last executing test programs:

5m41.871390807s ago: executing program 32 (id=404):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000019280)={0x0, r0}, 0x8)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000019340)={&(0x7f00000192c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0xb, [@typedef={0x6, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x5f, 0x0, 0x30, 0x61, 0x0, 0x5f, 0x2e, 0x5f, 0x0]}}, &(0x7f0000019300)=""/41, 0x2f, 0x29, 0x0, 0x3, 0x10000, @value=r1}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019380)={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd74)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r6, &(0x7f0000000080), 0x1c)
r7 = fcntl$dupfd(r6, 0x0, r6)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000)
sendmsg$WG_CMD_GET_DEVICE(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000002e80)={&(0x7f0000002fc0)=ANY=[], 0x2b08}}, 0x6)
recvmmsg(r6, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/106, 0x6a}], 0x1}, 0x4}], 0x1, 0x40000002, 0x0)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, &(0x7f0000019080), &(0x7f0000019100)=0x4)
sendmmsg$inet(r5, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000019140)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000008023bed75ea42286c56f8b97d6b22f00e49bf0daf1c752b5a12e0900000000000000a25bcb22bb78475721079025f8e2272d7d622f8ed953fdb6e0c1d3683c62e33b04bb7c6593a1743cc80aff0de7a3b05c847c6679bc8d7b57118740ab2ddd6e31ffd103f93a0b519f21014782cd7b90400558249861875d108e20df09422ab0c0b249c33d61e23844ae845ee3b6930f02231cec5e683b57e87553cced1ac3c49244ad8e19110089a9699764409c8a4bc6273f20d64defab19abbf227d3f534b5f193b8216720f588a0002c1eb994493ab6a2c7218c1d2da77c9ddfcd4f7e3090df0daf8c2165794342eb61045a54b0126d4c9b626b89e5576b08fc9"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000195c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x240, 0x202, 0x225, 0x240, 0x278, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x110, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x8}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x40000081, 'syz1\x00'}}}, {{@uncond, 0x0, 0xc8, 0x130, 0x0, {}, [@common=@mh={{0x24}, {"078b"}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x2, 0x0, 0x2ae, 0x2, 'pptp\x00', 'syz0\x00', {0x6}}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x364)
r10 = syz_open_procfs(0x0, &(0x7f00000190c0)='net/vlan/config\x00')
pread64(r10, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
sendmsg$nl_generic(r0, 0x0, 0x84)

5m39.233942777s ago: executing program 33 (id=350):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, &(0x7f00000004c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lsetxattr$security_ima(0x0, &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb4"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, 0xffffffffffffffff)
mq_notify(r2, &(0x7f00000000c0)={0x0, 0xc, 0x0, @thr={0x0, 0x0}})
close_range(r1, 0xffffffffffffffff, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)

5m35.385259265s ago: executing program 34 (id=376):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x30, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ_RESET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x14, 0x15, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x480c0}, 0xc040)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

5m24.103095968s ago: executing program 35 (id=415):
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x6, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000c3"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000002200)='./file0\x00', 0x1)
mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f0000000080)='debugfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x3210a6, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e725f31f814a6656665723d72656c47746976652cd6e20e41ccf8e509100000000800000000000000a113db62bb272b32da702828289f9a0936006b360000000000e2189ddeaff48e3cf00673e2647e237082d1e3853c4b34"])
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2b, 0x80805, 0xe)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e22, @multicast1}]}, &(0x7f00000001c0)=0xc)
socket(0x9, 0x3, 0x100)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xfffffffffffffe15)
syz_open_dev$radio(0x0, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000580)='ecryptfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000540), &(0x7f0000000200))
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x6, 0xb, &(0x7f00000006c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7e47b2fb, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x3, 0x1, 0x1, 0x3, 0xb, 0x20, 0x7fffffffffffffe1}, @exit, @tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @jmp={0x5, 0x0, 0xa, 0x1, 0x8, 0x50}]}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x0, 0xd5, 0x0, &(0x7f00000003c0)="048add0c1d1582a6729988f0fb4e1169bff719d1e73ba3413591c19b754c4a37bf2a449737eccbf5b1341eac3c94438130abdf4fb1fdd7ee276222a2ba82baafb6f2da0645c95f3799ec8496eaa57de8ee64589061d63f61222307ca161335c58448fdd7b093b4deb714e34b098feb281e05c1921b0731cf01abb834673c1645e607efd6b907a781a2ef1ac9e0ccffcdc412d310a49479211bbd1d734a66efe26d69109367f1258f88fc2f5d8cae721901f7215c8e29503d442c94551395dfa1f1a9239d330dd90e049fa272750866ac606b179ea8", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x40000000}, 0x4c)
io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000380)='T\x19\xb9L,mW\xe3r\xf8#\x1c\xab\xe9\xcf7TK\xa4\x19\xc0\x91\r,G\x83\xe3L\x14\xe6', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x20, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

5m21.158971141s ago: executing program 36 (id=423):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket(0x2a, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000240), 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000140)='net/arp\x00')
read(r1, &(0x7f0000000b80)=""/215, 0xd7)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000000)={0x32f, @tick=0xfffffffc, 0x0, {0x6}, 0x1, 0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000006c0)={0x400, 0x2, 0xe})
sendmsg$nl_generic(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="f80001002800020026bd7000fcdbdf250cac73f7c2d5651d711fff5ce9ea000000151a91a5b55c20bb1d9d26eb85bc63ff50d40a593caf0ff761a236d79ace5dc8078959495858850b84dcd1d54313c2358621efb4bbacb91344d3c1ff7fbf97ff5f99bceae86eb474c5584c6880283a200e9d15fe09111a37f4f3234a5ff08a4efb99797a000300482028b32b5e6e56ebb6aa957b27e9b4cd983fac457c036d078ae065b578005abf765f7d295121685d7ed4f8483825cf6c221f9da10cf0fe5006d388c09922dd8e8a5b29f94cdc5e12d959f76b5e9c089c9bb0f0287104763d1ff3f38d2feb07653c4bc89b22911be4b2239863abde6e"], 0xf8}, 0x1, 0x0, 0x0, 0x4044800}, 0x40c10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000340), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]})
r5 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r5, 0x40086409, &(0x7f0000000100))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x200000e, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x440200)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

5m9.162821629s ago: executing program 37 (id=539):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb49f724ae517692c97a17667ed7f3a288063a816a6ccfc6d86cc07a937676654721e3b4e84bb4b46b8157e1533b9e4d7a285e6858c725fc08a01f4703de5266a6802"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)

5m7.873819861s ago: executing program 4 (id=549):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb49f724ae517692c97a17667ed7f3a288063a816a6ccfc6d86cc07a937676654721e3b4e84bb4b46b8157e1533b9e4d7a285e6858c725fc08a01f4703de5266a6802"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)

5m7.699592341s ago: executing program 38 (id=550):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x4d091, r0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

5m7.005458024s ago: executing program 4 (id=552):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
inotify_init()
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) (async)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000080), 0x4) (async)
setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000))
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010b00000000000000000e00000008000300", @ANYRES32=r0, @ANYBLOB="41ec33fed941782c7a127a2e16f2e983de9493f4a40ac937f7c8ec6b3a1d2ff489fc1d1ba6e325f4cce3d9e16851b0c9893413cef8cb106c1ea96a019d024aabca6f9658f65cf1c26ec23c"], 0x1c}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010b00000000000000000e00000008000300", @ANYRES32=r0, @ANYBLOB="41ec33fed941782c7a127a2e16f2e983de9493f4a40ac937f7c8ec6b3a1d2ff489fc1d1ba6e325f4cce3d9e16851b0c9893413cef8cb106c1ea96a019d024aabca6f9658f65cf1c26ec23c"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={0x0, @empty}, &(0x7f00000001c0)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={0x0, @empty}, &(0x7f00000001c0)=0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2f, 0x8, 0x92, 0x6, 0x8, @mcast1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x10, 0x10, 0x0, 0xf4}})
socket$packet(0x11, 0x3, 0x300) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000180)=0x19ca, 0x4)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) (async)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14) (async)
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = socket(0x10, 0x3, 0x6)
r8 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000040)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000040)={'team0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0xffffff24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc19d]}}}}, @TCA_RATE={0x6}]}, 0x90}, 0x1, 0x0, 0x0, 0x41804}, 0x20000000)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000300)={@multicast1, @remote}, &(0x7f0000000340)=0x8)
shutdown(r2, 0x0)

5m6.665937645s ago: executing program 4 (id=553):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)

5m6.665044482s ago: executing program 4 (id=554):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

5m6.583794423s ago: executing program 4 (id=555):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x4d091, r0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r3}, './file0\x00'})

5m6.289599852s ago: executing program 4 (id=557):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100028bd7000fddbdf257f000000060048001d00000014005500cf187c537ef24663da24486c46d7158332564d1e3b47f583dc354d3e7753725ed932252f105505f310d71ea94d097d7daf301e41d74da9fd0b39eec359800cabeebb"], 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x40000)
close_range(r0, r0, 0x2)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r5 = syz_open_dev$video4linux(&(0x7f0000000740), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r5, 0xc040563e, &(0x7f0000000000)={0xf00, 0x0, 0x0, 0x0, {0x6efc, 0xfffffffd}})
r6 = landlock_create_ruleset(&(0x7f0000000000)={0x114c, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r6, 0x1)
r7 = syz_io_uring_setup(0x835, &(0x7f0000000180)={0x0, 0x679a, 0x400, 0x4, 0x3ca}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r10, 0x0, 0x0})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r11 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r11, 0x28, 0x8, &(0x7f0000000100)=0x147ae147ae147ad, 0x112)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
getgroups(0x44, &(0x7f0000000040))
write$sysctl(0xffffffffffffffff, &(0x7f0000000580)='4\x00', 0x2)
r12 = syz_clone(0x20000500, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
capget(&(0x7f0000000280)={0x19980330, r12}, &(0x7f00000003c0)={0xdcc, 0x3, 0x9, 0x4, 0x1})
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={@empty, 0x55, r1})
r13 = io_uring_setup(0x6aec, &(0x7f0000000000)={0x0, 0x3ca1, 0x8000, 0x1, 0x1df})
syz_io_uring_setup(0x365b, &(0x7f0000000140)={0x0, 0x436b, 0x8000, 0x1, 0x14e, 0x0, r13}, &(0x7f00000001c0), &(0x7f0000000200))

5m6.245239679s ago: executing program 39 (id=557):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100028bd7000fddbdf257f000000060048001d00000014005500cf187c537ef24663da24486c46d7158332564d1e3b47f583dc354d3e7753725ed932252f105505f310d71ea94d097d7daf301e41d74da9fd0b39eec359800cabeebb"], 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x40000)
close_range(r0, r0, 0x2)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r5 = syz_open_dev$video4linux(&(0x7f0000000740), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r5, 0xc040563e, &(0x7f0000000000)={0xf00, 0x0, 0x0, 0x0, {0x6efc, 0xfffffffd}})
r6 = landlock_create_ruleset(&(0x7f0000000000)={0x114c, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r6, 0x1)
r7 = syz_io_uring_setup(0x835, &(0x7f0000000180)={0x0, 0x679a, 0x400, 0x4, 0x3ca}, &(0x7f0000000040)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r10, 0x0, 0x0})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r11 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r11, 0x28, 0x8, &(0x7f0000000100)=0x147ae147ae147ad, 0x112)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
getgroups(0x44, &(0x7f0000000040))
write$sysctl(0xffffffffffffffff, &(0x7f0000000580)='4\x00', 0x2)
r12 = syz_clone(0x20000500, 0x0, 0x0, 0x0, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2)
capget(&(0x7f0000000280)={0x19980330, r12}, &(0x7f00000003c0)={0xdcc, 0x3, 0x9, 0x4, 0x1})
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={@empty, 0x55, r1})
r13 = io_uring_setup(0x6aec, &(0x7f0000000000)={0x0, 0x3ca1, 0x8000, 0x1, 0x1df})
syz_io_uring_setup(0x365b, &(0x7f0000000140)={0x0, 0x436b, 0x8000, 0x1, 0x14e, 0x0, r13}, &(0x7f00000001c0), &(0x7f0000000200))

4m7.618277177s ago: executing program 9 (id=847):
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0xffffffff80000000, 0x0, 0x5b)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000bc0)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10202, 0x810}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="14010000110001002cbd7000fbdbdf2501018d80ca80652a0f074bd9145842960219e272f6a6e5a86f2d0b9f912029e21f4234a43147f0de99be63eb1d6b8df9251b215da8ea5ff77164ef78e6d5bd3c5d40a56a90f4d84b522bd662f20d074c5b648c5af837c73e9f351bea0d331d5a4cabbaa699a988e6ba585cca73238cfadc3c253f715d6f494e1f5b3741900cd1ddf0ddaa421b5605f590691ce5884f9c786ab99278cb5f54fff2d84ca1f9ad35afe1b44f060998e639e69130891646be77f3f6cfe2a5712ebe23a3e47592fd17cbb38b9f46a2e2ac4bc8b37fc9e3c2eda884d6c5427c6280453f21960293ee92839a9037e1aa0a076e2c43931d4039492619e27a47126ff1fbb59e609c51c6b68cf4eb24182e000000"], 0x114}], 0x1, 0x0, 0x0, 0x6000081}, 0x20048040)

4m7.523477993s ago: executing program 9 (id=850):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x28b, 0x0, r1}, &(0x7f0000000140), &(0x7f0000000280))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r4, 0x300, 0xfffffffc, 0x25dfdbfc, {0x2b}, [@NL802154_ATTR_IFINDEX, @NL802154_ATTR_WPAN_DEV={0x0, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX]}, 0x20}, 0x1, 0x0, 0x0, 0x2}, 0x24040010)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)

4m6.921856304s ago: executing program 9 (id=854):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$vbi(&(0x7f0000000380), 0x1, 0x2)
ioctl$VIDIOC_G_OUTPUT(0xffffffffffffffff, 0x8004562e, &(0x7f00000001c0))
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_ct={0x34, 0x2, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="300000ffffffd10a0000", @ANYRES32=0x0, @ANYBLOB="0000000005200400050027000000000008000f0003000004"], 0x30}}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r4 = socket(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
sigaltstack(0x0, 0x0)
setitimer(0x1, &(0x7f0000000580)={{}, {0x0, 0xea60}}, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000280)='bdev\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x7)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='0,.:/', 0x0)

4m6.773464496s ago: executing program 3 (id=856):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb49f724ae517692c97a17667ed7f3a288063a816a6ccfc6d86cc07a937676654721e3b4e84bb4b46b8157e1533b9e4d7a285e6858c725fc08a01f4703de5266a6802"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)

4m5.952900355s ago: executing program 9 (id=860):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

4m5.892469898s ago: executing program 9 (id=861):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff02000000000000000000000000000184000a1165000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/24], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, r6, &(0x7f0000000240), 0x1001)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m5.803277394s ago: executing program 3 (id=862):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x28b, 0x0, r1}, &(0x7f0000000140), &(0x7f0000000280))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r4, 0x300, 0xfffffffc, 0x25dfdbfc, {0x2b}, [@NL802154_ATTR_IFINDEX, @NL802154_ATTR_WPAN_DEV={0x0, 0x6, 0x300000003}, @NL802154_ATTR_IFINDEX]}, 0x20}, 0x1, 0x0, 0x0, 0x2}, 0x24040010)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)

4m5.642946748s ago: executing program 9 (id=864):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101)
socket(0x22, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, 0x0, 0x0)
r2 = dup(r0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000ac0)='gid', 0x0, 0x0)
shmat(0x0, &(0x7f000008c000/0x2000)=nil, 0x9000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x4e9, &(0x7f0000000280)={0x0, 0x380c, 0x2, 0x2, 0x1f5}, &(0x7f0000000180), &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004480)=@newtfilter={0x24, 0x2c, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xe}, {0xffe0, 0xffe8}, {0xc, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x44000)
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x58, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0x3, 0xfff3}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x58}}, 0x200400d4)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48800}, 0x4000040)
eventfd(0x9)

4m5.563791915s ago: executing program 40 (id=864):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101)
socket(0x22, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, 0x0, 0x0)
r2 = dup(r0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000ac0)='gid', 0x0, 0x0)
shmat(0x0, &(0x7f000008c000/0x2000)=nil, 0x9000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x4e9, &(0x7f0000000280)={0x0, 0x380c, 0x2, 0x2, 0x1f5}, &(0x7f0000000180), &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004480)=@newtfilter={0x24, 0x2c, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xe}, {0xffe0, 0xffe8}, {0xc, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x44000)
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x58, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0x3, 0xfff3}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x58}}, 0x200400d4)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48800}, 0x4000040)
eventfd(0x9)

4m5.295168735s ago: executing program 3 (id=866):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101)
socket(0x22, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, 0x0, 0x0)
r2 = dup(r0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000ac0)='gid', 0x0, 0x0)
shmat(0x0, &(0x7f000008c000/0x2000)=nil, 0x9000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x4e9, &(0x7f0000000280)={0x0, 0x380c, 0x2, 0x2, 0x1f5}, &(0x7f0000000180), &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004480)=@newtfilter={0x24, 0x2c, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xe}, {0xffe0, 0xffe8}, {0xc, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x44000)
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x40, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r7, {0x3, 0xfff3}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x10, 0x2, [@TCA_FLOW_EMATCHES={0xc, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}]}]}}]}, 0x40}}, 0x200400d4)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48800}, 0x4000040)
eventfd(0x9)

4m4.709000244s ago: executing program 3 (id=869):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

4m4.582775778s ago: executing program 3 (id=870):
unshare(0x33070900)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xfe79, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r1, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88b81, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x14)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r7=>0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r7, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})

4m4.263081484s ago: executing program 3 (id=873):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff02000000000000000000000000000184000a1165000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/24], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, r6, &(0x7f0000000240), 0x1001)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m4.17836202s ago: executing program 41 (id=873):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff02000000000000000000000000000184000a1165000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/24], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, r6, &(0x7f0000000240), 0x1001)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m57.333141872s ago: executing program 0 (id=900):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000022c0)={0x0, 0xb}, 0x8)

3m57.240674893s ago: executing program 0 (id=903):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r2=>0x0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r1, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0xa}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x7c2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40001}, 0x8080)
r3 = openat$sndseq(0xffffff9c, &(0x7f00000001c0), 0xc0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000200)={0x10, 0x7, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r3, 0x40bc5311, &(0x7f00000002c0)={0xfffffa41, 0x1, 'client0\x00', 0x5, "a9361e92aa539905", "38e09f11512e06e708b21859209fcaa43bd9dce2a7e55c80b7b4349b7f71ce2f", 0x30, 0x9})
r4 = openat$btrfs_control(0xffffff9c, &(0x7f0000000380), 0x101000, 0x0)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0xa0048}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x2c, r5, 0x300, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x2c}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r6=>r3, {0x1}}, './file0\x00'})
bind$qrtr(r6, &(0x7f0000000540)={0x2a, 0xffffffff, 0xfffffffe}, 0xc)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f00000005c0), r6)
r8 = syz_open_procfs$namespace(0x0, &(0x7f0000000600)='ns/pid_for_children\x00')
sendmsg$GTP_CMD_ECHOREQ(r6, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x2c, r7, 0x10, 0x70bd25, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r4}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8, 0x7, r8}]}, 0x2c}, 0x1, 0x0, 0x0, 0xd0}, 0x20000014)
r9 = syz_genetlink_get_family_id$nbd(&(0x7f0000000740), r0)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x80, r9, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '{'}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x101}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x5}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r4}}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x16, 0xa, ',&-&&.@-},*%{\xdd\xe2.#/'}]}, 0x80}, 0x1, 0x0, 0x0, 0x20008000}, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000880))
syz_open_dev$sndmidi(&(0x7f00000008c0), 0x3, 0x2000)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f0000000900)={{0x0, 0x0, 0x80}})
r10 = openat$dlm_monitor(0xffffff9c, &(0x7f0000002980), 0x400, 0x0)
setsockopt$inet_tcp_buf(r10, 0x6, 0xe, &(0x7f00000029c0)="41acb5c8c4160d95a940fa666cb31fa2af9f397ebf0d8594b865a6c4d7e16ca6cfff77f3aafa", 0x26)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000002a00), r0)
socket$xdp(0x2c, 0x3, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000002a40), r0)
r11 = openat$ttyS3(0xffffff9c, &(0x7f0000002a80), 0x28282, 0x0)
ioctl$TIOCMBIS(r11, 0x5416, &(0x7f0000002ac0)=0x9)
getpid()
sendmsg$L2TP_CMD_TUNNEL_GET(r10, &(0x7f0000002c40)={&(0x7f0000002b00)={0x10, 0x0, 0x0, 0x800010}, 0xc, &(0x7f0000002c00)={&(0x7f0000002b80)={0x54, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x1}, @L2TP_ATTR_PW_TYPE={0x6}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r4}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x4}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x3}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e20}]}, 0x54}, 0x1, 0x0, 0x0, 0x40c0}, 0x0)

3m57.10191966s ago: executing program 0 (id=905):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001900), r0)
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a00)={0x20, r1, 0x102, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

3m57.101562272s ago: executing program 0 (id=907):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, 0x0)

3m57.022793061s ago: executing program 0 (id=908):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB="08001f0005"], 0x70}}, 0x0)

3m56.618859171s ago: executing program 0 (id=913):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb49f724ae517692c97a17667ed7f3a288063a816a6ccfc6d86cc07a937676654721e3b4e84bb4b46b8157e1533b9e4d7a285e6858c725fc08a01f4703de5266a6802"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)

3m56.387270943s ago: executing program 42 (id=913):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x8004, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f0000000280)='./bus\x00', &(0x7f0000000180), &(0x7f0000000340)=ANY=[@ANYBLOB="04a46a020064942fd62c4928ea0303212256bd6ca55ef75075c90baa8222dd6ceaa2cb529dc95fb49f724ae517692c97a17667ed7f3a288063a816a6ccfc6d86cc07a937676654721e3b4e84bb4b46b8157e1533b9e4d7a285e6858c725fc08a01f4703de5266a6802"], 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r4, 0xab00, r5)

3m55.992455082s ago: executing program 6 (id=916):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0815000000051104000000000000002801000005540201"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)

3m55.912297363s ago: executing program 6 (id=918):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x80000004, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf2d3, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r1, 0x12e, &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000036c0), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca3d2e8f94b63bd80ee48412ba8", 0x10}], 0x1, 0x0, 0x0, 0x40}], 0x1, 0x0)
recvmsg(r5, &(0x7f0000000300)={0x0, 0xfffffffffffffdcf, &(0x7f0000000480)=[{&(0x7f0000000200)=""/134, 0x5}, {&(0x7f00000004c0)=""/4081, 0xfe3}], 0x2}, 0x40000030)
ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000000)=""/176)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x5, @none, 0x0, 0x2}, 0xe)
listen(r2, 0xa1)
accept4$bt_l2cap(r2, 0x0, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r7, 0x4020ae46, &(0x7f0000000380)={0x0, 0x0, @ioapic={0x1000, 0x7, 0x7, 0xfffffffd, 0x0, [{0x5, 0xeb, 0x7, '\x00', 0xf8}, {0x4, 0x2, 0x80, '\x00', 0x7}, {0x3, 0x2, 0x6, '\x00', 0x7}, {0x1, 0xff, 0x4, '\x00', 0x43}, {0xb, 0xfc, 0x2, '\x00', 0xe}, {0x0, 0xa9, 0x8, '\x00', 0x15}, {0x40, 0xfa, 0x85, '\x00', 0x7}, {0x6, 0xff, 0x3, '\x00', 0xf9}, {0x9, 0x8, 0x9, '\x00', 0x3}, {0xd2, 0x80, 0x1, '\x00', 0x3}, {0xff, 0xd, 0xc, '\x00', 0x5}, {0xf5, 0x7, 0xf6}, {0xa1, 0xc, 0x0, '\x00', 0x3}, {0xfd, 0xc, 0x4, '\x00', 0xd}, {0x1, 0x2, 0x80, '\x00', 0x1}, {0x1, 0x40, 0x4, '\x00', 0x4}, {0x5, 0x81, 0x6, '\x00', 0x5}, {0x9, 0xf8, 0x9, '\x00', 0x7}, {0xff, 0xc5, 0x7, '\x00', 0x5}, {0x7, 0x8, 0x9, '\x00', 0xba}, {0x4, 0x2, 0x5, '\x00', 0x4}, {0xc, 0xf1, 0x9, '\x00', 0x4}, {0x8, 0x8, 0x4, '\x00', 0x4}, {0x8, 0x4a, 0x7, '\x00', 0x7}]}})
close_range(0xffffffffffffffff, r2, 0x0)

3m54.943163924s ago: executing program 6 (id=922):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
read$FUSE(r1, &(0x7f0000002380)={0x2020}, 0x2020)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000180), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1})
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x2, 0x5, 0x0, 0x3, 0xa, 0x2000, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote}}]}, 0x50}, 0x1, 0x7}, 0x4)
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f00000000c0)=0x2)
r7 = timerfd_create(0x0, 0x0)
read(r7, &(0x7f0000000540)=""/200, 0xc8)
timerfd_settime(r7, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
close(r5)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x2, 0x0, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFBRDADDR(r8, 0x891a, &(0x7f0000000240)={'vlan0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}})
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r10=>0x0})
write$binfmt_misc(r1, &(0x7f0000000280), 0x0)
sendmsg$nl_route(r9, &(0x7f0000000100)={0x0, 0xe0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000006800e97800000000ffdbdf250a0000000400000008000500", @ANYRES32=r10, @ANYBLOB="14000600b80ef000000000000000000000000001c27fc1fd65f506742e917097d139db63dfd153284d6eb3bd31977fe6dd834accf0f3333d78c5c9d04d64190e5f26561b0f09fc"], 0x34}}, 0x0)
r11 = socket$tipc(0x1e, 0x2, 0x0)
r12 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r12, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r11, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x5, 0x2}, 0x10)
sendmsg$tipc(r11, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0)
r13 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDENABIO(r13, 0x4b36)

3m53.439652437s ago: executing program 6 (id=924):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, 0x0)

3m53.421349155s ago: executing program 6 (id=926):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
read$FUSE(r1, 0x0, 0x0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000240)={0x0, 0x80ae, 0x400, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000000c0))
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1})
socket$key(0xf, 0x3, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
syz_emit_vhci(&(0x7f0000001fc0)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x6, 0xc9, 0x6}}}, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000000200)={0x114, 0x2e, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/4, 0x4}, {0x0}, {&(0x7f0000000440)=""/165, 0xa5}], 0x3, &(0x7f0000000580)=""/69, 0x45}, 0x40}, {{&(0x7f0000000600)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, 0x0, 0x0, &(0x7f0000000800)=""/100, 0x64}, 0x5000}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000500)=""/35, 0x23}, {&(0x7f0000000880)=""/26, 0x1a}, {&(0x7f0000000200)=""/2, 0x2}, {&(0x7f0000000900)=""/98, 0x62}, {&(0x7f0000003040)=""/4096, 0x1000}, {&(0x7f0000000980)=""/12, 0xc}, {&(0x7f00000009c0)=""/87, 0x57}, {&(0x7f0000000a40)=""/165, 0xa5}], 0x8, &(0x7f0000000b40)=""/131, 0x83}, 0x1ff}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000c80)=""/230, 0xe6}, {&(0x7f0000000d80)=""/92, 0x5c}], 0x2, &(0x7f0000000e40)}, 0x5}, {{&(0x7f0000000e80)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001280)=[{&(0x7f0000000f00)=""/207, 0xcf}, {&(0x7f0000001000)=""/143, 0x8f}, {&(0x7f00000010c0)=""/14, 0xe}, {&(0x7f0000001100)=""/76, 0x4c}, {&(0x7f0000001180)=""/237, 0xed}, {&(0x7f0000001380)=""/88, 0x58}], 0x6}, 0x8000}, {{&(0x7f0000001400)=@phonet, 0x80, &(0x7f00000018c0)=[{&(0x7f0000001480)=""/110, 0x6e}, {&(0x7f0000001500)=""/134, 0x86}, {&(0x7f00000015c0)=""/111, 0x6f}, {&(0x7f0000001640)=""/43, 0x2b}, {0x0}, {&(0x7f0000001780)=""/208, 0xd0}, {&(0x7f0000001880)=""/6, 0x6}], 0x7, &(0x7f0000000340)=""/235, 0xeb}, 0x95cf}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001c00)=""/246, 0xf6}, 0x8b}], 0x7, 0x21, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="04050400c9"], 0x7)

3m51.903267122s ago: executing program 6 (id=932):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff02000000000000000000000000000184000a1165000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/24], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, r6, &(0x7f0000000240), 0x1001)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m51.85138644s ago: executing program 43 (id=932):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff02000000000000000000000000000184000a1165000000"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/24], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, r6, &(0x7f0000000240), 0x1001)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

44.738989119s ago: executing program 8 (id=2537):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @mcast1, @rand_addr=' \x01\x00', 0x20, 0x0, 0x9}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @empty, 0x0, 0xfc00, 0x1000000}})

44.738817141s ago: executing program 8 (id=2538):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x15, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x1000c005)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYRESOCT, @ANYBLOB, @ANYRES16, @ANYRESDEC=r3, @ANYRESOCT=r2], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x6, @empty, 0x1a}, 0x1c)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = fsopen(&(0x7f00000000c0)='ocfs2_dlmfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x3b9ac9ff)
setsockopt$sock_attach_bpf(r1, 0x1, 0x24, &(0x7f0000000000), 0x4)

43.809631473s ago: executing program 8 (id=2547):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000300)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r0, 0x0, 0x2, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040))
prctl$PR_GET_NAME(0x59616d61, &(0x7f0000000940)=""/254)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x20000000, 0x0, 0x5}, 0x2})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', 0x0})
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
r4 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e22, @remote}, 0x10)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xac, 0x7, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_RULE_COMPAT={0x44, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x5e}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x33}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x9000}]}, @NFTA_RULE_COMPAT={0x4c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x67}, @NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x2b}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x88fb}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x32}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x6004}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x5c}]}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}, 0xac}, 0x1, 0x0, 0x0, 0x40}, 0x0)

43.80765411s ago: executing program 8 (id=2548):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1930bd, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'})

43.692882017s ago: executing program 8 (id=2549):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r6, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x299b, &(0x7f0000000400)={0x0, 0x20ab, 0x1000, 0x2, 0x114}, &(0x7f0000000280), &(0x7f0000000380))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940), 0x0, 0x1040)
lseek(0xffffffffffffffff, 0x9, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r7, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
socket$inet(0x2, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010011a80100005800400058008000000000000000800038030000180050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c8008002c00cc"], 0x270}}, 0x0)

43.501551791s ago: executing program 8 (id=2551):
recvmsg(0xffffffffffffffff, 0x0, 0x40010000)
prlimit64(0x0, 0x9, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x30, 0xfffd, 0x0, 0x7f, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0xc, 0x8, 0x3, 0x7, [{@private=0xa010102, 0x6}]}]}}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x8}}}}}}}, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000540)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10)
sendmmsg$inet(r1, 0x0, 0x0, 0x401eb94)

43.438823968s ago: executing program 44 (id=2551):
recvmsg(0xffffffffffffffff, 0x0, 0x40010000)
prlimit64(0x0, 0x9, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
inotify_rm_watch(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @local, @void, {@ipv4={0x800, @udp={{0x8, 0x4, 0x0, 0x0, 0x30, 0xfffd, 0x0, 0x7f, 0x11, 0x0, @empty, @empty, {[@timestamp_prespec={0x44, 0xc, 0x8, 0x3, 0x7, [{@private=0xa010102, 0x6}]}]}}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x8}}}}}}}, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000540)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10)
sendmmsg$inet(r1, 0x0, 0x0, 0x401eb94)

4.357941919s ago: executing program 7 (id=2871):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd26, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x289, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1c, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000300)='./file0\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r4, 0x84, 0x19, &(0x7f0000000600)={0x0, 0x9}, 0x8)
write$binfmt_script(r3, &(0x7f0000000100), 0xfffffd9d)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x52, 0x2, 0x7, {0xfff7, 0x2}, {0x1, 0x3}, @ramp={0xfff, 0x8, {0x866, 0x4, 0x515, 0x2}}})
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r6, &(0x7f0000000040)="e2", 0x12d8)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001580), 0x0, 0x0)
pread64(r7, &(0x7f0000000180)=""/39, 0x27, 0x2b)
ioctl$TIOCL_BLANKSCREEN(r5, 0x4b4b, &(0x7f0000000200))
socket$igmp6(0xa, 0x3, 0x2)

2.680974457s ago: executing program 2 (id=2876):
futex_waitv(0x0, 0x0, 0x3000000, 0x0, 0x1) (fail_nth: 1)

2.596149844s ago: executing program 7 (id=2878):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000014dc1b0de0a2d086000079f044eade994456b3100900000000000000fc028f77aeadd85cae286a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x68)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c00"], 0x48}}, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x3d, 0x107, 0x8000, 0x8, {0x2, 0x7c}, [@nested={0x10, 0x8, 0x0, 0x1, [@typed={0xc, 0x8, 0x0, 0x0, @u64=0x8}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4091}, 0xc000)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r7, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r8}, 0x38)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

2.573471433s ago: executing program 2 (id=2881):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
modify_ldt$write(0x1, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x2000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.554145067s ago: executing program 5 (id=2882):
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
socket(0x1e, 0x2, 0x0)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x18, 0x28b}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xffa7)

2.390535781s ago: executing program 5 (id=2884):
syz_usb_connect(0x6, 0x979, &(0x7f0000001b40)={{0x12, 0x1, 0x110, 0x9a, 0x74, 0xe1, 0x10, 0x572, 0x960c, 0x98b7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x967, 0x3, 0x4, 0x3, 0x0, 0x3, [{{0x9, 0x4, 0xc5, 0x25, 0x4, 0xd3, 0x82, 0x53, 0x8, [@generic={0xa2, 0xe, "5d49fe8ca4d729488b4431551362cadc648b97624348419c59bdde00554bd5185c2104f7f967a455127a158ea577902d4c2938ea543509f1c570fe84bc77692bfeead0c84de93bbbb7cf3d3d3baaa74cfb6ee632ca0b32a80fdac9fb954112c7c6ac4eabc252d3a530bcc7b92542643c1d3d2b2dbad89365a7fe52cd9accbbd041ea5d73574ffba596d0d314f31fba7f6d1799ffa97c4d2a5630d80a1d17ae6c"}, @uac_control={{0xa, 0x24, 0x1, 0x8, 0x7}, [@processing_unit={0xc, 0x24, 0x7, 0x2, 0x4, 0x4, "3287634a8b"}, @processing_unit={0x7, 0x24, 0x7, 0x5, 0x3, 0x6}, @selector_unit={0xb, 0x24, 0x5, 0x5, 0x0, '8~_V)h'}]}], [{{0x9, 0x5, 0x80, 0x2, 0x3ff, 0x5, 0x68, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x2}, @generic={0xdd, 0x23, "deda19e715cf90e2b486150a4b0b131bebb419b06970f70fefb5b27846c9f0c9d21bef7dbca97d6ea2d64fdabeb10844a8d98c857a8489b2247372c3b5ef67f0c7500c0f4a37e070474eb39855226e3b96b6046593291fa962ce42369b89a44fb658144f5e974f5c506fe7c61ceda72137f24a39b10f8cbea8f82ec99252b83a4baf2b03dfbb1d3231c69d6b77db2a2439952243d9d67c10190d66c9e8c2fdc993354ecac3b27ef56451956b5bbb5fd3f21e9217bb23eaf1768eaf63bbca0851d840613ae2c9be017872e132efbe217df5ed0139e61b8aa8d8fa73"}]}}, {{0x9, 0x5, 0x5, 0x4, 0x3ff, 0x3, 0xc6, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x18, 0x4}]}}, {{0x9, 0x5, 0x80, 0x0, 0x3ff, 0x0, 0xd5, 0xc, [@generic={0x85, 0x3, "d846e0eb43b7da05a709137aff976603e35e580ba368ea061becf56db40e1c72cd68461325256b6c3bd769aff308aacf38fde00d4632b1bd610afd98d734fb0b88290c2dc13f4e486818aa3aaba37eeb2ae45de29a963520f5bf88b42bd6d96c1bb4d08cc1f2c98c0ac9f48499439b34a3e34a7bfa5e601601a9cbf2a1cc70e614ca63"}]}}, {{0x9, 0x5, 0x3, 0x1, 0x8, 0xb, 0xfc, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x81, 0x7}]}}]}}, {{0x9, 0x4, 0xd0, 0x80, 0x3, 0x3b, 0xcd, 0x16, 0xb9, [@generic={0xd9, 0x9, "b60cdc967c487a539fc33f6e1dec31f6600319fa58be8b16710773161d7c65a3ac8014297f56dcdefbbea9b9ff2dfa843a11295fa367da92f760ed663560be710593fcc1588ca5493b794a1c5f9f212b1b0af1aa1bb2216303066864e2bf4a70b98fafdec3ac4260fb3bf4fc4fef5d7eb93e14beeb23b1f9bdafa2a8cc51bfaf111dfeecd45a44fbab7de8cbb70beef91469548730d2bee967151abfd21a32fa78e0c5405de304dc9b0c2aa9fc5117a81def660a6f39994ee08d8780bf64770e283d561536cb2378b04fb65b096161347b6928aa4dc766"}, @uac_control={{0xa, 0x24, 0x1, 0xb}}], [{{0x9, 0x5, 0x8, 0x13, 0x40, 0x4, 0x2, 0x2, [@generic={0x47, 0x5, "e72960937ae15a1bce224c31feec5153d1321895ee46d69b3f35a67544de18e2d93461d7276daed90cd64a1b2db96748189c2de5792dc413d74496958c201bae0c5b553a70"}]}}, {{0x9, 0x5, 0x7, 0x10, 0x20, 0x8, 0xf, 0x5c}}, {{0x9, 0x5, 0xb, 0x3, 0x8, 0x6, 0x7, 0xa, [@generic={0x7, 0xc, "88dd615151"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x8}]}}]}}, {{0x9, 0x4, 0xe6, 0x7b, 0xe, 0x5d, 0xfd, 0x93, 0x2, [], [{{0x9, 0x5, 0x80, 0x0, 0x8, 0xa, 0x3, 0x7, [@generic={0xd4, 0x21, "94da4827f67b848cbd5a930d0fd8bed234f95b01bc0b07ff2d95afef922a041b84ead3cc8d668eb366771788c657b1e2a93c57af30803f1eef2ea413fb8555bb14077135ba22edba783bf39009c33c23c9e995ad26fee9b5e398f8894a234269b3397f3d90ab330c7fcd57ae3f203039a1a9548c11e82be35b1c29478731d0942170c8dcaab94557835e13056823d66d801001bd24f6b586340fe325889f0e2df958885345aa723b93e4000f05121f1200a50863d8ff8101fda2e330f6f5a1f8832688eb07ece168bab6fdf5f5384176b873"}]}}, {{0x9, 0x5, 0x3, 0x0, 0x1d7, 0x7, 0x9, 0x1, [@generic={0xee, 0x9, "16c23f7d32041493ed65d5372c2bd31790b66756e425b7f6ae393f69949b0bec9587ad541467a05341719a209eef0516dd69c28179eafbd31b0b538a1e1541cbca4001bf0af5c541c2e8872d60f85417bb43bd5648b5985d01dbe65b25bac7ca6863295e31ec99374628b56285db2506fd131447fb12e6c74102dc13c2f21d5286ca857cbdc1688beb6244bcfadb960a9929b577a8f4aef972acb6b77701030f97606971bb4cf64de739cfa2a480fe12bb533011e58932d732e9443c9deff81a300d58f71ea086fd1767a1442bc057fb295e44b97d20e2a427f81fbb2df8b3904849ed92e328fab4b32eb0f2"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x40, 0xd, 0xc, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x3, 0x7}]}}, {{0x9, 0x5, 0x80, 0x2, 0x20, 0x1, 0x1, 0x4, [@generic={0xa5, 0xc, "363515f7d2cc705ee234c817e94b7557d2d9260265d69c30ae24dc7ce1d415d6ca6521746b91fa37e71730c1c7f8fd1219f05cf1b5bc30fb82efeb69d86c752a9d0d53c4c9717e5a8c4443323c41b46f9878421624a0f3d47a771dc85183d41d46816c30d2c25b4264dd75ebb8f22f58f2bbde8f600120b80d334fb40b9188aade5005b96c78dc3dd14d851bdb754d37a07e50701b1f88307eefe405ae7f88714a21a0"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x20, 0x6, 0x3, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x180, 0x2, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x3}]}}, {{0x9, 0x5, 0xb, 0x2, 0x8, 0x5, 0x7, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x2}]}}, {{0x9, 0x5, 0xb, 0x0, 0x10, 0x8, 0x40, 0x9, [@generic={0xcb, 0x30, "26dfd4c40879a2860efc7c42747a8e3e84d90c27203572cc348494402b65fc19c932ada9b6671ea540531c1b8e8adf5516d588b6833de85855b21ea6cfa6f137cdfb6f54f000c46ad8a1a5fac9f461e7dc5c7d63452a5a86ef9fd734001a3ed09969fcdbef71dde33346992ec9e86011d01e617cae5b85357f6921b477406bbaa2a5c4b5d4c36a12ed301b46c3e8011c0d69b064979610c5f70f75e4d2ac0ec222225bf65783301d715d04b8b4b59ac25453a9de37dbd591f46066823cb0fe4bf013423cca7b076891"}]}}, {{0x9, 0x5, 0xf, 0x2, 0x3ff, 0x7, 0x6, 0x9f, [@generic={0x5b, 0x1e, "ae9c36bfde6439387527be772eb43245b217bbcb652bb87edbf25033a73d41b96f5a71d4154da091a45a763dd54511efad09996b0b908670855b2de491ce98e06c38502f357fe6d00ad206843973295130c2274843ddf9b500"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x10, 0x4, 0x3, 0x8}}, {{0x9, 0x5, 0x2, 0x0, 0x8, 0x9, 0x5, 0xbf}}, {{0x9, 0x5, 0x6, 0x0, 0x240, 0x46, 0x10, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x1, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x4, 0x5778}]}}, {{0x9, 0x5, 0xb, 0xc, 0x8, 0xc4, 0x4, 0x5}}, {{0x9, 0x5, 0x7, 0x4, 0x8, 0x2, 0x6, 0x3, [@generic={0x71, 0x24, "e61ae4645eec3c59816f064a9ab03c04fc46450526fbae9d94292c91b014f0b537bbdea356b61095043128571eaa682c9873f11deccbe51f95d503834283bb52f2235cca8f2180bb5118a3708750897ba76bb29f5a769b50a150047ba55e71271cb841047c00daddc4fa88c258723a"}, @generic={0x3c, 0x31, "131f966f72034b8c2226945d4747482a14ceb590370b3d0c6ab64bab98026dc4e66e0d234ac6b01bdb24f1657e1a2be108ef4c7e0ebc68a5c8ee"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x3ff, 0x80, 0x8, 0xf8, [@generic={0xa4, 0x31, "d5082ab202f3f04ee89dc0af1d9346915384eba817e670e093de69acd36c9fd57ae208f2e6d79a9d755fe4e832713d40f54d40b6b25546be5a9ca2b0483ab03230fb1ae0081612fb6a2ec71d347325a543af56129f526e7bbc078fee85bdc2a9570c51f01b44543e5749a549c112e508abc0833c2aac64f771182fb22515c85679b5993f368440d7bd30e0e720acce35954a3d3fde5f6ce7778363d1e4afca7fc235"}, @uac_iso={0x7, 0x25, 0x1, 0x6, 0x9, 0x36}]}}]}}]}}]}}, &(0x7f00000009c0)={0xa, &(0x7f00000005c0)={0xa, 0x6, 0x200, 0x4, 0x6, 0x40, 0x20}, 0x49, &(0x7f0000000880)={0x5, 0xf, 0x49, 0x2, [@ssp_cap={0x24, 0x10, 0xa, 0x7, 0x6, 0x5, 0x0, 0x5, [0x0, 0xf0, 0x3f, 0xc000, 0xf0, 0xffc000]}, @ssp_cap={0x20, 0x10, 0xa, 0xc, 0x5, 0x7ffff80, 0x0, 0x9, [0xff0000, 0xc000, 0x3f00, 0x0, 0xff0000]}]}, 0x7, [{0xb0, &(0x7f0000000680)=@string={0xb0, 0x3, "1f6c28a9e261c16d2b3bd4be565924369c532cc082c59d234591c8555e548834941c12f029f19d3b7dca46fdb9de7e7c49d860e5aa3af3769a3e103e2d94f9d516d7229e6c9eae5cdeb53194c6848bd0d5551ca1d462993457984638120b3a124e338e8fbd7dce074f8ec99a9cb4da7fb746aff1c289d49570429f6086ddbfe04e63f0bf7a2a688e4591a2c046075a133aa80cf0ea2f99cd7bfbfe2cf5641b2f1db949d06b703994a61bae55cede"}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x438}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x3801}}, {0x60, &(0x7f0000000900)=ANY=[@ANYBLOB="600380e69e0164dd68955e89beec3214d479f3bd4c9935ae586b49fa2d04507ab94abbff63934ebdff482e1932d012f1c6294373c6987659038d3e57778ea4bded3399e106159c0079e353a502e9c38dde3c7b4fc9bf55ebf4e60ab1d5489907c8b034a2"]}, {0x4, &(0x7f0000000840)=@lang_id={0x4, 0x3, 0x3c01}}, {0xcb, &(0x7f0000000a40)=@string={0xcb, 0x3, "7267a8206951cf693fab06df413c1a9e0b211c340d9300e097c5fbd51bb45a999bd56c4523ba04fe0bcfa3730c3e2c1695fc66562e00d4f3c261c80bac258a07d00ac3798f7c65731e4d864bf386d3900ccb0eb77395375cf238684f1f5a41082a309ea70b38dca8d9cff2ccf85a08e0bd905f11deffab6d534661e01c40cb09594a8a2960948531e37b938169927465c34e79cbdc67b62bfc4ae1c20b532e09cb1be6d84ad3addeba7da15ff5babf395b9fbc1bb59fd6c3c69c784fb3de8ab9fba0e02f7b87a95203"}}, {0x4, &(0x7f0000000980)=@lang_id={0x4, 0x3, 0x812}}]})
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r0 = syz_open_dev$I2C(&(0x7f00000002c0), 0x0, 0x0)
ioctl$I2C_SLAVE_FORCE(r0, 0x706, 0xac)
sched_setscheduler(0x0, 0x5, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14b27e, 0x0)
r2 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
ftruncate(r2, 0x7)
copy_file_range(r1, 0x0, r1, 0x0, 0x81, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000003000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000060000000000000085000000030800009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4bd, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x6, 0x1, 0x0, 0x20000000)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
preadv(r5, &(0x7f0000002100)=[{&(0x7f00000007c0)=""/80, 0x50}], 0x1, 0x1fffff, 0xa3ab)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x32}, [], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291beea56ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124e16b64a5d1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba515d4cc28d702287fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f008000de0ffff00184000633c77fbac141412e000002062079f4b4d2f87e5feca6aab845013f2325f1a3903050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioperm(0x101, 0x9b, 0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="184000000095000000000000000000000000000009000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='suspend_resume\x00', r9, 0x0, 0xffffffffffffffff}, 0x18)
execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000600)={[&(0x7f00000004c0)=']%\x00']})
unlinkat(0xffffffffffffffff, 0x0, 0x200)
setsockopt$bt_BT_FLUSHABLE(r8, 0x112, 0x8, 0x0, 0x0)

2.278227441s ago: executing program 2 (id=2885):
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x28, 0x0, 0x70201841, 0x1, 0x5, 0x4003ff, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}}, 0xe000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_io_uring_setup(0xd46, &(0x7f00000003c0)={0x0, 0xfffffffc, 0x10100}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r6, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0, 0x40000103})
io_uring_enter(r3, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000380ecffffffffff0f0000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r9}, 0x10)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r8, 0xc018620c, &(0x7f0000000000)={0x3})
r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r10, 0x4008ae90, &(0x7f0000000200)=ANY=[@ANYBLOB="b231"])
syz_io_uring_setup(0x5664, &(0x7f0000000240)={0x0, 0xe4f4, 0x4000, 0x1, 0x1de, 0x0, r1}, &(0x7f0000000080), &(0x7f00000002c0))
r11 = syz_io_uring_setup(0x5d11, &(0x7f00000003c0)={0x0, 0xfffffffe, 0x4, 0x1, 0x85}, &(0x7f0000000040)=<r12=>0x0, &(0x7f0000000140)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x1c, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r12, r13, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r11, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
r14 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBLED(r14, 0x4b65, 0x7)
r15 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_FREE_BUFS(r15, 0x4008641a, 0x0)

1.95553005s ago: executing program 2 (id=2886):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x24002800)
syz_io_uring_setup(0x47bc, &(0x7f0000000540)={0x0, 0x3e5e, 0x3010, 0xfffffffe, 0x240004}, 0x0, 0x0)
epoll_create(0xaf2)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
creat(&(0x7f00000004c0)='./file0\x00', 0xecf86c37d53049cc)
socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=ANY=[], 0x10, 0x4000000}}], 0x1, 0x4000800)
syz_io_uring_setup(0x717b, &(0x7f0000000380)={0x0, 0x80707b, 0x20000, 0x1, 0x33}, &(0x7f0000000400), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0xa00}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.781235218s ago: executing program 5 (id=2887):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0xa, 0x80000, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={0x0, 0xfffffc66, &(0x7f00000003c0)={0x0}}, 0x10)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r3], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000300))
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x0, &(0x7f0000000140), 0x0, 0x4)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x3, 0x0, 0x0, 0xb, 0x0, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900000000000000000004000000000000000069f8258a00", [0x0, 0x2000000000001]}})
write$cgroup_subtree(r5, &(0x7f0000000400)=ANY=[], 0x37)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="140000001d000b63d25a80648c2594f90524fc60", 0x14}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r10 = dup(r9)
write$6lowpan_enable(r10, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r11 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r12 = ioctl$LOOP_CTL_GET_FREE(r11, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r11, 0x4c81, r12)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000042000000060000000800000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000eb016b5e7210b7cc2665730ae8e3ee8f81f6ce5d83b0f31371f1bbd85f38d2230ea29944ddef4e663c5848c3e61144b1dd1ab0759bb93a7e7b03ed94f3f813f6ba2db8ddb4fca510fab7cc957613349899234918357298d21dec16378d2465e9b447f12b999406bd5566d4b2c1052aa5bb760d0225dc4b4d98c41e63c6586c2cf3eafea7e4d392dd5"], 0x48)

1.734564851s ago: executing program 7 (id=2888):
r0 = syz_open_dev$mouse(&(0x7f0000000040), 0x7fffffff, 0x101200)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.threads\x00', 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb4}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x515f3159, 0x0, "78e114100985a798742d2a70e113343972d01f"})
write$UHID_INPUT(r4, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)
read$FUSE(r4, &(0x7f0000002080)={0x2020}, 0x2)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@empty, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @empty}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.271079824s ago: executing program 7 (id=2890):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000040000000700000006"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x74, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}, @CTA_SEQ_ADJ_REPLY={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x74}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r3}, 0x25)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000400)=@newlink={0x58, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x58}}, 0x0)
getcwd(&(0x7f0000000000)=""/237, 0xed)
io_setup(0x2, &(0x7f0000002400)=<r5=>0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mkdir(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r7, &(0x7f0000000100)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x0, @loopback}], 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f0000000900)=[@in6={0xa, 0x4e20, 0x0, @loopback}, @in={0x2, 0x4e20, @loopback}]}, &(0x7f00000002c0)=0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x38)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

1.130608244s ago: executing program 1 (id=2893):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace$peekuser(0x3, 0x0, 0x48)
syz_open_dev$evdev(0x0, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)={0x12c, 0x12, 0x20, 0x70bd27, 0x25dfdbfc, {0x2b, 0x3, 0x2, 0x5, {0x4e20, 0x4e21, [0x10001, 0xfffffffe, 0x4600, 0xffffffff], [0x9, 0x7fff, 0x1, 0x87], 0x0, [0x9, 0x7]}, 0x3, 0x2}, [@INET_DIAG_REQ_BYTECODE={0xe0, 0x1, "dbb2fd4fad61fa4fb8a534431b6bc44c5711f3c57d844f105cd595531c9bcd6cfb69cd9bca6e2cb432c6582a77c98cada77bf56b52545cf6a8c990aef17a1c5c9dfaf0b62d1fe1ed7399b25c0065b62913a11051afcb90e890fc1831c05f279c9dc4fce9f20e51128d8d4304c93b1c1ae3e354c0661cadad10ca734f4cc251ad400e6d6fb7b9c159904be6fadd77b1e8c006e3cf98af954d3fb94c0d9a14ac1dd9248d7ee1de3a6fc04d015a06e539a02897100c688280739e797db45a01311279acd9b70abcdb65139dcb14602e129da0b8d0cb0e72b66b432cbeb3"}]}, 0x12c}, 0x1, 0x0, 0x0, 0xc0000}, 0x400c040)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000002780)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r5, 0x3, r4, 0x5})
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
fcntl$lock(r8, 0x26, &(0x7f00000031c0)={0x1})
ioctl$VIDIOC_G_STD(r7, 0x80085617, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@deltaction={0x24, 0x18, 0x1, 0x4, 0x25dfdbfb, {0xa}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="36003300d0000000080211000001080284b10000505050505050"], 0x54}}, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x4e24, @local}})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.130324152s ago: executing program 7 (id=2894):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ptrace$peekuser(0x3, 0x0, 0x48)
syz_open_dev$evdev(0x0, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)={0x12c, 0x12, 0x20, 0x70bd27, 0x25dfdbfc, {0x2b, 0x3, 0x2, 0x5, {0x4e20, 0x4e21, [0x10001, 0xfffffffe, 0x4600, 0xffffffff], [0x9, 0x7fff, 0x1, 0x87], 0x0, [0x9, 0x7]}, 0x3, 0x2}, [@INET_DIAG_REQ_BYTECODE={0xe0, 0x1, "dbb2fd4fad61fa4fb8a534431b6bc44c5711f3c57d844f105cd595531c9bcd6cfb69cd9bca6e2cb432c6582a77c98cada77bf56b52545cf6a8c990aef17a1c5c9dfaf0b62d1fe1ed7399b25c0065b62913a11051afcb90e890fc1831c05f279c9dc4fce9f20e51128d8d4304c93b1c1ae3e354c0661cadad10ca734f4cc251ad400e6d6fb7b9c159904be6fadd77b1e8c006e3cf98af954d3fb94c0d9a14ac1dd9248d7ee1de3a6fc04d015a06e539a02897100c688280739e797db45a01311279acd9b70abcdb65139dcb14602e129da0b8d0cb0e72b66b432cbeb3"}]}, 0x12c}, 0x1, 0x0, 0x0, 0xc0000}, 0x400c040)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000002780)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r5, 0x3, r4, 0x5})
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
fcntl$lock(r9, 0x26, &(0x7f00000031c0)={0x1})
ioctl$VIDIOC_G_STD(r7, 0x80085617, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@deltaction={0x24, 0x18, 0x1, 0x4, 0x25dfdbfb, {0xa}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="36003300d0000000080211000001080284b10000505050505050"], 0x54}}, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x4e24, @local}})
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.051085779s ago: executing program 2 (id=2895):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000200)=0xf0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100))
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000002a7b000000000000000000000000030000000023b5000000000001"]}, 0x71)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x10448)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [], 0x1, 0x0, 0x0, [{}]}, 0x60)
ioctl$BTRFS_IOC_SPACE_INFO(0xffffffffffffffff, 0xc0109414, &(0x7f00000002c0)={0x7c7, 0x100, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})

1.049518562s ago: executing program 2 (id=2896):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004811)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
socket(0xf, 0x80000, 0x2000000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0xffff45c1, 0x0, 0x34324152, 0x0, 0x0, [{0x4}, {}, {0x9}, {0x1}, {}, {0xfffffffa, 0x6}, {}, {0x0, 0x5}], 0x0, 0x0, 0x8, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x100002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioperm(0x8, 0x7, 0x1)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000040))
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000080)=0x200000000)
r4 = dup2(r3, r3)
read$msr(r1, &(0x7f0000000400)=""/237, 0xed)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000200)=0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETSHIFTSTATE(r1, 0x541c, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'erspan0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0xfc, 0x24, 0x200, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0xfffe, 0xd}, {0xfff2, 0x10}, {0x0, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @TCA_STAB={0xa8, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x3e, 0x2975, 0x7, 0x0, 0x10000, 0xfff, 0x6}}, {0x10, 0x2, [0x5, 0xaad, 0x0, 0xd9b8, 0x8, 0x1]}}, {{0x1c, 0x1, {0xa0, 0xc, 0x4, 0x9, 0x2, 0x9e, 0x4, 0x3}}, {0xa, 0x2, [0x8a5, 0x0, 0x4]}}, {{0x1c, 0x1, {0x3, 0x0, 0xfffc, 0x1, 0x1, 0x15e, 0x7, 0x7}}, {0x12, 0x2, [0x7, 0x53c6, 0xfff7, 0x0, 0x1, 0x9, 0x6]}}, {{0x1c, 0x1, {0x5, 0x0, 0x6, 0x3, 0x1, 0x3, 0x43}}, {0x4}}]}, @TCA_EGRESS_BLOCK={0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xe}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x2}]}, 0xfc}, 0x1, 0x0, 0x0, 0x845}, 0x8080)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

961.43073ms ago: executing program 7 (id=2897):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x299b, &(0x7f0000000400)={0x0, 0x20ab, 0x1000, 0x2, 0x114}, &(0x7f0000000280), &(0x7f0000000380))
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940), 0x0, 0x1040)
lseek(0xffffffffffffffff, 0x9, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
socket$inet(0x2, 0x2, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010011a80100005800400058008000000000000000800038030000180050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d80500060000000000130002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018000180140004004d2906d0880fc8acc30fe2020f9849675000018014000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af080001000000000008000100000000006000018005000600000000000500060000000000080001000000000005000600000000000c00020073797a746e6c30000800010000000000130002006272696467655f736c6176655f30000014000500e078d277f38ed3a40a448f3f6b6763e83c000c8008002c00cc"], 0x270}}, 0x0)

560.634147ms ago: executing program 5 (id=2898):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000600)='0', 0x1)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x126, 0x0, r1}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000a40)={0x8})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r5 = open_tree(r1, &(0x7f00000005c0)='./file0\x00', 0x80800)
move_mount(r5, 0x0, r5, 0x0, 0x256)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRESDEC=r3, @ANYRES64=r6, @ANYRES64=r0], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB='\x00'/22], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)="711f0000000c55fd3800000000", 0xd}}, 0x0)
recvmmsg(r8, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}}], 0x40000000000019e, 0x142, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r9}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[], 0x40}}, 0x0)
r10 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r10, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r10, &(0x7f0000000540)=[{{0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x6c6d}], 0x5}}, {{0x0, 0x0, &(0x7f0000000440), 0x56}}], 0x2, 0x2004000)

370.42611ms ago: executing program 5 (id=2899):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xb)
socket(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001ec0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x8}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x24d417d6, 0x1, 0x800, 0xe26}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
pipe(&(0x7f0000000600)={<r9=>0xffffffffffffffff})
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
r11 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r12=>0x0})
sendto$packet(r11, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0xe, 0x40, &(0x7f0000000200)={0x11, 0x1b, r12, 0x1, 0x0, 0x6, @broadcast}, 0x14)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r9], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10)
statx(r0, 0x0, 0x1000, 0x10, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000000))
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000150a01020000000000000000020800050800034000000008"], 0x1c}, 0x1, 0x0, 0x0, 0x24000004}, 0xc040)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1100000004000000040000002fbf001800"], 0x48)
socket$unix(0x1, 0x2, 0x0)

220.499006ms ago: executing program 1 (id=2900):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)={[{0x0, 'rdma'}, {0x2b, 'rlimit'}]}, 0xe)

81.30315ms ago: executing program 1 (id=2901):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x10)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf4fffff7, 0x12, r1, 0x0)
write$tun(r0, &(0x7f00000006c0)=ANY=[], 0x36)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r3, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x7], &(0x7f0000000500)=[0x2], 0x600, 0x1}}, 0x3c)

80.999086ms ago: executing program 1 (id=2902):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff4"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(0x3)
close(r2)
r3 = userfaultfd(0x80001)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000040000000200"/21, @ANYRES32, @ANYBLOB], 0x50)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140))
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x30}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (fail_nth: 41)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mlockall(0x7)
shutdown(r4, 0x2)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
socket$netlink(0x10, 0x3, 0x12)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

969.889µs ago: executing program 5 (id=2903):
setreuid(0xffffffffffffffff, 0xee00) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x8001) (async)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'bond0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000200)={0x11, 0xf8, r3, 0x1, 0x5, 0x6, @multicast}, 0x14) (async)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c) (async)
r4 = getpgid(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r4}) (async)
sendmmsg$unix(r0, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000008c0)='\x00', 0x1}], 0x1}}], 0x1, 0x408b1) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}}) (async)
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000240)={0x50, 0x0, r6, {0x7, 0x2b, 0x0, 0x50500920, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15c}}, 0x50) (async)
syz_usb_connect(0x2, 0x1bb, &(0x7f0000000480)={{0x12, 0x1, 0x250, 0x6c, 0x2c, 0x6d, 0x20, 0x7392, 0xb722, 0x1140, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1a9, 0x1, 0x3, 0x0, 0x0, 0xaf, [{{0x9, 0x4, 0x17, 0x0, 0x7, 0xff, 0xff, 0xff, 0xb, [@cdc_ncm={{0xb, 0x24, 0x6, 0x0, 0x1, "a6bd40b6e995"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x8, 0x1ff, 0x7}, {0x6, 0x24, 0x1a, 0x84bc, 0x3}}], [{{0x9, 0x5, 0x4, 0x0, 0x3ff, 0xfc, 0x1, 0xf, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x80, 0x1ff}]}}, {{0x9, 0x5, 0xf, 0x1, 0x8, 0x8, 0xc0, 0x6}}, {{0x9, 0x5, 0x1, 0x0, 0x400, 0x1, 0x1, 0xf6, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x12, 0x4}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0xa, 0x6828}]}}, {{0x9, 0x5, 0x87, 0x10, 0x440, 0x6, 0x9, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0xb, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x2, 0xfd9}]}}, {{0x9, 0x5, 0x7, 0x0, 0x3ff, 0x7, 0x2, 0x9}}, {{0x9, 0x5, 0x4, 0x3, 0x200, 0x9, 0x9, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x6, 0x3}, @generic={0xfd, 0x9, "05375add481c26650c6a8aa2d48bbbb82559c9270b7c9bbeab07052be2e4eb486819981d1d57f99b965721c08dceb12c3f4f90e25886b6262a739fba813f08f1f1d33e53491370b36b5d5e951bd3482576fa45268cde312f1275c792814f549bd7103dc658588eaec842d5f93332930a998d32a09b9ba1e13f96dc062818e404db3a4cc6ba393fd857a5cdd3f95bcc675da2f7b7a3840f2a115e80df2bb8aa7478e5320d36af269fb4e6fe4489dff1d472b08488196bd247742d9c126ac5f5420eb2ca7b3f35d0c7eb0044ad9b1ab9ec26ca64355c2a8bf124df3bd9e9e8a2b2509b5d47a22959c5011ec7e33b344ef5d7786e51af57c49b966f20"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x3, 0xb0, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7f, 0x9}]}}]}}]}}]}}, &(0x7f0000000980)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x9e, 0x8, 0x10, 0x40, 0xf}, 0x19, &(0x7f00000001c0)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x6c, "50e444f9e8ca9571ee652eb5c3d3b1a0"}]}, 0xa, [{0x7, &(0x7f0000000300)=@string={0x7, 0x3, "733d308d93"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x1401}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x1c0a}}, {0xc2, &(0x7f0000000640)=@string={0xc2, 0x3, "8eefd0fd43697c24419b62bb244b4f5d9f8d58e3c96b2923d94e325a80db212cc85f77c8782389de951ecef1f6ac9b16a329349e5ad75e18dbb900df6be5dd15ce88719d34083162c8f8937146533a2174a8614bc8bd7226eec9c50ae0cb0e3617afc8b0d2fc569043ea3699072a855b0c9388e67bab9f9d7909569d0b01d2a56d34a6f23e955336d0fd98019fbebe9cbdc249331c000e317d1095ec885125db3bdcf3b302fcee2f4e06bb9341936662ce33e2ee6fac329641bb4f502a489a0b"}}, {0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x411}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x1c0a}}, {0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x4ff}}, {0xc6, &(0x7f0000000b40)=@string={0xc6, 0x3, "0ff291cd705b9c7310298edfb677d31a1a9bd1b85d038a964483c71341d58f86b03877c89ceec688e38dad68782a9923a2f0d0c67239c88d8b7851fba52648f4502583777dc8b558a6ab51401e03f732d82b6fae7d26a2d3ba54d7158462c0cf9f304a17e141dc327eb5ad2f35365c9ac78f0cd07a4cb8ce4888b5b5fc2cd72d5a770a25f2f4ec5b71cbfbc5d5480fda168fa666a8b6645ac65f7890dcb649b5b752c4ac6bd98d098dc614ebe11f5fe618b9fc3cd142979c182f4483bd1514d024f0df5e"}}, {0x4, &(0x7f0000000880)=@lang_id={0x4, 0x3, 0x340a}}, {0x4, &(0x7f0000000900)=@lang_id={0x4, 0x3, 0x827}}]})
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r7}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r8, 0xc0045516, &(0x7f0000000b00)=0x6)
read(r8, &(0x7f0000000a40)=""/141, 0x8d) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_io_uring_setup(0x749e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)) (async)
r9 = socket(0x1, 0x3, 0x0)
bind$unix(r9, &(0x7f0000000400)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
ioctl$SIOCGETMIFCNT_IN6(r9, 0x89e0, 0x0)
syz_io_uring_setup(0x1005c23, &(0x7f0000000240)={0x0, 0x0, 0x13290, 0x3}, &(0x7f0000000100), &(0x7f0000000000))

254.4µs ago: executing program 1 (id=2904):
setreuid(0x0, 0xee00)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

0s ago: executing program 1 (id=2905):
syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="aabdaaaaaaaaaabbbbbbbbbbbb86dd60122d9200383afffc000000000000000000000000000000fe8000000000000000000000000000aa01039078000000006283677200082cff00000000000000000000000000000000ff0200000000000000000000000000018400"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x60b03, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="105f13ad6232e24adf771ffbf7df167b88bc8711feee00e3b30916ff2c1fc14dc77f541bf96da6650c6ae3923404cc686bea7daee3df33bcaa0fc3d6c8d8b607", @ANYRES16=r1, @ANYBLOB="000229bd7000fedbdf254400000008000d00f7ffffff0400cc0008006b00030000000800a00000010000050018011f0000000a0018000303030303030000"], 0x44}, 0x1, 0x0, 0x0, 0x44008}, 0x24040000)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300)={0xa8, 0x0, 0x3})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000200))
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, &(0x7f0000000580)={0x8})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f00000000c0))
ptrace$ARCH_SET_GS(0x1e, 0x0, &(0x7f0000000240), 0x1001)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

m3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.163188][T16064] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.290199][T16064] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.362515][T16064] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.483136][T16064] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.504102][T16064] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.513437][T16064] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.532371][T16064] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.656877][T16067] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  357.736875][T16075] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2008'.
[  357.740795][T16075] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  358.408965][T16109] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2018'.
[  358.676420][T16117] FAULT_INJECTION: forcing a failure.
[  358.676420][T16117] name failslab, interval 1, probability 0, space 0, times 0
[  358.681525][T16117] CPU: 1 UID: 0 PID: 16117 Comm: syz.5.2021 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  358.681552][T16117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.681559][T16117] Call Trace:
[  358.681563][T16117]  <TASK>
[  358.681568][T16117]  dump_stack_lvl+0x16c/0x1f0
[  358.681588][T16117]  should_fail_ex+0x512/0x640
[  358.681604][T16117]  ? fs_reclaim_acquire+0xae/0x150
[  358.681622][T16117]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  358.681637][T16117]  should_failslab+0xc2/0x120
[  358.681651][T16117]  __kmalloc_noprof+0xd2/0x510
[  358.681666][T16117]  tomoyo_realpath_from_path+0xc2/0x6e0
[  358.681683][T16117]  ? tomoyo_profile+0x47/0x60
[  358.681695][T16117]  tomoyo_path_number_perm+0x245/0x580
[  358.681707][T16117]  ? tomoyo_path_number_perm+0x237/0x580
[  358.681722][T16117]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  358.681750][T16117]  ? find_held_lock+0x2b/0x80
[  358.681760][T16117]  ? hook_file_ioctl_common+0x145/0x410
[  358.681773][T16117]  ? __fget_files+0x204/0x3c0
[  358.681785][T16117]  ? __fget_files+0x20e/0x3c0
[  358.681794][T16117]  ? fput+0x50/0xf0
[  358.681812][T16117]  security_file_ioctl_compat+0x9b/0x240
[  358.681828][T16117]  __ia32_compat_sys_ioctl+0xc3/0x360
[  358.681846][T16117]  __do_fast_syscall_32+0x73/0x120
[  358.681863][T16117]  do_fast_syscall_32+0x32/0x80
[  358.681879][T16117]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.681893][T16117] RIP: 0023:0xf7fa7579
[  358.681901][T16117] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.681912][T16117] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  358.681922][T16117] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020ae76
[  358.681929][T16117] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  358.681935][T16117] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.681941][T16117] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.681946][T16117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.681959][T16117]  </TASK>
[  358.682001][T16117] ERROR: Out of memory at tomoyo_realpath_from_path.
[  358.880289][T16121] syz_tun: entered allmulticast mode
[  359.044490][T16132] FAULT_INJECTION: forcing a failure.
[  359.044490][T16132] name failslab, interval 1, probability 0, space 0, times 0
[  359.048418][T16132] CPU: 3 UID: 0 PID: 16132 Comm: syz.2.2028 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  359.048433][T16132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  359.048439][T16132] Call Trace:
[  359.048443][T16132]  <TASK>
[  359.048447][T16132]  dump_stack_lvl+0x16c/0x1f0
[  359.048466][T16132]  should_fail_ex+0x512/0x640
[  359.048482][T16132]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  359.048495][T16132]  should_failslab+0xc2/0x120
[  359.048509][T16132]  __kmalloc_cache_noprof+0x6a/0x3e0
[  359.048519][T16132]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  359.048533][T16132]  ? __request_module+0x2ad/0x690
[  359.048549][T16132]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  359.048564][T16132]  __request_module+0x2ad/0x690
[  359.048579][T16132]  ? __pfx___request_module+0x10/0x10
[  359.048596][T16132]  ? __pfx_netdev_run_todo+0x10/0x10
[  359.048620][T16132]  tc_action_load_ops+0x2a4/0x3e0
[  359.048638][T16132]  ? __pfx_tc_action_load_ops+0x10/0x10
[  359.048660][T16132]  ? __nla_parse+0x40/0x60
[  359.048673][T16132]  tcf_action_init+0x222/0x9c0
[  359.048694][T16132]  ? __pfx_tcf_action_init+0x10/0x10
[  359.048710][T16132]  ? lock_acquire+0x179/0x350
[  359.048735][T16132]  ? kernel_text_address+0x8d/0x100
[  359.048745][T16132]  ? __kernel_text_address+0xd/0x40
[  359.048754][T16132]  ? unwind_get_return_address+0x59/0xa0
[  359.048780][T16132]  ? kasan_save_stack+0x42/0x60
[  359.048791][T16132]  ? kasan_save_stack+0x33/0x60
[  359.048801][T16132]  ? kasan_save_track+0x14/0x30
[  359.048811][T16132]  ? kasan_save_free_info+0x3b/0x60
[  359.048826][T16132]  ? __kasan_slab_free+0x51/0x70
[  359.048840][T16132]  tcf_action_add+0xee/0x5c0
[  359.048852][T16132]  ? __pfx_tcf_action_add+0x10/0x10
[  359.048882][T16132]  ? __nla_parse+0x40/0x60
[  359.048894][T16132]  tc_ctl_action+0x35b/0x470
[  359.048905][T16132]  ? __pfx_tc_ctl_action+0x10/0x10
[  359.048920][T16132]  ? __pfx_tc_ctl_action+0x10/0x10
[  359.048930][T16132]  rtnetlink_rcv_msg+0x3c6/0xe90
[  359.048945][T16132]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.048965][T16132]  netlink_rcv_skb+0x16a/0x440
[  359.048979][T16132]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  359.048994][T16132]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  359.049015][T16132]  ? netlink_deliver_tap+0x1ae/0xd30
[  359.049031][T16132]  netlink_unicast+0x53d/0x7f0
[  359.049047][T16132]  ? __pfx_netlink_unicast+0x10/0x10
[  359.049068][T16132]  netlink_sendmsg+0x8d1/0xdd0
[  359.049084][T16132]  ? __pfx_netlink_sendmsg+0x10/0x10
[  359.049099][T16132]  ? __import_iovec+0x1c8/0x660
[  359.049112][T16132]  ____sys_sendmsg+0xa95/0xc70
[  359.049130][T16132]  ? __pfx_____sys_sendmsg+0x10/0x10
[  359.049145][T16132]  ? get_compat_msghdr+0x11a/0x170
[  359.049164][T16132]  ___sys_sendmsg+0x134/0x1d0
[  359.049177][T16132]  ? __pfx____sys_sendmsg+0x10/0x10
[  359.049207][T16132]  __sys_sendmsg+0x16d/0x220
[  359.049220][T16132]  ? __pfx___sys_sendmsg+0x10/0x10
[  359.049239][T16132]  ? rcu_is_watching+0x12/0xc0
[  359.049251][T16132]  __do_fast_syscall_32+0x73/0x120
[  359.049268][T16132]  do_fast_syscall_32+0x32/0x80
[  359.049298][T16132]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  359.049312][T16132] RIP: 0023:0xf7f74579
[  359.049320][T16132] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  359.049330][T16132] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  359.049340][T16132] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  359.049347][T16132] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  359.049352][T16132] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  359.049358][T16132] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  359.049364][T16132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.049376][T16132]  </TASK>
[  359.166992][T16120] syz_tun: left allmulticast mode
[  359.203393][T16136] netlink: 'syz.5.2030': attribute type 21 has an invalid length.
[  359.205994][T16136] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2030'.
[  359.334518][T16141] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2027'.
[  360.243898][T16172] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2038'.
[  360.256556][T16172] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2038'.
[  360.268552][T16171] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2038'.
[  360.272998][T16171] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2038'.
[  360.338993][T16175] binder: 16174:16175 ioctl c018620c 80000100 returned -22
[  360.437083][   T40] audit: type=1326 audit(1747407315.188:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16178 comm="syz.1.2043" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x0
[  360.439227][T16181] FAULT_INJECTION: forcing a failure.
[  360.439227][T16181] name failslab, interval 1, probability 0, space 0, times 0
[  360.447740][T16181] CPU: 0 UID: 0 PID: 16181 Comm: syz.8.2042 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  360.447755][T16181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  360.447762][T16181] Call Trace:
[  360.447776][T16181]  <TASK>
[  360.447781][T16181]  dump_stack_lvl+0x16c/0x1f0
[  360.447801][T16181]  should_fail_ex+0x512/0x640
[  360.447818][T16181]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  360.447832][T16181]  should_failslab+0xc2/0x120
[  360.447848][T16181]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  360.447860][T16181]  ? __alloc_skb+0x2b2/0x380
[  360.447875][T16181]  __alloc_skb+0x2b2/0x380
[  360.447887][T16181]  ? __pfx___alloc_skb+0x10/0x10
[  360.447900][T16181]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  360.447917][T16181]  netlink_alloc_large_skb+0x69/0x130
[  360.447932][T16181]  netlink_sendmsg+0x6a1/0xdd0
[  360.447949][T16181]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.447964][T16181]  ? __import_iovec+0x1c8/0x660
[  360.447977][T16181]  ____sys_sendmsg+0xa95/0xc70
[  360.447995][T16181]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.448010][T16181]  ? get_compat_msghdr+0x11a/0x170
[  360.448029][T16181]  ___sys_sendmsg+0x134/0x1d0
[  360.448047][T16181]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.448076][T16181]  __sys_sendmsg+0x16d/0x220
[  360.448089][T16181]  ? __pfx___sys_sendmsg+0x10/0x10
[  360.448108][T16181]  ? rcu_is_watching+0x12/0xc0
[  360.448120][T16181]  __do_fast_syscall_32+0x73/0x120
[  360.448138][T16181]  do_fast_syscall_32+0x32/0x80
[  360.448155][T16181]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  360.448168][T16181] RIP: 0023:0xf7fa7579
[  360.448177][T16181] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  360.448187][T16181] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  360.448197][T16181] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  360.448204][T16181] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  360.448210][T16181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  360.448215][T16181] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  360.448221][T16181] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  360.448234][T16181]  </TASK>
[  360.504099][T16183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2044'.
[  360.504192][T16184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2044'.
[  360.507657][T16184] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  360.539241][T16184] bond0: (slave lo): Error: Device can not be enslaved while up
[  360.552149][T16183] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2044'.
[  360.552383][T16184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2044'.
[  360.959405][ T8674] usb 13-1: new high-speed USB device number 10 using dummy_hcd
[  361.109421][ T8674] usb 13-1: Using ep0 maxpacket: 32
[  361.112449][ T8674] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.115607][ T8674] usb 13-1: config 0 has no interfaces?
[  361.118843][ T8674] usb 13-1: New USB device found, idVendor=105b, idProduct=1799, bcdDevice=36.e9
[  361.121968][ T8674] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.124702][ T8674] usb 13-1: Product: syz
[  361.126117][ T8674] usb 13-1: Manufacturer: syz
[  361.127682][ T8674] usb 13-1: SerialNumber: syz
[  361.134683][ T8674] usb 13-1: config 0 descriptor??
[  361.387471][ T9056] usb 13-1: USB disconnect, device number 10
[  361.621147][ T5291] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  361.676465][T16219] overlayfs: failed to clone lowerpath
[  361.758169][T16222] bridge_slave_0: default FDB implementation only supports local addresses
[  361.762918][T16222] random: crng reseeded on system resumption
[  361.802409][T16222] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.806539][T16222] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  361.911339][T16222] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.914586][T16222] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  362.021295][T16222] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.024689][T16222] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  362.096708][T16222] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.099949][T16222] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  362.102812][T16240] FAULT_INJECTION: forcing a failure.
[  362.102812][T16240] name failslab, interval 1, probability 0, space 0, times 0
[  362.106681][T16240] CPU: 0 UID: 0 PID: 16240 Comm: syz.2.2059 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  362.106696][T16240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  362.106702][T16240] Call Trace:
[  362.106706][T16240]  <TASK>
[  362.106711][T16240]  dump_stack_lvl+0x16c/0x1f0
[  362.106732][T16240]  should_fail_ex+0x512/0x640
[  362.106748][T16240]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  362.106764][T16240]  should_failslab+0xc2/0x120
[  362.106778][T16240]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  362.106790][T16240]  ? __d_alloc+0x31/0xaa0
[  362.106805][T16240]  __d_alloc+0x31/0xaa0
[  362.106818][T16240]  d_alloc_pseudo+0x1c/0xc0
[  362.106832][T16240]  alloc_file_pseudo+0xcf/0x230
[  362.106848][T16240]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  362.106862][T16240]  ? do_raw_spin_unlock+0x172/0x230
[  362.106882][T16240]  __anon_inode_getfile+0xf7/0x370
[  362.106902][T16240]  do_epoll_create+0x31b/0x470
[  362.106918][T16240]  __ia32_sys_epoll_create1+0x30/0x40
[  362.106933][T16240]  __do_fast_syscall_32+0x73/0x120
[  362.106951][T16240]  do_fast_syscall_32+0x32/0x80
[  362.106967][T16240]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  362.106981][T16240] RIP: 0023:0xf7f74579
[  362.106989][T16240] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  362.107000][T16240] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000149
[  362.107014][T16240] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 0000000000000000
[  362.107021][T16240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  362.107027][T16240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  362.107032][T16240] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  362.107038][T16240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  362.107051][T16240]  </TASK>
[  362.263423][T16244] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.293915][T16222] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  362.296808][T16222] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  362.306224][T16222] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  362.309151][T16222] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  362.316334][T16222] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  362.320830][T16222] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  362.342550][T16244] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.363903][T16222] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  362.367520][T16222] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  362.414485][T16244] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.473275][T16251] netlink: 'syz.5.2063': attribute type 9 has an invalid length.
[  362.476813][T16251] netlink: 'syz.5.2063': attribute type 7 has an invalid length.
[  362.480263][T16251] netlink: 'syz.5.2063': attribute type 8 has an invalid length.
[  362.520459][T16244] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.598383][T16244] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.607941][T16244] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.620982][T16244] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.628905][T16244] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.906299][T16262] wg1 speed is unknown, defaulting to 1000
[  362.939096][   T40] audit: type=1326 audit(1747407317.688:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16261 comm="syz.8.2066" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x0
[  363.009547][ T5291] Bluetooth: hci0: command 0x0419 tx timeout
[  363.021398][ T5943] Bluetooth: hci1: connection err: -111
[  363.052432][   T40] audit: type=1326 audit(1747407317.808:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16267 comm="syz.5.2068" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x0
[  363.317415][T16276] FAULT_INJECTION: forcing a failure.
[  363.317415][T16276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.323100][T16276] CPU: 3 UID: 0 PID: 16276 Comm: syz.2.2071 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  363.323117][T16276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  363.323123][T16276] Call Trace:
[  363.323128][T16276]  <TASK>
[  363.323132][T16276]  dump_stack_lvl+0x16c/0x1f0
[  363.323153][T16276]  should_fail_ex+0x512/0x640
[  363.323172][T16276]  _copy_to_user+0x32/0xd0
[  363.323183][T16276]  simple_read_from_buffer+0xcb/0x170
[  363.323201][T16276]  proc_fail_nth_read+0x197/0x270
[  363.323217][T16276]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.323233][T16276]  ? rw_verify_area+0xcf/0x680
[  363.323248][T16276]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.323263][T16276]  vfs_read+0x1de/0xc70
[  363.323275][T16276]  ? __pfx___mutex_lock+0x10/0x10
[  363.323291][T16276]  ? __pfx_vfs_read+0x10/0x10
[  363.323305][T16276]  ? __fget_files+0x20e/0x3c0
[  363.323318][T16276]  ksys_read+0x12a/0x240
[  363.323328][T16276]  ? __pfx_ksys_read+0x10/0x10
[  363.323337][T16276]  ? rcu_is_watching+0x12/0xc0
[  363.323349][T16276]  ? rcu_is_watching+0x12/0xc0
[  363.323360][T16276]  __do_fast_syscall_32+0x73/0x120
[  363.323377][T16276]  do_fast_syscall_32+0x32/0x80
[  363.323394][T16276]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  363.323407][T16276] RIP: 0023:0xf7f74579
[  363.323415][T16276] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  363.323425][T16276] RSP: 002b:00000000f5096590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  363.323435][T16276] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5096620
[  363.323442][T16276] RDX: 000000000000000f RSI: 00000000f7402ff4 RDI: 0000000000000000
[  363.323448][T16276] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  363.323454][T16276] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  363.323460][T16276] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  363.323473][T16276]  </TASK>
[  363.443085][T16291] netlink: 'syz.2.2077': attribute type 2 has an invalid length.
[  363.496862][T16297] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  364.052886][T16322] FAULT_INJECTION: forcing a failure.
[  364.052886][T16322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.052906][T16322] CPU: 2 UID: 0 PID: 16322 Comm: syz.8.2085 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  364.052920][T16322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  364.052926][T16322] Call Trace:
[  364.052931][T16322]  <TASK>
[  364.052934][T16322]  dump_stack_lvl+0x16c/0x1f0
[  364.052954][T16322]  should_fail_ex+0x512/0x640
[  364.052973][T16322]  _copy_to_user+0x32/0xd0
[  364.052984][T16322]  simple_read_from_buffer+0xcb/0x170
[  364.053002][T16322]  proc_fail_nth_read+0x197/0x270
[  364.053027][T16322]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  364.053043][T16322]  ? rw_verify_area+0xcf/0x680
[  364.053059][T16322]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  364.053075][T16322]  vfs_read+0x1de/0xc70
[  364.053086][T16322]  ? __pfx___mutex_lock+0x10/0x10
[  364.053103][T16322]  ? __pfx_vfs_read+0x10/0x10
[  364.053117][T16322]  ? __fget_files+0x20e/0x3c0
[  364.053130][T16322]  ksys_read+0x12a/0x240
[  364.053140][T16322]  ? __pfx_ksys_read+0x10/0x10
[  364.053151][T16322]  ? rcu_is_watching+0x12/0xc0
[  364.053164][T16322]  __do_fast_syscall_32+0x73/0x120
[  364.053181][T16322]  do_fast_syscall_32+0x32/0x80
[  364.053197][T16322]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  364.053211][T16322] RIP: 0023:0xf7fa7579
[  364.053219][T16322] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  364.053230][T16322] RSP: 002b:00000000f50c6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  364.053239][T16322] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50c6620
[  364.053246][T16322] RDX: 000000000000000f RSI: 00000000f7432ff4 RDI: 0000000000000000
[  364.053252][T16322] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  364.053257][T16322] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  364.053263][T16322] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  364.053276][T16322]  </TASK>
[  364.328049][T16338] __nla_validate_parse: 1 callbacks suppressed
[  364.328066][T16338] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2092'.
[  364.518616][T16350] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2097'.
[  364.547199][ T5943] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  364.619946][T16355] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2098'.
[  364.686376][T16358] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2098'.
[  365.100160][T16367] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2100'.
[  365.376903][T16371] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  365.497271][T16373] netlink: 76 bytes leftover after parsing attributes in process `syz.8.2102'.
[  366.055437][T16386] serio: Serial port ptm0
[  366.429381][T16393] netlink: 'syz.8.2107': attribute type 10 has an invalid length.
[  366.615633][T16393] syz_tun: entered promiscuous mode
[  366.623129][T16393] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  366.777082][T16398] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  366.877404][   T40] audit: type=1326 audit(1747407321.628:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16404 comm="syz.1.2111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  366.890152][   T40] audit: type=1326 audit(1747407321.638:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16404 comm="syz.1.2111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  366.929159][   T40] audit: type=1326 audit(1747407321.678:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16404 comm="syz.1.2111" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70de579 code=0x7ffc0000
[  367.077410][   T40] audit: type=1326 audit(1747407321.828:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16404 comm="syz.1.2111" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  367.103431][T16413] lo: entered promiscuous mode
[  367.105317][T16413] lo: entered allmulticast mode
[  367.108886][T16413] tunl0: entered promiscuous mode
[  367.111191][T16413] tunl0: entered allmulticast mode
[  367.116580][T16413] gre0: entered promiscuous mode
[  367.118580][T16413] gre0: entered allmulticast mode
[  367.125792][T16413] gretap0: entered promiscuous mode
[  367.127878][T16413] gretap0: entered allmulticast mode
[  367.132727][T16413] erspan0: entered promiscuous mode
[  367.134765][T16413] erspan0: entered allmulticast mode
[  367.139090][T16413] ip_vti0: entered promiscuous mode
[  367.141419][T16413] ip_vti0: entered allmulticast mode
[  367.145187][T16413] ip6_vti0: entered promiscuous mode
[  367.147481][T16413] ip6_vti0: entered allmulticast mode
[  367.151979][T16413] sit0: entered promiscuous mode
[  367.154054][T16413] sit0: entered allmulticast mode
[  367.167289][T16413] ip6tnl0: entered promiscuous mode
[  367.170060][T16413] ip6tnl0: entered allmulticast mode
[  367.177860][T16413] ip6gre0: entered promiscuous mode
[  367.183056][T16413] ip6gre0: entered allmulticast mode
[  367.190368][T16413] syz_tun: entered allmulticast mode
[  367.196685][T16413] bond0: (slave syz_tun): Releasing backup interface
[  367.201861][T16413] ip6gretap0: entered promiscuous mode
[  367.203886][T16413] ip6gretap0: entered allmulticast mode
[  367.207473][T16413] vcan0: entered promiscuous mode
[  367.209541][T16413] vcan0: entered allmulticast mode
[  367.213007][T16413] bond0: entered promiscuous mode
[  367.214921][T16413] bond0: entered allmulticast mode
[  367.219043][T16413] team0: entered promiscuous mode
[  367.220862][T16413] mac80211_hwsim hwsim34 wlan1: entered promiscuous mode
[  367.223657][T16413] team0: entered allmulticast mode
[  367.225323][T16413] mac80211_hwsim hwsim34 wlan1: entered allmulticast mode
[  367.230073][T16413] nlmon0: entered promiscuous mode
[  367.232047][T16413] nlmon0: entered allmulticast mode
[  367.235531][T16413] caif0: entered promiscuous mode
[  367.237627][T16413] caif0: entered allmulticast mode
[  367.240031][T16413] batadv0: entered promiscuous mode
[  367.241691][T16413] batadv0: entered allmulticast mode
[  367.245371][T16413] vxcan0: entered promiscuous mode
[  367.247200][T16413] vxcan0: entered allmulticast mode
[  367.249779][T16413] vxcan1: entered promiscuous mode
[  367.251470][T16413] vxcan1: entered allmulticast mode
[  367.254891][T16413] veth0: entered promiscuous mode
[  367.256653][T16413] veth0: entered allmulticast mode
[  367.262627][T16413] veth1: entered promiscuous mode
[  367.264377][T16413] veth1: entered allmulticast mode
[  367.270058][T16413] wg0: entered promiscuous mode
[  367.271670][T16413] wg0: entered allmulticast mode
[  367.276518][T16413] wg1: entered promiscuous mode
[  367.278130][T16413] wg1: entered allmulticast mode
[  367.281679][T16413] wg2: entered promiscuous mode
[  367.283278][T16413] wg2: entered allmulticast mode
[  367.286874][T16413] veth0_to_bridge: entered promiscuous mode
[  367.288830][T16413] veth0_to_bridge: entered allmulticast mode
[  367.292851][T16413] bridge_slave_0: entered promiscuous mode
[  367.294773][T16413] bridge_slave_0: entered allmulticast mode
[  367.300310][T16413] veth1_to_bridge: entered promiscuous mode
[  367.302242][T16413] veth1_to_bridge: entered allmulticast mode
[  367.305693][T16413] bridge_slave_1: entered promiscuous mode
[  367.307644][T16413] bridge_slave_1: entered allmulticast mode
[  367.311638][T16413] veth0_to_bond: entered promiscuous mode
[  367.313399][T16413] veth0_to_bond: entered allmulticast mode
[  367.316530][T16413] bond_slave_0: entered promiscuous mode
[  367.318327][T16413] bond_slave_0: entered allmulticast mode
[  367.322433][T16413] veth1_to_bond: entered promiscuous mode
[  367.324597][T16413] veth1_to_bond: entered allmulticast mode
[  367.328515][T16413] bond_slave_1: entered promiscuous mode
[  367.331658][T16413] bond_slave_1: entered allmulticast mode
[  367.333968][T16413] veth0_to_team: entered promiscuous mode
[  367.335808][T16413] veth0_to_team: entered allmulticast mode
[  367.342250][T16413] team_slave_0: entered promiscuous mode
[  367.344228][T16413] team_slave_0: entered allmulticast mode
[  367.346743][T16413] veth1_to_team: entered promiscuous mode
[  367.348613][T16413] veth1_to_team: entered allmulticast mode
[  367.352758][T16413] team_slave_1: entered promiscuous mode
[  367.354513][T16413] team_slave_1: entered allmulticast mode
[  367.357320][T16413] veth0_to_batadv: entered promiscuous mode
[  367.359277][T16413] veth0_to_batadv: entered allmulticast mode
[  367.363540][T16413] batadv_slave_0: entered promiscuous mode
[  367.365275][T16413] batadv_slave_0: entered allmulticast mode
[  367.369837][T16413] veth1_to_batadv: entered promiscuous mode
[  367.371559][T16424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2116'.
[  367.371688][T16413] veth1_to_batadv: entered allmulticast mode
[  367.378562][T16413] batadv_slave_1: entered promiscuous mode
[  367.380619][T16413] batadv_slave_1: entered allmulticast mode
[  367.383968][T16413] xfrm0: entered promiscuous mode
[  367.385549][T16413] xfrm0: entered allmulticast mode
[  367.389445][T16413] veth0_to_hsr: entered promiscuous mode
[  367.391203][T16413] veth0_to_hsr: entered allmulticast mode
[  367.394337][T16413] hsr_slave_0: entered allmulticast mode
[  367.397668][T16413] veth1_to_hsr: entered promiscuous mode
[  367.400688][T16413] veth1_to_hsr: entered allmulticast mode
[  367.403955][T16413] hsr_slave_1: entered allmulticast mode
[  367.406973][T16413] hsr0: entered promiscuous mode
[  367.408533][T16413] hsr0: entered allmulticast mode
[  367.413777][T16413] veth1_virt_wifi: entered promiscuous mode
[  367.415574][T16413] veth1_virt_wifi: entered allmulticast mode
[  367.421248][T16413] veth0_virt_wifi: entered promiscuous mode
[  367.423093][T16413] veth0_virt_wifi: entered allmulticast mode
[  367.426153][T16413] net veth1_virt_wifi 
€Â: entered promiscuous mode
[  367.428188][T16413] net veth1_virt_wifi 
€Â: entered allmulticast mode
[  367.433360][T16413] veth1_vlan: entered allmulticast mode
[  367.437189][T16413] veth0_vlan: entered allmulticast mode
[  367.444204][T16413] vlan0: entered promiscuous mode
[  367.445901][T16413] vlan0: entered allmulticast mode
[  367.447513][T16413] vlan1: entered promiscuous mode
[  367.449151][T16413] vlan1: entered allmulticast mode
[  367.452809][T16413] macvlan0: entered promiscuous mode
[  367.454728][T16413] macvlan0: entered allmulticast mode
[  367.458292][T16413] macvlan1: entered promiscuous mode
[  367.460155][T16413] macvlan1: entered allmulticast mode
[  367.463227][T16413] ipvlan0: entered promiscuous mode
[  367.464947][T16413] ipvlan0: entered allmulticast mode
[  367.466831][T16413] ipvlan1: entered promiscuous mode
[  367.468540][T16413] ipvlan1: entered allmulticast mode
[  367.471511][T16413] veth1_macvtap: entered allmulticast mode
[  367.475890][T16413] veth0_macvtap: entered allmulticast mode
[  367.481004][T16413] macvtap0: entered promiscuous mode
[  367.482726][T16413] macvtap0: entered allmulticast mode
[  367.487429][T16413] macsec0: entered promiscuous mode
[  367.489106][T16413] macsec0: entered allmulticast mode
[  367.499870][T16413] geneve0: entered promiscuous mode
[  367.501854][T16413] geneve0: entered allmulticast mode
[  367.507704][T16413] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  367.511082][T16413] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  367.514087][T16413] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  367.516889][T16413] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  367.521778][T16413] geneve1: entered promiscuous mode
[  367.523444][T16413] geneve1: entered allmulticast mode
[  367.531779][T16413] mac80211_hwsim hwsim33 wlan0: entered promiscuous mode
[  367.534533][T16413] mac80211_hwsim hwsim33 wlan0: entered allmulticast mode
[  367.540322][T16413] team0: Port device wlan1 removed
[  367.542096][T16413] bridge1: entered promiscuous mode
[  367.543726][T16413] bridge1: entered allmulticast mode
[  367.545501][T16413] ip6gretap1: entered promiscuous mode
[  367.547303][T16413] ip6gretap1: entered allmulticast mode
[  367.549188][T16413] vxcan2: entered promiscuous mode
[  367.550937][T16413] vxcan2: entered allmulticast mode
[  367.554410][T16413] vxcan3: entered promiscuous mode
[  367.556466][T16413] vxcan3: entered allmulticast mode
[  367.558983][T16413] syztnl0: entered promiscuous mode
[  367.560991][T16413] syztnl0: entered allmulticast mode
[  367.563291][T16413] gretap1: entered promiscuous mode
[  367.565319][T16413] gretap1: entered allmulticast mode
[  367.571769][T16413] bond1: entered promiscuous mode
[  367.573957][T16413] gretap2: entered promiscuous mode
[  367.576022][T16413] bond1: entered allmulticast mode
[  367.577715][T16413] gretap2: entered allmulticast mode
[  367.583907][T16413] bond1: (slave gretap2): Releasing active interface
[  367.587187][T16413] netdevsim netdevsim8 eth0: entered promiscuous mode
[  367.589369][T16413] netdevsim netdevsim8 eth0: entered allmulticast mode
[  367.591711][T16413] netdevsim netdevsim8 eth1: entered promiscuous mode
[  367.593908][T16413] netdevsim netdevsim8 eth1: entered allmulticast mode
[  367.596325][T16413] netdevsim netdevsim8 eth2: entered promiscuous mode
[  367.598529][T16413] netdevsim netdevsim8 eth2: entered allmulticast mode
[  367.600849][T16413] netdevsim netdevsim8 eth3: entered promiscuous mode
[  367.603094][T16413] netdevsim netdevsim8 eth3: entered allmulticast mode
[  367.605405][T16413] bridge0: entered promiscuous mode
[  367.607121][T16413] bridge0: entered allmulticast mode
[  368.063710][ T8768] libceph: connect (1)[c::]:6789 error -101
[  368.069425][ T8768] libceph: mon0 (1)[c::]:6789 connect error
[  368.201583][T16442] ceph: No mds server is up or the cluster is laggy
[  368.606373][T16462] misc userio: No port type given on /dev/userio
[  368.728745][T16475] IPVS: set_ctl: invalid protocol: 58 10.1.1.1:20002
[  368.758515][ T5943] Bluetooth: hci1: unexpected event for opcode 0x203d
[  368.815970][T16487] nvme_fabrics: missing parameter 'transport=%s'
[  368.819562][T16487] nvme_fabrics: missing parameter 'nqn=%s'
[  368.851856][T16492] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2134'.
[  368.854656][T16492] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2134'.
[  368.873884][ T5943] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  368.876505][T16497] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2136'.
[  368.953892][T16500] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  369.004593][T16501] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  369.027768][ T5943] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  369.088044][T16509] FAULT_INJECTION: forcing a failure.
[  369.088044][T16509] name failslab, interval 1, probability 0, space 0, times 0
[  369.095011][T16509] CPU: 0 UID: 0 PID: 16509 Comm: syz.2.2133 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  369.095028][T16509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  369.095034][T16509] Call Trace:
[  369.095038][T16509]  <TASK>
[  369.095042][T16509]  dump_stack_lvl+0x16c/0x1f0
[  369.095075][T16509]  should_fail_ex+0x512/0x640
[  369.095092][T16509]  ? __kmalloc_noprof+0xbf/0x510
[  369.095105][T16509]  ? fib_nl2rule.constprop.0+0x315/0x1c10
[  369.095119][T16509]  should_failslab+0xc2/0x120
[  369.095134][T16509]  __kmalloc_noprof+0xd2/0x510
[  369.095144][T16509]  ? netlink_unicast+0x5df/0x7f0
[  369.095158][T16509]  ? netlink_sendmsg+0x8d1/0xdd0
[  369.095170][T16509]  ? ____sys_sendmsg+0xa95/0xc70
[  369.095185][T16509]  ? ___sys_sendmsg+0x134/0x1d0
[  369.095200][T16509]  fib_nl2rule.constprop.0+0x315/0x1c10
[  369.095221][T16509]  ? __pfx_fib_nl2rule.constprop.0+0x10/0x10
[  369.095239][T16509]  ? __nla_parse+0x40/0x60
[  369.095252][T16509]  fib_newrule+0x230/0x1e60
[  369.095269][T16509]  ? kasan_quarantine_put+0x10a/0x240
[  369.095280][T16509]  ? __pfx_fib_newrule+0x10/0x10
[  369.095294][T16509]  ? kmem_cache_free+0x2d4/0x4d0
[  369.095316][T16509]  ? find_held_lock+0x2b/0x80
[  369.095327][T16509]  ? __pfx_fib_nl_newrule+0x10/0x10
[  369.095339][T16509]  ? __pfx_fib_nl_newrule+0x10/0x10
[  369.095352][T16509]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  369.095366][T16509]  ? __pfx_fib_nl_newrule+0x10/0x10
[  369.095379][T16509]  rtnetlink_rcv_msg+0x95b/0xe90
[  369.095394][T16509]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  369.095414][T16509]  netlink_rcv_skb+0x16a/0x440
[  369.095428][T16509]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  369.095442][T16509]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  369.095464][T16509]  ? netlink_deliver_tap+0x1ae/0xd30
[  369.095479][T16509]  netlink_unicast+0x53d/0x7f0
[  369.095495][T16509]  ? __pfx_netlink_unicast+0x10/0x10
[  369.095513][T16509]  netlink_sendmsg+0x8d1/0xdd0
[  369.095529][T16509]  ? __pfx_netlink_sendmsg+0x10/0x10
[  369.095544][T16509]  ? __import_iovec+0x1c8/0x660
[  369.095564][T16509]  ____sys_sendmsg+0xa95/0xc70
[  369.095581][T16509]  ? __pfx_____sys_sendmsg+0x10/0x10
[  369.095596][T16509]  ? get_compat_msghdr+0x11a/0x170
[  369.095615][T16509]  ___sys_sendmsg+0x134/0x1d0
[  369.095629][T16509]  ? __pfx____sys_sendmsg+0x10/0x10
[  369.095653][T16509]  ? populate_seccomp_data+0x210/0x540
[  369.095674][T16509]  __sys_sendmsg+0x16d/0x220
[  369.095689][T16509]  ? __pfx___sys_sendmsg+0x10/0x10
[  369.095707][T16509]  ? __secure_computing+0x21c/0x320
[  369.095720][T16509]  __do_fast_syscall_32+0x73/0x120
[  369.095738][T16509]  do_fast_syscall_32+0x32/0x80
[  369.095754][T16509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  369.095767][T16509] RIP: 0023:0xf7f74579
[  369.095776][T16509] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  369.095786][T16509] RSP: 002b:00000000f507555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  369.095796][T16509] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000140
[  369.095803][T16509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  369.095809][T16509] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  369.095815][T16509] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  369.095820][T16509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  369.095833][T16509]  </TASK>
[  369.247837][T16500] /dev/sr0: Can't open blockdev
[  369.350411][T16501] /dev/sr0: Can't open blockdev
[  369.603674][ T8768] IPVS: starting estimator thread 0...
[  369.666147][T16536] syz_tun: entered allmulticast mode
[  369.669813][T16535] syz_tun: left allmulticast mode
[  369.709493][T16540] IPVS: using max 43 ests per chain, 103200 per kthread
[  369.748878][T16549] FAULT_INJECTION: forcing a failure.
[  369.748878][T16549] name failslab, interval 1, probability 0, space 0, times 0
[  369.753998][T16549] CPU: 3 UID: 0 PID: 16549 Comm: syz.5.2148 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  369.754034][T16549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  369.754044][T16549] Call Trace:
[  369.754050][T16549]  <TASK>
[  369.754056][T16549]  dump_stack_lvl+0x16c/0x1f0
[  369.754082][T16549]  should_fail_ex+0x512/0x640
[  369.754104][T16549]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  369.754126][T16549]  should_failslab+0xc2/0x120
[  369.754146][T16549]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  369.754164][T16549]  ? __alloc_skb+0x2b2/0x380
[  369.754185][T16549]  __alloc_skb+0x2b2/0x380
[  369.754203][T16549]  ? __pfx___alloc_skb+0x10/0x10
[  369.754218][T16549]  ? aa_sk_perm+0x2f4/0xb10
[  369.754240][T16549]  ? __pfx_aa_sk_perm+0x10/0x10
[  369.754262][T16549]  pfkey_sendmsg+0x16e/0x850
[  369.754284][T16549]  ____sys_sendmsg+0xa95/0xc70
[  369.754308][T16549]  ? __pfx_____sys_sendmsg+0x10/0x10
[  369.754328][T16549]  ? get_compat_msghdr+0x11a/0x170
[  369.754357][T16549]  ___sys_sendmsg+0x134/0x1d0
[  369.754377][T16549]  ? __pfx____sys_sendmsg+0x10/0x10
[  369.754427][T16549]  __sys_sendmsg+0x16d/0x220
[  369.754471][T16549]  ? __pfx___sys_sendmsg+0x10/0x10
[  369.754503][T16549]  ? rcu_is_watching+0x12/0xc0
[  369.754522][T16549]  __do_fast_syscall_32+0x73/0x120
[  369.754546][T16549]  do_fast_syscall_32+0x32/0x80
[  369.754568][T16549]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  369.754587][T16549] RIP: 0023:0xf7fa7579
[  369.754600][T16549] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  369.754615][T16549] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  369.754631][T16549] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000
[  369.754641][T16549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  369.754651][T16549] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  369.754661][T16549] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  369.754670][T16549] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  369.754692][T16549]  </TASK>
[  370.031554][   T40] audit: type=1326 audit(1747407324.788:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16557 comm="syz.5.2150" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa7579 code=0x0
[  370.302539][T16561] gfs2: gfs2 mount does not exist
[  370.502568][T16543] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.051458][T16586] __nla_validate_parse: 2 callbacks suppressed
[  371.051502][T16586] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2158'.
[  371.535111][T16604] random: crng reseeded on system resumption
[  372.070612][T16612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2164'.
[  373.779063][T16661] picdev_read: 18 callbacks suppressed
[  373.779079][T16661] kvm: pic: non byte read
[  373.788669][T16661] kvm: pic: non byte read
[  373.795676][T16661] kvm: pic: level sensitive irq not supported
[  373.795916][T16661] kvm: pic: non byte read
[  373.807525][T16661] kvm: pic: non byte read
[  373.812575][T16661] kvm: pic: level sensitive irq not supported
[  373.812811][T16661] kvm: pic: non byte read
[  373.817403][T16661] kvm: pic: level sensitive irq not supported
[  373.817710][T16661] kvm: pic: non byte read
[  373.825206][T16661] kvm: pic: non byte read
[  373.827842][T16661] kvm: pic: non byte read
[  373.838813][T16661] kvm: pic: single mode not supported
[  373.838827][T16661] kvm: pic: level sensitive irq not supported
[  373.843614][T16661] kvm: pic: non byte read
[  374.039460][  T834] usb 13-1: new high-speed USB device number 11 using dummy_hcd
[  374.189444][  T834] usb 13-1: Using ep0 maxpacket: 8
[  374.192623][  T834] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  374.195029][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.198434][  T834] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.202255][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.205675][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.210923][  T834] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  374.213413][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.216972][  T834] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.220865][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.224350][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.228747][  T834] usb 13-1: config 168 descriptor has 1 excess byte, ignoring
[  374.231386][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  374.234985][  T834] usb 13-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  374.238674][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  374.242253][  T834] usb 13-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  374.248338][  T834] usb 13-1: string descriptor 0 read error: -22
[  374.250465][  T834] usb 13-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  374.253384][  T834] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.263356][  T834] adutux 13-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  374.464543][   T40] audit: type=1326 audit(1747407329.218:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16664 comm="syz.8.2177" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa7579 code=0x0
[  374.517211][  T834] usb 13-1: USB disconnect, device number 11
[  374.523016][T16680] netlink: 'syz.8.2177': attribute type 21 has an invalid length.
[  374.525470][T16680] netlink: 16166 bytes leftover after parsing attributes in process `syz.8.2177'.
[  374.689090][T16684] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2180'.
[  375.081814][T16691] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2183'.
[  375.087056][T16691] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2183'.
[  376.325849][T16728] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2195'.
[  376.459378][ T5291] Bluetooth: hci0: command 0x0419 tx timeout
[  376.658322][T16739] capability: warning: `syz.1.2197' uses 32-bit capabilities (legacy support in use)
[  376.675448][T16739] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) !
[  376.758689][T16742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2198'.
[  377.437800][T16770] netlink: 'syz.2.2208': attribute type 1 has an invalid length.
[  377.473500][T16770] bond2: entered promiscuous mode
[  377.475119][T16770] bond2: entered allmulticast mode
[  377.494136][T16770] bond2: (slave erspan1): making interface the new active one
[  377.496870][T16770] erspan1: entered promiscuous mode
[  377.499117][T16770] erspan1: entered allmulticast mode
[  377.503825][T16770] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  377.512663][T16770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2208'.
[  377.517618][T16770] bond2: left promiscuous mode
[  377.519143][T16770] erspan1: left promiscuous mode
[  377.521408][T16770] bond2: left allmulticast mode
[  377.523191][T16770] erspan1: left allmulticast mode
[  377.525585][T16770] 8021q: adding VLAN 0 to HW filter on device bond2
[  377.572140][T16773] sp0: Synchronizing with TNC
[  378.052351][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  378.054849][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  378.594663][T16804] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2220'.
[  379.447565][T16824] tipc: Started in network mode
[  379.448906][T16824] tipc: Node identity ac1414aa, cluster identity 4711
[  379.453988][T16824] tipc: Enabled bearer <udp:s>, priority 10
[  379.526595][T16832] FAULT_INJECTION: forcing a failure.
[  379.526595][T16832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.531689][T16832] CPU: 2 UID: 0 PID: 16832 Comm: syz.2.2231 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  379.531706][T16832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.531712][T16832] Call Trace:
[  379.531716][T16832]  <TASK>
[  379.531720][T16832]  dump_stack_lvl+0x16c/0x1f0
[  379.531742][T16832]  should_fail_ex+0x512/0x640
[  379.531762][T16832]  _copy_from_iter+0x2a4/0x15b0
[  379.531781][T16832]  ? __alloc_skb+0x200/0x380
[  379.531795][T16832]  ? __pfx__copy_from_iter+0x10/0x10
[  379.531814][T16832]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  379.531834][T16832]  netlink_sendmsg+0x829/0xdd0
[  379.531851][T16832]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.531867][T16832]  ? __import_iovec+0x1c8/0x660
[  379.531881][T16832]  ____sys_sendmsg+0xa95/0xc70
[  379.531899][T16832]  ? __pfx_____sys_sendmsg+0x10/0x10
[  379.531915][T16832]  ? get_compat_msghdr+0x11a/0x170
[  379.531935][T16832]  ___sys_sendmsg+0x134/0x1d0
[  379.531950][T16832]  ? __pfx____sys_sendmsg+0x10/0x10
[  379.531979][T16832]  __sys_sendmsg+0x16d/0x220
[  379.531992][T16832]  ? __pfx___sys_sendmsg+0x10/0x10
[  379.532010][T16832]  ? rcu_is_watching+0x12/0xc0
[  379.532024][T16832]  __do_fast_syscall_32+0x73/0x120
[  379.532041][T16832]  do_fast_syscall_32+0x32/0x80
[  379.532058][T16832]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  379.532071][T16832] RIP: 0023:0xf7f74579
[  379.532079][T16832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  379.532090][T16832] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  379.532100][T16832] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  379.532106][T16832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  379.532112][T16832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  379.532118][T16832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  379.532123][T16832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  379.532136][T16832]  </TASK>
[  379.943583][T16838] input: syz0 as /devices/virtual/input/input29
[  380.222308][T16853] trusted_key: encrypted_key: master key parameter '†½˜0‹ANV:ìªÚM*ÓöÁr(tɨ+^¢ŸìøÞ©mH¾ÍÉœ.
Ù!×ãh·z4A”Ë„Ä—<Ãò' is invalid
[  380.324915][T16855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2239'.
[  380.328265][T16855] openvswitch: netlink: nsh attr 5 is out of range max 3
[  380.330689][T16855] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  380.569432][ T6369] tipc: Node number set to 2886997162
[  380.703816][T16856] i2c i2c-1: Invalid block write size 34
[  380.852304][T16870] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2244'.
[  382.190708][T16903] netlink: 'syz.1.2251': attribute type 4 has an invalid length.
[  382.203128][T16903] netlink: 'syz.1.2251': attribute type 4 has an invalid length.
[  382.212479][T16903] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2251'.
[  383.039353][T16930] netlink: 'syz.2.2260': attribute type 4 has an invalid length.
[  383.047144][T16930] netlink: 'syz.2.2260': attribute type 4 has an invalid length.
[  384.856480][T17005] netlink: 'syz.8.2273': attribute type 4 has an invalid length.
[  384.869671][T17005] netlink: 'syz.8.2273': attribute type 4 has an invalid length.
[  384.917189][T17010] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.920693][T17010] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  385.362675][T17035] netlink: 'syz.8.2279': attribute type 1 has an invalid length.
[  385.394811][T17010] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.398017][T17010] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  385.504684][T17010] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.508685][T17010] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  385.750609][T17010] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.753881][T17010] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  385.897220][T17010] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 256 - 0
[  385.900094][T17010] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  385.916219][T17010] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 256 - 0
[  385.918763][T17010] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  385.928208][T17010] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 256 - 0
[  385.940274][T17010] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  385.951774][T17010] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 256 - 0
[  385.955326][T17010] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  386.106845][T17057] netlink: 'syz.8.2288': attribute type 1 has an invalid length.
[  386.322008][T17063] netlink: 'syz.8.2289': attribute type 1 has an invalid length.
[  386.350667][T17061] netlink: 'syz.5.2287': attribute type 4 has an invalid length.
[  387.101892][T17076] overlayfs: missing 'lowerdir'
[  387.438482][T17088] validate_nla: 2 callbacks suppressed
[  387.438495][T17088] netlink: 'syz.1.2297': attribute type 1 has an invalid length.
[  387.612360][T17090] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2298'.
[  387.618782][T17090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  388.564532][T17106] ieee802154 phy0 wpan0: encryption failed: -22
[  388.612062][T17106] netlink: 'syz.8.2302': attribute type 23 has an invalid length.
[  389.154551][T17110] netlink: 'syz.5.2304': attribute type 2 has an invalid length.
[  389.339617][T17115] netlink: 'syz.1.2306': attribute type 1 has an invalid length.
[  389.859423][ T6369] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  390.019379][ T6369] usb 7-1: Invalid ep0 maxpacket: 32
[  390.163528][ T6369] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  390.559465][ T6369] usb 7-1: Invalid ep0 maxpacket: 32
[  390.561554][ T6369] usb usb7-port1: attempt power cycle
[  390.898542][T17153] netlink: 'syz.1.2311': attribute type 4 has an invalid length.
[  390.907939][T17153] netlink: 'syz.1.2311': attribute type 4 has an invalid length.
[  390.914023][T17153] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2311'.
[  391.199388][ T6369] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[  391.641178][ T6369] usb 7-1: Invalid ep0 maxpacket: 32
[  391.770584][ T6369] usb 7-1: new low-speed USB device number 14 using dummy_hcd
[  391.801743][ T6369] usb 7-1: Invalid ep0 maxpacket: 32
[  391.804459][ T6369] usb usb7-port1: unable to enumerate USB device
[  392.262974][T17180] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.2313'.
[  392.454458][T17179] bond0: left allmulticast mode
[  393.233272][T17189] netlink: 'syz.1.2315': attribute type 4 has an invalid length.
[  393.278649][T17181] netlink: 'syz.1.2315': attribute type 4 has an invalid length.
[  393.524099][   T40] audit: type=1804 audit(1747407348.278:323): pid=17196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2318" name="/newroot/309/file0" dev="tmpfs" ino=1656 res=1 errno=0
[  394.326582][T17211] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2321'.
[  394.378395][T17217] kvm: user requested TSC rate below hardware speed
[  394.438626][T17181] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2315'.
[  394.672623][T17239] netlink: 'syz.2.2326': attribute type 1 has an invalid length.
[  395.143709][T17255] netlink: 'syz.5.2327': attribute type 4 has an invalid length.
[  395.176211][T17255] netlink: 'syz.5.2327': attribute type 4 has an invalid length.
[  395.797614][T17280] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2338'.
[  395.931132][T17287] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2339'.
[  395.941114][T17287] vivid-007: disconnect
[  396.009980][T17289] netlink: 'syz.8.2340': attribute type 1 has an invalid length.
[  396.053313][T17285] netlink: 'syz.1.2336': attribute type 4 has an invalid length.
[  396.062843][T17285] netlink: 'syz.1.2336': attribute type 4 has an invalid length.
[  396.137952][T17285] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2336'.
[  396.818366][T17330] xt_HMARK: spi-set and port-set can't be combined
[  396.823310][T17330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2346'.
[  396.867425][T17283] vivid-007: reconnect
[  396.876027][T17330] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2346'.
[  396.919819][T17333] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2347'.
[  397.012149][T17339] vivid-007: =================  START STATUS  =================
[  397.014848][T17339] vivid-007: Enable Output Cropping: true grabbed
[  397.016942][T17339] vivid-007: Enable Output Composing: true grabbed
[  397.020114][T17339] vivid-007: Enable Output Scaler: true grabbed
[  397.022161][T17339] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  397.024381][T17339] vivid-007: Transmit Mode: HDMI grabbed
[  397.026138][T17339] vivid-007: Hotplug Present: 0x00000000
[  397.027911][T17339] vivid-007: RxSense Present: 0x00000000
[  397.031250][T17339] vivid-007: EDID Present: 0x00000000
[  397.032954][T17339] vivid-007: ==================  END STATUS  ==================
[  397.189272][T17346] netlink: 'syz.2.2349': attribute type 4 has an invalid length.
[  397.216044][T17346] netlink: 'syz.2.2349': attribute type 4 has an invalid length.
[  397.379571][T17358] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2356'.
[  397.771981][T17372] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[  397.833172][T17382] netlink: 'syz.5.2362': attribute type 11 has an invalid length.
[  397.836464][T17382] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.2362'.
[  397.894544][T17382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  397.944031][T17393] 9pnet_virtio: no channels available for device ./file0/file0
[  398.694867][ T5943] Bluetooth: hci2: unexpected event for opcode 0x2003
[  399.095325][   T40] audit: type=1326 audit(1747407353.848:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17408 comm="syz.5.2369" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  399.111308][   T40] audit: type=1326 audit(1747407353.848:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17408 comm="syz.5.2369" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  399.118811][   T40] audit: type=1326 audit(1747407353.858:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17408 comm="syz.5.2369" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  399.793449][T17421] netlink: 'syz.8.2371': attribute type 4 has an invalid length.
[  399.804333][T17421] netlink: 'syz.8.2371': attribute type 4 has an invalid length.
[  400.819463][   T10] usb 13-1: new full-speed USB device number 12 using dummy_hcd
[  400.971442][   T10] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  400.974592][   T10] usb 13-1: config 0 has 1 interface, different from the descriptor's value: 2
[  400.977481][   T10] usb 13-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  400.980606][   T10] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.984481][   T10] usb 13-1: config 0 descriptor??
[  400.994300][   T10] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  400.997140][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  401.006631][   T10] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  401.010665][   T10] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  401.014282][   T10] usb 13-1: media controller created
[  401.017765][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  401.030982][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  401.033274][   T10] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  401.037800][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.8/usb13/13-1/input/input30
[  401.044234][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[  401.046709][   T10] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  401.100851][T17460] overlayfs: failed to clone upperpath
[  401.145968][T17464] netlink: 'syz.1.2382': attribute type 1 has an invalid length.
[  401.200966][ T5943] Bluetooth: hci1: unexpected event for opcode 0x0402
[  401.202275][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  401.202994][T17467] __nla_validate_parse: 1 callbacks suppressed
[  401.203004][T17467] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2383'.
[  401.221407][   T10] dvb-usb: error while querying for an remote control event.
[  401.226452][   T10] usb 13-1: USB disconnect, device number 12
[  401.325023][   T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  401.352737][   T40] audit: type=1326 audit(1747407356.108:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17478 comm="syz.1.2385" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x0
[  401.430012][T17484] FAULT_INJECTION: forcing a failure.
[  401.430012][T17484] name failslab, interval 1, probability 0, space 0, times 0
[  401.435705][T17484] CPU: 1 UID: 0 PID: 17484 Comm: syz.5.2384 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  401.435730][T17484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  401.435742][T17484] Call Trace:
[  401.435748][T17484]  <TASK>
[  401.435755][T17484]  dump_stack_lvl+0x16c/0x1f0
[  401.435786][T17484]  should_fail_ex+0x512/0x640
[  401.435811][T17484]  ? __kmalloc_noprof+0xbf/0x510
[  401.435832][T17484]  ? constrain_params_by_rules+0x175/0xca0
[  401.435858][T17484]  should_failslab+0xc2/0x120
[  401.435880][T17484]  __kmalloc_noprof+0xd2/0x510
[  401.435897][T17484]  ? kasan_quarantine_put+0x10a/0x240
[  401.435915][T17484]  ? lockdep_hardirqs_on+0x7c/0x110
[  401.435944][T17484]  constrain_params_by_rules+0x175/0xca0
[  401.435970][T17484]  ? constrain_params_by_rules+0xa09/0xca0
[  401.436000][T17484]  ? constrain_params_by_rules+0xa0e/0xca0
[  401.436030][T17484]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  401.436063][T17484]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  401.436088][T17484]  ? kfree+0x2b6/0x4d0
[  401.436109][T17484]  ? snd_pcm_oss_change_params_locked+0x1398/0x3b40
[  401.436136][T17484]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  401.436162][T17484]  ? snd_interval_refine+0x2fa/0x580
[  401.436185][T17484]  snd_pcm_hw_refine+0x7de/0xad0
[  401.436216][T17484]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  401.436247][T17484]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  401.436282][T17484]  snd_pcm_hw_param_first+0x334/0x6f0
[  401.436313][T17484]  snd_pcm_hw_param_near.constprop.0+0x702/0x8e0
[  401.436343][T17484]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  401.436376][T17484]  ? __asan_memset+0x23/0x50
[  401.436391][T17484]  ? calc_src_frames.isra.0+0x187/0x1d0
[  401.436406][T17484]  ? calc_dst_frames.constprop.0.isra.0+0x103/0x130
[  401.436429][T17484]  snd_pcm_oss_change_params_locked+0x1398/0x3b40
[  401.436467][T17484]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  401.436495][T17484]  ? snd_pcm_oss_write+0x4a2/0xa10
[  401.436530][T17484]  ? find_held_lock+0x2b/0x80
[  401.436553][T17484]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  401.436581][T17484]  snd_pcm_oss_write+0x4c3/0xa10
[  401.436608][T17484]  ? bpf_lsm_file_permission+0x9/0x10
[  401.436623][T17484]  ? security_file_permission+0x71/0x210
[  401.436653][T17484]  vfs_write+0x25c/0x1180
[  401.436669][T17484]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  401.436701][T17484]  ? __pfx_vfs_write+0x10/0x10
[  401.436716][T17484]  ? find_held_lock+0x2b/0x80
[  401.436733][T17484]  ? __fget_files+0x204/0x3c0
[  401.436754][T17484]  ? __fget_files+0x20e/0x3c0
[  401.436777][T17484]  ksys_write+0x12a/0x240
[  401.436794][T17484]  ? __pfx_ksys_write+0x10/0x10
[  401.436813][T17484]  ? rcu_is_watching+0x12/0xc0
[  401.436834][T17484]  __do_fast_syscall_32+0x73/0x120
[  401.436861][T17484]  do_fast_syscall_32+0x32/0x80
[  401.436887][T17484]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  401.436908][T17484] RIP: 0023:0xf7fa7579
[  401.436922][T17484] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  401.436938][T17484] RSP: 002b:00000000f508455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  401.436955][T17484] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080002200
[  401.436966][T17484] RDX: 0000000000001000 RSI: 0000000000000000 RDI: 0000000000000000
[  401.436977][T17484] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  401.436988][T17484] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  401.436998][T17484] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  401.437022][T17484]  </TASK>
[  401.465212][T17485] tipc: Trying to set illegal importance in message
[  401.621921][T17485] overlay: Unknown parameter 'smackfsdef'
[  401.881771][T17497] netlink: 'syz.2.2388': attribute type 4 has an invalid length.
[  401.888982][T17497] netlink: 'syz.2.2388': attribute type 4 has an invalid length.
[  402.499158][ T9056] IPVS: starting estimator thread 0...
[  402.599529][T17509] IPVS: using max 43 ests per chain, 103200 per kthread
[  402.726058][T17507] IPVS: set_ctl: invalid protocol: 58 172.30.1.6:19999
[  402.728402][T17507] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20004
[  402.771955][T17513] netlink: 'syz.8.2393': attribute type 1 has an invalid length.
[  403.581157][T17535] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2399'.
[  404.392062][T17565] netlink: 'syz.2.2409': attribute type 4 has an invalid length.
[  404.442025][T17565] netlink: 'syz.2.2409': attribute type 4 has an invalid length.
[  405.534638][T17597] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2416'.
[  405.849725][T17626] netlink: 'syz.8.2419': attribute type 4 has an invalid length.
[  405.860182][T17626] netlink: 'syz.8.2419': attribute type 4 has an invalid length.
[  406.680851][T17635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2424'.
[  406.683568][T17635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2424'.
[  406.833182][T17646] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2429'.
[  406.889457][T17648] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2429'.
[  406.893071][T17648] 8021q: VLANs not supported on ip_vti0
[  407.760117][T17663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2434'.
[  407.762964][T17663] netlink: 'syz.1.2434': attribute type 7 has an invalid length.
[  407.765350][T17663] netlink: 'syz.1.2434': attribute type 8 has an invalid length.
[  407.767832][T17663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2434'.
[  407.774699][   T40] audit: type=1326 audit(1747407362.528:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.782600][   T40] audit: type=1326 audit(1747407362.538:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=161 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.788933][   T40] audit: type=1326 audit(1747407362.538:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.796143][   T40] audit: type=1326 audit(1747407362.538:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.797544][T17664] IPv6: NLM_F_CREATE should be specified when creating new route
[  407.802683][   T40] audit: type=1326 audit(1747407362.538:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.811908][   T40] audit: type=1326 audit(1747407362.538:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.818194][   T40] audit: type=1326 audit(1747407362.548:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.826624][   T40] audit: type=1326 audit(1747407362.548:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.834278][   T40] audit: type=1326 audit(1747407362.548:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.849352][   T40] audit: type=1326 audit(1747407362.568:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.2434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000
[  407.890072][T17668] netlink: 'syz.1.2437': attribute type 10 has an invalid length.
[  407.892604][T17668] openvswitch: netlink: Flow actions attr not present in new flow.
[  408.209872][T17677] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20004
[  408.403279][T17693] overlayfs: failed to clone lowerpath
[  408.406165][T17693] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  408.949065][T17673] netlink: 'syz.8.2436': attribute type 4 has an invalid length.
[  408.956894][T17673] netlink: 'syz.8.2436': attribute type 4 has an invalid length.
[  409.173774][T17710] netlink: 'syz.5.2449': attribute type 3 has an invalid length.
[  409.177284][T17710] netlink: 'syz.5.2449': attribute type 3 has an invalid length.
[  409.193997][T17712] FAULT_INJECTION: forcing a failure.
[  409.193997][T17712] name failslab, interval 1, probability 0, space 0, times 0
[  409.194573][T17710] wg1 speed is unknown, defaulting to 1000
[  409.198342][T17712] CPU: 1 UID: 0 PID: 17712 Comm: syz.8.2450 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  409.198358][T17712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  409.198365][T17712] Call Trace:
[  409.198369][T17712]  <TASK>
[  409.198374][T17712]  dump_stack_lvl+0x16c/0x1f0
[  409.198393][T17712]  should_fail_ex+0x512/0x640
[  409.198410][T17712]  ? __kmalloc_noprof+0xbf/0x510
[  409.198423][T17712]  ? sock_kmalloc+0x111/0x170
[  409.198438][T17712]  should_failslab+0xc2/0x120
[  409.198453][T17712]  __kmalloc_noprof+0xd2/0x510
[  409.198463][T17712]  ? do_raw_spin_lock+0x12c/0x2b0
[  409.198483][T17712]  sock_kmalloc+0x111/0x170
[  409.198500][T17712]  hash_alloc_result+0xd7/0x150
[  409.198511][T17712]  hash_recvmsg+0x198/0x920
[  409.198524][T17712]  ____sys_recvmsg+0x5f9/0x6b0
[  409.198543][T17712]  ? __pfx_____sys_recvmsg+0x10/0x10
[  409.198558][T17712]  ? import_iovec+0x86/0xb0
[  409.198579][T17712]  ? __lock_acquire+0x5ca/0x1ba0
[  409.198595][T17712]  ___sys_recvmsg+0x114/0x1a0
[  409.198609][T17712]  ? __pfx____sys_recvmsg+0x10/0x10
[  409.198629][T17712]  ? get_pid_task+0x80/0x250
[  409.198644][T17712]  ? __pfx___might_resched+0x10/0x10
[  409.198659][T17712]  do_recvmmsg+0x568/0x740
[  409.198674][T17712]  ? __pfx_do_recvmmsg+0x10/0x10
[  409.198697][T17712]  ? __fget_files+0x20e/0x3c0
[  409.198709][T17712]  __sys_recvmmsg+0x21c/0x280
[  409.198722][T17712]  ? __pfx___sys_recvmmsg+0x10/0x10
[  409.198737][T17712]  ? __pfx_ksys_write+0x10/0x10
[  409.198750][T17712]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  409.198764][T17712]  ? lockdep_hardirqs_on+0x7c/0x110
[  409.198779][T17712]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  409.198796][T17712]  __do_fast_syscall_32+0x73/0x120
[  409.198814][T17712]  do_fast_syscall_32+0x32/0x80
[  409.198830][T17712]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  409.198844][T17712] RIP: 0023:0xf7fa7579
[  409.198853][T17712] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  409.198863][T17712] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  409.198874][T17712] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080003700
[  409.198880][T17712] RDX: 0000000000000600 RSI: 0000000000000000 RDI: 0000000000000000
[  409.198887][T17712] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  409.198893][T17712] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  409.198899][T17712] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  409.198912][T17712]  </TASK>
[  409.792728][T17728] netlink: 'syz.2.2454': attribute type 1 has an invalid length.
[  410.285243][T17744] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2459'.
[  410.886879][T17768] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2462'.
[  410.898017][T17768] random: crng reseeded on system resumption
[  411.831604][T17799] sp0: Synchronizing with TNC
[  411.847704][T17798] [U] è
[  412.029195][T17805] can0: slcan on ttyprintk.
[  412.412840][  T835] kernel write not supported for file /1057/net/netstat (pid: 835 comm: kworker/1:2)
[  413.111156][T17804] can0 (unregistered): slcan off ttyprintk.
[  413.278476][T17836] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2472'.
[  413.827039][T17872] tmpfs: Bad value for 'mpol'
[  414.535008][T17896] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2482'.
[  414.537913][T17896] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2482'.
[  414.543362][T17896] netlink: 'syz.1.2482': attribute type 6 has an invalid length.
[  414.720192][T17903] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2483'.
[  415.117760][T17933] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2490'.
[  415.361058][T17949] team0: Device ip6tnl1 is of different type
[  415.896846][T17979] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.974906][T17979] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.042514][T17979] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.083775][T17979] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.218117][T17979] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  416.227030][T17979] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  416.234214][T17979] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  416.496144][T17979] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  416.760451][T18021] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.2511'.
[  416.830700][T18028] IPv6: NLM_F_CREATE should be specified when creating new route
[  417.359441][  T834] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  417.509411][  T834] usb 10-1: Using ep0 maxpacket: 16
[  417.513777][  T834] usb 10-1: config 0 has an invalid descriptor of length 65, skipping remainder of the config
[  417.518102][  T834] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  417.523889][  T834] usb 10-1: New USB device found, idVendor=046d, idProduct=b2da, bcdDevice=b1.86
[  417.527841][  T834] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.533827][  T834] usb 10-1: config 0 descriptor??
[  417.551433][T18062] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2518'.
[  417.772337][T18048] ALSA: mixer_oss: invalid index 40000
[  417.781351][ T9056] usb 10-1: USB disconnect, device number 11
[  418.479941][T18099] netlink: 'syz.2.2526': attribute type 4 has an invalid length.
[  418.487691][T18099] netlink: 'syz.2.2526': attribute type 4 has an invalid length.
[  418.596627][T18106] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2527'.
[  419.115599][T18135] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2535'.
[  420.018762][T18188] IPv6: NLM_F_CREATE should be specified when creating new route
[  420.153855][T18191] ALSA: seq fatal error: cannot create timer (-22)
[  420.692130][ T5291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  420.697452][ T5291] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  420.711107][ T5291] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  420.714669][ T5291] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  420.718198][ T5291] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  420.740344][T18218] wg1 speed is unknown, defaulting to 1000
[  421.266617][  T103] bond0 (unregistering): Released all slaves
[  421.356710][  T103] bond1 (unregistering): Released all slaves
[  421.446887][  T103] tipc: Disabling bearer <udp:s>
[  421.460124][  T103] tipc: Left network mode
[  421.472901][T18218] chnl_net:caif_netlink_parms(): no params data found
[  421.723683][T18218] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.728120][T18218] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.731599][T18218] bridge_slave_0: entered allmulticast mode
[  421.734932][T18218] bridge_slave_0: entered promiscuous mode
[  421.761482][T18218] bridge0: port 2(bridge_slave_1) entered blocking state
[  421.764220][T18218] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.767309][T18218] bridge_slave_1: entered allmulticast mode
[  421.771299][T18218] bridge_slave_1: entered promiscuous mode
[  421.811013][T18218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  421.817277][T18218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  421.867333][T18218] team0: Port device team_slave_0 added
[  421.895536][T18218] team0: Port device team_slave_1 added
[  421.990451][T18218] batman_adv: batadv0: Adding interface: batadv_slave_0
[  421.994873][T18218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.020403][T18218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  422.027639][T18218] batman_adv: batadv0: Adding interface: batadv_slave_1
[  422.033453][T18218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.059558][T18218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  422.483453][T18260] netlink: 'syz.1.2559': attribute type 4 has an invalid length.
[  422.538002][T18263] netlink: 'syz.1.2559': attribute type 4 has an invalid length.
[  422.557564][T18265] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2561'.
[  422.855109][ T5943] Bluetooth: hci0: command tx timeout
[  423.774572][T18218] hsr_slave_0: entered promiscuous mode
[  423.777038][T18218] hsr_slave_1: entered promiscuous mode
[  423.779731][T18218] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  423.782478][T18218] Cannot create hsr debugfs directory
[  423.812887][T18266] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2559'.
[  424.050029][T18285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2567'.
[  424.643890][  T103] IPVS: stop unused estimator thread 0...
[  424.930717][ T5943] Bluetooth: hci0: command tx timeout
[  425.052015][T18218] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  425.056724][T18218] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  425.060806][T18218] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  425.064588][T18218] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  425.131095][T18218] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.140877][T18218] 8021q: adding VLAN 0 to HW filter on device team0
[  425.146705][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.148955][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  425.155768][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.158015][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[  425.183986][T18218] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  425.315734][T18218] 8021q: adding VLAN 0 to HW filter on device batadv0
[  425.482809][T18337] netlink: 'syz.2.2571': attribute type 4 has an invalid length.
[  425.544236][T18218] veth0_vlan: entered promiscuous mode
[  425.551674][T18218] veth1_vlan: entered promiscuous mode
[  425.557483][T18327] netlink: 'syz.2.2571': attribute type 4 has an invalid length.
[  425.575061][T18218] veth0_macvtap: entered promiscuous mode
[  425.579102][T18218] veth1_macvtap: entered promiscuous mode
[  425.588936][T18218] batman_adv: batadv0: Interface activated: batadv_slave_0
[  425.601190][T18218] batman_adv: batadv0: Interface activated: batadv_slave_1
[  425.614835][T18218] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.617677][T18218] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.621137][T18218] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.623888][T18218] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.669349][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  425.671920][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  425.677854][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  425.682213][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  425.813273][T18374] wg1 speed is unknown, defaulting to 1000
[  426.260093][T18389] netlink: 'syz.2.2578': attribute type 4 has an invalid length.
[  426.272964][T18389] netlink: 'syz.2.2578': attribute type 4 has an invalid length.
[  426.282607][T18400] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2579'.
[  426.610343][ T5981] kernel write not supported for file /13/net/netstat (pid: 5981 comm: kworker/0:3)
[  426.669806][T18429] netlink: set zone limit has 8 unknown bytes
[  426.817703][   T40] kauditd_printk_skb: 41 callbacks suppressed
[  426.817715][   T40] audit: type=1326 audit(1747407381.568:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18438 comm="syz.2.2587" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x0
[  426.926412][T18448] tipc: Trying to set illegal importance in message
[  426.940793][T18448] ufs: failed to set blocksize
[  426.944509][T18448] overlay: Unknown parameter 'smackfsdef'
[  427.009392][ T5943] Bluetooth: hci0: command tx timeout
[  427.127527][T18450] fuse: Unknown parameter 'fd<*†ÅØ$­Ì	W-øQ¼¦_'
[  427.542904][T18473] IPv6: NLM_F_CREATE should be specified when creating new route
[  427.550384][T18467] netlink: 'syz.5.2591': attribute type 4 has an invalid length.
[  427.555840][T18467] netlink: 'syz.5.2591': attribute type 4 has an invalid length.
[  427.820870][T18498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2598'.
[  427.827000][T18498] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  427.830419][T18498] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  427.832949][T18498] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  427.835629][T18498] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  427.844156][T18498] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  427.846816][T18498] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  427.849543][T18498] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  427.852184][T18498] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  427.920599][T18507] wg1 speed is unknown, defaulting to 1000
[  428.327999][T18540] binder: 18538:18540 ioctl 4018620d 0 returned -22
[  428.439857][T18547] ebtables: wrong size: *len 264, entries_size 144, replsz 144
[  428.731237][   T64] Bluetooth: hci4: Frame reassembly failed (-84)
[  428.733529][   T64] Bluetooth: hci4: Frame reassembly failed (-84)
[  429.089554][ T5291] Bluetooth: hci0: command tx timeout
[  429.209387][ T8768] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  429.369395][ T8768] usb 10-1: Using ep0 maxpacket: 8
[  429.387982][ T8768] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  429.406002][ T8768] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  429.409869][ T8768] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  429.413021][ T8768] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  429.439466][ T8768] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  429.449561][ T8768] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.657302][ T8768] usb 10-1: GET_CAPABILITIES returned 0
[  429.659131][ T8768] usbtmc 10-1:16.0: can't read capabilities
[  429.777592][T18583] wg1 speed is unknown, defaulting to 1000
[  429.964222][T18589] bond0: (slave bond_slave_0): Releasing backup interface
[  429.980880][T18589] bond0: (slave bond_slave_1): Releasing backup interface
[  430.013358][T18589] team0: Port device team_slave_0 removed
[  430.033523][T18589] team0: Port device team_slave_1 removed
[  430.035792][T18589] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  430.038294][T18589] batman_adv: batadv0: Removing interface: batadv_slave_0
[  430.045089][T18589] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  430.047473][T18589] batman_adv: batadv0: Removing interface: batadv_slave_1
[  430.076442][T18589] team0: Port device wlan1 removed
[  430.113110][  T834] usb 10-1: USB disconnect, device number 12
[  430.472527][T18612] overlayfs: missing 'lowerdir'
[  430.769576][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  430.771098][ T5291] Bluetooth: hci4: command 0x1003 tx timeout
[  430.837844][T18623] xt_CONNSECMARK: invalid mode: 0
[  430.973515][T18639] netlink: 'syz.7.2623': attribute type 11 has an invalid length.
[  430.975845][T18639] netlink: 224 bytes leftover after parsing attributes in process `syz.7.2623'.
[  430.995812][T18637] netlink: 'syz.2.2619': attribute type 4 has an invalid length.
[  431.013312][T18637] netlink: 'syz.2.2619': attribute type 4 has an invalid length.
[  431.400156][T18647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2620'.
[  431.406238][T18647] openvswitch: netlink: push_nsh: missing base or metadata attributes
[  431.410216][T18647] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  431.713745][T18657] FAULT_INJECTION: forcing a failure.
[  431.713745][T18657] name failslab, interval 1, probability 0, space 0, times 0
[  431.718513][T18657] CPU: 3 UID: 0 PID: 18657 Comm: syz.5.2626 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  431.718535][T18657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.718544][T18657] Call Trace:
[  431.718551][T18657]  <TASK>
[  431.718557][T18657]  dump_stack_lvl+0x16c/0x1f0
[  431.718583][T18657]  should_fail_ex+0x512/0x640
[  431.718612][T18657]  should_failslab+0xc2/0x120
[  431.718634][T18657]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  431.718656][T18657]  ? skb_clone+0x190/0x3f0
[  431.718681][T18657]  skb_clone+0x190/0x3f0
[  431.718705][T18657]  netlink_deliver_tap+0xabd/0xd30
[  431.718734][T18657]  netlink_unicast+0x5df/0x7f0
[  431.718760][T18657]  ? __pfx_netlink_unicast+0x10/0x10
[  431.718790][T18657]  netlink_sendmsg+0x8d1/0xdd0
[  431.718816][T18657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  431.718841][T18657]  ? __import_iovec+0x1c8/0x660
[  431.718864][T18657]  ____sys_sendmsg+0xa95/0xc70
[  431.718893][T18657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  431.718917][T18657]  ? get_compat_msghdr+0x11a/0x170
[  431.718945][T18657]  ___sys_sendmsg+0x134/0x1d0
[  431.718968][T18657]  ? __pfx____sys_sendmsg+0x10/0x10
[  431.719022][T18657]  __sys_sendmsg+0x16d/0x220
[  431.719045][T18657]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.719078][T18657]  ? rcu_is_watching+0x12/0xc0
[  431.719099][T18657]  __do_fast_syscall_32+0x73/0x120
[  431.719128][T18657]  do_fast_syscall_32+0x32/0x80
[  431.719153][T18657]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.719175][T18657] RIP: 0023:0xf7fa7579
[  431.719197][T18657] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.719214][T18657] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  431.719230][T18657] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  431.719241][T18657] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  431.719251][T18657] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.719261][T18657] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.719272][T18657] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.719313][T18657]  </TASK>
[  431.740376][T18633] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.741250][T18657] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2626'.
[  431.936396][T18663] netlink: 'syz.1.2629': attribute type 4 has an invalid length.
[  431.945504][T18663] netlink: 'syz.1.2629': attribute type 4 has an invalid length.
[  431.951167][T18663] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2629'.
[  432.034217][T18670] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2632'.
[  432.159445][T18676] : entered promiscuous mode
[  432.648902][   T40] audit: type=1326 audit(1747407387.398:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18687 comm="syz.7.2636" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f61579 code=0x0
[  432.945609][T18707] wg1 speed is unknown, defaulting to 1000
[  432.981187][T18703] netlink: 'syz.2.2641': attribute type 4 has an invalid length.
[  432.986548][T18703] netlink: 'syz.2.2641': attribute type 4 has an invalid length.
[  433.056265][T18711] FAULT_INJECTION: forcing a failure.
[  433.056265][T18711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.060699][T18711] CPU: 1 UID: 0 PID: 18711 Comm: syz.2.2644 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  433.060713][T18711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.060720][T18711] Call Trace:
[  433.060724][T18711]  <TASK>
[  433.060728][T18711]  dump_stack_lvl+0x16c/0x1f0
[  433.060749][T18711]  should_fail_ex+0x512/0x640
[  433.060768][T18711]  _copy_to_user+0x32/0xd0
[  433.060779][T18711]  do_pages_stat+0x608/0x800
[  433.060798][T18711]  ? __pfx_do_pages_stat+0x10/0x10
[  433.060824][T18711]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  433.060840][T18711]  ? lockdep_hardirqs_on+0x7c/0x110
[  433.060855][T18711]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  433.060871][T18711]  kernel_move_pages+0xfd5/0x13a0
[  433.060892][T18711]  ? __pfx_kernel_move_pages+0x10/0x10
[  433.060907][T18711]  ? __fget_files+0x20e/0x3c0
[  433.060920][T18711]  ? fput+0x70/0xf0
[  433.060933][T18711]  ? ksys_write+0x1b9/0x240
[  433.060943][T18711]  ? __pfx_ksys_write+0x10/0x10
[  433.060955][T18711]  __ia32_sys_move_pages+0xdd/0x1b0
[  433.060970][T18711]  ? lockdep_hardirqs_on+0x7c/0x110
[  433.060985][T18711]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  433.061002][T18711]  __do_fast_syscall_32+0x73/0x120
[  433.061020][T18711]  do_fast_syscall_32+0x32/0x80
[  433.061036][T18711]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  433.061050][T18711] RIP: 0023:0xf7f74579
[  433.061059][T18711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  433.061069][T18711] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[  433.061079][T18711] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000001efe
[  433.061086][T18711] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000040
[  433.061092][T18711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  433.061098][T18711] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  433.061104][T18711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  433.061117][T18711]  </TASK>
[  433.228661][T18721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2648'.
[  433.245184][T18721] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  433.376631][   T40] audit: type=1326 audit(1747407388.128:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.385546][   T40] audit: type=1326 audit(1747407388.128:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.393839][   T40] audit: type=1326 audit(1747407388.138:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.400764][   T40] audit: type=1326 audit(1747407388.138:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.407084][   T40] audit: type=1326 audit(1747407388.138:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.413797][   T40] audit: type=1326 audit(1747407388.138:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.426879][   T40] audit: type=1326 audit(1747407388.138:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.433834][   T40] audit: type=1326 audit(1747407388.138:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.440618][   T40] audit: type=1326 audit(1747407388.138:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18716 comm="syz.2.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7fc00000
[  433.576561][T18737] netlink: 'syz.7.2652': attribute type 4 has an invalid length.
[  433.583014][T18737] netlink: 'syz.7.2652': attribute type 4 has an invalid length.
[  433.589065][T18737] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2652'.
[  433.640879][T18738] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2651'.
[  433.643862][T18738] netlink: 'syz.5.2651': attribute type 5 has an invalid length.
[  433.646304][T18738] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2651'.
[  434.517619][T18754] netlink: 'syz.1.2650': attribute type 4 has an invalid length.
[  434.526904][T18753] wg1 speed is unknown, defaulting to 1000
[  434.829610][T18769] netlink: 'syz.2.2661': attribute type 4 has an invalid length.
[  434.835351][T18769] netlink: 'syz.2.2661': attribute type 4 has an invalid length.
[  435.704903][T18803] wg1 speed is unknown, defaulting to 1000
[  436.008330][T18785] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  436.012566][T18785] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  436.014986][T18785] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  436.017319][T18785] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  436.019249][T18785] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  436.036906][T18785] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  436.188314][T18814] netlink: 'syz.1.2672': attribute type 4 has an invalid length.
[  436.195758][T18814] netlink: 'syz.1.2672': attribute type 4 has an invalid length.
[  436.201574][T18814] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2672'.
[  436.474548][T18835] kvm: user requested TSC rate below hardware speed
[  436.575355][T18823] team0: Port device team_slave_1 removed
[  436.792645][T18848] syzkaller0: entered promiscuous mode
[  436.794698][T18848] syzkaller0: entered allmulticast mode
[  437.259479][ T5291] Bluetooth: hci3: command 0x0419 tx timeout
[  438.059546][ T5291] Bluetooth: hci0: command 0x0c1a tx timeout
[  438.060149][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout
[  438.062139][ T5291] Bluetooth: hci2: command 0x0c1a tx timeout
[  439.463949][T18919] wg1 speed is unknown, defaulting to 1000
[  439.466454][   T40] kauditd_printk_skb: 3500 callbacks suppressed
[  439.466467][   T40] audit: type=1326 audit(1747407394.218:3890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18923 comm="syz.7.2692" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x0
[  439.505930][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  439.509371][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  439.733938][T18945] syz.5.2697 (18945): /proc/18943/oom_adj is deprecated, please use /proc/18943/oom_score_adj instead.
[  440.085396][T18968] overlayfs: failed to clone lowerpath
[  440.129871][   T67] Bluetooth: hci0: command 0x0c1a tx timeout
[  440.227226][T18969] validate_nla: 2 callbacks suppressed
[  440.227426][T18969] netlink: 'syz.5.2702': attribute type 4 has an invalid length.
[  440.279001][T18969] netlink: 'syz.5.2702': attribute type 4 has an invalid length.
[  440.578549][T18975] FAULT_INJECTION: forcing a failure.
[  440.578549][T18975] name failslab, interval 1, probability 0, space 0, times 0
[  440.582820][T18975] CPU: 2 UID: 0 PID: 18975 Comm: syz.7.2704 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  440.582836][T18975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  440.582843][T18975] Call Trace:
[  440.582847][T18975]  <TASK>
[  440.582851][T18975]  dump_stack_lvl+0x16c/0x1f0
[  440.582872][T18975]  should_fail_ex+0x512/0x640
[  440.582888][T18975]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  440.582903][T18975]  should_failslab+0xc2/0x120
[  440.582917][T18975]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  440.582930][T18975]  ? mas_alloc_nodes+0x18b/0x8b0
[  440.582946][T18975]  mas_alloc_nodes+0x18b/0x8b0
[  440.582964][T18975]  mas_node_count_gfp+0x105/0x130
[  440.582979][T18975]  mas_preallocate+0x53e/0xcd0
[  440.582991][T18975]  ? __memcg_slab_post_alloc_hook+0x4d0/0x940
[  440.583007][T18975]  ? __pfx_mas_preallocate+0x10/0x10
[  440.583023][T18975]  ? anon_vma_name+0x75/0x100
[  440.583040][T18975]  __split_vma+0x33b/0x1030
[  440.583054][T18975]  ? __pfx___split_vma+0x10/0x10
[  440.583065][T18975]  ? __pfx___might_resched+0x10/0x10
[  440.583081][T18975]  ? rcu_is_watching+0x12/0xc0
[  440.583093][T18975]  vms_gather_munmap_vmas+0x1c2/0x1310
[  440.583108][T18975]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  440.583123][T18975]  ? __lock_acquire+0xaa4/0x1ba0
[  440.583139][T18975]  ? __kernel_text_address+0xd/0x40
[  440.583151][T18975]  do_vmi_align_munmap+0x27c/0x7d0
[  440.583164][T18975]  ? __lock_acquire+0x5ca/0x1ba0
[  440.583178][T18975]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  440.583209][T18975]  do_vmi_munmap+0x208/0x3e0
[  440.583224][T18975]  do_munmap+0xbd/0x100
[  440.583240][T18975]  ? __pfx_do_munmap+0x10/0x10
[  440.583265][T18975]  ? __pfx_down_write_killable+0x10/0x10
[  440.583280][T18975]  __do_sys_mremap+0xfb4/0x15d0
[  440.583295][T18975]  ? __pfx___do_sys_mremap+0x10/0x10
[  440.583308][T18975]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  440.583326][T18975]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  440.583345][T18975]  ? __fget_files+0x20e/0x3c0
[  440.583363][T18975]  ? rcu_is_watching+0x12/0xc0
[  440.583375][T18975]  __do_fast_syscall_32+0x73/0x120
[  440.583392][T18975]  do_fast_syscall_32+0x32/0x80
[  440.583409][T18975]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  440.583423][T18975] RIP: 0023:0xf7f61579
[  440.583431][T18975] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  440.583442][T18975] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 00000000000000a3
[  440.583452][T18975] RAX: ffffffffffffffda RBX: 0000000080ffb000 RCX: 0000000000004000
[  440.583459][T18975] RDX: 0000000000002000 RSI: 0000000000000003 RDI: 0000000080c51000
[  440.583465][T18975] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  440.583471][T18975] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  440.583477][T18975] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  440.583491][T18975]  </TASK>
[  440.978509][T18996] wg1 speed is unknown, defaulting to 1000
[  441.499121][T19012] netlink: 'syz.5.2713': attribute type 11 has an invalid length.
[  441.502050][T19012] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2713'.
[  442.209695][   T67] Bluetooth: hci0: command 0x0c1a tx timeout
[  442.431250][T19037] netlink: 'syz.1.2717': attribute type 4 has an invalid length.
[  442.471019][T19037] netlink: 'syz.1.2717': attribute type 4 has an invalid length.
[  442.476237][T19037] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2717'.
[  443.398527][T19093] No source specified
[  443.401736][T19093] 9pnet_virtio: no channels available for device 
[  443.470039][T19099] Invalid logical block size (-1)
[  443.902290][T19118] FAULT_INJECTION: forcing a failure.
[  443.902290][T19118] name failslab, interval 1, probability 0, space 0, times 0
[  443.907631][T19118] CPU: 2 UID: 0 PID: 19118 Comm: syz.7.2737 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  443.907657][T19118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.907668][T19118] Call Trace:
[  443.907676][T19118]  <TASK>
[  443.907684][T19118]  dump_stack_lvl+0x16c/0x1f0
[  443.907715][T19118]  should_fail_ex+0x512/0x640
[  443.907742][T19118]  ? fs_reclaim_acquire+0xae/0x150
[  443.907772][T19118]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  443.907798][T19118]  should_failslab+0xc2/0x120
[  443.907822][T19118]  __kmalloc_noprof+0xd2/0x510
[  443.907844][T19118]  ? trace_kmalloc+0x2b/0xd0
[  443.907866][T19118]  ? __kmalloc_noprof+0x242/0x510
[  443.907890][T19118]  tomoyo_realpath_from_path+0xc2/0x6e0
[  443.907919][T19118]  ? tomoyo_fill_path_info+0x233/0x420
[  443.907942][T19118]  tomoyo_mount_acl+0x1ae/0x850
[  443.907965][T19118]  ? kernel_text_address+0x8d/0x100
[  443.907983][T19118]  ? __kernel_text_address+0xd/0x40
[  443.908000][T19118]  ? unwind_get_return_address+0x59/0xa0
[  443.908028][T19118]  ? arch_stack_walk+0xa6/0x100
[  443.908050][T19118]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  443.908102][T19118]  ? tomoyo_domain+0xbb/0x150
[  443.908120][T19118]  ? tomoyo_profile+0x47/0x60
[  443.908140][T19118]  tomoyo_mount_permission+0x16d/0x420
[  443.908163][T19118]  ? tomoyo_mount_permission+0x14f/0x420
[  443.908188][T19118]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  443.908228][T19118]  security_sb_mount+0x9b/0x260
[  443.908253][T19118]  path_mount+0x128/0x1f20
[  443.908273][T19118]  ? kmem_cache_free+0x2d4/0x4d0
[  443.908293][T19118]  ? __pfx_path_mount+0x10/0x10
[  443.908317][T19118]  ? putname+0x154/0x1a0
[  443.908342][T19118]  __ia32_sys_mount+0x28b/0x310
[  443.908363][T19118]  ? __pfx___ia32_sys_mount+0x10/0x10
[  443.908385][T19118]  ? rcu_is_watching+0x12/0xc0
[  443.908407][T19118]  __do_fast_syscall_32+0x73/0x120
[  443.908436][T19118]  do_fast_syscall_32+0x32/0x80
[  443.908463][T19118]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  443.908485][T19118] RIP: 0023:0xf7f61579
[  443.908500][T19118] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  443.908518][T19118] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  443.908536][T19118] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 00000000800002c0
[  443.908548][T19118] RDX: 0000000080000300 RSI: 0000000000000040 RDI: 0000000080000980
[  443.908559][T19118] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  443.908568][T19118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  443.908579][T19118] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  443.908603][T19118]  </TASK>
[  443.908611][T19118] ERROR: Out of memory at tomoyo_realpath_from_path.
[  444.743129][T19144] input: syz0 as /devices/virtual/input/input31
[  444.756351][T19144] netlink: 'syz.5.2742': attribute type 10 has an invalid length.
[  444.814778][T19144] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1886284079 (3772568158 ns) > initial count (1591403742 ns). Using initial count to start timer.
[  444.945447][T19149] wg1 speed is unknown, defaulting to 1000
[  445.177526][T19167] overlayfs: failed to resolve './file0': -2
[  445.186166][T19167] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2750'.
[  445.209676][ T8515] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  445.351160][T19173] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2752'.
[  445.452936][ T8515] usb 7-1: config 0 has no interfaces?
[  445.455082][ T8515] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  445.457921][ T8515] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.625117][ T8515] usb 7-1: config 0 descriptor??
[  445.846290][T19151] Bluetooth: MGMT ver 1.23
[  445.854185][ T8515] usb 7-1: string descriptor 0 read error: -71
[  445.860118][ T8515] usb 7-1: USB disconnect, device number 15
[  446.956819][T19204] program syz.2.2760 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  447.014682][ T1105] ata1.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[  447.017261][ T1105] ata1.00: irq_stat 0x40000000
[  447.018852][ T1105] ata1.00: failed command: ZAC MANAGEMENT OUT
[  447.020957][ T1105] ata1.00: cmd 9f/02:00:00:00:00/00:00:00:00:00/40 tag 6
[  447.020957][ T1105]          res 41/04:00:00:00:00/00:00:00:00:00/40 Emask 0x1 (device error)
[  447.026613][ T1105] ata1.00: status: { DRDY ERR }
[  447.028674][ T1105] ata1.00: error: { ABRT }
[  447.030475][ T1105] ata1.00: device reported invalid CHS sector 0
[  447.120035][T19204] FAULT_INJECTION: forcing a failure.
[  447.120035][T19204] name failslab, interval 1, probability 0, space 0, times 0
[  447.125760][T19204] CPU: 0 UID: 0 PID: 19204 Comm: syz.2.2760 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  447.125785][T19204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  447.125796][T19204] Call Trace:
[  447.125803][T19204]  <TASK>
[  447.125810][T19204]  dump_stack_lvl+0x16c/0x1f0
[  447.125842][T19204]  should_fail_ex+0x512/0x640
[  447.125872][T19204]  ? fs_reclaim_acquire+0xae/0x150
[  447.125902][T19204]  ? tomoyo_encode2+0x100/0x3e0
[  447.125926][T19204]  should_failslab+0xc2/0x120
[  447.125948][T19204]  __kmalloc_noprof+0xd2/0x510
[  447.125975][T19204]  tomoyo_encode2+0x100/0x3e0
[  447.126010][T19204]  tomoyo_encode+0x29/0x50
[  447.126033][T19204]  tomoyo_realpath_from_path+0x18f/0x6e0
[  447.126060][T19204]  ? tomoyo_profile+0x47/0x60
[  447.126079][T19204]  tomoyo_path_number_perm+0x245/0x580
[  447.126100][T19204]  ? tomoyo_path_number_perm+0x237/0x580
[  447.126125][T19204]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  447.126173][T19204]  ? find_held_lock+0x2b/0x80
[  447.126192][T19204]  ? hook_file_ioctl_common+0x145/0x410
[  447.126216][T19204]  ? __fget_files+0x204/0x3c0
[  447.126239][T19204]  ? __fget_files+0x20e/0x3c0
[  447.126254][T19204]  ? fput+0x50/0xf0
[  447.126280][T19204]  security_file_ioctl_compat+0x9b/0x240
[  447.126306][T19204]  __ia32_compat_sys_ioctl+0xc3/0x360
[  447.126336][T19204]  __do_fast_syscall_32+0x73/0x120
[  447.126362][T19204]  do_fast_syscall_32+0x32/0x80
[  447.126390][T19204]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  447.126412][T19204] RIP: 0023:0xf7f74579
[  447.126427][T19204] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  447.126446][T19204] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  447.126462][T19204] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004008ae90
[  447.126474][T19204] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000
[  447.126484][T19204] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  447.126494][T19204] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  447.126504][T19204] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  447.126527][T19204]  </TASK>
[  447.126545][T19204] ERROR: Out of memory at tomoyo_realpath_from_path.
[  447.331910][ T1105] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  447.334144][ T1105] ata1: failed to read log page 10h (errno=-5)
[  447.336161][ T1105] ata1.00: exception Emask 0x1 SAct 0x4 SErr 0x0 action 0x0
[  447.338457][ T1105] ata1.00: irq_stat 0x40000000
[  447.344244][ T1105] ata1.00: failed command: WRITE FPDMA QUEUED
[  447.346293][ T1105] ata1.00: cmd 61/c0:10:76:60:0a/00:00:00:00:00/40 tag 2 ncq dma 98304 out
[  447.346293][ T1105]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  447.353454][ T1105] ata1.00: status: { DRDY }
[  447.355358][ T1105] ata1.00: error: { ABRT }
[  447.363323][ T1105] ata1.00: configured for UDMA/100
[  447.365229][ T1105] ata1: EH complete
[  447.598768][T19232] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  447.689506][ T9313] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  447.744476][T19241] wg1 speed is unknown, defaulting to 1000
[  447.768537][T19242] netlink: 'syz.7.2768': attribute type 4 has an invalid length.
[  447.776946][T19242] netlink: 'syz.7.2768': attribute type 4 has an invalid length.
[  447.785135][T19242] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2768'.
[  447.840994][ T9313] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  447.844730][ T9313] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  447.848025][ T9313] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  447.851287][ T9313] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.856046][T19228] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  447.861442][ T9313] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  447.962187][T19244] fuse: Invalid rootmode
[  448.133060][ T9313] usb 10-1: USB disconnect, device number 13
[  448.162160][T19254] fuse: Unknown parameter 'rootmodšH’²¾±q*nñæe'
[  448.952245][T19270] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2780'.
[  449.296734][T19289] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2787'.
[  449.315742][T19294] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.374211][T19294] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  449.431314][T19294] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  450.422565][T19326] FAULT_INJECTION: forcing a failure.
[  450.422565][T19326] name failslab, interval 1, probability 0, space 0, times 0
[  450.427132][T19326] CPU: 0 UID: 0 PID: 19326 Comm: syz.2.2798 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  450.427158][T19326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.427170][T19326] Call Trace:
[  450.427178][T19326]  <TASK>
[  450.427186][T19326]  dump_stack_lvl+0x16c/0x1f0
[  450.427217][T19326]  should_fail_ex+0x512/0x640
[  450.427267][T19326]  should_failslab+0xc2/0x120
[  450.427291][T19326]  __kmalloc_cache_noprof+0x6a/0x3e0
[  450.427310][T19326]  ? sctp_add_bind_addr+0xae/0x3f0
[  450.427336][T19326]  sctp_add_bind_addr+0xae/0x3f0
[  450.427363][T19326]  sctp_copy_local_addr_list+0x39d/0x5a0
[  450.427396][T19326]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  450.427429][T19326]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  450.427453][T19326]  ? sctp_bind_addr_copy+0x331/0x530
[  450.427476][T19326]  sctp_bind_addr_copy+0x331/0x530
[  450.427503][T19326]  sctp_connect_new_asoc+0x1d7/0x790
[  450.427527][T19326]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  450.427554][T19326]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  450.427575][T19326]  sctp_sendmsg+0x15f9/0x1ee0
[  450.427603][T19326]  ? __pfx_sctp_sendmsg+0x10/0x10
[  450.427637][T19326]  ? __might_fault+0xe3/0x190
[  450.427660][T19326]  ? __pfx_aa_sk_perm+0x10/0x10
[  450.427686][T19326]  ? __pfx_sctp_sendmsg+0x10/0x10
[  450.427707][T19326]  inet_sendmsg+0x11c/0x140
[  450.427735][T19326]  __sys_sendto+0x431/0x510
[  450.427758][T19326]  ? __pfx___sys_sendto+0x10/0x10
[  450.427799][T19326]  ? ksys_write+0x1b9/0x240
[  450.427817][T19326]  ? __pfx_ksys_write+0x10/0x10
[  450.427838][T19326]  __ia32_sys_sendto+0xdd/0x1b0
[  450.427858][T19326]  ? lockdep_hardirqs_on+0x7c/0x110
[  450.427882][T19326]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  450.427909][T19326]  __do_fast_syscall_32+0x73/0x120
[  450.427937][T19326]  do_fast_syscall_32+0x32/0x80
[  450.427961][T19326]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.427984][T19326] RIP: 0023:0xf7f74579
[  450.427997][T19326] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.428014][T19326] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  450.428033][T19326] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  450.428044][T19326] RDX: 0000000000000001 RSI: 0000000020004891 RDI: 0000000080000040
[  450.428054][T19326] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000
[  450.428063][T19326] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  450.428074][T19326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.428098][T19326]  </TASK>
[  450.585642][T19332] wg1 speed is unknown, defaulting to 1000
[  450.646049][   T40] audit: type=1326 audit(1747407405.398:3891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19327 comm="syz.1.2799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7fc00000
[  450.743807][T19345] 9pnet: Unknown protocol version 9p20\++}
[  450.771032][   T40] audit: type=1326 audit(1747407405.528:3892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.790031][   T40] audit: type=1326 audit(1747407405.548:3893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.798254][   T40] audit: type=1326 audit(1747407405.548:3894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.809499][   T40] audit: type=1326 audit(1747407405.548:3895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.816478][   T40] audit: type=1326 audit(1747407405.548:3896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.823862][   T40] audit: type=1326 audit(1747407405.548:3897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.830547][   T40] audit: type=1326 audit(1747407405.548:3898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.837633][   T40] audit: type=1326 audit(1747407405.548:3899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.845034][   T40] audit: type=1326 audit(1747407405.548:3900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19347 comm="syz.7.2807" exe="/syz-executor" sig=0 arch=40000003 syscall=177 compat=1 ip=0xf7f61579 code=0x7ffc0000
[  450.908124][T19354] lo speed is unknown, defaulting to 1000
[  450.911006][T19354] lo speed is unknown, defaulting to 1000
[  450.913066][T19354] lo speed is unknown, defaulting to 1000
[  450.989633][T19354] infiniband s
z1: set active
[  450.992147][ T8768] lo speed is unknown, defaulting to 1000
[  450.994138][T19354] infiniband s
z1: added lo
[  451.018677][T19354] RDS/IB: s
z1: added
[  451.019989][T19354] smc: adding ib device s
z1 with port count 1
[  451.021810][T19354] smc:    ib device s
z1 port 1 has pnetid 
[  451.059046][ T8515] lo speed is unknown, defaulting to 1000
[  451.062676][T19354] lo speed is unknown, defaulting to 1000
[  451.100122][T19370] Invalid ELF header magic: != ELF
[  451.181469][T19354] lo speed is unknown, defaulting to 1000
[  451.250001][ T8768] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  451.331416][T19354] lo speed is unknown, defaulting to 1000
[  451.410768][ T8768] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  451.414554][ T8768] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  451.417680][ T8768] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  451.420868][ T8768] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.422019][T19354] lo speed is unknown, defaulting to 1000
[  451.426834][T19360] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  451.436772][ T8768] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  451.567556][T19354] lo speed is unknown, defaulting to 1000
[  451.634201][ T8768] usb 10-1: USB disconnect, device number 14
[  451.674084][T19354] lo speed is unknown, defaulting to 1000
[  451.811105][T19354] lo speed is unknown, defaulting to 1000
[  451.933316][T19380] wg1 speed is unknown, defaulting to 1000
[  451.942035][T19382] wg1 speed is unknown, defaulting to 1000
[  452.391487][T19398] netlink: 'syz.7.2819': attribute type 4 has an invalid length.
[  452.405977][T19398] netlink: 'syz.7.2819': attribute type 4 has an invalid length.
[  452.417599][T19398] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2819'.
[  453.583928][T19434] syz_tun: entered allmulticast mode
[  453.587414][T19433] syz_tun: left allmulticast mode
[  453.631056][T19430] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2828'.
[  453.806178][T19443] syz_tun: entered allmulticast mode
[  453.809844][T19442] syz_tun: left allmulticast mode
[  453.828249][T19448] input: syz0 as /devices/virtual/input/input33
[  453.831174][T19448] input: failed to attach handler leds to device input33, error: -6
[  454.518205][T19485] netlink: 'syz.2.2840': attribute type 10 has an invalid length.
[  454.541458][T19485] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  454.753111][T19489] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2845'.
[  454.927913][T19494] ieee802154 phy0 wpan0: encryption failed: -22
[  455.038542][T19494] netlink: 'syz.7.2846': attribute type 23 has an invalid length.
[  455.501650][T19515] wg1 speed is unknown, defaulting to 1000
[  455.670404][T19515] lo speed is unknown, defaulting to 1000
[  456.813070][T19536] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2858'.
[  457.311812][T19544] overlay: Unknown parameter 'fsuuid'
[  457.345699][T19545] netlink: 'syz.2.2854': attribute type 4 has an invalid length.
[  457.357617][T19545] netlink: 'syz.2.2854': attribute type 4 has an invalid length.
[  458.165517][T19556] kvm: user requested TSC rate below hardware speed
[  459.569230][T19583] netlink: 'syz.1.2869': attribute type 4 has an invalid length.
[  459.586983][T19583] netlink: 'syz.1.2869': attribute type 4 has an invalid length.
[  459.600760][T19583] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2869'.
[  459.949444][T19595] netfs: Couldn't get user pages (rc=-14)
[  461.283915][T19607] FAULT_INJECTION: forcing a failure.
[  461.283915][T19607] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.287963][T19607] CPU: 2 UID: 0 PID: 19607 Comm: syz.2.2876 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  461.287978][T19607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  461.287985][T19607] Call Trace:
[  461.287989][T19607]  <TASK>
[  461.287994][T19607]  dump_stack_lvl+0x16c/0x1f0
[  461.288014][T19607]  should_fail_ex+0x512/0x640
[  461.288032][T19607]  _copy_to_user+0x32/0xd0
[  461.288044][T19607]  simple_read_from_buffer+0xcb/0x170
[  461.288062][T19607]  proc_fail_nth_read+0x197/0x270
[  461.288078][T19607]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.288094][T19607]  ? rw_verify_area+0xcf/0x680
[  461.288110][T19607]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.288125][T19607]  vfs_read+0x1de/0xc70
[  461.288138][T19607]  ? __pfx___mutex_lock+0x10/0x10
[  461.288154][T19607]  ? __pfx_vfs_read+0x10/0x10
[  461.288168][T19607]  ? __fget_files+0x20e/0x3c0
[  461.288181][T19607]  ksys_read+0x12a/0x240
[  461.288192][T19607]  ? __pfx_ksys_read+0x10/0x10
[  461.288204][T19607]  ? rcu_is_watching+0x12/0xc0
[  461.288216][T19607]  __do_fast_syscall_32+0x73/0x120
[  461.288234][T19607]  do_fast_syscall_32+0x32/0x80
[  461.288251][T19607]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.288265][T19607] RIP: 0023:0xf7f74579
[  461.288274][T19607] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  461.288284][T19607] RSP: 002b:00000000f5096590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  461.288294][T19607] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5096620
[  461.288301][T19607] RDX: 000000000000000f RSI: 00000000f7402ff4 RDI: 0000000000000000
[  461.288307][T19607] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  461.288313][T19607] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  461.288319][T19607] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.288332][T19607]  </TASK>
[  461.435359][T19615] wg1 speed is unknown, defaulting to 1000
[  461.536919][T19615] lo speed is unknown, defaulting to 1000
[  461.653513][T19621] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2878'.
[  461.660352][T19621] netlink: 'syz.7.2878': attribute type 8 has an invalid length.
[  461.900657][T19631] binder: 19628:19631 ioctl c018620c 80000000 returned -1
[  462.023979][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  462.023996][   T40] audit: type=1326 audit(1747407416.778:3913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19634 comm="syz.2.2886" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f74579 code=0x0
[  462.313533][T19641] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2887'.
[  462.941229][T19664] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  463.820187][T19676] netlink: 'syz.7.2897': attribute type 4 has an invalid length.
[  463.850161][T19676] netlink: 'syz.7.2897': attribute type 4 has an invalid length.
[  463.866278][   T40] audit: type=1804 audit(1747407418.618:3914): pid=19680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2901" name="file0" dev="tmpfs" ino=3016 res=1 errno=0
[  463.889754][T19676] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2897'.
[  464.022192][T19688] 
[  464.023020][T19688] =====================================================
[  464.025216][T19688] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  464.027797][T19688] 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 Not tainted
[  464.030562][T19688] -----------------------------------------------------
[  464.033640][T19688] syz.5.2903/19688 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  464.036128][T19688] ffffffff8e00c098 (tasklist_lock){.+.+}-{3:3}, at: send_sigurg+0xed/0xc80
[  464.038897][T19688] 
[  464.038897][T19688] and this task is already holding:
[  464.041156][T19688] ffff888021a35b20 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80
[  464.043877][T19688] which would create a new lock dependency:
[  464.045799][T19688]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[  464.048249][T19688] 
[  464.048249][T19688] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  464.051153][T19688]  (&dev->event_lock#2){..-.}-{3:3}
[  464.051173][T19688] 
[  464.051173][T19688] ... which became SOFTIRQ-irq-safe at:
[  464.055293][T19688]   lock_acquire+0x179/0x350
[  464.057158][T19688]   _raw_spin_lock_irqsave+0x3a/0x60
[  464.059205][T19688]   input_inject_event+0x9f/0x390
[  464.061204][T19688]   led_set_brightness+0x217/0x290
[  464.063362][T19688]   led_trigger_event+0xda/0x270
[  464.065436][T19688]   kbd_bh+0x21b/0x300
[  464.067188][T19688]   tasklet_action_common+0x281/0x400
[  464.069424][T19688]   handle_softirqs+0x219/0x8e0
[  464.071496][T19688]   run_ksoftirqd+0x3a/0x60
[  464.073409][T19688]   smpboot_thread_fn+0x3f7/0xae0
[  464.075522][T19688]   kthread+0x3c5/0x780
[  464.077269][T19688]   ret_from_fork+0x48/0x80
[  464.079154][T19688]   ret_from_fork_asm+0x1a/0x30
[  464.081164][T19688] 
[  464.081164][T19688] to a SOFTIRQ-irq-unsafe lock:
[  464.084061][T19688]  (tasklist_lock){.+.+}-{3:3}
[  464.084087][T19688] 
[  464.084087][T19688] ... which became SOFTIRQ-irq-unsafe at:
[  464.088750][T19688] ...
[  464.088756][T19688]   lock_acquire+0x179/0x350
[  464.091807][T19688]   _raw_read_lock+0x5f/0x70
[  464.093832][T19688]   __do_wait+0x105/0x890
[  464.095687][T19688]   do_wait+0x21e/0x5a0
[  464.097479][T19688]   kernel_wait+0x9f/0x160
[  464.099377][T19688]   call_usermodehelper_exec_work+0xf1/0x170
[  464.101972][T19688]   process_one_work+0x9cc/0x1b70
[  464.104138][T19688]   worker_thread+0x6c8/0xf10
[  464.106147][T19688]   kthread+0x3c5/0x780
[  464.107926][T19688]   ret_from_fork+0x48/0x80
[  464.109866][T19688]   ret_from_fork_asm+0x1a/0x30
[  464.111988][T19688] 
[  464.111988][T19688] other info that might help us debug this:
[  464.111988][T19688] 
[  464.116270][T19688] Chain exists of:
[  464.116270][T19688]   &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock
[  464.116270][T19688] 
[  464.121658][T19688]  Possible interrupt unsafe locking scenario:
[  464.121658][T19688] 
[  464.125045][T19688]        CPU0                    CPU1
[  464.127360][T19688]        ----                    ----
[  464.129683][T19688]   lock(tasklist_lock);
[  464.131473][T19688]                                local_irq_disable();
[  464.134236][T19688]                                lock(&dev->event_lock#2);
[  464.137270][T19688]                                lock(&f_owner->lock);
[  464.140204][T19688]   <Interrupt>
[  464.141762][T19688]     lock(&dev->event_lock#2);
[  464.143888][T19688] 
[  464.143888][T19688]  *** DEADLOCK ***
[  464.143888][T19688] 
[  464.147355][T19688] 2 locks held by syz.5.2903/19688:
[  464.149603][T19688]  #0: ffff88804c739f80 (&u->lock){+.+.}-{3:3}, at: unix_stream_sendmsg+0xc74/0x1160
[  464.153672][T19688]  #1: ffff888021a35b20 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80
[  464.157470][T19688] 
[  464.157470][T19688] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  464.161505][T19688]    -> (&dev->event_lock#2){..-.}-{3:3} {
[  464.163903][T19688]       IN-SOFTIRQ-W at:
[  464.165713][T19688]                           lock_acquire+0x179/0x350
[  464.168580][T19688]                           _raw_spin_lock_irqsave+0x3a/0x60
[  464.171797][T19688]                           input_inject_event+0x9f/0x390
[  464.174695][T19688]                           led_set_brightness+0x217/0x290
[  464.177514][T19688]                           led_trigger_event+0xda/0x270
[  464.180274][T19688]                           kbd_bh+0x21b/0x300
[  464.182792][T19688]                           tasklet_action_common+0x281/0x400
[  464.185789][T19688]                           handle_softirqs+0x219/0x8e0
[  464.188649][T19688]                           run_ksoftirqd+0x3a/0x60
[  464.191297][T19688]                           smpboot_thread_fn+0x3f7/0xae0
[  464.194084][T19688]                           kthread+0x3c5/0x780
[  464.196116][T19688]                           ret_from_fork+0x48/0x80
[  464.198217][T19688]                           ret_from_fork_asm+0x1a/0x30
[  464.200500][T19688]       INITIAL USE at:
[  464.201865][T19688]                          lock_acquire+0x179/0x350
[  464.203856][T19688]                          _raw_spin_lock_irqsave+0x3a/0x60
[  464.206060][T19688]                          input_inject_event+0x9f/0x390
[  464.208190][T19688]                          led_set_brightness+0x217/0x290
[  464.210730][T19688]                          kbd_led_trigger_activate+0xcb/0x110
[  464.213641][T19688]                          led_trigger_set+0x59a/0xc50
[  464.216302][T19688]                          led_trigger_set_default+0x1bd/0x2a0
[  464.219334][T19688]                          led_classdev_register_ext+0x7b8/0xa10
[  464.221694][T19688]                          input_leds_connect+0x552/0x8e0
[  464.223896][T19688]                          input_attach_handler.isra.0+0x184/0x260
[  464.226414][T19688]                          input_register_device+0xa84/0x1130
[  464.228780][T19688]                          atkbd_connect+0x5da/0xa20
[  464.231042][T19688]                          serio_driver_probe+0x77/0xb0
[  464.233240][T19688]                          really_probe+0x241/0xa90
[  464.235348][T19688]                          __driver_probe_device+0x1de/0x440
[  464.237706][T19688]                          driver_probe_device+0x4c/0x1b0
[  464.240048][T19688]                          __driver_attach+0x283/0x580
[  464.242868][T19688]                          bus_for_each_dev+0x13e/0x1d0
[  464.245388][T19688]                          serio_handle_event+0x247/0xa50
[  464.247655][T19688]                          process_one_work+0x9cc/0x1b70
[  464.249885][T19688]                          worker_thread+0x6c8/0xf10
[  464.252061][T19688]                          kthread+0x3c5/0x780
[  464.254026][T19688]                          ret_from_fork+0x48/0x80
[  464.256101][T19688]                          ret_from_fork_asm+0x1a/0x30
[  464.258260][T19688]     }
[  464.259161][T19688]     ... key      at: [<ffffffff9ae307e0>] __key.7+0x0/0x40
[  464.261532][T19688]   -> (&client->buffer_lock){....}-{3:3} {
[  464.263428][T19688]      INITIAL USE at:
[  464.264741][T19688]                        lock_acquire+0x179/0x350
[  464.266665][T19688]                        _raw_spin_lock+0x2e/0x40
[  464.268678][T19688]                        evdev_pass_values+0x10e/0x9b0
[  464.270816][T19688]                        evdev_events+0x1bb/0x390
[  464.273187][T19688]                        input_pass_values+0x6c7/0x890
[  464.275831][T19688]                        input_handle_event+0xf00/0x14d0
[  464.278320][T19688]                        input_inject_event+0x1cd/0x390
[  464.280488][T19688]                        evdev_write+0x2e1/0x440
[  464.282508][T19688]                        vfs_write+0x25c/0x1180
[  464.284476][T19688]                        ksys_write+0x205/0x240
[  464.286453][T19688]                        __do_fast_syscall_32+0x73/0x120
[  464.288680][T19688]                        do_fast_syscall_32+0x32/0x80
[  464.291420][T19688]                        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.294172][T19688]    }
[  464.295069][T19688]    ... key      at: [<ffffffff9ae30c60>] __key.1+0x0/0x40
[  464.297400][T19688]    ... acquired at:
[  464.298686][T19688]    _raw_spin_lock+0x2e/0x40
[  464.300226][T19688]    evdev_pass_values+0x10e/0x9b0
[  464.301892][T19688]    evdev_events+0x1bb/0x390
[  464.303389][T19688]    input_pass_values+0x6c7/0x890
[  464.305034][T19688]    input_handle_event+0xf00/0x14d0
[  464.306735][T19688]    input_inject_event+0x1cd/0x390
[  464.308382][T19688]    evdev_write+0x2e1/0x440
[  464.310096][T19688]    vfs_write+0x25c/0x1180
[  464.311957][T19688]    ksys_write+0x205/0x240
[  464.313403][T19688]    __do_fast_syscall_32+0x73/0x120
[  464.315104][T19688]    do_fast_syscall_32+0x32/0x80
[  464.316696][T19688]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.318724][T19688] 
[  464.319560][T19688]  -> (&new->fa_lock){....}-{3:3} {
[  464.321208][T19688]     INITIAL USE at:
[  464.322514][T19688]                      lock_acquire+0x179/0x350
[  464.324479][T19688]                      _raw_write_lock_irq+0x36/0x50
[  464.326525][T19688]                      fasync_remove_entry+0xb2/0x1e0
[  464.328657][T19688]                      fasync_helper+0xaf/0xd0
[  464.330761][T19688]                      sock_fasync+0x92/0x140
[  464.332746][T19688]                      __fput+0x96b/0xb70
[  464.334552][T19688]                      task_work_run+0x14d/0x240
[  464.336540][T19688]                      syscall_exit_to_user_mode+0x27b/0x2a0
[  464.338866][T19688]                      __do_fast_syscall_32+0x80/0x120
[  464.341059][T19688]                      do_fast_syscall_32+0x32/0x80
[  464.343182][T19688]                      entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.345712][T19688]     INITIAL READ USE at:
[  464.347141][T19688]                           lock_acquire+0x179/0x350
[  464.349277][T19688]                           _raw_read_lock_irqsave+0x74/0x90
[  464.352201][T19688]                           kill_fasync+0x138/0x510
[  464.354886][T19688]                           sock_wake_async+0x132/0x160
[  464.357561][T19688]                           unix_shutdown+0x4be/0xa50
[  464.359966][T19688]                           __sys_shutdown+0x113/0x1a0
[  464.362143][T19688]                           __ia32_sys_shutdown+0x53/0x80
[  464.364348][T19688]                           __do_fast_syscall_32+0x73/0x120
[  464.366656][T19688]                           do_fast_syscall_32+0x32/0x80
[  464.368842][T19688]                           entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.371705][T19688]   }
[  464.372551][T19688]   ... key      at: [<ffffffff9ab5f000>] __key.0+0x0/0x40
[  464.374819][T19688]   ... acquired at:
[  464.376078][T19688]    _raw_read_lock_irqsave+0x74/0x90
[  464.377773][T19688]    kill_fasync+0x138/0x510
[  464.379282][T19688]    evdev_pass_values+0x619/0x9b0
[  464.380898][T19688]    evdev_events+0x1bb/0x390
[  464.382424][T19688]    input_pass_values+0x6c7/0x890
[  464.384037][T19688]    input_handle_event+0xf00/0x14d0
[  464.385702][T19688]    input_inject_event+0x1cd/0x390
[  464.387352][T19688]    evdev_write+0x2e1/0x440
[  464.388823][T19688]    vfs_write+0x25c/0x1180
[  464.390326][T19688]    ksys_write+0x205/0x240
[  464.391812][T19688]    __do_fast_syscall_32+0x73/0x120
[  464.393555][T19688]    do_fast_syscall_32+0x32/0x80
[  464.395241][T19688]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.397272][T19688] 
[  464.398094][T19688] -> (&f_owner->lock){....}-{3:3} {
[  464.399806][T19688]    INITIAL USE at:
[  464.401041][T19688]                    lock_acquire+0x179/0x350
[  464.402973][T19688]                    _raw_write_lock_irq+0x36/0x50
[  464.404987][T19688]                    __f_setown+0x61/0x3c0
[  464.406839][T19688]                    do_fcntl+0x1096/0x1590
[  464.408686][T19688]                    do_compat_fcntl64+0x370/0x700
[  464.410731][T19688]                    __do_fast_syscall_32+0x73/0x120
[  464.412903][T19688]                    do_fast_syscall_32+0x32/0x80
[  464.414928][T19688]                    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.417385][T19688]    INITIAL READ USE at:
[  464.418763][T19688]                         lock_acquire+0x179/0x350
[  464.421309][T19688]                         _raw_read_lock_irq+0x67/0x80
[  464.423710][T19688]                         do_fcntl+0x4e2/0x1590
[  464.425690][T19688]                         do_compat_fcntl64+0x370/0x700
[  464.427894][T19688]                         __do_fast_syscall_32+0x73/0x120
[  464.430331][T19688]                         do_fast_syscall_32+0x32/0x80
[  464.432851][T19688]                         entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.435904][T19688]  }
[  464.436910][T19688]  ... key      at: [<ffffffff9ab5f040>] __key.1+0x0/0x40
[  464.439581][T19688]  ... acquired at:
[  464.441216][T19688]    _raw_read_lock_irqsave+0x74/0x90
[  464.443534][T19688]    send_sigio+0x31/0x3e0
[  464.445345][T19688]    kill_fasync+0x214/0x510
[  464.446852][T19688]    lease_break_callback+0x23/0x30
[  464.448478][T19688]    __break_lease+0x674/0x1810
[  464.450211][T19688]    do_dentry_open+0x6e1/0x1c10
[  464.452073][T19688]    vfs_open+0x82/0x3f0
[  464.453678][T19688]    path_openat+0x1e5e/0x2d40
[  464.455633][T19688]    do_filp_open+0x20b/0x470
[  464.457706][T19688]    do_sys_openat2+0x11b/0x1d0
[  464.459804][T19688]    __ia32_compat_sys_openat+0x16d/0x210
[  464.462185][T19688]    __do_fast_syscall_32+0x73/0x120
[  464.464412][T19688]    do_fast_syscall_32+0x32/0x80
[  464.466572][T19688]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.469315][T19688] 
[  464.470370][T19688] 
[  464.470370][T19688] the dependencies between the lock to be acquired
[  464.470380][T19688]  and SOFTIRQ-irq-unsafe lock:
[  464.476030][T19688] -> (tasklist_lock){.+.+}-{3:3} {
[  464.478030][T19688]    HARDIRQ-ON-R at:
[  464.479402][T19688]                     lock_acquire+0x179/0x350
[  464.481501][T19688]                     _raw_read_lock+0x5f/0x70
[  464.483467][T19688]                     __do_wait+0x105/0x890
[  464.485343][T19688]                     do_wait+0x21e/0x5a0
[  464.487171][T19688]                     kernel_wait+0x9f/0x160
[  464.489012][T19688]                     call_usermodehelper_exec_work+0xf1/0x170
[  464.491553][T19688]                     process_one_work+0x9cc/0x1b70
[  464.493622][T19688]                     worker_thread+0x6c8/0xf10
[  464.495589][T19688]                     kthread+0x3c5/0x780
[  464.497607][T19688]                     ret_from_fork+0x48/0x80
[  464.499758][T19688]                     ret_from_fork_asm+0x1a/0x30
[  464.502036][T19688]    SOFTIRQ-ON-R at:
[  464.503585][T19688]                     lock_acquire+0x179/0x350
[  464.506112][T19688]                     _raw_read_lock+0x5f/0x70
[  464.508644][T19688]                     __do_wait+0x105/0x890
[  464.511087][T19688]                     do_wait+0x21e/0x5a0
[  464.513372][T19688]                     kernel_wait+0x9f/0x160
[  464.515860][T19688]                     call_usermodehelper_exec_work+0xf1/0x170
[  464.518900][T19688]                     process_one_work+0x9cc/0x1b70
[  464.521576][T19688]                     worker_thread+0x6c8/0xf10
[  464.524236][T19688]                     kthread+0x3c5/0x780
[  464.526571][T19688]                     ret_from_fork+0x48/0x80
[  464.528873][T19688]                     ret_from_fork_asm+0x1a/0x30
[  464.530916][T19688]    INITIAL USE at:
[  464.532148][T19688]                    lock_acquire+0x179/0x350
[  464.534056][T19688]                    _raw_write_lock_irq+0x36/0x50
[  464.536050][T19688]                    copy_process+0x3f09/0x91a0
[  464.538020][T19688]                    kernel_clone+0xfc/0x960
[  464.539946][T19688]                    user_mode_thread+0xc7/0x110
[  464.541991][T19688]                    rest_init+0x23/0x2b0
[  464.543786][T19688]                    start_kernel+0x3e9/0x4d0
[  464.545793][T19688]                    x86_64_start_reservations+0x18/0x30
[  464.548027][T19688]                    x86_64_start_kernel+0xb0/0xc0
[  464.550309][T19688]                    common_startup_64+0x13e/0x148
[  464.553014][T19688]    INITIAL READ USE at:
[  464.554774][T19688]                         lock_acquire+0x179/0x350
[  464.557275][T19688]                         _raw_read_lock+0x5f/0x70
[  464.559708][T19688]                         __do_wait+0x105/0x890
[  464.562257][T19688]                         do_wait+0x21e/0x5a0
[  464.564756][T19688]                         kernel_wait+0x9f/0x160
[  464.567341][T19688]                         call_usermodehelper_exec_work+0xf1/0x170
[  464.570404][T19688]                         process_one_work+0x9cc/0x1b70
[  464.573029][T19688]                         worker_thread+0x6c8/0xf10
[  464.575464][T19688]                         kthread+0x3c5/0x780
[  464.577776][T19688]                         ret_from_fork+0x48/0x80
[  464.580028][T19688]                         ret_from_fork_asm+0x1a/0x30
[  464.582410][T19688]  }
[  464.583383][T19688]  ... key      at: [<ffffffff8e00c098>] tasklist_lock+0x18/0x40
[  464.586235][T19688]  ... acquired at:
[  464.587684][T19688]    lock_acquire+0x179/0x350
[  464.589265][T19688]    _raw_read_lock+0x5f/0x70
[  464.590741][T19688]    send_sigurg+0xed/0xc80
[  464.592247][T19688]    sk_send_sigurg+0x76/0x360
[  464.593779][T19688]    unix_stream_sendmsg+0xe77/0x1160
[  464.595479][T19688]    ____sys_sendmsg+0xa95/0xc70
[  464.597049][T19688]    ___sys_sendmsg+0x134/0x1d0
[  464.598598][T19688]    __sys_sendmmsg+0x2f9/0x420
[  464.600482][T19688]    __ia32_compat_sys_sendmmsg+0x9d/0x100
[  464.602364][T19688]    __do_fast_syscall_32+0x73/0x120
[  464.604005][T19688]    do_fast_syscall_32+0x32/0x80
[  464.605595][T19688]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.607644][T19688] 
[  464.608419][T19688] 
[  464.608419][T19688] stack backtrace:
[  464.610304][T19688] CPU: 3 UID: 0 PID: 19688 Comm: syz.5.2903 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  464.610318][T19688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  464.610325][T19688] Call Trace:
[  464.610330][T19688]  <TASK>
[  464.610335][T19688]  dump_stack_lvl+0x116/0x1f0
[  464.610352][T19688]  check_irq_usage+0x7dc/0x920
[  464.610365][T19688]  ? __lock_acquire+0xaa4/0x1ba0
[  464.610381][T19688]  ? check_path.constprop.0+0x24/0x50
[  464.610394][T19688]  ? __lock_acquire+0x1189/0x1ba0
[  464.610407][T19688]  __lock_acquire+0x1189/0x1ba0
[  464.610423][T19688]  lock_acquire+0x179/0x350
[  464.610436][T19688]  ? send_sigurg+0xed/0xc80
[  464.610451][T19688]  _raw_read_lock+0x5f/0x70
[  464.610465][T19688]  ? send_sigurg+0xed/0xc80
[  464.610477][T19688]  send_sigurg+0xed/0xc80
[  464.610490][T19688]  ? find_held_lock+0x2b/0x80
[  464.610501][T19688]  sk_send_sigurg+0x76/0x360
[  464.610513][T19688]  unix_stream_sendmsg+0xe77/0x1160
[  464.610531][T19688]  ? aa_sk_perm+0x2f4/0xb10
[  464.610544][T19688]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  464.610560][T19688]  ? __pfx_aa_sk_perm+0x10/0x10
[  464.610573][T19688]  ? __import_iovec+0x1c8/0x660
[  464.610585][T19688]  ____sys_sendmsg+0xa95/0xc70
[  464.610601][T19688]  ? __pfx_____sys_sendmsg+0x10/0x10
[  464.610616][T19688]  ? get_compat_msghdr+0x11a/0x170
[  464.610629][T19688]  ? schedule+0x2d7/0x3a0
[  464.610643][T19688]  ___sys_sendmsg+0x134/0x1d0
[  464.610656][T19688]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.610671][T19688]  ? find_held_lock+0x2b/0x80
[  464.610684][T19688]  __sys_sendmmsg+0x2f9/0x420
[  464.610697][T19688]  ? __pfx___sys_sendmmsg+0x10/0x10
[  464.610711][T19688]  ? __pfx_do_futex+0x10/0x10
[  464.610725][T19688]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  464.610738][T19688]  ? rcu_is_watching+0x12/0xc0
[  464.610749][T19688]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  464.610762][T19688]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  464.610779][T19688]  __do_fast_syscall_32+0x73/0x120
[  464.610796][T19688]  do_fast_syscall_32+0x32/0x80
[  464.610812][T19688]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.610825][T19688] RIP: 0023:0xf7fa7579
[  464.610838][T19688] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  464.610849][T19688] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  464.610859][T19688] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080006c40
[  464.610866][T19688] RDX: 0000000000000001 RSI: 00000000000408b1 RDI: 0000000000000000
[  464.610872][T19688] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  464.610878][T19688] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  464.610884][T19688] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  464.610893][T19688]  </TASK>

VM DIAGNOSIS:
14:56:58  Registers:
info registers vcpu 0

CPU#0
RAX=ffff888012c4a5c0 RBX=ffff88802b33a800 RCX=0000000000000000 RDX=1ffff11005667500
RSI=ffffffff8161ed35 RDI=ffff88802b33a208 RBP=ffffffff8e007e00 RSP=ffffffff8e007c40
R8 =ffff88802b33aa00 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffffff8dcd7f30 R13=ffff8880703d8000 R14=ffff88802b33aa08 R15=ffff88802b339f00
RIP=ffffffff81900e07 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977e9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080002040 CR3=0000000060b89000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000005 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000080000000 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff8bf473e0 RDI=ffffffff81a14b90 RBP=ffff888079984880 RSP=ffffc90006b7f5b8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=1ffffffff1c79521
R12=0000000000000246 R13=0000000000000200 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81c27422 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978e9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080032000 CR3=000000006a2b6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000064b75c RBX=0000000000000002 RCX=ffffffff8b6983e9 RDX=ffffed10056865be
RSI=ffffffff8bf473e0 RDI=ffffffff81913781 RBP=ffffed1003b52910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000005bc7
R12=0000000000000002 R13=ffff88801da94880 R14=ffffffff90851f10 R15=0000000000000000
RIP=ffffffff8b696c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979e9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50f8373 CR3=0000000060b89000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7442ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c43f5 RDI=ffffffff9ade2c40 RBP=ffffffff9ade2c00 RSP=ffffc9000658f0f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9ade2c00 R15=ffffffff854c4390
RIP=ffffffff854c441f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000800034c0 CR3=0000000060b89000 CR4=00352ef0
DR0=fffffffffffffff8 DR1=0000000000000006 DR2=0200000000000000 DR3=0000000000000005 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000