140264][T16381] netlink: 'syz.2.2759': attribute type 5 has an invalid length.
[  535.698447][T16389] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2760'.
[  536.302647][T16411] lo speed is unknown, defaulting to 1000
[  536.428614][T16411] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2769'.
[  536.701847][T16418] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2771'.
[  537.062823][T16426] 9pnet: Unknown protocol version 9p20\++}
[  537.376123][T16432] ip6tnl1: entered promiscuous mode
[  537.377876][T16432] ip6tnl1: entered allmulticast mode
[  537.382070][T16432] team0: Device ip6tnl1 is of different type
[  538.338356][T16452] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2781'.
[  539.560178][T15425] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  539.720058][T15425] usb 9-1: Using ep0 maxpacket: 16
[  539.723672][T15425] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  539.745601][T15425] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  539.749493][T15425] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.752410][T15425] usb 9-1: Product: syz
[  539.753862][T15425] usb 9-1: Manufacturer: syz
[  539.756169][T15425] usb 9-1: SerialNumber: syz
[  539.760357][T15425] usb 9-1: config 0 descriptor??
[  539.765796][T15425] em28xx 9-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  539.769685][T15425] em28xx 9-1:0.0: DVB interface 0 found: bulk
[  540.042390][T15425] em28xx 9-1:0.0: unknown em28xx chip ID (0)
[  540.186195][T15425] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  540.188797][T15425] em28xx 9-1:0.0: board has no eeprom
[  540.254599][T15425] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  540.257094][T15425] em28xx 9-1:0.0: dvb set to bulk mode.
[  540.260602][ T1023] em28xx 9-1:0.0: Binding DVB extension
[  540.266640][T15425] usb 9-1: USB disconnect, device number 24
[  540.270527][T15425] em28xx 9-1:0.0: Disconnecting em28xx
[  540.291713][ T1023] em28xx 9-1:0.0: Registering input extension
[  540.295203][T15425] em28xx 9-1:0.0: Closing input extension
[  540.312121][T15425] em28xx 9-1:0.0: Freeing device
[  541.313517][ T6021] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  541.495996][ T6021] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  541.499403][ T6021] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 24623, setting to 1024
[  541.502787][ T6021] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[  541.507181][ T6021] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  541.509972][ T6021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.514295][T16523] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  541.518156][ T6021] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  541.865187][T16543] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2810'.
[  541.868592][T16543] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005d: 0000 [#1] SMP KASAN NOPTI
[  541.872441][T16543] KASAN: null-ptr-deref in range [0x00000000000002e8-0x00000000000002ef]
[  541.875171][T16543] CPU: 0 UID: 0 PID: 16543 Comm: syz.5.2810 Not tainted 6.16.0-rc4-syzkaller-00286-gc435a4f487e8 #0 PREEMPT(full) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  541.880468][T16543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  541.883786][T16543] RIP: 0010:hfsc_qlen_notify+0x28/0x180
[  541.885573][T16543] Code: 90 90 f3 0f 1e fa 41 54 55 53 48 89 f3 e8 10 4c 30 f8 48 8d bb ec 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 08
[  541.891404][T16543] RSP: 0018:ffffc9000f367320 EFLAGS: 00010203
[  541.893329][T16543] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90026301000
[  541.895730][T16543] RDX: 000000000000005d RSI: ffffffff898b4110 RDI: 00000000000002ec
[  541.898140][T16543] RBP: 00000000000a000a R08: 0000000000000005 R09: 0000000000000000
[  541.900608][T16543] R10: 00000000000a000a R11: 0000000000000001 R12: ffffffff8ce87ee0
[  541.903180][T16543] R13: 0000000000000000 R14: ffffffff8ce87ec0 R15: ffff888073277000
[  541.905945][T16543] FS:  0000000000000000(0000) GS:ffff888097522000(0063) knlGS:00000000f50e6b40
[  541.908659][T16543] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  541.910662][T16543] CR2: 000000002d615ff8 CR3: 000000006f774000 CR4: 0000000000352ef0
[  541.913095][T16543] Call Trace:
[  541.914114][T16543]  <TASK>
[  541.915019][T16543]  qdisc_tree_reduce_backlog+0x221/0x500
[  541.916711][T16543]  sfq_init+0x88a/0x2540
[  541.918013][T16543]  ? __pfx_sfq_init+0x10/0x10
[  541.919471][T16543]  ? qdisc_alloc+0x94f/0xc50
[  541.920883][T16543]  ? __pfx_sfq_init+0x10/0x10
[  541.922711][T16543]  qdisc_create+0x454/0xfc0
[  541.924248][T16543]  tc_modify_qdisc+0x12bb/0x2130
[  541.925757][T16543]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  541.927352][T16543]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  541.928968][T16543]  rtnetlink_rcv_msg+0x3c9/0xe90
[  541.930473][T16543]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  541.932122][T16543]  ? __lock_acquire+0x622/0x1c90
[  541.933659][T16543]  netlink_rcv_skb+0x155/0x420
[  541.935151][T16543]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  541.936792][T16543]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  541.938378][T16543]  ? netlink_deliver_tap+0x1ae/0xd30
[  541.940024][T16543]  ? is_vmalloc_addr+0x86/0xa0
[  541.941951][T16543]  netlink_unicast+0x53d/0x7f0
[  541.943393][T16543]  ? __pfx_netlink_unicast+0x10/0x10
[  541.944994][T16543]  netlink_sendmsg+0x8d1/0xdd0
[  541.946431][T16543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  541.948008][T16543]  ? __import_iovec+0x1dd/0x650
[  541.949523][T16543]  ____sys_sendmsg+0xa95/0xc70
[  541.951031][T16543]  ? __pfx_____sys_sendmsg+0x10/0x10
[  541.952633][T16543]  ? get_compat_msghdr+0x11a/0x170
[  541.954169][T16543]  ? try_to_wake_up+0xa2f/0x1680
[  541.955667][T16543]  ___sys_sendmsg+0x134/0x1d0
[  541.957151][T16543]  ? __pfx____sys_sendmsg+0x10/0x10
[  541.958830][T16543]  ? find_held_lock+0x2b/0x80
[  541.960731][T16543]  __sys_sendmsg+0x16d/0x220
[  541.962197][T16543]  ? __pfx___sys_sendmsg+0x10/0x10
[  541.963914][T16543]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  541.965691][T16543]  ? rcu_is_watching+0x12/0xc0
[  541.967232][T16543]  __do_fast_syscall_32+0x7c/0x3a0
[  541.969188][T16543]  do_fast_syscall_32+0x32/0x80
[  541.971260][T16543]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  541.973939][T16543] RIP: 0023:0xf7fc6579
[  541.975659][T16543] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  541.983606][T16543] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  541.987054][T16543] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000080000040
[  541.990313][T16543] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  541.993577][T16543] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  541.996651][T16543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  541.999728][T16543] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  542.003010][T16543]  </TASK>
[  542.004312][T16543] Modules linked in:
[  542.006024][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.008522][T16543] ---[ end trace 0000000000000000 ]---
[  542.010791][T16543] RIP: 0010:hfsc_qlen_notify+0x28/0x180
[  542.013164][T16543] Code: 90 90 f3 0f 1e fa 41 54 55 53 48 89 f3 e8 10 4c 30 f8 48 8d bb ec 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 08
[  542.020287][T16543] RSP: 0018:ffffc9000f367320 EFLAGS: 00010203
[  542.022204][T16543] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90026301000
[  542.024554][T16543] RDX: 000000000000005d RSI: ffffffff898b4110 RDI: 00000000000002ec
[  542.026820][T16543] RBP: 00000000000a000a R08: 0000000000000005 R09: 0000000000000000
[  542.029338][T16543] R10: 00000000000a000a R11: 0000000000000001 R12: ffffffff8ce87ee0
[  542.031768][T16543] R13: 0000000000000000 R14: ffffffff8ce87ec0 R15: ffff888073277000
[  542.034246][T16543] FS:  0000000000000000(0000) GS:ffff888097522000(0063) knlGS:00000000f50e6b40
[  542.037011][T16543] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  542.039089][T16543] CR2: 000000002d615ff8 CR3: 000000006f774000 CR4: 0000000000352ef0
[  542.041603][T16543] Kernel panic - not syncing: Fatal exception in interrupt
[  542.044503][T16543] Kernel Offset: disabled
[  542.045857][T16543] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:25:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000050 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85586985 RDI=ffffffff9b0aa9c0 RBP=ffffffff9b0aa980 RSP=ffffc9000f366c90
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552030203a555043
R12=0000000000000000 R13=0000000000000050 R14=ffffffff9b0aa980 R15=ffffffff85586920
RIP=ffffffff855869af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097522000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002d615ff8 CR3=000000006f774000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000100001 Opmask01=000000000000001f Opmask02=00000000ffff7fdf Opmask03=0000000001041000
Opmask04=00000000fffffffe Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f68637461772f76 6564752f6e75722f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556b892bae80
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556b892991d0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fecb17f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c431d1c1a141601 5c43000611171d5c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 772f766564752f6e 75722f00646c6f2e 68637461772f7665 64752f6e75722f00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 520a534041500a4b 50570a0041494a0b 4d465144520a5340 41500a4b50570a00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000211 000000336964696d 0033647261632f64 6e756f732f302e37
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002d1 726f702d6f007974 00736576616c7300 306d656d702f6b63
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 342c332c322c312c 3061722c4533312c 4433312c4333312c 4233312c4133312c
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3733312c3633312c 3433312c3333312c 3133312c3033316b 2c35312c332c312c
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30652d3836313365 4332383570463645 307633303030623a 7475706e693d5341
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f415f4400000054 53495300302f3032 0000000000010044 0000503255004f54
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffc9000dbafcd8 RCX=ffffffff820b2f77 RDX=ffff888022554880
RSI=ffffffff820b2f81 RDI=0000000000000004 RBP=00000000000001fd RSP=ffffc9000dbaf7f0
R8 =0000000000000004 R9 =000000000000004a R10=00000000000001fd R11=0000000000007c37
R12=0000000000000001 R13=000000000000004a R14=ffff88804c75f000 R15=0000000000000049
RIP=ffffffff81bb8d30 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097622000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f739f200 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000027402da RBX=0000000000000000 RCX=ffffc9003709d000 RDX=0000000000080000
RSI=ffffffff822b89b8 RDI=00000000027402da RBP=0000000000140cca RSP=ffffc90021bff048
R8 =0000000000000003 R9 =000000000000001f R10=0000000000000000 R11=0000000000010533
R12=1ffff9200437fe11 R13=0000000000000661 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff850aa61b RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097722000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7436188 CR3=000000005362b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffed100fffae2f RBX=ffffed100fffae30 RCX=ffffffff82143d96 RDX=0000000000000001
RSI=0000000000000008 RDI=ffff88807ffd7178 RBP=ffffed100fffae2f RSP=ffffc900030a7270
R8 =0000000000000000 R9 =ffffed100fffae2f R10=ffff88807ffd717f R11=ffffc900030a74b8
R12=ffff88803fffd9a0 R13=0000000000000003 R14=ffff88807ffd7178 R15=dffffc0000000000
RIP=ffffffff822169cb RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f18601e1300 ffffffff 00c00000
GS =0000 ffff888097822000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005590d9e95000 CR3=0000000049293000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000b03 0000001000000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746570682f766564 2f01ffffffffffff ffffeb080380033c 000005a700000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f01ffffffffffff ffffe5080d800310 808080fa08001084 0800010800060106
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ae03800200080004 00759000332f6466 01ffffffffffffff fff5080380030284
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800002080808088 00088002060174c2 00236365632f7665 642f01ffffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffeb08088003 0004000290a08008 000380021ffffffe b80800080148e200
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 09f00306100009e0 0300100009d00306 100009c003041000 09b00320100009a0
ZMM25=f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877 f9d54877f9d54877
ZMM26=8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21 8a18ec218a18ec21
ZMM27=8413906984139069 8413906984139069 8413906984139069 8413906984139069 8413906984139069 8413906984139069 8413906984139069 8413906984139069
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000 3f1a00003f1a0000