last executing test programs:

7.155020886s ago: executing program 0 (id=878):
socket$nl_route(0x10, 0x3, 0x0)
ioprio_set$pid(0x3, 0x0, 0x4007)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0xcb)
bind$ax25(r0, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
socket$pptp(0x18, 0x1, 0x2)
syz_io_uring_setup(0x29c, &(0x7f0000000300)={0x0, 0x14b6, 0x2, 0x1001, 0x136}, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000000))
r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000000)={0x1, 0x5}, 0x2)
syz_open_dev$radio(&(0x7f0000000100), 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x7b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x38}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/stat\x00')
getdents64(r3, &(0x7f0000000080)=""/52, 0x34)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$USERIO_CMD_REGISTER(r1, &(0x7f00000000c0)={0x0, 0xfc}, 0x2)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)

4.877460463s ago: executing program 2 (id=883):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0xbf}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'lo\x00', @broadcast})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
personality(0xb)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_int(r3, 0x29, 0xb, &(0x7f0000000200)=0x8b29, 0x4)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x10040, 0x4fa11, 0x4}, 0x0)
mlock(&(0x7f000068a000/0x2000)=nil, 0x2000)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r4, 0xc008551a, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xb, &(0x7f00000002c0)={0x200000000000008f, &(0x7f0000000280)=[{0x0, 0x6b, 0x9, 0x7ff}, {0x4, 0x6, 0x2, 0x10}, {0xe, 0x9, 0x7, 0x6b}]})
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x72, 0x242901)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x16, 0x16, &(0x7f0000000c80)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000002d35ffff000000006507000002000000070700004c0001fa0f75000000000000bf54000000000000070400000400f9ff3d1401000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c4e704000000000000a04d1ffc187fa1a2ba7ba0c0d507b92de00435fd233cc0f0d9b2c312b68856656ca9caa2ee4dc258d72e690098804de235cf020e35245c9f5526d35df627a64ac7efde50fd7f1d8bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07f8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6f902b261848d74096636ab6d8c63c8d62861cbc38d1e6bef45e672ac3d3d5243b85b3b15c7499ff39a3dadcbfbea9e050fb6940344dfbeebbf3e7e37d0a9a387518f926fba75479eacd4f51aeb28b6c56a75144ef6df55a275799897ca000000000000000000a514ad9d503919cfea82333ab7ff531d96c8d0d65f162f858995"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000400)={0x5}, 0x19f, 0x0, 0xffffffffffffffff, 0xfffffffffffffdcb}, 0x48)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0x80045515, &(0x7f00000000c0)={0x1, 0x1})
ioctl$COMEDI_BUFCONFIG(0xffffffffffffffff, 0x8020640d, &(0x7f0000000140)={0x80000001, 0x6, 0x7, 0x2})
ioctl$SCSI_IOCTL_GET_PCI(r6, 0x5393, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000200)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
socket(0x10, 0x3, 0x0)

4.778778579s ago: executing program 1 (id=884):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000003c0)={0x30, r2, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x80}]}, 0x30}}, 0x20000000)
ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000001c0)={0x4, 0xb, 0x2, {0x2, @pix={0x2, 0x0, 0x34325842, 0x8, 0x8, 0x2, 0x7, 0xdfc, 0x1, 0x4, 0x0, 0x2}}, 0x7c})
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYRES32=r4, @ANYBLOB='.'], 0x20)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@fallback, 0xffffffffffffffff, 0x7}, 0x20)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="ad", 0x1)
ioctl$XFS_IOC_SWAPEXT(r3, 0xc0a4586d, &(0x7f0000000340)={0x0, r0, r3, 0x6cb, 0x2, '\x00', {0x3, 0xe, 0xd9, 0x1, 0x7, 0x0, 0x3, 0x6, {0x2, 0x4}, {0xb46, 0x7}, {0x0, 0x6}, 0x2, 0xd376, 0x60000, 0x8, 0x49, 0xd79, 0x295, 0x9, 0x400, 0x7, '\x00', 0x8, 0x4, 0x7, 0x4}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0xa1, 0x301, 0x270bd24, 0x25dfdbfd}, 0x14}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000000)=@x86={0x4, 0x5, 0x17, 0x0, 0x3, 0xf9, 0x2, 0x79, 0xff, 0x88, 0x1, 0x1, 0x0, 0x8, 0x1, 0x8, 0x72, 0x7, 0xba, '\x00', 0x3})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4.758734122s ago: executing program 0 (id=885):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a010100000000000000000200000080fe0480140001800c00010032afd616632bfcc0c56e6f747261636b000400028008000b40000000020900020073797a3200000000140000001100010000000000000000000800000af05bb545779ce3b479b68e2a5e7d1667f4cca111501e22c66153db47ee82b69003dd45c4060e264caf6282d9e1feebfce5784f4a65f2c47bf2fb72f80e2e6be83309f5d8855dcf96c94adcb2f2a90135bf88f1423f3062aa7daeacacb8bebd6f102789c360575435cb"], 0x68}}, 0x4048010)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x2000c090)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x4048aec9, &(0x7f0000000840)={0x6, 0x0, @ioapic={0xeeee0000, 0x6, 0x8, 0x7, 0x0, [{0x6, 0xbd, 0xff, '\x00', 0x6}, {0x5, 0x12, 0x2}, {0x4, 0x7, 0x3c, '\x00', 0x6}, {0x1, 0xfb, 0x1}, {0x8, 0x8, 0xc, '\x00', 0x5}, {0x8, 0x77, 0x1, '\x00', 0x19}, {0x17, 0x5, 0xd6, '\x00', 0x8d}, {0xa, 0x9, 0x1}, {0x8, 0xf, 0x9, '\x00', 0x9}, {0x0, 0x20, 0xf, '\x00', 0x8}, {0x6, 0x3, 0xe1, '\x00', 0x5}, {0xfa, 0xff, 0x4, '\x00', 0x6}, {0x1, 0x80, 0x2, '\x00', 0x5}, {0x80, 0x6, 0x3, '\x00', 0x6}, {0x2, 0x81, 0x7, '\x00', 0xfd}, {0xc, 0x5, 0x2, '\x00', 0xf7}, {0x9, 0x10, 0x5, '\x00', 0x1}, {0xb7, 0x0, 0x9, '\x00', 0xc}, {0xa7, 0x1, 0x3, '\x00', 0x7}, {0xf, 0x3, 0x9, '\x00', 0xd}, {0x5, 0x5, 0x0, '\x00', 0x9}, {0x0, 0x6, 0x0, '\x00', 0x52}, {0xa, 0x5, 0x2f, '\x00', 0xff}, {0x8}]}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x8, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000580)={0xb, 0x9, 0x5})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffff9c, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000000001050500600000000000000a000000"], 0x14}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$vga_arbiter(r4, &(0x7f0000000300), 0xf)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
vmsplice(r2, &(0x7f0000000c80)=[{&(0x7f00000001c0)="de01bc92ebcca4da", 0x8}, {&(0x7f0000000600)="d5b21bc2ba6816f77b8ba23efa955a4d0e41236e8f2980d43a671e0d12b13b28b87066e9f139b6d4470ef8e42176d95017f8910f0ad3b5776ff79e88b8f8bd006ea8fda3a2409b0f0468b6fb59dcb3b9a8bafc014258962c698b6f314340048f0ccfcb3bb47c43c63a8553723b71eb233791a0ef7eebe73f680c338b46d6dfba27bcf94d8acd12273afc1d9dc3367a14a972aa5fd35d7c6e6ba84435ebd2ae19fd5f39681385fd2bf6edd916056be2622d341b81cd93d925c7a5098f5ea6f82744f2b848c77a10fa5474409979c61b35492fafdfbd", 0xd5}, {&(0x7f0000000700)="a5efb8573b18b082e0f82e16daec1b6b067eba24ed1dc7f2f2db8a604bf09383d19bace5a790b58ceb28335dfad4dd", 0x2f}, {&(0x7f0000000740)="837379f4bc482cb7017024955a6f382929fd917768bd236cc245a296c311def8fbd3f7d1e59f4acf3124b5ef8e3f1e13f7fccb629415a1f267cae72cb3c29e6ef0556989a98426cf4f31a496e277e71bf5483852b064ddfe4e74528abbdda0443ba9167eae149b10575aee46ea2ce24826ad71efd11e4ea30bcd21837386f36433f8296c", 0x84}, {&(0x7f0000000a80)="0c77e5f32a5cfc5960e18a706f97301621244fcee27d1788ec5fff05935212bbf773214b9549a82b435ca9f060fa6b54893f0766a501db902a499311759065deadc2c761310b349ef1de4422e8548ab3994ac70be9b73eef19b9a45f620b75880c8d59da1ac4727b6cfbb487780be16480e76473a5cf5be162dde2be067f0b477dfa4189cd566756bb5627d248a926e0e69774c97f9947b01a6ee04557c2b162d8ca8faa2a871af35f584092456a39e83813b8ee0484d86dcde4c35d474da0dfba566fa8e8e845", 0xc7}, {&(0x7f0000000b80)="cb79a95f7f3742920a9aba8d5e038959f0de92", 0x13}, {&(0x7f0000000bc0)="016dde9ed35ef545bf524e5b51a7678502f94993a41b323ada2d48244b40e916dfb216a1d7fae27d91edebf1e66d3507c4b019268f3a6064105b3b6624283fea122367a7640fe7a2f81da34009235fe18733279d8f5c842e7eb5971bdc8332fdf478bdf34de46ae7c3b59069f12fb822d8fa4d9473584531bb8fa17a9dfcfdfc5df91e25875722e7344ea4760d7b09d5c175a1dfd745ba605483001f69db39158001b4f84c", 0xa5}], 0x7, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x261)
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r3)
r7 = socket(0x28, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r7)
getsockname$packet(r7, &(0x7f0000000180)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xffffffffffffff43, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=r8, @ANYRES64=r6, @ANYRES32=0x0, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0xc814}, 0x20000000)

4.42010407s ago: executing program 1 (id=886):
r0 = socket$packet(0x11, 0x3, 0x300)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000440)={'das16m1\x00', [0x3dc0, 0x6, 0x802, 0x40300000, 0xe4, 0xc, 0x8, 0x8, 0x1009f, 0xfffffff7, 0xcd6, 0x6, 0x1db, 0x2, 0x7, 0xfe, 0x10002, 0xf, 0x0, 0x0, 0x2, 0x7, 0xf21, 0x0, 0xb, 0xc00, 0x3f, 0x9, 0x6, 0x1, 0xfffffffc]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_size', 0x202, 0x0)
sendfile(r3, r4, 0x0, 0x6)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000001f8300000000000000000000001000"], 0x48)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x4, 0xf, 0x80000006}, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x110)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r7, &(0x7f0000004140)="a1af56567af19ce4706948d30f35abf6494690656d554e6190797369db23a302f328aa47a2e54509379ba2e477e6e0461d2e45920d509fa49de04732cd2f4a4e34d73eb464d09605a698ad2219a2175ebcc560f740fe531ba46ded4232d273d1865282844f5a3b54d7f154c21a8a82228e27b2c1af662a92e53d81cae3ea68707ce43f89c3321797039a0a39e24b83035dbfb1ac9668b5f87c4ae50250e92c8b113ed58f60015d9c1990253e6646c02901b08a2ec0acceb7ac1e28f59b1e22663432bd5435083b604934bda5f4897467677ac5609bb6e1d1f938a1a8238d2df6db69fcffa48a08ef9231830ceb045a999a9ba43b4d605ce7bb4736ee8bdaac3399576ad3d434c12f1ae8fc5e06dbbfac985d7105c3b7f431854465b6f732e1397e4647e88e86b0a3b01c1ef689a4bd3963deb3b06190576c690ab257b9845b4d412f248184e124b5228f4236d020d4b80ff0772d9515685918c41cad06498a6833d591c191916067759bfeceec176d582621bf23b8d827e2c8977822d64ca19c168fa8a4ea90a60ed60854342e7c42ce11f41409ff1fff715d10ed263d305e5c563ee13a1527795b012e01b8442026032a761cf5104f00dc28a761596d8393e3750be1a8788fa7152a3cd8e051a963120417af9bd3e659bbaac6406a70ba347641aeffac9436fc2352bf7822dabd7a4911a5b947f9c07f805e67ec8c7d787ff358b426494b87aaac46c2d4061ccf3d19201d8d099dddf2b257cacbba656cb7626b0d3fa11881e99799b92f0a07813eac359a64a61a03d6527a24a4fee8e6cbd74932adba5ad3a865788e874b796cc8555522b19f76676646f21f31fad8c360982ce2b23fd4aec43bff16e0f3f1e1e804daf28f236081d0686108fde25f7e6a7bef08b793beca5b21b5f4893543ef1e3a216378cb76a54fa879ad9624a60a0b3306c8548e1a22b735213969421dc9ef70338bb780ad55adfb6b4f4ca3d8ce7c697ce3f0a6210a27cc900ea2218c52ac06bbcbb91adff643f1a3b93db67d7902f23eb89ab2f892970551127b39e7bb9f37c62adb8abed20c8c84531d143c6be2b8b05766e248a94aae400b36a3399ba174ffe14ffd354f508ce30ea991f57018a3534e0eac9cb49d0e6085f93b367d817ee83b24c11f9d38044a9739f4fd41b6a8129fda808bb930beba6223dfe154b23d7c39ac4fb6656169275c31e15d37d3d96b0aaa13637f1c28178f5fc4ebbe1af6acc985c783a30dffde8d7eb0c8863e3481caf2606a4b6930c234736404d4eeefdda697193f57d332540a423831db671d7d3e8e15ef3d6a26b83a5053bdc2f0b378c6b39ad0b8b9c7bd5c4bf81018ce15d0b344772f6c6f469e40c9848cbcb1b3ccb721b4b1f895a6e034380d882bd30a20f1c2b8ae138e6728306e16f6093774d21b798cd73a16bc577be751deb434ef019dd454fa3ce3cc3b2634ea4957548bf226d0b24bce757382c639dae891e55dcb24ffc9dc2c08acfafabd4565dbcad34e1a8e781c56e9144f0e85a5cf6c79a5d1a8b3479cdc178215f05081eebdc03607798c66fd043824756e896c2b69fe5e843e0eb26c86a37a8944e93a7f3b2a863136d56579d0377f9424cf00dd6da7b19066f990ce05e1b93479f125cbcc5c91aea56ef04950164079f5e22ebfd77d54676b2de392ab20298876bce1ae9941ae109d7088edb29d02539aec8f276b862bb28fa6a68bb1a0bda1b0ec6e5891e93777d9b126d6add7eb36a7f75c435618d368c04156f8a116d0c843ad04842d7b7c84cd87e75fb81ec16ef184fd3119c16c950b84bca9a12a86f0e333d9fe34622f5a51e9772dc8b94c491e16db0c537e211b01c9f13f9e7a7b2f4d8053baded5d6018561b547562efbeab2946f3ef872d0256196c75fd7f520da7aea0f63a278052925c6c88307bed0336c5632ca98086e7712af309f99a6adb3ec4417eaa9aefe3fd43c4402bc13868832d6dfaa97de7ed43fe3711917de97058d60067d5eeb90ecb428182d07092c516e6eef6781756e308926faa9796dd1a29dd4c3827115fa8e14bbe449f4144785b9581a198273adb8bab0d4080adbb592b25fd74d426233f537562a4a98b07f4b2060b4f496c66a0169391b713fdd991fa90cfc313245f57900d980adcbd46ada0a7bdfdfec4bf8ba12e37724c9dfd7fbbe4541bf21cc393249a555746268e7e33bdb43f2cd4932e39fc818e49d0e588d12a3a297be074ad83db57be9d4455ab0685b087e8ee9f5c7c33e10c9d6be572b58c88b79756c45eb9eed6d0275944d9cc1cbc8c498917aa2fd79c00567d4f9f768579f891e23fa9548c5fbff150d2873ecc72da8d0077a223f9d18700b690d8046783bba756a2c9863b7ffc7022b2da68a332f72f704bc38a0fcc4f445891f1ca1ef5dad28b87ce8bdef23ffe29ee23f2c0a002c80cf99399dc7276aec6f9d8b6ff3d7554409a4e38d2029a43f8a70da62b33c44f5f4f299eec825302c52e5f83d462b81512775107059826c8880578f01d8cb53af86ad61a7e36c2ccdf55ce197ec2a78219a5b952a9bd12ac2cc3271e84e6dad464c7ec9d9f0310614200a98cfa933d5db05c00c95c59fc5bb8844ff856ee7f9b091700b1a93ae1c00a40d9e5e6ce036f90a6dc34faa9dc8e8972c49b055f9a43ae10251705a960f2cfc8430cf9bcafc26c8eccc8b75a788beb41d180d4364f3083f3ffb5e39049979903c76f440810b7ea608ff84f5e56f9e0653bf15b6b6332d458f8d2e2b17d7bd2305a8909996d2ebfc2ee2ff697fccb215bd8c73d4b9f5b597308f98ed8fbda58f52cf8443f5a9db7f0f6e75e1c9e47d73f8d0624e9e6f33c2dee3c6ff394082d78ffd3a68309b3085e1a7c106f62c3959a353672cadadf6c058fe366b03fcd95a23f564c55a3ce9a914c11c8b2d6040147a1539b106adecce531646fea4db06775fe5d1bf9cb0107941b620043ac9b7936b2af9849eca9c46062945b137dfa355a7ee0c81a0193fa60a70e59b407af06a7f181a3e4ccc81f2c580a6c6cf67a8bf93eb8ff2151b7074144bf7c5cff97814e0c00c138d984559ac8b95a45a4497174130bbb0db22fa53187db1d923d9ded441a4d2fcbe0ff5736ecc3d94bfbb2df632ac88a02f2c9f73312e7a9c2d8d6c0bbfc774595e2e63669f2b5bbf6ee6a1ab0c25e313d819b02c785494eda4cace033e96b1ecc5b155a14e0c8d51d54d8bf33e499d0913d9605a419bc6c73c6bb07d1a306adb27dfedbe81a386fb3bb659764442c4d9d66673a916ee5a6ae59abc994fff64f2db0c83e2b18944f619cfdea0ea0911064ab690b2e03670a3e3667651c1980d0491a40312307e4534671c9c8ca8712506eff211577783c81dc05ffae4a9c6d7554f9fec07b25451c70e6f4d4b160544b66d66dd88ef1c77f09133db317c39fca05b68ef3eee3c28cbe31982adb0693fe9699d06654150346915ccdb17c69ea3aa8bb36b5f321060f6237dec73a011b233b81a6337bd77da5da753593fe30282456a0da2c4a18911ab5a8af13c8f623e5684f74f322ba103482d9abec31a684707671759ac8bb2592d66350745f77f18bd6a6cba542644f1fdf0dca14a08f4ffd1365969ee896cb39e845f71590eb4c73cc624cdcfbdea2352ad5173e5e919fcb98f6d960341047d181075ec8b1e92f40ecd5a1bf157925329748cc7af0239a7803a0c947479e070b026baf6738c29c9a8351685abd43775726ec0bfeff4d51fd3fcb04b108de286c5f61a82ef496e20133ef8b4ae243e81b20822ea6285c70bf1a33cb9f4ceeec053f60992c0023bd5acb0d4a9a55ef377f2837784ada634070a85b0a42fabf288130d6b74ca23473fbce932bedb44cd51dae78efd058dde5d7eb4aadfe3dd8346420567e745ced5189db6df22edbc66580a236f6ab148a3efd69bdea3dac7cffb47df44dbef7fcb436902bb30d65d65d5320c3b76ac17f43d27b2deda8692ba03ac2ae60e4ed2a9232c71a98b9869259a410b901f38cd6712f69f2dc3f92b7c020000000000000077d4d33f9a0e57d504000000782b22cf7fb9bf22fc6afde5e42876ff8005f8a042bb5a9b67d60f40a7ad1cd73810a4f704f14823d4074e5a32b028c8360432b8aff539705961fee84d6c60b2b4d2efad60fb20c1da653869349b81e6c3d56c96ce56a833ee9a2b3e92a4b96c5a545910406751b4e7da24a328de0e20042d1ecc3bf7fd97071bb2740f497307501d90fa9c8e5cd63a703096955f4934d9140ad295cae59232cf005574d875e098637ecb757305a51d102ae5323b23a61c1a1b888c5974a243e42bfc391114ba5ba28e2375cf1d6d1a63e6bd5cf9aff9af16bdc927f642151597fe6d18ab008426f25054ee8e39136e2c217ad1f4cbfccdaf9a0cbd97edef5fef9b2ec486a4b21d79021103deec2ceb26c0b0035856ea2370aa3a8de925797722aeeee2d504184988f9f8727915c389f043c3de2b0d8e3046c46b33cb1615f291f272ade0029cad1f1d2e723e62cf739b667b005de14c3ed265e3bc2d553bb232f88b92a8284996c50e141608623ca7677a9cefb85fb0e0e77e23b9767dd65fbc119a15969ecd10f8033d9f37a748a895fd39390563f5f7998bb10eda8610855eaeb2499d8234975edb16c438069e8701bec0a86ae108a19b9f54782648af4b7b04a1d7b6b3a853c24f2393120918d1eed7b40f467c88857ee9cddf5f01db495f3138984387adfe3cf51a47dca021f9f31b44af1d1ae7c9f4c768f2a46d5c012a937985f56436ae15528ae3597590c927be9676a4ca80a19d44457b06991c02488c96e31094cd963b64e8623fc7000009ddb29b0dbb13671c321d24e322a05cf215dd04eabc2cc6fdaed762d3f9da0f1e0e4b7ba13a6036771c9403457dfddecb71579de33c597860a2e49d7b5052a6b018ddb409a7a84f8f6651d070a4c913b7a721490c8f97c085de8315019952deae16434a3e5fd5d242b1b333d8a801aaa67e4aa599b818c8e747ecac2e9c6176bec7e34ecb84450903f5aa6c6c6bf539b240506562d73c5dfbacdfbcc9db3089701f2c7fe6d6b8d6728f8a1b90a911338463e6fd824ecda51578865b3c363b4b79f6c698e27760c1090f8ae52d6fd3f0f9488f1c25feab4b48c03ddcf74a8b6d2b0fc6b5a89b8051c99edee357fcb875f523f7a88a5f25222fc0ba159873b47fe906e88f920943e453048cdea455dd98fe77f55d9c92e205b87120ac5ef791cd7d6ce7d2cfe689db61096c6e4fc359c9aa4dd3d1205358da38882073ef7268239f7c74b0f3cd60ca239b2fcdc3f5c774559ffbb2b821f1314987d8cbe5342db9567a864d569abfde85f1124e2b178be4d020c4244ddb0cf4ef7124f295a81b9c10227ea886e6f6ea2dca031a026a4f946f49598b76141a0b18170bb3cfa9136c49c69d71732aa223db1e65553aa03bec9b0a35c31eb4e6b0dab02ec2c2d851a731be9cec6078456631c68761e14dbc9afa2c3f631a160ebf9d1fd3c2ecccf6d4aebaf0fafe2e9f47ea9d386425a7950671cde77c6951ef43a1ed32f0ed6fcda74ca9333d2513e4a40cfca01a17bfbc13b0229e2b16400880d96e4c687fc54ed0b34326126f845bd7cd2063c51abbf8bb61f6f1dc3606959f2dececc6e3e08d808841c4779ca0f5f51e7e03260d0b75b1b0355f8544c1639b2f0bfd6f95c4f6d151073a086ecc890d6366acbcee869020cf347e700a8361bd8d5c53e6480526aaf31c9c655eae11831184746a709387e60d68c062e5e05e578d11687f6a5411ffac4cfd62331f63a9726ae77c5799bcca05d6983c985cd23d025e3367ef8c7ee903de557322f38629628ee3076ac483f8257c6335a478412cad1d73b6fd43c37a62dd7a0ae7601f12b4478c3f2ee105a915ff2052d23a8b9af3ca59013f553006259d4cce52212862d22c08c29affa3520b33a6b68cf2b9f91d9258dc5052bf360977ba81a37701118f635379d852b6481843604c111bcfa4970afd5a0fa52824cb27ac9a77b7575e3e0cd043c29c5682a47fe94fd6c2c225b6d9939b99c18b5fb898c5f28e87a5b6a0bbeaa2c4725cf5494765d79a50d2417e84130bb37f540e8db7064e57935ec3c6f9caa2a9a1ced0f8c6eebcb9b688490b31f864dcd9b726628218b42f45aa82f2bcdf2c7532c9669ea7ffb6842451ac314a35cdb0855312448c24efd6583a582e15ad5e7f7b714f0ac703a24e2ee8769a868079af8660931ba325ea1c9b636ef7b13766204dd733c3bc69f11e026c382ac0fa5ce8413fb9f84408e4648a5e66b8592093a17a42cb105b616b8239d2031200eecb9beca6d411a71f072fd159eac0a4f4392a0cedb96248dad497b2379f3162254045ce276503093e5e7ab062b942cf6f2302a5ab9af1b3a315ec67faf84b70fdbdb39044a22cd7bd0f62ba66ce2257f3aa0f56d53c8157c4db3297087e25ec24696813430f386f5ad55bf6289f62e1492dc6ac3bb5047e933d54ec338cafb3bfae8336215611bc3e8a5cafaca7c70f580570518a675cc2075c7593e1d98ef02b74f06b041b6ed9b06e820d32b413de06235441a52346c3fd2e723816c7b481fbf564a525646ba62c615060b2f9fb0ff0f00c376c6dfcdb060aca7af2f07f6030a2ca324c8380c11f9c1182acdea2123c52f5a40b44909180a14037c760c4ecc10f20206445aa65cf835f09633491f608598f1fe5cb5175ddc48070fe0608335af27ded864f97dd52c235b7c4ece6bda153224b773c64235c1099054a55849cd1af7832abd1383e82f63715c9cc24543397bd56e34fd5d28e49021bb483617a3444fdcf8cdeb33bd8675334a897e17966fcbc1e5c5c5399bb6bf02a9bbfaa5f3c58d2efd007dcb1190af4ab4b71987ff7824bd9b9c6d6fb0b144c1fd462805aabf2c7fbb043ff22b496e41a4a81957892efe74d614d62d4b04bbf544fb03826e9baa2a84f32da4d1154c1d0fbdcc17f24a49633761d2b5962e618d8a9be2bf373cdc9c45ecff0148f355075fde5ad5e8da5d59498eb2b7f77a4c0622edd29d7dfedd748b750d0b48057fa7b8ff575714a408a926f6e0cad081eb24780fdbb116fb8dfefb2006f765ff95fe4def6b83fa97b3f54204a0c00cf71c4a1efeface1198a94610570816d08c19af76b03afa42f722abbfebb2c99a905300918dbcd131fce84632bf4f7f5dabd1b5b05742755b45e50eb89ee278e0f6f1a8ad3d9f907b9accbe4845f6591f8361b52e4dd8f19823efd7e89c2ba80c70671eea397e1953daa12907ce59d940a6dcfb3eef7ba7405bb489c38319ac4fee62dec986f4f0975dc1b9f576ebdbca90c42e7f3b1928154af66de5e54b16d8b6541f55daa90812ea7dab78a87d969e4bf95c47f70ce84f9e41e542bbb91f77105c8314e8bd5d8d37e11d9af07c5dcedfab1f21642bb30fb332f7c6bfe13cde2f28f104344777066afe5b0f6db14390f587e64417b0dab027cef4c5daedc75812a7452d45e57e8e274ad8cd8a10b2b9ce0f371809101e9340f2fa0a59501020e48f862572fef70b350938e00a921fb1c080e933eaad2d56daeed692e7d69d4b95a2d1a620da88247314bd73a20cc7a504427df77ba969b5adbf74321e982c2a1913b66a8687960c8fb71a850c1003c76fe1c3bbbc8eb142dfa01f5df52b72bde0c8884374f72eeb8038ad57beb6c732c511bd5847ae8d4b69e195f87b03379279936dda69e11cfda279f37e53a05cb787f118d66f62a87037981937d6083e47e31de6a2700cb7976c0dfcf972bdd458e561f13b3e30368c8bacb722611db7627ad4e00a34f69a5eb9edc7eae464b2422a4c38bed04c49b15fce25ccd22347720273127236d6e8178cb414d1b4dc36cabd19f713782bde48db7094577042083cf5d42224eaa69e0d70b57e6f1764a825909c48858cda13ab13ee203fd0d57291acf508f91f9bc428d4c9ea06a9df3c9ce183e0c101a4d52fd87866c2146219beb15e616ce239cb025ef3dfdb3a2568a833c88a66a580ca9d3f2b770647d5baa42a707351688dc0be3b15d2cead64792e9f9688ef95ea5274c08ee13c4a3797ce346dceeaf7d81a18181839ebeed412baf43ec1abb35b7930ed7a528f9a0bbccd1ea6eb525488c6731150afe791bf58e524de4cc62e174d134bf5d170132efdb2cbb42b882219de563cbe6280ce4cd8482699442b236d1bd54517c3ad25fb3d68a649920357d85f343f0b46ce4a78b1836b6ecb198f1f1686597206c09ad4534717402eefc0d5a90639f91b84d3de00e7d815059640ada64140687c3e404432c74e91907cdcf3e07e997eed9de114767829833920a9fa5bebf7d99fc4f461375f3426b136b680230c7aa135f0d2d72be7bdf8667a8cf0dd0bf5490e393b5a465d37b9ee0d659c8c0f96681b71a867978b3503a45dfe95e49b9d11b8ca953ab01ec1714ca9ca1e1ed5998e02934901dcac10a2553a94618db7d79c4a48741afe3bceaa994833595808f8080f6eafadd31caee252a7d115db962320be9503147d39adbd11b1cd4cf2cd4bf94d9036ea61b2d4791c6326af653847d2b6dd83f5df51eb9473ae0c305abe5f3896175d82a2b569bf100166004886dc58432cd678c0a4a152013b2646a68284567b898e6f3d38a9187b6d10075234b2e11b7c929b308bbcb82f4a8ceafc503f18536092f2965d13875060c926b5404ccf3bcfb1389688fb4bf57ff79201d8a00cbb54a12b3be4693b4a295284c90e7d0f08b632eb0411bbd01d51112afe5db173a8159dd38fe6e9804f6ae779479ffdc697ec572b0934704dfcc3e9b2bec95587285299d1d79192b2324e4eaf4de74df050170562c08e0a821f47745f63ecbbb767846ddcc331f459013ec90de697346f1e57345a51fd9d2233cb3591c406bc25ff5c098c331cd026aca7ac1fb1c35c3d3597c7deb89620a364044b30c77d5071bea5b196a0c380ad40370985713838b1c830130a5fc15c5501748a2c8369e77c2f5de572ee183f526359f28865d68eb87c21f8fcd4a09d76ee6d9ef31561d9c97ae3672500e342a798b04177fae44b838d763862bbf1e7b665848f1e186b5ab6cd4628f4725324981b0aff0b9af2f78883dc8433d2dc26c1766e0ec77c4eb63da1f859c09ace8889fd2c5ec7f7e11eeb547900dd9332b7b96ea6be35aea692e54c1cc3d1211bc843f8e8ce71abb88873e132fe214a7e7670fcac38516b6935b9e0a2eeb43a0aebd25676db551d8cff4fe0b6cecbd59701317022511a2d612864c09496c99af48e1cd066c5bae55b415ec08e99947ac94885ddf875d8f8af199aba32c0bfc27f6e19e57380618e7940481077edf6270ea3befce28a55c2a68a961142e959690ba294afd57c5530a5fbd5f60d791a3f06720947c74cec26a571a9f2e5cf98cccefba8beff72f2570f8a0e1a130c0e85d4fbb6a6f0b881af274c9eb063ef09176d43f8f18bdb35a0acb1c6305ba5563d1b6baff53b1251305de413052667c4cf9f94460bf348fb27ab5719ae44faf02dae55d8eab643040834b04aab15a197568e8ebd296638b01e5ea34e39ed47ffb58a47027d4b7d978028b7812a141df233065e93c20dc736af1cdcedcf7e766eab238b3b4d3df022f50b43973c47d1c80055e4fdf569e50fd382e840b76a6db6c06b1f0603a2234b9175c5e15a22855b57cd5257d9b5a456712f281f83e1c6c87f58be8166f8b2e85e9f54d24fe3b420d77a22745dfc7ebc89e21acf1c6649324f4c5bf53e188ce3216dbdec21a06fa9e61d830814697727305fb48c705c4d6c4bdfb874e43a8fb1423e2d2d6bdfe22a0d2b211d3beb86937c639c934cfe9a4b6c2853ff353829028854e8d7d75f29f01c4d7c297fe0236345ecce914b3be4907788a39c093c9f9e2c930a15563cc453d08123deadf853c83db0e3986d993e44e441a874411b7905708462e1ba42ea22521d7c57089a77b14b6dbe57f0ce69c7c4f1c0d53385655a8ed6294f113d33ad83fc4c05e80403e6a8103d1574fab80f43a4a3af93a67678346d7b3b977a1381afb93990b1cc3aa73cc463f72bd898f647f3f5a3b342fb5e37140ddc499edda92ee624039ef3f802c9055e20b7d6e4f5a109cb4ca1bf84d37d1e78d45a10f45602b61216ea8969eba3a0075256faf8e577de835bf0b37311d16310645effca6751cf502a035d7ac7d1ca2c23547a739116efb586dfe2762ca4bf5ce5fc48913efb41a4a93fdb240f0895cdf306ddd13337d38a58402561dd663bbc675e1a378d4f770ba5e308c6ada84faf18ab2b387b0ac139a57dc534e278a1afecafcaed3746701cee14edce6c85cc39c91ed5be8a178d2fcd97567e8ab661d573278062bfc3c83acbfcdeec7f08d3c1197ccf830c883eaaa01e2cc44e91cdc1c47c03717528a9dd63cde259b4b211b57af121b125fefb26c110da83bbc150e2663a22273cc855cb3c52d02fd92db59a7c876d1a18e66cd64708aa478f3f10e726210dbbe2fb1afedb2034a7d59ad774e73f97d7b4b121cc25b90dd4fb5179816174dc4650b2da366d11a519f4310972944625c839b01040c712c635d967269c6c07189b5b1b496403e35e9ef01ecf7e795c357ae08b4736d2c1bcbe556cc671ffa37677b740baebaeb1b74c922d1ac83cb3ab86735d07ebffe072ca08ebd56d0ae89d5535a63bee75810468b1560534ecdb4a16495f9a7f42164df055942e94011848c5dac783a69fbdcac9c477850320af0c10da48775434088c7d090202f927463123639dbc1d48a871e4f20f75563f6dba586db6d12e2e7f36e7da4915037fcddb4413336b423f6b888bcf297fb8d33493e9fc2e992afeb1b83aaeaf46f4aba9bb0aa2708272ce5b0c90ef9f6c366c20e90d0f87aeba828196acdc4306131c515319776dfab27de1e3a501cfc560bd3a1dd29e54b87de9a01d0351184ed5cc3323cef72fd423dfbb0ac90eeec5474432ec1e4c64d68605c378320c0e97a3d89a409b7d969d6e116c2ba861f57418dbff85c416ec5224d92df53d8f272c7e02e832bd21ef4d6b4a9bd307f8c1756c3e6c155bb2ce5807311d60b2fb31357c89119af443af2d3a4d08fb6221aaeee97bfdae51ebf6c51f98300033ec513ad6996041441d474ccf3a2548a11b94527ebc2e24d7519b1ded645da3af62060a4ae19eddc3bf331c4c762d9672de22558c655ba05338d985da134230fef2d0639743bdb4695517dd9e3733827050617b3cc792d12b3280e0000b22ad5130b27f9a5e25b965028874db5b5efdf881043e12791a7294bbc35865af7662b23b9adf614a9af41fe4d0c9cfe62106a2bb6d294d3ca554062b2c7a0299f82fd5eb6841fedf096753b1a63a6b4dcce3837ee36062055c9f52b3272f411709db86d59db530fd1ed9cc2138817c290a2777d1d54cf4b7b2f8737444b58334a1c26f63ffda10b749b5796fa61ce6f74fecef2c4766a05d0468c1d7056beb8fa9cf7d51d5115690bcb889f09dbe01b1c55ac860a00cc159f6683d33fdca16d815fab5bbf00", 0x2000, &(0x7f0000000440)={&(0x7f0000000340)={0x50, 0x0, 0x100, {0x7, 0x28, 0x0, 0x4058230, 0x2, 0x0, 0x1, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r7, &(0x7f0000006140)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83ed2e256c954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000500)={&(0x7f00000002c0)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x2d, 0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockname$packet(r6, &(0x7f0000000380)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x800)

4.329455938s ago: executing program 0 (id=887):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x3, &(0x7f0000001200)=0x8a4, 0xffffffffffffff94)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
accept4$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @broadcast}, &(0x7f0000000200)=0x10, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x40011, 0x0, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004c0000440000000000069078ac1e0001ac14140d8307d7e0000002440c05030000000700000000860600"/66, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="76999281b1896fcaf21c8ed5af70e46741d9aaa6fc"], 0x0)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x40100001, 0x80000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000002c0)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000011c0)={0x0, 0x0, r4, r5, 0x2, 0x0, 0xc, 0x802, {0xac7e, 0x1, 0x7, 0x69, 0x6, 0x2, 0x2, 0x45, 0x492f, 0x2, 0x881, 0x0, 0x8000, 0x7f, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='highspeed', 0x9)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

4.313890375s ago: executing program 3 (id=888):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000002c0)={'rose0\x00', 0x1})
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000300)={'rose0\x00', 0x4000})
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x220001, 0x0)

4.272017477s ago: executing program 3 (id=889):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r3 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x2, &(0x7f0000000000)=0x3, 0x4)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0xe8c00)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003040)=@deltfilter={0x24, 0x2d, 0x119, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffe0, 0x1}, {0xf, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000800)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r7, &(0x7f0000000400)=""/4096, 0x1000)

3.844267252s ago: executing program 2 (id=890):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe80"], 0x0)
r1 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x20002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x32, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = add_key$user(&(0x7f0000000340), &(0x7f0000000440)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
ioctl$SNAPSHOT_S2RAM(r1, 0x330b)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={'sha224-generic\x00'}})
connect$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e23, @loopback}, 0x10)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[], 0x1a000}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x0, 0x7fff2000}]})
close_range(0xffffffffffffffff, r6, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000200)={0xa, 0x4e21, 0x1, @local, 0x7}, 0x1c, 0x0}, 0x4090)
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = getpid()
syz_open_procfs(r9, &(0x7f0000000300)='net/ip_vs_stats_percpu\x00')
fcntl$setownex(r0, 0xf, &(0x7f0000000040)={0x2, r9})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

3.500487118s ago: executing program 2 (id=891):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200"], 0x0, 0x2010800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x10, 0x6, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000280)="e2", 0x1}], 0x2}, 0x48050)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, 0x0, &(0x7f0000000200)=0x421)
setrlimit(0xd, &(0x7f0000000300)={0x8, 0x4})

3.349380236s ago: executing program 0 (id=892):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0xa5)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './file1/file0'}}, {@verity_require}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f00000021c0)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000100)="a92e81d0991808e33c2230164cf063df", 0x10}], 0x1, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001)
recvmmsg(r2, &(0x7f0000003300), 0x0, 0x40010143, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="5800000002060108000000000000000005000005050005000a000000050001000700000005000400000000000900020073797a310000000014000300686173683a69702c706f72742c6970000c0007800800124000000005a4f205ac3cac003dd894850e56919ac13d3705df44aa1f682f898aec76384accdc5da687e8adc813dea41c69de52ecfbc8e6a985df64d362f8d6d02bef897d5b2f67b99976fae6951b77f415ee272ef8e21d1335ba602c47f43a74f9fa890dd862605dc81a217fe50005abe8b3269e1ab604e04a07dfb2045751a07ed1975a7cd70303232f0b9bd4e552015d039c322aa660440830b728b0739ed648180d60be752ae051e57edbf87b50f3cbe87ad3eb34b95cc356d06b6f8c2ab010792ac534d74ff8a8b45bde7e95165cf2ad8af9e8ceb87eca175c423293fe9bc29a2cb21e7e651ecde1aa57b76ae5ac611f767e33fbef1b0f8075210ce239bc64"], 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x40c0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x66, 0x221, 0x70bd2c, 0x25dfdc01, {0x0, 0x0, 0x0, r12, {0x0, 0xfff3}, {}, {0xb, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r3)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00'})

3.252926029s ago: executing program 1 (id=893):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x4d, 0x2, 0x80}]})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x43400078, 0x1000000000, 0x5, 0x41, 0x3000000, 0x3, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2, 0x0, 0x3], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x1000, 0xe000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x6, 0x40}, {0x25000, 0x10000, 0x4, 0xff, 0xff, 0x0, 0x0, 0x0, 0x7, 0xff}, {0x1, 0x8080000, 0xc, 0x5, 0x4, 0xc4, 0x0, 0xf0, 0x6a, 0x3, 0x0, 0xfc}, {0x1, 0xeeee8000, 0x6, 0x0, 0x81, 0x0, 0x9, 0x0, 0x8, 0x2, 0x6}, {0x6000, 0xffff1000, 0xf, 0x0, 0x0, 0x4, 0x7, 0x0, 0x1, 0x3c}, {0x100000, 0x0, 0x0, 0x78, 0x5, 0x40, 0x2, 0x0, 0x40, 0xfe, 0x5, 0x4}, {0x4, 0xa000, 0xd, 0x3, 0x3, 0x2, 0xa1, 0x20, 0x0, 0x3}, {0x10000, 0x54000, 0xc, 0x0, 0x40, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x2}, {0xdddd0000, 0x3}, {0x30000, 0xfffe}, 0xddf8ffdb, 0x0, 0x0, 0x130, 0x0, 0x0, 0xd000, [0x3, 0x0, 0x40000000001]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000380)=@newtaction={0x14, 0x30, 0x53b, 0x0, 0x25dfdbfe}, 0x14}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x20)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0000040042800c0001800682237b36630000100002"], 0x34}, 0x1, 0x0, 0x0, 0x4004095}, 0xc080)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)

2.735803512s ago: executing program 0 (id=894):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000004000000000000180100002020692500000000002020207b1af80a01000000bfa10000ef32550e2b3ea988f8ffffffb702000008110000b7030000000000008504000000000000000000002a0000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
sched_setscheduler(r0, 0x6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$kcm(0x21, 0x2, 0x2)
setsockopt$sock_attach_bpf(r4, 0x110, 0x5, 0x0, 0x4)
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000000)=ANY=[], 0x24, 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x141091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getrlimit(0x0, &(0x7f0000000000))
listen(r5, 0x1ad72f7)
accept4(r5, 0x0, 0x0, 0x80000)

1.976860095s ago: executing program 3 (id=895):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@o_path={0x0, 0x0, 0x4018}, 0x14)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x15)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r3 = dup(r2)
write$UHID_INPUT(r3, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x400000000000284, 0xf00)
setsockopt$MRT6_DONE(0xffffffffffffffff, 0x29, 0xc9, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x4, 0x0, 0x0)

1.590271s ago: executing program 3 (id=896):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a010100000000000000000200000080fe0480140001800c00010032afd616632bfcc0c56e6f747261636b000400028008000b40000000020900020073797a3200000000140000001100010000000000000000000800000af05bb545779ce3b479b68e2a5e7d1667f4cca111501e22c66153db47ee82b69003dd45c4060e264caf6282d9e1feebfce5784f4a65f2c47bf2fb72f80e2e6be83309f5d8855dcf96c94adcb2f2a90135bf88f1423f3062aa7daeacacb8bebd6f102789c360575435cb"], 0x68}}, 0x4048010)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x2000c090)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x4048aec9, &(0x7f0000000840)={0x6, 0x0, @ioapic={0xeeee0000, 0x6, 0x8, 0x7, 0x0, [{0x6, 0xbd, 0xff, '\x00', 0x6}, {0x5, 0x12, 0x2}, {0x4, 0x7, 0x3c, '\x00', 0x6}, {0x1, 0xfb, 0x1}, {0x8, 0x8, 0xc, '\x00', 0x5}, {0x8, 0x77, 0x1, '\x00', 0x19}, {0x17, 0x5, 0xd6, '\x00', 0x8d}, {0xa, 0x9, 0x1}, {0x8, 0xf, 0x9, '\x00', 0x9}, {0x0, 0x20, 0xf, '\x00', 0x8}, {0x6, 0x3, 0xe1, '\x00', 0x5}, {0xfa, 0xff, 0x4, '\x00', 0x6}, {0x1, 0x80, 0x2, '\x00', 0x5}, {0x80, 0x6, 0x3, '\x00', 0x6}, {0x2, 0x81, 0x7, '\x00', 0xfd}, {0xc, 0x5, 0x2, '\x00', 0xf7}, {0x9, 0x10, 0x5, '\x00', 0x1}, {0xb7, 0x0, 0x9, '\x00', 0xc}, {0xa7, 0x1, 0x3, '\x00', 0x7}, {0xf, 0x3, 0x9, '\x00', 0xd}, {0x5, 0x5, 0x0, '\x00', 0x9}, {0x0, 0x6, 0x0, '\x00', 0x52}, {0xa, 0x5, 0x2f, '\x00', 0xff}, {0x8}]}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x8, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000580)={0xb, 0x9, 0x5})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffff9c, 0x0, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000000001050500600000000000000a000000"], 0x14}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$vga_arbiter(r4, &(0x7f0000000300), 0xf)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
vmsplice(r2, &(0x7f0000000c80)=[{&(0x7f00000001c0)="de01bc92ebcca4da", 0x8}, {&(0x7f0000000600)="d5b21bc2ba6816f77b8ba23efa955a4d0e41236e8f2980d43a671e0d12b13b28b87066e9f139b6d4470ef8e42176d95017f8910f0ad3b5776ff79e88b8f8bd006ea8fda3a2409b0f0468b6fb59dcb3b9a8bafc014258962c698b6f314340048f0ccfcb3bb47c43c63a8553723b71eb233791a0ef7eebe73f680c338b46d6dfba27bcf94d8acd12273afc1d9dc3367a14a972aa5fd35d7c6e6ba84435ebd2ae19fd5f39681385fd2bf6edd916056be2622d341b81cd93d925c7a5098f5ea6f82744f2b848c77a10fa5474409979c61b35492fafdfbd", 0xd5}, {&(0x7f0000000700)="a5efb8573b18b082e0f82e16daec1b6b067eba24ed1dc7f2f2db8a604bf09383d19bace5a790b58ceb28335dfad4dd", 0x2f}, {&(0x7f0000000740)="837379f4bc482cb7017024955a6f382929fd917768bd236cc245a296c311def8fbd3f7d1e59f4acf3124b5ef8e3f1e13f7fccb629415a1f267cae72cb3c29e6ef0556989a98426cf4f31a496e277e71bf5483852b064ddfe4e74528abbdda0443ba9167eae149b10575aee46ea2ce24826ad71efd11e4ea30bcd21837386f36433f8296c", 0x84}, {&(0x7f0000000a80)="0c77e5f32a5cfc5960e18a706f97301621244fcee27d1788ec5fff05935212bbf773214b9549a82b435ca9f060fa6b54893f0766a501db902a499311759065deadc2c761310b349ef1de4422e8548ab3994ac70be9b73eef19b9a45f620b75880c8d59da1ac4727b6cfbb487780be16480e76473a5cf5be162dde2be067f0b477dfa4189cd566756bb5627d248a926e0e69774c97f9947b01a6ee04557c2b162d8ca8faa2a871af35f584092456a39e83813b8ee0484d86dcde4c35d474da0dfba566fa8e8e845", 0xc7}, {&(0x7f0000000b80)="cb79a95f7f3742920a9aba8d5e038959f0de92", 0x13}, {&(0x7f0000000bc0)="016dde9ed35ef545bf524e5b51a7678502f94993a41b323ada2d48244b40e916dfb216a1d7fae27d91edebf1e66d3507c4b019268f3a6064105b3b6624283fea122367a7640fe7a2f81da34009235fe18733279d8f5c842e7eb5971bdc8332fdf478bdf34de46ae7c3b59069f12fb822d8fa4d9473584531bb8fa17a9dfcfdfc5df91e25875722e7344ea4760d7b09d5c175a1dfd745ba605483001f69db39158001b4f84c", 0xa5}], 0x7, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xffffffffffffff9c, 0x0, 0x261)
syz_genetlink_get_family_id$gtp(&(0x7f0000000000), r3)
r7 = socket(0x28, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r7)

1.553439328s ago: executing program 2 (id=897):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYBLOB="99c0000016e944cda313fece4ea71bfc665d7603d515fee7343db924808a7e49c2cf73a3949c2b74b11e691eb5d994c228b30aa20f270d873a2fc6a7688e8bfed2b60f229a32ec446ac405bd5222e06253e5369149731425134c8d0ac936157753b79855", @ANYRES16=r0, @ANYBLOB="000127bd700005000000020000000900010073797a300000000014000200776c616e3000"/46], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.480172944s ago: executing program 2 (id=898):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x10)

1.478725397s ago: executing program 3 (id=899):
mount(&(0x7f0000000140)=@sr0, &(0x7f0000000a00)='.\x00', &(0x7f0000000040)='hpfs\x00', 0x1000800, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000a00)='.\x00', &(0x7f0000000200)='hpfs\x00', 0x808, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x6, &(0x7f0000000080), 0x111, 0x6}}, 0x20)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
ioctl$BTRFS_IOC_ENCODED_READ(r1, 0x80809440, &(0x7f00000000c0)={&(0x7f0000000040), 0x0, 0x7, 0x0, 0x80000016, 0xfffffffffffff000, 0x5, 0x2, 0x81})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000740)=0x11)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000007c0)=0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000002c0), 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r4, 0xc4089434, &(0x7f0000001440)={0x0, 0x3, 0x0, [0x7, 0x8001, 0x2, 0x3, 0x10e150ef], [0x5, 0x7, 0x5, 0x0, 0x1cf6, 0x74, 0x2, 0xd, 0x2, 0x800, 0x84, 0x8, 0x1, 0x4, 0x200000000000001, 0xfffffffffffbfff8, 0x7, 0x4, 0xfaca, 0x3, 0x9, 0x100, 0xfb19, 0xab, 0x1de, 0x0, 0x1, 0x1000, 0x4, 0x67, 0x3, 0x80000, 0x5523, 0xe7, 0x9, 0x7, 0x4, 0x1, 0x8, 0x7, 0x800, 0x6, 0x100, 0x5fa, 0x2, 0x18, 0x8f, 0x9, 0x27e50327, 0x3, 0x8, 0x5, 0x2, 0x1, 0x8e, 0xe30, 0x81, 0x16, 0x4, 0x8, 0xa, 0x8000000000000000, 0x4, 0x4, 0x7, 0x6, 0x3, 0xd99, 0x7fffffffffffffff, 0x7, 0xd, 0x1, 0x6, 0x9, 0x2, 0x7ff, 0xe, 0x3, 0x1, 0x10001, 0x4, 0x8, 0x3033, 0x9, 0x9, 0x1, 0x401, 0x401, 0xd9, 0x3, 0x3000000000, 0x7, 0x5, 0x0, 0x4ee9, 0x5, 0xa90, 0x100, 0x204, 0x9, 0x6, 0x0, 0xc8, 0x7f, 0x8000000000000000, 0x1, 0xfffffffffffffff9, 0x5, 0xffffffffffff0001, 0x2, 0x7ff, 0xe, 0x4, 0x8, 0x9, 0xffd6, 0xfffffffffffffe6c, 0x400, 0x6, 0x7fffffffffffffff, 0x100000001]})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
r7 = syz_io_uring_setup(0xf51, &(0x7f0000000580)={0x0, 0xbbda, 0x13500}, &(0x7f0000000280), &(0x7f0000000180), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x21, &(0x7f0000000440), 0x1)

1.393660909s ago: executing program 2 (id=900):
open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, 0x3, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x10)
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x1)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x87d4b69a72310a97)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r5 = gettid()
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910000000000000cb041818000100009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0xe4}, 0x48)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
tkill(r5, 0xb)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1.362607323s ago: executing program 1 (id=901):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x2, 0x0, 0x0, 0xcd83, 0x0, 0x0, 0x0, 0x2f6}, [@printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1ff}}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x73, 0xcd83, 0x0, &(0x7f0000000100)="e09f547ed3f02dc1fd3d6487775b", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.323508629s ago: executing program 1 (id=902):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200"], 0x0, 0x2010800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x10, 0x6, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000280)="e2", 0x1}], 0x2}, 0x48050)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, 0x0, &(0x7f0000000200)=0x421)
setrlimit(0xd, &(0x7f0000000300)={0x8, 0x4})

1.323135832s ago: executing program 0 (id=903):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000340)="b7f2288a911993f08d3aaea2bc0000de", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f00000046c0)=[{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000840)="89f0d941752379225fd4f9a3a7294263ee405a572eb07a982befba9d1d8d35dec65e32f7a31e01a325968c943f2fb819ba99dba4e469a08a75001a67eb9f5f7a4fd36b0760018b66d3f945df5601cec2b709aa5de38aca5725ca32e914f3137aa04608d72aa35a57a658351bb63c6a2d87a5c2a2200b71774b25b6d8a982b0454c7ca119ffa6a5b318350096cc85a6556cdfed5b388ee01482aeadec45cdf2c0bcb7c4477371201ff413c54f46acf3855f38958b2dfdb134c1ae90c052ef1b45a56c4f1a628b03b8dcc65e278ca16cbf26ddafda76dfd2cedd1ee9a1e31275eb9d5071a7a7aae1b0301d1fd07e2b402fca1bf291df914b8a3332e01aa6258038c72d761db161877853e288da6f6068788ca3bb438267dda085f80db8fd3e262c1747306f86612999c4a7b0a85fbc054db6994215fb13c96ae42de7b635f43f627d55701ce073e36d4691921ac641df6502dea0396475df9fd33d4aaa5e8ab36f93f786f65bc48bef21ba3a8603031473fc9a95552109f558b783841c41d3c0dffb3b4553f7b5f3ee46edeb3cd3606b40ab7955b40491f8b80b7c0b591d5c7d55a395621a54c9f2feed43eafa31917f5063b7f05db369a58d4ea0bddef6672763f14aacac75b50c54ad01be89a50fc65d7854b758e25c22f93e53e8d5ab115cd9a4f6fa07ab953d4fdb972defba3319be5151d78999937913869da2dde4ee0dc8d83c4a5e692baa6546eb1395079e3bec770a4c1975d4a76afc74b158c64fce7b43c2d081fa8cb54b0e5601470b201b3ee5fc107467ac165900cef314fc359ac280e7ccbeafe1d947239bd6a7911709e157482106c98d16ccc07c6c606622aa6856dc1f155dde983f73cde0f1d4a1eea1afee4fb4a7d55db6dedb58581439e2dbd22e91387423ad1aef4318c44bfaed7b79d6e02abd973f69ef6055d7db33dbba141781b5b690f8cbb2515b625bec1f355e4ef245a51e2117c81f2dffed450b20976b8f1b010ec14ce683bb731b6194af08b3edccb7e72d577a64d9680c555412da1a6db6ff87103b2e3eeab45b5266c9b9915132968ca9c0fd888373bcacf4d57516994afbb9b36d264cece98ad7736c016ec7775b1a606b14d7ac668423e4e159c624afa4788d83305b9b3efa320ef459f29c4760cc5b926af8f8e459800bb98e57a3b71f495d47771f9e723f3c6464dd7378ab50fb6b0c7a03b57ccd124fd10fcd65d368500569ae4857dcc0ce9a370c111fa27d3a7e1e388185de30facd05e9e05dd615d06e225d8f84b8141987997415448d4c3d8e9147d6fa4db88b5d6bd0e9f2c09da00486fa827b1b18bb98de99b451e62b962fcc09fcfbbaec0e5cb22de5454e0a300e42d203a6300302b807ba2cc1b024f76778cf6aa0fd47db408fea4e07e482abd6744566a0adc97796008c2fcf7248f7401bb73a980810d9a70a5e1baba6fc888a9704e883b4043cfd578d66744db4a147010de32ae350b13b65b7ad1a3c2d676f0e6dd36052754b815c35101f070cc672ccd719314650560bb2ea53fa47dc9e1b362998e7b218733f5d0b66e13d4b985ce3e41afd83614c053da027d1e2d7fb60b1f88e98bd1b08fec6db5be6dba810bb02de5fa11d2c8f4adef9dc93192e32868d7539c890fe4c39b301f955c4832c2a6ff051a380edaedc078040d3f36e2585b12c1e7e8b65c26db4b3f2f0bc4eb36cc50267e2e13ec323efbab9c9aec4c3d5a399e9eecf5bdab00ba07c99ec2468e7ed1e2b5bba6ae5dd8b364c6535d4d21256bbe82fecf73557ba66ca78c47cc114c5d59b3d7ce0a432aa170de4850341c3f26c139cf4f52f0f0659516150c41da053b631e870fa105c94c21c81765b75ed2d84c9574544e5614318a47ad1245bbfea72463b6ca7ca5d5b76a3c71e8e1c02a00bc1cd8d98b61fc5443c8690d4865f19bfac0ba45f0c48b473a5b1ddf7fe068230d103875bd4b806ab679f2cfd37677588a5f41de0ffea578d000b8b543693ec5d799d9b4f3a83a3d09624f3e589c5f1856d1d22110a05c80ba5b1740ee074a18f8fc4e2bc5113b97bf9ec23eeda3200b5e29a4b9db4937c8219c6580c531d1b0d5944a3b0d9fa3000da5b46e943e20d251ec81eca29e099ecfd53afbd938b457ca2e36fd4f17f52a07adab1726264592db635e77754a027a3598b156581480e4750b656377982cb5e69f40f1c330dccee68cd890351e23ceb9ea06b81d36072565c62eb72b31817c184cda66dc2edbd9824c69e2185754b922089fc7cfacf045013f305e43dcae98a46150f16cf38b9dba3c9de6740c17ee0f0e282195e1d6302426110e15c64d61be7f2657e3eff13665ab45439963a70b4c5a4cc946d45d448e9f76a68625c1f68ac071752c6026b058fc0edf15bed6df7cade009201c0ef8a6d2036955067102eede3fc0d6ac458bb8c13252fc28fb4e14cdcc31e4f8c2a8e4e9fb5539c7b6ed768f46e68c855fb7aae767032fab7f30d93f3897970d05746edafc76a03dde29242c2d6dce7027b962022d11eb1f90092736e49d6f8149177ab419aa9e409541a9315d9c9d2464a762a32f5195b683d852817b8d3f2d6a6b6dd382964b35c82b9858bc4d468c07f9eb117cdd1503e4e6426b9a1787f19a9a5c710bdd3783fdb160ae505be91bfa49f8d90d4a917e8e2f76fcb1951dac1a5cc7898bf0e76461bd04141a7a0b9b1d495eab35c203ef127f29c5d4eda6b6b84dcbda0f93a9ada53142f97c8285457b81a84569e34c5bdd3c32fcb963354670e2dd21c59a4112031aa7d5bb287f11b7f9c96127f42de05dab6dfcadafa13edf429bf136efae8c83a1b8079d9fb85c415cf836b80b53df4096fe2f349a5fcb4b374184ac6aab69e87893187d9133f6155c56410c0d170cce98843b6d0b75089910b5b03df23326a74f97e975c2308f8c97312f7df4f3d608b6de0ec222de6ed54a4bacde3ce138c6817e06e00fcb5fffbc57efb0353444c49800c3449575fad3d218121ecbe50a2dec93ed82c03ddd9475fdbaf881274a0e335a2204a87079f07f556e4c84d2ce3464beb7ee84c5ea7b00d9a019b10f0b332ba70adc27a012c0731f7d6260f3956b3abbf42cb11c82903a8a35cc27fafe66c739e2c13c3f859a7cb0e893adcffaf4819d93fe2656b0d42b1f7b18399669001228c007410a5541ec2fea6f3dca7b420c2a9454818f927534fde134d0434587dffc04d0e4640590dfec6eed4e2125d5cb676fa450fa867ba4235063c2298239551683219dbd32eebc3e59aa5103981fad66b3fc43b7ba8441d1e8032a1b2e64cc1d542b6acaf33871713c84a7ccbac38f4624f54ea83e268031b2b00de850799fc0b6ae871cc0c46e9744566063027df8b43e3113159db445d4453409db75035513888af25176e51f3a175596d1cc8ba774a7ce91dcd511631284bfd24b56a686e63a452da22055d8d46c4654f6d726cb74534812b3b80cab949c4a7764d88bada6461bb4a2b71cfcbb961303abf8bfc7658a4eaa5829df9355be23351c4e1a6b7e5f291bd2710daba49b6bffae08160426333a12dc279e909755ac732cecea7bd1ff71fb4847d0311f0d84de8de876dac978975629df974915465239aa0e5208c810d2d9a76b6948d5f8eab4d43c9cd13ad1ab90af653ca81d565dd83161337daa1463ad72870d203318d7b1a6aec02cc3baf3d3b71c4030b83937e8870d41b1be8abf4519f3657804de2d6b67c0c91ca83e47d27d222d1abf93417d7d31aaf2242149a61baebe6a060247672082b4ab3e995abb81de1e163ea81c596cea7359b636da9d00b21f6d1ff0b1911b01e8148dd64a007da1ecadc894917aa9bb6f379eb8f8be0d978a24cda3583f7182c51f9b29165982372d1aa7a4273a4dba3c09f96a32bf14589924f19243060350b2d9236ce3eef64d81e75bce5c6afad123cd1ef26aea25acaaae1df9b6a0088817966ffea08e8dd8826a76eb257fdce4afa0bd8ab4c6dbb45c4821a8f422249e8fff9cc647399a8b9688c3ee32711de44ec5a14212b5e5e1515c928c942843836d5e01fe95e33fe7cbfb1177e91b072e8ecc21a49f57e957ec3caf9577590e6cc8a92152eba9db859798c8789046eda125ef9fc9cc05155bee5b7469f455058cdf01b62064f160aff08052093c6285855ec20f59f415beca5f8f42c35fd9042079b98eab8572cb2732411fc00e99f19491a8cb3c5d56d1421073f22f05048d17b42365cfdc0e5bc1dd6e79f1bd33a474d7d8a8161b67c0675667220d3b08f6c961a0a1b7fc0f8435bbbbb9b1748e5ca9d7a913689a861f5c165643a213433221ac982057151ea232483f3a68612b788435bdec8ba35335aad54e0089eed1788cbc153b0c350cf0bb47b20654ee10704f0a0e5ec5d219aa98274b142fdde07933f874f8eb54eedd7481e8b23f0fb1052dff3f5d83f9ee3b1028db08965667037e094834c90ac93770a0f17301df1167606590c9f43c831534de7d91a32d74838a8250b14b5a6b7a52040ba1c23225c6490a891619cde7786dd033a929cad30155b2228cf33dbb220efb07c88aabd6d645d228443df09f76309f471f4d3b666abaa139e7131eca88fe5cc017439c72362819e854af75e7ad0a2bd370b168ddc669201671f2d1ad45ee8d950f3e56a7f37a2317e77c550cc1a3a2cbac6b529f8044ce658f5d690837fc09eefad51ccd0ea1594b51191522a62c5705e292a7e2ae3da3c0d6f2d5359a62b57ce227c42c8ba486a57f6dbb595599d04954595ae16133282d7b32a4d8672c8f8309708ac8b1acf1077753c58a9b7822afd268df08491cc46f3e0e0287c6cd8a9fb62e16235ba32eb6d2f98fe68d83c8d2aa772403bff7500257112dc70ebbbd925bd4243b58c24023a2c3f1405ccbbe969845ea85b933a71c77bc0d0dcf3468e1ab8244c2019021e3c71c4b17131e3baaad3fe3aa33aeff038b2fe7cc251dd967bfaf84191780aa4103a32824266749d13a0ba8a1ff1539d018b990d697ad9a8decad13fe63153b2f7066188067956dd0586f176ac86d33b1b36cff102403e4c29bab05442421fd9991dcb43a4a487ffc0dffe9a9d4b2c4cf1b2d1770e4839ac1079fc64c5786164be6f26aa59ce0c9e78a2d30caf5fd45386d7b7d4f9f01459a0ac8d7b79b38dc3b8605b8c4247d82c3252cb3bcea6e35116e8c7267bcd3b75d184384579c7ecaa0eae16148229c0b8b2994ff8ea007b869c307f68091d545df279887a442ba05bed8292ad85f35f6d1c229b4ad7f4147490ef7b2deb4eea460d597f6ffb3a872f490719a482de81f617801f948400ad866acc1d57287b40fbeac8c514b1aa93fb8f7b7a30cf1038b6b1aed1417a399e15b8c5e1e92863a72fba37c316eeb099e5ff9d691193467d133b7b77025442537b812ae213a8f52ad265af435edb0aa9577ffa3fc7550c35b040fd711600ed55bd4bca0a73d38a718973faa621fd1feab196e8114c47b10670b82607d9cb577ac984eb89fa0842a75d925e0c5243529052cb4b2784ef331dce1f55d5867fc599e5", 0xf50}], 0x1, &(0x7f0000001b40)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x80}], 0x1, 0x8811)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x48, r1, 0x1, 0xffffbffe, 0x4, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xfb2e77a8993c1937}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xfffd}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x2400c0d0)

85.208661ms ago: executing program 1 (id=904):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r2, &(0x7f00000005c0)={&(0x7f0000000300)={0xa, 0x4e20, 0x377, @remote, 0x10}, 0x1c, 0x0, 0x0, &(0x7f0000000a40)=[@hoplimit_2292={{0x10, 0x29, 0x8, 0x6}}, @flowinfo={{0x10, 0x29, 0xb, 0x100}}, @flowinfo={{0x10, 0x29, 0xb, 0x10000}}], 0x30}, 0x8040)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x24c, 0x128, 0x11, 0x148, 0x128, 0x0, 0x1b8, 0x2a8, 0x2a8, 0x1b8, 0x2a8, 0x3, 0x0, {[{{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0xff000000, 'wg1\x00', 'virt_wifi0\x00', {0x99380e6a96eb266d}, {0xff}, 0x67, 0x3}, 0x0, 0xc8, 0x128, 0x0, {}, [@common=@unspec=@devgroup={{0x34}, {0xc, 0x8, 0x4b, 0x4, 0x3}}, @common=@ttl={{0x24}, {0x1, 0x9}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x2, 0x4, 0x2, 0x3, 0x2], 0x1, 0x4}, {0xfffd, [0x4, 0x7, 0x0, 0x7, 0x1, 0x2], 0x4, 0x7}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010101, 0x0, 0xffffffff, 'gre0\x00', 'netdevsim0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x2a8)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x4048aec9, &(0x7f0000000380)={0x3, 0x0, @ioapic={0x1, 0x2, 0xf, 0x0, 0x0, [{0x2, 0x2, 0x1, '\x00', 0xd}, {0x4e, 0x7d, 0x7, '\x00', 0x9}, {0x0, 0x9, 0xa, '\x00', 0x7}, {0x2, 0x81, 0x1, '\x00', 0x3}, {0x81, 0xb, 0x0, '\x00', 0x6}, {0x7, 0xd, 0x7, '\x00', 0x1}, {0x4, 0x8, 0x1, '\x00', 0x4}, {0x38, 0xff, 0xf5, '\x00', 0x2}, {0x4, 0x7, 0x8, '\x00', 0x5}, {0x3, 0x81, 0x9, '\x00', 0x4}, {0x6e, 0x1, 0x40, '\x00', 0x53}, {0x8, 0xf9, 0x5, '\x00', 0x7}, {0x7, 0x5, 0x0, '\x00', 0x80}, {0x5, 0x5, 0x0, '\x00', 0x1}, {0xff, 0x1, 0x2, '\x00', 0x80}, {0x1, 0xc, 0x67, '\x00', 0x3}, {0xfb, 0x4, 0x9, '\x00', 0x7}, {0x7, 0x5, 0x10, '\x00', 0x6}, {0x7, 0xfe, 0x46}, {0x7f, 0x0, 0x5, '\x00', 0x7}, {0xf9, 0x5, 0xc, '\x00', 0x5}, {0x5, 0xdd, 0x8, '\x00', 0x5c}, {0x2, 0x9, 0xee, '\x00', 0x1}, {0xf, 0x4c, 0xf7, '\x00', 0x8}]}})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4040aea0, &(0x7f0000000080)=@arm64={0xfd, 0xa, 0x4, '\x00', 0xf3})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r6, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r9, @ANYBLOB="60005080110001004abee339084eeef16f162471f40000000800030001ac0f00050002"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r8)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r10, 0x65, 0x1, &(0x7f0000000040)=[{}, {}, {}], &(0x7f00000000c0)=0x18)

0s ago: executing program 3 (id=905):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000007d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200"], 0x0, 0x2010800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x40010)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$FUSE(r2, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$kcm(0x10, 0x6, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000280)="e2", 0x1}], 0x2}, 0x48050)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
socket$inet6_tcp(0xa, 0x1, 0x0)
setrlimit(0xd, &(0x7f0000000300)={0x8, 0x4})

kernel console output (not intermixed with test programs):

m.
[   65.332684][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.460369][ T5948] hsr_slave_0: entered promiscuous mode
[   65.463732][ T5948] hsr_slave_1: entered promiscuous mode
[   65.467175][ T5948] debugfs: 'hsr0' already exists in 'hsr'
[   65.469737][ T5948] Cannot create hsr debugfs directory
[   65.684456][ T5947] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.694899][ T5947] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.701599][ T5947] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.718181][ T5947] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.791639][ T5961] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.818969][ T5961] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.825200][ T5961] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.845267][ T5961] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   65.881326][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   65.889842][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   65.906547][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   65.906588][ T5957] Bluetooth: hci3: command tx timeout
[   65.906594][ T5298] Bluetooth: hci2: command tx timeout
[   65.906863][ T5950] Bluetooth: hci0: command tx timeout
[   65.925086][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   65.972830][ T5948] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.982312][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.985510][ T5957] Bluetooth: hci1: command tx timeout
[   65.988317][ T5948] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.004422][ T5948] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   66.010143][ T5948] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   66.034006][ T5947] 8021q: adding VLAN 0 to HW filter on device team0
[   66.047986][ T1199] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.050565][ T1199] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.059307][ T5961] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.067217][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.069935][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.093039][ T5961] 8021q: adding VLAN 0 to HW filter on device team0
[   66.110835][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.113190][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.141562][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.144130][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.222780][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.240196][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.259083][ T5948] 8021q: adding VLAN 0 to HW filter on device team0
[   66.268065][  T766] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.271052][  T766] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.281328][ T1174] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.283696][ T1174] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.289314][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   66.319355][ T1174] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.321688][ T1174] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.332863][   T73] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.335708][   T73] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.402745][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.420372][ T5961] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.476660][ T5961] veth0_vlan: entered promiscuous mode
[   66.491124][ T5947] veth0_vlan: entered promiscuous mode
[   66.494345][ T5961] veth1_vlan: entered promiscuous mode
[   66.507336][ T5947] veth1_vlan: entered promiscuous mode
[   66.532004][ T5961] veth0_macvtap: entered promiscuous mode
[   66.542293][ T5961] veth1_macvtap: entered promiscuous mode
[   66.547968][ T5947] veth0_macvtap: entered promiscuous mode
[   66.560102][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.566967][ T5947] veth1_macvtap: entered promiscuous mode
[   66.587981][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.614249][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.623546][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.631786][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.638947][   T73] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.648880][   T73] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.662339][   T73] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.669927][   T73] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.677095][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.693507][   T73] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.697714][   T73] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.709659][ T5948] veth0_vlan: entered promiscuous mode
[   66.715722][   T73] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.732071][   T73] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.764314][ T5948] veth1_vlan: entered promiscuous mode
[   66.806098][ T5949] veth0_vlan: entered promiscuous mode
[   66.818967][ T1199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.821739][ T5949] veth1_vlan: entered promiscuous mode
[   66.822459][ T1199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.863026][ T5948] veth0_macvtap: entered promiscuous mode
[   66.878555][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.880291][ T5948] veth1_macvtap: entered promiscuous mode
[   66.882141][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.899069][ T1174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.902528][ T1174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.923430][ T5949] veth0_macvtap: entered promiscuous mode
[   66.938692][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.942879][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.942907][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.960790][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.965064][ T5949] veth1_macvtap: entered promiscuous mode
[   66.975831][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.979589][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.992113][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.993095][ T5961] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   67.009581][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.025547][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.043537][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.105688][ T1199] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.110399][ T1199] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.125327][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.129302][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.151028][ T1174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.154444][ T1174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.200235][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.203782][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.224826][ T1174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.228448][ T1174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.290968][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.304166][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.415876][ T6043] FAULT_INJECTION: forcing a failure.
[   67.415876][ T6043] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   67.426019][ T6043] CPU: 3 UID: 0 PID: 6043 Comm: syz.0.1 Not tainted syzkaller #0 PREEMPT(full) 
[   67.426045][ T6043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   67.426100][ T6043] Call Trace:
[   67.426107][ T6043]  <TASK>
[   67.426115][ T6043]  dump_stack_lvl+0x100/0x190
[   67.426151][ T6043]  should_fail_ex.cold+0x5/0xa
[   67.426221][ T6043]  strncpy_from_user+0x3b/0x2d0
[   67.426247][ T6043]  do_getname+0x78/0x390
[   67.426274][ T6043]  do_fchmodat+0xc9/0x1b0
[   67.426303][ T6043]  ? __pfx_do_fchmodat+0x10/0x10
[   67.426323][ T6043]  ? ksys_write+0x1ac/0x250
[   67.426341][ T6043]  ? __pfx_ksys_write+0x10/0x10
[   67.426361][ T6043]  __ia32_sys_fchmodat+0x75/0xb0
[   67.426381][ T6043]  ? lockdep_hardirqs_on+0x78/0x100
[   67.426402][ T6043]  __do_fast_syscall_32+0xe3/0x8c0
[   67.426424][ T6043]  do_fast_syscall_32+0x32/0x70
[   67.426444][ T6043]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   67.426466][ T6043] RIP: 0023:0xf6fdef6c
[   67.426481][ T6043] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   67.426497][ T6043] RSP: 002b:00000000f538b50c EFLAGS: 00000292 ORIG_RAX: 0000000000000132
[   67.426515][ T6043] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000000
[   67.426526][ T6043] RDX: 00000000fffffffb RSI: 0000000000000000 RDI: 0000000000000000
[   67.426536][ T6043] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   67.426544][ T6043] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   67.426554][ T6043] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   67.426576][ T6043]  </TASK>
[   67.472190][ T6047] netlink: 'syz.1.2': attribute type 101 has an invalid length.
[   67.852055][ T6059] capability: warning: `syz.0.6' uses deprecated v2 capabilities in a way that may be insecure
[   67.913949][ T6065] overlay: Unknown parameter '/³6™¡áÌM߶Á¯Ð}ßÁŽ5ŒÖ&IG—$ΆïÀ¡PA¾éöHBû˜-\,ñH�f‹tdð¦ý&Cç)¬ZVF*kdÕ §Qý¤úßcºÂýì¿TiÛw	UE´±påÖèì‹ùΛ�S¸2épå*÷™Ÿ�Õ	W~­âx‘­¨VAgòÇÒî¡ÁÉÆ]ŽXÝîCì4çM3Å»²»!‰'
[   68.000088][ T5957] Bluetooth: hci3: command tx timeout
[   68.001967][ T5957] Bluetooth: hci0: command tx timeout
[   68.003785][ T5957] Bluetooth: hci2: command tx timeout
[   68.078262][ T5950] Bluetooth: hci1: command tx timeout
[   68.796381][ T6070] =======================================================
[   68.796381][ T6070] WARNING: The mand mount option has been deprecated and
[   68.796381][ T6070]          and is ignored by this kernel. Remove the mand
[   68.796381][ T6070]          option from the mount to silence this warning.
[   68.796381][ T6070] =======================================================
[   69.264747][ T6034] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   69.372583][ T6074] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10'.
[   69.425649][ T6034] usb 7-1: Using ep0 maxpacket: 8
[   69.430080][ T6034] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   69.433218][ T6034] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   69.449794][ T6034] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   69.453283][ T6034] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   69.464619][ T6034] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   69.467403][ T6034] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   69.692192][ T6034] usb 7-1: GET_CAPABILITIES returned 0
[   69.694125][ T6034] usbtmc 7-1:16.0: can't read capabilities
[   69.878283][ T6088] syz.0.12 uses obsolete (PF_INET,SOCK_PACKET)
[   69.933933][   T40] usb 7-1: USB disconnect, device number 2
[   70.065965][ T5957] Bluetooth: hci0: command tx timeout
[   70.068307][ T5957] Bluetooth: hci3: command tx timeout
[   70.070689][ T5950] Bluetooth: hci2: command tx timeout
[   70.145894][ T5950] Bluetooth: hci1: command tx timeout
[   70.204630][ T6034] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   70.255560][ T6093] netlink: 48 bytes leftover after parsing attributes in process `syz.1.14'.
[   70.372605][ T6034] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   70.377033][ T6034] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   70.380489][ T6034] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   70.383471][ T6034] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.388174][ T6090] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   70.393899][ T6034] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[   70.580290][ T6096] ceph: No mds server is up or the cluster is laggy
[   70.738228][ T6015] libceph: connect (1)[c::]:6789 error -101
[   70.740722][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[   70.979374][ T6110] fuse: Bad value for 'fd'
[   71.007871][ T6112] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[   71.007906][ T6112] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   71.010931][ T6112] vhci_hcd vhci_hcd.0: Device attached
[   71.040374][ T6116] netlink: 496 bytes leftover after parsing attributes in process `syz.2.17'.
[   71.403817][ T6015] usb 44-1: SetAddress Request (2) to port 0
[   71.414705][ T6015] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[   71.571076][  T830] libceph: connect (1)[c::]:6789 error -101
[   71.573458][  T830] libceph: mon0 (1)[c::]:6789 connect error
[   71.621022][ T6130] ceph: No mds server is up or the cluster is laggy
[   71.796617][ T6113] vhci_hcd: connection reset by peer
[   71.800650][ T1174] vhci_hcd vhci_hcd.3: stop threads
[   71.803604][ T1174] vhci_hcd vhci_hcd.3: release socket
[   71.806401][ T1174] vhci_hcd vhci_hcd.3: disconnect device
[   72.147164][ T5950] Bluetooth: hci2: command tx timeout
[   72.147198][ T5298] Bluetooth: hci3: command tx timeout
[   72.147272][ T5298] Bluetooth: hci0: command tx timeout
[   72.228822][ T5298] Bluetooth: hci1: command tx timeout
[   72.535219][ T6145] Driver unsupported XDP return value 0 on prog  (id 5) dev N/A, expect packet loss!
[   72.684512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   72.784941][   T71] IPVS: starting estimator thread 0...
[   72.844517][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   72.885073][ T6148] IPVS: using max 43 ests per chain, 103200 per kthread
[   73.034920][    T0] NOHZ tick-stop error: local softirq work is pending, handler #148!!!
[   73.064525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   73.094534][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   73.114523][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   73.214118][   T56] usb 5-1: USB disconnect, device number 2
[   73.738433][ T6164] Zero length message leads to an empty skb
[   73.930094][ T6170] batman_adv: batadv0: Adding interface: dummy0
[   73.932705][ T6170] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   73.942701][ T6170] batman_adv: batadv0: Interface activated: dummy0
[   73.960900][ T6170] batadv0: mtu less than device minimum
[   73.964787][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.969326][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.973325][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.977581][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.981521][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.985869][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.989747][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.993767][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   73.999458][ T6170] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   74.104256][  T830] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   74.118324][ T6174] MTD: Attempt to mount non-MTD device "/dev/loop3"
[   74.129740][ T6174] cramfs: wrong magic
[   74.292481][ T6174] netlink: 'syz.3.32': attribute type 2 has an invalid length.
[   74.292689][  T830] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.299371][  T830] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   74.304771][  T830] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   74.307160][ T6174] hmaÓË224)
: entered promiscuous mode
[   74.311380][  T830] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.330707][  T830] usb 7-1: config 0 descriptor??
[   74.774004][ T6178] netlink: 84 bytes leftover after parsing attributes in process `syz.0.33'.
[   74.871008][  T830] usbhid 7-1:0.0: can't add hid device: -71
[   74.875523][  T830] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[   74.916337][  T830] usb 7-1: USB disconnect, device number 3
[   74.932353][ T6183] fuse: Invalid rootmode
[   75.033088][ T6189] 9p: Unknown uid 00000000004294967295
[   75.036168][ T6189] vivid-003: disconnect
[   75.045384][ T6188] vivid-003: reconnect
[   75.657364][ T6195] warning: `syz.0.36' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   75.695196][ T6199] netlink: 20 bytes leftover after parsing attributes in process `syz.3.42'.
[   75.839066][ T6206] fuse: Invalid rootmode
[   76.499313][ T6219] netlink: 'syz.1.49': attribute type 11 has an invalid length.
[   76.607286][ T6222] comedi comedi3: das16m1: I/O port conflict (0x9,16)
[   76.619961][ T6222] netlink: 12 bytes leftover after parsing attributes in process `syz.1.50'.
[   76.629781][ T6222] block nbd0: Unsupported socket: should be TCP or UNIX.
[   76.645842][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[   76.648984][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[   76.812383][ T6226] netlink: 12 bytes leftover after parsing attributes in process `syz.3.51'.
[   76.961462][ T6228] can0: slcan on ptm0.
[   77.034739][ T6015] usb 44-1: device descriptor read/8, error -110
[   77.065816][ T6227] can0 (unregistered): slcan off ptm0.
[   78.046150][ T6015] usb usb44-port1: attempt power cycle
[   79.066284][ T6015] usb usb44-port1: unable to enumerate USB device
[   79.276820][ T6271] fuse: Unknown parameter '&d#á—‘Èí0È^�öæwP™iÂŽÆt'
ùÈeX(«0Õø_9³D7Së8žZüYXáøÔ8b__b§·ÄRŠ…fœG´ê0x0000000000000004'
[   79.431161][ T6284] input: syz0 as /devices/virtual/input/input7
[   80.542605][ T6297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.69'.
[   80.548254][ T6299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.70'.
[   80.604649][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   80.637840][ T6304] netlink: 48 bytes leftover after parsing attributes in process `syz.1.71'.
[   80.921746][ T6311] overlayfs: failed to resolve './file1/file0': -2
[   81.063203][ T6312] ceph: No mds server is up or the cluster is laggy
[   81.101191][   T56] libceph: connect (1)[c::]:6789 error -101
[   81.123186][   T56] libceph: mon0 (1)[c::]:6789 connect error
[   81.266786][ T6319] FAULT_INJECTION: forcing a failure.
[   81.266786][ T6319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.271098][ T6319] CPU: 3 UID: 0 PID: 6319 Comm: syz.2.74 Not tainted syzkaller #0 PREEMPT(full) 
[   81.271114][ T6319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   81.271122][ T6319] Call Trace:
[   81.271128][ T6319]  <TASK>
[   81.271134][ T6319]  dump_stack_lvl+0x100/0x190
[   81.271161][ T6319]  should_fail_ex.cold+0x5/0xa
[   81.271177][ T6319]  _copy_to_user+0x32/0xd0
[   81.271194][ T6319]  simple_read_from_buffer+0xcb/0x170
[   81.271215][ T6319]  proc_fail_nth_read+0x1af/0x230
[   81.271231][ T6319]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.271247][ T6319]  ? rw_verify_area+0xce/0x6d0
[   81.271264][ T6319]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.271278][ T6319]  vfs_read+0x1e4/0xb30
[   81.271291][ T6319]  ? __pfx_vfs_read+0x10/0x10
[   81.271300][ T6319]  ? find_held_lock+0x2b/0x80
[   81.271313][ T6319]  ? __fget_files+0x215/0x3d0
[   81.271326][ T6319]  ? __fget_files+0x21f/0x3d0
[   81.271341][ T6319]  ksys_read+0x12a/0x250
[   81.271351][ T6319]  ? __pfx_ksys_read+0x10/0x10
[   81.271366][ T6319]  do_int80_emulation+0x141/0x6b0
[   81.271383][ T6319]  asm_int80_emulation+0x1a/0x20
[   81.271394][ T6319] RIP: 0023:0xf7165cab
[   81.271405][ T6319] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[   81.271415][ T6319] RSP: 002b:00000000f54264bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   81.271427][ T6319] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54265d0
[   81.271433][ T6319] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[   81.271439][ T6319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   81.271445][ T6319] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   81.271451][ T6319] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.271464][ T6319]  </TASK>
[   81.529773][ T6317] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size.
[   81.664821][ T6329] netlink: 12 bytes leftover after parsing attributes in process `syz.2.77'.
[   82.155709][ T5953] kernel read not supported for file /radio0 (pid: 5953 comm: kworker/2:3)
[   82.228349][ T6342] netlink: 36 bytes leftover after parsing attributes in process `syz.0.81'.
[   82.296615][ T6351] autofs4:pid:6351:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[   82.380607][ T6356] overlayfs: failed to resolve './file1/file0': -2
[   82.522608][ T6361] fuse: Unknown parameter 'use00000000000000000000'
[   82.552749][ T6364] netlink: 220 bytes leftover after parsing attributes in process `syz.1.84'.
[   82.564768][ T6364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.84'.
[   82.579835][ T6364] binder: BINDER_SET_CONTEXT_MGR already set
[   82.582918][ T6364] binder: 6350:6364 ioctl 4018620d 80001000 returned -16
[   82.638636][ T6366] netlink: 28 bytes leftover after parsing attributes in process `syz.2.90'.
[   82.886437][   T41] audit: type=1326 audit(1775739406.052:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.896230][   T41] audit: type=1326 audit(1775739406.052:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.906721][   T41] audit: type=1326 audit(1775739406.062:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.919247][   T41] audit: type=1326 audit(1775739406.062:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.929341][   T41] audit: type=1326 audit(1775739406.062:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.938179][   T41] audit: type=1326 audit(1775739406.062:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.944979][   T41] audit: type=1326 audit(1775739406.062:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.952607][   T41] audit: type=1326 audit(1775739406.072:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.960731][   T41] audit: type=1326 audit(1775739406.072:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   82.969518][   T41] audit: type=1326 audit(1775739406.072:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.3.93" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf700ef6c code=0x7ffc0000
[   83.196815][ T6383] loop6: detected capacity change from 0 to 8
[   83.255167][ T6383] loop6: detected capacity change from 8 to 7
[   83.262629][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.266348][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.270761][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.273941][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.279007][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.283122][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.292826][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.297092][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.302421][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.307062][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.311893][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.315819][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.319938][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.323510][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.327212][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.330385][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.333258][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.337224][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.340481][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   83.343502][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[   83.348360][ T6383] ldm_validate_partition_table(): Disk read failed.
[   83.353266][ T6383] Dev loop6: unable to read RDB block 0
[   83.373604][ T6383]  loop6: unable to read partition table
[   83.379339][ T6383] loop6: partition table beyond EOD, truncated
[   83.384608][ T6383] loop_reread_partitions: partition scan of loop6 (°) failed (rc=-5)
[   83.481283][ T5350] ldm_validate_partition_table(): Disk read failed.
[   83.484015][ T5350] Dev loop6: unable to read RDB block 0
[   83.487565][ T5350]  loop6: unable to read partition table
[   83.488284][ T6392] fuse: Unknown parameter 'use00000000000000000000'
[   83.489927][ T5350] loop6: partition table beyond EOD, truncated
[   83.509510][ T6394] netlink: 48 bytes leftover after parsing attributes in process `syz.3.99'.
[   83.815062][ T6015] libceph: connect (1)[c::]:6789 error -101
[   83.821667][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[   83.856238][ T6399] ceph: No mds server is up or the cluster is laggy
[   84.101569][ T6410] trusted_key: encrypted_key: keylen parameter is missing
[   84.480371][ T6416] x_tables: duplicate underflow at hook 1
[   84.486304][ T6416] hub 8-0:1.0: USB hub found
[   84.488404][ T6416] hub 8-0:1.0: 1 port detected
[   84.653684][  T830] libceph: connect (1)[c::]:6789 error -101
[   84.657904][  T830] libceph: mon0 (1)[c::]:6789 connect error
[   84.716398][ T6426] ceph: No mds server is up or the cluster is laggy
[   84.806682][ T6437] net_ratelimit: 10 callbacks suppressed
[   84.806698][ T6437] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   84.944595][ T5298] Bluetooth: hci3: command tx timeout
[   85.823738][ T6456] FAULT_INJECTION: forcing a failure.
[   85.823738][ T6456] name failslab, interval 1, probability 0, space 0, times 1
[   85.828751][ T6456] CPU: 3 UID: 0 PID: 6456 Comm: syz.1.117 Not tainted syzkaller #0 PREEMPT(full) 
[   85.828768][ T6456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.828774][ T6456] Call Trace:
[   85.828778][ T6456]  <TASK>
[   85.828783][ T6456]  dump_stack_lvl+0x100/0x190
[   85.828807][ T6456]  should_fail_ex.cold+0x5/0xa
[   85.828822][ T6456]  ? tomoyo_realpath_from_path+0xb6/0x690
[   85.828840][ T6456]  should_failslab+0xc2/0x120
[   85.828853][ T6456]  __kmalloc_noprof+0xe0/0x850
[   85.828916][ T6456]  tomoyo_realpath_from_path+0xb6/0x690
[   85.828939][ T6456]  tomoyo_path_number_perm+0x23c/0x580
[   85.828954][ T6456]  ? tomoyo_path_number_perm+0x22e/0x580
[   85.828971][ T6456]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   85.829002][ T6456]  ? find_held_lock+0x2b/0x80
[   85.829015][ T6456]  ? hook_file_ioctl_common+0x146/0x410
[   85.829031][ T6456]  ? __fget_files+0x215/0x3d0
[   85.829047][ T6456]  ? __fget_files+0x21f/0x3d0
[   85.829062][ T6456]  security_file_ioctl_compat+0xd3/0x230
[   85.829080][ T6456]  __ia32_compat_sys_ioctl+0xc2/0x360
[   85.829102][ T6456]  __do_fast_syscall_32+0xe3/0x8c0
[   85.829121][ T6456]  do_fast_syscall_32+0x32/0x70
[   85.829135][ T6456]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   85.829151][ T6456] RIP: 0023:0xf7f73f6c
[   85.829162][ T6456] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   85.829173][ T6456] RSP: 002b:00000000f543650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[   85.829185][ T6456] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c020aa07
[   85.829193][ T6456] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[   85.829200][ T6456] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   85.829206][ T6456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.829213][ T6456] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   85.829233][ T6456]  </TASK>
[   85.829239][ T6456] ERROR: Out of memory at tomoyo_realpath_from_path.
[   85.990708][ T6462] ubi16: attaching mtd0
[   85.994225][ T6462] ubi16: scanning is finished
[   85.997342][ T6462] ubi16: empty MTD device detected
[   86.047539][ T6463] cifs: Unknown parameter 'mode'
[   86.485379][ T6462] ubi16: attached mtd0 (name "mtdram test device", size 0 MiB)
[   86.496965][ T6462] ubi16: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   86.499368][ T6462] ubi16: min./max. I/O unit sizes: 1/64, sub-page size 1
[   86.501584][ T6462] ubi16: VID header offset: 64 (aligned 64), data offset: 128
[   86.504061][ T6462] ubi16: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   86.515070][ T6462] ubi16: user volume: 0, internal volumes: 1, max. volumes count: 23
[   86.518048][ T6462] ubi16: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1079233504
[   86.532850][ T6462] ubi16: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   86.539712][ T6467] ubi16: background thread "ubi_bgt16d" started, PID 6467
[   86.651461][ T6472] netlink: 'syz.3.121': attribute type 10 has an invalid length.
[   86.666749][ T6472] team0: Device xfrm0 is of different type
[   86.707240][   T39] cfg80211: failed to load regulatory.db
[   86.760621][ T6475] mkiss: ax0: crc mode is auto.
[   86.834720][ T6475] sd 0:0:0:0: PR command failed: 1026
[   86.837306][ T6475] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[   86.839873][ T6475] sd 0:0:0:0: Add. Sense: Invalid command operation code
[   86.847077][ T6475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'.
[   86.851098][ T6475] netlink: 12 bytes leftover after parsing attributes in process `syz.3.122'.
[   88.017180][ T6500] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   88.020163][ T6500] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   88.111443][ T6500] vhci_hcd vhci_hcd.0: Device attached
[   88.124377][ T6503] process 'syz.2.123' launched './file0' with NULL argv: empty string added
[   89.704395][ T6508] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   89.719560][ T6508] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[   89.723284][ T6508] overlayfs: failed to look up (tracing) for ino (-66)
[   89.784725][ T6015] usb 38-1: SetAddress Request (2) to port 0
[   89.786807][ T6015] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[   89.790667][ T6516] fuse: Unknown parameter 'user_i00000000000000000000'
[   89.791880][ T6495] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.838189][ T6495] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   90.138409][ T6501] vhci_hcd: connection reset by peer
[   90.141419][   T12] vhci_hcd vhci_hcd.0: stop threads
[   90.143252][   T12] vhci_hcd vhci_hcd.0: release socket
[   90.146240][   T12] vhci_hcd vhci_hcd.0: disconnect device
[   90.232013][ T6527] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.138'.
[   91.096862][ T6551] netlink: 4 bytes leftover after parsing attributes in process `syz.2.146'.
[   91.266818][ T6561] fuse: Unknown parameter 'user_id00000000000000000000'
[   91.358606][ T6570] netlink: 20 bytes leftover after parsing attributes in process `syz.1.155'.
[   92.193916][ T6588] netlink: 20 bytes leftover after parsing attributes in process `syz.0.154'.
[   92.230774][ T6592] cifs: Unknown parameter '/dev/kvm'
[   92.872022][ T6611] futex_wake_op: syz.2.167 tries to shift op by 32; fix this program
[   92.880508][ T6611] netlink: 4 bytes leftover after parsing attributes in process `syz.2.167'.
[   93.404541][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   95.418256][ T6015] usb 38-1: device descriptor read/8, error -110
[   95.835353][ T6037] libceph: connect (1)[c::]:6789 error -101
[   95.838300][ T6037] libceph: mon0 (1)[c::]:6789 connect error
[   96.045709][ T6617] ceph: No mds server is up or the cluster is laggy
[   96.320397][ T6015] usb usb38-port1: attempt power cycle
[   97.108028][ T6639] fuse: Unknown parameter 'user_id00000000000000000000'
[   97.295283][ T6647] netlink: 40 bytes leftover after parsing attributes in process `syz.3.177'.
[   97.389906][ T6643] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   97.407847][ T6643] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[   97.412315][ T6643] overlayfs: failed to look up (tracing) for ino (-66)
[   97.569012][ T6653] /dev/sr0: Can't open blockdev
[   97.775725][ T6015] usb usb38-port1: unable to enumerate USB device
[   97.778737][ T6015] libceph: connect (1)[c::]:6789 error -101
[   97.780743][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[   97.810120][ T6649] ceph: No mds server is up or the cluster is laggy
[   98.036761][ T6663] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   98.039180][ T6663] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   98.127722][ T6663] vhci_hcd vhci_hcd.0: Device attached
[   98.320322][ T5996] libceph: connect (1)[c::]:6789 error -101
[   98.327087][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[   98.353066][ T6670] ceph: No mds server is up or the cluster is laggy
[   98.395975][ T6675] FAULT_INJECTION: forcing a failure.
[   98.395975][ T6675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.400637][ T6675] CPU: 3 UID: 0 PID: 6675 Comm: syz.2.181 Not tainted syzkaller #0 PREEMPT(full) 
[   98.400654][ T6675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   98.400662][ T6675] Call Trace:
[   98.400667][ T6675]  <TASK>
[   98.400673][ T6675]  dump_stack_lvl+0x100/0x190
[   98.400699][ T6675]  should_fail_ex.cold+0x5/0xa
[   98.400716][ T6675]  _copy_from_user+0x2e/0xd0
[   98.400735][ T6675]  kvm_arch_vm_ioctl+0x27a/0x18d0
[   98.400755][ T6675]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[   98.400774][ T6675]  ? tomoyo_check_open_permission+0x1a2/0x3c0
[   98.400792][ T6675]  ? stack_trace_save+0x8e/0xc0
[   98.400837][ T6675]  ? look_up_lock_class+0x55/0x120
[   98.400853][ T6675]  ? register_lock_class+0x40/0x560
[   98.400871][ T6675]  ? find_held_lock+0x2b/0x80
[   98.400882][ T6675]  ? ima_match_policy+0x8c4/0x2350
[   98.400898][ T6675]  ? ima_match_policy+0x8c4/0x2350
[   98.400916][ T6675]  ? __lock_acquire+0x4a5/0x2630
[   98.400939][ T6675]  ? __lock_acquire+0x4a5/0x2630
[   98.400963][ T6675]  ? __lock_acquire+0x4a5/0x2630
[   98.400987][ T6675]  ? find_held_lock+0x2b/0x80
[   98.400998][ T6675]  ? is_bpf_text_address+0x8a/0x1a0
[   98.401019][ T6675]  ? is_bpf_text_address+0x8a/0x1a0
[   98.401038][ T6675]  ? bpf_ksym_find+0x124/0x1c0
[   98.401054][ T6675]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   98.401068][ T6675]  ? is_bpf_text_address+0x94/0x1a0
[   98.401088][ T6675]  ? kernel_text_address+0x8d/0x100
[   98.401107][ T6675]  ? __pfx_widen_string+0x10/0x10
[   98.401123][ T6675]  ? __kernel_text_address+0xd/0x30
[   98.401141][ T6675]  ? unwind_get_return_address+0x59/0xa0
[   98.401156][ T6675]  ? arch_stack_walk+0xa6/0xf0
[   98.401172][ T6675]  kvm_vm_ioctl+0x1564/0x4080
[   98.401193][ T6675]  ? tomoyo_path_number_perm+0x46d/0x580
[   98.401208][ T6675]  ? stack_trace_save+0x8e/0xc0
[   98.401220][ T6675]  ? __pfx_stack_trace_save+0x10/0x10
[   98.401234][ T6675]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   98.401247][ T6675]  ? __lock_acquire+0x4a5/0x2630
[   98.401264][ T6675]  ? tomoyo_path_number_perm+0x46d/0x580
[   98.401278][ T6675]  ? kasan_save_stack+0x3f/0x50
[   98.401290][ T6675]  ? kasan_save_stack+0x30/0x50
[   98.401301][ T6675]  ? kasan_save_track+0x14/0x30
[   98.401311][ T6675]  ? kasan_save_free_info+0x3b/0x70
[   98.401327][ T6675]  ? __kasan_slab_free+0x5f/0x80
[   98.401339][ T6675]  ? kfree+0x1f6/0x6b0
[   98.401355][ T6675]  ? tomoyo_path_number_perm+0x46d/0x580
[   98.401369][ T6675]  ? security_file_ioctl_compat+0xd3/0x230
[   98.401386][ T6675]  ? __ia32_compat_sys_ioctl+0xc2/0x360
[   98.401404][ T6675]  ? __do_fast_syscall_32+0xe3/0x8c0
[   98.401418][ T6675]  ? do_fast_syscall_32+0x32/0x70
[   98.401431][ T6675]  ? kvm_arch_vm_compat_ioctl+0x2d0/0x470
[   98.401447][ T6675]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[   98.401473][ T6675]  ? tomoyo_path_number_perm+0x46d/0x580
[   98.401488][ T6675]  ? kasan_quarantine_put+0x104/0x240
[   98.401507][ T6675]  ? lockdep_hardirqs_on+0x78/0x100
[   98.401519][ T6675]  ? find_held_lock+0x2b/0x80
[   98.401530][ T6675]  ? tomoyo_path_number_perm+0x28f/0x580
[   98.401544][ T6675]  ? tomoyo_path_number_perm+0x28f/0x580
[   98.401561][ T6675]  ? tomoyo_path_number_perm+0x188/0x580
[   98.401576][ T6675]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   98.401596][ T6675]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   98.401610][ T6675]  ? do_vfs_ioctl+0x226/0x13e0
[   98.401627][ T6675]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   98.401646][ T6675]  kvm_vm_compat_ioctl+0x2f7/0x3f0
[   98.401659][ T6675]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   98.401673][ T6675]  ? find_held_lock+0x2b/0x80
[   98.401684][ T6675]  ? hook_file_ioctl_common+0x146/0x410
[   98.401703][ T6675]  ? __fget_files+0x21f/0x3d0
[   98.401718][ T6675]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   98.401731][ T6675]  __ia32_compat_sys_ioctl+0x2cf/0x360
[   98.401751][ T6675]  __do_fast_syscall_32+0xe3/0x8c0
[   98.401766][ T6675]  do_fast_syscall_32+0x32/0x70
[   98.401779][ T6675]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   98.401795][ T6675] RIP: 0023:0xf7f66f6c
[   98.401805][ T6675] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[   98.401815][ T6675] RSP: 002b:00000000f540550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[   98.401827][ T6675] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004048aec9
[   98.401834][ T6675] RDX: 0000000080000840 RSI: 0000000000000000 RDI: 0000000000000000
[   98.401841][ T6675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   98.401847][ T6675] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[   98.401856][ T6675] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   98.401870][ T6675]  </TASK>
[   98.444964][ T6015] usb 38-1: SetAddress Request (6) to port 0
[   98.595523][ T6015] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[   98.669686][   T41] kauditd_printk_skb: 1014 callbacks suppressed
[   98.669700][   T41] audit: type=1326 audit(1775739421.832:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6681 comm="syz.3.183" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700ef6c code=0x0
[   98.728739][ T6665] vhci_hcd: connection reset by peer
[   98.734623][  T766] vhci_hcd vhci_hcd.0: stop threads
[   98.737003][  T766] vhci_hcd vhci_hcd.0: release socket
[   98.744975][  T766] vhci_hcd vhci_hcd.0: disconnect device
[   99.063054][ T6699] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[   99.186093][ T6685] netlink: 20 bytes leftover after parsing attributes in process `syz.2.184'.
[   99.312522][ T6707] fuse: Bad value for 'fd'
[  100.545984][   T71] libceph: connect (1)[c::]:6789 error -101
[  100.548866][   T71] libceph: mon0 (1)[c::]:6789 connect error
[  100.590982][ T6726] ceph: No mds server is up or the cluster is laggy
[  100.825215][ T6735] netlink: 40 bytes leftover after parsing attributes in process `syz.3.197'.
[  100.829330][ T6735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.197'.
[  101.123673][ T6738] mkiss: ax0: crc mode is auto.
[  101.373603][ T6743] fuse: Bad value for 'fd'
[  101.387732][ T6745] netlink: 12 bytes leftover after parsing attributes in process `syz.0.201'.
[  101.391343][ T6746] netlink: 12 bytes leftover after parsing attributes in process `syz.0.201'.
[  101.418474][ T6748] autofs4:pid:6748:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  102.429770][ T6755] overlayfs: failed to resolve './file1/file0': -2
[  102.642905][ T6763] netlink: 220 bytes leftover after parsing attributes in process `syz.1.202'.
[  102.659335][ T6763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.202'.
[  102.712286][ T6763] binder: BINDER_SET_CONTEXT_MGR already set
[  102.720080][ T6763] binder: 6747:6763 ioctl 4018620d 80001000 returned -16
[  102.729573][ T6767] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  102.740261][ T6767] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  102.743456][ T6767] overlayfs: failed to look up (tracing) for ino (-66)
[  102.944838][ T5957] Bluetooth: hci4: command 0x1003 tx timeout
[  102.944863][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  103.048212][ T6772] fuse: Unknown parameter '0x0000000000000003'
[  103.245129][ T6777] netlink: 20 bytes leftover after parsing attributes in process `syz.0.208'.
[  104.063684][ T6787] overlayfs: failed to resolve './file1/file0': -2
[  104.319139][ T6015] usb 38-1: device descriptor read/8, error -110
[  104.416908][ T6780] mkiss: ax0: crc mode is auto.
[  104.492964][ T6790] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  104.504061][ T6790] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  104.507429][ T6790] overlayfs: failed to look up (tracing) for ino (-66)
[  104.722798][ T6796] PM: Enabling pm_trace changes system date and time during resume.
[  104.722798][ T6796] PM: Correct system time has to be restored manually after resume.
[  104.725250][ T6015] usb usb38-port1: attempt power cycle
[  104.907200][ T6807] autofs4:pid:6807:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  104.915309][ T6809] fuse: Bad value for 'fd'
[  105.079618][ T6810] program syz.1.223 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  105.346615][ T6813] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.349141][ T6813] batadv0: mtu less than device minimum
[  105.351477][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.356010][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.360283][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.363961][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.367926][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.372122][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.376338][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.379873][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.384181][ T6813] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  105.394026][ T6813] batman_adv: batadv0: Removing interface: batadv_slave_0
[  105.503291][ T6813] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  105.516491][ T6813] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.521454][ T6813] batman_adv: batadv0: Interface deactivated: dummy0
[  105.523665][ T6813] batman_adv: batadv0: Removing interface: dummy0
[  105.606104][ T6015] usb usb38-port1: unable to enumerate USB device
[  106.285908][ T6821] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  106.296106][ T6821] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  106.299333][ T6821] overlayfs: failed to look up (tracing) for ino (-66)
[  106.306069][ T6807] netlink: 220 bytes leftover after parsing attributes in process `syz.2.224'.
[  106.310983][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.224'.
[  106.323331][ T6807] binder: BINDER_SET_CONTEXT_MGR already set
[  106.325982][ T6807] binder: 6806:6807 ioctl 4018620d 80001000 returned -16
[  107.284669][ T6827] capability: warning: `syz.2.229' uses 32-bit capabilities (legacy support in use)
[  107.470756][ T6834] Bluetooth: MGMT ver 1.23
[  107.622566][ T6837] netlink: 'syz.3.231': attribute type 3 has an invalid length.
[  110.970462][ T6876] netlink: 'syz.0.239': attribute type 1 has an invalid length.
[  112.366127][ T6892] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  112.407955][ T6892] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  112.411408][ T6892] overlayfs: failed to look up (tracing) for ino (-66)
[  112.456364][ T6893] x_tables: duplicate underflow at hook 1
[  112.461856][ T6893] hub 8-0:1.0: USB hub found
[  112.474956][ T6893] hub 8-0:1.0: 1 port detected
[  113.482385][ T6899] netlink: 4 bytes leftover after parsing attributes in process `syz.3.249'.
[  113.758847][ T6906] overlayfs: failed to resolve './file1/file0': -2
[  113.938047][   T71] kernel write not supported for file /admmidi2 (pid: 71 comm: kworker/0:2)
[  113.955850][ T6908] netlink: 153800 bytes leftover after parsing attributes in process `syz.3.252'.
[  113.967008][ T6908] af_packet: tpacket_rcv: packet too big, clamped from 16 to 4294967272. macoff=96
[  114.301828][ T6912] 9p: Bad value for 'rfdno'
[  114.307672][ T6912] net_ratelimit: 30 callbacks suppressed
[  114.307682][ T6912] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  114.318355][ T6912] overlayfs: upper fs does not support tmpfile.
[  115.369596][  T830] libceph: connect (1)[c::]:6789 error -101
[  115.659408][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  115.661433][ T6926] ceph: No mds server is up or the cluster is laggy
[  115.768248][ T6929] netlink: 'syz.3.256': attribute type 10 has an invalid length.
[  115.813777][ T6929] team0: Port device netdevsim0 added
[  115.818777][ T6935] fuse: Unknown parameter '0x0000000000000003'
[  115.936162][  T830] libceph: connect (1)[c::]:6789 error -101
[  115.938579][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  115.998396][ T6943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.260'.
[  116.271961][ T6929] netlink: 'syz.3.256': attribute type 10 has an invalid length.
[  116.438398][ T6929] team0: Port device netdevsim0 removed
[  116.448244][ T6929] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  116.542016][ T6956] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  116.595343][ T6956] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  116.599736][ T6956] overlayfs: failed to look up (tracing) for ino (-66)
[  117.873312][ T6973] fuse: Unknown parameter 'fd0x0000000000000003'
[  118.402970][ T6986] overlayfs: missing 'lowerdir'
[  119.283783][ T6996] fuse: Unknown parameter 'fd0x0000000000000003'
[  120.298671][ T7025] overlayfs: failed to resolve './file1/file0': -2
[  120.659533][ T7032] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  120.670261][ T7032] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  120.673652][ T7032] overlayfs: failed to look up (tracing) for ino (-66)
[  121.027216][ T7037] mmap: syz.1.286 (7037) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  121.276751][ T7039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.287'.
[  121.286830][ T7039] netlink: 'syz.3.287': attribute type 13 has an invalid length.
[  121.289479][ T7039] netlink: 'syz.3.287': attribute type 17 has an invalid length.
[  121.559621][ T7039] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  121.573147][ T7041] netlink: 'syz.3.287': attribute type 10 has an invalid length.
[  121.580580][ T7041] netlink: 40 bytes leftover after parsing attributes in process `syz.3.287'.
[  122.056225][ T6015] libceph: connect (1)[c::]:6789 error -101
[  122.058546][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  122.348044][ T7056] ceph: No mds server is up or the cluster is laggy
[  122.360452][  T830] libceph: connect (1)[c::]:6789 error -101
[  122.364088][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  123.498033][ T7082] ptrace attach of "/syz-executor exec"[5961] was attempted by "/syz-executor exec"[7082]
[  123.797824][ T7089] netlink: 16 bytes leftover after parsing attributes in process `syz.1.300'.
[  123.986376][ T7091] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  124.003777][ T7091] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  124.008634][ T7091] overlayfs: failed to look up (tracing) for ino (-66)
[  125.414051][ T7097] batman_adv: batadv0: Adding interface: dummy0
[  125.416812][ T7097] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  125.448645][ T7097] batman_adv: batadv0: Interface activated: dummy0
[  125.485337][ T7100] overlayfs: failed to resolve './file1/file0': -2
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x200000)
[  126.373071][ T7122] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  126.383585][ T7122] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  126.387801][ T7122] overlayfs: failed to look up (tracing) for ino (-66)
[  127.737560][ T1112] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  127.740037][ T1112] ata1: failed to read log page 10h (errno=-5)
[  127.742384][ T1112] ata1.00: NCQ disabled due to excessive errors
[  127.746306][ T1112] ata1.00: exception Emask 0x1 SAct 0x8080000 SErr 0x0 action 0x0
[  127.749290][ T1112] ata1.00: irq_stat 0x41000000
[  127.751327][ T1112] ata1.00: failed command: WRITE FPDMA QUEUED
[  127.754662][ T1112] ata1.00: cmd 61/18:98:4e:07:10/00:00:00:00:00/40 tag 19 ncq dma 12288 out
[  127.754662][ T1112]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  127.761166][ T1112] ata1.00: status: { DRDY }
[  127.762780][ T1112] ata1.00: error: { ABRT }
[  127.765068][ T1112] ata1.00: failed command: READ FPDMA QUEUED
[  127.767632][ T1112] ata1.00: cmd 60/00:d8:36:23:08/10:00:00:00:00/40 tag 27 ncq dma 2097152 in
[  127.767632][ T1112]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  127.773763][ T1112] ata1.00: status: { DRDY }
[  127.775625][ T1112] ata1.00: error: { ABRT }
[  127.779199][ T1112] ata1.00: configured for UDMA/100
[  127.781461][ T1112] sd 0:0:0:0: [sda] tag#27 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=2s
[  127.785846][ T1112] sd 0:0:0:0: [sda] tag#27 Sense Key : Aborted Command [current] 
[  127.788697][ T1112] sd 0:0:0:0: [sda] tag#27 Add. Sense: No additional sense information
[  127.791477][ T1112] sd 0:0:0:0: [sda] tag#27 CDB: Read(10) 28 00 00 08 23 36 00 10 00 00
[  127.794222][ T1112] blk_print_req_error: 66 callbacks suppressed
[  127.794233][ T1112] I/O error, dev sda, sector 533302 op 0x0:(READ) flags 0x80700 phys_seg 165 prio class 2
[  127.800790][ T1112] ata1: EH complete
[  127.875103][ T7127] Invalid logical block size (16128)
[  128.873944][ T7158] overlayfs: failed to clone lowerpath
[  129.525778][ T7094] syz.3.302 (7094) used greatest stack depth: 19816 bytes left
[  129.631830][ T7163] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  130.411161][ T7194] autofs4:pid:7194:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  130.584338][ T7196] netlink: 220 bytes leftover after parsing attributes in process `syz.0.335'.
[  130.587934][ T7196] netlink: 8 bytes leftover after parsing attributes in process `syz.0.335'.
[  130.593440][ T7196] binder: BINDER_SET_CONTEXT_MGR already set
[  130.596199][ T7196] binder: 7193:7196 ioctl 4018620d 80001000 returned -16
[  131.434142][    T9] libceph: connect (1)[c::]:6789 error -101
[  131.437399][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  131.457807][ T7202] ceph: No mds server is up or the cluster is laggy
[  131.837335][ T7215] overlayfs: failed to resolve './file1/file0': -2
[  132.667809][    T9] libceph: connect (1)[c::]:6789 error -101
[  132.670690][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  132.925016][    T9] libceph: connect (1)[c::]:6789 error -101
[  132.927467][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  133.012106][ T7221] ceph: No mds server is up or the cluster is laggy
[  133.292911][ T7239] netlink: 32 bytes leftover after parsing attributes in process `syz.2.347'.
[  133.662374][ T7235] ceph: No mds server is up or the cluster is laggy
[  133.667420][ T6015] libceph: connect (1)[c::]:6789 error -101
[  133.736820][ T7244] syzkaller0: entered promiscuous mode
[  133.738736][ T7244] syzkaller0: entered allmulticast mode
[  133.820983][ T7247] autofs4:pid:7247:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  133.871038][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  134.927074][ T7258] netlink: 220 bytes leftover after parsing attributes in process `syz.0.349'.
[  134.930423][ T7258] netlink: 8 bytes leftover after parsing attributes in process `syz.0.349'.
[  134.939487][ T7258] binder: BINDER_SET_CONTEXT_MGR already set
[  134.944092][ T7258] binder: 7246:7258 ioctl 4018620d 80001000 returned -16
[  134.948575][ T7267] netlink: 'syz.2.356': attribute type 2 has an invalid length.
[  134.951544][ T7267] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[  134.985341][ T7264] netlink: 8 bytes leftover after parsing attributes in process `syz.3.355'.
[  135.660571][ T7271] netlink: 4 bytes leftover after parsing attributes in process `syz.2.357'.
[  136.655425][ T7324] netlink: 24 bytes leftover after parsing attributes in process `syz.2.369'.
[  137.907661][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  137.909914][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  138.538150][ T7357] overlayfs: failed to resolve './file1/file0': -2
[  140.149305][ T7385] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  140.152155][ T7385] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  140.156409][ T7385] vhci_hcd vhci_hcd.0: Device attached
[  140.181307][ T7393] netlink: 605 bytes leftover after parsing attributes in process `syz.0.387'.
[  140.272420][ T7399] syzkaller0: entered promiscuous mode
[  140.281210][ T7399] syzkaller0: entered allmulticast mode
[  140.289546][ T7393] 0: reclassify loop, rule prio 0, protocol 800
[  140.440784][   T10] usb 40-1: SetAddress Request (2) to port 0
[  140.443670][   T10] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  140.468455][ T7389] vhci_hcd: connection closed
[  140.471855][ T1174] vhci_hcd vhci_hcd.1: stop threads
[  140.473221][ T7410] FAULT_INJECTION: forcing a failure.
[  140.473221][ T7410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.473421][ T1174] vhci_hcd vhci_hcd.1: release socket
[  140.481218][ T7410] CPU: 2 UID: 0 PID: 7410 Comm: syz.0.388 Not tainted syzkaller #0 PREEMPT(full) 
[  140.481234][ T7410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  140.481241][ T7410] Call Trace:
[  140.481246][ T7410]  <TASK>
[  140.481251][ T7410]  dump_stack_lvl+0x100/0x190
[  140.481277][ T7410]  should_fail_ex.cold+0x5/0xa
[  140.481297][ T7410]  _copy_from_user+0x2e/0xd0
[  140.481318][ T7410]  kstrtouint_from_user+0xd6/0x1d0
[  140.481337][ T7410]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  140.481355][ T7410]  ? __lock_acquire+0x4a5/0x2630
[  140.481374][ T7410]  ? lock_acquire+0x1cf/0x380
[  140.481391][ T7410]  proc_fail_nth_write+0x83/0x220
[  140.481409][ T7410]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  140.481427][ T7410]  vfs_write+0x2aa/0x1070
[  140.481440][ T7410]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  140.481456][ T7410]  ? __pfx_vfs_write+0x10/0x10
[  140.481465][ T7410]  ? find_held_lock+0x2b/0x80
[  140.481476][ T7410]  ? __fget_files+0x215/0x3d0
[  140.481491][ T7410]  ? __fget_files+0x21f/0x3d0
[  140.481506][ T7410]  ksys_write+0x12a/0x250
[  140.481517][ T7410]  ? __pfx_ksys_write+0x10/0x10
[  140.481531][ T7410]  do_int80_emulation+0x141/0x6b0
[  140.481549][ T7410]  asm_int80_emulation+0x1a/0x20
[  140.481562][ T7410] RIP: 0023:0xf7115cab
[  140.481572][ T7410] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  140.481582][ T7410] RSP: 002b:00000000f53cd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  140.481595][ T7410] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53cd5d0
[  140.481602][ T7410] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  140.481608][ T7410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.481615][ T7410] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  140.481621][ T7410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.481635][ T7410]  </TASK>
[  140.494912][ T1174] vhci_hcd vhci_hcd.1: disconnect device
[  140.636904][ T7417] x_tables: ip_tables: osf match: only valid for protocol 6
[  140.741310][ T7428] overlayfs: failed to resolve './file1/file0': -2
[  140.757685][ T7426] FAULT_INJECTION: forcing a failure.
[  140.757685][ T7426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.769192][   T39] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  140.791336][ T7426] CPU: 3 UID: 0 PID: 7426 Comm: syz.3.391 Not tainted syzkaller #0 PREEMPT(full) 
[  140.791360][ T7426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  140.791370][ T7426] Call Trace:
[  140.791377][ T7426]  <TASK>
[  140.791383][ T7426]  dump_stack_lvl+0x100/0x190
[  140.791416][ T7426]  should_fail_ex.cold+0x5/0xa
[  140.791437][ T7426]  _copy_from_user+0x2e/0xd0
[  140.791461][ T7426]  uhid_dev_create+0x140/0x530
[  140.791484][ T7426]  ? __pfx_uhid_dev_create+0x10/0x10
[  140.791524][ T7426]  ? uhid_char_write+0x8d2/0xfd0
[  140.791542][ T7426]  ? kfree+0x1f6/0x6b0
[  140.791568][ T7426]  uhid_char_write+0xdd4/0xfd0
[  140.791590][ T7426]  vfs_write+0x2aa/0x1070
[  140.791609][ T7426]  ? __pfx_uhid_char_write+0x10/0x10
[  140.791630][ T7426]  ? __pfx_vfs_write+0x10/0x10
[  140.791644][ T7426]  ? find_held_lock+0x2b/0x80
[  140.791660][ T7426]  ? __fget_files+0x215/0x3d0
[  140.791676][ T7426]  ? __fget_files+0x215/0x3d0
[  140.791696][ T7426]  ? __fget_files+0x21f/0x3d0
[  140.791718][ T7426]  ksys_write+0x1f8/0x250
[  140.791734][ T7426]  ? __pfx_ksys_write+0x10/0x10
[  140.791749][ T7426]  ? __pfx_ksys_write+0x10/0x10
[  140.791770][ T7426]  __do_fast_syscall_32+0xe3/0x8c0
[  140.791794][ T7426]  do_fast_syscall_32+0x32/0x70
[  140.791812][ T7426]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  140.791834][ T7426] RIP: 0023:0xf700ef6c
[  140.791849][ T7426] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  140.791863][ T7426] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004
[  140.791881][ T7426] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  140.791890][ T7426] RDX: 000000000000011c RSI: 0000000000000000 RDI: 0000000000000000
[  140.791900][ T7426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  140.791909][ T7426] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  140.791918][ T7426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  140.791940][ T7426]  </TASK>
[  140.817336][ T7431] netlink: 16 bytes leftover after parsing attributes in process `syz.2.394'.
[  140.832987][   T39] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  140.898597][ T7431] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  140.904110][ T7431] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  140.935659][ T7431] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.970334][ T7437] fido_id[7437]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  141.229701][ T7451] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'.
[  141.233631][ T7450] netlink: 12 bytes leftover after parsing attributes in process `syz.1.398'.
[  141.533570][ T7460] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  141.548958][ T7460] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  141.553189][ T7460] overlayfs: failed to look up (tracing) for ino (-66)
[  142.231567][ T7468] input: syz0 as /devices/virtual/input/input9
[  142.646667][ T7492] binder: 7485:7492 ioctl c0306201 80000640 returned -22
[  144.304721][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.634747][   T71] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  144.637453][   T71] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  145.504729][   T10] usb 40-1: device descriptor read/8, error -110
[  145.736161][ T7551] dvmrp0: entered allmulticast mode
[  145.905614][   T10] usb usb40-port1: attempt power cycle
[  146.864678][ T5950] Bluetooth: hci1: command 0x0c1a tx timeout
[  146.964315][   T71] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  146.967308][   T71] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  147.468230][   T10] usb usb40-port1: unable to enumerate USB device
[  147.814726][ T6037] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  147.964691][ T6037] usb 5-1: Using ep0 maxpacket: 8
[  147.968485][ T6037] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  147.971686][ T6037] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  147.974745][ T6037] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  147.978265][ T6037] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  147.982014][ T6037] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  147.985786][ T6037] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.993395][ T6037] hub 5-1:1.0: bad descriptor, ignoring hub
[  147.995499][ T6037] hub 5-1:1.0: probe with driver hub failed with error -5
[  147.998385][ T6037] cdc_wdm 5-1:1.0: skipping garbage
[  148.000284][ T6037] cdc_wdm 5-1:1.0: skipping garbage
[  148.006649][ T6037] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  148.008709][ T6037] cdc_wdm 5-1:1.0: Unknown control protocol
[  148.499863][ T7562] netlink: 4 bytes leftover after parsing attributes in process `syz.0.422'.
[  149.025031][   T71] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  149.025085][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.027926][   T71] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  150.597698][ T6015] usb 5-1: USB disconnect, device number 3
[  151.104721][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  151.104721][   T71] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  151.109154][   T71] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  151.390901][ T7568] overlayfs: failed to resolve './file1/file0': -2
[  151.743831][ T7587] overlayfs: failed to clone lowerpath
[  152.317479][ T7594] ceph: No mds server is up or the cluster is laggy
[  152.326485][ T5996] libceph: connect (1)[c::]:6789 error -101
[  152.331897][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  152.400205][ T7599] overlayfs: failed to resolve './file1/file0': -2
[  152.987940][ T7608] overlayfs: failed to clone upperpath
[  153.624905][ T6037] libceph: connect (1)[c::]:6789 error -101
[  153.626996][ T6037] libceph: mon0 (1)[c::]:6789 connect error
[  153.646689][ T7607] ceph: No mds server is up or the cluster is laggy
[  154.959710][ T7634] overlayfs: failed to resolve './file1/file0': -2
[  155.612102][ T7644] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  156.169004][ T7653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.447'.
[  156.219908][ T7653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.447'.
[  156.394090][ T7659] netlink: 12 bytes leftover after parsing attributes in process `syz.3.449'.
[  156.834936][   T41] audit: type=1326 audit(1775739480.002:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.846199][   T41] audit: type=1326 audit(1775739480.002:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.853437][   T41] audit: type=1326 audit(1775739480.012:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.866506][ T7675] netlink: 'syz.2.453': attribute type 2 has an invalid length.
[  156.868932][ T7675] netlink: 132 bytes leftover after parsing attributes in process `syz.2.453'.
[  156.903821][   T41] audit: type=1326 audit(1775739480.012:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.912949][   T41] audit: type=1326 audit(1775739480.012:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.921231][   T41] audit: type=1326 audit(1775739480.022:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.929954][   T41] audit: type=1326 audit(1775739480.022:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.964674][   T41] audit: type=1326 audit(1775739480.032:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.971576][   T41] audit: type=1326 audit(1775739480.032:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  156.979310][   T41] audit: type=1326 audit(1775739480.042:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7670 comm="syz.3.455" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf700ef6c code=0x7ffc0000
[  157.338387][ T7677] netlink: '': attribute type 1 has an invalid length.
[  157.668477][ T7684] [U] ^B
[  157.910591][ T7687] overlayfs: failed to clone upperpath
[  158.135902][   T34] libceph: connect (1)[c::]:6789 error -101
[  158.138761][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  158.395049][   T34] libceph: connect (1)[c::]:6789 error -101
[  158.397337][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  158.405041][ T7680] ceph: No mds server is up or the cluster is laggy
[  158.608175][ T7696] netlink: 'syz.1.461': attribute type 5 has an invalid length.
[  158.658733][ T7697] netlink: 'syz.1.461': attribute type 5 has an invalid length.
[  159.322511][ T7719] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'.
[  159.589000][  T830] libceph: connect (1)[c::]:6789 error -101
[  159.593692][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  159.633734][ T7723] ceph: No mds server is up or the cluster is laggy
[  160.088892][ T7728] autofs4:pid:7728:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  160.191189][ T7733] trusted_key: encrypted_key: insufficient parameters specified
[  160.437172][ T7737] overlayfs: failed to clone upperpath
[  160.628562][ T7731] netlink: 220 bytes leftover after parsing attributes in process `syz.3.470'.
[  160.632465][ T7731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'.
[  160.710619][ T7731] binder: BINDER_SET_CONTEXT_MGR already set
[  160.713370][ T7731] binder: 7727:7731 ioctl 4018620d 80001000 returned -16
[  161.372054][ T7751] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  161.377168][ T7751] block device autoloading is deprecated and will be removed.
[  161.534693][   T34] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  161.904651][   T34] usb 8-1: device descriptor read/64, error -71
[  162.144654][   T34] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  162.284725][   T34] usb 8-1: device descriptor read/64, error -71
[  162.404944][   T34] usb usb8-port1: attempt power cycle
[  162.744655][   T34] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  162.770384][   T34] usb 8-1: device descriptor read/8, error -71
[  163.004744][   T34] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  163.073116][ T7772] overlayfs: failed to clone upperpath
[  163.987609][   T34] usb 8-1: device descriptor read/8, error -71
[  164.105005][   T34] usb usb8-port1: unable to enumerate USB device
[  164.553288][ T7790] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.174070][ T7790] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.768624][ T7790] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.853691][ T7790] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.946759][ T1174] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.953884][ T7805] fuse: Unknown parameter 'rootm00000000000000040000'
[  165.961868][ T1174] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.968415][ T7794] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  165.974084][ T1174] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.991040][ T1174] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  166.204620][ T6037] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  166.334675][ T6037] usb 8-1: device descriptor read/64, error -71
[  166.574713][ T6037] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  166.714676][ T6037] usb 8-1: device descriptor read/64, error -71
[  166.834745][ T6037] usb usb8-port1: attempt power cycle
[  167.020339][ T5996] libceph: connect (1)[c::]:6789 error -101
[  167.023533][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  167.051801][ T7818] ceph: No mds server is up or the cluster is laggy
[  167.160769][ T7824] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  167.224663][ T6037] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  167.245070][ T6037] usb 8-1: device descriptor read/8, error -71
[  167.484642][ T6037] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  167.505483][ T6037] usb 8-1: device descriptor read/8, error -71
[  167.615128][ T6037] usb usb8-port1: unable to enumerate USB device
[  171.092374][ T7858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.703453][ T7872] ceph: No mds server is up or the cluster is laggy
[  171.710958][ T5996] libceph: connect (1)[c::]:6789 error -101
[  171.716409][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  171.898660][ T7878] fuse: Bad value for 'fd'
[  172.268558][ T7884] netlink: 12 bytes leftover after parsing attributes in process `syz.3.513'.
[  172.847248][ T7888] overlayfs: failed to resolve './file1/file0': -2
[  173.541646][ T7892] netlink: 20 bytes leftover after parsing attributes in process `syz.0.516'.
[  173.758144][ T7900] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  174.058113][ T7908] netlink: 12 bytes leftover after parsing attributes in process `syz.1.522'.
[  174.510769][ T7917] netlink: 36 bytes leftover after parsing attributes in process `syz.1.526'.
[  174.743572][ T7930] random: crng reseeded on system resumption
[  174.812200][ T7934] autofs4:pid:7934:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  175.068746][ T7941] netlink: 12 bytes leftover after parsing attributes in process `syz.3.531'.
[  175.174571][ T7934] netlink: 220 bytes leftover after parsing attributes in process `syz.1.530'.
[  175.177909][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.530'.
[  175.370183][ T5950] block nbd3: Receive control failed (result -107)
[  175.551399][ T7934] binder: BINDER_SET_CONTEXT_MGR already set
[  175.553680][ T7934] binder: 7933:7934 ioctl 4018620d 80001000 returned -16
[  175.555110][   T40] libceph: connect (1)[c::]:6789 error -101
[  175.558524][   T40] libceph: mon0 (1)[c::]:6789 connect error
[  175.825211][   T40] libceph: connect (1)[c::]:6789 error -101
[  175.827575][   T40] libceph: mon0 (1)[c::]:6789 connect error
[  175.840846][ T7944] ceph: No mds server is up or the cluster is laggy
[  176.002688][ T7946] block nbd3: shutting down sockets
[  176.324611][ T5996] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  176.474571][ T5996] usb 8-1: Using ep0 maxpacket: 8
[  176.477579][ T5996] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.480866][ T5996] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  176.483698][ T5996] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  176.488581][ T5996] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  176.493136][ T5996] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  176.496091][ T5996] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.510107][ T5996] hub 8-1:1.0: bad descriptor, ignoring hub
[  176.512215][ T5996] hub 8-1:1.0: probe with driver hub failed with error -5
[  176.518325][ T5996] cdc_wdm 8-1:1.0: skipping garbage
[  176.520103][ T5996] cdc_wdm 8-1:1.0: skipping garbage
[  176.527308][ T5996] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  176.529290][ T5996] cdc_wdm 8-1:1.0: Unknown control protocol
[  176.715522][ T7992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.550'.
[  176.756770][ T7995] autofs4:pid:7995:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  176.766655][ T7995] netlink: 220 bytes leftover after parsing attributes in process `syz.1.552'.
[  176.769720][ T7995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.552'.
[  176.776635][ T7995] binder: BINDER_SET_CONTEXT_MGR already set
[  176.778736][ T7995] binder: 7994:7995 ioctl 4018620d 80001000 returned -16
[  176.813241][ T8002] netlink: 'syz.0.556': attribute type 30 has an invalid length.
[  177.154551][   T39] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  177.306549][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.311229][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.315541][   T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  177.321388][   T39] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  177.326192][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.332957][   T39] usb 5-1: config 0 descriptor??
[  177.699660][ T7967] usb 8-1: reset high-speed USB device number 10 using dummy_hcd
[  177.797122][   T39] usbhid 5-1:0.0: can't add hid device: -71
[  177.801100][   T39] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  177.806830][   T39] usb 5-1: USB disconnect, device number 4
[  178.108925][ T8023] netlink: 12 bytes leftover after parsing attributes in process `syz.0.562'.
[  179.105971][   T71] usb 8-1: USB disconnect, device number 10
[  179.296140][ T8033] autofs4:pid:8033:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  179.485044][ T8033] netlink: 220 bytes leftover after parsing attributes in process `syz.1.564'.
[  179.488001][ T8033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.564'.
[  179.493072][ T8033] binder: BINDER_SET_CONTEXT_MGR already set
[  179.495150][ T8033] binder: 8030:8033 ioctl 4018620d 80001000 returned -16
[  179.795314][ T8039] ceph: No mds server is up or the cluster is laggy
[  179.803636][ T6015] libceph: connect (1)[c::]:6789 error -101
[  179.815337][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  179.913482][   T41] kauditd_printk_skb: 36 callbacks suppressed
[  179.913497][   T41] audit: type=1800 audit(1775739503.072:1073): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.568" name="bus" dev="overlay" ino=761 res=0 errno=0
[  180.744747][ T8061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.570'.
[  180.930603][ T8067] autofs4:pid:8067:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  181.065989][ T8067] netlink: 220 bytes leftover after parsing attributes in process `syz.0.575'.
[  181.068945][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.575'.
[  181.075100][ T8067] binder: BINDER_SET_CONTEXT_MGR already set
[  181.077126][ T8067] binder: 8066:8067 ioctl 4018620d 80001000 returned -16
[  181.478977][ T8087] overlayfs: failed to resolve './file1/file0': -2
[  181.832414][ T8105] overlayfs: failed to resolve './file1/file0': -2
[  183.043056][ T8112] netlink: 36 bytes leftover after parsing attributes in process `syz.2.589'.
[  183.050293][ T8112] netlink: 24 bytes leftover after parsing attributes in process `syz.2.589'.
[  183.764648][ T5953] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  183.772276][ T8136] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (eth1-tx-0)
[  183.924614][ T5953] usb 6-1: Using ep0 maxpacket: 32
[  183.930647][ T5953] usb 6-1: config 1 interface 0 altsetting 174 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  183.935041][ T5953] usb 6-1: config 1 interface 0 has no altsetting 0
[  183.939116][ T5953] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.40
[  183.943596][ T5953] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.949885][ T5953] usb 6-1: Product: syz
[  183.951709][ T5953] usb 6-1: Manufacturer: syz
[  183.954036][ T5953] usb 6-1: SerialNumber: syz
[  184.099938][ T8139] 9p: Bad value for 'rfdno'
[  184.497988][ T8145] overlayfs: failed to resolve './file1': -2
[  184.581646][ T5953] usbhid 6-1:1.0: can't add hid device: -71
[  184.584858][ T5953] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  184.591959][ T5953] usb 6-1: USB disconnect, device number 2
[  186.600573][ T8168] wg2 speed is unknown, defaulting to 1000
[  186.656238][ T8168] wg2 speed is unknown, defaulting to 1000
[  186.686310][ T8168] wg2 speed is unknown, defaulting to 1000
[  187.142743][ T5996] libceph: connect (1)[c::]:6789 error -101
[  187.145132][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  187.409676][ T5996] libceph: connect (1)[c::]:6789 error -101
[  187.412387][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  187.741118][ T8183] ceph: No mds server is up or the cluster is laggy
[  187.925094][ T5996] libceph: connect (1)[c::]:6789 error -101
[  187.927337][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  189.206713][ T6015] wg2 speed is unknown, defaulting to 1000
[  189.227314][ T8168] infiniband syz2: set active
[  189.230991][ T8168] infiniband syz2: added wg2
[  189.305109][ T8168] RDS/IB: syz2: added
[  189.309480][ T8168] smc: adding ib device syz2 with port count 1
[  189.315416][ T8168] smc:    ib device syz2 port 1 has no pnetid
[  189.321572][ T6015] wg2 speed is unknown, defaulting to 1000
[  189.329433][ T8168] wg2 speed is unknown, defaulting to 1000
[  189.586982][ T8168] wg2 speed is unknown, defaulting to 1000
[  189.778940][ T8199] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[  189.873260][ T8168] wg2 speed is unknown, defaulting to 1000
[  189.944711][ T6037] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  189.978647][ T8168] wg2 speed is unknown, defaulting to 1000
[  190.024630][ T6071] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  190.096306][ T6037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.100303][ T6037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.103744][ T6037] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  190.109110][ T6037] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  190.112653][ T6037] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.118702][ T6037] usb 6-1: config 0 descriptor??
[  190.196252][ T6071] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.200185][ T6071] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.203388][ T6071] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  190.208560][ T6071] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  190.211625][ T6071] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.215690][ T6071] usb 8-1: config 0 descriptor??
[  190.550312][ T6037] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  190.633950][ T6071] plantronics 0003:047F:FFFF.0004: hiddev1,hidraw2: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  190.653512][ T8211] autofs4:pid:8211:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  190.865937][ T8213] netlink: 220 bytes leftover after parsing attributes in process `syz.0.621'.
[  190.870619][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.621'.
[  190.880070][ T8213] binder: BINDER_SET_CONTEXT_MGR already set
[  190.882992][ T8213] binder: 8209:8213 ioctl 4018620d 80001000 returned -16
[  190.926206][ T8214] FAULT_INJECTION: forcing a failure.
[  190.926206][ T8214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.932983][ T8214] CPU: 0 UID: 0 PID: 8214 Comm: syz.3.618 Not tainted syzkaller #0 PREEMPT(full) 
[  190.933009][ T8214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  190.933018][ T8214] Call Trace:
[  190.933026][ T8214]  <TASK>
[  190.933034][ T8214]  dump_stack_lvl+0x100/0x190
[  190.933082][ T8214]  should_fail_ex.cold+0x5/0xa
[  190.933112][ T8214]  _copy_to_user+0x32/0xd0
[  190.933144][ T8214]  simple_read_from_buffer+0xcb/0x170
[  190.933177][ T8214]  proc_fail_nth_read+0x1af/0x230
[  190.933203][ T8214]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.933226][ T8214]  ? rw_verify_area+0xce/0x6d0
[  190.933251][ T8214]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.933271][ T8214]  vfs_read+0x1e4/0xb30
[  190.933290][ T8214]  ? __pfx_vfs_read+0x10/0x10
[  190.933304][ T8214]  ? find_held_lock+0x2b/0x80
[  190.933323][ T8214]  ? __fget_files+0x215/0x3d0
[  190.933342][ T8214]  ? __fget_files+0x21f/0x3d0
[  190.933364][ T8214]  ksys_read+0x12a/0x250
[  190.933379][ T8214]  ? __pfx_ksys_read+0x10/0x10
[  190.933400][ T8214]  do_int80_emulation+0x141/0x6b0
[  190.933425][ T8214]  asm_int80_emulation+0x1a/0x20
[  190.933442][ T8214] RIP: 0023:0xf7145cab
[  190.933455][ T8214] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  190.933470][ T8214] RSP: 002b:00000000f53dc4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  190.933488][ T8214] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f53dc5d0
[  190.933498][ T8214] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  190.933507][ T8214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.933516][ T8214] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  190.933525][ T8214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.933546][ T8214]  </TASK>
[  191.603315][ T5996] libceph: connect (1)[c::]:6789 error -101
[  191.605675][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  191.654373][ T8218] ceph: No mds server is up or the cluster is laggy
[  191.747483][    C2] plantronics 0003:047F:FFFF.0003: usb_submit_urb(ctrl) failed: -1
[  191.762174][   T40] usb 8-1: USB disconnect, device number 11
[  191.849157][ T8225] can0: slcan on ptm0.
[  191.859964][ T8225] netlink: 72 bytes leftover after parsing attributes in process `syz.3.624'.
[  192.335285][ T8228] can0 (unregistered): slcan off ptm0.
[  192.590999][   T71] usb 6-1: USB disconnect, device number 3
[  192.654204][ T8256] input: syz1 as /devices/virtual/input/input10
[  192.684710][ T8257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.631'.
[  192.691435][ T8256] netlink: 28 bytes leftover after parsing attributes in process `syz.0.631'.
[  193.417229][ T8273] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  193.568423][ T8273] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  193.571628][ T8273] overlayfs: failed to look up (tracing) for ino (-66)
[  193.690275][ T8289] autofs4:pid:8289:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  193.893251][ T8291] netlink: 220 bytes leftover after parsing attributes in process `syz.1.637'.
[  193.904572][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.637'.
[  193.917834][ T8291] binder: BINDER_SET_CONTEXT_MGR already set
[  193.919768][ T8291] binder: 8288:8291 ioctl 4018620d 80001000 returned -16
[  194.930831][ T8313] wg2 speed is unknown, defaulting to 1000
[  194.948729][ T8323] netlink: 12 bytes leftover after parsing attributes in process `syz.3.647'.
[  195.191221][ T8333] fuse: Bad value for 'fd'
[  195.285691][ T5996] libceph: connect (1)[c::]:6789 error -101
[  195.288122][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  195.317838][ T8335] ceph: No mds server is up or the cluster is laggy
[  195.817275][ T8347] input: syz0 as /devices/virtual/input/input11
[  195.828965][ T8347] Device name cannot be null; rc = [-22]
[  195.946679][ T8351] overlayfs: failed to clone lowerpath
[  196.208494][ T8353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.656'.
[  197.305191][ T6071] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  197.448155][   T41] audit: type=1326 audit(1775739520.612:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8372 comm="syz.3.662" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700ef6c code=0x0
[  197.465667][ T6071] usb 6-1: Using ep0 maxpacket: 16
[  197.470865][ T6071] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  197.476865][ T6071] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  197.480544][ T6071] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.483858][ T6071] usb 6-1: Product: syz
[  197.486099][ T6071] usb 6-1: Manufacturer: syz
[  197.488198][ T6071] usb 6-1: SerialNumber: syz
[  197.500649][ T6071] usb 6-1: config 0 descriptor??
[  197.508143][ T6071] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  197.511994][ T6071] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  197.879288][ T8380] xt_policy: neither incoming nor outgoing policy selected
[  198.114182][ T6071] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  198.235237][ T8375] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.239002][ T8375] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.283027][ T8375] batman_adv: batadv0: Interface deactivated: dummy0
[  198.511718][ T8375] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.527387][ T8375] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.643813][   T73] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.647292][   T73] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.650218][   T73] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.653051][   T73] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.936032][ T8367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.940751][ T8367] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.951688][ T6071] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  198.954808][ T6071] em28xx 6-1:0.0: board has no eeprom
[  199.014562][ T6071] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  199.024519][ T6071] em28xx 6-1:0.0: dvb set to bulk mode.
[  199.035118][ T6071] usb 6-1: USB disconnect, device number 4
[  199.038070][ T6071] em28xx 6-1:0.0: Disconnecting em28xx
[  199.045019][   T34] em28xx 6-1:0.0: Binding DVB extension
[  199.090474][   T34] em28xx 6-1:0.0: Registering input extension
[  199.104216][ T6071] em28xx 6-1:0.0: Closing input extension
[  199.133739][ T6071] em28xx 6-1:0.0: Freeing device
[  199.208319][ T8389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.665'.
[  199.357862][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  199.364577][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  199.552213][ T8401] tun0: tun_chr_ioctl cmd 1074025676
[  199.554038][ T8401] tun0: owner set to 0
[  199.584730][ T8401] input: syz0 as /devices/virtual/input/input13
[  199.727542][ T8406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.669'.
[  199.780302][ T8405] 9pnet_virtio: no channels available for device syz
[  199.833173][ T8405] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  199.860126][ T8405] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  199.864601][ T8405] overlayfs: failed to look up (tracing) for ino (-66)
[  201.357160][ T8412] netlink: 12 bytes leftover after parsing attributes in process `syz.1.674'.
[  201.433847][ T8418] autofs4:pid:8418:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  201.459432][ T8417] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  201.746028][ T8427] netlink: 12 bytes leftover after parsing attributes in process `syz.3.679'.
[  201.766400][ T8428] netlink: 220 bytes leftover after parsing attributes in process `syz.1.677'.
[  201.770700][ T8428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.677'.
[  201.779447][ T8428] binder: BINDER_SET_CONTEXT_MGR already set
[  201.782199][ T8428] binder: 8415:8428 ioctl 4018620d 80001000 returned -16
[  201.896551][ T8430] netlink: 36 bytes leftover after parsing attributes in process `syz.0.672'.
[  201.970537][ T8430] netlink: 24 bytes leftover after parsing attributes in process `syz.0.672'.
[  202.465358][ T8427] 9p: Bad value for 'rfdno'
[  202.518035][ T8437] netlink: 28 bytes leftover after parsing attributes in process `syz.0.680'.
[  202.520904][ T8437] netlink: 28 bytes leftover after parsing attributes in process `syz.0.680'.
[  202.554184][ T8439] FAULT_INJECTION: forcing a failure.
[  202.554184][ T8439] name failslab, interval 1, probability 0, space 0, times 0
[  202.558787][ T8439] CPU: 2 UID: 0 PID: 8439 Comm: syz.3.681 Not tainted syzkaller #0 PREEMPT(full) 
[  202.558803][ T8439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  202.558809][ T8439] Call Trace:
[  202.558813][ T8439]  <TASK>
[  202.558818][ T8439]  dump_stack_lvl+0x100/0x190
[  202.558843][ T8439]  should_fail_ex.cold+0x5/0xa
[  202.558858][ T8439]  should_failslab+0xc2/0x120
[  202.558872][ T8439]  __kvmalloc_node_noprof+0xfa/0xa00
[  202.558884][ T8439]  ? xt_alloc_table_info+0x44/0xa0
[  202.558911][ T8439]  xt_alloc_table_info+0x44/0xa0
[  202.558925][ T8439]  compat_do_replace+0x19b/0x500
[  202.558942][ T8439]  ? register_lock_class+0x40/0x560
[  202.558959][ T8439]  ? __pfx_compat_do_replace+0x10/0x10
[  202.558977][ T8439]  ? lock_acquire+0x1cf/0x380
[  202.558996][ T8439]  ? bpf_lsm_capable+0x9/0x10
[  202.559009][ T8439]  ? security_capable+0x80/0x260
[  202.559024][ T8439]  do_ipt_set_ctl+0x562/0xaf0
[  202.559037][ T8439]  ? nf_sockopt_find.isra.0+0x222/0x290
[  202.559056][ T8439]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  202.559070][ T8439]  ? sockopt_release_sock+0x57/0x70
[  202.559082][ T8439]  ? __local_bh_enable_ip+0x9e/0x120
[  202.559095][ T8439]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  202.559117][ T8439]  ? nf_sockopt_find.isra.0+0x222/0x290
[  202.559132][ T8439]  nf_setsockopt+0x8d/0xf0
[  202.559148][ T8439]  ip_setsockopt+0xcb/0xf0
[  202.559165][ T8439]  raw_setsockopt+0x60/0x1b0
[  202.559180][ T8439]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  202.559197][ T8439]  do_sock_setsockopt+0xf3/0x1d0
[  202.559212][ T8439]  __sys_setsockopt+0x119/0x190
[  202.559232][ T8439]  __ia32_sys_setsockopt+0xbc/0x160
[  202.559250][ T8439]  ? __do_fast_syscall_32+0x94/0x8c0
[  202.559263][ T8439]  ? lockdep_hardirqs_on+0x78/0x100
[  202.559276][ T8439]  __do_fast_syscall_32+0xe3/0x8c0
[  202.559290][ T8439]  do_fast_syscall_32+0x32/0x70
[  202.559303][ T8439]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  202.559319][ T8439] RIP: 0023:0xf700ef6c
[  202.559329][ T8439] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  202.559342][ T8439] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  202.559353][ T8439] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  202.559360][ T8439] RDX: 0000000000000040 RSI: 0000000080000580 RDI: 00000000000002b0
[  202.559366][ T8439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  202.559373][ T8439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.559379][ T8439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  202.559392][ T8439]  </TASK>
[  203.057703][ T8457] FAULT_INJECTION: forcing a failure.
[  203.057703][ T8457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.062175][ T8457] CPU: 1 UID: 0 PID: 8457 Comm: syz.3.684 Not tainted syzkaller #0 PREEMPT(full) 
[  203.062204][ T8457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  203.062213][ T8457] Call Trace:
[  203.062218][ T8457]  <TASK>
[  203.062223][ T8457]  dump_stack_lvl+0x100/0x190
[  203.062248][ T8457]  should_fail_ex.cold+0x5/0xa
[  203.062263][ T8457]  _copy_to_iter+0x5a4/0x1720
[  203.062283][ T8457]  ? __pfx__copy_to_iter+0x10/0x10
[  203.062297][ T8457]  ? seq_putc+0xba/0xf0
[  203.062313][ T8457]  ? slab_show+0xcc/0x150
[  203.062333][ T8457]  seq_read_iter+0xdab/0x1270
[  203.062350][ T8457]  seq_read+0x33b/0x4c0
[  203.062360][ T8457]  ? __pfx_seq_read+0x10/0x10
[  203.062379][ T8457]  ? __pfx_seq_read+0x10/0x10
[  203.062389][ T8457]  proc_reg_read+0x120/0x330
[  203.062408][ T8457]  ? __pfx_proc_reg_read+0x10/0x10
[  203.062426][ T8457]  vfs_read+0x1e4/0xb30
[  203.062440][ T8457]  ? __pfx_vfs_read+0x10/0x10
[  203.062450][ T8457]  ? __fget_files+0x215/0x3d0
[  203.062464][ T8457]  ? __fget_files+0x21f/0x3d0
[  203.062479][ T8457]  ksys_read+0x12a/0x250
[  203.062490][ T8457]  ? __pfx_ksys_read+0x10/0x10
[  203.062500][ T8457]  ? exit_to_user_mode_loop+0xdd/0x4a0
[  203.062520][ T8457]  __do_fast_syscall_32+0xe3/0x8c0
[  203.062537][ T8457]  do_fast_syscall_32+0x32/0x70
[  203.062550][ T8457]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  203.062566][ T8457] RIP: 0023:0xf700ef6c
[  203.062575][ T8457] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  203.062587][ T8457] RSP: 002b:00000000f53bb50c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  203.062598][ T8457] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080001540
[  203.062605][ T8457] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  203.062611][ T8457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  203.062617][ T8457] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  203.062624][ T8457] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  203.062638][ T8457]  </TASK>
[  203.415901][ T8461] netlink: 36 bytes leftover after parsing attributes in process `syz.0.688'.
[  203.568047][ T8460] netlink: 24 bytes leftover after parsing attributes in process `syz.0.688'.
[  203.879003][ T8469] nvme_fabrics: missing parameter 'transport=%s'
[  203.881390][ T8469] nvme_fabrics: missing parameter 'nqn=%s'
[  203.892166][ T8469] syzkaller0: entered promiscuous mode
[  203.897599][ T8469] syzkaller0: entered allmulticast mode
[  203.985633][ T8473] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  204.089149][ T8473] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  205.538568][ T8508] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  205.659468][ T8508] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  205.662969][ T8508] overlayfs: failed to look up (tracing) for ino (-66)
[  206.564846][ T5996] libceph: connect (1)[c::]:6789 error -101
[  206.567150][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  206.571182][ T5996] libceph: connect (1)[c::]:6789 error -101
[  206.573535][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  206.588049][ T8496] ceph: No mds server is up or the cluster is laggy
[  206.835809][ T5996] libceph: connect (1)[c::]:6789 error -101
[  206.838215][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  208.039797][ T8544] overlayfs: failed to resolve './file1/file0': -2
[  208.244949][ T8558] netlink: 'syz.1.711': attribute type 11 has an invalid length.
[  208.248211][ T8558] __nla_validate_parse: 2 callbacks suppressed
[  208.248226][ T8558] netlink: 199828 bytes leftover after parsing attributes in process `syz.1.711'.
[  208.904607][   T34] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  209.066137][   T34] usb 5-1: Using ep0 maxpacket: 32
[  209.069860][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.073519][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.078027][   T34] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  209.081020][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.088376][   T34] usb 5-1: config 0 descriptor??
[  209.503668][   T34] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  209.719844][   T12] Bluetooth: hci4: Frame reassembly failed (-84)
[  209.725180][   T13] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[  209.729302][ T5996] usb 5-1: USB disconnect, device number 5
[  210.062764][ T8579] netlink: 28 bytes leftover after parsing attributes in process `syz.3.721'.
[  210.068765][ T8579] netlink: 'syz.3.721': attribute type 7 has an invalid length.
[  210.071237][ T8579] netlink: 'syz.3.721': attribute type 8 has an invalid length.
[  210.073825][ T8579] netlink: 4 bytes leftover after parsing attributes in process `syz.3.721'.
[  210.080626][ T8579] ip6gretap0: entered promiscuous mode
[  210.083345][ T8579] syz_tun: entered promiscuous mode
[  210.093744][ T8579] ip6gretap0: left promiscuous mode
[  210.097490][ T8579] syz_tun: left promiscuous mode
[  210.279353][ T8589] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  210.402647][ T8589] wg2 speed is unknown, defaulting to 1000
[  210.447443][ T8593] netlink: 24 bytes leftover after parsing attributes in process `syz.1.725'.
[  210.647398][ T8602] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  210.796406][ T8600] could not allocate digest TFM handle sha224-generic
[  211.744672][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  211.744685][ T5957] Bluetooth: hci4: command 0x1003 tx timeout
[  212.514099][ T8625] netlink: 'syz.1.735': attribute type 3 has an invalid length.
[  212.596841][ T5996] libceph: connect (1)[c::]:6789 error -101
[  212.599825][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  212.608571][ T5996] libceph: connect (1)[c::]:6789 error -101
[  212.611412][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  212.723308][ T8622] netlink: 36 bytes leftover after parsing attributes in process `syz.3.734'.
[  212.790456][ T8632] netlink: 24 bytes leftover after parsing attributes in process `syz.3.734'.
[  212.824891][ T8627] ceph: No mds server is up or the cluster is laggy
[  213.049796][ T8642] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  213.484863][ T8649] overlayfs: failed to clone lowerpath
[  213.537869][ T8651] 
: renamed from bond_slave_0
[  213.567773][ T8652] random: crng reseeded on system resumption
[  213.585762][ T8652] tipc: Invalid UDP bearer configuration
[  213.585870][ T8652] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  214.949312][   T29] libceph: connect (1)[c::]:6789 error -101
[  214.951321][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  215.030303][ T8667] netlink: 36 bytes leftover after parsing attributes in process `syz.1.746'.
[  215.054438][ T8667] netlink: 24 bytes leftover after parsing attributes in process `syz.1.746'.
[  215.235383][   T29] libceph: connect (1)[c::]:6789 error -101
[  215.237554][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  215.326038][ T8688] FAULT_INJECTION: forcing a failure.
[  215.326038][ T8688] name failslab, interval 1, probability 0, space 0, times 0
[  215.330261][ T8688] CPU: 0 UID: 0 PID: 8688 Comm: syz.3.750 Not tainted syzkaller #0 PREEMPT(full) 
[  215.330277][ T8688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  215.330285][ T8688] Call Trace:
[  215.330289][ T8688]  <TASK>
[  215.330295][ T8688]  dump_stack_lvl+0x100/0x190
[  215.330320][ T8688]  should_fail_ex.cold+0x5/0xa
[  215.330335][ T8688]  should_failslab+0xc2/0x120
[  215.330349][ T8688]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  215.330369][ T8688]  ? __alloc_skb+0x140/0x710
[  215.330391][ T8688]  __alloc_skb+0x140/0x710
[  215.330408][ T8688]  ? __alloc_skb+0x5b7/0x710
[  215.330424][ T8688]  ? __pfx___alloc_skb+0x10/0x10
[  215.330446][ T8688]  netlink_alloc_large_skb+0x69/0x150
[  215.330460][ T8688]  netlink_sendmsg+0x680/0xda0
[  215.330475][ T8688]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.330489][ T8688]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  215.330506][ T8688]  ____sys_sendmsg+0x9e1/0xb70
[  215.330519][ T8688]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.330533][ T8688]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.330553][ T8688]  ___sys_sendmsg+0x190/0x1e0
[  215.330568][ T8688]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.330599][ T8688]  __sys_sendmsg+0x170/0x220
[  215.330610][ T8688]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.330625][ T8688]  ? __pfx_ksys_write+0x10/0x10
[  215.330640][ T8688]  __do_fast_syscall_32+0xe3/0x8c0
[  215.330655][ T8688]  do_fast_syscall_32+0x32/0x70
[  215.330668][ T8688]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  215.330682][ T8688] RIP: 0023:0xf700ef6c
[  215.330692][ T8688] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  215.330702][ T8688] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  215.330713][ T8688] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800007c0
[  215.330720][ T8688] RDX: 0000000000008880 RSI: 0000000000000000 RDI: 0000000000000000
[  215.330726][ T8688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  215.330732][ T8688] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  215.330738][ T8688] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  215.330751][ T8688]  </TASK>
[  215.414569][ T8661] ceph: No mds server is up or the cluster is laggy
[  216.104638][   T34] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  216.255983][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 4
[  216.259555][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 13368, setting to 1023
[  216.265248][   T34] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  216.268432][   T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.271308][   T34] usb 5-1: Product: syz
[  216.272781][   T34] usb 5-1: Manufacturer: syz
[  216.275418][   T34] usb 5-1: SerialNumber: syz
[  216.278251][   T34] usb 5-1: config 0 descriptor??
[  216.285008][   T34] hub 5-1:0.0: bad descriptor, ignoring hub
[  216.287159][   T34] hub 5-1:0.0: probe with driver hub failed with error -5
[  216.293316][   T34] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input15
[  216.366671][ T8711] netlink: 36 bytes leftover after parsing attributes in process `syz.1.757'.
[  216.424149][ T8713] netlink: 24 bytes leftover after parsing attributes in process `syz.1.757'.
[  216.575224][ T8721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.755'.
[  216.578726][ T8721] openvswitch: netlink: Flow actions attr not present in new flow.
[  216.800982][ T6037] usb 5-1: USB disconnect, device number 6
[  216.850865][ T8725] siw: device registration error -23
[  217.176749][ T8735] netlink: 48 bytes leftover after parsing attributes in process `syz.1.763'.
[  217.181928][ T8733] overlayfs: failed to resolve './file1/file0': -2
[  217.241380][ T8738] tmpfs: Group quota block hardlimit too large.
[  217.249492][ T8738] bridge_slave_0: left allmulticast mode
[  217.251931][ T8738] bridge_slave_0: left promiscuous mode
[  217.254342][ T8738] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.265873][ T8738] bridge_slave_1: left allmulticast mode
[  217.268373][ T8738] bridge_slave_1: left promiscuous mode
[  217.271746][ T8738] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.281011][ T8738] bond0: (slave bond_slave_0): Releasing backup interface
[  217.286688][ T8738] bond0: (slave bond_slave_1): Releasing backup interface
[  217.293219][ T8738] team0: Port device team_slave_0 removed
[  217.314348][ T8739] netlink: 'syz.1.765': attribute type 10 has an invalid length.
[  217.319087][ T8738] team0: Port device team_slave_1 removed
[  217.343089][ T8738] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  217.368859][ T8739] bond0: (slave wlan1): Opening slave failed
[  217.479592][ T8742] netlink: 36 bytes leftover after parsing attributes in process `syz.0.766'.
[  218.059580][ T8771] netlink: 48 bytes leftover after parsing attributes in process `syz.3.773'.
[  218.184419][ T8774] Cannot find add_set index 0 as target
[  218.241412][ T8777] overlayfs: failed to resolve './file1/file0': -2
[  218.424416][ T6242] libceph: connect (1)[c::]:6789 error -101
[  218.426803][ T6242] libceph: mon0 (1)[c::]:6789 connect error
[  218.477010][   T34] libceph: connect (1)[c::]:6789 error -101
[  218.479907][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  218.694936][ T6242] libceph: connect (1)[c::]:6789 error -101
[  218.698534][ T6242] libceph: mon0 (1)[c::]:6789 connect error
[  218.735163][   T34] libceph: connect (1)[c::]:6789 error -101
[  218.738127][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  219.205381][ T6242] libceph: connect (1)[c::]:6789 error -101
[  219.207541][ T6242] libceph: mon0 (1)[c::]:6789 connect error
[  219.251122][ T8785] ceph: No mds server is up or the cluster is laggy
[  219.251122][ T8782] ceph: No mds server is up or the cluster is laggy
[  219.341975][ T8818] autofs4:pid:8818:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  219.628268][ T8827] netlink: 220 bytes leftover after parsing attributes in process `syz.1.789'.
[  219.631811][ T8827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.789'.
[  219.646837][ T8827] binder: BINDER_SET_CONTEXT_MGR already set
[  219.649075][ T8827] binder: 8817:8827 ioctl 4018620d 80001000 returned -16
[  219.659552][   T41] audit: type=1326 audit(1775739542.822:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.2.792" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f66f6c code=0x0
[  219.752289][ T8830] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.755154][ T8830] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.831796][ T8830] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.927255][   T39] wg2 speed is unknown, defaulting to 1000
[  219.929706][   T39] syz2: Port: 1 Link DOWN
[  219.932720][   T39] wg2 speed is unknown, defaulting to 1000
[  219.938119][ T5953] syz0: Port: 1 Link DOWN
[  219.938128][   T13] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.946259][   T13] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.952085][   T13] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.955867][   T13] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.109315][   T41] audit: type=1326 audit(1775739543.272:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8831 comm="syz.0.793" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6fdef6c code=0x0
[  220.324545][ T8834] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.328491][ T8834] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.506734][ T8834] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.516676][ T8834] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.705432][   T13] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.710621][   T13] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.715280][   T13] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.719261][   T13] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.385139][   T39] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  221.420421][ T8846] netlink: 36 bytes leftover after parsing attributes in process `syz.2.798'.
[  221.517899][ T8852] netlink: 4 bytes leftover after parsing attributes in process `syz.2.800'.
[  221.537854][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.542472][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.554562][   T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  221.559486][   T39] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  221.563497][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.580716][   T39] usb 5-1: config 0 descriptor??
[  222.001348][   T39] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  222.464503][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  222.559223][   T41] audit: type=1326 audit(1775739545.722:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8861 comm="syz.2.804" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f66f6c code=0x0
[  222.806373][ T8868] sg_write: data in/out 220/10 bytes for SCSI command 0xf2-- guessing data in;
[  222.806373][ T8868]    program syz.3.805 not setting count and/or reply_len properly
[  222.904506][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  223.262405][ T8874] autofs4:pid:8874:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  223.751910][ T8878] netlink: 220 bytes leftover after parsing attributes in process `syz.1.807'.
[  223.756377][ T8878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.807'.
[  223.772904][ T8878] binder: BINDER_SET_CONTEXT_MGR already set
[  223.776749][ T8878] binder: 8873:8878 ioctl 4018620d 80001000 returned -16
[  223.872151][ T8877] netlink: 36 bytes leftover after parsing attributes in process `syz.2.808'.
[  223.877909][ T8877] netlink: 24 bytes leftover after parsing attributes in process `syz.2.808'.
[  224.031353][ T8883] openvswitch: netlink: IP tunnel dst address not specified
[  224.400307][   T71] usb 5-1: USB disconnect, device number 7
[  224.922060][ T8894] fuse: Bad value for 'fd'
[  224.941390][ T8894] wg2 speed is unknown, defaulting to 1000
[  225.389861][ T8912] netlink: 20 bytes leftover after parsing attributes in process `syz.3.818'.
[  225.718797][ T8920] FAULT_INJECTION: forcing a failure.
[  225.718797][ T8920] name failslab, interval 1, probability 0, space 0, times 0
[  225.724102][ T8920] CPU: 1 UID: 0 PID: 8920 Comm: syz.3.821 Not tainted syzkaller #0 PREEMPT(full) 
[  225.724127][ T8920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  225.724138][ T8920] Call Trace:
[  225.724146][ T8920]  <TASK>
[  225.724155][ T8920]  dump_stack_lvl+0x100/0x190
[  225.724189][ T8920]  should_fail_ex.cold+0x5/0xa
[  225.724215][ T8920]  should_failslab+0xc2/0x120
[  225.724259][ T8920]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  225.724289][ T8920]  ? __alloc_skb+0x140/0x710
[  225.724321][ T8920]  __alloc_skb+0x140/0x710
[  225.724345][ T8920]  ? __alloc_skb+0x5b7/0x710
[  225.724370][ T8920]  ? __pfx___alloc_skb+0x10/0x10
[  225.724424][ T8920]  netlink_alloc_large_skb+0x69/0x150
[  225.724460][ T8920]  netlink_sendmsg+0x680/0xda0
[  225.724483][ T8920]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.724505][ T8920]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  225.724530][ T8920]  ____sys_sendmsg+0x9e1/0xb70
[  225.724559][ T8920]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.724580][ T8920]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.724605][ T8920]  ? lock_acquire+0x1cf/0x380
[  225.724635][ T8920]  ___sys_sendmsg+0x190/0x1e0
[  225.724660][ T8920]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.724711][ T8920]  __sys_sendmsg+0x170/0x220
[  225.724729][ T8920]  ? __pfx___sys_sendmsg+0x10/0x10
[  225.724763][ T8920]  __do_fast_syscall_32+0xe3/0x8c0
[  225.724788][ T8920]  do_fast_syscall_32+0x32/0x70
[  225.724808][ T8920]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  225.724831][ T8920] RIP: 0023:0xf700ef6c
[  225.724844][ T8920] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  225.724862][ T8920] RSP: 002b:00000000f53fd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  225.724880][ T8920] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  225.724891][ T8920] RDX: 0000000004004010 RSI: 0000000000000000 RDI: 0000000000000000
[  225.724902][ T8920] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  225.724911][ T8920] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  225.724921][ T8920] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.724943][ T8920]  </TASK>
[  227.951287][ T8946] autofs4:pid:8946:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374)
[  228.179026][ T5996] libceph: connect (1)[c::]:6789 error -101
[  228.181712][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  228.217553][ T8948] ceph: No mds server is up or the cluster is laggy
[  228.453441][ T8953] netlink: 220 bytes leftover after parsing attributes in process `syz.3.828'.
[  228.458827][ T8953] netlink: 8 bytes leftover after parsing attributes in process `syz.3.828'.
[  228.468388][ T8953] binder: BINDER_SET_CONTEXT_MGR already set
[  228.470845][ T8953] binder: 8945:8953 ioctl 4018620d 80001000 returned -16
[  228.481675][ T8955] IPVS: rr: FWM 3 0x00000003 - no destination available
[  228.492867][ T8955] netlink: 'syz.1.829': attribute type 1 has an invalid length.
[  228.568414][ T8955] 8021q: adding VLAN 0 to HW filter on device bond2
[  228.575239][ T8955] bond1: (slave bond2): making interface the new active one
[  228.579012][ T8955] bond1: (slave bond2): Enslaving as an active interface with an up link
[  228.597178][ T8955] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  228.665044][ T8970] IPVS: sync thread started: state = BACKUP, mcast_ifn = gre0, syncid = 0, id = 0
[  228.852087][ T8976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.835'.
[  229.831774][ T8994] random: crng reseeded on system resumption
[  229.842663][ T8994] openvswitch: netlink: IP tunnel dst address not specified
[  229.921309][ T8992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.839'.
[  229.929710][ T8992] 8021q: adding VLAN 0 to HW filter on device ipvlan3
[  229.932702][ T8992] team0: Device ipvlan3 is already an upper device of the team interface
[  230.016685][ T9004] openvswitch: netlink: IP tunnel dst address not specified
[  230.173567][ T9013] 9p: Bad value for 'rfdno'
[  230.372356][ T9017] random: crng reseeded on system resumption
[  230.423987][ T9017] netlink: 24 bytes leftover after parsing attributes in process `syz.0.848'.
[  230.428099][ T9017] openvswitch: netlink: Flow key attr not present in new flow.
[  231.655455][ T9041] netlink: 'syz.0.857': attribute type 1 has an invalid length.
[  231.669278][ T5996] libceph: connect (1)[c::]:6789 error -101
[  231.671665][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  231.718718][ T9041] bond1: entered promiscuous mode
[  231.721370][ T9041] 8021q: adding VLAN 0 to HW filter on device bond1
[  231.751034][ T9046] bond1: (slave bridge2): making interface the new active one
[  231.753521][ T9046] bridge2: entered promiscuous mode
[  231.756321][ T9046] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  231.795829][ T9041] netlink: 68 bytes leftover after parsing attributes in process `syz.0.857'.
[  231.925237][ T5996] libceph: connect (1)[c::]:6789 error -101
[  231.927852][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  232.193297][ T9042] ceph: No mds server is up or the cluster is laggy
[  232.797637][ T9058] fuse: Bad value for 'fd'
[  233.393718][ T9071] overlayfs: failed to clone lowerpath
[  233.415910][ T5953] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  233.602915][ T9081] wg2 speed is unknown, defaulting to 1000
[  233.614373][ T9086] netlink: 'syz.3.866': attribute type 15 has an invalid length.
[  233.623254][ T9086] netlink: 'syz.3.866': attribute type 7 has an invalid length.
[  235.600329][ T9112] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.873'.
[  249.298083][ T9161] ceph: No mds server is up or the cluster is laggy
[  249.300498][ T6037] libceph: connect (1)[c::]:6789 error -101
[  249.306029][ T6037] libceph: mon0 (1)[c::]:6789 connect error
[  251.100832][ T9177] netlink: 44 bytes leftover after parsing attributes in process `syz.0.885'.
[  251.120461][   T41] audit: type=1326 audit(1775739574.282:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.129820][   T41] audit: type=1326 audit(1775739574.282:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.139196][   T41] audit: type=1326 audit(1775739574.282:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.149239][   T41] audit: type=1326 audit(1775739574.282:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.172683][   T41] audit: type=1326 audit(1775739574.282:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.180083][   T41] audit: type=1326 audit(1775739574.282:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.207778][   T41] audit: type=1326 audit(1775739574.282:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.237499][   T41] audit: type=1326 audit(1775739574.282:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.244423][   T41] audit: type=1326 audit(1775739574.282:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.251403][   T41] audit: type=1326 audit(1775739574.282:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.2.883" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f66f6c code=0x7ffc0000
[  251.716010][ T9196] netlink: 12 bytes leftover after parsing attributes in process `syz.1.886'.
[  252.081482][ T9199] could not allocate digest TFM handle sha224-generic
[  252.519391][ T9206] overlayfs: failed to resolve './file1/file0': -2
[  252.647185][ T9211] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  252.790587][ T9214] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  252.860296][ T9214] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  252.863996][ T9214] overlayfs: failed to look up (tracing) for ino (-66)
[  252.926288][ T9215] netlink: 'syz.1.893': attribute type 2 has an invalid length.
[  252.953539][ T9215] ‚#{6c: entered promiscuous mode
[  254.218810][ T9222] netlink: 44 bytes leftover after parsing attributes in process `syz.3.896'.
[  254.461180][ T9232] can0: slcan on ptm0.
[  254.538660][ T9226] /dev/sr0: Can't open blockdev
[  254.927163][ T9229] /dev/sr0: Can't open blockdev
[  255.660841][  T766] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.663863][  T766] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.673610][  T766] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.677874][  T766] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.705543][ T9225] can0 (unregistered): slcan off ptm0.
[  255.797763][ T9255] Cannot find add_set index 0 as target
[  255.827274][ T5950] block nbd1: Receive control failed (result -32)
[  255.831925][ T5950] block nbd1: Receive control failed (result -32)
[  255.864667][ T9248] nbd1: detected capacity change from 0 to 127
[  255.872994][ T9168] 
[  255.873835][ T9168] ======================================================
[  255.876096][ T9168] WARNING: possible circular locking dependency detected
[  255.878350][ T9168] syzkaller #0 Not tainted
[  255.879972][ T9168] ------------------------------------------------------
[  255.882409][ T9168] udevd/9168 is trying to acquire lock:
[  255.884396][ T9168] ffff88807511b470 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x428/0x1080
[  255.887824][ T9168] 
[  255.887824][ T9168] but task is already holding lock:
[  255.890469][ T9168] ffff8880787a0180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xba/0x1080
[  255.893230][ T9168] 
[  255.893230][ T9168] which lock already depends on the new lock.
[  255.893230][ T9168] 
[  255.896843][ T9168] 
[  255.896843][ T9168] the existing dependency chain (in reverse order) is:
[  255.899947][ T9168] 
[  255.899947][ T9168] -> #6 (&cmd->lock){+.+.}-{4:4}:
[  255.902349][ T9168]        __mutex_lock+0x1a2/0x1b90
[  255.903987][ T9168]        nbd_queue_rq+0xba/0x1080
[  255.905705][ T9168]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  255.907629][ T9168]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  255.909736][ T9168]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  255.911785][ T9168]        blk_mq_run_hw_queue+0x23c/0x670
[  255.913840][ T9168]        blk_mq_dispatch_list+0x51d/0x1360
[  255.916527][ T9168]        blk_mq_flush_plug_list+0x130/0x600
[  255.918622][ T9168]        __blk_flush_plug+0x2c4/0x4b0
[  255.920352][ T9168]        __submit_bio+0x584/0x6c0
[  255.921961][ T9168]        submit_bio_noacct_nocheck+0x562/0xc10
[  255.923939][ T9168]        submit_bio_noacct+0xd17/0x2010
[  255.925860][ T9168]        submit_bh_wbc+0x59c/0x770
[  255.927502][ T9168]        block_read_full_folio+0x264/0x8e0
[  255.929400][ T9168]        filemap_read_folio+0xfc/0x3b0
[  255.931171][ T9168]        do_read_cache_folio+0x2d7/0x6b0
[  255.933150][ T9168]        read_part_sector+0xd1/0x370
[  255.935199][ T9168]        adfspart_check_ICS+0x93/0x910
[  255.937148][ T9168]        bdev_disk_changed+0x7f8/0xc80
[  255.938983][ T9168]        blkdev_get_whole+0x187/0x290
[  255.940701][ T9168]        bdev_open+0x2c7/0xe40
[  255.942224][ T9168]        blkdev_open+0x34e/0x4f0
[  255.943808][ T9168]        do_dentry_open+0x6d8/0x1660
[  255.945535][ T9168]        vfs_open+0x82/0x3f0
[  255.947033][ T9168]        path_openat+0x208c/0x31a0
[  255.948722][ T9168]        do_file_open+0x20e/0x430
[  255.950503][ T9168]        do_sys_openat2+0x10d/0x1e0
[  255.952703][ T9168]        __x64_sys_openat+0x12d/0x210
[  255.955001][ T9168]        do_syscall_64+0x106/0xf80
[  255.956769][ T9168]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.958858][ T9168] 
[  255.958858][ T9168] -> #5 (set->srcu){.+.+}-{0:0}:
[  255.961139][ T9168]        __synchronize_srcu+0xa2/0x300
[  255.962889][ T9168]        blk_mq_quiesce_queue+0x149/0x1c0
[  255.964778][ T9168]        elevator_switch+0x17b/0x7e0
[  255.966537][ T9168]        elevator_change+0x352/0x530
[  255.968181][ T9168]        elevator_set_default+0x29e/0x360
[  255.970212][ T9168]        blk_register_queue+0x412/0x590
[  255.972167][ T9168]        __add_disk+0x73f/0xe40
[  255.973783][ T9168]        add_disk_fwnode+0x118/0x5c0
[  255.975531][ T9168]        nbd_dev_add+0x77a/0xb10
[  255.977117][ T9168]        nbd_init+0x291/0x2b0
[  255.978601][ T9168]        do_one_initcall+0x11d/0x760
[  255.980307][ T9168]        kernel_init_freeable+0x6e5/0x7a0
[  255.982119][ T9168]        kernel_init+0x1f/0x1e0
[  255.983677][ T9168]        ret_from_fork+0x754/0xd80
[  255.985426][ T9168]        ret_from_fork_asm+0x1a/0x30
[  255.987318][ T9168] 
[  255.987318][ T9168] -> #4 (&q->elevator_lock){+.+.}-{4:4}:
[  255.990282][ T9168]        __mutex_lock+0x1a2/0x1b90
[  255.992130][ T9168]        elevator_change+0x1bc/0x530
[  255.993850][ T9168]        elevator_set_none+0x92/0xf0
[  255.995405][ T9168]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  255.997407][ T9168]        nbd_start_device+0x1a6/0xbd0
[  255.999124][ T9168]        nbd_genl_connect+0xff2/0x1a40
[  256.000863][ T9168]        genl_family_rcv_msg_doit+0x214/0x300
[  256.002806][ T9168]        genl_rcv_msg+0x560/0x800
[  256.004437][ T9168]        netlink_rcv_skb+0x159/0x420
[  256.006182][ T9168]        genl_rcv+0x28/0x40
[  256.007719][ T9168]        netlink_unicast+0x5aa/0x870
[  256.009745][ T9168]        netlink_sendmsg+0x8b0/0xda0
[  256.012148][ T9168]        ____sys_sendmsg+0x9e1/0xb70
[  256.014720][ T9168]        ___sys_sendmsg+0x190/0x1e0
[  256.016708][ T9168]        __sys_sendmsg+0x170/0x220
[  256.018349][ T9168]        __do_fast_syscall_32+0xe3/0x8c0
[  256.020157][ T9168]        do_fast_syscall_32+0x32/0x70
[  256.021841][ T9168]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  256.023928][ T9168] 
[  256.023928][ T9168] -> #3 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[  256.026626][ T9168]        blk_alloc_queue+0x610/0x790
[  256.028308][ T9168]        blk_mq_alloc_queue+0x174/0x290
[  256.030065][ T9168]        __blk_mq_alloc_disk+0x29/0x120
[  256.031787][ T9168]        nbd_dev_add+0x492/0xb10
[  256.033365][ T9168]        nbd_init+0x291/0x2b0
[  256.034975][ T9168]        do_one_initcall+0x11d/0x760
[  256.036881][ T9168]        kernel_init_freeable+0x6e5/0x7a0
[  256.039030][ T9168]        kernel_init+0x1f/0x1e0
[  256.040708][ T9168]        ret_from_fork+0x754/0xd80
[  256.042385][ T9168]        ret_from_fork_asm+0x1a/0x30
[  256.044031][ T9168] 
[  256.044031][ T9168] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  256.046399][ T9168]        fs_reclaim_acquire+0xc4/0x100
[  256.048134][ T9168]        kmem_cache_alloc_node_noprof+0x53/0x6f0
[  256.050189][ T9168]        __alloc_skb+0x140/0x710
[  256.051819][ T9168]        tcp_stream_alloc_skb+0x34/0x660
[  256.053780][ T9168]        tcp_sendmsg_locked+0x1396/0x45e0
[  256.055793][ T9168]        tcp_sendmsg+0x2e/0x50
[  256.057406][ T9168]        inet_sendmsg+0xb9/0x140
[  256.058997][ T9168]        sock_write_iter+0x4ea/0x5a0
[  256.060687][ T9168]        vfs_write+0x6ac/0x1070
[  256.062236][ T9168]        ksys_write+0x1f8/0x250
[  256.063833][ T9168]        do_syscall_64+0x106/0xf80
[  256.065647][ T9168]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.068061][ T9168] 
[  256.068061][ T9168] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  256.070704][ T9168]        lock_sock_nested+0x41/0xf0
[  256.072421][ T9168]        inet_shutdown+0x67/0x410
[  256.074010][ T9168]        nbd_mark_nsock_dead+0xae/0x5c0
[  256.075780][ T9168]        recv_work+0x5fb/0x8c0
[  256.077333][ T9168]        process_one_work+0xa23/0x19a0
[  256.079078][ T9168]        worker_thread+0x5ef/0xe50
[  256.080727][ T9168]        kthread+0x370/0x450
[  256.082252][ T9168]        ret_from_fork+0x754/0xd80
[  256.084015][ T9168]        ret_from_fork_asm+0x1a/0x30
[  256.085978][ T9168] 
[  256.085978][ T9168] -> #0 (&nsock->tx_lock){+.+.}-{4:4}:
[  256.088544][ T9168]        __lock_acquire+0x14b8/0x2630
[  256.090246][ T9168]        lock_acquire+0x1cf/0x380
[  256.091843][ T9168]        __mutex_lock+0x1a2/0x1b90
[  256.093481][ T9168]        nbd_queue_rq+0x428/0x1080
[  256.095231][ T9168]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  256.097486][ T9168]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  256.099876][ T9168]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  256.101923][ T9168]        blk_mq_run_hw_queue+0x23c/0x670
[  256.103700][ T9168]        blk_mq_dispatch_list+0x51d/0x1360
[  256.105618][ T9168]        blk_mq_flush_plug_list+0x130/0x600
[  256.107564][ T9168]        __blk_flush_plug+0x2c4/0x4b0
[  256.109426][ T9168]        __submit_bio+0x584/0x6c0
[  256.111185][ T9168]        submit_bio_noacct_nocheck+0x562/0xc10
[  256.113156][ T9168]        submit_bio_noacct+0xd17/0x2010
[  256.114923][ T9168]        submit_bh_wbc+0x59c/0x770
[  256.116604][ T9168]        block_read_full_folio+0x264/0x8e0
[  256.118549][ T9168]        filemap_read_folio+0xfc/0x3b0
[  256.120546][ T9168]        do_read_cache_folio+0x2d7/0x6b0
[  256.122565][ T9168]        read_part_sector+0xd1/0x370
[  256.124291][ T9168]        adfspart_check_ICS+0x93/0x910
[  256.126037][ T9168]        bdev_disk_changed+0x7f8/0xc80
[  256.127773][ T9168]        blkdev_get_whole+0x187/0x290
[  256.129506][ T9168]        bdev_open+0x2c7/0xe40
[  256.131039][ T9168]        blkdev_open+0x34e/0x4f0
[  256.132630][ T9168]        do_dentry_open+0x6d8/0x1660
[  256.134318][ T9168]        vfs_open+0x82/0x3f0
[  256.135892][ T9168]        path_openat+0x208c/0x31a0
[  256.137597][ T9168]        do_file_open+0x20e/0x430
[  256.139317][ T9168]        do_sys_openat2+0x10d/0x1e0
[  256.141162][ T9168]        __x64_sys_openat+0x12d/0x210
[  256.142957][ T9168]        do_syscall_64+0x106/0xf80
[  256.144607][ T9168]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.146652][ T9168] 
[  256.146652][ T9168] other info that might help us debug this:
[  256.146652][ T9168] 
[  256.149880][ T9168] Chain exists of:
[  256.149880][ T9168]   &nsock->tx_lock --> set->srcu --> &cmd->lock
[  256.149880][ T9168] 
[  256.153906][ T9168]  Possible unsafe locking scenario:
[  256.153906][ T9168] 
[  256.156455][ T9168]        CPU0                    CPU1
[  256.158256][ T9168]        ----                    ----
[  256.159989][ T9168]   lock(&cmd->lock);
[  256.161281][ T9168]                                lock(set->srcu);
[  256.163298][ T9168]                                lock(&cmd->lock);
[  256.165403][ T9168]   lock(&nsock->tx_lock);
[  256.166830][ T9168] 
[  256.166830][ T9168]  *** DEADLOCK ***
[  256.166830][ T9168] 
[  256.169544][ T9168] 3 locks held by udevd/9168:
[  256.171230][ T9168]  #0: ffff888024f67358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  256.174324][ T9168]  #1: ffff888020f87f98 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22e/0x670
[  256.177314][ T9168]  #2: ffff8880787a0180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xba/0x1080
[  256.180192][ T9168] 
[  256.180192][ T9168] stack backtrace:
[  256.182176][ T9168] CPU: 1 UID: 0 PID: 9168 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) 
[  256.182191][ T9168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  256.182199][ T9168] Call Trace:
[  256.182207][ T9168]  <TASK>
[  256.182213][ T9168]  dump_stack_lvl+0x100/0x190
[  256.182234][ T9168]  print_circular_bug.cold+0x178/0x1c7
[  256.182254][ T9168]  check_noncircular+0x146/0x160
[  256.182271][ T9168]  __lock_acquire+0x14b8/0x2630
[  256.182290][ T9168]  lock_acquire+0x1cf/0x380
[  256.182304][ T9168]  ? nbd_queue_rq+0x428/0x1080
[  256.182319][ T9168]  ? __pfx___might_resched+0x10/0x10
[  256.182338][ T9168]  ? preempt_schedule_thunk+0x16/0x30
[  256.182354][ T9168]  __mutex_lock+0x1a2/0x1b90
[  256.182369][ T9168]  ? nbd_queue_rq+0x428/0x1080
[  256.182383][ T9168]  ? nbd_queue_rq+0x428/0x1080
[  256.182398][ T9168]  ? __pfx___mutex_lock+0x10/0x10
[  256.182412][ T9168]  ? __perf_event_task_sched_in+0x27a/0xa10
[  256.182431][ T9168]  ? lock_acquire+0x1cf/0x380
[  256.182447][ T9168]  ? nbd_queue_rq+0x428/0x1080
[  256.182461][ T9168]  nbd_queue_rq+0x428/0x1080
[  256.182475][ T9168]  ? finish_task_switch.isra.0+0x205/0xb80
[  256.182490][ T9168]  ? __pfx_nbd_queue_rq+0x10/0x10
[  256.182507][ T9168]  blk_mq_dispatch_rq_list+0x422/0x1e70
[  256.182531][ T9168]  ? sbitmap_get+0x1d7/0x360
[  256.182544][ T9168]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  256.182564][ T9168]  ? __blk_mq_alloc_driver_tag+0x27a/0x7a0
[  256.182584][ T9168]  __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  256.182604][ T9168]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  256.182626][ T9168]  blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  256.182644][ T9168]  blk_mq_run_hw_queue+0x23c/0x670
[  256.182663][ T9168]  ? blk_mq_run_hw_queue+0x22e/0x670
[  256.182680][ T9168]  blk_mq_dispatch_list+0x51d/0x1360
[  256.182700][ T9168]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  256.182719][ T9168]  ? blk_add_trace_plug+0xf5/0x290
[  256.182743][ T9168]  blk_mq_flush_plug_list+0x130/0x600
[  256.182762][ T9168]  ? trace_block_plug+0x6e/0x240
[  256.182775][ T9168]  ? blk_add_rq_to_plug+0x30a/0x540
[  256.182794][ T9168]  ? __pfx_wbt_track+0x10/0x10
[  256.182810][ T9168]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  256.182829][ T9168]  ? blk_mq_submit_bio+0x9aa/0x2bf0
[  256.182849][ T9168]  __blk_flush_plug+0x2c4/0x4b0
[  256.182868][ T9168]  ? __pfx___blk_flush_plug+0x10/0x10
[  256.182885][ T9168]  ? trace_sched_exit_tp+0x13a/0x180
[  256.182900][ T9168]  ? __schedule+0x1000/0x6120
[  256.182913][ T9168]  __submit_bio+0x584/0x6c0
[  256.182930][ T9168]  ? __pfx___submit_bio+0x10/0x10
[  256.182950][ T9168]  ? submit_bio_noacct_nocheck+0x562/0xc10
[  256.182968][ T9168]  submit_bio_noacct_nocheck+0x562/0xc10
[  256.182985][ T9168]  ? irqentry_exit+0x180/0x670
[  256.182999][ T9168]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  256.183018][ T9168]  ? __pfx___might_resched+0x10/0x10
[  256.183037][ T9168]  submit_bio_noacct+0xd17/0x2010
[  256.183056][ T9168]  submit_bh_wbc+0x59c/0x770
[  256.183073][ T9168]  block_read_full_folio+0x264/0x8e0
[  256.183091][ T9168]  ? __pfx_blkdev_get_block+0x10/0x10
[  256.183110][ T9168]  ? __pfx_blkdev_read_folio+0x10/0x10
[  256.183128][ T9168]  filemap_read_folio+0xfc/0x3b0
[  256.183147][ T9168]  ? __pfx_filemap_read_folio+0x10/0x10
[  256.183167][ T9168]  do_read_cache_folio+0x2d7/0x6b0
[  256.183179][ T9168]  ? __pfx_blkdev_read_folio+0x10/0x10
[  256.183197][ T9168]  read_part_sector+0xd1/0x370
[  256.183214][ T9168]  adfspart_check_ICS+0x93/0x910
[  256.183230][ T9168]  ? irqentry_exit+0x180/0x670
[  256.183243][ T9168]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  256.183259][ T9168]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  256.183276][ T9168]  ? bdev_disk_changed+0x763/0xc80
[  256.183292][ T9168]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  256.183308][ T9168]  bdev_disk_changed+0x7f8/0xc80
[  256.183326][ T9168]  ? __pfx_bdev_disk_changed+0x10/0x10
[  256.183344][ T9168]  blkdev_get_whole+0x187/0x290
[  256.183360][ T9168]  bdev_open+0x2c7/0xe40
[  256.183378][ T9168]  blkdev_open+0x34e/0x4f0
[  256.183397][ T9168]  do_dentry_open+0x6d8/0x1660
[  256.183410][ T9168]  ? __pfx_blkdev_open+0x10/0x10
[  256.183430][ T9168]  vfs_open+0x82/0x3f0
[  256.183446][ T9168]  path_openat+0x208c/0x31a0
[  256.183461][ T9168]  ? __pfx_path_openat+0x10/0x10
[  256.183476][ T9168]  do_file_open+0x20e/0x430
[  256.183489][ T9168]  ? __pfx_do_file_open+0x10/0x10
[  256.183506][ T9168]  ? alloc_fd+0x476/0x790
[  256.183519][ T9168]  ? do_getname+0x191/0x390
[  256.183535][ T9168]  do_sys_openat2+0x10d/0x1e0
[  256.183551][ T9168]  ? __pfx_do_sys_openat2+0x10/0x10
[  256.183570][ T9168]  __x64_sys_openat+0x12d/0x210
[  256.183586][ T9168]  ? __pfx___x64_sys_openat+0x10/0x10
[  256.183602][ T9168]  ? __pfx___schedule+0x10/0x10
[  256.183613][ T9168]  ? trace_irq_enable.constprop.0+0x2f/0x180
[  256.183628][ T9168]  do_syscall_64+0x106/0xf80
[  256.183639][ T9168]  ? clear_bhb_loop+0x40/0x90
[  256.183652][ T9168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.183665][ T9168] RIP: 0033:0x7fcb472a7407
[  256.183676][ T9168] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  256.183689][ T9168] RSP: 002b:00007ffc4d7be5d0 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  256.183701][ T9168] RAX: ffffffffffffffda RBX: 00007fcb47a2e880 RCX: 00007fcb472a7407
[  256.183708][ T9168] RDX: 00000000000a0800 RSI: 00005604a15c4a20 RDI: ffffffffffffff9c
[  256.183715][ T9168] RBP: 00005604a15b1910 R08: 0000000000000000 R09: 0000000000000000
[  256.183722][ T9168] R10: 0000000000000000 R11: 0000000000000202 R12: 00005604a15ceb90
[  256.183733][ T9168] R13: 00005604a15bf190 R14: 0000000000000000 R15: 00005604a15ceb90
[  256.183744][ T9168]  </TASK>
[  256.196718][   T41] kauditd_printk_skb: 34 callbacks suppressed
[  256.196732][   T41] audit: type=1326 audit(1775739579.352:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9258 comm="syz.3.905" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf700ef6c code=0x0
[  256.250697][ T9168] block nbd1: Dead connection, failed to find a fallback
[  256.385329][ T5996] libceph: connect (1)[c::]:6789 error -101
[  256.386357][ T9168] block nbd1: shutting down sockets
[  256.387377][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  256.389799][ T9168] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.404568][ T9168] buffer_io_error: 65 callbacks suppressed
[  256.404583][ T9168] Buffer I/O error on dev nbd1, logical block 0, async page read
[  256.410611][ T9168] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.414592][ T9168] Buffer I/O error on dev nbd1, logical block 1, async page read
[  256.417762][ T9168] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.421370][ T9168] Buffer I/O error on dev nbd1, logical block 2, async page read
[  256.424240][ T9168] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.428335][ T9168] Buffer I/O error on dev nbd1, logical block 3, async page read
[  256.431497][ T9168] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.435360][ T9168] Buffer I/O error on dev nbd1, logical block 0, async page read
[  256.437982][ T9168] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.440975][ T9168] Buffer I/O error on dev nbd1, logical block 1, async page read
[  256.443737][ T9168] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.447262][ T9168] Buffer I/O error on dev nbd1, logical block 2, async page read
[  256.450188][ T9168] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.453637][ T9168] Buffer I/O error on dev nbd1, logical block 3, async page read
[  256.456792][ T9168] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.460035][ T9168] Buffer I/O error on dev nbd1, logical block 0, async page read
[  256.463004][ T9168] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  256.466747][ T9168] Buffer I/O error on dev nbd1, logical block 1, async page read
[  256.469914][ T9168] ldm_validate_partition_table(): Disk read failed.
[  256.472564][ T9168] Dev nbd1: unable to read RDB block 0
[  256.472834][ T9270] ceph: No mds server is up or the cluster is laggy
[  256.474953][ T9168]  nbd1: unable to read partition table
[  256.534952][ T9168] ldm_validate_partition_table(): Disk read failed.
[  256.537596][ T9168] Dev nbd1: unable to read RDB block 0
[  256.539590][ T9168]  nbd1: unable to read partition table
[  260.786557][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  260.789355][ T1415] ieee802154 phy1 wpan1: encryption failed: -22