last executing test programs:

5m54.103195818s ago: executing program 0 (id=439):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x1d, 0x4}, &(0x7f0000000800)=<r0=>0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x3b3a02, 0x0)
epoll_create1(0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @random="84cc2fdb404a"}, 0x10)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$TCXONC(r2, 0x540a, 0x2)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000)=0x6)
r3 = ioctl$TIOCGPTPEER(r2, 0x5441, 0x6)
write(r3, &(0x7f0000000100)="9e", 0x1)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x1b, &(0x7f0000000840)=0x5, 0xfffffffffffffebe)
connect$inet(r4, &(0x7f0000000100)={0x2, 0x4, @remote}, 0x10)
r5 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
write(r5, &(0x7f0000000140)='/', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x20010, r5, 0xffffe000)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149)
write(r3, &(0x7f0000000080)="d738", 0x2)
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r6, &(0x7f00000002c0)=[{&(0x7f0000001380)=""/126, 0x7e}, {&(0x7f00000001c0)=""/143, 0x8f}, {&(0x7f00000007c0)=""/24, 0x18}, {&(0x7f0000000740)=""/85, 0x55}], 0x4, 0x3, 0x6000, 0x7)
ioctl$TCSETS2(r3, 0x402c542b, &(0x7f0000000040)={0x2, 0x2, 0xffffff82, 0xe, 0x8, "16cfb69012650eabfd955c6d9954beff89d9ef", 0x4, 0x9})

5m53.960083954s ago: executing program 0 (id=440):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00da1ff0088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

5m53.959818767s ago: executing program 0 (id=441):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0) (async)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="050000000400000006a10000402e7ca533820b9b2f3111f8c5f6e45fcc6dfaf5fe5f3fb02a6685b1431a5c17f5d0a1d5301feae7b1d1a2520e9cc98cf10f944c34aeda5d84c08e1609", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@jmp={0x5, 0x1, 0xa, 0x8, 0x0, 0xfffffffffffffff8}, @alu={0x4, 0x0, 0x8, 0x0, 0x1, 0xffffffffffffffff, 0x4}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4008840) (async)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) (async)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r5, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r5, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5)
sendmsg$802154_raw(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)="eb", 0x1}, 0x1, 0x0, 0x0, 0x8008040}, 0x30008080)
sendmmsg$alg(r5, &(0x7f0000002a40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40004}], 0x1, 0x0) (async)
ioprio_set$uid(0x3, 0x0, 0x0) (async)
sched_setattr(0x0, 0x0, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)

5m53.831362856s ago: executing program 0 (id=442):
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x4000)
r2 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
ptrace$setregset(0x4205, r0, 0x1, &(0x7f00000001c0)={0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500), 0x24181, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000140)={0x28729f328c68897})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xa2280, 0x0)
ioctl$FS_IOC_GETFLAGS(r4, 0x5437, 0x0)
close(r4)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0)

5m53.1130297s ago: executing program 0 (id=445):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f00000001c0)=@md0, &(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000280)='vxfs\x00', 0x8004, &(0x7f00000002c0)='\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x100, 0x0)
getdents(r0, &(0x7f0000000200)=""/38, 0x26)
r1 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
get_robust_list(r1, &(0x7f0000000100)=&(0x7f00000000c0)={&(0x7f0000000040)={&(0x7f0000000000)}, 0x0, &(0x7f0000000080)}, &(0x7f0000000140)=0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r3}, 0x10)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
wait4(r1, 0x0, 0x20000002, 0x0)

5m53.112761785s ago: executing program 0 (id=447):
recvmmsg(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@sco={0x1f, @fixed}, 0x80, 0x0}, 0x226}], 0x1, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x800008d, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r2})

5m37.761481033s ago: executing program 32 (id=447):
recvmmsg(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@sco={0x1f, @fixed}, 0x80, 0x0}, 0x226}], 0x1, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x800008d, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r2})

3m54.628563446s ago: executing program 4 (id=1269):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000004c0)={&(0x7f0000000180)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000480)=[@ip_tos_int={{0x10, 0x0, 0x34, 0x2}}], 0x10}, 0x40) (fail_nth: 7)

3m54.572353204s ago: executing program 4 (id=1270):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x40}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x204}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000440))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
io_uring_enter(r7, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x10803}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1=0xe000030a}]}}}]}, 0x3c}}, 0x4000)

3m53.623368393s ago: executing program 4 (id=1275):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r0 = socket$inet(0x2, 0x800, 0x0)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)

3m53.492113689s ago: executing program 4 (id=1276):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x40}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x204}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000440)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r7, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x10803}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1=0xe000030a}]}}}]}, 0x3c}}, 0x4000)

3m52.161857277s ago: executing program 4 (id=1285):
r0 = bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000a00)=ANY=[@ANYRESDEC], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000100)=0x1)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2)
r6 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$unix(r8, &(0x7f0000010740)=[{{&(0x7f0000000380)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000400)="2a36663e910184a9b5b8c423edf885c7eabc2442b663a530a066ff979ed7a941713b387f5b81cdaea403b0fecc4afd83667f777481d70c2664a9de8350ed4f9c075bac81264332d7bfccd0f7a29c50c086320b2dce5397898ec69b7f95fe6635bb6fb563ed97694ca27fbd9ae7eaf4adc87e8e2348", 0x75}, {&(0x7f0000000a40)="c9e9686253311d5c682534a69080b012ab08c292c2249438fc79eb6ee4ba18842b0b807efabde3b4b7de605695a3fffff8a09e2881174f8c102a11745c75a9ee40225d19486feb28749af2e862ba8459d0caa625b8f93fd73626ca6380318a61bfa3c4ba1e0e8295a4f51e9dafd7cd74150972c8695a79f7a7c0e5f3018d01f4187196be0408071842e6d048eb6e026ddc442b954a748ba86ddbb3ee6687895733df5cf90d66d7b50978229afbb039a569b4aefabd6e6649928a342d5ecdd4a3efdeae977394cb64ed2a456a5c6a0396b1021781ada6d45b6f546243", 0xdc}, {&(0x7f0000000580)="f2bff1f927a03bda170732ba885d392ba884a6bbfd6ec5cb43b1250299132141772a04cb57063042ba51df6277c3982dd59b11cc51537644848a086aaf20100d8393ab0eaadbb20d7572319a1b2bca08bdc88c7ec0dc89ed017d86b6b594818c0da923092f1a12ed4d6bada3197e7e2f50794b641709de3b34c0a8df8315e30e4b510f6b510c89040c33c1bf7c23e1805214e17b3a196e598228fe93f5200a6e102a370a30212282833429366c4d9f35", 0xb0}], 0x3, &(0x7f0000000900)=[@rights={{0x30, 0x1, 0x1, [r8, r4, r6, r0, r8, r8, r9, r6, r1]}}, @rights={{0x10, 0x1, 0x1, [r2]}}, @cred={{0x18, 0x1, 0x2, {r5}}}, @cred={{0x18, 0x1, 0x2, {r5}}}], 0x70, 0x60001}}, {{&(0x7f0000000980)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000010300)=[{&(0x7f0000006200)="a4f66ce4faf5aab5baeb7f336e9266e6984eb60f9870a89866c23db9179a649e097455b7a873a4cc71777adabd5121a78f323c68a881636778a746cad261f90575b054d0c26ab53ed89e7bfef09fdfa0f006d7bd833abd39a9ac2160d831a0203f749483a5e500f9871712a1b87521acdb7fdc7df9dfd9a2647f29ab4d56c4ed4ce13eb50cdcd7d6debafc5b0d605092b4bbb0d52d325757f6668cc2382b9bb06273cb7c4f9015002b00aa97febafb731138dbb64c082a282b70787e67f00231c4e72cf87721", 0xc6}, {&(0x7f0000010280)="7191e2846274576df6ab9836299ff63f38e6b61e772de7e806cf5b49021cd9e862cf794469d9bf0ff25e369f70a293f317db5f13cccf8c54e764b0fe010ca86d4cee36d9b0bf20f5f71f5f030c9e03354b46cd870fd9444ca9207114", 0x5c}], 0x2, &(0x7f0000010340)=[@rights={{0x18, 0x1, 0x1, [r9, r3, r3]}}, @cred={{0x18, 0x1, 0x2, {r5}}}], 0x30, 0x44}}, {{&(0x7f0000010380)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000010700)=[{&(0x7f00000007c0)="a456c63d186df7d56cbacfe87b0e7593454870ee37144c93653b2f1eadcc558af3dbc09528109f1e602f4966dcb9933b471d6ad67241758fc8b71a26498f4aaeb10a8cb37de562a6f7493e91bbe2e4988ceebec6c9d4c78ed6994b48d5415e134600", 0x62}, {&(0x7f0000010480)="ebadc25a95b88dc06eee621d8332c91ba8d9257bdbe2bae195336001475f1aa33dfb615af22e7b2d03b0c87e5b370ebf8f1566cb6b74e680852d427cfd9695cb8aaf2f14bedcf4fdbc636cca1325", 0x4e}, {&(0x7f0000010500)="d9aac0a08d6c5706b4aac461ca13b6686e2d9f02a13a558268646a21a943b3cc859d088760dca3823447c48fbcd23e7ed406", 0x32}, {&(0x7f0000010540)="b0f22bc00cfed9bcf175ec5500469085f2bdbd5da1dd8009c5f568f0c64a15f24ddeb50385b85cff3ae2e4de6f4f4677210a229da7d0adf0f1529f8cf3da2f0d9018b34206dfc39d2a4a66e83d9a5f1fe8457da9991305a1a594aceb21b029904bc66acfbe4234b071b4776d7ab99801b4b368be64750ae79da06b3947b881e7a10cc28d3f52fb0ccc0824ca68beb6a318de5223a912f2b16420729e40b23d140e5592f7a72b7d96ef2fa369fc0cf1f1e876a015e9a335a73f38e8bb85de49d364e8", 0xc2}, {&(0x7f0000010640)="6f7475b7cbe7e620c0f7423f69542a5a17624a4f", 0x14}, {&(0x7f0000010680)="119076be04993eefbb791fabcd308f51d0fc19460a1415915bc2a0c019e546c09d78689b2cab2fd71cac748ebedee7eb21f4c77e736f1220b72b5ddcc8907922a147131895cb020a07c24e94d11dd3ee2eb2fbdd94197c0854436371328aca0bdf709969f0bf805353a26abe37949e95a967", 0x72}], 0x6, 0x0, 0x0, 0x4000000}}], 0x3, 0x4000000)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r10, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r11, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r10, 0x0, 0x485, 0x0, 0x0)
r12 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9, 0x8, 0x1, 0x3d4, 0x0, r1}, &(0x7f0000000040), &(0x7f0000000280))
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffc000/0x1000)=nil], &(0x7f0000002640), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r12, 0x18, &(0x7f00000004c0)={0x48, 0xffffffffffffffff, 0x18, {0x1000000000000004, 0x3ffd}, 0xb}, 0x1)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000080)={0x8})
fstat(r1, &(0x7f0000000300))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

3m50.962650182s ago: executing program 4 (id=1294):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'macvtap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x4c, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x38, 0x1, [@m_ife={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x1}]}, {0x4}, {0xc, 0x4, {0x1}}, {0xc}}}]}]}, 0x4c}}, 0x41)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r2, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}}, &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r4, 0x40505331, &(0x7f0000000140)={{0x5d, 0x6}, {0x8, 0x3}, 0x9, 0x1, 0x40})
close(r3)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)=ANY=[@ANYBLOB="500000001000010025bd70000700000000000000", @ANYRES32=r10, @ANYBLOB="984104008f18000030001280110001006272696467655f736c6176650000000018000580040018000500190002"], 0x50}, 0x1, 0x0, 0x0, 0x811}, 0x40000c0)
write$sndseq(r8, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @time={0x80000000, 0xf}, {0x4}, {}, @result={0x8, 0x2}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {0xff, 0x20}, {0x2}, @control={0x80, 0x0, 0x7fff}}, {0x0, 0x0, 0x0, 0x0, @tick=0x1, {0x0, 0x8}, {}, @raw32={[0x4b, 0x8, 0xdd88]}}, {0x0, 0x20, 0x0, 0x0, @tick=0x5, {}, {0x0, 0xbf}, @connect={{0x8}, {0x0, 0x45}}}], 0x70)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000019100)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0xffff, 0xffff}, {0xe, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x4}]}}]}, 0x3c}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
r14 = socket$netlink(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r15 = syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r15, 0x541b, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r13, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

3m35.942093579s ago: executing program 33 (id=1294):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'macvtap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x4c, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x38, 0x1, [@m_ife={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IFE_TYPE={0x6, 0x5, 0x1}]}, {0x4}, {0xc, 0x4, {0x1}}, {0xc}}}]}]}, 0x4c}}, 0x41)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r2, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}}, &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r4, 0x40505331, &(0x7f0000000140)={{0x5d, 0x6}, {0x8, 0x3}, 0x9, 0x1, 0x40})
close(r3)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)=ANY=[@ANYBLOB="500000001000010025bd70000700000000000000", @ANYRES32=r10, @ANYBLOB="984104008f18000030001280110001006272696467655f736c6176650000000018000580040018000500190002"], 0x50}, 0x1, 0x0, 0x0, 0x811}, 0x40000c0)
write$sndseq(r8, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @time={0x80000000, 0xf}, {0x4}, {}, @result={0x8, 0x2}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {0xff, 0x20}, {0x2}, @control={0x80, 0x0, 0x7fff}}, {0x0, 0x0, 0x0, 0x0, @tick=0x1, {0x0, 0x8}, {}, @raw32={[0x4b, 0x8, 0xdd88]}}, {0x0, 0x20, 0x0, 0x0, @tick=0x5, {}, {0x0, 0xbf}, @connect={{0x8}, {0x0, 0x45}}}], 0x70)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000019100)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0xffff, 0xffff}, {0xe, 0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x4}]}}]}, 0x3c}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
r14 = socket$netlink(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r15 = syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r15, 0x541b, 0x0)
sendmsg$nl_route_sched(r14, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r13, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

2m6.819530623s ago: executing program 3 (id=2182):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_io_uring_setup(0x3888, &(0x7f0000000280)={0x0, 0x95e6, 0x400, 0x1, 0x1cf}, 0x0, 0x0)
syz_io_uring_setup(0xd3c, &(0x7f0000000480)={0x0, 0x4cd2, 0x800, 0x200003, 0x18a}, 0x0, 0x0)
r0 = syz_io_uring_setup(0x21f1, &(0x7f00000000c0)={0x0, 0x3fffff, 0x10100, 0xffffffff}, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000400)=<r2=>0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0x2, 0x1000000, 0x2c, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2c}}, @private0, 0x7800, 0x80, 0x6, 0x270}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r3, 0x80, &(0x7f0000000500)=@l2tp={0x2, 0x0, @rand_addr=0x64010102, 0x1}, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r6 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x10007076, 0x8, 0x0, 0x2bc}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000380)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = socket(0x200000000000011, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'vlan1\x00', <r10=>0x0})
bind$packet(r9, &(0x7f0000000080)={0x11, 0xd, r10, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r9, 0x0, 0x0})
io_uring_enter(r6, 0xd00, 0x7e15, 0x0, 0x0, 0x30)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000440))
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r11, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
accept4(r11, 0x0, 0x0, 0x0)

2m6.714817317s ago: executing program 3 (id=2184):
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000003c0))
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r3 = signalfd(r1, &(0x7f0000000400)={[0x3, 0x8]}, 0x8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="b80000001300e99925bd700000000000fc000000020000000000000000000000ac1e000100000000000000000000000000000000000000000a0030801d0000007885b0a0a2a68a9fbfbab1e3221a05d649eef384b531fe059c6f489eddecb8bbaccc979b3e1a5a0534315a62ffbcb0ae9b4db2a037ef62473d592c1185498095a2c0a5acef1a7057be33a3989dbda308c6f02d37baec675f350fc1349d", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB='\x00'/108], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000080))
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
accept4$phonet_pipe(r3, &(0x7f00000001c0), &(0x7f00000002c0)=0x10, 0x80000)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r7, 0xc0884113, &(0x7f0000000240)={0x1, 0x1ee, 0x200, 0xfffd, 0xffffffffffffffff, 0x200000000000008, 0xfffffffffffffffd, 0x200, 0x4, 0x2c, 0x80000005, 0x1})
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(0xffffffffffffffff, 0xc0884123, &(0x7f0000000bc0)={0x1, "244689261a3365eb47c14247a532ccbd3bf3b29282987c7cc12acb8ae6651cb5e0a3eeda1a7777d2fbd3428a0df873e1d58af8bf70c05fc6c43edcdaa8e7db07", {0xffffffff, 0x1ff}})
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r8, 0x28, 0x1, &(0x7f0000000140)=0xfffffffffffffffe, 0x8)
connect$vsock_stream(r8, &(0x7f0000000080)={0x28, 0x0, 0x2711}, 0x10)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r7, 0xc0984124, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ad0b19196c79eb5})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f00000007c0), 0x1, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000840), 0x6, 0x84000)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000008c0)=[{{&(0x7f0000000480)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)="ae19efaeac1e8e537f4106485c9fb2caea4d1e0fd8bf3456a1988975a0ec644d7580928ab4df1266ffe49d861a51688be16267f2ac1fd121ae085b1bea1e3275b695d24a93b32a673dcb22bcd12a01ee66dcc15198c501e2518a7de72b332f080a51f38e5a053b5586df1584a22935a4afffbe2b6a6c9b491c2a6753a3cd2e59b03bb179a54aa1a4dce33c059f5ed62c5f4d66670f49385f5b7f8020d2e6beb9daf04cba5ee5eeb8849053b32ee20ff1", 0xb0}, {&(0x7f00000006c0)="7733479cd526a30c6991f98739e5d20c17f12f67faccdf98b60d45cd19177bbc8dab52df995dab209295b5309b8f3c0b700ea95e7f6284f229d3b8399812c827e81c404e0c8d0608e852a972e69720939a4bd4c8dc25acf1a98f2f976b4e1b0b1bc3bb60d85a241f1c5f1fdadff8886ce309bc94750bdff59b35f59972d03f64fbc731a69b92bde7a6957de6e7a067b3624e", 0x92}], 0x2, &(0x7f0000000a40)=ANY=[@ANYBLOB="f11c763decf461d5e64ace39b4f1b68602f8f75dd24808526dca24e72c7a2e9044cde546b429039cde2b8a5fb78c9a69fef7845e421671a2febbc25237bc560927600fbc4cc96f457fc3f0593e1893e3e999cffa312751bc6b5faa276ef9b8e6b7ea0a266a8415bba5259d8180eb47ec3bceb61bd588890cdc718bf3528d66f63be34434676d42d1b5997fe5e2928c694f81038cb17dd8590995abdd4c1a7c2a7d964e0d7971a3073af31ba04ae2e6e8dfb3776096c3cb339b684a3f6baaa513b33aa7784a570863677d2cd3918b645ef44dc7124585215067fa34266d9635b856265f1c1b6925cc3a49f1ca31aadf39d0a9d7543f9b880298e9367099516d813cc2d786daf8d5939de4c5bc83932a1a5c76933a027066486ebd148fa85c0393c852ecf6c707abc171e95b36c3fba14552fe7555aa189265563e3fe8e2012d845a4009e075cf2fd6"], 0x10, 0x240440d1}}], 0x1, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020025797a31000000000900010073797a3000000000080005400000001c"], 0xe8}}, 0x0)
socket$inet6(0xa, 0x80000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='net/protocols\x00')

2m5.841155358s ago: executing program 3 (id=2193):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000004c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="05000000010001", 0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/13], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r4 = openat$sw_sync_info(0xffffff9c, &(0x7f0000000080), 0x622040, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f00000000c0)={0x1, {0x6, 0x4, 0xf2, 0x2, 0x0, 0xfc0}})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7, '\x00', r3, 0xffffffffffffffff, 0x1, 0x3}, 0x50)
ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc04c561a, &(0x7f0000000240)={0x1ff, "1c121004b500000000c99afbee2731997682d23872585f37d990e90edc75bd53", 0x1, 0x9, 0x7, 0x80008, 0xa00, 0x8})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r5, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r5, 0x1)
shutdown(r5, 0x0)
poll(&(0x7f0000000000)=[{r5, 0x5208}], 0x1, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6, 0xc80}}, './file0\x00'})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f00002ba000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000bc0)={&(0x7f0000000100)={0x2, 0x2f, @private=0xa010101}, 0x10, &(0x7f00000008c0)=[{&(0x7f00000003c0)="24459d08c06050437bfad491d9ccfb54b25984f2db5ef494d343f2849afc3dc0e3d9812d99e5c96d23c1ce6847c6cf3fad599e524baea47d88f6302e64526b7df51f17", 0x43}, {&(0x7f0000000600)="98a5aeaf00068183ca4aea787e33bd65430a6baedf4caff21bf9402631a9eaff1679f4d80652adcb631cd21e076e521c5ff8d80dcdfdfe9efe197d75b0bdf22364382b37d57c8d2f407991b196993eae0bd06f1ad0dafd9a7b1042c539abaff7287f45e3399506561ebbb17bbcb6950bc9f76b4170c98158dbd05d14237298fb932928f0f7d1d5a9f56695c8888be5f1e43fe15e7a9ccf2505c8e82888fc20d50930b8b945d4caa7600ec3d3fb8737175b62fcbe7f662b541e291563091f029e917ec9556a3a1392f3939474852aac31b631c99aab953d01177041e224edd0c358ecbd3803a60fcfa49ef6bcc2b434a34c1adb9a0c581c63a001a416a7e5ae", 0xff}, {&(0x7f0000000180)="314cc6a41b0cfca7c74bfa3fa05099920191b7d22a", 0x15}, {&(0x7f0000001480)="40433829f3912b4c8abb77a119ce52816acd4064634c08e5dde98b31cf1c6edceb1f941f3eabad50af07fe7f89d1d869a7bebf1b9e037309752b31b50872125141121681ed0cadf0d340bec4d9b135c05ed5e670ee59c9ad53eff8e4af960d1898d255827cd7b0829355ae7b30a77c45bb72e395afa0eb5d3acef55dc0038ae8d0cd2ed8c6ca7f853482d2788cf6081454898f77bfa635c4c460a28c41dbe60f0b9a941334271c571ac12e3a7d1b5a658a1d95ffcfdaff32db27b52c859dbcc756355984c2342fb99bb820c4ff5db1d14c34864a920fdb3328ba1e9698e21b966880c63370f6c4bd851a8ecc254d909c8c5a21ec6c7f663c438d7dba232c4f20ed6453bb9ff094148dd523909e262fe9dcc5351487e825ff8f7c40129e568f365aecfbda4a2cb92ba7ac52d3f79f5b1b368972e0cee3283546df3663d1f44ecd88bfdae71a36a822b87531b239d3bdfcc9bf45d4e73116189fb38c6db7f4ab75e68f7ed17004d2bd855a42a6b013b3df379f40a89edbd0898f6053ad192fc0f9bb6c2fd6b914d91794104b828d017c1b9a67676c86d29befa0045cd01307074ad98d343f6ee7257ba7fdf5a9e36097988ac750291efe1e88998b8bb09258ebb77aae902efa63032823d2f98bd57b035190dfc13e76a77411181655efea052699fad431a61f9b4094ed6d8ee83df9f1de6a6307fe4bcc58c07c0580ba204376a5009579248bfdfd2f91aec8904d16bfe495738e00ec56215daf386b6192b59770cc01b206d7e0d4e33793234fe142f585f31ca02f7d964695c6b3046e3698a00032de6e20cbfcf859820d84526fcd9c151883ff7a38b4c9a9b470485c8c7056fd3f02e93966127da0d41754a63c0976164327f4e21d78eab0a6108b11c21ef09effccbf7e534c2c7f918edfdc7ef29868b77a87ceda2d1e4f42c5c654f4a053be2db0e9557934c36f2f5ec9368248c76520c0fd22993794796aa0e2a540f0792f6ae049cd01ce80b2dd4706bc570e9ea7295e4340cfe6c03ef71830ba8e6064d41fbfb78809f62da893eb8ee1e6f3197a228a4bf04d556004f48ffad0c42408fc79fe773c2567247382ab3ffdd57aa901c3959449fe8a30d85747da4e2d0ade161aeef751341b0fbd15cffd6abf4387e3a5524c4516b314fd9e562abc31fdd95e05b95011264253ccaf54802abbc6342c5a53cbdba031393ce7ffc8a77ebfee897a6c3e9f6bccc8567fd700e683bc5933c2751771218c120d1d1429f2fdcb40d0023e013e0ed6a3915cf9e483b11e3a272871ac8e627c82725ec7f2b1d0cdc021279262a204834fd6c57477ff28b29c1d7e7385d0868f4c6222bbcc802b2ebeaef59f916d276cf51ad3ac4792b8f3cfb0cfab88e8a8d158101331f520eb170859135934fd54a8fd544e429abdbb0b7cfe3c872b3e5aa5e5cdadf0bba1e9ed3df20757cabad873d00702e939dd305bbc93c3ca28953a44efbefe0e5bd156c13224af53c48fac01b353ab50d2b0c9315c6ef6db2d6ef8a82d28d36bbfe770e5dc81b7d6f96ce15647016a2d3f67b523dc43c20db79bde7e03d0d1300ea06e326c34c2d47756d99d61cbeaaf9015be3da383fc096c2af58d29788eeb38939c1a2d2535757cee52f66f49a041630a35f25133eda36e7fd5556b694561671a1b511f6c059792788a5ad6047fe319617f6de3d9a4270d9a57cd2c03470dd1046f7fafdc2067acebe3043021797762088aa14401d6e981aee5121c9c2b5fbe0ab1a992cf7d8f2adc34d450e99ff20d73128480bfd49b270f2a72f8401a14978f5d0fc9aaae25dca5721e14142b76273deab1535eb2057964f26cec3ba8e48f79cea98b27730c972a64bbf6cd0504cbb3e0f5695c82f39393756c40aa6bdb0a61102e067b2dad6337642551c013624da5da8960ff0c03c746c1415b3b9165fd048cbd1f55423949dc0302f2867b112ee41b18332fca561d75e10975b813c5febe209c53bd72f45aa046044a3f478b56f7d623fdd27781ba92a266f30da0cafd95080f5056ed3db494c129221bbec58b23e0507e79c0d07232aac497bd04488a97206df65d45e2c678671f24acdb47f354c0c9b2725237d9ce77f5114e35a26a5fd4ca724740d728908489a479950fe26f28ebd0ba402a1d8c58b747afb191a4de41d2a6a852363e2c927949bdb49214bf41fa2c471d33f66334bf8137d0f7f6526ba85f48fd4372a1d0e787c0e8ef77476c9e5a5bd2fcf540fbbccc09fefb24b7cbe84e7cb6b7f0e83c73c18fec0699c66c8d2c420259ecbedc49f2feb1ce043693187b6856d6bd9fba91495d25ca422d604950e2206bce8421f3c0f094d6e384a54e3ce2838ee6c977945d2108e575c7f07c0b4a99a0635249732d1daa0673c6ddb3a5b5a971ed9ce9e9675e3ae032b2b8e4521364a4d99213c4f9f44bcd66f9554c85404d37264ccf0b8f826d945d49d5c4f1f366b20cbb069098b29813db8f6eedeee8e7ce262bc4e63fb18f99ada05125fe5febaf57fde6f0f3e9dafd29fec14758d551d2a2a8e72fbcc792caf3234b24ab4acf5fd195fabf7d90ca8696833ef1d74cafca1fd96765e0fbaf32ff80f4b0aa36327ef158b3ed84b21fa7fa28f1ff6dd7eafdd82a154ca66bfc0c6e373b4ba82218ddc61a5b34b3dba48495f7d53537db68dffe5eddf15e1d75d80ceee8e7762e6dd03ab00ca7ccf142b54410d7eb71c4efb895334017c0c6f56089c3790faabfd616215b35b73ec8fc124686f5f6f738f7fdd7c7779a34407ff7ac4e4f3db3b1b971b7aedd4425f9c337e4be70d83a954cae81dc95064a740579b18211897c4f976bac075545c3a2476b537ee6298163e8c05353c050d0df3eee0bb2b36cc06669a261c891b7f3df7b8c2fb6afa27ceb9d9f441826080cb1af65200a4f40c118a6c4054d6c7eedc00f1d6213914282f12d95d838b51e6c59d8beda574cf1632a83889996ce78b4169e1991d34b66f7ea0e5a0f76e1576619c102162214c1b9ad02078931e15dfb57fda0ebaf09e1f3fa59570a5994a5f1686db844d7f2017d550f5e42331e5e282e156b2b789648307471e0720b989367b4e1b9fdb0af314644c0e4f890ef0c21bfc11a1754acc88c6177c6ff5dcef6462bcf96d8b3132239fa92e3bcb4116a98e50f842e3f66cba509887710724026a24bc306654408c1ba5b001b32a3cf56f7df4ae8fe57d14e6cffde7e34249bb266cc88bd3343faf1731a034b139cc6ed6e7ae6b1b4e86558226ad7573e4bb1f9162dbfae3fe89a02b5e090773258dd1ffc577f165f7657d4810f4fcc10d458fc015a556d6737d88236e8a33a51dec94dd0046db34e49453bd94af8a9b35d7c0d2943af4bbae3f849c6e29a6558f567d5414116ea01d86a6c970b80a4af70609d248e21f1c437d4b42cc25a2aed04181236bcee043b82c8ca4d2d202e37a999ff59d86114ec1f28407e62f3633825f81c45875bdbe2eeb01c093041990e0edc96781ecc3051529f55eba43e3de05a9282d2ebaf658eaee94bfda2d9904299a66f870dbe1c721627ddf913dac3271d190d18e40008173c2f7985a913954e72ba901cec3fd4ac78667c0d421600d96adcda7b63decf43293af22a6b18db138b37fb2eed7292ff0326190adbdc8f061c8fd6f2d965a46db0c0d597028e1253c85e289302d1319971ffd324197afcd4661a1c9f48c6a8eb4d6059e51ea9f78d112e992d0ff2786601b606a242ec5a71451570eda5d0df016a8675356482de7d7ffe7387f0a737f550192c853dd085f21cef4e5d33ac8404557956a659583263a222846b0e7ac95b88742cf4d1b5b9c406224d15f7f1f3e83885202b8cbd02da1a7d5f36068972fef7af69c90b38cacaf06bd8ed76beb7e05b34935045fc499774ff84eb3fa3f33c81af67a10c001cc461f8ce9e9d79e994085e57516bf34ccebfb080c2fa9efdb8c66e76bd458e0c263e7fdc50de0757295840f2dd8408155ea86123054afab782574b74ecbc4ed48f24f5d0e13d71a0d266cfcc239252ec0146433222b6dfcae875717a30981dc1b5231e5508deeacf886ac06bd30397af21701980e82805f9ece63ed474e96abd9353ff9c1413c1a661cb59d87179992ba5233f2b9ead5410c79c6c3c55c6dbb5365a9efbcb060706ad4c259b3cd50ae05a4b19f0a8b3a113bbddd8b03f4993a9112cf0f388d8c2c813a1c34d76ed7a691741134c91c543acd6e1824c03c5f116f841efbea04df18a4b696446754ab0e83b2b8d8f670f6783eeb4106055aa70e94db0863540d944df76054bfd94c23a38c65d6051a6ffb16608bc49ddba45cf2c72c7dcf5081ed681eb68e278a7fede9d1a02d4f8fa1c0e59a9c8ae2c971cc2e86ff02b330eb4b088656ca34916c64d916d35947dde9f59e4b7f944c8dffd5579091a545b1722bef70718eff624432d6b3470b43a4247b29647efe6cdade903711afd4a95e4c7f7492326d8683f8cc47d48cb4f2e8a86a5c1aa87e563b44d099f4735fa32050351c1c08771043ee3d82e7d958232fd9c37a078ac2049b4b7d2df477467b8396f5b8c601c36becfe84020bb3fc61d027b5128c9c9a765906347ecaf2cb101f261a445165d56b7b086a46f95f6b577af4784e6db6596e98445d0a3052b79ebc313936cd9680bb6baaeddd38b6f35f244baa3a068ea313fce4a7cff3ee8ab754998f29a9e8edc75697747a946ef2612fc9191d4789ad2ac84e0c9a98d86dbc16eb9d4eeb4de5cfe7193655a5d6f741673b1a8ec0915d3455516e312f36504321a5789eeed16509634d34a2339ba9b1656b61f77bd768eac3bb34f53a9b34c0419499fdcef88e2c352b6fe611a7b204fe0de7f7aa06f9bc5258e6054a13d9b306cfc2778287a5408f607390be68a671ce8e5ce39373102a19c5ba58d529cea8b11e86bc00a3818f34c4c67f34f60f550e03e6948729ff0aba739a6d474bbdcda30c422b2f423a218df2a8fed10ee5850ae46726ce28399ac7e8b3bdbc933f1807db74e32330000d2bf8e262aee1e1c229e64264e49b1194a004d58ee007c62beca0783b6412b37a82c49b3934052343c3b8d44c97c20dae03a5b8d40eb36aec75fee1cdd3edce147f635c805d41b1642d0d53cc2a3c53eb1a8e17db20ae4a5b4f0b7911ef254126707904fa97053b7ab32ccbd92aa36f30adb03ffbceb15b0a3352c370ae09fee36ab1a506a567dab462127a348a49db57ae0159f6e5145af2e049067e5e644b8b18c731fce8a35ba79cfc6e1de716c4334054b8143253ae67e3ea7dcd652262827e5cac6d9fe06d72cd2c47eb3b0f106c6dd50bd81f19af5d918d8878c6e4b072f386cb6ee9fc3e96760d685cc3ad9865666e8cad6220a205e54ff0832f35387d79056bab9704c66ee1cb557c7df534ab58a916d6d9f56d75591faf1866b8070e833406e142ec69965391c304c80e991c80c743662c0f253269edfd25b27d3d88b66dfca2236a0ad5e0ee4d4f842d4c6658dc6d8ce314e07d9556341162bae7bf86086b509223fd7ea6f9357f9092494e1b183908e921bc9004425665c2187ab5c8223ad46ac1128ac35c600b0a5b34c721675c3def1313f1a00f5165727009b270d456ffcdec65c23e0ad7d71fab9890ec86f8513338f68d5d059b4cef5c2027707506fbafec1513c345e1f994ce1d364db351e6f8d4a0af07672a06e3c92b5597cdcb1d8fd11ead5b8975228fb09102dbd99c1582b3bf45564874ead468fe27d5d9ff4b0618a26094323393f64f6f5243235e40c555ad777d6887562fff7479701f1", 0x1000}, {&(0x7f0000000700)="94a6b894fa4263255b2b1721d915e3cf0ba0ca295bcf2570220271f29b6146511942016d104bb4dec07f5616a1ba945628202a155d1608f942a785f4b3f1c6ec4d70a63e7bb28bc844f87b46b875b58585fda2f1f249982540ccc02a6516d0e0c658048d89eee37cfb67e6b71063987c5bd8889a52a33e8d87fb42a7df7a98fa07740fef3db8ba1c66b244088bf87ae1847b4cda71cb6fc60d21909e1719f566eb3b9aa18eeb5f04e8ccde7b070c5ad0ae6586686c6800393b177e7e2b9f74ed38912b1819ba440bf20c956e1b", 0xcd}, {&(0x7f0000000340)="ad3fee661f7c396cb4bb9da0dd674b8ee6b4c31b4566bf1a89c3e8c8de", 0x1d}], 0x6, &(0x7f0000000a80)=[@ip_tos_u8={{0xd, 0x0, 0x1, 0x1}}, @ip_retopts={{0xa4, 0x0, 0x7, {[@ssrr={0x89, 0x17, 0x98, [@broadcast, @multicast1, @remote, @dev={0xac, 0x14, 0x14, 0x34}, @rand_addr=0x64010102]}, @timestamp_prespec={0x44, 0x2c, 0x13, 0x3, 0x6, [{@loopback, 0x10}, {@remote, 0x6}, {@loopback, 0x8}, {@local}, {@empty, 0x8}]}, @lsrr={0x83, 0x1f, 0xae, [@rand_addr=0x64010102, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @multicast1, @empty, @private=0xa010100]}, @ssrr={0x89, 0x27, 0x4f, [@multicast2, @broadcast, @loopback, @multicast2, @multicast1, @private=0xa010101, @private=0xa010101, @loopback, @private=0xa010102]}, @timestamp_prespec={0x44, 0xc, 0x2d, 0x3, 0x1, [{@multicast2, 0x4}]}]}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @loopback}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0xa}}, @ip_pktinfo={{0x18, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @ip_pktinfo={{0x18, 0x0, 0x8, {r2, @remote, @loopback}}}], 0x10c}, 0x4050)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

2m5.500944017s ago: executing program 3 (id=2194):
socket(0x10, 0x3, 0x0)
r0 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x30, r0, 0x1, 0x70bd2d, 0x0, {}, [@NLBL_CIPSOV4_A_MTYPE={0x0, 0x2, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x80}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x30}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x293900a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x102)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f00000002c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

2m5.468612984s ago: executing program 3 (id=2195):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='contention_begin\x00', r0, 0x0, 0x53c}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000000b010400000000000000000700000608000240000000040400034000000073797a3100000000d40cc4200c03ffaec7f54e3e23331ab8a55196a1e4024553d154323670b2"], 0x38}, 0x1, 0x0, 0x0, 0x20048040}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='contention_begin\x00', r0, 0x0, 0x53c}, 0x18) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFNL_MSG_COMPAT_GET(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000000b010400000000000000000700000608000240000000040400034000000073797a3100000000d40cc4200c03ffaec7f54e3e23331ab8a55196a1e4024553d154323670b2"], 0x38}, 0x1, 0x0, 0x0, 0x20048040}, 0x4000) (async)

2m5.25149887s ago: executing program 3 (id=2196):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
getdents(r0, &(0x7f0000000240)=""/43, 0x2b)
getdents(r0, 0xffffffffffffffff, 0x5a)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0x41, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000001340))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x8, 0xfffffffffffffffc, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000440)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@loopback}, 0x0, @in=@multicast1}}, &(0x7f00000006c0)=0xe4)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000501, r6, &(0x7f0000000700))
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100280000000000000004000000200001800d0001007564703a73797a32"], 0x34}}, 0x4040)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
getpid()

2m5.249887193s ago: executing program 34 (id=2196):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
getdents(r0, &(0x7f0000000240)=""/43, 0x2b)
getdents(r0, 0xffffffffffffffff, 0x5a)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0x41, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000001340))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x8, 0xfffffffffffffffc, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000440)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@loopback}, 0x0, @in=@multicast1}}, &(0x7f00000006c0)=0xe4)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000501, r6, &(0x7f0000000700))
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100280000000000000004000000200001800d0001007564703a73797a32"], 0x34}}, 0x4040)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
getpid()

53.707707671s ago: executing program 2 (id=2715):
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8)
sendmsg$nl_route(r6, 0x0, 0x804)
ppoll(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0xfff}, 0x38)
syz_open_pts(0xffffffffffffffff, 0x121500)
write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

52.58462262s ago: executing program 2 (id=2719):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00357428bd7000fed3df2502000000", @ANYRES32, @ANYBLOB="4e0a45bf0a0001000180c2000001"], 0x30}}, 0x80c0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'lo\x00'})
sendmsg$nl_route(r2, 0x0, 0x4000004)

52.522404682s ago: executing program 2 (id=2720):
syz_init_net_socket$x25(0x9, 0x5, 0x0)

52.521698813s ago: executing program 2 (id=2721):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='illinois\x00', 0x9)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r2 = getpgrp(0xffffffffffffffff)
r3 = gettid()
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@mpls_getroute={0x28, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_MULTIPATH={0xc, 0x9, {0x0, 0x1c, 0x8}}]}, 0x28}}, 0x0)
rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000780)={0x11, 0x0, 0x80})
sched_setattr(r3, &(0x7f00000001c0)={0x38, 0x6, 0x1000004c, 0x47d90f25, 0x1ffffd, 0x9b9, 0x5, 0x6e, 0x0, 0x81}, 0x0)

51.691899245s ago: executing program 2 (id=2730):
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc00c6419, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=""/44, &(0x7f0000000180)=[{0x7d, 0xe9, 0x3ff, &(0x7f0000000080)=""/233}]})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x1, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)={0x0, <r0=>0x0})
capset(&(0x7f0000000040)={0x20071026, r0}, &(0x7f0000000500)={0xec56, 0x9, 0x0, 0xd, 0x7, 0xe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
read(r4, &(0x7f0000000280)=""/149, 0x95)
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x89, 0x0, 0x0, 0xa5, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$qat_adf_ctl(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOCTL_GET_NUM_DEVICES(r5, 0x40046104, &(0x7f0000000540))
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x2c, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x0, 0x4}, {}, {0xfff2}}, [@TCA_CHAIN={0x8, 0xb, 0xfffffffe}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)

51.422577637s ago: executing program 2 (id=2731):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105000001220500090581030002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005f8bfa40991152683457010203010902120001"], 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x0)
read$hidraw(r2, &(0x7f0000002340)=""/147, 0x93)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000140)='g')

51.405082538s ago: executing program 35 (id=2731):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105000001220500090581030002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005f8bfa40991152683457010203010902120001"], 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x0)
read$hidraw(r2, &(0x7f0000002340)=""/147, 0x93)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000140)='g')

28.903862037s ago: executing program 5 (id=2913):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000540)={'bond_slave_1\x00', <r3=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x11, 0x6, @random}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x22, r3, {0x0, 0x5}, {0x0, 0xa}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

28.846011978s ago: executing program 5 (id=2914):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00357428bd7000fed3df2502000000", @ANYRES32, @ANYBLOB="4e0a45bf0a0001000180c2000001"], 0x30}}, 0x80c0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'lo\x00'})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00010600bd7000fedbdf2502000000", @ANYBLOB="8000000b"], 0x30}}, 0x4000004)

28.773260157s ago: executing program 5 (id=2915):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000180)=0xffffffff, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback={0xe000000}, 0x23}, 0x1c)

28.772421091s ago: executing program 5 (id=2916):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x431, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x7453c}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4f, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004805}, 0xc080) (async)
capset(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000100)={0x708, 0x7, 0xfffffff6, 0x58, 0x4, 0x7}) (async)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x40000032, r0, 0x0) (async)
chdir(&(0x7f0000000080)='./file1\x00') (async)
r4 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r4, 0x0)
setpgid(0x0, r4) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x6}, 0x48) (async)
socket(0x1d, 0x2, 0x6)
socket(0x1, 0x1, 0x0) (async)
epoll_create(0x9) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x240303, 0x0) (async)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000440), 0x2) (async)
memfd_create(&(0x7f00000009c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3) (async)
memfd_create(&(0x7f0000000140)='\x00', 0x1) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x5, 0x0)
socket(0x400000000010, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
r5 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r6], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)})

28.772164061s ago: executing program 5 (id=2917):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x102)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f00000002c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

28.493900712s ago: executing program 5 (id=2918):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x3a0af83a)
r1 = openat$vnet(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r2 = eventfd2(0x1, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x2, r2}) (async)
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80) (async)
shutdown(r0, 0x1)
listen(r0, 0x1e)
shutdown(r0, 0x0)

28.493791332s ago: executing program 36 (id=2918):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0x3a0af83a)
r1 = openat$vnet(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r2 = eventfd2(0x1, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x2, r2}) (async)
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80) (async)
shutdown(r0, 0x1)
listen(r0, 0x1e)
shutdown(r0, 0x0)

3.776635652s ago: executing program 1 (id=3063):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = socket$inet(0x2, 0x800, 0x0)
bind$inet(r2, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, 0x0, 0x20020c0)
sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x401003}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002fc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9e09000000000000000a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a42a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a175e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436c101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521b3ebb0cc52f49129b204eb99b6150e320c9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d255be1ed66d9051f22614d1f62734d6780393e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f231200743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069fbff63a06578d6d184f5de7bfb6aa800016996d536256c02294cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e7005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e47dfa82caed44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1bfeb51f5c65a907f2217d5f80c580dc31b0963ff953ce09148e8dfe3a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e97c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20ab2b5baa1b07b16e81f278e54a479f1a068658e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce798c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f7c6294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b13287615b972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0590000130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80c4014ff11d9dbceba41d8dfce410333a054e82b1d050331c5bc4acb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6b93d28db8ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a82632ff3a9a48ff805202ae9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dae1028d1bc68b6336eb1a5d18f6148354df7e60a489dc543ccdee1fff9d8f8d78844f0c6a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d6410000000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2cea0d6269ffc8580a01e9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168eabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2835d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95bad8f8ed85cd5b03a7352a0fb83398566d1bc133582ce2d95636cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef47b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c32f5fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538bccd48a0325aa9b151855c800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b3145bf54a851f3c08931d4c2c32bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c929e7de4e9620000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da208e9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45a4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d50270a1deec1a6d7441d0b5b8d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656db528f81f6a9465d2c94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be1881000000000000006fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bb24ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855c5c95ef5c83b18b23517ca935a0fa1b630d70c4ca4029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17e0000815a42318151feaad37f7abf9bfa0bcac3c1934854b3f6dc6de835952ebdda297dd3b29c07c69888cf029271449e035edc8a4459705f222bda537481e66ce3c665129f9829524eca8b5bef27adde96bd3ee95da4a176deff3408da050fe8d512e5a19379b403ee11d010bf86d0af4ac5c2057709b18cff438d0d58810670b222dfeb317bb935f925d2a070e68a701fd4316a677bb513c9476f25969097c165ca1705473341ea03f259dc5bee6a2d2e05176965192941abfae36b3a1e30784e6532c96ab971c5706a88b6f66860e31098b5b788788aad67507ffab2184a950065c1337259b63135fa060fc5ce3e4f6cdfb64f40e1a90351a01fd3d70f9dde03c335a931e58b8570316590ae22c7de567260849049e963ee15db15f592abb24111a219f0d128ceaf19764d92755abc9c313f65e7a220e64bb0d7139ce59da85bc710cea0c6553b336763bd3e39c2374b86885a32cdfae817196a7850257ead09f3e30e676b51062bb9000000000000000000000000000000000000000000000000000000aefb12dd3507c8dd24490bf9de062cd166a4dad6b9f2e53bad342546e546f6dece81d53cf717bd91ad72f4da82018f43259899e53e0b69a92180f1345699045fd23689e66d21d13b"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r4, 0x0, 0xe40, 0xfffffe6d, &(0x7f0000000100)="5c71f91b05c413550230b4c817a628", 0x0, 0x1, 0x0, 0x302, 0x0, &(0x7f0000000180)='\x00', 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x26, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @call={0x85, 0x0, 0x0, 0x1c}, @ldst={0x2, 0x3, 0x3, 0x8, 0x5, 0x6, 0xfffffffffffffff8}, @jmp={0x5, 0x0, 0x1, 0x0, 0xa, 0x18, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40010)

3.657613004s ago: executing program 7 (id=3065):
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r4 = dup(0xffffffffffffffff)
ioctl$SCSI_IOCTL_DOORUNLOCK(r4, 0x5381)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r6)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x30, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1ff}]}, 0x30}}, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000c80)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffc]}})
dup(r5)
r8 = socket(0x8000000010, 0x2, 0x0)
write(r8, &(0x7f00000002c0)="7e0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5b", 0x7e)
r9 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r9, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r9, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
syz_emit_ethernet(0x52, &(0x7f00000000c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fbff00", 0x1c, 0x2c, 0x0, @remote, @local, {[@routing={0x3a, 0x0, 0x0, 0xe}], {{0x8000, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

3.65256722s ago: executing program 6 (id=3066):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000200)="b700000006006000000000f1dd0fccd5de", 0x11}, {&(0x7f0000000540)="37a8a6c41ef711513a5554633f6ecf2512425af281e4", 0x16}], 0x3)

3.570496427s ago: executing program 6 (id=3067):
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

3.503738683s ago: executing program 6 (id=3068):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
fcntl$setstatus(r2, 0x4, 0x2000)
syz_usb_disconnect(r1)
close_range(r0, 0xffffffffffffffff, 0x0)

3.490425055s ago: executing program 1 (id=3069):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000600)={@local, @local, @val={@void, {0x8100, 0x2, 0x1, 0x1}}, {@ipv4={0x8100, @tcp={{0x5, 0x4, 0x2, 0x2e, 0x28, 0x65, 0x0, 0x10, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast2}, {{0x4e24, 0x4e20, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0xfffe, 0x0, 0x57}}}}}}, 0x0)
r1 = socket$kcm(0x2d, 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000000)=0x482, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@private2, @in=@multicast2, 0x0, 0xfff7, 0x1, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x400000000, 0x800, 0x0, 0x7fffffffffffffff, 0x0, 0xffffffff}, {0x0, 0x0, 0x1}, 0x0, 0x4, 0x0, 0x0, 0x1, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x30}, 0xffffffff, 0x62}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x3507, 0x0, 0x3, 0x0, 0xfffffffe, 0x4000000}}, 0xe4)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8d})
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f0000000300)={0x2, 0x0, @ioapic={0xeeee0000, 0x8, 0xba2, 0x8c5f, 0x0, [{0x46, 0x8, 0x1}, {0x2, 0x29, 0x6, '\x00', 0xf8}, {0x60, 0x3, 0x0, '\x00', 0xbd}, {0x7, 0x4, 0x9, '\x00', 0xd}, {0x5, 0x4, 0x4, '\x00', 0x5}, {0x3, 0x40, 0x71, '\x00', 0x2}, {0x7, 0x7, 0xfd, '\x00', 0xf9}, {0x7, 0xc5, 0x1, '\x00', 0x5}, {0x7, 0xfb, 0x3, '\x00', 0x2}, {0xfe, 0x1, 0x6, '\x00', 0x4}, {0x1, 0x4e, 0x0, '\x00', 0x2}, {0x9, 0x30, 0x5, '\x00', 0x3}, {0xfa, 0x0, 0x8, '\x00', 0x7}, {0x80, 0x2, 0x80, '\x00', 0x4}, {0x1, 0x8, 0x3, '\x00', 0x6}, {0x7, 0xf1, 0x6, '\x00', 0x4}, {0x2, 0x7, 0x8, '\x00', 0x3}, {0x4, 0x6, 0x9, '\x00', 0x48}, {0x90, 0x0, 0x81, '\x00', 0x6}, {0xa, 0xff, 0x5}, {0x0, 0x4, 0x3, '\x00', 0x6a}, {0x7, 0x35, 0x7a, '\x00', 0x7}, {0x4, 0x7, 0x5, '\x00', 0xf}, {0x8, 0x2, 0x62, '\x00', 0x1}]}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000440)=@delneigh={0x1c, 0x1d, 0x100, 0x70bd27, 0x25dfdbfc, {0x1c, 0x0, 0x0, 0x0, 0x1, 0x9a, 0x6}}, 0x1c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_opts(r5, 0x0, 0x480, 0x0, 0x0) (async)
setsockopt$inet_opts(r5, 0x0, 0x480, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782", 0xc}], 0x1}, 0x0) (async)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e81f782", 0xc}], 0x1}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0700000004000000080000000b00000000000000", @ANYRES32, @ANYBLOB="ffffffff00000000000000000000040000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000)) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000))
socket$kcm(0x10, 0x2, 0x0) (async)
r7 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r8 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

3.35482632s ago: executing program 1 (id=3070):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0x81, &(0x7f0000000880)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6f, 0x3, 0x1, 0x8d, 0x50, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x9ea, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0xe, 0x2, 0x5, 0xa}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x6, 0x3, 0x6, 0xc5}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0xff, 0x61, 0x8, {0x7, 0x25, 0x1, 0x1, 0x2, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0xf8, 0xf9, 0xd5, {0x7, 0x25, 0x1, 0x83, 0x8, 0xf}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000c40)={0x10, &(0x7f0000000b00)={0x40, 0x8}, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f0000004240)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r2, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0xad, &(0x7f00000002c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xb4, 0x8, 0x8, &(0x7f0000000380)}}, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000680)={0x0, r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1f, 0xc, &(0x7f0000000b40)=ANY=[@ANYRES64=0x0, @ANYRESOCT=r2, @ANYRESHEX=r2, @ANYBLOB="e3d9de66577a667fa5c3554bce01c1e61444a9d9b428053a2bcebe772bc76c316b8612ec9c041e33a4db0073570bcfb5ea1763415cdc5ed27f7d83e4557b3f61cc2b27ef153ce2cba1ec76ede78c9c59aa8c5482d866262b70a45dfd20232c74680daf8dc49d674bd8ddcdd42ee57d2991176f5c57782a5a1b741ee31ea7ac85f9a994b417fa7ce31cb018a26843b7868a08a29a1bd5243eb50000681346ed6077d8a91c38f1e7aeb64dc14107605efc69ffd6d14fe78cbd754ebc684f1265f6f2b9fa6b7383419571696a14ca4b6ffc7a9db007bf367aca9622970f64de22f256e0ed1068940a74968562743c856fca5705c9ce42280df434c1d07ce5a5c68310c8127c104ec6062eef7bf57a2922d2c38d4173e003e7b8855732172a819707c260ffb8af4cd744157566868fdb2b62d5f87dc9fec975c5f40cfa2032c8ea98762d5469a887c8f8558a25dadde799f95b4071035f03f54561c3b79ea5e4569d939ad5ee7985f4edbe0a79904a22a33584b80ca14293ed4f41cfb1aeebe285b906f085ffb7f1bcac70daca043c869db2e51d8c235b4dffac7bcf6c3d5e800805497181a3f8275cb1eea46ab08c27721f9a0a3bf492574cd1edda7d3ca00eff026b0c7da1a58a784fbb12adf86d7471171f2ae3f45d4ff4f8a208f60b90b392a7cb7bc155fa8690b29ac28922d080b39156c09bac84368a3137be73cf22128e466205efbf1c1d9bbdb2e219b0fba78748fa5059685bd5ffba5a0a51b23fbf59a9eef6520ae5c38bc1ee3fd40869f20bfb67aea5a6046a01ef83e375727815cad734d57ec5fec37eac70367efef5de02c41c12c76e3ae7c6d2f157cfa1c3b06d7dd33aa6c87dc5829a09b60e859f67cb6ae23c7389167fc020bb7c81a457b6540ebc97a4a8a561c7922b424308b9bb1f626ce531e1dc16c43b29f3be20807be769de0d0ca2603d19a198f1bd53cafad9b2929ef45a091f52cd554ca28ad3b99cda2c49970091faa324aebbaeab211d379019da68d419d0e494c4daf6cc9f1afa6bc1b4dffaefda3210a9baaa5f4e473a1cb06e15dd2a1ec445b29b2b9c68bde02a6affdcd49e6be5407ef9007a2f800ff84638d63ea7a8da110b6e4b69c2609d7a02f4bbccec9d6a7024c51f1bfdaebcd3469ffe12415f8e22e3864e38e78ce561dc55be0d3b0ede9774e658b1f7e7e022dcfda3c0ed0bb8b36d40b363a4bc62138c2f8fd7bc01edf5c26d4d4acae683310a14ad86cb657d08f23bce3906376e8dcae1f523d6eec3d69522031180831829073a60a3711a27bc9f266275d1a454958fc14eda69a50e19c54fce9b071a7543aa4f106ba555827a644f90623820986c4c678c6de0fe0c10d7cedcecad77ef209238ebda937f4ae5f4606a9a8da7d73d809fd91fc6d57c556e8edf32523dcde0894dd73a48ee86ade015f809df574d838e32110e0487d0b3ea1c4bb7c4dadd7b35a6f36f2cea3dd31afc36a0882e837a04c4da7cc91ff89623b966b9dd3478bda4e5e9181be0950c781bd0afcf9056884f08f4f898d11128e46ca81fb89a1e3b2178024243c5401655e8b57ac3852e4227cbbdc0dd89c86a9587f0ae0b2b055c63e597eaadbbbb48ff141f8c09238f72275d1e924a57266c48c644372c1233d63b6f88fa8ed7dd47b90a947b264b5b4cfe85005e67f0c698f31e245854d46970a8572f89c12f77007195f0924c7597497d50178e3128f08b3173d530c9038b7ba9c0f1a3eda01fc88d597334a20186acb837e0903b5b11752737692455ad0a4422b280b6368b11a6492caf60ae3aa7abed96f0377861901e9f9d69c204b909df21828c1b2e575425ff8da71f7060b509c4cca68569cf0feb8fc9a758bdc0bf9c546d98f34caeb3bd70198606d4d79f397184e0d8f34ef13fc7237a1ff609ad06f664e51f175d17c4c30f0910dd99c5883bfe4ca0ae2906bf0f5663e4fbd37e747afe0a6469b89ad4d9e1f0b30fa8a507501eb28387182ce00e1f301d3bc6f7d611266f5ff2d8790af296fe2bc411740f2cfa7cc3096d6f522d11bc8c62076d384aa245ee6a20a434d8a681c914b6e7f69f372fec8aae243a6dbedfba78cfa6a25d2ad7e3f3ae31e2c700addc683891565d9fe3c791b077b4eb906af3b7bb2a8de618db52ab6318b19b8aad3ac9a9439a05718ce95b44a4d7f517c8b77a247d51fafe02968dfbdcf56e2f00a1e39c265647aef06d1a3a672cf4db79549760814842b0a73a05b4b5044cfa6435ff95fd403c2e8d5fc9c903224c504cd944a1b7298748be28c779fbd154bf2c5a76438c3c390873eaa7e71002e10fc6cdebba14fa2e2f6d788bebfc21bb45f6eb137e4d8238547ad383624fbd8e409acee787664aed3a37ce641d25a4fbdeceffae914e46de061e083104015d769ab6b7c6e24d96872e3cc0894a83c53be28c80119049950407622377338a39bbc9558df41a124bdb3722dca746f7244e8d4be9dd0842cdff7cbd223a1a1a79a90b37d9ef9b0fcdc5e599729f6ff830bf7f0b913e12082913e676424372fb0bcfc0e2010f321aebf135fa4e19d345166de5aa142c126dfba2128c33bf7d860e684360caa46e18d0163951dd0d3902f58567101c561d0c39802340e396172add3bb51fbae20ad920f3bce4c3eadb6f4c4ffbb0fb13ec4da5bf7780378a57989b6fbe8131148023aebfc524a141fc0d108f892f372ea1c4d9c7d5b4d7489ad78bea639db4acd21ba2f0d148c782371fc0d715476ea587c0d8cfcd132a1c555cecc875fec5085c9844abc426366549c8c56c80ab93518c6b8894d4ceeae98f09931b9ec788539005c4930e6bcbdc1107641bab7d64369a21636a8ebba9f5d32605447eaa86afd5de53f36fdcaffbb4240c10a837fceb63ab3bc742a9a3df0ec225427b0b6e99ac4b52cc58d4e162e7a6d4b25189f7b8f628ba22202185fd3e0db2d44da022e4d2b4cb267af580e1f0604e0e1620c80236c4756ffa01e38e85eeee85f05ac7d781abf3525b76eb46aec8c567e8f0e86325a4df927fa640088fb3656418b22a20913d48a3c10e0d32664c06cb6f5f64ce3ad66b5caf323edca92801ec09ddc798b0e906896e0fba8cfe9f23854f999d49aa1257d17d311290855a6b1024ee8b105db148208df6daa41827b1acf5d075099598d14c1eaecd1e754caad5334e974e668799b7024c59d5e6b1c5d91189da06a0123e190ee2ef2d2bcf96a4b57a64eb9ce50f9da15d1fc71a7821e4137d5918fe1bbd5a12770eb3fc119ba7c75ffdde38f9336a030333ed63d4fd08cefb1dfee2414f592e7c4c14ed21629d07de7e11ca4204f144fdc9cbf4635b4020367e2b26a0b447e39c309afc6a0a5946ef0f6311038a5b096da05287b5ae6d918299dae0aabed9c99db95e42b997864ae9ff1b7e1195148dcebf134da5204b0e2cdf3c8d8de05a30f4cd8bb874b54a2b3904d3e60aeda4ad8d4078df9ead68fc2534e5a4ea6a29ca52a5d1b6dbdad8a4097ba722ca0514b6401cee00d2a966c02002775d0270c0a1c480323cb4966f2d26e4f52c43579770c0f0c92b86db33056a7d38123f4e6f6cda95f4ad719c2976c536ad2243030f62d665264ceba7abec231fecac74b4ddb0cc7a7524074197e2d886b5b142c6818049dc577cc27e1b525ab18949c18e0738eeedc3f7f6ef9bd0564ead03a7d55ec5fa585d1c523c0d1b6c1419332eac93adeef29cf1faa7daeaa6e653097a9424249297e4be097bb29042da720f4dcacd04ac4caf15adf72a79ff1b4525327617aeaa00a104166be80f41a2f6443933b63612cbfe20007a6dec3111b1f158b35b50b1d6bdec0783cc6bf43c3a975c7ae8a5911cc567cd249dc3c4fcb590973dc5a0b69853997b43c2c88d6da14b015c85baf649aba16637c119eb4093b5a5a632ceaff6e67f437f06cf92f41fcc98a007caaf9c99f12d72e411cc022e2219c9bd7e26669393d0f7ebc2140fe0c07a1480417567ea80b7fbcb9977337d9df49542d38b71929cd5b3366757e11b4d828fe5304d6852a32698b169eaa81711e379905492c4d474bccf0025aa5defc041c1e441b428832db2f6f2888058b1ff42cc4ef0cdb50c1512deba5744bfe56ec7d5a79b324694f559b042128e21126c43b7ced13899af8312b5c52597fefe86758ca593fbbeedc366b473c68e536d38492b78b3ffddbf617c409ba46a5c3852a5a096f7804bd328f660c9bb7a584e3e22b7835546e3a37b153bb51f5c9edc604f7106635914da0d31028dacc7a8ebb2e116e9547a099651c1b246eef827cd209600d6279b3aaf5b358eab40d466da2aba3c4e940a287c389f966f0a45b1a7188c43940f24f71c6e6ea89cf43ebb31aac68fcac15d6367bd2a1ebceb9bef91800eb5370753beae473345e15c4c4d0e5fa51affa5201793d97f599d1ce722bb575f53e56bea87714510e546c65b588032c45123baa6db756fd45de215a76c0425b4207c1b6a42da1356a9c193def97027344855f07889c3577375039dc3186bd4fa4bf0bcbefb91a672ae861c744502a55cd351a0ec59da3fff74cfdfdba8869be4dcd867a69cceba09562b418bbd66b3e6cac5298f650adca4a8f10c95ed679c08efbc2fa2f5f9517240b5b53ba1c40fd76620b063fb19f1781912cf4ebeed24e6974cfc1f782a97cc2f9e7700aa1926d3f15087fd5926b7de01f99f7d0ffe37a4a2e2dfb1d08f495c3d593306fa423f5552e34ba8789198b131712961df0733074c49c10a0905cef4eb38a72b2fa536264083e6fe3a3ef1c73a1573516b19a600ace4af42ba09c14b646b691f1545d4211dd20cd17d1b423dfba75ad53b18fa4744939821905c2d6aa0f75a49250af9bbf6f3088cfddfb0c78c111974fa47f2b61978a358ca2de9ef25dfed46db294f4d8ba08381926f4d7673d4307964064466401406c96f868d36f1fc4f378ca7c96732cda51cb2b1e198c3ad6f00702c2d888d65f76f245a648ce6bb7f2da859aa54d6c0f4c951790c0738664cb339283a9c7dfa1b6f51be80a5ebe0a022bcf6364f5e4b4cd9dfdaa6d767d308d439fcbfc76ae9d0d3d0811c17a8bd73f7cb4d20ee28f728c3554ba584125db6d2e35b92b05cb53d5f8385c29b3fde39d24d92e94af1a0c4cba15ac6803bda30cff9503b36fd681f20ae95747f727ae9d92c95d3e34e41eed7bef2a857ba6eb01bc62ed117b52df604eeec89ebd9efe51607e6de891206f0fc894e864c268c934adaa619aef2fe46c73a4512f5a8e95d66825aec0db6bf99baeca4ac438c41c610013289a233f68a0bf2d87f33bc3a2f89f996ca958afabae13ede5bea1907a4bc3cb25be9e44e38e8f6c6088b59568c6971976176de7edd81337cceda8f847e98987d54f645937fef5af8ebba8d55da92b5de840dee1de6744a91bef575cbbc49a957db1328c5f1e8a899e3fc02a95ec63bece3898c937936dead26c509b452615f675510aa57991ebca6bee639c7985897f332f9d00c19387974fedcad0e2df7bf71798096edbf3cf53826f51eb3dadbe820242c87856578476574767912f8f8d7633a76c52df3bf67084ee6b1ee75ab5e058323fa00d56f95879eba5c0351c51e3bee2bd3d311f90157437284ceb7c3ef11cc5932d8fc80052c0c4c0b1b3bc880295a99f1660253c4adef11aef660db55d553a67440c8082635157bdb17106ba1f4de0f28231b4b3d6c49fbe27451cac7366d52ddedda36c7a68d959d73cb86b0634e7bee81d7a8ae1d6bf4b97dca59c1e8cadf96c814125fa86e5f8ebdce3f99f945c421", @ANYRES64=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
pipe2(&(0x7f0000000140), 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2.809146959s ago: executing program 7 (id=3072):
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0xfffffff0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
fcntl$addseals(r0, 0x409, 0xd)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRESHEX=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000380)={0x50, 0x0, r4, {0x7, 0x28, 0x0, 0x40488060, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x24522716a989086f, 0xfffffffc}}, 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r5}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
setpriority(0x0, 0x0, 0x10000)
mkdir(0x0, 0x18a)
syz_open_procfs(0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

2.266084607s ago: executing program 8 (id=3077):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r3, &(0x7f0000002fc0)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0x1, @dev={0xfe, 0x80, '\x00', 0x34}, 0x9}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000005c0)="05", 0x1}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x4e22, 0x0, @remote, 0x200}, 0x1c, &(0x7f0000000b00)=[{&(0x7f00000006c0)="02", 0x1}], 0x1}}], 0x2, 0x40c5)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x20}}, 0x0)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TCGETS2(r5, 0x802c542a, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r6, 0x0, 0x0, 0x0, {0x1009}})
io_uring_enter(0xffffffffffffffff, 0x29ed, 0x8a24, 0x4, 0x0, 0x0)
r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r9, &(0x7f0000000100)=@other={'decodes', ' ', 'io+mem'}, 0xf)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = syz_genetlink_get_family_id$batadv(&(0x7f0000001100), 0xffffffffffffffff)
getsockopt$IP_VS_SO_GET_DESTS(r11, 0x0, 0x484, &(0x7f0000000000)=""/54, &(0x7f0000000180)=0x36)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000001140)={'batadv0\x00', <r13=>0x0})
sendmsg$BATADV_CMD_TP_METER_CANCEL(r10, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0x28, r12, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r13}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="f9b7b5acfe1e"}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8000000)
r14 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r14, &(0x7f0000001200)={'#! ', './file0', [{0x20, '\x98\xe1Cvg\x9cO\x16\xc0TC\xe8\xb8\x91W\xb8\x84\xdf\xbe\xbd\x8f\x81!\xf2V[\x03V\xba/\xb9+\xd2\x95\xe0t\x0f<}T\v\x0f\xe8\xae\x89\xfa^\xce\xae[t/\x12\x1f\x02\x85\xbd\xbc\r(\xfd\xf2\xeeB\x12\xdc\x06\x1d\xd8\x86g\xcf\xb6\xde\xeb\xfc\xfc~A\x95\x8a6'}, {0x20, '5\xed\xe9\xe8\f\xcb\x82;\xc5\x98\"\x1c\x8d\xbb,X}\xec\x9f\xe5\xf0\x1f\x02\a\x0e\xe09\x17\xa9\xdbXP\x94}L\x17WT\xc0Rc\xe5\xd3\x9a\xcfGr3\xbaf\x8aS\xc6Q\x16\xf4\x9f\x02u.\xaf\xf3\xb8\x0e\x85a8\x03\x02\xf4\xf1\\b\x1ew\xd4F\xf1\xf9I\xe4\xca\xb1\xa51Sk\xdf\xc7\xd2\x87.b\xb9|+\x9f3@\xdfs\xa0\x01\x8fV/0\x8bo\xccQ\x9c\x9e\xae!b\xa0 \xea\xa4(C\n\x96\xdf\xd2\xd6\x91\x90\x83 \xb2\xb4\xac{\x02\xde,Ff\x98\x84\x16\x1b\x96\xac\x9e\x17\xf0\x13\xfa\xd1+\xcc\x19\x81ZZ\xa0\xde\xeb\xf3`\x0e\x87:` \x1b\xec\xc81\xb7\x91\xfdcL\xdcH/<w\x83\xd4B\x1cd\x8e\x98\xabd\xbc\f#\x92\xaf\xe5/|\x15\xaf\x81\x81\xe2l\x91'}]}, 0x12d)
close(r14)
read$dsp(r14, &(0x7f0000000080)=""/193, 0xc1)

2.187160713s ago: executing program 6 (id=3078):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x40001)
ioctl$BLKTRACESTART(r2, 0x1276, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x447e, 0x3380, 0x1, 0x40024a}, &(0x7f0000000340), 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
write$sndseq(r3, &(0x7f0000000300)=[{0x84, 0x77, 0x1, 0x0, @tick=0x7f, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x5, 0x83, @tick, {0xfd}, {}, @note={0x81}}, {0x6, 0x7, 0x9, 0xff, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @time=@tick=0x1ff}, {0x8, 0x3, 0x6, 0x4, @tick=0x9, {0xbb, 0x3}, {0x4a}, @result={0x5, 0x9}}], 0x70)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x200000000000b49, 0x9, 0x8, 0x0, 0x3}, 0x0)
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
link(0x0, &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdir(0x0, 0x83)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0xe}]}}]}, 0x38}}, 0x4054)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x8}]}}]}, 0x38}}, 0x40840)
socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000004c0)={0x80, 0x0, 0x0, 0x0, {0xd}, 0x0, 0x0, 0x0, &(0x7f0000000480)=[0x0], 0x1}, 0x58)
sendmsg$NFT_BATCH(r9, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.93927405s ago: executing program 7 (id=3079):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7f)
r1 = socket(0x400000000010, 0x2, 0xfffffffe)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r4, 0x40103d0b, &(0x7f0000000100)={0xfffffff4, 0xb99780e35628d9d6})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000180)={'adq12b\x00', [0x4f27, 0x5, 0x2, 0x5, 0x5, 0xcc5, 0xf, 0x7, 0xa, 0xe8aa, 0x2, 0x1, 0xfffffffd, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0x7, 0xe69, 0x3c, 0x8, 0x2, 0x0, 0xfffffff8]})
ioctl$COMEDI_SETWSUBD(r5, 0x6411)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00'}, 0x18)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000000000))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
statx(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x400, 0x7ff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000002b000701feffffff00000000037c00000c00018008000600ffffffff08004c00", @ANYRES32=r7, @ANYBLOB="0f6a04c905fffe5dd86d3f9e82fdfb67cfb7b3fd0978f176b2139a75f2a3935a14b1d10e04825f69508394eab6ebb3776fee9209c7793d830479fd8bb9fedc095be8d43903cd2e4d9ff257afec54109240cc03a62ee6ace4e68679489d9bfed41e1fb62d820e3e5eea0323"], 0x28}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x10b500, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
mkdirat(r9, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000480)='./file0\x00')
chmod(0x0, 0x256)
getxattr(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="757365722e2b132e5d5d5a256100"], 0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffebb)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r10, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r10, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)

1.822194935s ago: executing program 7 (id=3080):
socket(0x11, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd00ffffdf25350000000800030000", @ANYRES32=r2, @ANYBLOB="0600fd000300000004003400"], 0x28}}, 0x22044800)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2c, 0x25dfdbff, {0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e24, 0x4e24}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
socket$netlink(0x10, 0x3, 0x13)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000e80000009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b70300000000000085000000b000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='rxrpc_local\x00', r6}, 0x10)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r7, &(0x7f0000000340)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e20, 0x8001, @mcast1}}, 0x24)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, &(0x7f00000001c0)={0x2, 0x0, 0x44, &(0x7f00000000c0)={0x1, 0x1000, 0x9}})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x2, @thr={&(0x7f0000000540)="7afd2ae0c0114fe02ccfbebff28bdd67439775f94090380859bab5fcec364bbd55f4e5b31db53d184bc816395d38648e8c825c6c271fd62438c4202b26259713c5b6ca971cd03e3d951db9649b7094ed9aa22fce1c8516cd94d388c6206087c994bdb386de80ccb728e9de5449d529ee42904326d61ed881140842a58b6b97914d29a4df494865b50184e1d45553f5", &(0x7f0000000740)="eeaa7264d7fe2f80dc56dc01952aff9604e27dabb76b35a1eacbace999ca5f7ad3893f61d5277bddb3f3a46489f87cd12d36a9f62158438ac8c0385daa111296fd7fb6ec5d69ca43ef3952e8c7b0511bafdce4f99158bbddba03ca47402214ed7f8000098fe040c01c0117aba26c686f7f45db716e4e46cf58834c9cd7b8ec5f8cafc93441e7214d389addca81058e51bfe65138358d5e7ddf24b74a51471e09935af38c978f3bbccca82a0c9804d32232123b7fd310cd3349632df8010bbfa11b2cb253ac516cb6e4d41600c6b468624ced349891797cf3d6402a401fd72862"}}, &(0x7f0000bbdffc))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8b26, &(0x7f0000000280)={'wlan1\x00'})
timer_settime(0x0, 0x0, 0x0, 0x0)

1.622344973s ago: executing program 1 (id=3081):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
fcntl$getownex(r0, 0x10, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1fe, 0x40001)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x3, 0x0, 0xa, 0x1ff, 0x1})
capget(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000500)={0x29a, 0xb3f, 0x9, 0x1, 0x5, 0x5})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETLINK(r8, 0x400454cd, 0x336)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000480)={0x7f, 0x1e, 0x81, 0x0, 0x100})
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r0}})
io_uring_enter(r5, 0x3517, 0x173d, 0x42, 0x0, 0x0)

1.395385008s ago: executing program 8 (id=3082):
syz_io_uring_setup(0x10d, &(0x7f00000004c0)={0x0, 0x8b7c, 0x800, 0x7, 0x22}, &(0x7f0000000940)=<r0=>0x0, &(0x7f0000000280)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = userfaultfd(0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r7, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
dup3(r6, r2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
open$dir(&(0x7f00000001c0)='./file0\x00', 0x80000, 0x10b)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})
socket(0x1d, 0x2, 0x6)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='6\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="3f60b7cbd5a58ef0872f887126a94297c8ad67592ab5a9f495c1d680bdd6f8683f887fa3647c8496799efebbc3490b8a93c7b39dfc71c1da969ef6a8c55468e2f99a93b9f963dd7884b84d771215aa5db6cd5509ab72098b1174571c2f3ad64708bebcd1d6ef6bc4b90722263c2527bb5883fe3655388dc5353871f839882f3af8b99f370844a054dd7ca9d7ef1ce3a65f6d225ad33d8b227c64f4a9d710688a17c6af25d5b7249e2bf65a9a692f35", @ANYRES64=0x0], 0x20)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000280)}], 0x1}, 0x0)

617.7218ms ago: executing program 1 (id=3083):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'ip_vti0\x00', &(0x7f0000000000)=@ethtool_test={0x1a, 0x3, 0x0, 0x1, [0x4]}})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x104}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xf0, r1, 0x802, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x78209c29, 0x9}}}}, [@NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0xf}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4d}, @NL80211_ATTR_IE={0x85, 0x2a, [@fast_bss_trans={0x37, 0x7f, {0x3, 0x2, "a4a96921c3d608cbe34a39329d5d2761", "47fa04fbfe2ca09cd70c729a14a3208273c5fa1db19cc11fcaffd3f18e0b9e21", "68c67700fc9465434099b6c6eb0a12b331588176c3df323e8c140e8da6d4562d", [{0x3, 0x16, "428424ecb78f5a5d10a0773d1aa051bf8c6ba3f4df73"}, {0x1, 0x13, "82980cd878e8f681b5b290517c1ae87f1b442e"}]}}]}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x9}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x6}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0xa}, @NL80211_ATTR_TDLS_INITIATOR={0x4}]}, 0xf0}, 0x1, 0x0, 0x0, 0x40}, 0x40095)

577.876535ms ago: executing program 1 (id=3084):
r0 = syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a440000000010109024400010100000009040000"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = openat$cdrom(0xffffff9c, &(0x7f00000000c0), 0x80040, 0x0)
r2 = dup(r1)
r3 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x11, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r5, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r5, 0x26, &(0x7f00000000c0)={0x1, 0x1, 0x1000000000000002, 0x7, r3})
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYRES64], 0x58}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
write$9p(r2, &(0x7f0000001180)="c09b0062b5be25b582511a5865304427e4c3cf41ff6aaafac2f1d651a40f0d8d8d6aac6fb9b69c80588ca0590f90215f0a72269c2b7696b1d6ecb398232bd129e623ce41b06e332235ebfe0dee6a347dbf3b43ede6173eca9b2393a495ac0fd6e659813f78ea177a171bed8deff9f3abe66687cf7501972ad5740c367f6b1fd18442d4045534164b67d892b88935670fbe178c29a63b5dd7e4e4ce2f7cd156d4f6cf1bd8e56e025ffb6a86dae8bc30091854323d06bc1c2f5edd9ba5744ac1975221dfeca7455190096228925891569a7ab38686815aa4e12082c1ee53633f0ab09144e5e87aeb31bfb76b5743f6fac63880ae840e2272a6094e47d375a233b54058d4137abf53a7d5631ffbcc3efa5f1a0347bd9a348152bfd3cc4ad14e99247c4d36cb37cafc60e6884d290f6fbd82b892566378403b301278ec37b7980f481b60cade317bf50bfa9e5d3509796aef14bfc7c1c56ced2072ee0f9956defbdbc3d693d2cbc39cd353bc37bca245243b22cb0f01ec39bda4e75679dc49b039d3541c6ae9d48bffdc47943a4fb8cc6a712ad01532cfab7f99959b2a16a261a39a11214f925414357bec8b802f6ca36b8c01cc58c6f3eec7aa08e8bf31deb653df365bc358a03474398a52b762cc64b1c4ec8851b1a202e9298be23852b8e1f39fb65f6b135d0adf2399cb74f07849c09588d0708377cb91210586cb3a974e9844be54d2ce3f01072ff692524b78a9a1d3452fece518c828a6be5355f2831d39b032b4aa1b7a06d9fa860673201cddd7553488404177ed10983cfa1e0b668b91b8eb09562b122e9a7b15a9865f49bad0ce8630de6c33722c8d1a46d240ea78922b8a15217c80ea216f728d4674c99b06df9e9318923d75be5ec42a0ddbcbb0d2b1a6cf3bc8b888b9153187af886c6a1044457bb895606b3cd6c9fa2d5d7b89f65194f811c5a102cdb48594a81980d7df63d6550f35aa92dfd19f7f3015dc7b7a51e6820bd0b00a69dfc5f676ae2ad2623946bd2a385a385f49ad968837cdeb363606c08da7e5b84d51011d9ac28820f1b1b74389124ebbe1c40867faf1c2ce1db665a3a856f2792a8d8c8c60b3f6c758b099f092d88b5b30660c9137c7953a41f3f5251c942a69593208e7e5ae83dab7b363b93a2c761ee7f97c47f5c6845ce887e6786e29bb621ed050a75261026052ca389a8e654e85d5a3ca5c7cfb017c7010275b44592b871902f13a419e7fe5d8ac2ed2d2bbb0013de1433ed818c263bf832dd45e505c39d6a5e712531d4b89328a44fc33b409f3b8cb8d1dbe66217cb32ca41059ea1055773775263036d7e5790b105cb9d7328e2340a2952dfff77cb2a3396927daf94666338ed73cd35b00b69c1df684f7096daf50353ed2c05f64a5b755b0a7ffc35915a7dde8e64104385d60061cf35c536552e3ec2c333c232bba02d306d5dd278437ce50889766942d5a1f82bd6a9b44b92432764bbd3f6949a68f0b5c49320dff95bab9c4f4042c47fe2d7c47d7be961493e414403a9e8f777a6e13cfcc9837554281c4f1386d0f45f2705857fce5f44d8424561be2e9b09aa5101e0b69cd6656b4cb361da8f5a5a350b54014405c21532dd755472cc5bbb8960a60d9ee4dc28afcc3e8b65ff5f59ab8f40c6e15d53d6dd213a0051dbaa9dd411e949b2745e3a36fce75137c0721f14b395c837c8d5c3ce3917d47661baf6910032032d839c254fd95cee909f79afd5c503652fb6550b8a52a5d9cb307832db15d6b59be3c7fc382e0d8e5c73f2b70a9eb320e46076a002fdea20b4661cbfa89f25818e1945e211ad7779545b413038e9057e23c80700656d74d809d73e20e7f41a28e8e1aa6ad99ea29ecfae712cb83ed4d3695a36a6c49435142fbc1f0627e05ee09efbd76e4659502ae02c2be802831b29ce11b53191a4ae9bfe2fa3b2dfc571300adee5f1eda10b0b7ced8b0094b3f01b1e4f42996bcc15d6ee53d2fe79646db5ca86ac67b8636bf3af5b09f736cfac49b06646caa83790bdd7de451dd229f6d7a97d1375c3d22bbf2671f1bfca77ab8220075cbb8463a2bf20f7e8491027294a1dca815753ed5cbbee5e60187153fd6f3ed893bff3541d4a701cc5a5a80892594a2589f275d8c3db1bafe90b6b8f6599f0dc72f388e10fd964be8bcde9c4dfb8bf8565de237a404d2411d4744059a4e12ef14228161bc6ca5943c31c6a6c8f97fbd35c6d63ae4ae8953f97399ab9d372685978855fecf29fbac5a4cb882d89ef43558fc8013272b3783fffa4dc28421e1654222c9c751c136eb26ee7983fb38877909a08ae76ad280257728964d7f157e9bf1a88351505c6df638225798579c4ae3f2f4be517686517211852e14138db21a3f7f59609a76f9d885271ae17fc990333dbaae2b486a444a8d29434d7af6695f8b1fbb81933e9ddc17bac00cc68621f067cc80847c58d3e7b521d4474286d5fdfefc434d931cf884a19e97927619c441b01338c31df7339cf667134e8cf73b69e0c5713afd915b6c63dbd2d44d9280e5f06a9f0604247a9e6dda0718f9d0781954934074b5ec6beef086584826cc264cb168201730a6769c2f3a8d17dc1af5e50ded6b0197816191d72625f617f6f562045a0b36d6b4f03bd7caf5a3b5e6e4fca0582c5eb53271994ffa83401b9d0375c4633ca03fe607ebff297d09dbde7507e910f76135ea70f40885a8d7ef0da398429f416e7a3d56550904a545e58d31ed4e5e3d02a2b8821362730333021c7c6f9123e4ef624879bc9705504b931babac8656d4f914074d3e86bb269b617aa357beaafacc314a0d768d2105000d776a161afe8842e2ea3d11179cb81a229e2f40c47982790dce12a823140a9156112028ad5a96b1cffa7517edd489b2bb068f0da03c0294f6f0f97b875f834c8c7092f6b0a9b1da31f633f823fedc79ad9aad202ecad1154073d152ef779b971f1abab088b19d61ebd7a743f789ba163d70bd4d84354bf83e493b60228ddf1c4fb604bd923ce91b346dffd9f7b567439f40df3a598390d16388738fe094001d8f2e8d179846c5f90de47b431cc5d046035b9baacebf4adc0fbe3e6968a130460f16923b21989e119776e9b0a2c1877ee3dac389eace72652dda3c820db0368854e482bf915aeb36b198349faa10884c841b95b44c113e3ecc952cc4671c08a5b1df1695ff42fc4b289f414598e4ba5c9c575b5d0ad94fffc8335d4e9645b0cba8d4b96ebf1ed91cef06a797d03df58a5be7455de35c86de1b13450241312103a925661a2c5cbd95d293cc1035486c49d2ae61f9c2302e2e3204dde819f7451f008298ab1c7118653238f772f0870a11b1e35c6ac3c075ba591f739eaa0bd8470e78d99d13f66f488a99b59e3cf4612daed09bf5283243ed3fae0c6cb4ffcd6014175a34cd99f745bdcf76641538dd27eab57b3f7fb85df69f8381aa7da9ddac60f940a9983ac0e25d715015908e97473c057997952cce75c588b2c07b98653c65c7d664e2172d28979f748b7c91f15226575a4622cdfb2a1db88433c9281a642af9237ec4447273293d8934490ff4f8b35578583541b077887ef54a4a3d2a9feacd45a9bc48dbf2b74a46bfc29a78b3e725444a92a30d3b6569c33e9d208989a50693ccb4b7569ae56952ccbd67cd837e4c7c25c52628efe0df0959323b487ac03dc47bf84b7210186f16f584d11268be2fc25c249eea253445e11b86fb186023d10c0ac5597245b5ce36617333bd944d9d857ad9158a653983143cfebf40ee9d41c64b9ed90c74e373a72f6b91787bfbc13888fe9faf37b98f2165dcb1d0fc41a46604f11c1a49ce47c7793438c01a1d1e47c4dee432ff2b98d172a270aae7fe41c20cd47f4803e2c561aa76e2db047d440230e772e890b10b2e55207caf8081b36ff28ce8c7080f98fba0f99a6e1ebfc6a4f13e0e20823268a7f2d67a55030e469099f0d35248ee712f980bd1bc0d7aae572f782ead08cdf3cc5470f922cd9869e4d5a57edabed499096d4e266c0ea53bbae0ddf3f62230122db9e9c60c7f6294e17c67c171518f2125a13eec97e4d21b9bce54474a3a4376beac3a359cbb3d779e817afdbbda2cdbdcb1597c857348682fef674b388e58fbd07793943766b9b4b8b2d797ab5cf906944a846a08139cfe3b887ccd073f79c15cc027b1b079fd936c54fa1705e170b10212ede6c381e09e0f29c566d7736842e671840d7fce92f7bb5aba4e2dbc99e1370e66049d58b79936eb3f186d88b2ef3216a94442ef1cd778d0c9dfb8a65f2770448dfda39936fcf2eeabeade668c91437949d646cf17ff703d2bfff17df4827d38806ec2920988dd26c6bf4818d0a032aa30710d21d551123946a55744a8417f49e5614b4825f2b007a3a0a8f87758ccd295698a9707c8b97f245066205fba4777c9ddbebfd4dbed16be1838f9d0846b6fdf688c82b217c55716303a01858a368147b3e984e081c1302588392044ef197ad1e3062b7adc34e4a7bde61df7abc78ede6118b5b336d97dd800868c3c025fc685cce4c951617a33d4eedd20af8fb6e0923a196ea9bfef90f3e53c392651cc890e0547e753eca8d48337ac8d419ea359a542a1cd6c1872957044b4663fae1d35cda7f23b9a7de5d5c44b8c51fc591f9ea722bf3eb15460777078167135818d4cf65ef9e53d9c00e30bc533acae530a78b209f064ed5ec34e215efe1c15c6f420a82b55c0d4cb94b2a50fc32bde324ba98c0b758a65d781faac2f360850d7969fc594e1cdfc94e53cef6aa8b89173f8c66c0487495dacbaf88e45d3988807ac1df11fe1cd056475deea1160266bff1c77419b76063009473d85c43807f552dfa67a698181eec55766ae00470db94d5d68a03ef1ab6635bc12d79ddf17302465b154ebe07b4a95b2413f4a5116ad61a49eb21db1b7e4ec30cf7a1e2921966d3cf1162ff556e647416a8eaec068150302260593798f4f82dc0f20bbc50488121637eedda95b8124cb492c1ca1ad6cd4f8a2a0d6bb8f3ad50661a2cc8b0612581a464f579bbdd11da95a8e755a862237937a33b9e0d9834dc5c54ae3399cee94c58e8631d8835ba9b87e9d4e1b97fd4dd45b2546840c590ab6d3ca1398751b1048f4eecffb9262dda84bd964d59530c01c249c692e17caee839127cdd13549d4ec429cb3d39e49cee9e6f77fc2c71b063f2d8cb3b2ea55e38a3b9e332930c79eaa4de84ebc4b5743428ee3dd09e149749bc408c6b2a6749eccfa0757f8be668620f3d12ad5f97420b4e1623dbe3fd1789b2e8f12abb45638ac71597843219b19d184073e9f63ceaa4346ffb520afabccee83a400b4d6d8a77866f2c7cf04582f7dd4090cbff46c846783cc07d9bcb050a0f59806925c915ba2a349b3a8ddb0cc9a7d6f859f0df0b408da4f7fec3a95c939ac8168c6457cc1ae9c40caaf81d8efc0a1807ba133c62c2148fdf6707a3b92ed6bd027fe449cce3e29c352b55b451b83a10317811e8a3edf7b1f576494cf3aaeef17ad0dace6c25518c3f0d50b17bd0d1282964f6cb3cad28e565b798089534d9e4c8d18c0fc0d1c0b44f69bd88d1027e858e17486b6e996304b615e0863124737585ed92223d93deebd19e559b9df136159ea93ae3b5adabb65af1089315f4d8df7587433a52e19422635d646477d968d4e71dfb119cb169682b99faf21b89112207d45cf6c15e7c90b38bc15018a7369ed2582a29b2f0e276739d58952b5971e12fab8262928973e21ac1e09e11502f4e07981ddf1449ce2ed9bca563f556a4d9a203c84fa", 0x1000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000002740)={0x53, 0xfffffffffffffffc, 0x7, 0x0, @buffer={0x0, 0x42, &(0x7f0000000200)=""/66}, &(0x7f0000000040)="8536b0a40b305f", 0x0, 0x9, 0x0, 0x1, 0x0})
getsockopt$XDP_STATISTICS(r7, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x8000)
syz_genetlink_get_family_id$net_dm(0x0, 0xffffffffffffffff)
sendmsg$NET_DM_CMD_START(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

560.284979ms ago: executing program 6 (id=3085):
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00')

536.258305ms ago: executing program 6 (id=3086):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = epoll_create(0x7)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r4, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
ioctl$KVM_CAP_X2APIC_API(r4, 0x4068aea3, &(0x7f0000000240)={0x81, 0x0, 0x3})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x1ee6, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000001, 0x35f, 0x0, r6}, &(0x7f00000000c0)=<r8=>0x0, &(0x7f0000000100)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, 0x0, 0x0)
io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
readv(r10, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x800)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r2, &(0x7f0000006d40)={0x200a})
ioctl$TCXONC(r1, 0x540a, 0x2)
listen(r0, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @empty, @void, {@canfd={0xd, {{0x3, 0x1}, 0x2b, 0x3, 0x0, 0x0, "0ac786b9bff61a2e8b2488b778f34a157a2e5415f986251636ab4c4cc1f6490aaf742b5d9f77cab690510ae2e098db8f0752f385a96c9776a26da725c6782942"}}}}, 0x0)
fstatfs(r0, &(0x7f0000000180)=""/4096)

526.762576ms ago: executing program 7 (id=3087):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = socket$inet(0x2, 0x800, 0x0)
bind$inet(r2, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x0, 0x0)
connect$inet(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, 0x0, 0x20020c0)
sendto$inet(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x401003}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002fc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9e09000000000000000a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a42a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a175e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436c101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521b3ebb0cc52f49129b204eb99b6150e320c9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d255be1ed66d9051f22614d1f62734d6780393e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f231200743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069fbff63a06578d6d184f5de7bfb6aa800016996d536256c02294cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e7005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e47dfa82caed44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1bfeb51f5c65a907f2217d5f80c580dc31b0963ff953ce09148e8dfe3a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e97c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20ab2b5baa1b07b16e81f278e54a479f1a068658e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce798c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f7c6294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b13287615b972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0590000130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80c4014ff11d9dbceba41d8dfce410333a054e82b1d050331c5bc4acb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6b93d28db8ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a82632ff3a9a48ff805202ae9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dae1028d1bc68b6336eb1a5d18f6148354df7e60a489dc543ccdee1fff9d8f8d78844f0c6a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d6410000000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2cea0d6269ffc8580a01e9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168eabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2835d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95bad8f8ed85cd5b03a7352a0fb83398566d1bc133582ce2d95636cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef47b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c32f5fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538bccd48a0325aa9b151855c800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b3145bf54a851f3c08931d4c2c32bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c929e7de4e9620000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da208e9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45a4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d50270a1deec1a6d7441d0b5b8d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656db528f81f6a9465d2c94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be1881000000000000006fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bb24ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855c5c95ef5c83b18b23517ca935a0fa1b630d70c4ca4029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17e0000815a42318151feaad37f7abf9bfa0bcac3c1934854b3f6dc6de835952ebdda297dd3b29c07c69888cf029271449e035edc8a4459705f222bda537481e66ce3c665129f9829524eca8b5bef27adde96bd3ee95da4a176deff3408da050fe8d512e5a19379b403ee11d010bf86d0af4ac5c2057709b18cff438d0d58810670b222dfeb317bb935f925d2a070e68a701fd4316a677bb513c9476f25969097c165ca1705473341ea03f259dc5bee6a2d2e05176965192941abfae36b3a1e30784e6532c96ab971c5706a88b6f66860e31098b5b788788aad67507ffab2184a950065c1337259b63135fa060fc5ce3e4f6cdfb64f40e1a90351a01fd3d70f9dde03c335a931e58b8570316590ae22c7de567260849049e963ee15db15f592abb24111a219f0d128ceaf19764d92755abc9c313f65e7a220e64bb0d7139ce59da85bc710cea0c6553b336763bd3e39c2374b86885a32cdfae817196a7850257ead09f3e30e676b51062bb9000000000000000000000000000000000000000000000000000000aefb12dd3507c8dd24490bf9de062cd166a4dad6b9f2e53bad342546e546f6dece81d53cf717bd91ad72f4da82018f43259899e53e0b69a92180f1345699045fd23689e66d21d13be1a2d20eb1ce23eda84a63"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r4, 0x0, 0xe40, 0xfffffe6d, &(0x7f0000000100)="5c71f91b05c413550230b4c817a628", 0x0, 0x1, 0x0, 0x302, 0x0, &(0x7f0000000180)='\x00', 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x26, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @call={0x85, 0x0, 0x0, 0x1c}, @ldst={0x2, 0x3, 0x3, 0x8, 0x5, 0x6, 0xfffffffffffffff8}, @jmp={0x5, 0x0, 0x1, 0x0, 0xa, 0x18, 0xfffffffffffffffc}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r6, &(0x7f0000000180), 0x40010)

451.960273ms ago: executing program 8 (id=3088):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000002c0)=ANY=[@ANYBLOB="e00000027f0000010100000002"], 0x18)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x1, 0x0, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0xf8)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = dup2(r3, r3)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
r5 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SIOCX25SSUBSCRIP(r4, 0x89e1, &(0x7f0000000200)={'veth0\x00', 0x7fff, 0x7})
r6 = syz_open_dev$video4linux(&(0x7f0000000040), 0x10, 0x2a0086)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f0000000280)={0x30, 0x5, 0x0, {0x0, 0x1, 0x3}}, 0x30)
read$FUSE(r7, &(0x7f0000004180)={0x2020, 0x0, <r8=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_OPEN(r7, &(0x7f00000002c0)={0x20, 0x0, r8}, 0x20)
ioctl$BINDER_CTL_ADD(r3, 0xc1086201, &(0x7f0000000340)={'custom1\x00'})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r6, 0xc040564a, &(0x7f0000000000)={0x0, 0x0, 0x4001, 0x8001, 0xfffc, 0x2, 0x100000, 0x1})
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000000c0)=0x17)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000300)=0x7fffffff)
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d47c"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

358.372603ms ago: executing program 8 (id=3089):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x4)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}}}, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)='Ya/', 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f00000048c0)=[{&(0x7f0000001500)="b6", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000050c0)=[{&(0x7f0000004e40)="3db801", 0x3}], 0x1}}], 0x3, 0x48800)
shutdown(r0, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x4) (async)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}}}, 0x9) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
sendmmsg$inet6(r0, &(0x7f0000007080)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)='Ya/', 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f00000048c0)=[{&(0x7f0000001500)="b6", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000050c0)=[{&(0x7f0000004e40)="3db801", 0x3}], 0x1}}], 0x3, 0x48800) (async)
shutdown(r0, 0x1) (async)

210.382079ms ago: executing program 8 (id=3090):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0x21, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
prctl$PR_SET_FP_MODE(0x2d, 0x2)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000006c0)={'erspan0\x00', 0x0})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_auth_payload_to={{0xff}, {0x0, 0xc8, 0x7fff}}}}, 0xb)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000009000000080000000200000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000002a9495d3c2e368b2a15c87a576b50742468e305e8afea8d1394e85ab98cf157d08c4631fcda60e445d19", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000440)='ns/mnt\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r7, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$tcp_mem(0xffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0xe, &(0x7f0000000240)=ANY=[@ANYBLOB="1802000000000000000000000000000018130000", @ANYRES32=r6, @ANYBLOB="00000000000000008500000012000000180100002020642500000000001e20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b388dd965f7a3312779a", 0x0, 0xe00, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[], 0x2c}}, 0x0)

202.318625ms ago: executing program 7 (id=3091):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpgid(0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x28)
fcntl$setsig(r2, 0xa, 0x800020)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xa, 0xb, 0x42, 0x2, 0x42, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000280), 0xffff, r3}, 0x38)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000380)={0x3c, r6, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80c1}, 0x0)

0s ago: executing program 8 (id=3092):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
fcntl$getownex(r0, 0x10, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1fe, 0x40001)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x3, 0x0, 0xa, 0x1ff, 0x1})
capget(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000500)={0x29a, 0xb3f, 0x9, 0x1, 0x5, 0x5})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x336)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000480)={0x7f, 0x1e, 0x81, 0x0, 0x100})
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r0}})
io_uring_enter(r5, 0x3517, 0x173d, 0x42, 0x0, 0x0)

kernel console output (not intermixed with test programs):

veth0_macvtap: entered promiscuous mode
[  407.065724][T26895] veth1_macvtap: entered promiscuous mode
[  407.080993][T26895] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.089654][T26895] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.098358][T26413] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.104038][T26413] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.109676][T26413] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.116052][T26413] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.152906][T26947] syz.1.2231: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[  407.157769][T26947] CPU: 2 UID: 0 PID: 26947 Comm: syz.1.2231 Not tainted syzkaller #0 PREEMPT(full) 
[  407.157785][T26947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.157792][T26947] Call Trace:
[  407.157797][T26947]  <TASK>
[  407.157801][T26947]  dump_stack_lvl+0x16c/0x1f0
[  407.157817][T26947]  warn_alloc+0x248/0x3a0
[  407.157831][T26947]  ? __pfx_warn_alloc+0x10/0x10
[  407.157844][T26947]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  407.157857][T26947]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  407.157874][T26947]  __alloc_frozen_pages_noprof+0xea2/0x23f0
[  407.157890][T26947]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  407.157908][T26947]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  407.157925][T26947]  ? policy_nodemask+0x3c9/0x4e0
[  407.157938][T26947]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  407.157954][T26947]  ? policy_nodemask+0xea/0x4e0
[  407.157967][T26947]  alloc_pages_mpol+0x1fb/0x550
[  407.157980][T26947]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  407.157993][T26947]  ? alloc_pages_noprof+0x206/0x390
[  407.158006][T26947]  ? alloc_pages_noprof+0x23c/0x390
[  407.158020][T26947]  alloc_pages_noprof+0x131/0x390
[  407.158032][T26947]  kimage_alloc_pages+0x75/0x350
[  407.158049][T26947]  kimage_alloc_control_pages+0x153/0xa00
[  407.158061][T26947]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  407.158073][T26947]  do_kexec_load+0x478/0x8a0
[  407.158083][T26947]  ? lock_release+0x201/0x2f0
[  407.158096][T26947]  ? __pfx_do_kexec_load+0x10/0x10
[  407.158107][T26947]  __ia32_compat_sys_kexec_load+0x37f/0x400
[  407.158120][T26947]  ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10
[  407.158131][T26947]  ? rcu_is_watching+0x12/0xc0
[  407.158144][T26947]  __do_fast_syscall_32+0x7c/0x3a0
[  407.158158][T26947]  do_fast_syscall_32+0x32/0x80
[  407.158172][T26947]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.158185][T26947] RIP: 0023:0xf7f51579
[  407.158193][T26947] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.158203][T26947] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[  407.158214][T26947] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[  407.158220][T26947] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000
[  407.158226][T26947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.158232][T26947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.158238][T26947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.158247][T26947]  </TASK>
[  407.158251][T26947] Mem-Info:
[  407.204041][T26947] active_anon:3080 inactive_anon:7254 isolated_anon:0
[  407.204041][T26947]  active_file:775 inactive_file:9759 isolated_file:0
[  407.204041][T26947]  unevictable:1768 dirty:533 writeback:0
[  407.204041][T26947]  slab_reclaimable:7442 slab_unreclaimable:69195
[  407.204041][T26947]  mapped:29531 shmem:7978 pagetables:947
[  407.204041][T26947]  sec_pagetables:315 bounce:0
[  407.204041][T26947]  kernel_misc_reclaimable:0
[  407.204041][T26947]  free:28608 free_pcp:164 free_cma:0
[  407.207776][ T5981] Bluetooth: hci4: command tx timeout
[  407.209242][T26947] Node 0 active_anon:0kB inactive_anon:84kB active_file:0kB inactive_file:136kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7152kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8616kB pagetables:1148kB sec_pagetables:1124kB all_unreclaimable? yes Balloon:0kB
[  407.221018][T26947] Node 1 active_anon:12320kB inactive_anon:28932kB active_file:3100kB inactive_file:35900kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:110972kB dirty:2132kB writeback:0kB shmem:28376kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6724kB pagetables:2640kB sec_pagetables:136kB all_unreclaimable? no Balloon:0kB
[  407.231227][T26413] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.231600][T26947] Node 0 
[  407.234092][ T1143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.239579][T26413] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.242160][T26947] DMA free:1948kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  407.311853][ T1143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.314910][T26947] lowmem_reserve[]: 0 288 288 288 288
[  407.318320][T26947] Node 0 DMA32 free:14912kB boost:10240kB min:23460kB low:26764kB high:30068kB reserved_highatomic:4096KB free_highatomic:872KB active_anon:0kB inactive_anon:84kB active_file:0kB inactive_file:136kB unevictable:3536kB writepending:0kB present:1032196kB managed:295148kB mlocked:0kB bounce:0kB free_pcp:196kB local_pcp:0kB free_cma:0kB
[  407.332460][T26947] lowmem_reserve[]: 0 0 0 0 0
[  407.334459][T26947] Node 1 DMA32 free:102812kB boost:49152kB min:96292kB low:108076kB high:119860kB reserved_highatomic:6144KB free_highatomic:1496KB active_anon:12320kB inactive_anon:28932kB active_file:3200kB inactive_file:30200kB unevictable:3536kB writepending:2132kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:2456kB local_pcp:192kB free_cma:0kB
[  407.347971][T26947] lowmem_reserve[]: 0 0 0 0 0
[  407.349915][T26947] Node 0 DMA: 1*4kB (U) 3*8kB (U) 2*16kB (U) 5*32kB (U) 1*64kB (U) 1*128kB (U) 2*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1948kB
[  407.358572][T26947] Node 0 DMA32: 256*4kB (ME) 172*8kB (UMEH) 68*16kB (UMEH) 91*32kB (UME) 44*64kB (UMEH) 18*128kB (UME) 3*256kB (MEH) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 12800kB
[  407.366159][T26947] Node 1 DMA32: 1667*4kB (MEH) 1171*8kB (MEH) 703*16kB (UMEH) 340*32kB (MEH) 171*64kB (MEH) 170*128kB (UME) 61*256kB (UMH) 15*512kB (M) 4*1024kB (M) 2*2048kB (U) 0*4096kB = 102356kB
[  407.374736][T26947] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  407.384434][T26947] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  407.405586][T26947] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  407.450946][T26947] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  407.454996][T26947] 13812 total pagecache pages
[  407.457023][T26947] 168 pages in swap cache
[  407.461538][T26947] Free swap  = 122112kB
[  407.463160][T26947] Total swap = 124996kB
[  407.464863][T26947] 524155 pages RAM
[  407.468135][T26947] 0 pages HighMem/MovableOnly
[  407.471838][T26947] 209473 pages reserved
[  407.474790][T26947] 0 pages cma reserved
[  407.793946][T26947] kexec: Could not allocate control_code_buffer
[  407.804986][T26947] Process accounting resumed
[  407.845649][ T5981] Bluetooth: hci1: command tx timeout
[  407.933598][T26978] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2239'.
[  408.922350][T26989] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2240'.
[  408.938877][T26982] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2241'.
[  409.295535][ T5981] Bluetooth: hci4: command tx timeout
[  409.400883][T24491] Bluetooth: hci2: Frame reassembly failed (-84)
[  409.404432][T27010] Bluetooth: hci2: Frame reassembly failed (-84)
[  409.935568][ T5335] Bluetooth: hci1: command tx timeout
[  411.205745][T16149] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  411.234579][T27049] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2260'.
[  411.355914][T16149] usb 11-1: too many configurations: 9, using maximum allowed: 8
[  411.359036][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.361942][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.365574][ T5335] Bluetooth: hci4: command tx timeout
[  411.365598][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.370092][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.373182][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.377417][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.380196][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.383141][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.386910][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.389838][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.392841][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.396383][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.399709][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.402787][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.406407][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.409244][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.412206][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.416050][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.418853][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.421942][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.425673][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.428642][T16149] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  411.431776][T16149] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  411.435685][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  411.439186][T16149] usb 11-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  411.442108][T16149] usb 11-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  411.444709][T16149] usb 11-1: Product: syz
[  411.446180][ T5335] Bluetooth: hci2: command 0x1003 tx timeout
[  411.446195][ T5981] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  411.450041][T16149] usb 11-1: Manufacturer: syz
[  411.451889][T16149] usb 11-1: SerialNumber: syz
[  411.455266][T16149] usb 11-1: config 0 descriptor??
[  411.459634][T16149] yurex 11-1:0.0: USB YUREX device now attached to Yurex #0
[  411.674686][   T53] usb 11-1: USB disconnect, device number 2
[  411.678658][   T53] yurex 11-1:0.0: USB YUREX #0 now disconnected
[  411.939043][T27059] fuse: Unknown parameter 'use00000000000000000000'
[  412.005557][ T5981] Bluetooth: hci1: command tx timeout
[  412.168209][T27070] netlink: 'syz.1.2267': attribute type 1 has an invalid length.
[  412.175981][T27070] 8021q: adding VLAN 0 to HW filter on device bond2
[  412.363206][T27086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2273'.
[  412.460453][T27090] /dev/loop6: Can't lookup blockdev
[  412.577180][T27092] netlink: 62 bytes leftover after parsing attributes in process `syz.2.2274'.
[  412.925318][T27097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2276'.
[  412.931178][T27097] macvtap1: entered promiscuous mode
[  412.932999][T27097] team0: entered promiscuous mode
[  412.934673][T27097] team_slave_0: entered promiscuous mode
[  412.937051][T27097] team_slave_1: entered promiscuous mode
[  412.939119][T27097] dummy0: entered promiscuous mode
[  412.941025][T27097] macvtap1: entered allmulticast mode
[  412.942818][T27097] team0: entered allmulticast mode
[  412.944510][T27097] team_slave_0: entered allmulticast mode
[  412.946540][T27097] team_slave_1: entered allmulticast mode
[  412.948433][T27097] dummy0: entered allmulticast mode
[  412.950310][T27097] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  413.445583][ T5981] Bluetooth: hci4: command tx timeout
[  413.579279][T27107] pim6reg1: entered promiscuous mode
[  413.581096][T27107] pim6reg1: entered allmulticast mode
[  414.001586][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  414.004604][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  414.008639][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.011341][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.014118][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.017206][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.021329][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.027218][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.030376][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.033757][  T842] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  414.038142][  T842] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  414.044121][T27346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.047266][T27346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.085641][   T53] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  414.235966][T28648] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2282'.
[  414.514133][T29943] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2284'.
[  414.790991][T24476] Bluetooth: Error in BCSP hdr checksum
[  414.995228][  T842] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  415.046076][T26417] Bluetooth: Error in BCSP hdr checksum
[  415.281522][  T842] usb 7-1: Using ep0 maxpacket: 8
[  415.315865][T24476] Bluetooth: Error in BCSP hdr checksum
[  415.353716][  T842] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  415.362354][  T842] usb 7-1: config 0 has no interface number 0
[  415.364377][  T842] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  415.413834][  T842] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  415.417736][  T842] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  415.421220][  T842] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  415.425583][  T842] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  415.428753][  T842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.449693][  T842] usb 7-1: config 0 descriptor??
[  415.460270][  T842] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  416.339489][T29959] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2287'.
[  416.565887][ T5335] Bluetooth: hci2: command 0x1003 tx timeout
[  416.565898][ T5981] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  416.665497][T29965] fuse: Unknown parameter 'user_i00000000000000000000'
[  416.701921][T29967] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2291'.
[  416.722450][ T6053] usb 7-1: USB disconnect, device number 11
[  416.726183][ T6053] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  417.032873][T29975] 8021q: VLANs not supported on gre0
[  417.429573][T29993] fuse: Unknown parameter 'user_i00000000000000000000'
[  417.452288][T29997] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2301'.
[  417.644012][T30001] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2303'.
[  417.785522][  T842] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  417.935582][  T842] usb 7-1: Using ep0 maxpacket: 8
[  417.938918][  T842] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  417.941743][  T842] usb 7-1: config 0 has no interface number 0
[  417.943983][  T842] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  417.947583][  T842] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  417.951224][  T842] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  417.954681][  T842] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  417.958936][  T842] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  417.961764][  T842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.964838][  T842] usb 7-1: config 0 descriptor??
[  417.967970][  T842] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  418.174384][T26930] usb 7-1: USB disconnect, device number 12
[  418.177020][T26930] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  418.226472][T30014] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.227255][T30013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  418.228466][T30014] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  418.230712][T30013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  418.233414][T30014] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.237746][T30014] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  418.238131][T30013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  418.242622][T30013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  418.246094][T30014] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  418.248012][T30014] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  418.254863][ T5335] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  418.257443][ T5335] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  418.259797][ T5335] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  418.262318][ T5335] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  418.264910][ T5335] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  418.268333][ T5981] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  418.270745][ T5981] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  418.273299][ T5981] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  418.275975][ T5981] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  418.279023][ T5981] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  418.289368][T30015] lo speed is unknown, defaulting to 1000
[  418.373490][T30024] fuse: Unknown parameter 'user_i00000000000000000000'
[  418.378400][T30015] chnl_net:caif_netlink_parms(): no params data found
[  418.392761][T30026] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2311'.
[  418.420352][T30015] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.422806][T30015] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.425091][T30015] bridge_slave_0: entered allmulticast mode
[  418.428006][T30015] bridge_slave_0: entered promiscuous mode
[  418.430952][T30015] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.433464][T30015] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.435855][T30015] bridge_slave_1: entered allmulticast mode
[  418.438139][T30015] bridge_slave_1: entered promiscuous mode
[  418.457728][T30015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.462166][T30015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.483013][T30015] team0: Port device team_slave_0 added
[  418.486491][T30015] team0: Port device team_slave_1 added
[  418.504947][T30015] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.507664][T30015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.517394][T30015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.521876][T30015] batman_adv: batadv0: Adding interface: batadv_slave_1
[  418.524198][T30015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  418.533026][T30015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  418.559529][T30015] hsr_slave_0: entered promiscuous mode
[  418.562582][T30015] hsr_slave_1: entered promiscuous mode
[  418.564661][T30015] debugfs: 'hsr0' already exists in 'hsr'
[  418.566726][T30015] Cannot create hsr debugfs directory
[  418.694303][T30037] fuse: Bad value for 'user_id'
[  418.696109][T30037] fuse: Bad value for 'user_id'
[  419.020060][T30015] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  419.023879][T30015] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  419.027745][T30015] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  419.031272][T30015] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  419.068162][T30015] 8021q: adding VLAN 0 to HW filter on device bond0
[  419.093621][T30015] 8021q: adding VLAN 0 to HW filter on device team0
[  419.099449][T30057] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2318'.
[  419.119707][T30015] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  419.123929][T30015] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  419.135944][T24476] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.138830][T24476] bridge0: port 1(bridge_slave_0) entered forwarding state
[  419.143331][T24476] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.145904][T24476] bridge0: port 2(bridge_slave_1) entered forwarding state
[  419.243660][T30015] 8021q: adding VLAN 0 to HW filter on device batadv0
[  419.258226][T30015] veth0_vlan: entered promiscuous mode
[  419.262190][T30015] veth1_vlan: entered promiscuous mode
[  419.272631][T30015] veth0_macvtap: entered promiscuous mode
[  419.276315][T30015] veth1_macvtap: entered promiscuous mode
[  419.282363][T30015] batman_adv: batadv0: Interface activated: batadv_slave_0
[  419.287605][T30015] batman_adv: batadv0: Interface activated: batadv_slave_1
[  419.292306][T24476] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  419.295629][T24476] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  419.298470][T24476] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  419.304067][T24476] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  419.320928][T24476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  419.323583][T24476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  419.330170][T24487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  419.332681][T24487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  419.592189][T30065] fuse: Unknown parameter 'user_id00000000000000000000'
[  419.616950][T30067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2321'.
[  419.624289][T30069] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2320'.
[  419.669792][T30075] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2324'.
[  419.773521][T30080] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2326'.
[  419.839973][T30089] fuse: Unknown parameter 'user_id00000000000000000000'
[  420.213054][T30100] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2332'.
[  420.217397][T30100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2332'.
[  420.235661][T30102] binder: 30101:30102 unknown command 0
[  420.237420][T30102] binder: 30101:30102 ioctl c0306201 80000080 returned -22
[  420.322608][T30086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  420.335590][ T5981] Bluetooth: hci2: command tx timeout
[  420.526021][T30111] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2336'.
[  420.814297][T30120] fuse: Unknown parameter 'user_id00000000000000000000'
[  420.847768][T30124] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2342'.
[  420.851409][T30124] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2342'.
[  420.988977][T30132] netlink: 'syz.2.2343': attribute type 1 has an invalid length.
[  420.991482][T30132] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2343'.
[  421.035587][ T6054] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  421.185556][ T6054] usb 11-1: Using ep0 maxpacket: 32
[  421.188487][ T6054] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.191923][ T6054] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.195041][ T6054] usb 11-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  421.197963][ T6054] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.201130][ T6054] usb 11-1: config 0 descriptor??
[  421.486573][T30140] sp0: Synchronizing with TNC
[  421.586422][T30146] fuse: Bad value for 'fd'
[  421.607047][ T6054] savu 0003:1E7D:2D5A.0004: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[  421.642828][T30157] netlink: 'syz.1.2355': attribute type 1 has an invalid length.
[  421.647927][T30157] vxcan3: entered promiscuous mode
[  422.405647][ T5981] Bluetooth: hci2: command 0x041b tx timeout
[  422.805536][  T840] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[  422.955583][  T840] usb 6-1: Invalid ep0 maxpacket: 32
[  423.085509][  T840] usb 6-1: new low-speed USB device number 13 using dummy_hcd
[  423.235618][  T840] usb 6-1: Invalid ep0 maxpacket: 32
[  423.237842][  T840] usb usb6-port1: attempt power cycle
[  423.392825][T30182] fuse: Bad value for 'fd'
[  423.484175][T30191] pim6reg1: entered promiscuous mode
[  423.486162][T30191] pim6reg1: entered allmulticast mode
[  423.496956][T30191] sp0: Synchronizing with TNC
[  423.586074][  T840] usb 6-1: new low-speed USB device number 14 using dummy_hcd
[  423.606359][  T840] usb 6-1: Invalid ep0 maxpacket: 32
[  423.695567][T26930] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  423.745545][  T840] usb 6-1: new low-speed USB device number 15 using dummy_hcd
[  423.776704][  T840] usb 6-1: Invalid ep0 maxpacket: 32
[  423.778935][  T840] usb usb6-port1: unable to enumerate USB device
[  423.795398][   T53] usb 11-1: USB disconnect, device number 3
[  423.865530][T26930] usb 10-1: Using ep0 maxpacket: 16
[  423.869710][T26930] usb 10-1: config 0 has no interfaces?
[  423.882132][T26930] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  423.886036][T26930] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.888848][T26930] usb 10-1: Product: syz
[  423.890308][T26930] usb 10-1: Manufacturer: syz
[  423.892137][T26930] usb 10-1: SerialNumber: syz
[  423.895941][T26930] usb 10-1: config 0 descriptor??
[  424.104271][  T840] usb 10-1: USB disconnect, device number 7
[  424.265551][   T53] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  424.417126][   T53] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  424.420085][   T53] usb 11-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  424.423117][   T53] usb 11-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  424.429465][   T53] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  424.432484][   T53] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  424.435002][   T53] usb 11-1: Product: syz
[  424.436412][   T53] usb 11-1: Manufacturer: syz
[  424.437958][   T53] usb 11-1: SerialNumber: syz
[  424.485756][ T5335] Bluetooth: hci2: command 0x041b tx timeout
[  424.647026][   T53] usblp 11-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  424.676073][T30205] fuse: Bad value for 'fd'
[  425.067273][  T840] usb 11-1: USB disconnect, device number 4
[  425.069873][  T840] usblp0: removed
[  426.192679][T30232] __nla_validate_parse: 8 callbacks suppressed
[  426.192690][T30232] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2379'.
[  426.200283][T30232] team_slave_0: entered promiscuous mode
[  426.202698][T30232] team_slave_1: entered promiscuous mode
[  426.407529][T30237] fuse: Unknown parameter '0x0000000000000003'
[  426.449140][T30241] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2383'.
[  426.452418][T30241] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2383'.
[  426.523344][T30223] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  426.575576][ T5335] Bluetooth: hci2: command 0x041b tx timeout
[  426.589587][   T40] kauditd_printk_skb: 932 callbacks suppressed
[  426.589598][   T40] audit: type=1326 audit(1755715945.932:4371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30250 comm="syz.1.2387" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  426.691521][T30253] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2387'.
[  426.765509][  T840] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  426.947306][  T840] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  426.947330][  T840] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  426.947342][  T840] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  427.007809][  T840] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  427.010614][  T840] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  427.013139][  T840] usb 10-1: Product: syz
[  427.014440][  T840] usb 10-1: Manufacturer: syz
[  427.020121][  T840] usb 10-1: SerialNumber: syz
[  427.190517][T30260] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  427.193167][T30260] IPv6: NLM_F_CREATE should be set when creating new route
[  427.196131][T30260] IPv6: NLM_F_CREATE should be set when creating new route
[  427.198527][T30260] IPv6: NLM_F_CREATE should be set when creating new route
[  427.231093][T30264] fuse: Unknown parameter '0x0000000000000003'
[  427.237774][  T840] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  427.323659][T30269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2393'.
[  427.327174][T30269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2393'.
[  427.676691][T30279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2396'.
[  427.682146][T30279] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2396'.
[  427.813181][T30275] pim6reg1: entered promiscuous mode
[  427.815077][T30275] pim6reg1: entered allmulticast mode
[  427.909202][  T842] usb 10-1: USB disconnect, device number 8
[  427.937173][  T842] usblp0: removed
[  428.243330][T30290] fuse: Unknown parameter '0x0000000000000003'
[  428.655562][ T5335] Bluetooth: hci2: command 0x041b tx timeout
[  428.666562][T30299] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2403'.
[  428.669921][T30299] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2403'.
[  429.560264][T30326] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  429.867212][   T40] audit: type=1804 audit(1755715949.212:4372): pid=30337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2415" name="/newroot/24/file1" dev="fuse" ino=1 res=1 errno=0
[  429.877522][   T40] audit: type=1800 audit(1755715949.212:4373): pid=30337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2415" name="/" dev="fuse" ino=1 res=0 errno=0
[  429.895888][   T40] audit: type=1326 audit(1755715949.232:4374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.902667][   T40] audit: type=1326 audit(1755715949.242:4375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.909974][   T40] audit: type=1326 audit(1755715949.242:4376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.918538][   T40] audit: type=1326 audit(1755715949.242:4377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.927736][   T40] audit: type=1326 audit(1755715949.242:4378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.934625][   T40] audit: type=1326 audit(1755715949.242:4379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  429.942016][   T40] audit: type=1326 audit(1755715949.242:4380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30338 comm="syz.1.2416" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  430.143832][T30349] fuse: Unknown parameter '0x0000000000000003'
[  430.581765][T30361] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  430.666183][T30361] /dev/sr0: Can't open blockdev
[  430.675633][ T6135] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  430.713106][T30369] overlayfs: failed to resolve './file0': -2
[  430.836450][ T6135] usb 11-1: Using ep0 maxpacket: 16
[  430.840258][ T6135] usb 11-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.845070][ T6135] usb 11-1: config 0 interface 0 has no altsetting 0
[  430.855631][ T6135] usb 11-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  430.858689][ T6135] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.866084][ T6135] usb 11-1: config 0 descriptor??
[  431.472055][T30355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.475225][T30355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.479744][T30355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.482610][T30355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.545754][T26417] Bluetooth: Invalid byte 5e after esc byte
[  431.688409][ T6135] usbhid 11-1:0.0: can't add hid device: -71
[  431.690425][ T6135] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  431.693317][ T6135] usb 11-1: USB disconnect, device number 5
[  431.805824][T24498] Bluetooth: Error in BCSP hdr checksum
[  432.065814][T24487] Bluetooth: Error in BCSP hdr checksum
[  432.155973][ T6135] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  432.440656][T30395] __nla_validate_parse: 4 callbacks suppressed
[  432.440685][T30395] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2432'.
[  432.637788][T30397] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  432.701664][T30402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2434'.
[  432.705227][T30402] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2434'.
[  432.746174][T30397] /dev/sr0: Can't open blockdev
[  433.365716][ T5981] Bluetooth: hci0: command 0x1003 tx timeout
[  433.368727][ T5335] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  433.578995][T30420] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  433.778501][T30420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2437'.
[  433.781743][T30420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2437'.
[  433.945522][T16149] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  434.095514][T16149] usb 11-1: Using ep0 maxpacket: 16
[  434.098369][T16149] usb 11-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.101678][T16149] usb 11-1: config 0 interface 0 has no altsetting 0
[  434.103744][T16149] usb 11-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  434.107168][T16149] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.111412][T16149] usb 11-1: config 0 descriptor??
[  434.509098][T30433] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2443'.
[  434.512690][T30433] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2443'.
[  434.537797][T30432] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  434.647553][T30432] /dev/sr0: Can't open blockdev
[  434.721400][T30419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.724763][T30419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.735264][T30419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.738317][T30419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  435.026830][T16149] usbhid 11-1:0.0: can't add hid device: -71
[  435.522071][T16149] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  435.528818][T30454] pim6reg1: entered promiscuous mode
[  435.530601][T30454] pim6reg1: entered allmulticast mode
[  435.538368][T30454] sp0: Synchronizing with TNC
[  435.611377][T16149] usb 11-1: USB disconnect, device number 6
[  435.769009][T30463] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2450'.
[  435.775036][T30463] team_slave_0: entered promiscuous mode
[  435.777171][T30463] team_slave_1: entered promiscuous mode
[  436.161377][T30468] team0: No ports can be present during mode change
[  436.163894][T30468] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2451'.
[  436.167064][T30468] team_slave_0: left promiscuous mode
[  436.169292][T30468] team_slave_1: left promiscuous mode
[  436.180415][T30468] team0 (unregistering): Port device team_slave_0 removed
[  436.185023][T30468] team0 (unregistering): Port device team_slave_1 removed
[  436.572718][T30458] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  437.253192][T30479] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  437.386148][T30479] /dev/sr0: Can't open blockdev
[  437.875701][  T842] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  437.975527][   T60] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  438.045600][  T842] usb 7-1: Using ep0 maxpacket: 16
[  438.048995][  T842] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.052791][  T842] usb 7-1: config 0 interface 0 has no altsetting 0
[  438.055306][  T842] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  438.059114][  T842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.062964][  T842] usb 7-1: config 0 descriptor??
[  438.136656][   T60] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  438.140352][   T60] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  438.143701][   T60] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  438.155562][   T60] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  438.158802][   T60] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.165720][   T60] usb 11-1: config 0 descriptor??
[  438.168802][   T60] usbhid 11-1:0.0: couldn't find an input interrupt endpoint
[  438.486154][T16149] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  438.673792][T30486] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.676640][T30486] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.681331][T30486] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.684595][T30486] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  438.926868][  T842] usbhid 7-1:0.0: can't add hid device: -71
[  439.174438][  T842] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  439.178961][  T842] usb 7-1: USB disconnect, device number 13
[  439.185509][T30502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2463'.
[  439.190255][T30502] team_slave_0: entered promiscuous mode
[  439.192179][T30502] team_slave_1: entered promiscuous mode
[  439.380371][T30505] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.409487][T30513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.413988][T30513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.440463][T30505] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.456906][T30516] 9pnet_fd: Insufficient options for proto=fd
[  439.607374][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  439.609420][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.019069][T30505] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.073317][T30505] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.141154][T24498] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  440.148746][T24498] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  440.153147][T24498] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.158286][T24476] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  440.191316][T30509] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.768987][T30530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2470'.
[  440.772819][T30530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2470'.
[  440.822809][T30537] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2473'.
[  440.828542][T30537] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2473'.
[  440.852323][T30534] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  440.956254][T30534] /dev/sr0: Can't open blockdev
[  441.135623][T16149] usb 11-1: USB disconnect, device number 7
[  441.263144][T30556] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2479'.
[  441.266980][T30556] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2479'.
[  441.315475][ T1023] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  441.465518][ T1023] usb 7-1: Using ep0 maxpacket: 16
[  441.468363][ T1023] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  441.471948][ T1023] usb 7-1: config 0 interface 0 has no altsetting 0
[  441.474032][ T1023] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  441.477267][ T1023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.480689][ T1023] usb 7-1: config 0 descriptor??
[  442.088043][T30543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.095736][T30543] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.100436][T30543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  442.104063][T30543] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  442.112835][T30573] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  442.306473][T30573] /dev/sr0: Can't open blockdev
[  442.311455][ T1023] usbhid 7-1:0.0: can't add hid device: -71
[  442.313361][ T1023] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  442.316556][ T1023] usb 7-1: USB disconnect, device number 14
[  442.349215][T30584] syz.6.2487: attempt to access beyond end of device
[  442.349215][T30584] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  442.375009][T30586] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2488'.
[  442.378769][T30586] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2488'.
[  442.418292][T30590] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2490'.
[  442.908360][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  442.908374][   T40] audit: type=1804 audit(1755715962.252:4387): pid=30604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2494" name="/newroot/61/file0" dev="tmpfs" ino=357 res=1 errno=0
[  443.403927][T30617] FAULT_INJECTION: forcing a failure.
[  443.403927][T30617] name failslab, interval 1, probability 0, space 0, times 0
[  443.407938][T30617] CPU: 3 UID: 0 PID: 30617 Comm: syz.2.2498 Not tainted syzkaller #0 PREEMPT(full) 
[  443.407954][T30617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.407974][T30617] Call Trace:
[  443.407978][T30617]  <TASK>
[  443.407982][T30617]  dump_stack_lvl+0x16c/0x1f0
[  443.407998][T30617]  should_fail_ex+0x512/0x640
[  443.408014][T30617]  ? io_cache_alloc_new+0x45/0xf0
[  443.408028][T30617]  should_failslab+0xc2/0x120
[  443.408042][T30617]  __kmalloc_noprof+0xd2/0x510
[  443.408054][T30617]  ? kstrtouint+0xdd/0x130
[  443.408066][T30617]  io_cache_alloc_new+0x45/0xf0
[  443.408081][T30617]  io_arm_apoll+0x88e/0xa60
[  443.408094][T30617]  ? __pfx_io_arm_apoll+0x10/0x10
[  443.408106][T30617]  ? __pfx_io_accept+0x10/0x10
[  443.408122][T30617]  io_arm_poll_handler+0x223/0x2b0
[  443.408135][T30617]  io_queue_async+0xaf/0x330
[  443.408146][T30617]  io_submit_sqes+0x1728/0x2590
[  443.408161][T30617]  __do_sys_io_uring_enter+0xd6a/0x1630
[  443.408174][T30617]  ? __fget_files+0x20e/0x3c0
[  443.408198][T30617]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  443.408212][T30617]  ? fput+0x9b/0xd0
[  443.408225][T30617]  ? ksys_write+0x1ac/0x250
[  443.408236][T30617]  ? __pfx_ksys_write+0x10/0x10
[  443.408248][T30617]  ? rcu_is_watching+0x12/0xc0
[  443.408259][T30617]  __do_fast_syscall_32+0x7c/0x3a0
[  443.408274][T30617]  do_fast_syscall_32+0x32/0x80
[  443.408287][T30617]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  443.408300][T30617] RIP: 0023:0xf704e579
[  443.408308][T30617] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  443.408318][T30617] RSP: 002b:00000000f53fc55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  443.408333][T30617] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000000047f5
[  443.408339][T30617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  443.408345][T30617] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  443.408350][T30617] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  443.408356][T30617] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  443.408365][T30617]  </TASK>
[  443.540283][T30620] siw: device registration error -23
[  444.329041][T30636] syzkaller1: entered promiscuous mode
[  444.331260][T30636] syzkaller1: entered allmulticast mode
[  444.595651][   T53] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  444.669048][T30641] __nla_validate_parse: 5 callbacks suppressed
[  444.669059][T30641] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2506'.
[  444.775538][   T53] usb 7-1: Using ep0 maxpacket: 16
[  444.778268][   T53] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.781600][   T53] usb 7-1: config 0 interface 0 has no altsetting 0
[  444.783577][   T53] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  444.786921][   T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.790047][   T53] usb 7-1: config 0 descriptor??
[  445.396610][T30633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.399908][T30633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.406419][T30633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.409119][T30633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.484692][T30647] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2508'.
[  445.555172][T30652] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2510'.
[  445.559504][T30652] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.2510'.
[  445.613674][   T53] usbhid 7-1:0.0: can't add hid device: -71
[  445.616577][   T53] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  445.619877][   T53] usb 7-1: USB disconnect, device number 15
[  446.131165][T30669] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2515'.
[  446.343495][T30681] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2520'.
[  446.452478][T30685] tipc: Started in network mode
[  446.454073][T30685] tipc: Node identity 1eb6e4e0d885, cluster identity 4711
[  446.457144][T30685] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  446.460116][ T5335] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  446.460133][ T5335] Bluetooth: hci2: Malformed LE Event: 0x0d
[  446.464374][T30684] tipc: Resetting bearer <eth:syzkaller0>
[  446.488035][T30684] tipc: Disabling bearer <eth:syzkaller0>
[  447.016248][T30693] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2525'.
[  447.335631][T16149] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  447.427369][T30706] fuse: Unknown parameter 'fd0x0000000000000003'
[  447.525623][T16149] usb 10-1: Using ep0 maxpacket: 16
[  447.528515][T16149] usb 10-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  447.528539][T16149] usb 10-1: config 0 interface 0 has no altsetting 0
[  447.528562][T16149] usb 10-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  447.528577][T16149] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.529444][T16149] usb 10-1: config 0 descriptor??
[  447.874521][T30694] [U] R5¡JCÒ°~V6“˜|‡7§¤Á…KXVZZËG—RÙÔ   $¨
[  447.930496][T30710] overlayfs: failed lookup in lower (newroot/56, name='bus', err=-40): overlapping layers
[  447.963169][T30712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2530'.
[  448.132883][T30691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  448.136330][T30691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  448.140196][T30691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  448.143032][T30691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  448.347766][T16149] usbhid 10-1:0.0: can't add hid device: -71
[  448.349822][T16149] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  448.352793][T16149] usb 10-1: USB disconnect, device number 9
[  448.867026][T30728] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2535'.
[  448.895694][T30730] netlink: 7 bytes leftover after parsing attributes in process `syz.5.2536'.
[  448.902706][T30730] openvswitch: netlink: Flow key attr not present in new flow.
[  448.968475][T30734] overlayfs: failed lookup in lower (newroot/60, name='bus', err=-40): overlapping layers
[  449.225242][T30742] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  449.251710][T30743] pim6reg1: entered promiscuous mode
[  449.253483][T30743] pim6reg1: entered allmulticast mode
[  449.936993][T30751] __nla_validate_parse: 3 callbacks suppressed
[  449.937008][T30751] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2542'.
[  450.364377][T30766] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2546'.
[  450.745608][  T840] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  450.886706][  T840] usb 10-1: device descriptor read/64, error -71
[  451.135563][  T840] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  451.265623][  T840] usb 10-1: device descriptor read/64, error -71
[  451.373641][T30784] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2551'.
[  451.387168][  T840] usb usb10-port1: attempt power cycle
[  451.549164][T30785] pim6reg1: entered promiscuous mode
[  451.550932][T30785] pim6reg1: entered allmulticast mode
[  451.845609][  T840] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  451.865897][  T840] usb 10-1: device descriptor read/8, error -71
[  451.913303][T30790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2554'.
[  451.919199][T30790] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2554'.
[  452.105522][  T840] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  452.136979][  T840] usb 10-1: device descriptor read/8, error -71
[  452.255623][  T840] usb usb10-port1: unable to enumerate USB device
[  452.327663][T30797] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2556'.
[  453.537021][T30807] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  453.658683][T30807] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2557'.
[  453.661645][T30807] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2557'.
[  453.834082][T30812] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  453.926520][T30812] /dev/sr0: Can't open blockdev
[  454.068237][T30820] FAULT_INJECTION: forcing a failure.
[  454.068237][T30820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.073370][T30820] CPU: 2 UID: 0 PID: 30820 Comm: syz.6.2562 Not tainted syzkaller #0 PREEMPT(full) 
[  454.073394][T30820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  454.073405][T30820] Call Trace:
[  454.073411][T30820]  <TASK>
[  454.073417][T30820]  dump_stack_lvl+0x16c/0x1f0
[  454.073443][T30820]  should_fail_ex+0x512/0x640
[  454.073461][T30820]  _copy_from_iter+0x29f/0x16f0
[  454.073478][T30820]  ? __alloc_skb+0x200/0x380
[  454.073492][T30820]  ? __pfx__copy_from_iter+0x10/0x10
[  454.073508][T30820]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  454.073524][T30820]  netlink_sendmsg+0x829/0xdd0
[  454.073538][T30820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  454.073552][T30820]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  454.073565][T30820]  ____sys_sendmsg+0xa95/0xc70
[  454.073581][T30820]  ? __pfx_____sys_sendmsg+0x10/0x10
[  454.073597][T30820]  ? get_compat_msghdr+0x11a/0x170
[  454.073610][T30820]  ? kstrtouint_from_user+0x13c/0x1d0
[  454.073623][T30820]  ___sys_sendmsg+0x134/0x1d0
[  454.073636][T30820]  ? get_pid_task+0xfc/0x250
[  454.073650][T30820]  ? __pfx____sys_sendmsg+0x10/0x10
[  454.073665][T30820]  ? rcu_is_watching+0x12/0xc0
[  454.073681][T30820]  __sys_sendmsg+0x16d/0x220
[  454.073693][T30820]  ? __pfx___sys_sendmsg+0x10/0x10
[  454.073707][T30820]  ? syscall_user_dispatch+0x78/0x140
[  454.073724][T30820]  ? rcu_is_watching+0x12/0xc0
[  454.073734][T30820]  __do_fast_syscall_32+0x7c/0x3a0
[  454.073748][T30820]  do_fast_syscall_32+0x32/0x80
[  454.073761][T30820]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  454.073775][T30820] RIP: 0023:0xf7f05579
[  454.073783][T30820] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  454.073794][T30820] RSP: 002b:00000000f540555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  454.073805][T30820] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000800002c0
[  454.073811][T30820] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  454.073817][T30820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  454.073822][T30820] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  454.073828][T30820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  454.073837][T30820]  </TASK>
[  454.520579][T16149] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  455.009533][T30837] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2566'.
[  455.381572][T30841] netlink: 62 bytes leftover after parsing attributes in process `syz.2.2567'.
[  455.645509][  T840] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  455.785425][  T840] usb 10-1: device descriptor read/64, error -71
[  456.070700][  T840] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  456.205542][  T840] usb 10-1: device descriptor read/64, error -71
[  456.315900][  T840] usb usb10-port1: attempt power cycle
[  456.620070][T30875] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2577'.
[  456.625813][T30875] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2577'.
[  456.722129][  T840] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  456.745731][  T840] usb 10-1: device descriptor read/8, error -71
[  456.835347][T30884] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2578'.
[  457.095330][  T840] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  457.123994][T30887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2580'.
[  457.125717][  T840] usb 10-1: device descriptor read/8, error -71
[  457.129647][T30887] bridge_slave_1: left allmulticast mode
[  457.132042][T30887] bridge_slave_1: left promiscuous mode
[  457.136104][T30887] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.139806][T30887] bridge_slave_0: left allmulticast mode
[  457.141655][T30887] bridge_slave_0: left promiscuous mode
[  457.143641][T30887] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.246164][  T840] usb usb10-port1: unable to enumerate USB device
[  457.751112][T30896] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2583'.
[  457.756386][T30896] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2583'.
[  457.895419][T30910] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2587'.
[  457.895889][T30910] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2587'.
[  458.439458][T30923] pim6reg1: entered promiscuous mode
[  458.441790][T30923] pim6reg1: entered allmulticast mode
[  458.741501][T30932] pim6reg1: entered promiscuous mode
[  458.743615][T30932] pim6reg1: entered allmulticast mode
[  458.957290][T30933] pim6reg1: entered promiscuous mode
[  458.959086][T30933] pim6reg1: entered allmulticast mode
[  458.985324][T30944] ip6tnl1: entered promiscuous mode
[  458.987030][T30944] ip6tnl1: entered allmulticast mode
[  458.990117][T30944] team0: Device ip6tnl1 is of different type
[  460.345443][T30964] __nla_validate_parse: 5 callbacks suppressed
[  460.345485][T30964] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2605'.
[  460.390687][T30948] Set syz1 is full, maxelem 65536 reached
[  461.090686][T30980] pim6reg1: entered promiscuous mode
[  461.093063][T30980] pim6reg1: entered allmulticast mode
[  461.351008][T31049] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2613'.
[  461.367946][T31049] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.2613'.
[  462.721576][T31917] random: crng reseeded on system resumption
[  462.795863][T31918] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2619'.
[  463.047317][T31922] FAULT_INJECTION: forcing a failure.
[  463.047317][T31922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  463.052057][T31922] CPU: 1 UID: 0 PID: 31922 Comm: syz.5.2622 Not tainted syzkaller #0 PREEMPT(full) 
[  463.052073][T31922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  463.052080][T31922] Call Trace:
[  463.052085][T31922]  <TASK>
[  463.052090][T31922]  dump_stack_lvl+0x16c/0x1f0
[  463.052107][T31922]  should_fail_ex+0x512/0x640
[  463.052130][T31922]  _copy_to_user+0x32/0xd0
[  463.052144][T31922]  simple_read_from_buffer+0xcb/0x170
[  463.052160][T31922]  proc_fail_nth_read+0x197/0x240
[  463.052195][T31922]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  463.052213][T31922]  ? security_file_permission+0x71/0x210
[  463.052236][T31922]  ? rw_verify_area+0xcf/0x6c0
[  463.052252][T31922]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  463.052269][T31922]  vfs_read+0x1e4/0xcf0
[  463.052289][T31922]  ? __pfx_vfs_read+0x10/0x10
[  463.052305][T31922]  ? rcu_is_watching+0x12/0xc0
[  463.052319][T31922]  ? __fget_files+0x20e/0x3c0
[  463.052331][T31922]  ksys_read+0x12a/0x250
[  463.052343][T31922]  ? __pfx_ksys_read+0x10/0x10
[  463.052354][T31922]  ? rcu_is_watching+0x12/0xc0
[  463.052365][T31922]  __do_fast_syscall_32+0x7c/0x3a0
[  463.052380][T31922]  do_fast_syscall_32+0x32/0x80
[  463.052393][T31922]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  463.052406][T31922] RIP: 0023:0xf70be579
[  463.052414][T31922] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  463.052425][T31922] RSP: 002b:00000000f54ae590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  463.052440][T31922] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f54ae620
[  463.052447][T31922] RDX: 000000000000000f RSI: 00000000f7424ff4 RDI: 0000000000000000
[  463.052453][T31922] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  463.052459][T31922] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  463.052464][T31922] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  463.052474][T31922]  </TASK>
[  463.090595][    C1] vkms_vblank_simulate: vblank timer overrun
[  463.127233][    C1] vkms_vblank_simulate: vblank timer overrun
[  463.254979][T31904] comedi comedi2: reset error (fatal)
[  463.505511][T31936] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  463.559534][T31937] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  463.688051][T31936] /dev/sr0: Can't open blockdev
[  463.815556][T31937] /dev/sr0: Can't open blockdev
[  463.879872][T31948] overlayfs: failed to resolve './file1': -2
[  463.949555][T31952] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  463.953661][T31952] netlink: 'syz.1.2632': attribute type 9 has an invalid length.
[  464.293098][T31960] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.350233][T31960] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.378017][T31961] pim6reg1: entered promiscuous mode
[  464.381661][T31961] pim6reg1: entered allmulticast mode
[  464.411783][T31960] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.504322][T31960] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.687008][T26412] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  464.689677][T26412] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  464.692282][T26412] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  464.697537][   T59] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  464.849732][T31976] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  464.900456][T31981] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  464.945751][T31976] /dev/sr0: Can't open blockdev
[  465.088533][T31981] /dev/sr0: Can't open blockdev
[  465.144322][T31987] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2641'.
[  465.158273][T31987] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.2641'.
[  465.164479][T31991] FAULT_INJECTION: forcing a failure.
[  465.164479][T31991] name failslab, interval 1, probability 0, space 0, times 0
[  465.176860][T31991] CPU: 0 UID: 0 PID: 31991 Comm: syz.2.2643 Not tainted syzkaller #0 PREEMPT(full) 
[  465.176887][T31991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  465.176894][T31991] Call Trace:
[  465.176898][T31991]  <TASK>
[  465.176902][T31991]  dump_stack_lvl+0x16c/0x1f0
[  465.176919][T31991]  should_fail_ex+0x512/0x640
[  465.176947][T31991]  ? rds_message_alloc+0x42/0x230
[  465.176959][T31991]  should_failslab+0xc2/0x120
[  465.176973][T31991]  __kmalloc_noprof+0xd2/0x510
[  465.176984][T31991]  ? rds_sendmsg+0x747/0x31f0
[  465.176997][T31991]  ? rcu_is_watching+0x12/0xc0
[  465.177007][T31991]  ? rds_sendmsg+0x747/0x31f0
[  465.177021][T31991]  rds_message_alloc+0x42/0x230
[  465.177033][T31991]  rds_sendmsg+0xb5d/0x31f0
[  465.177047][T31991]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  465.177062][T31991]  ? __pfx_rds_sendmsg+0x10/0x10
[  465.177075][T31991]  ? aa_sk_perm+0x2f4/0xb10
[  465.177088][T31991]  ? lock_release+0x201/0x2f0
[  465.177101][T31991]  ? __pfx_aa_sk_perm+0x10/0x10
[  465.177115][T31991]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  465.177127][T31991]  ? ____sys_sendmsg+0xa95/0xc70
[  465.177142][T31991]  ____sys_sendmsg+0xa95/0xc70
[  465.177161][T31991]  ? __pfx_____sys_sendmsg+0x10/0x10
[  465.177177][T31991]  ? get_compat_msghdr+0x11a/0x170
[  465.177190][T31991]  ? kstrtouint_from_user+0x13c/0x1d0
[  465.177204][T31991]  ___sys_sendmsg+0x134/0x1d0
[  465.177216][T31991]  ? get_pid_task+0xfc/0x250
[  465.177230][T31991]  ? __pfx____sys_sendmsg+0x10/0x10
[  465.177244][T31991]  ? rcu_is_watching+0x12/0xc0
[  465.177258][T31991]  __sys_sendmsg+0x16d/0x220
[  465.177271][T31991]  ? __pfx___sys_sendmsg+0x10/0x10
[  465.177286][T31991]  ? rcu_is_watching+0x12/0xc0
[  465.177297][T31991]  __do_fast_syscall_32+0x7c/0x3a0
[  465.177311][T31991]  do_fast_syscall_32+0x32/0x80
[  465.177324][T31991]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  465.177338][T31991] RIP: 0023:0xf704e579
[  465.177346][T31991] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  465.177356][T31991] RSP: 002b:00000000f543e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  465.177366][T31991] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  465.177373][T31991] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  465.177379][T31991] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  465.177385][T31991] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  465.177390][T31991] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  465.177399][T31991]  </TASK>
[  465.316374][   T40] audit: type=1800 audit(1755715984.663:4388): pid=31994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.2644" name="/newroot/93/file0" dev="tmpfs" ino=523 res=0 errno=0
[  465.362886][T32002] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2647'.
[  465.366801][T32002] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2647'.
[  465.849033][ T6053] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  465.930232][T32011] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  465.983443][T32014] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  465.994873][ T6053] usb 10-1: device descriptor read/64, error -71
[  466.015554][T32011] /dev/sr0: Can't open blockdev
[  466.115577][T32014] /dev/sr0: Can't open blockdev
[  466.213026][T32027] vlan2: entered allmulticast mode
[  466.213045][T32027] bond0: entered allmulticast mode
[  466.213057][T32027] bond_slave_0: entered allmulticast mode
[  466.213071][T32027] bond_slave_1: entered allmulticast mode
[  466.264800][ T6053] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  466.286034][T32031] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2656'.
[  466.287037][T32031] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2656'.
[  466.421356][T32038] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  466.434844][ T6053] usb 10-1: device descriptor read/64, error -71
[  466.472319][T32042] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  466.535703][T32038] /dev/sr0: Can't open blockdev
[  466.555610][ T6053] usb usb10-port1: attempt power cycle
[  466.645409][T32042] /dev/sr0: Can't open blockdev
[  466.940651][ T6053] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  466.967042][ T6053] usb 10-1: device descriptor read/8, error -71
[  467.224011][ T6053] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  467.255172][ T6053] usb 10-1: device descriptor read/8, error -71
[  467.364906][ T6053] usb usb10-port1: unable to enumerate USB device
[  467.899283][T32078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2666'.
[  467.903237][T32078] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2666'.
[  467.957542][T32082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2668'.
[  467.963535][T32082] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2668'.
[  468.106153][T32084] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  468.160367][T32087] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  468.195851][T32084] /dev/sr0: Can't open blockdev
[  468.335391][T32087] /dev/sr0: Can't open blockdev
[  468.520983][T32096] pim6reg1: entered promiscuous mode
[  468.523582][T32096] pim6reg1: entered allmulticast mode
[  468.638034][T32096] cgroup: fork rejected by pids controller in /syz6
[  469.412883][ T3201] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2676'.
[  469.416859][ T3201] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2676'.
[  469.552206][ T3193] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  469.558187][ T3206] FAULT_INJECTION: forcing a failure.
[  469.558187][ T3206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.562514][ T3206] CPU: 3 UID: 0 PID: 3206 Comm: syz.1.2678 Not tainted syzkaller #0 PREEMPT(full) 
[  469.562532][ T3206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.562539][ T3206] Call Trace:
[  469.562544][ T3206]  <TASK>
[  469.562549][ T3206]  dump_stack_lvl+0x16c/0x1f0
[  469.562567][ T3206]  should_fail_ex+0x512/0x640
[  469.562584][ T3206]  _copy_from_user+0x2e/0xd0
[  469.562602][ T3206]  get_compat_msghdr+0xa7/0x170
[  469.562617][ T3206]  ? __pfx_get_compat_msghdr+0x10/0x10
[  469.562630][ T3206]  ? rcu_is_watching+0x12/0xc0
[  469.562644][ T3206]  ___sys_recvmsg+0x191/0x1a0
[  469.562658][ T3206]  ? __pfx____sys_recvmsg+0x10/0x10
[  469.562675][ T3206]  ? __pfx___might_resched+0x10/0x10
[  469.562687][ T3206]  do_recvmmsg+0x55d/0x750
[  469.562701][ T3206]  ? __pfx_do_recvmmsg+0x10/0x10
[  469.562714][ T3206]  ? preempt_count_add+0x76/0x150
[  469.562729][ T3206]  ? ksys_write+0x190/0x250
[  469.562742][ T3206]  ? rcu_is_watching+0x12/0xc0
[  469.562752][ T3206]  ? lock_release+0x201/0x2f0
[  469.562770][ T3206]  ? __fget_files+0x20e/0x3c0
[  469.562782][ T3206]  __sys_recvmmsg+0x21c/0x280
[  469.562796][ T3206]  ? __pfx___sys_recvmmsg+0x10/0x10
[  469.562811][ T3206]  ? __pfx_ksys_write+0x10/0x10
[  469.562824][ T3206]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  469.562839][ T3206]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  469.562853][ T3206]  __do_fast_syscall_32+0x7c/0x3a0
[  469.562869][ T3206]  do_fast_syscall_32+0x32/0x80
[  469.562883][ T3206]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.562897][ T3206] RIP: 0023:0xf70be579
[  469.562927][ T3206] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.562938][ T3206] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  469.562949][ T3206] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080001140
[  469.562955][ T3206] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000000000000000
[  469.562962][ T3206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.562968][ T3206] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.562974][ T3206] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.562983][ T3206]  </TASK>
[  469.640767][ T3193] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  469.779305][ T3215] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  469.833325][ T3221] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  469.907166][ T3215] /dev/sr0: Can't open blockdev
[  470.020931][ T3221] /dev/sr0: Can't open blockdev
[  471.328438][ T3247] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  471.709650][ T3268] pim6reg1: entered promiscuous mode
[  471.711463][ T3268] pim6reg1: entered allmulticast mode
[  471.774641][  T842] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  471.893338][ T3269] pim6reg1: entered promiscuous mode
[  471.895254][ T3269] pim6reg1: entered allmulticast mode
[  471.925779][  T842] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  471.928758][  T842] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  471.932289][  T842] usb 7-1: config 0 interface 0 has no altsetting 0
[  471.936663][  T842] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  471.939562][  T842] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  471.942812][  T842] usb 7-1: Product: syz
[  471.944267][  T842] usb 7-1: Manufacturer: syz
[  471.946029][  T842] usb 7-1: SerialNumber: syz
[  471.948112][  T842] usb 7-1: config 0 descriptor??
[  471.950449][  T842] hub 7-1:0.0: bad descriptor, ignoring hub
[  471.952370][  T842] hub 7-1:0.0: probe with driver hub failed with error -5
[  471.955774][  T842] usb 7-1: selecting invalid altsetting 0
[  471.956558][ T3269] cgroup: fork rejected by pids controller in /syz5
[  473.098085][ T6135] usb 7-1: USB disconnect, device number 16
[  473.246350][ T6504] __nla_validate_parse: 5 callbacks suppressed
[  473.246389][ T6504] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2698'.
[  473.640789][ T6510] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  473.694232][ T6514] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  473.735971][ T6510] /dev/sr0: Can't open blockdev
[  473.815129][ T6514] /dev/sr0: Can't open blockdev
[  473.895073][ T6519] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  473.945849][ T6524] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  474.075509][ T6519] /dev/sr0: Can't open blockdev
[  474.114843][ T6527] netlink: 62 bytes leftover after parsing attributes in process `syz.5.2704'.
[  474.165161][ T6524] /dev/sr0: Can't open blockdev
[  474.403909][ T6531] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2705'.
[  474.794141][ T6534] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2706'.
[  474.889975][ T6544] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  474.909667][ T6547] program syz.2.2710 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  474.941582][ T6548] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  474.985028][ T6544] /dev/sr0: Can't open blockdev
[  475.099388][  T840] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  475.115454][ T6548] /dev/sr0: Can't open blockdev
[  475.295279][  T840] usb 10-1: Using ep0 maxpacket: 16
[  475.314380][  T840] usb 10-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.339320][  T840] usb 10-1: config 0 interface 0 has no altsetting 0
[  475.339354][  T840] usb 10-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  475.339365][  T840] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.340425][  T840] usb 10-1: config 0 descriptor??
[  475.753442][  T840] nzxt-smart2 0003:1E71:2009.0005: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.5-1/input0
[  476.155145][ T6536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.157935][ T6536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.163046][ T6536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.166238][ T6536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  476.311151][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2719'.
[  476.422724][ T6135] usb 10-1: USB disconnect, device number 22
[  476.978712][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.982714][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.987719][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.992090][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.995677][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.999083][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  476.999831][ T6591] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  477.002540][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  477.008196][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  477.010893][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  477.013659][ T6594] netlink: 'syz.1.2724': attribute type 1 has an invalid length.
[  477.055706][ T6602] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  477.104945][ T6591] /dev/sr0: Can't open blockdev
[  477.126672][ T6606] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2728'.
[  477.185321][ T6602] /dev/sr0: Can't open blockdev
[  477.579254][ T5979] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  477.579484][ T5979] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  477.579652][ T5979] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  477.580104][ T5979] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  477.580412][ T5979] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  477.602479][ T6620] lo speed is unknown, defaulting to 1000
[  477.713851][ T6620] chnl_net:caif_netlink_parms(): no params data found
[  477.765748][ T6620] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.765798][ T6620] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.765863][ T6620] bridge_slave_0: entered allmulticast mode
[  477.766414][ T6620] bridge_slave_0: entered promiscuous mode
[  477.767600][ T6620] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.767665][ T6620] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.767741][ T6620] bridge_slave_1: entered allmulticast mode
[  477.768234][ T6620] bridge_slave_1: entered promiscuous mode
[  477.791565][ T6620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.792642][ T6620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.809317][ T6620] team0: Port device team_slave_0 added
[  477.810263][ T6620] team0: Port device team_slave_1 added
[  477.826855][ T6620] batman_adv: batadv0: Adding interface: batadv_slave_0
[  477.826868][ T6620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.826882][ T6620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  477.827396][ T6620] batman_adv: batadv0: Adding interface: batadv_slave_1
[  477.827403][ T6620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.827416][ T6620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  477.846597][ T6620] hsr_slave_0: entered promiscuous mode
[  477.903218][ T6620] hsr_slave_1: entered promiscuous mode
[  477.903475][ T6620] debugfs: 'hsr0' already exists in 'hsr'
[  477.903487][ T6620] Cannot create hsr debugfs directory
[  477.973968][ T6620] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  477.977691][ T6620] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  477.981078][ T6620] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  477.984996][ T6620] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  477.996346][ T6620] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.998656][ T6620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.000986][ T6620] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.003395][ T6620] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.007237][T26417] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.016354][T26417] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.043651][ T6620] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.051336][ T6620] 8021q: adding VLAN 0 to HW filter on device team0
[  478.056154][T24498] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.058409][T24498] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.063486][T24498] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.065992][T24498] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.144782][ T6620] 8021q: adding VLAN 0 to HW filter on device batadv0
[  478.243487][ T6620] veth0_vlan: entered promiscuous mode
[  478.249576][ T6620] veth1_vlan: entered promiscuous mode
[  478.271587][ T6620] veth0_macvtap: entered promiscuous mode
[  478.277707][ T6620] veth1_macvtap: entered promiscuous mode
[  478.284843][ T6620] batman_adv: batadv0: Interface activated: batadv_slave_0
[  478.289734][ T6620] batman_adv: batadv0: Interface activated: batadv_slave_1
[  478.298450][T26412] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  478.303045][T26412] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  478.306162][T26412] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  478.310182][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2737'.
[  478.313161][T26412] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  478.344708][T24498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  478.349560][T24498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  478.359525][T26417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  478.363157][T26417] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  478.396709][ T6657] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2733'.
[  478.402459][ T6657] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2733'.
[  478.589254][ T6660] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  478.639269][ T6664] ptrace attach of ""[6665] was attempted by "/syz-executor exec"[6664]
[  478.642466][ T6666] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  478.688962][ T6668] input: syz0 as /devices/virtual/input/input12
[  478.724877][ T6660] /dev/sr0: Can't open blockdev
[  478.805634][ T6666] /dev/sr0: Can't open blockdev
[  478.934277][ T6135] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  479.084121][ T6135] usb 12-1: Using ep0 maxpacket: 16
[  479.087793][ T6135] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.091272][ T6135] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  479.094466][ T6135] usb 12-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  479.097349][ T6135] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.100486][ T6135] usb 12-1: config 0 descriptor??
[  479.614134][ T5979] Bluetooth: hci0: command tx timeout
[  479.709942][ T6135] usbhid 12-1:0.0: can't add hid device: -71
[  479.712075][ T6135] usbhid 12-1:0.0: probe with driver usbhid failed with error -71
[  479.715232][ T6135] usb 12-1: USB disconnect, device number 2
[  480.232562][ T6685] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2745'.
[  480.438658][ T6689] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[  480.440921][ T6689] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  480.444305][ T6689] vhci_hcd vhci_hcd.0: Device attached
[  480.724618][ T6053] usb 52-1: SetAddress Request (2) to port 0
[  480.727329][ T6053] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd
[  480.964189][ T5979] Bluetooth: hci2: command 0x041b tx timeout
[  480.966956][ T6675] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  481.092379][ T6690] vhci_hcd: connection reset by peer
[  481.094298][T24498] vhci_hcd: stop threads
[  481.096135][T24498] vhci_hcd: release socket
[  481.098045][T24498] vhci_hcd: disconnect device
[  481.694025][ T5979] Bluetooth: hci0: command tx timeout
[  481.853791][ T6675] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  481.856720][ T6675] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  481.859236][ T6675] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  481.861194][ T6675] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  481.864404][ T6675] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  481.959171][ T6697] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2749'.
[  481.972608][ T6697] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2749'.
[  482.115177][ T6704] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2750'.
[  482.219422][ T6710] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  482.272641][ T6713] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  482.333688][ T6710] /dev/sr0: Can't open blockdev
[  482.399111][ T6700] x_tables: ip_tables: HMARK.0 target: invalid size 64 (kernel) != (user) 72
[  482.424698][ T6713] /dev/sr0: Can't open blockdev
[  482.574582][ T6723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'.
[  482.841555][ T6724] block nbd1: shutting down sockets
[  482.995280][ T5335] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  483.044210][ T5335] Bluetooth: hci2: command 0x041b tx timeout
[  483.045560][ T6742] syzkaller0: entered promiscuous mode
[  483.049220][ T6742] syzkaller0: entered allmulticast mode
[  483.066049][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2762'.
[  483.186113][ T6746] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  483.362009][ T6751] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2764'.
[  483.922099][ T6762] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2768'.
[  483.924941][ T5335] Bluetooth: hci0: command 0x0419 tx timeout
[  484.110324][ T6756] delete_channel: no stack
[  484.549352][ T6786] pim6reg1: entered promiscuous mode
[  484.552121][ T6786] pim6reg1: entered allmulticast mode
[  485.123872][ T5979] Bluetooth: hci2: command 0x041b tx timeout
[  485.566352][ T7245] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  485.615929][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2780'.
[  485.621927][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2780'.
[  485.622354][ T7251] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  485.694576][ T7245] /dev/sr0: Can't open blockdev
[  485.774073][ T6053] usb 52-1: device descriptor read/8, error -110
[  485.845078][ T7251] /dev/sr0: Can't open blockdev
[  485.926528][ T7262] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2782'.
[  485.930786][ T7262] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2782'.
[  486.004356][ T5979] Bluetooth: hci0: command 0x0419 tx timeout
[  486.006740][ T7269] overlayfs: missing 'lowerdir'
[  486.176586][ T7273] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  486.194021][ T6053] usb usb52-port1: attempt power cycle
[  486.327988][ T7281] pim6reg1: entered promiscuous mode
[  486.329773][ T7281] pim6reg1: entered allmulticast mode
[  486.449086][ T7477] netlink: 5 bytes leftover after parsing attributes in process `syz.7.2789'.
[  486.452454][ T7477] 0ªX¹¦D: renamed from macvtap0 (while UP)
[  486.477410][ T7477] 0ªX¹¦D: entered allmulticast mode
[  486.479266][ T7477] veth0_macvtap: entered allmulticast mode
[  486.481518][ T7477] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  486.689842][ T7871] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  486.743412][ T8034] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  486.774582][ T6053] usb usb52-port1: unable to enumerate USB device
[  486.784337][ T7871] /dev/sr0: Can't open blockdev
[  486.884134][ T8034] /dev/sr0: Can't open blockdev
[  486.917908][   T40] audit: type=1326 audit(1755716006.264:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000
[  486.929239][   T40] audit: type=1326 audit(1755716006.264:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  486.938213][   T40] audit: type=1326 audit(1755716006.264:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  486.946795][   T40] audit: type=1326 audit(1755716006.274:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  486.963675][   T40] audit: type=1326 audit(1755716006.274:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  486.974532][   T40] audit: type=1326 audit(1755716006.274:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  486.981617][   T40] audit: type=1326 audit(1755716006.274:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000
[  486.988715][   T40] audit: type=1326 audit(1755716006.274:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000
[  486.995917][   T40] audit: type=1326 audit(1755716006.274:4397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000
[  487.003039][   T40] audit: type=1326 audit(1755716006.274:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8873 comm="syz.6.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000
[  487.061356][ T9576] Bluetooth: MGMT ver 1.23
[  487.206881][T10078] overlayfs: missing 'lowerdir'
[  487.274881][ T9955] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  487.352717][T10085] validate_nla: 42 callbacks suppressed
[  487.352729][T10085] netlink: 'syz.5.2796': attribute type 4 has an invalid length.
[  487.406546][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2797'.
[  487.410066][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2797'.
[  487.490602][T10089] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  487.493373][T10089] syzkaller0: entered promiscuous mode
[  487.495320][T10089] syzkaller0: entered allmulticast mode
[  487.500607][T10089] tipc: Resetting bearer <eth:syzkaller0>
[  487.511714][T10088] tipc: Resetting bearer <eth:syzkaller0>
[  487.513679][  T842] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  487.518620][T10088] tipc: Disabling bearer <eth:syzkaller0>
[  487.663618][  T842] usb 12-1: Using ep0 maxpacket: 8
[  487.675977][  T842] usb 12-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  487.679396][  T842] usb 12-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  487.682253][  T842] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  487.688231][  T842] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.736019][T10101] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  487.786946][T10098] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  487.824168][T10101] /dev/sr0: Can't open blockdev
[  487.955041][T10098] /dev/sr0: Can't open blockdev
[  488.086571][ T5335] Bluetooth: hci0: command 0x0419 tx timeout
[  488.445027][T10115] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2806'.
[  488.450055][T10115] netlink: 4768 bytes leftover after parsing attributes in process `syz.6.2806'.
[  488.991833][T10138] pim6reg1: entered promiscuous mode
[  488.999003][T10138] pim6reg1: entered allmulticast mode
[  489.107416][T10140] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  489.161190][T10143] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  489.224111][T10140] /dev/sr0: Can't open blockdev
[  489.241609][T10146] overlayfs: missing 'lowerdir'
[  489.344199][T10143] /dev/sr0: Can't open blockdev
[  489.366144][T10151] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2814'.
[  489.369956][T10151] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2814'.
[  489.420290][T10155] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.2816'.
[  489.500591][T10157] IPVS: set_ctl: invalid protocol: 58 172.20.20.187:21
[  489.536813][T10162] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2818'.
[  490.165000][ T5335] Bluetooth: hci0: command 0x0419 tx timeout
[  490.310071][ T6053] usb 12-1: USB disconnect, device number 3
[  490.358156][T10179] overlayfs: missing 'lowerdir'
[  490.418512][T10181] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  490.441872][T10185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2824'.
[  490.447059][T10185] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2824'.
[  490.474845][T10189] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  490.476662][T10187] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2825'.
[  490.534928][T10181] /dev/sr0: Can't open blockdev
[  490.665007][T10189] /dev/sr0: Can't open blockdev
[  490.686590][T10212] overlayfs: missing 'lowerdir'
[  490.703921][T10214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2833'.
[  490.745221][ T5335] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  490.796429][T10230] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  490.848254][T10236] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  490.874593][T10240] overlayfs: missing 'workdir'
[  490.894417][T10230] /dev/sr0: Can't open blockdev
[  491.114156][T10236] /dev/sr0: Can't open blockdev
[  491.909414][T10272] pim6reg1: entered promiscuous mode
[  491.911856][T10272] pim6reg1: entered allmulticast mode
[  492.253362][ T5335] Bluetooth: hci0: command 0x0419 tx timeout
[  493.274314][T10312] binder: 10311:10312 ioctl c018620c 80000380 returned -22
[  493.566914][T10322] pim6reg1: entered promiscuous mode
[  493.568885][T10322] pim6reg1: entered allmulticast mode
[  493.680512][T10324] __nla_validate_parse: 12 callbacks suppressed
[  493.680523][T10324] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2870'.
[  493.780554][T10326] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2871'.
[  493.784456][T10326] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2871'.
[  494.172351][T10339] netlink: 62 bytes leftover after parsing attributes in process `syz.7.2875'.
[  494.358317][T10342] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  494.360462][T10342] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  494.362895][T10342] vhci_hcd vhci_hcd.0: Device attached
[  494.369406][T10343] vhci_hcd: connection closed
[  494.369834][T24508] vhci_hcd: stop threads
[  494.372729][T24508] vhci_hcd: release socket
[  494.374297][T24508] vhci_hcd: disconnect device
[  494.813281][  T842] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  494.872072][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2880'.
[  494.877995][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2880'.
[  495.003310][  T842] usb 11-1: Using ep0 maxpacket: 8
[  495.006555][  T842] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  495.010041][  T842] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  495.014002][  T842] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  495.017844][  T842] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  495.021776][  T842] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  495.025338][T10361] pim6reg: entered allmulticast mode
[  495.027686][  T842] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  495.033238][  T842] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.033523][T10361] pim6reg: left allmulticast mode
[  495.242288][  T842] usb 11-1: usb_control_msg returned -32
[  495.243051][T10349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.244192][  T842] usbtmc 11-1:16.0: can't read capabilities
[  495.246971][T10349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.754829][T10380] overlayfs: missing 'lowerdir'
[  495.958460][T10391] delete_channel: no stack
[  496.813950][T10407] siw: device registration error -23
[  496.893783][T10409] overlayfs: missing 'lowerdir'
[  497.576459][ T1026] usb 11-1: USB disconnect, device number 8
[  497.630197][T10419] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer.
[  497.852823][T10422] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  497.855581][T10422] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  497.857718][T10422] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  498.484695][T10436] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2904'.
[  498.488372][T10436] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2904'.
[  498.507626][T10440] netlink: 'syz.6.2906': attribute type 4 has an invalid length.
[  498.510211][T10440] netlink: 152 bytes leftover after parsing attributes in process `syz.6.2906'.
[  498.515436][T10440] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  498.523724][T10440] netlink: 'syz.6.2906': attribute type 10 has an invalid length.
[  498.538011][T10440] vivid-003: disconnect
[  498.540550][T10439] vivid-003: reconnect
[  498.929566][T24468] Bluetooth: hci4: Frame reassembly failed (-84)
[  498.942730][T10445] Bluetooth: hci4: Frame reassembly failed (-84)
[  499.146710][T10451] pim6reg1: entered promiscuous mode
[  499.148559][T10451] pim6reg1: entered allmulticast mode
[  499.474310][T10453] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2909'.
[  499.494173][T10453] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2909'.
[  499.843051][ T5335] Bluetooth: hci2: command 0x041b tx timeout
[  499.923106][ T5335] Bluetooth: hci0: command 0x0419 tx timeout
[  499.951567][T10465] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2913'.
[  499.959863][T10465] bond0: (slave bond_slave_1): Releasing backup interface
[  500.049284][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2914'.
[  500.054171][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2914'.
[  500.110537][T24092] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  500.113177][T24092] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  500.507021][ T5981] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  500.509572][ T5981] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  500.512041][ T5981] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  500.514797][ T5981] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  500.517282][ T5981] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  500.531343][T10483] lo speed is unknown, defaulting to 1000
[  500.674522][T10483] chnl_net:caif_netlink_parms(): no params data found
[  500.787719][T10483] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.790905][T10483] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.794293][T10483] bridge_slave_0: entered allmulticast mode
[  500.797871][T10483] bridge_slave_0: entered promiscuous mode
[  500.801660][T10483] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.805858][T10483] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.809140][T10483] bridge_slave_1: entered allmulticast mode
[  500.812523][T10483] bridge_slave_1: entered promiscuous mode
[  500.842243][T10483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  500.851018][T10483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  500.881407][T10483] team0: Port device team_slave_0 added
[  500.887257][T10483] team0: Port device team_slave_1 added
[  500.914347][T10483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  500.916580][T10483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.925254][T10483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  500.931390][T10483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  500.933942][T10483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.942877][T10483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  500.962881][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  500.962902][ T5335] Bluetooth: hci4: command 0x1003 tx timeout
[  500.974662][T10483] hsr_slave_0: entered promiscuous mode
[  500.977301][T10483] hsr_slave_1: entered promiscuous mode
[  500.979949][T10483] debugfs: 'hsr0' already exists in 'hsr'
[  500.982324][T10483] Cannot create hsr debugfs directory
[  501.044709][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  501.049017][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  501.071559][T10483] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  501.085891][T10483] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  501.094789][T10483] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  501.099085][T10483] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  501.120710][T10483] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.124215][T10483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.127392][T10483] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.130377][T10483] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.167442][T10483] 8021q: adding VLAN 0 to HW filter on device bond0
[  501.173910][T24474] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.178434][T24474] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.187629][T10483] 8021q: adding VLAN 0 to HW filter on device team0
[  501.195578][T24474] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.198603][T24474] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.206077][T24488] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.208620][T24488] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.344778][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2923'.
[  501.348597][T10509] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2923'.
[  501.360098][T10483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  501.491646][T10483] veth0_vlan: entered promiscuous mode
[  501.495035][T10483] veth1_vlan: entered promiscuous mode
[  501.504684][T10483] veth0_macvtap: entered promiscuous mode
[  501.520868][T10483] veth1_macvtap: entered promiscuous mode
[  501.538140][T10483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  501.554263][T10483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  501.559310][T24474] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  501.560577][T24474] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  501.560612][T24474] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.560635][T24474] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.571910][T10522] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  501.572878][T10522] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  501.609216][T24474] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.609230][T24474] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.616506][T24474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.616519][T24474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.626942][T10525] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  501.626964][T10525] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  501.867856][T10532] netlink: 62 bytes leftover after parsing attributes in process `syz.7.2927'.
[  502.012889][ T5979] Bluetooth: hci0: command 0x0419 tx timeout
[  502.564157][ T5979] Bluetooth: hci3: command tx timeout
[  503.043538][T10547] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2931'.
[  503.055668][T10547] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2931'.
[  504.652727][ T5979] Bluetooth: hci3: command tx timeout
[  504.969079][T10570] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2937'.
[  505.564454][T10583] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2940'.
[  505.992120][T10589] netlink: 62 bytes leftover after parsing attributes in process `syz.6.2942'.
[  506.367823][T10594] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  506.423542][T10600] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  506.474001][T10594] /dev/sr0: Can't open blockdev
[  506.588298][T10600] /dev/sr0: Can't open blockdev
[  506.676344][T10612] netlink: 62 bytes leftover after parsing attributes in process `syz.7.2947'.
[  506.723222][ T5979] Bluetooth: hci3: command tx timeout
[  507.002076][T10618] netlink: 62 bytes leftover after parsing attributes in process `syz.8.2950'.
[  508.117587][T10648] netlink: 'syz.6.2960': attribute type 1 has an invalid length.
[  508.169017][T10654] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  508.176665][T10654] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  508.769303][T10674] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2968'.
[  508.794592][T10676] syz.7.2969: attempt to access beyond end of device
[  508.794592][T10676] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[  508.802455][ T5979] Bluetooth: hci3: command tx timeout
[  508.888433][T10682] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  508.942163][T10685] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  508.986206][T10682] /dev/sr0: Can't open blockdev
[  509.071236][T10688] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  509.094378][T10685] /dev/sr0: Can't open blockdev
[  509.123358][T10692] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  509.157029][T10695] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2974'.
[  509.162199][T10695] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2974'.
[  509.193494][T10688] /dev/sr0: Can't open blockdev
[  509.313309][T10692] /dev/sr0: Can't open blockdev
[  510.129181][T10714] netlink: 'syz.8.2980': attribute type 1 has an invalid length.
[  510.192401][T10724] netlink: 'syz.8.2980': attribute type 10 has an invalid length.
[  510.195406][T10724] netlink: 40 bytes leftover after parsing attributes in process `syz.8.2980'.
[  510.198957][T10724] dummy0: entered promiscuous mode
[  510.217294][T10723] netlink: 62 bytes leftover after parsing attributes in process `syz.7.2984'.
[  510.238370][T10720] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  510.248521][T10728] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2985'.
[  510.264700][T10728] netlink: 4768 bytes leftover after parsing attributes in process `syz.7.2985'.
[  510.290156][T10731] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  510.383719][T10720] /dev/sr0: Can't open blockdev
[  510.493048][T10731] /dev/sr0: Can't open blockdev
[  510.702413][   T34] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  510.852401][   T34] usb 12-1: Using ep0 maxpacket: 8
[  510.853939][   T34] usb 12-1: config index 0 descriptor too short (expected 301, got 45)
[  510.856811][   T34] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  510.859855][   T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  510.859870][   T34] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  510.859881][   T34] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  510.859902][   T34] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  510.859913][   T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.091778][   T34] usb 12-1: usb_control_msg returned -32
[  511.091799][   T34] usbtmc 12-1:16.0: can't read capabilities
[  511.092696][T10742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  511.092779][T10742] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  511.438817][T10755] netlink: 62 bytes leftover after parsing attributes in process `syz.1.2994'.
[  511.474219][T10761] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2996'.
[  511.478942][T10761] netlink: 4768 bytes leftover after parsing attributes in process `syz.8.2996'.
[  511.494088][T10765] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2998'.
[  511.560353][T10768] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  511.611731][T10777] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  511.693950][T10768] /dev/sr0: Can't open blockdev
[  511.803073][T10777] /dev/sr0: Can't open blockdev
[  511.873709][T10790] netlink: 62 bytes leftover after parsing attributes in process `syz.1.3006'.
[  512.766471][T10800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3008'.
[  512.844617][T10805] netlink: 'syz.1.3010': attribute type 7 has an invalid length.
[  513.103559][T10809] lo speed is unknown, defaulting to 1000
[  513.107189][T10809] lo speed is unknown, defaulting to 1000
[  513.109521][T10809] lo speed is unknown, defaulting to 1000
[  513.255747][T10809] infiniband s
z1: set active
[  513.257330][T10809] infiniband s
z1: added lo
[  513.288921][T10809] RDS/IB: s
z1: added
[  513.290230][T10809] smc: adding ib device s
z1 with port count 1
[  513.292177][T10809] smc:    ib device s
z1 port 1 has pnetid 
[  513.294239][T10809] lo speed is unknown, defaulting to 1000
[  513.326526][T10809] lo speed is unknown, defaulting to 1000
[  513.360939][T10809] lo speed is unknown, defaulting to 1000
[  513.395052][T10809] lo speed is unknown, defaulting to 1000
[  513.427572][T10809] lo speed is unknown, defaulting to 1000
[  513.461376][T10809] lo speed is unknown, defaulting to 1000
[  513.475349][T16149] usb 12-1: USB disconnect, device number 4
[  513.483960][ T6053] lo speed is unknown, defaulting to 1000
[  513.495880][T10809] lo speed is unknown, defaulting to 1000
[  513.502125][T10815] bond0: entered promiscuous mode
[  513.529190][T10809] lo speed is unknown, defaulting to 1000
[  513.561729][T10809] lo speed is unknown, defaulting to 1000
[  513.594477][T10809] lo speed is unknown, defaulting to 1000
[  513.702370][ T6053] lo speed is unknown, defaulting to 1000
[  515.144902][T10984] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  515.622550][T16149] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  515.842628][T10999] __nla_validate_parse: 5 callbacks suppressed
[  515.842641][T10999] netlink: 52 bytes leftover after parsing attributes in process `syz.8.3022'.
[  515.989951][T11005] FAULT_INJECTION: forcing a failure.
[  515.989951][T11005] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.995130][T11005] CPU: 0 UID: 0 PID: 11005 Comm: syz.1.3025 Not tainted syzkaller #0 PREEMPT(full) 
[  515.995146][T11005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  515.995153][T11005] Call Trace:
[  515.995157][T11005]  <TASK>
[  515.995162][T11005]  dump_stack_lvl+0x16c/0x1f0
[  515.995179][T11005]  should_fail_ex+0x512/0x640
[  515.995195][T11005]  _copy_from_user+0x2e/0xd0
[  515.995211][T11005]  get_compat_msghdr+0xa7/0x170
[  515.995224][T11005]  ? __pfx_get_compat_msghdr+0x10/0x10
[  515.995236][T11005]  ? kstrtouint_from_user+0x13c/0x1d0
[  515.995250][T11005]  ___sys_sendmsg+0x1ae/0x1d0
[  515.995263][T11005]  ? get_pid_task+0xfc/0x250
[  515.995278][T11005]  ? __pfx____sys_sendmsg+0x10/0x10
[  515.995293][T11005]  ? rcu_is_watching+0x12/0xc0
[  515.995308][T11005]  __sys_sendmsg+0x16d/0x220
[  515.995321][T11005]  ? __pfx___sys_sendmsg+0x10/0x10
[  515.995336][T11005]  ? rcu_is_watching+0x12/0xc0
[  515.995346][T11005]  __do_fast_syscall_32+0x7c/0x3a0
[  515.995361][T11005]  do_fast_syscall_32+0x32/0x80
[  515.995374][T11005]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  515.995387][T11005] RIP: 0023:0xf70be579
[  515.995395][T11005] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  515.995405][T11005] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  515.995416][T11005] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  515.995423][T11005] RDX: 0000000004004000 RSI: 0000000000000000 RDI: 0000000000000000
[  515.995429][T11005] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  515.995435][T11005] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  515.995441][T11005] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  515.995450][T11005]  </TASK>
[  516.039221][T11008] netlink: 62 bytes leftover after parsing attributes in process `syz.6.3023'.
[  516.649280][T11014] cgroup: fork rejected by pids controller in /syz8
[  516.733136][T11117] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3027'.
[  516.739872][T11117] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3027'.
[  516.795597][T11161] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  517.007849][T11207] netlink: 62 bytes leftover after parsing attributes in process `syz.7.3030'.
[  517.582965][ T6135] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  518.601745][T12133] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3036'.
[  518.605597][T12133] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3036'.
[  519.466013][T12144] netlink: 'syz.7.3038': attribute type 1 has an invalid length.
[  519.470047][T12144] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3038'.
[  520.188328][T12154] block device autoloading is deprecated and will be removed.
[  520.677666][T12159] cgroup: fork rejected by pids controller in /syz7
[  521.372151][T13947] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3046'.
[  521.463758][T13950] netlink: 'syz.8.3047': attribute type 6 has an invalid length.
[  521.499445][T13955] @: renamed from vlan0 (while UP)
[  521.510624][T13955] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3049'.
[  523.575935][T13978] FAULT_INJECTION: forcing a failure.
[  523.575935][T13978] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  523.575977][T13978] CPU: 2 UID: 0 PID: 13978 Comm: syz.8.3055 Not tainted syzkaller #0 PREEMPT(full) 
[  523.576001][T13978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  523.576008][T13978] Call Trace:
[  523.576011][T13978]  <TASK>
[  523.576015][T13978]  dump_stack_lvl+0x16c/0x1f0
[  523.576031][T13978]  should_fail_ex+0x512/0x640
[  523.576048][T13978]  _copy_from_user+0x2e/0xd0
[  523.576065][T13978]  get_compat_msghdr+0xa7/0x170
[  523.576077][T13978]  ? __pfx_get_compat_msghdr+0x10/0x10
[  523.576090][T13978]  ? __pfx_css_rstat_updated+0x10/0x10
[  523.576102][T13978]  ___sys_recvmsg+0x191/0x1a0
[  523.576116][T13978]  ? __pfx____sys_recvmsg+0x10/0x10
[  523.576132][T13978]  ? __pfx___might_resched+0x10/0x10
[  523.576144][T13978]  do_recvmmsg+0x55d/0x750
[  523.576157][T13978]  ? __pfx_do_recvmmsg+0x10/0x10
[  523.576168][T13978]  ? trace_sched_exit_tp+0xd1/0x120
[  523.576188][T13978]  ? __pfx___schedule+0x10/0x10
[  523.576199][T13978]  ? rcu_is_watching+0x12/0xc0
[  523.576210][T13978]  __sys_recvmmsg+0x21c/0x280
[  523.576224][T13978]  ? __pfx___sys_recvmmsg+0x10/0x10
[  523.576238][T13978]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  523.576252][T13978]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  523.576266][T13978]  __do_fast_syscall_32+0x7c/0x3a0
[  523.576281][T13978]  do_fast_syscall_32+0x32/0x80
[  523.576294][T13978]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  523.576307][T13978] RIP: 0023:0xf705e579
[  523.576315][T13978] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  523.576325][T13978] RSP: 002b:00000000f540c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  523.576336][T13978] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080001140
[  523.576342][T13978] RDX: 0000000000000700 RSI: 0000000000000002 RDI: 0000000000000000
[  523.576348][T13978] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  523.576354][T13978] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  523.576359][T13978] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  523.576368][T13978]  </TASK>
[  524.549854][T13995] netlink: 48 bytes leftover after parsing attributes in process `syz.8.3059'.
[  524.796887][   T40] kauditd_printk_skb: 166 callbacks suppressed
[  524.796942][   T40] audit: type=1326 audit(1755716044.126:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13997 comm="syz.8.3060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  524.797316][   T40] audit: type=1326 audit(1755716044.126:4566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13997 comm="syz.8.3060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  525.151740][T14009] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  525.203562][T14016] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  525.252479][T14009] /dev/sr0: Can't open blockdev
[  525.270131][T14022] netlink: 62 bytes leftover after parsing attributes in process `syz.7.3065'.
[  525.373049][T14016] /dev/sr0: Can't open blockdev
[  525.581505][ T1026] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  525.734913][ T1026] usb 11-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  525.737959][ T1026] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.740681][ T1026] usb 11-1: Product: syz
[  525.742277][ T1026] usb 11-1: Manufacturer: syz
[  525.743986][ T6054] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  525.747424][ T1026] usb 11-1: SerialNumber: syz
[  525.749890][ T1026] usb 11-1: config 0 descriptor??
[  525.878548][T14034] input: syz0 as /devices/virtual/input/input14
[  525.906198][ T6054] usb 6-1: Using ep0 maxpacket: 8
[  525.912516][ T6054] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  525.915512][ T6054] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  525.918884][ T6054] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  525.923125][ T6054] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  525.926855][ T6054] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  525.931215][ T6054] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  525.934405][ T6054] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.959676][T22806] usb 11-1: USB disconnect, device number 9
[  526.148059][ T6054] usb 6-1: usb_control_msg returned -32
[  526.148607][T14031] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  526.149856][ T6054] usbtmc 6-1:16.0: can't read capabilities
[  526.155680][T14031] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  526.580977][ T6135] usb 6-1: USB disconnect, device number 16
[  526.635895][T14051] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  526.641300][T14051] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  526.647238][T14051] bond0 (unregistering): Released all slaves
[  526.805646][T14052] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  526.959318][T14059] netlink: 'syz.7.3079': attribute type 1 has an invalid length.
[  528.386875][T15110] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  528.431914][   T40] audit: type=1326 audit(1755716047.786:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.435369][T15114] netlink: 'syz.8.3088': attribute type 4 has an invalid length.
[  528.439969][T15115] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  528.441289][   T40] audit: type=1326 audit(1755716047.786:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441313][   T40] audit: type=1326 audit(1755716047.786:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441332][   T40] audit: type=1326 audit(1755716047.786:4570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441348][   T40] audit: type=1326 audit(1755716047.786:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441365][   T40] audit: type=1326 audit(1755716047.786:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441381][   T40] audit: type=1326 audit(1755716047.786:4573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.441399][   T40] audit: type=1326 audit(1755716047.786:4574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15113 comm="syz.8.3088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  528.512099][T15110] /dev/sr0: Can't open blockdev
[  528.541338][T22806] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  528.662131][T15115] /dev/sr0: Can't open blockdev
[  528.694698][T22806] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  528.703268][T22806] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  528.709872][T22806] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  528.712910][T22806] usb 6-1: SerialNumber: syz
[  528.717871][T22806] usb-storage 6-1:1.0: USB Mass Storage device detected
[  528.724187][T22806] usb-storage 6-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  529.094396][T15135] ------------[ cut here ]------------
[  529.096872][T15135] intf 08:02:11:00:00:00 [link=0]: bad STA 08:02:11:00:00:01 bandwidth 20 MHz (0) > channel config 10 MHz (7)
[  529.102004][T15135] WARNING: CPU: 0 PID: 15135 at drivers/net/wireless/virtual/mac80211_hwsim.c:2651 mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.107455][T15135] Modules linked in:
[  529.109635][T15135] CPU: 0 UID: 0 PID: 15135 Comm: syz.7.3091 Not tainted syzkaller #0 PREEMPT(full) 
[  529.115664][T15135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  529.119889][T15135] RIP: 0010:mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.122419][T15135] Code: 8b 44 24 20 89 da 48 c7 c7 20 38 6c 8c 44 8b 89 b8 01 00 00 41 54 48 8d b0 72 04 00 00 41 55 44 8b 44 24 14 e8 c6 d4 67 fa 90 <0f> 0b 90 90 58 5a e9 36 fc ff ff e8 65 e1 a8 fa e8 b0 54 7e 04 31
[  529.128514][T15135] RSP: 0018:ffffc900074bf178 EFLAGS: 00010282
[  529.130639][T15135] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000e011000
[  529.133656][T15135] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  529.136417][T15135] RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000
[  529.139322][T15135] R10: 0000000000000001 R11: 3a38302066746e69 R12: 0000000000000007
[  529.141939][T15135] R13: 000000000000000a R14: ffff88805701d080 R15: ffff8880649f30a0
[  529.145356][T15135] FS:  0000000000000000(0000) GS:ffff8880974c4000(0063) knlGS:00000000f54ddb40
[  529.149289][T15135] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  529.152303][T15135] CR2: 00000000f54dc528 CR3: 0000000065b6d000 CR4: 0000000000352ef0
[  529.155726][T15135] Call Trace:
[  529.157226][T15135]  <TASK>
[  529.158754][T15135]  mac80211_hwsim_sta_add+0xc9/0x2c0
[  529.161054][T15135]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  529.164083][T15135]  drv_sta_state+0xa05/0x1940
[  529.166120][T15135]  sta_info_insert_rcu+0xc8d/0x1b70
[  529.168422][T15135]  sta_info_insert+0x16/0xd0
[  529.170449][T15135]  ieee80211_add_station+0x46d/0x6c0
[  529.172787][T15135]  nl80211_new_station+0x1502/0x1c90
[  529.175047][T15135]  ? __pfx_nl80211_new_station+0x10/0x10
[  529.177472][T15135]  ? nl80211_pre_doit+0x1b0/0xb10
[  529.179654][T15135]  genl_family_rcv_msg_doit+0x206/0x2f0
[  529.182155][T15135]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  529.184635][T15135]  ? bpf_lsm_capable+0x9/0x10
[  529.186674][T15135]  ? security_capable+0x7e/0x260
[  529.188778][T15135]  ? ns_capable+0xd7/0x110
[  529.191070][T15135]  genl_rcv_msg+0x55c/0x800
[  529.193623][T15135]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.196377][T15135]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  529.198841][T15135]  ? __pfx_nl80211_new_station+0x10/0x10
[  529.201331][T15135]  ? __pfx_nl80211_post_doit+0x10/0x10
[  529.203633][T15135]  netlink_rcv_skb+0x155/0x420
[  529.205675][T15135]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.207854][T15135]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  529.210040][T15135]  genl_rcv+0x28/0x40
[  529.211904][T15135]  netlink_unicast+0x5aa/0x870
[  529.213952][T15135]  ? __pfx_netlink_unicast+0x10/0x10
[  529.216419][T15135]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  529.219215][T15135]  netlink_sendmsg+0x8d1/0xdd0
[  529.221489][T15135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  529.223876][T15135]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  529.226500][T15135]  ____sys_sendmsg+0xa95/0xc70
[  529.228574][T15135]  ? __pfx_____sys_sendmsg+0x10/0x10
[  529.230913][T15135]  ? get_compat_msghdr+0x11a/0x170
[  529.233419][T15135]  ? __pfx_futex_wake_mark+0x10/0x10
[  529.235705][T15135]  ___sys_sendmsg+0x134/0x1d0
[  529.237717][T15135]  ? lock_release+0x201/0x2f0
[  529.239834][T15135]  ? __pfx____sys_sendmsg+0x10/0x10
[  529.242524][T15135]  ? futex_private_hash_put+0x11c/0x300
[  529.244972][T15135]  ? rcu_is_watching+0x12/0xc0
[  529.247244][T15135]  __sys_sendmsg+0x16d/0x220
[  529.249510][T15135]  ? __pfx___sys_sendmsg+0x10/0x10
[  529.252041][T15135]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  529.254434][T15135]  ? rcu_is_watching+0x12/0xc0
[  529.256461][T15135]  __do_fast_syscall_32+0x7c/0x3a0
[  529.258695][T15135]  do_fast_syscall_32+0x32/0x80
[  529.261007][T15135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  529.263910][T15135] RIP: 0023:0xf710e579
[  529.265650][T15135] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  529.273830][T15135] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  529.277364][T15135] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080001080
[  529.280786][T15135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  529.284339][T15135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  529.287651][T15135] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  529.291135][T15135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  529.294508][T15135]  </TASK>
[  529.295858][T15135] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  529.298948][T15135] CPU: 0 UID: 0 PID: 15135 Comm: syz.7.3091 Not tainted syzkaller #0 PREEMPT(full) 
[  529.303016][T15135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  529.307500][T15135] Call Trace:
[  529.308913][T15135]  <TASK>
[  529.310254][T15135]  dump_stack_lvl+0x3d/0x1f0
[  529.312283][T15135]  vpanic+0x6e8/0x7a0
[  529.314005][T15135]  ? __pfx_vpanic+0x10/0x10
[  529.315980][T15135]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.318500][T15135]  panic+0xca/0xd0
[  529.320131][T15135]  ? __pfx_panic+0x10/0x10
[  529.322144][T15135]  check_panic_on_warn+0xab/0xb0
[  529.324266][T15135]  __warn+0xf6/0x3c0
[  529.325955][T15135]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.328600][T15135]  report_bug+0x3c3/0x580
[  529.330546][T15135]  ? mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.333280][T15135]  handle_bug+0x184/0x210
[  529.335326][T15135]  exc_invalid_op+0x17/0x50
[  529.337856][T15135]  asm_exc_invalid_op+0x1a/0x20
[  529.340230][T15135] RIP: 0010:mac80211_hwsim_sta_rc_update+0x60b/0x850
[  529.343341][T15135] Code: 8b 44 24 20 89 da 48 c7 c7 20 38 6c 8c 44 8b 89 b8 01 00 00 41 54 48 8d b0 72 04 00 00 41 55 44 8b 44 24 14 e8 c6 d4 67 fa 90 <0f> 0b 90 90 58 5a e9 36 fc ff ff e8 65 e1 a8 fa e8 b0 54 7e 04 31
[  529.350289][T15135] RSP: 0018:ffffc900074bf178 EFLAGS: 00010282
[  529.352493][T15135] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000e011000
[  529.355329][T15135] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001
[  529.358055][T15135] RBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000
[  529.360769][T15135] R10: 0000000000000001 R11: 3a38302066746e69 R12: 0000000000000007
[  529.363273][T15135] R13: 000000000000000a R14: ffff88805701d080 R15: ffff8880649f30a0
[  529.365760][T15135]  ? __warn_printk+0x1a5/0x350
[  529.367378][T15135]  ? mac80211_hwsim_sta_rc_update+0x60a/0x850
[  529.369320][T15135]  mac80211_hwsim_sta_add+0xc9/0x2c0
[  529.371034][T15135]  ? __pfx_mac80211_hwsim_sta_add+0x10/0x10
[  529.372955][T15135]  drv_sta_state+0xa05/0x1940
[  529.374489][T15135]  sta_info_insert_rcu+0xc8d/0x1b70
[  529.376149][T15135]  sta_info_insert+0x16/0xd0
[  529.377618][T15135]  ieee80211_add_station+0x46d/0x6c0
[  529.379300][T15135]  nl80211_new_station+0x1502/0x1c90
[  529.380959][T15135]  ? __pfx_nl80211_new_station+0x10/0x10
[  529.382729][T15135]  ? nl80211_pre_doit+0x1b0/0xb10
[  529.384313][T15135]  genl_family_rcv_msg_doit+0x206/0x2f0
[  529.386043][T15135]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  529.387986][T15135]  ? bpf_lsm_capable+0x9/0x10
[  529.389417][T15135]  ? security_capable+0x7e/0x260
[  529.391014][T15135]  ? ns_capable+0xd7/0x110
[  529.392434][T15135]  genl_rcv_msg+0x55c/0x800
[  529.393908][T15135]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.395436][T15135]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  529.397120][T15135]  ? __pfx_nl80211_new_station+0x10/0x10
[  529.398953][T15135]  ? __pfx_nl80211_post_doit+0x10/0x10
[  529.400673][T15135]  netlink_rcv_skb+0x155/0x420
[  529.402191][T15135]  ? __pfx_genl_rcv_msg+0x10/0x10
[  529.403917][T15135]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  529.405601][T15135]  genl_rcv+0x28/0x40
[  529.406916][T15135]  netlink_unicast+0x5aa/0x870
[  529.408456][T15135]  ? __pfx_netlink_unicast+0x10/0x10
[  529.410135][T15135]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  529.412095][T15135]  netlink_sendmsg+0x8d1/0xdd0
[  529.413632][T15135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  529.415360][T15135]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  529.417343][T15135]  ____sys_sendmsg+0xa95/0xc70
[  529.418886][T15135]  ? __pfx_____sys_sendmsg+0x10/0x10
[  529.420574][T15135]  ? get_compat_msghdr+0x11a/0x170
[  529.422210][T15135]  ? __pfx_futex_wake_mark+0x10/0x10
[  529.423985][T15135]  ___sys_sendmsg+0x134/0x1d0
[  529.425524][T15135]  ? lock_release+0x201/0x2f0
[  529.427075][T15135]  ? __pfx____sys_sendmsg+0x10/0x10
[  529.428753][T15135]  ? futex_private_hash_put+0x11c/0x300
[  529.430532][T15135]  ? rcu_is_watching+0x12/0xc0
[  529.432107][T15135]  __sys_sendmsg+0x16d/0x220
[  529.433585][T15135]  ? __pfx___sys_sendmsg+0x10/0x10
[  529.435234][T15135]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  529.437032][T15135]  ? rcu_is_watching+0x12/0xc0
[  529.438569][T15135]  __do_fast_syscall_32+0x7c/0x3a0
[  529.440213][T15135]  do_fast_syscall_32+0x32/0x80
[  529.441891][T15135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  529.443894][T15135] RIP: 0023:0xf710e579
[  529.445067][T15135] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  529.450942][T15135] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  529.453565][T15135] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080001080
[  529.456050][T15135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  529.458535][T15135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  529.461059][T15135] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  529.463555][T15135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  529.466030][T15135]  </TASK>
[  529.467942][T15135] Kernel Offset: disabled
[  529.469313][T15135] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:50:09  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc900074beae0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552030203a555043
R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0f8640 R15=ffffffff85616ae0
RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54dc528 CR3=0000000065b6d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000014021ac RBX=0000000000000001 RCX=ffffffff8b908bf9 RDX=ffffed1005666656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bd7488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801deba440 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032809ff8 CR3=0000000068665000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000054ec8c RBX=0000000000000002 RCX=ffffffff8b908bf9 RDX=ffffed1005686656
RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bd7910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=ffff88802b43b298
R12=0000000000000002 R13=ffff88801debc880 R14=ffffffff90ab7690 R15=0000000000000000
RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000557f6b08cf40 CR3=000000004cde0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000007 RBX=ffffffff8f1b3740 RCX=ffffc9002e837000 RDX=0000000000000000
RSI=0000000000000001 RDI=ffff8880572dde64 RBP=0000000000000000 RSP=ffffc9000735fa08
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff8880572dc880 R13=0000000000000001 R14=ffffc9000735fb50 R15=00000000800356e0
RIP=ffffffff8512a4a6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000030de6ffc CR3=0000000068665000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000