last executing test programs:

5m28.353980409s ago: executing program 3 (id=3207):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000580)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010800040000000000000b00000008000300", @ANYRES32=r1, @ANYBLOB="0a000600080211000001000030005080110001004abee33908f8eef16f162471f400000005000200020000000800030005ac0f00050009"], 0x58}}, 0x0)

5m28.353354787s ago: executing program 3 (id=3209):
r0 = fsopen(&(0x7f0000001100)='efivarfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0)
ioctl$CDROMVOLCTRL(r2, 0x31f, &(0x7f0000000140)={0xa1, 0xe, 0x44})
fchdir(r1)
mkdirat(r1, &(0x7f0000000340)='./file1\x00', 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22803)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0xf3, 0x1b1c07, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x80d02, 0x0)
dup3(r4, r3, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
linkat(r1, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000010c0)='./bus\x00', 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x3)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x12, 0x6, 0x1, 0x2, 0x0, 0x70bd2a, 0x25dfdbfb}, 0x10}}, 0x0)
r6 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r7, &(0x7f0000000280)=ANY=[@ANYBLOB='lock io+'], 0xc)
write$vga_arbiter(r7, &(0x7f0000000100)=@other={'unlock', ' ', 'none'}, 0xc)
sendmsg$can_bcm(r6, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0}, 0x8}, 0x0)
r8 = dup(r5)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$BLKALIGNOFF(r9, 0x127a, &(0x7f00000000c0))
write$UHID_INPUT(r8, &(0x7f0000000080)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34363b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d3b6d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e75a5cffcdc2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae99397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359b93ffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7969d1685a882e8020f06c4c2ba1dd5cac7c18876da865d25d8a71ccd583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bfa64a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba5718e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d356bc309d0de93bfb7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79fb7b3e7f9bc0c1b4b266a8878b90baaa439d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e9ac557a22757c0595f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000003017808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767ddf0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319ca34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24ee0c4f1c5e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f29c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e5435dde5800000000df07720ba2b26b01000000a0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836154faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b000000000000000000000000000000000000f000", 0x1000}}, 0x1006)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@xino_auto}]})

5m28.225164638s ago: executing program 3 (id=3212):
syz_io_uring_setup(0x48cd, 0x0, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r0, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc8df, 0xc000, 0x20000a, 0x20002f6})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={0x0, 0x0, 0x52, 0x0, 0x1}, 0x28)
socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

5m28.17919374s ago: executing program 3 (id=3214):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x18010, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
file_setattr(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x60, 0x8001, 0x6, 0x0, 0xe}, 0x18, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000002140)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fff30000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0xfffffffffffffff5, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

5m28.066989995s ago: executing program 3 (id=3216):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtfilter={0x48, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @multicast1}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x7}})
r6 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4)

5m27.894317841s ago: executing program 3 (id=3219):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (fail_nth: 2)

5m27.8599141s ago: executing program 32 (id=3219):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (fail_nth: 2)

2m48.212518805s ago: executing program 4 (id=5348):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x2c}]}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r1, r2, 0x25, 0x4, @val=@netkit}, 0x1c)
mprotect(&(0x7f00001ce000/0x1000)=nil, 0x1000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

2m48.012435002s ago: executing program 4 (id=5350):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000000)=@ethtool_rxnfc={0x2d, 0xc, 0x9, {0x7, @udp_ip4_spec={@loopback, @multicast1, 0x4e22, 0x4e21, 0xfd}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x9, 0x2, [0x0, 0x1]}, @sctp_ip4_spec={@broadcast, @remote, 0x4e20, 0x4e24, 0x8}, {0x0, @local, 0x3, 0x7, [0xffff, 0x7]}, 0x3, 0xffffffff}}})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000040)=r1, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x6, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018200000", @ANYRES32=r1, @ANYBLOB="0000000000000000690000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
syz_emit_vhci(&(0x7f0000001480)=ANY=[@ANYBLOB="040e04076d0c"], 0x7)

2m47.953054499s ago: executing program 4 (id=5351):
openat$ublk_ctrl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'macsec0\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x74, r3, {0xfffb, 0x7}, {0xfff2, 0x4}, {0x0, 0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

2m47.848825685s ago: executing program 4 (id=5354):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000a40)={@multicast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "70eae4", 0x8, 0x0, 0x0, @private0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, {[@routing={0x0, 0x0, 0x5}]}}}}}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000080)=0x4)

2m46.952554235s ago: executing program 4 (id=5363):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000002680)={{0x2, 0x4e23, @remote}, {0x6, @remote}, 0x10, {0x2, 0x4e23, @multicast2}, 'dvmrp1\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
mount$nfs(&(0x7f0000000080)='@\a', &(0x7f00000000c0)='./file1\x00', &(0x7f0000000500), 0x20040c1, 0x0)
write$binfmt_aout(r4, 0x0, 0xff2e)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x8}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x3, 0x4, 0x6361, 0x5, 0xffffffff, 0x3}, [@TCA_NETEM_JITTER64={0xc, 0xb, 0xcda8}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b92a, 0x25dfdc01, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r7, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0xf}, 0x1}, 0xa)
bind$bt_l2cap(r6, &(0x7f0000000000), 0xe)
listen(r6, 0x1)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r8)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)

2m46.060500199s ago: executing program 2 (id=5380):
r0 = mmap$KVM_VCPU(&(0x7f00002c3000/0x1000)=nil, 0x0, 0x9, 0x100010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000080)="b2442c150747e65842ef9b1184cbc76797d8644cd0b7877a5dddea101ed0dd50c5fbb177e1ce89edbfc13901bc0b2f1f542740c48545fc1a625a5b0cd8fce6e4e3a14523051aa8c7", 0x0, 0x48)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_X2APIC_API(r4, 0x4068aea3, &(0x7f0000002a80)={0x81, 0x0, 0x3})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r5, 0x0}, 0x20)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r7 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x3, 0x40)
ioctl$MON_IOCX_GET(r7, 0x40189206, &(0x7f0000000100)={&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, 0x0})
syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041)
write$vga_arbiter(r6, &(0x7f00000005c0), 0xf)
ioctl$UBLK_U_CMD_GET_FEATURES(0xffffffffffffffff, 0x80207513, &(0x7f00000001c0)={0x0, 0xffff, 0x8, &(0x7f0000000180)})
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
preadv(r8, &(0x7f0000000000)=[{&(0x7f0000001100)=""/4104, 0x1008}], 0x1, 0x33, 0x0)
ioctl$CDROMSUBCHNL(r8, 0x530b, &(0x7f0000000100)={0x0, 0x8, 0x0, 0x2, 0x2, 0xf6, @lba=0x401, @msf={0xf1, 0x9, 0xd7}})
ioctl$KVM_IRQFD(r8, 0x4020ae76, &(0x7f0000000240)={r8, 0x6000, 0x2, r8})
ioctl$HIDIOCSFEATURE(r2, 0xc0404806, 0x0)

2m45.910679182s ago: executing program 4 (id=5374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000004500000002"], 0x48)
syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x24, 0x6, 0x0, @remote, @local, {[@hopopts={0x2f, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x7a2a2f8d}]}], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xc0008041}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032dbd7000fcdbdf250200000008000100", @ANYRES32=r2, @ANYBLOB="14060b00"/20], 0x30}}, 0x20004001)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_GET_DUMPABLE(0x3)
prctl$PR_GET_DUMPABLE(0x3)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000d0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
syz_emit_ethernet(0x8e, 0x0, 0x0)
recvmmsg$unix(r5, 0x0, 0x0, 0x10022, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
landlock_restrict_self(r4, 0x9)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000044182, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x240}, 0xe)
sendmsg$NL80211_CMD_PROBE_CLIENT(r6, 0x0, 0x24000094)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)

2m45.572330454s ago: executing program 2 (id=5378):
mmap(&(0x7f00009cd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0xd0, <r0=>0xffffffffffffffff})
cachestat(r0, &(0x7f0000000040)={0x4e6808cb, 0x41390a4b}, &(0x7f0000000080), 0x0)
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

2m45.471316777s ago: executing program 2 (id=5383):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
close(0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x3ec0)
close(0x3)
write(r1, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x545001, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x4, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
close(0x3)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)

2m45.312137529s ago: executing program 2 (id=5386):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mount$bpf(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x200, &(0x7f0000000640)={[{@gid}], [{@fsname={'fsname', 0x3d, '\\{&-)'}}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000700)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)

2m45.219310154s ago: executing program 2 (id=5387):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x77359400}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f00004da000/0x2000)=nil, 0x2000, 0x3000001, 0x11, r1, 0x0)
mprotect(&(0x7f00005cc000/0x1000)=nil, 0x1000, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
r3 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000000500)={0x80000000, 0x0, &(0x7f0000000100)=[{{}, {<r4=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000000340)={r4, 0x0, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x444242, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x6)
ioctl$KVM_XEN_HVM_CONFIG(r6, 0x4038ae7a, &(0x7f00000004c0)={0xe, 0xadc, &(0x7f0000000180)="6cfc780cddbfa381bd3340246fddb09cbde1b5a206eee55f844f49f4203dcce5925f2b29030cbe1804e261505664683d1cd2029df65f6134114a537fe7e8bba2fb609495bcbe116e96cc44df92d8acdc2c", &(0x7f0000000480)="d46fb37504584799ae3a020ad4dcd2bc92715581995f91e41504f1cb3910da3eeae5da178b4b102fb29f76a0d9161812c6cf24c0a481af79", 0x51, 0x38})
r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMEJECT_SW(r7, 0x530f, 0x0)
r8 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0xa041, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r8, 0xc018937a, &(0x7f0000000240)={{0x1, 0x1, 0xea, 0xffffffffffffffff, {0x5}}, './file0\x00'})
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x14}}, 0x0)
r9 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='freezer.state\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r10, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
preadv(r10, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/108, 0x6c}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000540)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r10, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r11, 0xae80, 0x0)

2m44.293031785s ago: executing program 1 (id=5390):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f0000008400)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

2m44.292558646s ago: executing program 1 (id=5391):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x15)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00'})
ioctl$UI_DEV_CREATE(r2, 0x5501)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newchain={0x34, 0x64, 0x200, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xe, 0x9}, {0x5, 0xfff3}, {0xf, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_RATE={0x6, 0x5, {0x2, 0x8}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtfilter={0x48, 0x2c, 0xd3f, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @multicast1}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x7}})
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000003940)=0x10)
ioctl$TCSETSF(r7, 0x5404, &(0x7f0000003980)={0x9, 0x4, 0x0, 0xfffffffd, 0x4, "9fe074c27de56e638031e88f19fa52087cfdcf"})
r8 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$kcm(r8, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r9, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4)

2m43.850026592s ago: executing program 2 (id=5393):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x4, 0x80000)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000140)={<r2=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r1, 0xc01864c1, &(0x7f00000000c0)={r2, 0x1, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01864c2, &(0x7f0000000100)={0x0, 0x1, r3})
ioctl$FE_DISEQC_SEND_BURST(r0, 0x6f41, &(0x7f0000000080)=0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000002e00090027bd7000000000050400000004001f"], 0x18}, 0x1, 0x0, 0x0, 0x2804}, 0x0)

2m43.77827217s ago: executing program 0 (id=5394):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000002200)=ANY=[@ANYBLOB="9feb01001800000000000000380000003800000004000004030800a570d49fdc70a46b5462f70000fcff1004000000ffffffff00000000000000020000000002000000b001001302000000020000000000000e038288c37c85eb992927fc6a5412cbf04cfca1850805608d755a0104000063aeb3bbe35260cfc79ff74168a57878c277db9067b36997041fd0fa44e95ffee131fdbcbbd45da4c54291f8ee8d880a3de5569f"], 0x0, 0x54, 0x0, 0x4}, 0x20)
timer_create(0x3, 0x0, &(0x7f0000bbdffc))
timer_create(0x1, 0x0, &(0x7f00000000c0)=<r0=>0x0)
r1 = syz_open_dev$sndctrl(&(0x7f00000061c0), 0xfffffffffffffffa, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f00000004c0)={0xbc, 0x1f, 0x1})
timer_gettime(r0, &(0x7f0000000000)={{}, {<r2=>0x0}})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000022c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRES64=r2, @ANYRESDEC=r3, @ANYRESDEC=0x0, @ANYRES32=r4, @ANYRES32=r0])
read$FUSE(r4, &(0x7f0000008240)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de979c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6ed49a1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e00008503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda940b023d190e6fba7f83060000003f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954ef19d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70346dcc43f59300676ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca00", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfd, 0xfffffffffffffffd, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x100, 0x0, 0x0, 0xb, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902, 0x200000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r4, &(0x7f0000000440)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r6, 0x40480923, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000040)={0x0, 0x1, 0x4, "1d0344ea898b2daccf6b60adef7779e9824efd21d180880994f5e876f958432b", 0x31384142})
ioctl$OCFS2_IOC_RESVSP64(r3, 0x4030582a, &(0x7f0000000180)={0x1, 0x2, 0x1b, 0x3, 0x0, 0xffff})
r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x2000, 0x0)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0x0)
lseek(r10, 0x0, 0x3)
timerfd_gettime(r10, &(0x7f0000000140))
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000006180)={0x4})
ioctl$TIOCMSET(r9, 0x5418, &(0x7f00000000c0)=0xfff7bdff)
read$FUSE(r8, &(0x7f00000001c0)={0x2020}, 0x2020)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000080)=ANY=[@ANYBLOB="10000000daffffff9ad30094a14d9247825aae6761155d3faa3da7a96910", @ANYRES64=0x3], 0x10)
timer_delete(r0)

2m42.878222551s ago: executing program 0 (id=5395):
r0 = syz_open_dev$vim2m(&(0x7f0000000540), 0x9, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285628, &(0x7f0000000080)={0x3, @win={{0xd4, 0xfdfdffff, 0x0, 0x6}, 0x0, 0x0, &(0x7f0000000040)={{0x0, 0x100000}}, 0x2, 0x0, 0x80}})

2m42.822735551s ago: executing program 0 (id=5396):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000180)={0x4, 0x80000, <r3=>r1})
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f00000001c0)={r3, 0x1, 0xfffff000, 0x100000000})
r4 = syz_open_dev$video4linux(&(0x7f0000000140), 0x80000000004, 0x82840)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r4, 0xc040564a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000002000010029bd70000000000002000000000000020000000008000400fbff001300010000000c0d0b5de89d23f255000001000000"], 0x38}}, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r5, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x40)
r6 = dup(r5)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r6, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0x1, 0x1009, 0x7f}, {0x12, 0x2, 0x0, 0x401, 0x8001}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)

2m42.282341778s ago: executing program 0 (id=5397):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7ffe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0xe, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1a29d}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffff55a, 0x4, 0x1, 0x3, 0x9}, 0x22}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x884}, 0x2)
close(r1)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r3, 0x42, 0x30000}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000002c0)="27031f00dc0f14000e00203c002400004000ff8800000066c1532cc10200000003125ce882cbf490d90812533f00", 0x2e}], 0x1}, 0x4005)

2m42.232845011s ago: executing program 1 (id=5398):
r0 = syz_io_uring_setup(0x48cd, 0x0, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r0}, 0x68)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r1, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x4fee, &(0x7f0000000200)={0x0, 0xb583, 0x1, 0x20000a, 0x7, 0x0, r0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@deltfilter={0x34, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x10, 0x6}}, @TCA_CHAIN={0x8, 0xb, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={0x0, 0x0, 0x52, 0x0, 0x40001}, 0x28)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
io_uring_enter(r0, 0x3213, 0x200f638, 0x8, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000011)
r3 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r3, 0x10e, 0x8, 0x0, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000180)=0x6f)
r5 = dup2(r2, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f00000001c0)=0x2)
read$FUSE(r5, &(0x7f0000002780)={0x2020, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
sched_setscheduler(r6, 0x2, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102400, 0x19000)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0x1, 0x3}, 0x6)
accept4$alg(r5, 0x0, 0x0, 0x1800)
r8 = syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0x0)
ioctl$EVIOCSCLOCKID(r8, 0x400445a0, &(0x7f00000001c0)=0x1)

2m42.231403969s ago: executing program 1 (id=5399):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4001af84, &(0x7f0000000080)={0x1})
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="c4000000190001050000000000000000fc000000000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0000000000000000fcffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0xc4}}, 0x0)

2m42.152961759s ago: executing program 0 (id=5400):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r0, &(0x7f0000008400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

2m42.152853281s ago: executing program 1 (id=5401):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})

2m42.152498824s ago: executing program 0 (id=5402):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000001240)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0xe}, @val={0x8, 0x3, r3}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'ip6gre0\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x610b6e43934e1733, 0x3})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000e00)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

2m42.042348304s ago: executing program 1 (id=5403):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa00000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r1, 0x20, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "d26a08ad44"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x38}}, 0x884)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000280)={'syztnl2\x00', <r3=>0x0, 0x8, 0x40, 0x7, 0xe00, {{0x1c, 0x4, 0x2, 0x14, 0x70, 0x66, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @remote, {[@generic={0x88, 0x3, 'm'}, @timestamp={0x44, 0x10, 0x60, 0x0, 0x0, [0x4, 0x8, 0x8]}, @rr={0x7, 0x1f, 0x6c, [@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x43}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @rand_addr=0x64010100, @remote, @rand_addr=0x64010101]}, @ssrr={0x89, 0x7, 0xe6, [@multicast1]}, @timestamp={0x44, 0x10, 0xc1, 0x0, 0xf, [0x9, 0x8, 0x5]}, @ssrr={0x89, 0xb, 0x8e, [@remote, @dev={0xac, 0x14, 0x14, 0x1f}]}, @generic={0x89, 0x7, "0eef0f5817"}]}}}}})
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@deltfilter={0x24, 0x2d, 0x2, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x1e, 0xfff1}, {0x2, 0xf}, {0x1, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40408c1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_LEAVE_MESH(r4, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r1, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4008040)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000580), 0x8000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r5)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x14, r1, 0x10, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), r5)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f00000008c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x64010000}, 0xc, &(0x7f0000000880)={&(0x7f0000000780)={0xd4, r6, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IE={0x69, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x9, 0x5, 0x2}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0x4f0927176fe8046a, 0xd}}, @tim={0x5, 0x57, {0x0, 0xad, 0x3, "3be177a76d062a5b0f0665e25c233592c5e70f79f9795eec902ae40afe7bbeb7bff99a46cc3e84c3577599279a8c1a16604e9357ff7e63a268bafbd45480d7a0cde1a598988ea9ebc3a1b43663b9a687c3480455"}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x57}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x61}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4d}, @NL80211_ATTR_IE={0x1e, 0x2a, [@mic={0x8c, 0x18, {0x105, "5cc19b39b058", @long="f45fbabc7db085924665d234c5dbeee5"}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x60}]}, 0xd4}, 0x1, 0x0, 0x0, 0xc008}, 0x8800)
ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000900)=@overlay={0x3, 0x3, 0x4, 0x800000, 0x3, {}, {0x5, 0x0, 0x13, 0x6, 0xf8, 0x5, "bee55a18"}, 0x5, 0x3, {}, 0x3, 0x0, r5})
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x40, r6, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'wlan0\x00'}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x1000000}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x985}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4050)
ioctl$EVIOCGSW(r5, 0x8040451b, &(0x7f0000000a80)=""/241)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000bc0), r5)
sendmsg$IPVS_CMD_GET_INFO(r8, &(0x7f0000000d00)={&(0x7f0000000b80), 0xc, &(0x7f0000000cc0)={&(0x7f0000000c00)={0xb8, r9, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x40000000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x16}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xc}}]}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6b}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5e}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x18}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0xff}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
clock_gettime(0x0, &(0x7f0000000d40)={<r10=>0x0, <r11=>0x0})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000e80)=@multiplanar_userptr={0x200, 0x2, 0x4, 0x70000, 0x5, {r10, r11/1000+10000}, {0x1, 0x8, 0x1, 0xff, 0x4, 0x8, "3338ba94"}, 0x5, 0x2, {&(0x7f0000000e00)=[{0x8, 0x8, {&(0x7f0000000d80)}, 0xf}, {0x4, 0x9, {&(0x7f0000000dc0)}, 0xfffffffb}]}, 0x5, 0x0, r5})
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000f40), r8)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r4, &(0x7f0000001040)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x80220080}, 0xc, &(0x7f0000001000)={&(0x7f0000000f80)={0x74, r12, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x48, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x49}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0xc080)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000001200)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000011c0)={&(0x7f00000010c0)=@deltaction={0xc4, 0x31, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x60, 0x1, [{0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @TCA_ACT_TAB={0x50, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xe}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x8804}, 0x40001)
sendmsg$NL80211_CMD_SET_PMK(r8, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001300)={&(0x7f0000001280)={0x48, r6, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "8a2414a495226cfbe6af1407c9962c30"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4ab6cf0cefc1e4a4aa3895aea45e88e9"}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000040}, 0x40)
r14 = syz_genetlink_get_family_id$devlink(&(0x7f00000013c0), r0)
sendmsg$DEVLINK_CMD_SB_GET(r5, &(0x7f00000014c0)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x64, r14, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x10}}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000004}, 0x8014)

2m30.011959568s ago: executing program 33 (id=5374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000004500000002"], 0x48)
syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "f900f5", 0x24, 0x6, 0x0, @remote, @local, {[@hopopts={0x2f, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x7a2a2f8d}]}], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xc0008041}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032dbd7000fcdbdf250200000008000100", @ANYRES32=r2, @ANYBLOB="14060b00"/20], 0x30}}, 0x20004001)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_GET_DUMPABLE(0x3)
prctl$PR_GET_DUMPABLE(0x3)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000d0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
syz_emit_ethernet(0x8e, 0x0, 0x0)
recvmmsg$unix(r5, 0x0, 0x0, 0x10022, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
landlock_restrict_self(r4, 0x9)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000044182, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x240}, 0xe)
sendmsg$NL80211_CMD_PROBE_CLIENT(r6, 0x0, 0x24000094)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)

2m27.975439363s ago: executing program 34 (id=5393):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x4, 0x80000)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000140)={<r2=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r1, 0xc01864c1, &(0x7f00000000c0)={r2, 0x1, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01864c2, &(0x7f0000000100)={0x0, 0x1, r3})
ioctl$FE_DISEQC_SEND_BURST(r0, 0x6f41, &(0x7f0000000080)=0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000002e00090027bd7000000000050400000004001f"], 0x18}, 0x1, 0x0, 0x0, 0x2804}, 0x0)

2m26.514495308s ago: executing program 35 (id=5402):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000001240)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0xe}, @val={0x8, 0x3, r3}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'ip6gre0\x00'})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x610b6e43934e1733, 0x3})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000e00)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

2m26.500662881s ago: executing program 36 (id=5403):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa00000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r1, 0x20, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x5}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "d26a08ad44"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x38}}, 0x884)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000280)={'syztnl2\x00', <r3=>0x0, 0x8, 0x40, 0x7, 0xe00, {{0x1c, 0x4, 0x2, 0x14, 0x70, 0x66, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @remote, {[@generic={0x88, 0x3, 'm'}, @timestamp={0x44, 0x10, 0x60, 0x0, 0x0, [0x4, 0x8, 0x8]}, @rr={0x7, 0x1f, 0x6c, [@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x43}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @rand_addr=0x64010100, @remote, @rand_addr=0x64010101]}, @ssrr={0x89, 0x7, 0xe6, [@multicast1]}, @timestamp={0x44, 0x10, 0xc1, 0x0, 0xf, [0x9, 0x8, 0x5]}, @ssrr={0x89, 0xb, 0x8e, [@remote, @dev={0xac, 0x14, 0x14, 0x1f}]}, @generic={0x89, 0x7, "0eef0f5817"}]}}}}})
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@deltfilter={0x24, 0x2d, 0x2, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x1e, 0xfff1}, {0x2, 0xf}, {0x1, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8011}, 0x40408c1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_LEAVE_MESH(r4, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r1, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4008040)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000580), 0x8000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r5)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x14, r1, 0x10, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000700), r5)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f00000008c0)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x64010000}, 0xc, &(0x7f0000000880)={&(0x7f0000000780)={0xd4, r6, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IE={0x69, 0x2a, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x9, 0x5, 0x2}}, @ext_channel_switch={0x3c, 0x4, {0x1, 0x1, 0x4f0927176fe8046a, 0xd}}, @tim={0x5, 0x57, {0x0, 0xad, 0x3, "3be177a76d062a5b0f0665e25c233592c5e70f79f9795eec902ae40afe7bbeb7bff99a46cc3e84c3577599279a8c1a16604e9357ff7e63a268bafbd45480d7a0cde1a598988ea9ebc3a1b43663b9a687c3480455"}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x57}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x61}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4d}, @NL80211_ATTR_IE={0x1e, 0x2a, [@mic={0x8c, 0x18, {0x105, "5cc19b39b058", @long="f45fbabc7db085924665d234c5dbeee5"}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x60}]}, 0xd4}, 0x1, 0x0, 0x0, 0xc008}, 0x8800)
ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000900)=@overlay={0x3, 0x3, 0x4, 0x800000, 0x3, {}, {0x5, 0x0, 0x13, 0x6, 0xf8, 0x5, "bee55a18"}, 0x5, 0x3, {}, 0x3, 0x0, r5})
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x40, r6, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_NAME={0x14, 0x2, 'wlan0\x00'}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x3}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x1000000}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x985}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4050)
ioctl$EVIOCGSW(r5, 0x8040451b, &(0x7f0000000a80)=""/241)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000bc0), r5)
sendmsg$IPVS_CMD_GET_INFO(r8, &(0x7f0000000d00)={&(0x7f0000000b80), 0xc, &(0x7f0000000cc0)={&(0x7f0000000c00)={0xb8, r9, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x40000000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x16}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xc}}]}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6b}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x5e}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x18}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0xff}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
clock_gettime(0x0, &(0x7f0000000d40)={<r10=>0x0, <r11=>0x0})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000e80)=@multiplanar_userptr={0x200, 0x2, 0x4, 0x70000, 0x5, {r10, r11/1000+10000}, {0x1, 0x8, 0x1, 0xff, 0x4, 0x8, "3338ba94"}, 0x5, 0x2, {&(0x7f0000000e00)=[{0x8, 0x8, {&(0x7f0000000d80)}, 0xf}, {0x4, 0x9, {&(0x7f0000000dc0)}, 0xfffffffb}]}, 0x5, 0x0, r5})
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000f40), r8)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r4, &(0x7f0000001040)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x80220080}, 0xc, &(0x7f0000001000)={&(0x7f0000000f80)={0x74, r12, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x48, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x49}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x12}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0xc080)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000001200)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000011c0)={&(0x7f00000010c0)=@deltaction={0xc4, 0x31, 0x4, 0x70bd2b, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x60, 0x1, [{0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @TCA_ACT_TAB={0x50, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xe}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x8804}, 0x40001)
sendmsg$NL80211_CMD_SET_PMK(r8, &(0x7f0000001340)={&(0x7f0000001240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001300)={&(0x7f0000001280)={0x48, r6, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "8a2414a495226cfbe6af1407c9962c30"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "4ab6cf0cefc1e4a4aa3895aea45e88e9"}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000040}, 0x40)
r14 = syz_genetlink_get_family_id$devlink(&(0x7f00000013c0), r0)
sendmsg$DEVLINK_CMD_SB_GET(r5, &(0x7f00000014c0)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001400)={0x64, r14, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x10}}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000004}, 0x8014)

24.359925645s ago: executing program 7 (id=6304):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x67bb, &(0x7f0000000280))
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

23.330660252s ago: executing program 7 (id=6326):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7ffe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0xe, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1a29d}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffff55a, 0x4, 0x1, 0x3, 0x9}, 0x22}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x884}, 0x2)
close(r1)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r3, 0x42, 0x30000}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000002c0)="27030200dc0f14000e00203c001c00004000ff8800000066c1532cc10200000003125ce882cbf490d90812533f00", 0x2e}], 0x1}, 0x4005)

20.950502581s ago: executing program 7 (id=6334):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$kcm(0x21, 0x2, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=<r1=>0x0)
syz_open_procfs(r1, &(0x7f00000000c0)='totmaps\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xf)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0xa, 0x3, 0x7)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20040040)

20.88791736s ago: executing program 7 (id=6336):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_G_FBUF(r1, 0x8030560a, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
r4 = socket$inet(0x2, 0x3, 0x7f)
setsockopt$inet_int(r4, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x3a, 0x1, 0x270bd24, 0x25dfdbf8, {0x11}}, 0x14}}, 0x4000000)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10008000}, 0x40095)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x81}]}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xcc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r8 = syz_io_uring_complete(0x0, 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(r8, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x20, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040800}, 0x4004000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

20.561105522s ago: executing program 7 (id=6344):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
clock_gettime(0xfffffff2, &(0x7f0000000000))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x168)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000280)='./file0\x00')
r1 = open(&(0x7f0000000200)='./file1\x00', 0x20000, 0x40)
getdents64(r1, &(0x7f0000000fc0)=""/224, 0xe0)

20.376780445s ago: executing program 7 (id=6348):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x80000)
r3 = getpgid(0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x1, 0x8000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000001000)={{0x7, 0x2, 0xebbc, 0x0, 'syz1\x00', 0x8}, 0x3, 0x2, 0x2, r3, 0x0, 0x9, 'syz0\x00', 0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {0xee00, <r5=>0xee00}}, './file0\x00'})
r6 = syz_open_dev$media(&(0x7f00000011c0), 0x7, 0x20002)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f00000014c0)={0x80000000, &(0x7f0000001400), 0x0})
ioctl$VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000900)={0x5, 0x4, 0xb, 0x880, <r7=>0xffffffffffffffff})
r8 = fanotify_init(0x20, 0x101000)
sendmmsg$unix(r2, &(0x7f0000000a00)=[{{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)="95394b3678029f71816b760f17c44ea7fb24b15b48bc653317e54ec0ec5cf4436834d4844e9f3c9d8c8d4939685e91ec9aef60040d528a5ce26adfae42c5c7eaa1f842f830b952623c982166b61b586b75c8adf341584a9aec0180f469bd65fd2663012f5b70164b890333ef997cb3639676a009b48b940ae56da7698daa356345b33956a3c0fab39dcf88514c101bb9b65ddd7c0660bbc5a45fa6da0065e26984a30ae1c6595bcc8d6015eb555b39917c5c533e1a9f2f3fed9606bf8ac20e93e6fbe6b1d145aa04e071c6e7812ad1ed996220753bc1ef08a1ea70", 0xdb}], 0x1, &(0x7f0000000380)=[@rights={{0x1c, 0x1, 0x1, [r2, r1, r2]}}, @rights={{0x18, 0x1, 0x1, [r2, r2]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xee01, r5}}}], 0x58, 0x20000044}}, {{&(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000540)="096f91c29cd0b961b2f22f738adb73e7114448f42e785b26ad2a6f1cdaa9e64d29372f90a5cbecf12f79ba3fbe0b3665b96c20915673692b13fce6d486bb3c2854410b1c99e417a8a598a80cae102621a98f6ee93ced6165fa0f3dbecfc691232a7e02d1bc0f892b023db6b2dd3623ae96a56904dc", 0x75}, {&(0x7f00000005c0)="eab354b4c557f35d59a12ba522e1c53d61f2592d859cd39504b40141782575f88a8ec165e2a7171bbc82c7f7744a56496d58bcb478444c7094ce31b68f70", 0x3e}, {&(0x7f0000000600)="95d45fece5f927ee857cf3725027140d32b06466b83e908c25fcece066fdcb94fd95a2ccbb2186a84347003e7539375b5faa1f348a4b16010490b1ee951f548518219380a72c8e377d0976c0447f5509ffa09a2b1a36f33769167f938c1be3a72da36a625a9d7bdb2f69d2f1f2c730754b5acb17d26e86a7967e4221a3393a6a43138f24125c2732f277586ef46a35d8acecfbdd1728d35fe0d24d919e60148f0476844249f7162da65dbb4027bb15ac8392e7ea727b582e979d6a9403a9c01344736abfe7fa2a32f7462467b748facaa3cb2c7ee5af59da6869336cebc1acbe1ea85064c487c7853a2eda723e2a96cbf8bfd9889b7644", 0xf7}, {&(0x7f0000000700)="2cc5ce5cee64cdf50d93e1655a69a53f8ce9c62b33044bc3830cdd569063649270567b05718cd808cca6f0e17ba8ca179d0277c2df85225b2b5c15b0e5a4e6024137c0fd6582fad83edf", 0x4a}, {&(0x7f0000000780)="26dc2bf5ee16feee91aa8d4f8f3a8702d050e4e3b83706184386f29cb49b632adcaf647cf4077b644183b44694e36b02f3f0103e6ae8bd65a425ad844b41fc08a8fab3615cc276e40b06a5fb4bf31fcf5935d52c0b5aa6bbdd2816d30dca8d3143f1a26f1e4a001307bf770160b631095a769b8b339c4e69401ca06d91d1bfa48f5e28423681f5d939cd833275f54cb49753889c97d0e25bf6b17751e7ba0d049be685031784936644662a57608ae63057f3246ac8d4a325a508b68ea019bea1c3f629063b4ffa5e2b1b", 0xca}], 0x5, &(0x7f0000000940)=[@rights={{0x18, 0x1, 0x1, [r6, r7]}}], 0x18, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000980), 0x0, &(0x7f00000009c0)=[@rights={{0x24, 0x1, 0x1, [r1, r0, r1, r8, r0]}}], 0x28, 0x10}}], 0x3, 0x4000080)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313, 0x1000000}], 0xffffffffffffff9a, 0x1000000, 0x0})

20.241174178s ago: executing program 37 (id=6348):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x80000)
r3 = getpgid(0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x1, 0x8000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000001000)={{0x7, 0x2, 0xebbc, 0x0, 'syz1\x00', 0x8}, 0x3, 0x2, 0x2, r3, 0x0, 0x9, 'syz0\x00', 0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {0xee00, <r5=>0xee00}}, './file0\x00'})
r6 = syz_open_dev$media(&(0x7f00000011c0), 0x7, 0x20002)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f00000014c0)={0x80000000, &(0x7f0000001400), 0x0})
ioctl$VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000900)={0x5, 0x4, 0xb, 0x880, <r7=>0xffffffffffffffff})
r8 = fanotify_init(0x20, 0x101000)
sendmmsg$unix(r2, &(0x7f0000000a00)=[{{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)="95394b3678029f71816b760f17c44ea7fb24b15b48bc653317e54ec0ec5cf4436834d4844e9f3c9d8c8d4939685e91ec9aef60040d528a5ce26adfae42c5c7eaa1f842f830b952623c982166b61b586b75c8adf341584a9aec0180f469bd65fd2663012f5b70164b890333ef997cb3639676a009b48b940ae56da7698daa356345b33956a3c0fab39dcf88514c101bb9b65ddd7c0660bbc5a45fa6da0065e26984a30ae1c6595bcc8d6015eb555b39917c5c533e1a9f2f3fed9606bf8ac20e93e6fbe6b1d145aa04e071c6e7812ad1ed996220753bc1ef08a1ea70", 0xdb}], 0x1, &(0x7f0000000380)=[@rights={{0x1c, 0x1, 0x1, [r2, r1, r2]}}, @rights={{0x18, 0x1, 0x1, [r2, r2]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xee01, r5}}}], 0x58, 0x20000044}}, {{&(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000540)="096f91c29cd0b961b2f22f738adb73e7114448f42e785b26ad2a6f1cdaa9e64d29372f90a5cbecf12f79ba3fbe0b3665b96c20915673692b13fce6d486bb3c2854410b1c99e417a8a598a80cae102621a98f6ee93ced6165fa0f3dbecfc691232a7e02d1bc0f892b023db6b2dd3623ae96a56904dc", 0x75}, {&(0x7f00000005c0)="eab354b4c557f35d59a12ba522e1c53d61f2592d859cd39504b40141782575f88a8ec165e2a7171bbc82c7f7744a56496d58bcb478444c7094ce31b68f70", 0x3e}, {&(0x7f0000000600)="95d45fece5f927ee857cf3725027140d32b06466b83e908c25fcece066fdcb94fd95a2ccbb2186a84347003e7539375b5faa1f348a4b16010490b1ee951f548518219380a72c8e377d0976c0447f5509ffa09a2b1a36f33769167f938c1be3a72da36a625a9d7bdb2f69d2f1f2c730754b5acb17d26e86a7967e4221a3393a6a43138f24125c2732f277586ef46a35d8acecfbdd1728d35fe0d24d919e60148f0476844249f7162da65dbb4027bb15ac8392e7ea727b582e979d6a9403a9c01344736abfe7fa2a32f7462467b748facaa3cb2c7ee5af59da6869336cebc1acbe1ea85064c487c7853a2eda723e2a96cbf8bfd9889b7644", 0xf7}, {&(0x7f0000000700)="2cc5ce5cee64cdf50d93e1655a69a53f8ce9c62b33044bc3830cdd569063649270567b05718cd808cca6f0e17ba8ca179d0277c2df85225b2b5c15b0e5a4e6024137c0fd6582fad83edf", 0x4a}, {&(0x7f0000000780)="26dc2bf5ee16feee91aa8d4f8f3a8702d050e4e3b83706184386f29cb49b632adcaf647cf4077b644183b44694e36b02f3f0103e6ae8bd65a425ad844b41fc08a8fab3615cc276e40b06a5fb4bf31fcf5935d52c0b5aa6bbdd2816d30dca8d3143f1a26f1e4a001307bf770160b631095a769b8b339c4e69401ca06d91d1bfa48f5e28423681f5d939cd833275f54cb49753889c97d0e25bf6b17751e7ba0d049be685031784936644662a57608ae63057f3246ac8d4a325a508b68ea019bea1c3f629063b4ffa5e2b1b", 0xca}], 0x5, &(0x7f0000000940)=[@rights={{0x18, 0x1, 0x1, [r6, r7]}}], 0x18, 0x4000000}}, {{0x0, 0x0, &(0x7f0000000980), 0x0, &(0x7f00000009c0)=[@rights={{0x24, 0x1, 0x1, [r1, r0, r1, r8, r0]}}], 0x28, 0x10}}], 0x3, 0x4000080)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313, 0x1000000}], 0xffffffffffffff9a, 0x1000000, 0x0})

3.820765116s ago: executing program 9 (id=6518):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@migrate={0x50, 0x21, 0x1, 0x70bd27, 0x25dfdbfb, {{@in6=@mcast1, @in6=@remote, 0x4e21, 0x0, 0x4e21, 0x9ffd, 0x7, 0x180, 0x20, 0x1d}, 0x6e6ba8, 0x4b75cd6ef3e93cb3}}, 0x50}, 0x1, 0x0, 0x0, 0x4000840}, 0x20004040)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.610460849s ago: executing program 9 (id=6519):
syz_usbip_server_init(0x3)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r1, 0x82, 0x5, &(0x7f0000002340)='hello')
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'hsr0\x00', @local})
r2 = openat$fb0(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000140), 0xd, 0x3501)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
poll(&(0x7f0000000000)=[{r3, 0x4000}], 0x1, 0x5)
ioctl$FBIO_WAITFORVSYNC(r2, 0x40044620, 0x0)
socket(0x10, 0x3, 0x0)
syz_usbip_server_init(0x3) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)) (async)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, "", {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) (async)
syz_usb_ep_write(r1, 0x82, 0x5, &(0x7f0000002340)='hello') (async)
ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000000)={'hsr0\x00', @local}) (async)
openat$fb0(0xffffffffffffff9c, 0x0, 0x80000, 0x0) (async)
syz_open_dev$usbfs(&(0x7f0000000140), 0xd, 0x3501) (async)
connect$inet(0xffffffffffffffff, 0x0, 0x0) (async)
poll(&(0x7f0000000000)=[{r3, 0x4000}], 0x1, 0x5) (async)
ioctl$FBIO_WAITFORVSYNC(r2, 0x40044620, 0x0) (async)
socket(0x10, 0x3, 0x0) (async)

3.05057871s ago: executing program 5 (id=6531):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xa, &(0x7f0000000680)=ANY=[@ANYBLOB="180872"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b0001006772657461700000", @ANYRES32, @ANYBLOB='\b\x00\r\x00\x00\x00\x00\x00\b\x00?'], 0x4c}}, 0x0)
socket(0x16, 0x4, 0x2)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(0xffffffffffffffff, 0x80045301, &(0x7f0000000540))
inotify_init()
openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x1, 0xc000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x404c084}, 0x0)
r3 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e00)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000400", @ANYRES32=r4, @ANYBLOB="0028000000000000140012800c0001006d6163766c616e00", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.039569593s ago: executing program 5 (id=6534):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r1, 0x6, 0x2, 0xfffffffffffffffd, &(0x7f0000000340))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = fanotify_init(0x200, 0x8000)
fanotify_mark(r4, 0x1, 0x12, r3, 0x0)
getsockopt$CAN_RAW_FD_FRAMES(r2, 0x65, 0x8, 0x0, &(0x7f0000000340))
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r5 = syz_io_uring_setup(0x3eb1, &(0x7f00000034c0)={0x0, 0x764a, 0x0, 0x3, 0x70}, &(0x7f0000003540), &(0x7f0000003580), &(0x7f0000000000))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f000012d000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00005a4000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f000012d000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x65e2, &(0x7f0000000040)={0x0, 0x6a7, 0x8, 0x3, 0x1b9, 0x0, r5})
setresgid(0xee00, 0xee01, 0x0)
setresgid(0xffffffffffffffff, 0xee00, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x15, &(0x7f0000001dc0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="40000000210a010900000000000000000a0000010900020073797a31000000000900010073797a31"], 0x40}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
dup3(r6, r6, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r9, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
io_uring_enter(r5, 0x6bb6, 0xd2d1, 0x1, &(0x7f00000001c0)={[0x80000000]}, 0x8)
fstat(r6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmsg$netlink(r7, &(0x7f0000001940)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001900)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="a01100001300040029bd7000fbdbdf25817ff398a0c5d841f842d951ac9fb7e22287e8ac7b5aee947aeef1889765d28a4a778994893cc5f7866ccd6820752bc42625a4ad63bc0a2ea4281b797325ae7d2d72bd83e26a6befe52a778061b919d222a00afd0cf694110013cec2c151f438f1c32b1228a742801dd9f59a9aa65dd555502811a058797919dbd2d760af0e40e9ba728d4b8691651241710eb9881bd7a6ac3af2837e7e7a7afbb5bd9a0826a4e68373406cf0075eb95da15659d308861c69e7acd1de19f5e5aef390356c7ffb3de624f14825e4a5ebad160029541353e9fb4bfd45d22115b3785bdb16cad6ecfda6ce60488c202fb74d236f530d073c3fb86cbcc727858469639ad2ae6a294fd17600ffcb6f37d390a05a10292ec87353e8699a25b4a4211e042acbbedc733e68738100cfcc545f741437b82f379224fca1f5c2e0e28182da69ef1ab0e125b5bcf0ab4e7c30bb4443088a9c170f1a45c18203ebecaaf560b642ab39db37a918c03d8a15dd28c8988306899944cccfc0f102efee388cf7765cf212dbcaf34cb93cce4e6a082ad8c4ea34984fa37f5b3758b7cf8dde47963d288b8f317dd8a2dcdc1659bf86d9fd0308e9f2e54caf88587d197011d8434cebe6a5120b5750543ab0bb3ea44abea5e3eaa6b8985fb83de176fff21ae7a438e0bd0f3c23a191026990abbec5c55fe9c197714b1a2c65344435c8afbfe0afd93d3b5178085cd94bb11a87e597e43108048521c9bf7780cfefa6e7b09b3d5d733deecab20e186f798816fe7d51456f1693fe028ae315d19190df2e8f455f2bb7e0ae5f219b92d2cb49b0d2a3ba7822acaa153dfde730e005db110b47fbd331d96259845bf51e9703b3e5865b44e42f83460c55f98d5c632055941b2c1f90cb195030e8d913e4bb55634a2dc7e774a55a6097d11dd602f097f91df9d87d0f3046523810e2167d163dde1ac222be7209bf179fe2a562541ee2a0e9d3ab6bc099a7c0c559dd2ad70fdb9a80245bf12fb18cd693db40adb2b426aa8bd9cddffdc337bfbfbc7d18476df9279ce88c3ea0790a4a222e1ef6abbc68a816cb9e414344d964bc4c2fe622530a1ac8a9091bafe70d929adca8d1dc645f671b0134b776fd26eeb378b1fe2cf67c0dd5cbd9f8c122025eea04cbdb632cc3628462fbc3236684ca0b59dea1aeebbe8e37ae8fd7d2805b6f2ed1cf75a89a0e0b021c8e6ae2fda7160eaf0fab525a30d752110a136a0b046a02b3958424e70b569c4e2181f88850a24b3621b86acfa288c9161bfbebe52b8e6568a0084b77e0520440efa8caf62834c987ebceb827a654eac84755adca75895ac2acfa25975bfe611dae0f68686976594a1b8199fd37a3dd74e9889388322bc64ef322f7a6d0cd9c7013947e2728e8c8a5b70aa0fe6d6379d943d509d68722f3580b2198a3a451de6b766b8637b732d6b2609ccf4d9944bf6f8a251a4147e14daf327b95aaab873439bae25efbd3f338ace8ff22309e102359a67e761ce110946b1010b76ad8f20cc8e5c09df903c06e27286c6c6596530e4227c1230d281b3b57740b06e330f457e66d7087abbd96c1a6da2b4ff44c2992e8b4729beb022c37d76f872c2249d7bf02ad4870de48f234b5c2adf49d6f22541aa066f00f1c4ea4d51a3689fb5f82b7585b7b27a3c5daed870333db17c09024a7fb68ca76a03d72c76e1caebd03b75f31c31b86872ccf0db5b8cb92284b4085bd61923eecaf76cc53d878e4ba52cbbe0a937954add96213a062d7dd4d091afa63588739d887c0b9e67cb9fb38f88b5c515752064f28c032d56f8937d682bf140029e974464e56147b14b4bab1ee82186bda4abfc2010d3b2bda098b71452cab902ae993ead266cf785a9ab349db2ae9f138a342aedba0cd1184587eb09174db9807863aa74325ef8d1dd329d50eac1eac836b05fd71e5676b3d975e10fdf89d60011c58943d58726978b68faf5c672ac69f2a70c1d9b5a4e9d59b7ea92f1fa298fb6e6a733d32f7ff9026d9b700f38450dec3cd75da28a88377c922488a973046302dfc8212f3acbcfcabceea22c2adb212de65718dafed8272c176de9555c869442e268af12f83a23addb29d7fe88fa63f5a1b8e8efbaded0b424786421ce1da057e5e803b3ecbb3a9ae4ebe9f0e5be90c227d610c5047a5b434e1a18ce253a3a7041c7cd88282dfd0942093d5e4dcc20f9152ddbca7a130fdaeb1f155cbf701f36dd3f1edc85b2e4dd1b05b3ee19dbe24a811bcd29b0b8683fa9921ac54032cc74279c9d0cff9d9321cfc230270e052038dbdf1da1ad74f29ec21c31ace1ca9d19ead4cdfbf9499e6d3420a973232574360172b8876055b699be72ebf7fc1d045164651d26d21b5fa8c05569c3ce8885999676d33ab5a1f6cfd8c700a0f35ac1101d1f59015801c8e7dac533ce17d9db7b8d8b918d39a86e74ba01a13b5ab6125adc9689ec4865c099fe3c0b5545875b2b50c6f7c26e445502e7b21bfd4022f0d306938dd33d1c724953da708fa743d562d21245a28c5cee785c50f4fc3b65652d7991e9f7f17b6c162f2e558eb1417be2d8c494be6383baa62bd6cd45aa13d554e7d025488fb79a8e16804bd14d58a7a481bac540069be062b1eb9763945f5465e80987c8c8187407e3392ac08a65a7fcd91a18903a468626af37ee21670093c78d30b48ef96ec03e39e0f463239f7f49060ae5a1aeb6ea37245873643c25c41d64ae99158ee5ff51ce4c258a870f97487c422f29f7ea60e783d97cb78d5ef0e9341ab92223877f296d29a1c29bbb91817fe43daf781beb4ed8ea94cd9427eb90f4d16128b3d123c77fafc823e7c4b8c966fa21d42ae5bf8874912df58ec54e31c2849a27325756b2ae57c154424e0f3daa5436085b6489046ddc73e3941a56a52af341706e5c17ab570e8d2fc76c834b74926cd8c018a773741873a20555946e5b77e78ce8972195d003d546301e19871dc0bfd017506bbf068ab219feedb09d8c856eb1fb4126d54e9bdc8d2235117c4bf8de8c43135bc211fbf7400ac4d5f9b496a240ce374fd83fdc862bed9809b8e568fb3e91f939ab5d5f4db3d332d65c8824e77b549383f53ce8469d302e60552931d849ddf72598f3e90165cd4373bed5195f1eb78b1c30a9c3f07abcad87dcb851bc66a7161641459ed6939d38d57c564dd026f916791f7f726db7e3185ded13ad58c17e6a6ad23a6b97b430fc161d3e7410f3ff8a8e8fddee54ec8e045ee4b8a5bf5fc939273f79af08b4af036e2c4d03559e1a244c53d9a1aa8bcd6f85d430cc807b28ccd0d1ad0839e7d5d9c76fd1fe7eb53e80a2a5af7f7db9396080e525534a45d14d9a0947fc01157930e1102a9b93fcec9999bf99871a695dc45092bfc237fb0ee9c98326438817e287529b1e25e0c007af398ae0778ab89186a7aece595505c488ed7bbefd12304fc2ecf1990aa18ae63c87403ba9308b1c7ad768074d74fe0744f645e0d45bdaec9484586eb10aa06251ff18d21eb98bdb75405cd8fdb999654da1cb6887e5678b5065151d6cd0a5c56754503239f1fa230c81eb874bef8eddd34dad77e2e699eda735c29bbcc2d7b76dcc291e6ff62ec3d834826f5d9e18ee506212595a95d23b7eed92ff71d7e2e7486284592b7194704084de008aa2ddb9f573154e6e6f3eb3a9008aa591e5444c4c944071652c21ac8ea32e5a03d2a99afe092736cd74fc7e77a24379cf8a8cad37f0486119404363886e8b6460a3ff5165ae079c1d7aae73b4797b95f142a64726851081b3635f7475d2c72d8b0eb0e8bf12ada35419800e25e50326a5e63dacf62ebd7f8443524e594a0ab248eac8db41fb8ddaedb32f78cd1863fd65ff604f3e1a44d1bd517e000e00d0414d4d4dc3be241114c96eb450a17f04f37b3e87c0b515d1a7feb3d2ff95094a7e18ab72aeff12b1bf7fedc53d09590a006eb7441261d87a85ce7026c85e0c6ef473f6a0ceed06c0122fc5c372479719abbe6c55940a810bd659c5427fc35ba5e4bbd87f08fd99a8133fbf0edd45cceb1be0a19be42314e297ac264257019614280e6353bea72edebc19296d1dc2abd1927af7d224298de7059bb9f2f0dd6c5af9392f53b5c46779e769cdff46d1a4bb8eca0ece239dc977a936a9380e0998aa38167c6b7317f82228cbab49393bd5b4c5ac303d318b54b22d111d52e09f1b1a6660fbc77b36ff76a970a9bc833f7964a65635d75275019514e54710f3c95fc83625510e4a08b1408869c5440552a92ef6321d44ecfd4904889f71f04b08504d5e48810300ae20c4deba2ef3a5ec8692551f9381bf264f4e6aeffafa4004615057855cce8908a7b94ed1996cbb5ca66b1fff146902cdf5d8decbbba148b2a460075547d19345c5f993cbc140a2e4d86912c5619de66d5dcbd21529e20b5f3144270b7f8f7f31d08cc57e4603f98cc431c0fae62ac18ad03d3ea237fd4552550b2f3083e632963bd7319b6df571ee605bdcc11c069c1858c0a5590e3e3fdbbfa53631a7b8b396b307e608655ce10e843e4c2d6ac8b80768799754ed47c7dc6a3fb8a845db3b4aa29b8f920d9bda82d284d9e0eda8ff7b8f608fe9b40d34e1caedd55a55974d007c9da28f83cad56d34f5c988cb9824df293303fbb949b9d829c6a9f4e2f6040faaec58a21f8026200b76f334762df93f5b9059121c7d5cefe738eb4fd87ed3aab41a2c1e1f63c758785eb656e59bfca35d8966a04fa97acc2ce7a85d3cd81726df0aa24d800c42b7b797eb35dd1886b9276de847aeb0d5ac3f5671be38109cf91f0d4bcfea56fb646941b2ee4f81f147ac564b45a50e61f5fbb8a5c79bb507d84af26d0465aa44dc6bf0c99b9627e0b3a2123106ededc8cd844517a540150425b07bf06467db83fcb6db95d7dd8bebc8794ab41c5acc5e7722bc4cbf71197fd6d61482b0c1fb1a73adfcaab07a79f4b931b82749950e6936eddbbdf934a37d66e566ca4dd90aded99d59a7d4187925067825c44bb791c46e177d0c35f43eb02d0141feaf34e2858f9cff72ea32248168c1c7fd75f5001f413a71e7eefbf164f8a5f510f2de9facc6549d9f21173ae3d53fc90f733f032d2720be8417553fa4adf3d5e33be4450c13eb2329b5a229d5602b679a244dcb04a2f505d06c38edb6a78df628073b44ad5c3e9466053fe736ec3789ed36ba2a6b5cb4b0c71facc89a98f0fb37e4b2506b08610bb7ca20ae72fdb129ce18a5be5ce94c6356116d396da6bd35edf25780c2a136970a8943268251f192812a56633ab540ddd705674ccdbc554ec8fa20444922b8e3a722da42a4501414c6cabe075d6f7ecd3d3ea6ad1030907343954f06ecd982ba9cda0fd0bbc6279acfd88c18e69e8ec38b4f8ccc0fe81e6e2e3998a89058ac539a770eac46189698a6ebf70cbeefbf5597b8b57d7f33f4516a0b01cf92f1d61452c597fb6ce45925eed500138167a429e7e4b8544b6062e258933e0460621cea474fbf8a1ecde0f7c1ac859e2d35da95280caba639704c8409b9b463fb1029e84a568a321d1247d71834848834949529d44e841391fb0663980caa8182e3bb7b07bcab997be822679b778e2d2c87f00968e4a247c5520853674e14f866047137a92329e3e29514957d8cb32d3d01f7a8554299d02fa15f3d526b7141c793f6f3cc169758946a02a0846e08824a34db6eab42d7e21aef4271192c64f2e3b9503868c3568760b252d17a317307d4711eaa6fecff04067c3227ff27a400059d6a24ab68db68948932c27a88f5f72fb304e9031b807e832c3d295968e701706cec6a160232ba26a0ec2b9aff097af680dd841d97790552524b2363c7efeefd1eb14c0df06ded6ac386272e1025026287ef29103b7e6fa7101fefa7068f0b2dca254d7f5a312d0efb3849fa0eb9c3b5258201d74647ff2ab30768d9f6c4215e9922344aeb8967e8d1c0b0003002c2d21212c5b00009299b6b1a5193e210e09b608b3cacb8d150897b966dbd9539d0bc672b4c741c95ecae8c54be0368ef21f185654a9536ce638aab409338dbe15adfcc190099cedac1dc302ca659c5fcc43e1df830c3c1c24c8004380b700c30013a12a59914f9c7fbcc9acd4f29d8a6bc0bed5e24ce9730f3e407603460ef3a1998bcaf52fac7143fb0da05f644893b6a6e1d7834db89ed0afbefd0c67d7be24c9b8acc7dc57921b460c6b8c55b0edb79901ee7c4884db8b6cb9e034deaed2fbd0624d7a061034c92450bce5cc58b49e4d77f41a4d383e8f63dda0a5598f2c30a29034fc4d84bb41c9904db7049c58de98f31f70b1e28678fa2291df9c00bacd3267ab147e7f474c35c2c191439c55364a82e10008004600", @ANYRES32=r10, @ANYBLOB="04807d8000"], 0x11a0}, {&(0x7f0000001680)={0x38, 0x3a, 0x300, 0x70bd2b, 0x25dfdbff, "", [@nested={0x28, 0x6d, 0x0, 0x1, [@typed={0x14, 0x15b, 0x0, 0x0, @ipv6=@private1}, @nested={0x4, 0x1e}, @nested={0x4, 0x13d}, @typed={0x8, 0x10e, 0x0, 0x0, @u32=0x2}]}]}, 0x38}, {&(0x7f00000016c0)={0x210, 0x34, 0x20, 0x70bd2d, 0x25dfdbfc, "", [@typed={0x78, 0x2e, 0x0, 0x0, @binary="735bf48ef0e514d2ee7915e76c4dd931f578c407493f71ea74cbe1db8f7645a4ec10a86e0aa886e72e23cbe173df828feae150da19e2b3e180e8631244bc3e5591c2d67a7b043204e7ec205ffde49cbc73aaae01d4ee10a5c219a45529faf0752e05635a981ad8fc8a18a58f656bc629989d9570"}, @typed={0x8, 0xac, 0x0, 0x0, @fd=r2}, @nested={0x16f, 0x10, 0x0, 0x1, [@generic="a54555fe48f602eaed7787ade0e6102a58e3f9a3e01b97db4b035eee77a5d9026e36ccf68623f933828a7c2c488702de03eaf353d21a2190b1ad6840a777168e9a3722e0d8e6c5033699ae59f8c574e6ace6776bfc10431cd8eb53cdf08daa05b0ff86acef418370a95e7b12f1bf3cbf3555c0211b95b199fd70052e4e0d", @generic="bd9c5657cefc19754bb5e090d7d64f475402de429933c8ee436735696da4bc6f4b623aa22e3b8e573623cd3a28ebcfcc239ebd3f4d3ac898f1f28e3926f41050808c39fc2838a9052c55983a09ea9ec94e0c2c9f08a0b949aeb9262117be395fa71dd61ac51b655c9301c4a4c18cbc0622d522257dbc9ae887da09f69dafe65ee4ac01c39d6c34e8c02181f555739dc185738a78800817fb4cca70038aaa2bb7159f254e15ad82bcd808fe643d51c9281fd80cc692452f7231432777e005b4186db8754bd7050d05bf123fbd050f522d90cc4e1735be34f32b13ba90d0804b19dd12cbc10ffc7c9101", @typed={0x4, 0x120}]}, @generic="ad78b6c797d2a6be9b413e3c4d18a87d"]}, 0x210}], 0x3, 0x0, 0x0, 0x1040}, 0xf42d97c1a5a0dfa0)

1.03934121s ago: executing program 9 (id=6535):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7ffe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0xe, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1a29d}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffff55a, 0x4, 0x1, 0x3, 0x9}, 0x22}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x884}, 0x2)
close(r1)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f0000000540)=@xdp={0x2c, 0x0, r3, 0x42, 0x30000}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000002c0)="27030200dc0f14000e00203c002400034000ff8800000066c1532cc10200000003125ce882cbf490d90812533f00", 0x2e}], 0x1}, 0x4005)

929.499843ms ago: executing program 5 (id=6537):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x28, 0x11, 0x2, 0x70bd27, 0x25dfdbfb, {0xb}, [@generic="ea2cddddd56b2f2c2817deb1f961fd0b96182e41"]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
r2 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r3, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x1ffd, 0x0, 0x1f)
ioctl$BLKPBSZGET(r3, 0x127b, &(0x7f00000001c0))
mount_setattr(0xffffffffffffffff, 0x0, 0x100, &(0x7f0000000000)={0x10001f, 0xfa, 0x20000, {r2}}, 0x20)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x12, 0x6, 0x1, 0x2, 0x0, 0x70bd2a, 0x25dfdbfb}, 0x10}}, 0x80)

929.299143ms ago: executing program 6 (id=6538):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)={0x14, 0x4, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x80a6}, 0x4040804)

870.378175ms ago: executing program 6 (id=6539):
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f00000000c0)=ANY=[@ANYBLOB="7472616e733d72646d612c706f72743d3078303d92d9dea6677f376cac5c996532302c00"])

869.85792ms ago: executing program 5 (id=6541):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xc}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000007000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

818.204803ms ago: executing program 6 (id=6542):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xa4, 0xa4, 0x7, [@enum={0x1, 0x9, 0x0, 0x6, 0x4, [{0xa, 0xc}, {0x3, 0x7ff}, {0x5, 0x5d99}, {0xa, 0x1ff}, {0x9, 0x5}, {0x9, 0x3}, {0x8, 0x2}, {0x4, 0x7}, {0x800}]}, @type_tag={0x4, 0x0, 0x0, 0x12, 0x2}, @enum={0x6, 0x7, 0x0, 0x6, 0x4, [{0x0, 0x8}, {0x8, 0x6}, {0x10, 0xc9}, {0x8}, {0xf, 0x4}, {0xa, 0x79}, {0xb, 0x6}]}]}, {0x0, [0x2e, 0x30, 0x61, 0x30, 0x5f]}}, &(0x7f0000000380)=""/54, 0xc3, 0x36, 0x1, 0xd, 0x10000, @value=r0}, 0x28)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0xc, 0xb3, 0x3f, 0x10019, r0, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0xffffdffd}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x4, 0x0, 0x3, 0x3, 0x0, 0x1, 0xffffffffffffffff}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28}, 0x94)

818.058158ms ago: executing program 5 (id=6543):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000002000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)

817.830337ms ago: executing program 9 (id=6544):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x58)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg/0:0:0:0\x00', 0x0, 0x0)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000040))
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000083c0)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d878000000092095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734bc5862ef52983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1d7abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fd92bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f46dc53a26fd997f3af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c529a11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff14427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c97cba5ca94ef1c555d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3beb018000000000000007bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d80000000000000007e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a650b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad15f0aa6fcf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d043e26fca3a64eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5b38f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077be00000000d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57229121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc654ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f900", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x1fffffffe, 0x8, 0x6, 0x6, 0x7ff, {0x5, 0x8010001, 0x7, 0x40c, 0x6, 0x20000000, 0xed1, 0x2, 0x5, 0xc000, 0x7ff, r3, r4, 0x3d4, 0x20000002}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0/file0\x00', 0x121003, 0x0)
statx(r5, &(0x7f0000000100)='./file0/file0\x00', 0x100, 0x7ff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
fchownat(r5, &(0x7f00000000c0)='./file0/file0\x00', 0xffffffffffffffff, r6, 0x400)
execve(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000480)={[&(0x7f0000000300)='fuse\x00', &(0x7f0000000440)='\x00']}, &(0x7f0000000740)={[&(0x7f00000004c0)='\x00', &(0x7f0000000500)='{]0\'}&*\x00', &(0x7f0000000540)='\x00', &(0x7f00000005c0)='\x00', &(0x7f00000006c0)='fuse\x00', &(0x7f0000000700)='!.:\x00']})
write$FUSE_INIT(r1, &(0x7f0000000280)={0x50, 0x0, r2, {0x7, 0x26, 0x5, 0x6100083a, 0x8, 0xfffc, 0x6, 0x5d2186cc, 0x0, 0x0, 0x4, 0x10001}}, 0x50)

817.659448ms ago: executing program 5 (id=6545):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000240)={{0x77359400}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mprotect(&(0x7f00005cc000/0x1000)=nil, 0x1000, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000340)={0x80000000, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x444242, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000004c0)={0xe, 0xadc, &(0x7f0000000180)="6cfc780cddbfa381bd3340246fddb09cbde1b5a206eee55f844f49f4203dcce5925f2b29030cbe1804e261505664683d1cd2029df65f6134114a537fe7e8bba2fb609495bcbe116e96cc44df92d8acdc2c", &(0x7f0000000480)="d46fb37504584799ae3a020ad4dcd2bc92715581995f91e41504f1cb3910da3eeae5da178b4b102fb29f76a0d9161812c6cf24c0a481af79", 0x51, 0x38})
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROMEJECT_SW(r1, 0x530f, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0xa041, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000240)={{0x1, 0x1, 0xea, 0xffffffffffffffff, {0x5}}, './file0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000540)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

748.753814ms ago: executing program 6 (id=6546):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xa8}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_vs_stats_percpu\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x20, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0xc, 0x17, 0x0, 0x0, @u64}]}, 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x80000)
write$cgroup_pid(r2, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x0, 0xa, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000002d40)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x2019}}}, 0x7)
ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

599.473075ms ago: executing program 9 (id=6548):
socket$pptp(0x18, 0x1, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x40010)
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10008000}, 0x40095)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x34, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

430.225913ms ago: executing program 8 (id=6549):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10008000}, 0x40095)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

393.194163ms ago: executing program 9 (id=6550):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x18010, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
file_setattr(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x60, 0x8001, 0x6, 0x0, 0xe}, 0x18, 0xffffff8c)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000002140)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fff30000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0xfffffffffffffff5, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

170.747728ms ago: executing program 8 (id=6551):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r1, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0xf9, 0x20000}, 0x20)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r2, 0x0, 0x2, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0xee)
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
sendmsg$inet(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x2, 0x4e27, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1c7c000000000000000000012811b3082d1c3013da08000000e40d9cc99ef6422ea3bdbc33d8c5b30ca65df217c9ee7769", @ANYRES32=0x0, @ANYBLOB="ac1414bbac1414350000000010000000000000000000000007000000"], 0x30}, 0x20000000)

109.298127ms ago: executing program 6 (id=6552):
syz_emit_ethernet(0x66, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x4, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, '\x00', 0x0, 0x3a, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}}}}}}}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a0000ffbbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001011ff00000000000100070000000000000000ff0200000000000000000000000000014f194e20"], 0xfdef)

60.235634ms ago: executing program 8 (id=6553):
r0 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, 0x0, 0x0, r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffbfff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="d800000025"], 0xd8}, 0x1, 0x0, 0x2000000, 0x4004041}, 0x20004440)

60.068635ms ago: executing program 8 (id=6554):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000140)={'wlan1\x00', @random="0100000000eb"})

556.102µs ago: executing program 8 (id=6555):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3800000023000701feffffff02000000027c0000040042800c00000000000000000914bb140002"], 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0x4800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000e200000061194c00000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x80)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00')
read$FUSE(r1, &(0x7f0000000080)={0x2020}, 0x2020)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)

303.088µs ago: executing program 6 (id=6556):
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x40, 0x83)
r1 = creat(&(0x7f00000002c0)='./file0/file1\x00', 0x4)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1)
fdatasync(r0)

0s ago: executing program 8 (id=6557):
r0 = mq_open(&(0x7f0000001880)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\x1c`\xbd\xe1e\x80\x7f\xd2&l0\xc1b\xac\x8b\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL%Jw\x99y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3\x05\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xc8\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xc7\xa7\x82\xb9V}`\xb7\xfc@\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5m\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v>\x9b\n0\xb2 h\xad5\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\'/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f9\xce\x1eYV\xa2\xc4\x03PV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x9b\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xd1\x06F\xef\xbd\xeb\xf0\'\f\f\x003\xecp\x18\x9e\x1d\xeaH\xdaQ%+\xf4\xae\xab0\b\x17W\xba\xaf4E\xe62\xefm\xdd+\xb2\x1b:\xc0cc\x97\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x97s\x03`\xba\xf1\xdb\x05\xe5C)\x8f\xbchyL1:\xc2\xea\x8a\xfc\tq\xfa\xec&\xc7\xde\xf4\xf2\xb9\xe1\xa1\x80)1\xbe@Bt\xb7\xce\xc9\xee\xa8v\t\xfa,\xa2\x9a\xa3\\\xfbM\xb5\xfd\xa9\xe3\x9f\xf7\x85\x87w\x1d]& 8\xb5\xba\xea\xad\xa9\xd4V\xf1\xe9\xaaT\xc8\xff\xaf\xef\x91\xca\x9c\x80\xbeYd]\xfb\x1a\x96?\xb6\xd7{X\xa1H\xeb\xce\xd7\xb7\xf7\x15\xd6\x88\x91\xef{\xf8K@\xb6ch\x1e\x16\xd5m@\xa8\x91\xa5\xc5@\xa7\x00\xab\xc5\xc8\xc8\x9c\xe3:\xac\x1eG\xa0e\'/\x15G\x8e\xe5\x16\xd5S ]\xf8\xa1\xa46\x9a\xf0d!\xc8\x81S\xbc\x18\xdf\xa0\xfek\xb0(\xf7\xba5\x8e\xe5A\xd5l\xfbp\xcb\xa8\xf0b\x91\xc4\xd3+)Sy\x81\xe3\r%C\x03enM\xf1\xdf\xe3b\xb7\x9b\f\x82\xb1z\xcf^\x06\xcd\xa2\x96\xe3\xd5\xbd@1\xbe\x02\xad\\\x89\xd0\xe0\xa8\x11\xb4B\\\x14\\\xed5\x9c\xd7n\x8d\xec\xb5\xcc\xf8q', 0x42, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0xa, 0x0)
close(r0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
write$binfmt_format(r1, &(0x7f0000000100)='0\x00', 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6012000800103afffe8000000000000000000000000000bbff020000b204eaf21950113e4f9e50832f01ef9078000900030000000000004029375a289708626b2373f4e231029e4caa8bca32a958214c5151f5af7939c69c11fcb1c4c10f3e0d72a781ff5e2e50e13db6158a25026d5646f70aa3d962facbb68079d12373ce1e6da14c370460cc33365fb20ddbcfe87e0382751f48a17793fc5947a046a687c6961b3000c3045f8a7500ff3e5cc982124209f9e261c5ee50d75b05e7331fba5f659f00d11d491252a9c2f1e9e7641c0ec77a0daa41eba777f7c860753997e94c8529e7ef2199fa7369a623ec4dbf3cfcebfda2d7279d7f21660f6d17bb1b2434c9064cef888a4ce0f35011e3898fd5d8093fb3b464bda0e47ac19bf63d2e52dbb97fda"], 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x78, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
sendmmsg$sock(r4, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000002c0)="a8ae", 0x2}, {&(0x7f00000003c0)="219f3815", 0x4}], 0x2}}], 0x1, 0x801)
write$qrtrtun(r1, &(0x7f0000000340)="ca0e808b935b", 0x6)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], &(0x7f0000000040)=[0x80002], 0x0, 0x1}}, 0x3c)

kernel console output (not intermixed with test programs):

s: failed lookup in lower (newroot/141, name='file0', err=-40): overlapping layers
[  588.012234][T24293] overlayfs: failed lookup in lower (newroot/141, name='file0', err=-40): overlapping layers
[  588.232587][T24298] overlayfs: failed lookup in lower (newroot/141, name='file0', err=-40): overlapping layers
[  588.421894][T24303] overlayfs: workdir and upperdir must be separate subtrees
[  588.469603][T24305] binder: 24304:24305 ioctl c0306201 200000000040 returned -22
[  588.473302][T24305] binder: 24304:24305 ioctl c0306201 200000000640 returned -22
[  588.621356][T24312] syzkaller0: entered promiscuous mode
[  588.623707][T24312] syzkaller0: entered allmulticast mode
[  588.630425][T24312] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5980'.
[  588.634193][T24312] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5980'.
[  588.640416][T24312] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5980'.
[  588.644098][T24312] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5980'.
[  588.729947][T24317] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  588.760997][T19760] usb 10-1: new full-speed USB device number 7 using dummy_hcd
[  588.786763][T24323] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  588.805078][T24321] netlink: 104 bytes leftover after parsing attributes in process `syz.7.5987'.
[  588.860414][T24326] overlayfs: failed lookup in lower (newroot/148, name='file0', err=-40): overlapping layers
[  588.929362][T19760] usb 10-1: config 0 interface 0 altsetting 255 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  588.934317][T19760] usb 10-1: config 0 interface 0 altsetting 255 endpoint 0x8F has invalid maxpacket 111, setting to 64
[  588.939075][T19760] usb 10-1: config 0 interface 0 has no altsetting 0
[  588.944653][T19760] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  588.951416][T19760] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  588.955058][T19760] usb 10-1: Product: syz
[  588.964238][T19760] usb 10-1: Manufacturer: syz
[  588.972218][T19760] usb 10-1: SerialNumber: syz
[  588.980689][T19760] usb 10-1: config 0 descriptor??
[  588.986188][T24308] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  588.998146][T19760] usb 10-1: selecting invalid altsetting 0
[  589.202346][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.205994][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.209781][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.213265][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.216724][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.220901][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.224501][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.228843][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.231416][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.233907][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.236449][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.239550][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.242177][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.244666][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.247204][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.249771][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.252311][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.254759][T24308] usb 10-1: cannot submit urb 0, error -2: endpoint not enabled
[  589.255525][   T50] usb 10-1: USB disconnect, device number 7
[  589.257509][T24308] usb 10-1: cannot submit urb 0, error -19: no device
[  589.822384][T24365] FAULT_INJECTION: forcing a failure.
[  589.822384][T24365] name failslab, interval 1, probability 0, space 0, times 0
[  589.826273][T24365] CPU: 0 UID: 0 PID: 24365 Comm: syz.8.6002 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  589.826291][T24365] Tainted: [L]=SOFTLOCKUP
[  589.826295][T24365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  589.826302][T24365] Call Trace:
[  589.826306][T24365]  <TASK>
[  589.826311][T24365]  dump_stack_lvl+0x100/0x190
[  589.826334][T24365]  should_fail_ex.cold+0x5/0xa
[  589.826350][T24365]  should_failslab+0xc2/0x120
[  589.826363][T24365]  __kmalloc_cache_noprof+0x7a/0x6f0
[  589.826377][T24365]  ? v9fs_init_fs_context+0x47/0x590
[  589.826392][T24365]  ? lockdep_init_map_type+0x5c/0x250
[  589.826409][T24365]  v9fs_init_fs_context+0x47/0x590
[  589.826420][T24365]  alloc_fs_context+0x60c/0xf40
[  589.826439][T24365]  path_mount+0xdbd/0x23d0
[  589.826457][T24365]  ? __pfx_path_mount+0x10/0x10
[  589.826472][T24365]  ? lockdep_hardirqs_on+0x78/0x100
[  589.826497][T24365]  ? putname+0xb1/0x110
[  589.826510][T24365]  ? kmem_cache_free+0x127/0x6c0
[  589.826529][T24365]  ? __x64_sys_mount+0x293/0x310
[  589.826544][T24365]  __x64_sys_mount+0x293/0x310
[  589.826560][T24365]  ? __pfx___x64_sys_mount+0x10/0x10
[  589.826578][T24365]  ? rcu_is_watching+0x12/0xc0
[  589.826595][T24365]  do_syscall_64+0x115/0x870
[  589.826609][T24365]  ? clear_bhb_loop+0x40/0x90
[  589.826622][T24365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.826633][T24365] RIP: 0033:0x7f999b39ce59
[  589.826643][T24365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  589.826654][T24365] RSP: 002b:00007f999c1e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  589.826665][T24365] RAX: ffffffffffffffda RBX: 00007f999b615fa0 RCX: 00007f999b39ce59
[  589.826672][T24365] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[  589.826678][T24365] RBP: 00007f999c1e8090 R08: 00002000000000c0 R09: 0000000000000000
[  589.826684][T24365] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[  589.826691][T24365] R13: 00007f999b616038 R14: 00007f999b615fa0 R15: 00007fffc2eaed88
[  589.826718][T24365]  </TASK>
[  589.872581][T24369] fuse: Bad value for 'group_id'
[  589.910060][T24369] fuse: Bad value for 'group_id'
[  589.918769][T24370] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6001'.
[  589.921782][T24370] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6001'.
[  590.676054][T24377] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  590.804222][T24385] overlayfs: missing 'lowerdir'
[  590.974486][T24392] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  591.250162][T24397] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.252658][T24397] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.340366][T24397] wg1: left promiscuous mode
[  591.394987][T24397] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  591.413668][T24397] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  591.614211][T10047] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  591.619322][T10047] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  591.622931][T10047] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  591.623609][T24408] netlink: 208240 bytes leftover after parsing attributes in process `syz.7.6015'.
[  591.626231][T10047] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  591.641294][T10047] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  591.644734][T10047] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  591.648719][T10047] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  591.652422][T10047] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  591.683040][   T40] kauditd_printk_skb: 187 callbacks suppressed
[  591.683058][   T40] audit: type=1400 audit(1780010896.991:1856): avc:  denied  { read write } for  pid=22167 comm="syz-executor" name="loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  591.696684][   T40] audit: type=1400 audit(1780010897.001:1857): avc:  denied  { open } for  pid=22167 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  591.701591][T24411] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  591.710610][   T40] audit: type=1400 audit(1780010897.001:1858): avc:  denied  { ioctl } for  pid=22167 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=666 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  591.713003][T24411] FAULT_INJECTION: forcing a failure.
[  591.713003][T24411] name failslab, interval 1, probability 0, space 0, times 0
[  591.721085][   T40] audit: type=1400 audit(1780010897.011:1859): avc:  denied  { mounton } for  pid=24410 comm="syz.7.6016" path="/153/bus" dev="tmpfs" ino=894 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  591.727408][T24411] CPU: 1 UID: 0 PID: 24411 Comm: syz.7.6016 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  591.727434][T24411] Tainted: [L]=SOFTLOCKUP
[  591.727440][T24411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  591.727450][T24411] Call Trace:
[  591.727456][T24411]  <TASK>
[  591.727463][T24411]  dump_stack_lvl+0x100/0x190
[  591.727487][T24411]  should_fail_ex.cold+0x5/0xa
[  591.727511][T24411]  ? tomoyo_realpath_from_path+0xb6/0x690
[  591.727535][T24411]  should_failslab+0xc2/0x120
[  591.727554][T24411]  __kmalloc_noprof+0xe0/0x850
[  591.727578][T24411]  ? kfree+0x1dd/0x6c0
[  591.727604][T24411]  tomoyo_realpath_from_path+0xb6/0x690
[  591.727634][T24411]  tomoyo_path_number_perm+0x23c/0x580
[  591.727658][T24411]  ? tomoyo_path_number_perm+0x22e/0x580
[  591.727684][T24411]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  591.727707][T24411]  ? rcu_is_watching+0x12/0xc0
[  591.727734][T24411]  ? kfree+0x1dd/0x6c0
[  591.727783][T24411]  ? current_check_access_path+0x269/0x430
[  591.727808][T24411]  ? __pfx_current_check_access_path+0x10/0x10
[  591.727830][T24411]  ? do_raw_spin_unlock+0x145/0x1e0
[  591.727856][T24411]  ? _raw_spin_unlock+0x28/0x50
[  591.727881][T24411]  ? lookup_one_qstr_excl+0xaf/0x250
[  591.727938][T24411]  tomoyo_path_mkdir+0x9b/0xe0
[  591.727958][T24411]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[  591.727991][T24411]  security_path_mkdir+0x154/0x2e0
[  591.728013][T24411]  filename_mkdirat+0x168/0x5e0
[  591.728041][T24411]  ? __pfx_filename_mkdirat+0x10/0x10
[  591.728066][T24411]  ? strncpy_from_user+0x19d/0x2d0
[  591.728093][T24411]  ? do_getname+0x191/0x390
[  591.728123][T24411]  __x64_sys_mkdirat+0x89/0xc0
[  591.728148][T24411]  do_syscall_64+0x115/0x870
[  591.728172][T24411]  ? clear_bhb_loop+0x40/0x90
[  591.728195][T24411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.728212][T24411] RIP: 0033:0x7fc4def9ce59
[  591.728228][T24411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  591.728246][T24411] RSP: 002b:00007fc4dfd78028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  591.728265][T24411] RAX: ffffffffffffffda RBX: 00007fc4df215fa0 RCX: 00007fc4def9ce59
[  591.728281][T24411] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  591.728292][T24411] RBP: 00007fc4dfd78090 R08: 0000000000000000 R09: 0000000000000000
[  591.728303][T24411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  591.728314][T24411] R13: 00007fc4df216038 R14: 00007fc4df215fa0 R15: 00007fff099ea6d8
[  591.728340][T24411]  </TASK>
[  591.728349][T24411] ERROR: Out of memory at tomoyo_realpath_from_path.
[  591.735403][   T40] audit: type=1400 audit(1780010897.021:1860): avc:  denied  { prog_run } for  pid=24413 comm="syz.8.6017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  591.747943][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.763917][   T40] audit: type=1400 audit(1780010897.071:1861): avc:  denied  { create } for  pid=24415 comm="syz.6.6018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  591.764464][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.767005][   T40] audit: type=1400 audit(1780010897.071:1862): avc:  denied  { bind } for  pid=24415 comm="syz.6.6018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  591.769349][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.771381][   T40] audit: type=1400 audit(1780010897.081:1863): avc:  denied  { setopt } for  pid=24415 comm="syz.6.6018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  591.773124][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.775513][   T40] audit: type=1400 audit(1780010897.081:1864): avc:  denied  { accept } for  pid=24415 comm="syz.6.6018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  591.778158][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.779275][T24417] syzkaller0: entered promiscuous mode
[  591.779295][T24417] syzkaller0: entered allmulticast mode
[  591.780189][   T40] audit: type=1400 audit(1780010897.081:1865): avc:  denied  { write } for  pid=24415 comm="syz.6.6018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  591.782279][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.901029][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.904201][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  591.907422][T24414] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  592.131384][T24431] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6023'.
[  592.168198][T24438] wg1: entered promiscuous mode
[  592.170657][T24438] FAULT_INJECTION: forcing a failure.
[  592.170657][T24438] name failslab, interval 1, probability 0, space 0, times 0
[  592.175688][T24438] CPU: 0 UID: 0 PID: 24438 Comm: syz.5.6024 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  592.175715][T24438] Tainted: [L]=SOFTLOCKUP
[  592.175722][T24438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  592.175733][T24438] Call Trace:
[  592.175740][T24438]  <TASK>
[  592.175747][T24438]  dump_stack_lvl+0x100/0x190
[  592.175774][T24438]  should_fail_ex.cold+0x5/0xa
[  592.175799][T24438]  ? udp_init_sock+0x24e/0x450
[  592.175816][T24438]  should_failslab+0xc2/0x120
[  592.175837][T24438]  __kmalloc_noprof+0xe0/0x850
[  592.175864][T24438]  ? lockdep_init_map_type+0x5c/0x250
[  592.175913][T24438]  udp_init_sock+0x24e/0x450
[  592.175933][T24438]  ? __pfx_udp_init_sock+0x10/0x10
[  592.175952][T24438]  inet_create+0x94c/0x1060
[  592.175978][T24438]  ? inet_create+0x94/0x1060
[  592.176007][T24438]  __sock_create+0x339/0x860
[  592.176035][T24438]  udp_sock_create4+0xa6/0x450
[  592.176056][T24438]  ? __pfx_udp_sock_create4+0x10/0x10
[  592.176079][T24438]  ? find_held_lock+0x2b/0x80
[  592.176096][T24438]  ? wg_socket_init+0x434/0xf10
[  592.176128][T24438]  wg_socket_init+0x739/0xf10
[  592.176160][T24438]  ? __pfx_wg_socket_init+0x10/0x10
[  592.176185][T24438]  ? trace_contention_end+0x122/0x170
[  592.176211][T24438]  ? __mutex_lock+0x26d/0x1b10
[  592.176239][T24438]  ? __pfx_wg_receive+0x10/0x10
[  592.176267][T24438]  ? __pfx___mutex_lock+0x10/0x10
[  592.176291][T24438]  ? __pfx_ib_device_get_by_netdev+0x10/0x10
[  592.176314][T24438]  ? netconsole_netdev_event+0x63a/0xc50
[  592.176339][T24438]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  592.176369][T24438]  wg_open+0x231/0x4d0
[  592.176390][T24438]  ? __pfx_wg_open+0x10/0x10
[  592.176411][T24438]  __dev_open+0x3ad/0x8f0
[  592.176431][T24438]  ? __pfx___dev_open+0x10/0x10
[  592.176452][T24438]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  592.176488][T24438]  netif_open+0xf2/0x160
[  592.176508][T24438]  ? __pfx_netif_open+0x10/0x10
[  592.176529][T24438]  ? __kmalloc_noprof+0x320/0x850
[  592.176559][T24438]  dev_open+0xb2/0x260
[  592.176578][T24438]  team_add_slave+0x5f7/0x1c70
[  592.176604][T24438]  ? __pfx_team_add_slave+0x10/0x10
[  592.176622][T24438]  ? __pfx___dev_change_flags+0x10/0x10
[  592.176647][T24438]  ? find_held_lock+0x2b/0x80
[  592.176662][T24438]  ? validate_linkmsg+0x57c/0xba0
[  592.176688][T24438]  ? is_bpf_text_address+0x8a/0x1a0
[  592.176715][T24438]  ? __pfx_team_add_slave+0x10/0x10
[  592.176732][T24438]  do_set_master+0x40f/0x730
[  592.176758][T24438]  ? netif_change_flags+0x60/0x160
[  592.176788][T24438]  do_setlink.isra.0+0xb2b/0x3e60
[  592.176813][T24438]  ? __pfx_do_setlink.isra.0+0x10/0x10
[  592.176834][T24438]  ? __lock_acquire+0x4a5/0x2630
[  592.176866][T24438]  ? lock_acquire+0x1b1/0x370
[  592.176891][T24438]  ? rcu_is_watching+0x12/0xc0
[  592.176918][T24438]  ? trace_contention_end+0x122/0x170
[  592.176942][T24438]  ? __mutex_lock+0x26d/0x1b10
[  592.176966][T24438]  ? rtnl_newlink+0x8bb/0x2380
[  592.176988][T24438]  ? __pfx___mutex_lock+0x10/0x10
[  592.177012][T24438]  ? rcu_is_watching+0x12/0xc0
[  592.177038][T24438]  ? cap_capable+0x10b/0x440
[  592.177081][T24438]  ? full_name_hash+0xbc/0x100
[  592.177109][T24438]  ? netdev_name_node_lookup+0x107/0x150
[  592.177137][T24438]  rtnl_newlink+0x11c2/0x2380
[  592.177164][T24438]  ? __pfx_rtnl_newlink+0x10/0x10
[  592.177179][T24438]  ? find_held_lock+0x2b/0x80
[  592.177196][T24438]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  592.177216][T24438]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  592.177242][T24438]  ? avc_has_perm_noaudit+0x145/0x3b0
[  592.177269][T24438]  ? __lock_acquire+0x4a5/0x2630
[  592.177304][T24438]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  592.177322][T24438]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  592.177341][T24438]  ? __pfx_rtnl_newlink+0x10/0x10
[  592.177359][T24438]  rtnetlink_rcv_msg+0x95e/0xe90
[  592.177380][T24438]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  592.177417][T24438]  ? __lock_acquire+0x4a5/0x2630
[  592.177445][T24438]  netlink_rcv_skb+0x159/0x420
[  592.177473][T24438]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  592.177492][T24438]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  592.177523][T24438]  ? netlink_deliver_tap+0x1ae/0xcc0
[  592.177550][T24438]  netlink_unicast+0x585/0x850
[  592.177576][T24438]  ? __pfx_netlink_unicast+0x10/0x10
[  592.177605][T24438]  netlink_sendmsg+0x8b0/0xda0
[  592.177633][T24438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  592.177653][T24438]  ? __might_fault+0xa0/0x140
[  592.177689][T24438]  ____sys_sendmsg+0x9e1/0xb70
[  592.177710][T24438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  592.177734][T24438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  592.177766][T24438]  ___sys_sendmsg+0x190/0x1e0
[  592.177791][T24438]  ? __pfx____sys_sendmsg+0x10/0x10
[  592.177844][T24438]  __sys_sendmsg+0x170/0x220
[  592.177872][T24438]  ? __pfx___sys_sendmsg+0x10/0x10
[  592.177911][T24438]  ? rcu_is_watching+0x12/0xc0
[  592.177940][T24438]  do_syscall_64+0x115/0x870
[  592.177963][T24438]  ? clear_bhb_loop+0x40/0x90
[  592.177984][T24438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.178003][T24438] RIP: 0033:0x7f1bf939ce59
[  592.178019][T24438] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  592.178036][T24438] RSP: 002b:00007f1bfa20a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  592.178053][T24438] RAX: ffffffffffffffda RBX: 00007f1bf9615fa0 RCX: 00007f1bf939ce59
[  592.178065][T24438] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  592.178076][T24438] RBP: 00007f1bfa20a090 R08: 0000000000000000 R09: 0000000000000000
[  592.178087][T24438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  592.178098][T24438] R13: 00007f1bf9616038 R14: 00007f1bf9615fa0 R15: 00007ffeb5dc8dc8
[  592.178122][T24438]  </TASK>
[  592.383563][T24438] wireguard: wg1: Could not create IPv4 socket
[  592.575071][T24458] IPVS: sync thread started: state = MASTER, mcast_ifn = batadv0, syncid = 0, id = 0
[  592.623314][T24463] misc userio: No port type given on /dev/userio
[  592.624576][T24463] misc userio: No port type given on /dev/userio
[  592.945805][T10037] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  592.948709][T10037] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  592.952246][T10037] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  592.955823][T10037] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  592.961363][T10037] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  592.965279][T10037] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  592.971926][T10037] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  592.975580][T10037] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  593.047015][T24482] xt_policy: neither incoming nor outgoing policy selected
[  593.311236][T24502] __nla_validate_parse: 2 callbacks suppressed
[  593.311249][T24502] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6046'.
[  593.428535][T24505] syzkaller0: entered promiscuous mode
[  593.430266][T24505] syzkaller0: entered allmulticast mode
[  593.808107][T24515] bond0: entered promiscuous mode
[  593.810496][T24515] bond_slave_0: entered promiscuous mode
[  593.813174][T24515] bond_slave_1: entered promiscuous mode
[  593.816862][T24515] batadv0: entered promiscuous mode
[  593.820430][T24515] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  593.825142][T24515] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  593.836747][T24515] 8021q: adding VLAN 0 to HW filter on device hsr1
[  593.842133][T24515] bond0: left promiscuous mode
[  593.844233][T24515] bond_slave_0: left promiscuous mode
[  593.846688][T24515] bond_slave_1: left promiscuous mode
[  593.850782][T24515] batadv0: left promiscuous mode
[  594.076850][T24531] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6058'.
[  594.083905][T24531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  594.087698][T24531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  594.337222][ T5840] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  594.349077][T24550] overlayfs: missing 'lowerdir'
[  594.349096][T24549] overlayfs: missing 'lowerdir'
[  594.355053][T24549] binder: 24548:24549 ioctl c018620c 200000000040 returned -22
[  594.358348][T24550] netlink: 'syz.8.6063': attribute type 30 has an invalid length.
[  594.372984][T24550] bond5: option arp_missed_max: invalid value (0)
[  594.375149][T24550] bond5: option arp_missed_max: allowed values 1 - 255
[  594.379342][T24550] bond5 (unregistering): Released all slaves
[  594.507522][ T5840] usb 11-1: Using ep0 maxpacket: 8
[  594.513859][ T5840] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  594.518117][ T5840] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  594.525352][ T5840] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  594.530303][ T5840] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  594.535274][ T5840] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  594.540239][ T5840] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  594.546160][ T5840] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  594.552251][ T5840] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.761853][ T5840] usb 11-1: usb_control_msg returned -32
[  594.764590][ T5840] usbtmc 11-1:16.0: can't read capabilities
[  594.987759][T24565] syzkaller0: entered promiscuous mode
[  594.990121][T24565] syzkaller0: entered allmulticast mode
[  595.114017][T24532] usbtmc 11-1:16.0: usb_control_msg returned -32
[  595.121659][T24532] netlink: 187972 bytes leftover after parsing attributes in process `syz.6.6058'.
[  595.121687][T24531] netlink: 187972 bytes leftover after parsing attributes in process `syz.6.6058'.
[  595.130705][ T5883] usb 11-1: USB disconnect, device number 3
[  595.263227][T24576] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6073'.
[  595.267696][T24576] overlay: Unknown parameter 'fowner'
[  595.384197][T24580] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  595.395383][T24580] syz_tun: entered allmulticast mode
[  595.402022][T24579] syz_tun: left allmulticast mode
[  595.460763][T24584] syzkaller0: entered promiscuous mode
[  595.462582][T24584] syzkaller0: entered allmulticast mode
[  595.827956][T24595] netlink: 'syz.8.6080': attribute type 21 has an invalid length.
[  595.911369][  T217] nci: nci_ntf_packet: unknown ntf opcode 0x104
[  596.654129][T24607] overlayfs: failed to resolve './bus': -2
[  596.755092][T24609] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6084'.
[  596.758050][T24609] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6084'.
[  596.763023][   T40] kauditd_printk_skb: 222 callbacks suppressed
[  596.763407][   T40] audit: type=1400 audit(1780010902.071:2088): avc:  denied  { module_request } for  pid=24608 comm="syz.8.6084" kmod="net-pf-22" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  596.800789][T24609] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6084'.
[  596.804712][T24609] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6084'.
[  596.850077][   T40] audit: type=1400 audit(1780010902.161:2089): avc:  denied  { read } for  pid=24612 comm="syz.8.6085" dev="nsfs" ino=4026534096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  596.856732][   T40] audit: type=1400 audit(1780010902.161:2090): avc:  denied  { open } for  pid=24612 comm="syz.8.6085" path="net:[4026534096]" dev="nsfs" ino=4026534096 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  596.880991][   T40] audit: type=1400 audit(1780010902.191:2091): avc:  denied  { read write } for  pid=24612 comm="syz.8.6085" name="fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  596.885195][T24613] fuse: Bad value for 'user_id'
[  596.888716][   T40] audit: type=1400 audit(1780010902.191:2092): avc:  denied  { open } for  pid=24612 comm="syz.8.6085" path="/dev/fuse" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  596.890213][T24613] fuse: Bad value for 'user_id'
[  596.898430][   T40] audit: type=1400 audit(1780010902.191:2093): avc:  denied  { mounton } for  pid=24612 comm="syz.8.6085" path="/181/file0" dev="tmpfs" ino=1075 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  596.955560][   T40] audit: type=1400 audit(1780010902.261:2094): avc:  denied  { write } for  pid=24612 comm="syz.8.6085" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  596.963865][   T40] audit: type=1400 audit(1780010902.261:2095): avc:  denied  { open } for  pid=24612 comm="syz.8.6085" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  596.971778][   T40] audit: type=1400 audit(1780010902.271:2096): avc:  denied  { ioctl } for  pid=24612 comm="syz.8.6085" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  597.427337][   T62] Bluetooth: hci0: command 0x1003 tx timeout
[  597.427399][ T5736] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  597.492677][   T40] audit: type=1400 audit(1780010902.801:2097): avc:  denied  { write } for  pid=24614 comm="syz.7.6086" name="001" dev="devtmpfs" ino=746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  597.522288][T24615] netlink: 'syz.7.6086': attribute type 39 has an invalid length.
[  598.832576][T24597] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  598.939177][T24613] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6085'.
[  598.968053][T24633] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  598.994375][T24636] overlayfs: failed to resolve './bus': -2
[  599.025100][T24640] fuse: Bad value for 'fd'
[  599.051341][T24642] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6094'.
[  599.055068][T24642] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  599.060696][T24642] IPv6: NLM_F_CREATE should be set when creating new route
[  599.063749][T24642] IPv6: NLM_F_CREATE should be set when creating new route
[  599.126672][T24649] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6097'.
[  599.321570][ T5736] Bluetooth: hci5: unexpected event for opcode 0x0c22
[  599.325529][T24654] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  599.444552][T24659] binder: 24651:24659 ioctl 4020ae46 200000000400 returned -22
[  599.448298][T24659] binder: 24651:24659 ioctl ae41 0 returned -22
[  599.637332][ T5883] usb 11-1: new low-speed USB device number 4 using dummy_hcd
[  599.767300][ T5883] usb 11-1: device descriptor read/64, error -71
[  600.018309][ T5883] usb 11-1: new low-speed USB device number 5 using dummy_hcd
[  600.147611][ T5883] usb 11-1: device descriptor read/64, error -71
[  600.257442][ T5883] usb usb11-port1: attempt power cycle
[  600.397300][    T9] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  600.448033][T24674] binder: 24673:24674 ioctl c0306201 2000000003c0 returned -14
[  600.559278][    T9] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  600.567261][    T9] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  600.572380][    T9] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  600.575428][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.607384][ T5883] usb 11-1: new low-speed USB device number 6 using dummy_hcd
[  600.628126][ T5883] usb 11-1: device descriptor read/8, error -71
[  600.787335][    T9] usb 10-1: usb_control_msg returned -32
[  600.789694][    T9] usbtmc 10-1:16.0: can't read capabilities
[  600.887174][ T5883] usb 11-1: new low-speed USB device number 7 using dummy_hcd
[  600.917788][ T5883] usb 11-1: device descriptor read/8, error -71
[  601.000123][T22380] usb 10-1: USB disconnect, device number 8
[  601.037785][ T5883] usb usb11-port1: unable to enumerate USB device
[  601.270186][T24681] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6109'.
[  601.273737][T24681] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6109'.
[  601.506446][T24684] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6110'.
[  601.795802][   T40] kauditd_printk_skb: 105 callbacks suppressed
[  601.795819][   T40] audit: type=1400 audit(1780010907.101:2203): avc:  denied  { read } for  pid=24692 comm="syz.8.6113" name="media3" dev="devtmpfs" ino=965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  601.816321][   T40] audit: type=1400 audit(1780010907.111:2204): avc:  denied  { open } for  pid=24692 comm="syz.8.6113" path="/dev/media3" dev="devtmpfs" ino=965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  601.826632][   T40] audit: type=1400 audit(1780010907.121:2205): avc:  denied  { ioctl } for  pid=24692 comm="syz.8.6113" path="/dev/media3" dev="devtmpfs" ino=965 ioctlcmd=0x7c02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  601.836231][T24697] autofs4:pid:24697:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  601.839947][   T40] audit: type=1400 audit(1780010907.131:2206): avc:  denied  { getopt } for  pid=24696 comm="syz.5.6115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  601.865446][   T40] audit: type=1400 audit(1780010907.141:2207): avc:  denied  { write } for  pid=24692 comm="syz.8.6113" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  601.873742][   T40] audit: type=1400 audit(1780010907.141:2208): avc:  denied  { open } for  pid=24692 comm="syz.8.6113" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  601.883345][   T40] audit: type=1400 audit(1780010907.141:2209): avc:  denied  { ioctl } for  pid=24692 comm="syz.8.6113" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  602.114027][   T40] audit: type=1400 audit(1780010907.421:2210): avc:  denied  { create } for  pid=24699 comm="syz.5.6116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  602.121007][ T5736] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  602.130790][   T40] audit: type=1400 audit(1780010907.421:2211): avc:  denied  { shutdown } for  pid=24699 comm="syz.5.6116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  602.146849][   T40] audit: type=1400 audit(1780010907.431:2212): avc:  denied  { getopt } for  pid=24699 comm="syz.5.6116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  602.937373][T24716] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6121'.
[  603.006886][T24721] netlink: 148 bytes leftover after parsing attributes in process `syz.5.6122'.
[  603.030963][T24721] FAULT_INJECTION: forcing a failure.
[  603.030963][T24721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  603.036525][T24721] CPU: 1 UID: 0 PID: 24721 Comm: syz.5.6122 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.036555][T24721] Tainted: [L]=SOFTLOCKUP
[  603.036562][T24721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  603.036574][T24721] Call Trace:
[  603.036581][T24721]  <TASK>
[  603.036588][T24721]  dump_stack_lvl+0x100/0x190
[  603.036626][T24721]  should_fail_ex.cold+0x5/0xa
[  603.036659][T24721]  _copy_from_user+0x2e/0xd0
[  603.036691][T24721]  kstrtouint_from_user+0xd6/0x1d0
[  603.036721][T24721]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  603.036748][T24721]  ? __lock_acquire+0x4a5/0x2630
[  603.036775][T24721]  ? lock_acquire+0x1b1/0x370
[  603.036804][T24721]  proc_fail_nth_write+0x83/0x220
[  603.036826][T24721]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  603.036853][T24721]  vfs_write+0x2aa/0x1070
[  603.036877][T24721]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  603.036900][T24721]  ? __pfx_vfs_write+0x10/0x10
[  603.036920][T24721]  ? __fget_files+0x215/0x3d0
[  603.036951][T24721]  ? __fget_files+0x21f/0x3d0
[  603.036982][T24721]  ksys_write+0x12a/0x250
[  603.037004][T24721]  ? __pfx_ksys_write+0x10/0x10
[  603.037027][T24721]  ? rcu_is_watching+0x12/0xc0
[  603.037071][T24721]  do_syscall_64+0x115/0x870
[  603.037106][T24721]  ? clear_bhb_loop+0x40/0x90
[  603.037129][T24721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.037149][T24721] RIP: 0033:0x7f1bf935d68e
[  603.037166][T24721] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  603.037184][T24721] RSP: 002b:00007f1bfa209fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  603.037204][T24721] RAX: ffffffffffffffda RBX: 00007f1bfa20a6c0 RCX: 00007f1bf935d68e
[  603.037217][T24721] RDX: 0000000000000001 RSI: 00007f1bfa20a0a0 RDI: 0000000000000006
[  603.037227][T24721] RBP: 00007f1bfa20a090 R08: 0000000000000000 R09: 0000000000000000
[  603.037239][T24721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.037250][T24721] R13: 00007f1bf9616038 R14: 00007f1bf9615fa0 R15: 00007ffeb5dc8dc8
[  603.037275][T24721]  </TASK>
[  603.258845][T24729] FAULT_INJECTION: forcing a failure.
[  603.258845][T24729] name failslab, interval 1, probability 0, space 0, times 0
[  603.268718][T24729] CPU: 1 UID: 0 PID: 24729 Comm: syz.7.6125 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.268750][T24729] Tainted: [L]=SOFTLOCKUP
[  603.268759][T24729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  603.268770][T24729] Call Trace:
[  603.268778][T24729]  <TASK>
[  603.268787][T24729]  dump_stack_lvl+0x100/0x190
[  603.268815][T24729]  should_fail_ex.cold+0x5/0xa
[  603.268841][T24729]  ? tomoyo_encode2+0xfb/0x3c0
[  603.268872][T24729]  should_failslab+0xc2/0x120
[  603.268895][T24729]  __kmalloc_noprof+0xe0/0x850
[  603.268923][T24729]  ? d_absolute_path+0x136/0x1b0
[  603.268950][T24729]  tomoyo_encode2+0xfb/0x3c0
[  603.268982][T24729]  tomoyo_encode+0x29/0x50
[  603.269009][T24729]  tomoyo_realpath_from_path+0x18c/0x690
[  603.269043][T24729]  tomoyo_path_number_perm+0x23c/0x580
[  603.269068][T24729]  ? tomoyo_path_number_perm+0x22e/0x580
[  603.269095][T24729]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  603.269118][T24729]  ? rcu_is_watching+0x12/0xc0
[  603.269147][T24729]  ? kfree+0x1dd/0x6c0
[  603.269190][T24729]  ? current_check_access_path+0x269/0x430
[  603.269233][T24729]  ? __pfx_current_check_access_path+0x10/0x10
[  603.269256][T24729]  ? do_raw_spin_unlock+0x145/0x1e0
[  603.269284][T24729]  ? _raw_spin_unlock+0x28/0x50
[  603.269310][T24729]  ? lookup_one_qstr_excl+0xaf/0x250
[  603.269342][T24729]  tomoyo_path_mkdir+0x9b/0xe0
[  603.269363][T24729]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[  603.269390][T24729]  security_path_mkdir+0x154/0x2e0
[  603.269414][T24729]  filename_mkdirat+0x168/0x5e0
[  603.269443][T24729]  ? __pfx_filename_mkdirat+0x10/0x10
[  603.269469][T24729]  ? strncpy_from_user+0x19d/0x2d0
[  603.269508][T24729]  ? do_getname+0x191/0x390
[  603.269538][T24729]  __x64_sys_mkdirat+0x89/0xc0
[  603.269564][T24729]  do_syscall_64+0x115/0x870
[  603.269587][T24729]  ? clear_bhb_loop+0x40/0x90
[  603.269611][T24729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.269630][T24729] RIP: 0033:0x7fc4def9ce59
[  603.269646][T24729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  603.269670][T24729] RSP: 002b:00007fc4dd1f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  603.269691][T24729] RAX: ffffffffffffffda RBX: 00007fc4df216090 RCX: 00007fc4def9ce59
[  603.269702][T24729] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  603.269715][T24729] RBP: 00007fc4dd1f6090 R08: 0000000000000000 R09: 0000000000000000
[  603.269726][T24729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.269737][T24729] R13: 00007fc4df216128 R14: 00007fc4df216090 R15: 00007fff099ea6d8
[  603.269763][T24729]  </TASK>
[  603.269918][T24729] ERROR: Out of memory at tomoyo_realpath_from_path.
[  603.310253][T24731] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6123'.
[  603.425481][T24735] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  603.481003][T24743] FAULT_INJECTION: forcing a failure.
[  603.481003][T24743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  603.493559][T24743] CPU: 0 UID: 0 PID: 24743 Comm: syz.7.6127 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.493579][T24743] Tainted: [L]=SOFTLOCKUP
[  603.493583][T24743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  603.493590][T24743] Call Trace:
[  603.493594][T24743]  <TASK>
[  603.493599][T24743]  dump_stack_lvl+0x100/0x190
[  603.493616][T24743]  should_fail_ex.cold+0x5/0xa
[  603.493631][T24743]  strncpy_from_user+0x3b/0x2d0
[  603.493646][T24743]  do_getname+0x78/0x390
[  603.493664][T24743]  __x64_sys_mkdirat+0x78/0xc0
[  603.493679][T24743]  do_syscall_64+0x115/0x870
[  603.493694][T24743]  ? clear_bhb_loop+0x40/0x90
[  603.493707][T24743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.493718][T24743] RIP: 0033:0x7fc4def9ce59
[  603.493728][T24743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  603.493738][T24743] RSP: 002b:00007fc4dd1f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  603.493750][T24743] RAX: ffffffffffffffda RBX: 00007fc4df216090 RCX: 00007fc4def9ce59
[  603.493757][T24743] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  603.493763][T24743] RBP: 00007fc4dd1f6090 R08: 0000000000000000 R09: 0000000000000000
[  603.493770][T24743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  603.493776][T24743] R13: 00007fc4df216128 R14: 00007fc4df216090 R15: 00007fff099ea6d8
[  603.493789][T24743]  </TASK>
[  603.762461][T24759] overlayfs: failed to resolve './file0': -2
[  603.932086][T24772] FAULT_INJECTION: forcing a failure.
[  603.932086][T24772] name failslab, interval 1, probability 0, space 0, times 0
[  603.945673][T24772] CPU: 2 UID: 0 PID: 24772 Comm: syz.5.6132 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  603.945693][T24772] Tainted: [L]=SOFTLOCKUP
[  603.945698][T24772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  603.945704][T24772] Call Trace:
[  603.945709][T24772]  <TASK>
[  603.945714][T24772]  dump_stack_lvl+0x100/0x190
[  603.945731][T24772]  should_fail_ex.cold+0x5/0xa
[  603.945750][T24772]  should_failslab+0xc2/0x120
[  603.945766][T24772]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  603.945790][T24772]  ? security_inode_alloc+0x3b/0x2c0
[  603.945809][T24772]  ? lockdep_init_map_type+0x5c/0x250
[  603.945825][T24772]  security_inode_alloc+0x3b/0x2c0
[  603.945841][T24772]  inode_init_always_gfp+0xc77/0xfb0
[  603.945858][T24772]  alloc_inode+0x8e/0x250
[  603.945869][T24772]  sock_alloc+0x44/0x280
[  603.945880][T24772]  ? security_socket_create+0x7f/0x250
[  603.945895][T24772]  __sock_create+0xc2/0x860
[  603.945911][T24772]  udp_sock_create6+0xc7/0x6a0
[  603.945924][T24772]  ? __pfx_udp_sock_create6+0x10/0x10
[  603.945934][T24772]  ? find_held_lock+0x2b/0x80
[  603.945943][T24772]  ? setup_udp_tunnel_sock+0x521/0x620
[  603.945957][T24772]  ? setup_udp_tunnel_sock+0x521/0x620
[  603.945971][T24772]  ? do_raw_spin_unlock+0x145/0x1e0
[  603.945986][T24772]  ? _raw_spin_unlock+0x28/0x50
[  603.946001][T24772]  wg_socket_init+0x63f/0xf10
[  603.946020][T24772]  ? __pfx_wg_socket_init+0x10/0x10
[  603.946036][T24772]  ? trace_contention_end+0x122/0x170
[  603.946051][T24772]  ? __mutex_lock+0x26d/0x1b10
[  603.946067][T24772]  ? __pfx_wg_receive+0x10/0x10
[  603.946083][T24772]  ? __pfx___mutex_lock+0x10/0x10
[  603.946098][T24772]  ? __pfx_ib_device_get_by_netdev+0x10/0x10
[  603.946111][T24772]  ? netconsole_netdev_event+0x63a/0xc50
[  603.946127][T24772]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  603.946146][T24772]  wg_open+0x231/0x4d0
[  603.946158][T24772]  ? __pfx_wg_open+0x10/0x10
[  603.946177][T24772]  __dev_open+0x3ad/0x8f0
[  603.946193][T24772]  ? __pfx___dev_open+0x10/0x10
[  603.946210][T24772]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  603.946233][T24772]  netif_open+0xf2/0x160
[  603.946250][T24772]  ? __pfx_netif_open+0x10/0x10
[  603.946264][T24772]  ? __kmalloc_noprof+0x320/0x850
[  603.946281][T24772]  dev_open+0xb2/0x260
[  603.946293][T24772]  team_add_slave+0x5f7/0x1c70
[  603.946310][T24772]  ? __pfx_team_add_slave+0x10/0x10
[  603.946321][T24772]  ? __pfx___dev_change_flags+0x10/0x10
[  603.946337][T24772]  ? validate_linkmsg+0x57c/0xba0
[  603.946357][T24772]  ? __pfx_team_add_slave+0x10/0x10
[  603.946367][T24772]  do_set_master+0x40f/0x730
[  603.946383][T24772]  ? netif_change_flags+0x60/0x160
[  603.946400][T24772]  do_setlink.isra.0+0xb2b/0x3e60
[  603.946413][T24772]  ? rcu_is_watching+0x12/0xc0
[  603.946431][T24772]  ? __pfx_do_setlink.isra.0+0x10/0x10
[  603.946443][T24772]  ? __lock_acquire+0x4a5/0x2630
[  603.946460][T24772]  ? do_raw_spin_lock+0x128/0x260
[  603.946476][T24772]  ? find_held_lock+0x2b/0x80
[  603.946486][T24772]  ? debug_mutex_remove_waiter+0xa8/0x320
[  603.946504][T24772]  ? debug_mutex_remove_waiter+0xa8/0x320
[  603.946523][T24772]  ? mark_held_locks+0x40/0x70
[  603.946536][T24772]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  603.946549][T24772]  ? __mutex_lock+0x838/0x1b10
[  603.946562][T24772]  ? lockdep_hardirqs_on+0x78/0x100
[  603.946578][T24772]  ? __mutex_lock+0x838/0x1b10
[  603.946592][T24772]  ? __mutex_lock+0x26d/0x1b10
[  603.946607][T24772]  ? rtnl_newlink+0x8bb/0x2380
[  603.946620][T24772]  ? __pfx___mutex_lock+0x10/0x10
[  603.946635][T24772]  ? rcu_is_watching+0x12/0xc0
[  603.946651][T24772]  ? cap_capable+0x10b/0x440
[  603.946683][T24772]  ? full_name_hash+0xbc/0x100
[  603.946700][T24772]  ? netdev_name_node_lookup+0x107/0x150
[  603.946718][T24772]  rtnl_newlink+0x11c2/0x2380
[  603.946734][T24772]  ? __pfx_rtnl_newlink+0x10/0x10
[  603.946745][T24772]  ? find_held_lock+0x2b/0x80
[  603.946754][T24772]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  603.946766][T24772]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  603.946781][T24772]  ? avc_has_perm_noaudit+0x145/0x3b0
[  603.946804][T24772]  ? __lock_acquire+0x4a5/0x2630
[  603.946831][T24772]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  603.946841][T24772]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  603.946852][T24772]  ? __pfx_rtnl_newlink+0x10/0x10
[  603.946863][T24772]  rtnetlink_rcv_msg+0x95e/0xe90
[  603.946875][T24772]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  603.946888][T24772]  ? __lock_acquire+0x4a5/0x2630
[  603.946904][T24772]  netlink_rcv_skb+0x159/0x420
[  603.946918][T24772]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  603.946930][T24772]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  603.946948][T24772]  ? netlink_deliver_tap+0x1ae/0xcc0
[  603.946963][T24772]  netlink_unicast+0x585/0x850
[  603.946979][T24772]  ? __pfx_netlink_unicast+0x10/0x10
[  603.946996][T24772]  netlink_sendmsg+0x8b0/0xda0
[  603.947012][T24772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  603.947024][T24772]  ? __might_fault+0xa0/0x140
[  603.947045][T24772]  ____sys_sendmsg+0x9e1/0xb70
[  603.947057][T24772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  603.947071][T24772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  603.947090][T24772]  ___sys_sendmsg+0x190/0x1e0
[  603.947104][T24772]  ? __pfx____sys_sendmsg+0x10/0x10
[  603.947134][T24772]  __sys_sendmsg+0x170/0x220
[  603.947151][T24772]  ? __pfx___sys_sendmsg+0x10/0x10
[  603.947173][T24772]  ? rcu_is_watching+0x12/0xc0
[  603.947190][T24772]  do_syscall_64+0x115/0x870
[  603.947203][T24772]  ? clear_bhb_loop+0x40/0x90
[  603.947216][T24772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.947227][T24772] RIP: 0033:0x7f1bf939ce59
[  603.947241][T24772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  603.947252][T24772] RSP: 002b:00007f1bfa20a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  603.947263][T24772] RAX: ffffffffffffffda RBX: 00007f1bf9615fa0 RCX: 00007f1bf939ce59
[  603.947270][T24772] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  603.947277][T24772] RBP: 00007f1bfa20a090 R08: 0000000000000000 R09: 0000000000000000
[  603.947283][T24772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  603.947289][T24772] R13: 00007f1bf9616038 R14: 00007f1bf9615fa0 R15: 00007ffeb5dc8dc8
[  603.947303][T24772]  </TASK>
[  604.228411][T24772] net_ratelimit: 45 callbacks suppressed
[  604.228426][T24772] socket: no more sockets
[  604.246345][T24772] wireguard: wg1: Could not create IPv6 socket
[  604.483133][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6522
[  604.492676][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x6523
[  604.519486][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x9b94
[  604.527032][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x9b95
[  604.590874][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xa44c
[  604.594318][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0xa44d
[  604.608965][T24817] syzkaller0: entered promiscuous mode
[  604.610768][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x154c
[  604.610947][T24817] syzkaller0: entered allmulticast mode
[  604.613749][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0x154d
[  604.622119][T24817] 0: reclassify loop, rule prio 0, protocol 800
[  604.641520][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xb16c
[  604.646548][T24802] kvm: kvm [24801]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xb16d
[  604.688875][T24802] kvm_intel: kvm [24801]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x3216
[  604.744232][T24819] 8021q: adding VLAN 0 to HW filter on device bond6
[  604.775195][T24823] Invalid logical block size (18)
[  604.776612][T24819] bond6: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  604.847183][  T217] bond6: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  604.967219][T10029] bond6: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  605.055786][T24831] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  605.162751][T24846] syzkaller0: entered promiscuous mode
[  605.165212][T24846] syzkaller0: entered allmulticast mode
[  605.223929][T24851] netlink: 'syz.8.6153': attribute type 1 has an invalid length.
[  605.364056][T24859] syzkaller0: entered promiscuous mode
[  605.366266][T24859] syzkaller0: entered allmulticast mode
[  605.386557][T24853] kvm_intel: kvm [24852]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x1046
[  605.749548][T24869] NILFS (nullb0): couldn't find nilfs on the device
[  605.855846][T24877] syzkaller0: entered promiscuous mode
[  605.859500][T24877] syzkaller0: entered allmulticast mode
[  606.164338][T24884] overlayfs: conflicting lowerdir path
[  606.314290][T24886] syzkaller0: entered promiscuous mode
[  606.316173][T24886] syzkaller0: entered allmulticast mode
[  606.503912][T24893] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  606.691430][T24906] SELinux: ebitmap: empty map
[  606.693075][T24906] SELinux: failed to load policy
[  606.743343][T24909] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6173'.
[  606.815062][   T40] kauditd_printk_skb: 135 callbacks suppressed
[  606.815079][   T40] audit: type=1400 audit(1780010912.121:2348): avc:  denied  { write } for  pid=24910 comm="syz.8.6174" name="ptp1" dev="devtmpfs" ino=1289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  606.832331][   T40] audit: type=1400 audit(1780010912.141:2349): avc:  denied  { open } for  pid=24910 comm="syz.8.6174" path="/dev/ptp1" dev="devtmpfs" ino=1289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  606.921777][   T40] audit: type=1400 audit(1780010912.231:2350): avc:  denied  { create } for  pid=24915 comm="syz.8.6175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  606.929120][   T40] audit: type=1400 audit(1780010912.241:2351): avc:  denied  { write } for  pid=24915 comm="syz.8.6175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  606.935444][   T40] audit: type=1400 audit(1780010912.241:2352): avc:  denied  { read } for  pid=24915 comm="syz.8.6175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  606.943640][   T40] audit: type=1400 audit(1780010912.251:2353): avc:  denied  { ioctl } for  pid=24915 comm="syz.8.6175" path="socket:[108271]" dev="sockfs" ino=108271 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  606.976532][   T40] audit: type=1400 audit(1780010912.281:2354): avc:  denied  { create } for  pid=24917 comm="syz.8.6176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  606.986697][   T40] audit: type=1400 audit(1780010912.291:2355): avc:  denied  { read } for  pid=24917 comm="syz.8.6176" name="nmem0" dev="devtmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  606.995600][   T40] audit: type=1400 audit(1780010912.291:2356): avc:  denied  { open } for  pid=24917 comm="syz.8.6176" path="/dev/nmem0" dev="devtmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  607.061680][   T40] audit: type=1400 audit(1780010912.371:2357): avc:  denied  { name_bind } for  pid=24921 comm="syz.8.6178" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  607.186698][T24928] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6178'.
[  607.189603][T24928] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6178'.
[  607.196173][T24928] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6178'.
[  607.314650][T24930] netlink: 48 bytes leftover after parsing attributes in process `syz.6.6181'.
[  607.353667][T24933] netlink: 'syz.5.6182': attribute type 1 has an invalid length.
[  607.370927][T24936] misc userio: Begin command sent, but we're already running
[  607.372669][T24933] 8021q: adding VLAN 0 to HW filter on device bond3
[  607.729598][T24943] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  607.870437][T10044] nci: nci_ntf_packet: unknown ntf opcode 0x104
[  607.941651][T24954] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6188'.
[  608.490078][T24972] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.6194'.
[  608.560187][T24978] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  608.562745][T24978] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  610.748476][T24945] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  610.840951][T24983] syzkaller0: entered promiscuous mode
[  610.843636][T24983] syzkaller0: entered allmulticast mode
[  611.053139][T24983] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  611.089876][T24983] tipc: Resetting bearer <eth:syzkaller0>
[  611.104100][T24983] tipc: Disabling bearer <eth:syzkaller0>
[  611.422398][T25019] ip6t_srh: unknown srh invflags 4000
[  611.508915][ T5885] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  611.659178][T25023] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6210'.
[  611.672959][ T5885] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  611.677111][ T5885] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  611.680784][ T5885] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  611.684292][ T5885] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.690655][ T5885] usb 10-1: config 0 descriptor??
[  611.692290][T25023] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=25023 comm=syz.8.6210
[  611.725919][T25029] syzkaller0: entered promiscuous mode
[  611.731333][T25029] syzkaller0: entered allmulticast mode
[  611.743974][T25031] overlayfs: maximum fs stacking depth exceeded
[  611.844831][   T40] kauditd_printk_skb: 132 callbacks suppressed
[  611.844851][   T40] audit: type=1400 audit(1780010917.151:2490): avc:  denied  { mount } for  pid=25034 comm="syz.8.6213" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  611.848468][T25035] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  611.863651][   T40] audit: type=1400 audit(1780010917.171:2491): avc:  denied  { mount } for  pid=25034 comm="syz.8.6213" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  611.864257][T25035] FAULT_INJECTION: forcing a failure.
[  611.864257][T25035] name failslab, interval 1, probability 0, space 0, times 0
[  611.874877][   T40] audit: type=1400 audit(1780010917.181:2492): avc:  denied  { name_bind } for  pid=25037 comm="syz.6.6214" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  611.885044][T25035] CPU: 2 UID: 0 PID: 25035 Comm: syz.8.6213 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  611.885074][T25035] Tainted: [L]=SOFTLOCKUP
[  611.885081][T25035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  611.885092][T25035] Call Trace:
[  611.885099][T25035]  <TASK>
[  611.885106][T25035]  dump_stack_lvl+0x100/0x190
[  611.885133][T25035]  should_fail_ex.cold+0x5/0xa
[  611.885159][T25035]  should_failslab+0xc2/0x120
[  611.885180][T25035]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  611.885207][T25035]  ? __d_alloc+0x34/0xa40
[  611.885238][T25035]  __d_alloc+0x34/0xa40
[  611.885267][T25035]  d_alloc+0x4a/0x1e0
[  611.885293][T25035]  lookup_one_qstr_excl+0x171/0x250
[  611.885320][T25035]  ? mnt_want_write+0x161/0x450
[  611.885341][T25035]  filename_create+0x1cf/0x400
[  611.885361][T25035]  ? __pfx_filename_create+0x10/0x10
[  611.885384][T25035]  ? find_held_lock+0x2b/0x80
[  611.885405][T25035]  filename_mkdirat+0xb9/0x5e0
[  611.885436][T25035]  ? __pfx_filename_mkdirat+0x10/0x10
[  611.885460][T25035]  ? strncpy_from_user+0x19d/0x2d0
[  611.885485][T25035]  ? do_getname+0x191/0x390
[  611.885513][T25035]  __x64_sys_mkdirat+0x89/0xc0
[  611.885538][T25035]  do_syscall_64+0x115/0x870
[  611.885562][T25035]  ? clear_bhb_loop+0x40/0x90
[  611.885588][T25035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  611.885608][T25035] RIP: 0033:0x7f999b39ce59
[  611.885624][T25035] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  611.885642][T25035] RSP: 002b:00007f999c1e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  611.885660][T25035] RAX: ffffffffffffffda RBX: 00007f999b615fa0 RCX: 00007f999b39ce59
[  611.885672][T25035] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  611.885684][T25035] RBP: 00007f999c1e8090 R08: 0000000000000000 R09: 0000000000000000
[  611.885695][T25035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  611.885706][T25035] R13: 00007f999b616038 R14: 00007f999b615fa0 R15: 00007fffc2eaed88
[  611.885731][T25035]  </TASK>
[  611.980564][   T40] audit: type=1400 audit(1780010917.181:2493): avc:  denied  { node_bind } for  pid=25037 comm="syz.6.6214" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  611.987831][   T40] audit: type=1400 audit(1780010917.181:2494): avc:  denied  { create } for  pid=25037 comm="syz.6.6214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  611.996596][   T40] audit: type=1400 audit(1780010917.181:2495): avc:  denied  { setopt } for  pid=25037 comm="syz.6.6214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  612.007232][   T40] audit: type=1400 audit(1780010917.191:2496): avc:  denied  { accept } for  pid=25037 comm="syz.6.6214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  612.014466][   T40] audit: type=1400 audit(1780010917.191:2497): avc:  denied  { create } for  pid=25037 comm="syz.6.6214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  612.024460][   T40] audit: type=1400 audit(1780010917.221:2498): avc:  denied  { unmount } for  pid=22167 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  612.033020][   T40] audit: type=1400 audit(1780010917.221:2499): avc:  denied  { ioctl } for  pid=25005 comm="syz.5.6204" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  612.114287][T25006] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6204'.
[  612.174211][T25010] netlink: 44 bytes leftover after parsing attributes in process `syz.5.6204'.
[  612.225034][T25051] autofs4:pid:25051:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  612.245377][ T5885] keytouch 0003:0926:3333.000A: fixing up Keytouch IEC report descriptor
[  612.308242][ T5885] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0926:3333.000A/input/input110
[  612.735709][ T5885] keytouch 0003:0926:3333.000A: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  613.683909][ T5885] usb 10-1: reset high-speed USB device number 9 using dummy_hcd
[  613.714595][T25055] netlink: 60 bytes leftover after parsing attributes in process `syz.8.6219'.
[  614.455807][T25006] 8021q: adding VLAN 0 to HW filter on device bond4
[  614.523220][T25065] FAULT_INJECTION: forcing a failure.
[  614.523220][T25065] name failslab, interval 1, probability 0, space 0, times 0
[  614.528763][T25065] CPU: 2 UID: 0 PID: 25065 Comm: syz.5.6222 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  614.528794][T25065] Tainted: [L]=SOFTLOCKUP
[  614.528802][T25065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  614.528813][T25065] Call Trace:
[  614.528820][T25065]  <TASK>
[  614.528828][T25065]  dump_stack_lvl+0x100/0x190
[  614.528856][T25065]  should_fail_ex.cold+0x5/0xa
[  614.528883][T25065]  should_failslab+0xc2/0x120
[  614.528905][T25065]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  614.528934][T25065]  ? sk_prot_alloc+0x60/0x2a0
[  614.528962][T25065]  sk_prot_alloc+0x60/0x2a0
[  614.528985][T25065]  sk_alloc+0x36/0xe80
[  614.529014][T25065]  inet6_create+0x385/0x12b0
[  614.529038][T25065]  ? inet6_create+0x7f/0x12b0
[  614.529063][T25065]  __sock_create+0x339/0x860
[  614.529092][T25065]  udp_sock_create6+0xc7/0x6a0
[  614.529114][T25065]  ? __pfx_udp_sock_create6+0x10/0x10
[  614.529132][T25065]  ? find_held_lock+0x2b/0x80
[  614.529149][T25065]  ? setup_udp_tunnel_sock+0x521/0x620
[  614.529191][T25065]  ? setup_udp_tunnel_sock+0x521/0x620
[  614.529217][T25065]  ? do_raw_spin_unlock+0x145/0x1e0
[  614.529244][T25065]  ? _raw_spin_unlock+0x28/0x50
[  614.529268][T25065]  wg_socket_init+0x63f/0xf10
[  614.529301][T25065]  ? __pfx_wg_socket_init+0x10/0x10
[  614.529325][T25065]  ? trace_contention_end+0x122/0x170
[  614.529351][T25065]  ? __mutex_lock+0x26d/0x1b10
[  614.529379][T25065]  ? __pfx_wg_receive+0x10/0x10
[  614.529406][T25065]  ? __pfx___mutex_lock+0x10/0x10
[  614.529432][T25065]  ? __pfx_ib_device_get_by_netdev+0x10/0x10
[  614.529453][T25065]  ? netconsole_netdev_event+0x63a/0xc50
[  614.529474][T25065]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  614.529507][T25065]  wg_open+0x231/0x4d0
[  614.529526][T25065]  ? __pfx_wg_open+0x10/0x10
[  614.529544][T25065]  __dev_open+0x3ad/0x8f0
[  614.529565][T25065]  ? __pfx___dev_open+0x10/0x10
[  614.529586][T25065]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  614.529627][T25065]  netif_open+0xf2/0x160
[  614.529639][T25065]  ? __pfx_netif_open+0x10/0x10
[  614.529652][T25065]  ? __kmalloc_noprof+0x320/0x850
[  614.529669][T25065]  dev_open+0xb2/0x260
[  614.529681][T25065]  team_add_slave+0x5f7/0x1c70
[  614.529696][T25065]  ? __pfx_team_add_slave+0x10/0x10
[  614.529706][T25065]  ? __pfx___dev_change_flags+0x10/0x10
[  614.529721][T25065]  ? find_held_lock+0x2b/0x80
[  614.529730][T25065]  ? validate_linkmsg+0x57c/0xba0
[  614.529746][T25065]  ? is_bpf_text_address+0x8a/0x1a0
[  614.529767][T25065]  ? __pfx_team_add_slave+0x10/0x10
[  614.529782][T25065]  do_set_master+0x40f/0x730
[  614.529809][T25065]  ? netif_change_flags+0x60/0x160
[  614.529835][T25065]  do_setlink.isra.0+0xb2b/0x3e60
[  614.529852][T25065]  ? __pfx_do_setlink.isra.0+0x10/0x10
[  614.529864][T25065]  ? __lock_acquire+0x4a5/0x2630
[  614.529883][T25065]  ? lock_acquire+0x1b1/0x370
[  614.529898][T25065]  ? rcu_is_watching+0x12/0xc0
[  614.529914][T25065]  ? trace_contention_end+0x122/0x170
[  614.529929][T25065]  ? __mutex_lock+0x26d/0x1b10
[  614.529943][T25065]  ? rtnl_newlink+0x8bb/0x2380
[  614.529956][T25065]  ? __pfx___mutex_lock+0x10/0x10
[  614.529970][T25065]  ? rcu_is_watching+0x12/0xc0
[  614.529986][T25065]  ? cap_capable+0x10b/0x440
[  614.530004][T25065]  ? full_name_hash+0xbc/0x100
[  614.530020][T25065]  ? netdev_name_node_lookup+0x107/0x150
[  614.530037][T25065]  rtnl_newlink+0x11c2/0x2380
[  614.530052][T25065]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.530061][T25065]  ? find_held_lock+0x2b/0x80
[  614.530070][T25065]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  614.530082][T25065]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  614.530096][T25065]  ? avc_has_perm_noaudit+0x145/0x3b0
[  614.530112][T25065]  ? __lock_acquire+0x4a5/0x2630
[  614.530134][T25065]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  614.530144][T25065]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  614.530155][T25065]  ? __pfx_rtnl_newlink+0x10/0x10
[  614.530166][T25065]  rtnetlink_rcv_msg+0x95e/0xe90
[  614.530178][T25065]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  614.530191][T25065]  ? __lock_acquire+0x4a5/0x2630
[  614.530207][T25065]  netlink_rcv_skb+0x159/0x420
[  614.530221][T25065]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  614.530233][T25065]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  614.530251][T25065]  ? netlink_deliver_tap+0x1ae/0xcc0
[  614.530267][T25065]  netlink_unicast+0x585/0x850
[  614.530282][T25065]  ? __pfx_netlink_unicast+0x10/0x10
[  614.530300][T25065]  netlink_sendmsg+0x8b0/0xda0
[  614.530315][T25065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  614.530328][T25065]  ? __might_fault+0xa0/0x140
[  614.530349][T25065]  ____sys_sendmsg+0x9e1/0xb70
[  614.530361][T25065]  ? __pfx_netlink_sendmsg+0x10/0x10
[  614.530375][T25065]  ? __pfx_____sys_sendmsg+0x10/0x10
[  614.530395][T25065]  ___sys_sendmsg+0x190/0x1e0
[  614.530409][T25065]  ? __pfx____sys_sendmsg+0x10/0x10
[  614.530452][T25065]  __sys_sendmsg+0x170/0x220
[  614.530482][T25065]  ? __pfx___sys_sendmsg+0x10/0x10
[  614.530522][T25065]  ? rcu_is_watching+0x12/0xc0
[  614.530551][T25065]  do_syscall_64+0x115/0x870
[  614.530573][T25065]  ? clear_bhb_loop+0x40/0x90
[  614.530597][T25065]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  614.530609][T25065] RIP: 0033:0x7f1bf939ce59
[  614.530619][T25065] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  614.530630][T25065] RSP: 002b:00007f1bfa20a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  614.530641][T25065] RAX: ffffffffffffffda RBX: 00007f1bf9615fa0 RCX: 00007f1bf939ce59
[  614.530648][T25065] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  614.530654][T25065] RBP: 00007f1bfa20a090 R08: 0000000000000000 R09: 0000000000000000
[  614.530660][T25065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  614.530666][T25065] R13: 00007f1bf9616038 R14: 00007f1bf9615fa0 R15: 00007ffeb5dc8dc8
[  614.530680][T25065]  </TASK>
[  614.531447][T25065] wireguard: wg1: Could not create IPv6 socket
[  614.630772][T25068] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6223'.
[  614.828414][T25073] netlink: 'syz.5.6225': attribute type 1 has an invalid length.
[  614.834749][T25073] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6225'.
[  614.941545][T25077] netlink: 'syz.5.6226': attribute type 39 has an invalid length.
[  614.948899][T25077] hsr_slave_0 (unregistering): left promiscuous mode
[  615.239913][T25090] autofs4:pid:25090:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  615.300993][   T50] usb 10-1: USB disconnect, device number 9
[  615.777912][ T5833] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  615.844598][T25098] syzkaller0: entered promiscuous mode
[  615.846980][T25098] syzkaller0: entered allmulticast mode
[  615.927194][ T5833] usb 12-1: Using ep0 maxpacket: 8
[  615.931367][ T5833] usb 12-1: config index 0 descriptor too short (expected 301, got 45)
[  615.935059][ T5833] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  615.940354][ T5833] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  615.945193][ T5833] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  615.950409][ T5833] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  615.955582][ T5833] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  615.964665][ T5833] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  615.968805][ T5833] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.191971][ T5833] usb 12-1: usb_control_msg returned -32
[  616.193764][ T5833] usbtmc 12-1:16.0: can't read capabilities
[  617.070011][T25116] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  617.096652][   T40] kauditd_printk_skb: 117 callbacks suppressed
[  617.096670][   T40] audit: type=1400 audit(1780010922.401:2617): avc:  denied  { create } for  pid=25117 comm="syz.8.6239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  617.111814][   T40] audit: type=1400 audit(1780010922.421:2618): avc:  denied  { setopt } for  pid=25117 comm="syz.8.6239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  617.124657][   T40] audit: type=1400 audit(1780010922.421:2619): avc:  denied  { name_bind } for  pid=25117 comm="syz.8.6239" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  617.134013][   T40] audit: type=1400 audit(1780010922.431:2620): avc:  denied  { mounton } for  pid=25117 comm="syz.8.6239" path="/238/file0" dev="tmpfs" ino=1395 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  617.143686][   T40] audit: type=1400 audit(1780010922.431:2621): avc:  denied  { unlink } for  pid=25117 comm="syz.8.6239" name="#190" dev="tmpfs" ino=1401 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  617.151500][   T40] audit: type=1400 audit(1780010922.431:2622): avc:  denied  { mount } for  pid=25117 comm="syz.8.6239" name="/" dev="overlay" ino=1395 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  617.170799][   T40] audit: type=1400 audit(1780010922.481:2623): avc:  denied  { unmount } for  pid=22167 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  617.221952][T25120] syzkaller0: entered promiscuous mode
[  617.224269][T25120] syzkaller0: entered allmulticast mode
[  617.231890][   T40] audit: type=1400 audit(1780010922.541:2624): avc:  denied  { allowed } for  pid=25119 comm="syz.8.6240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  617.239836][   T40] audit: type=1400 audit(1780010922.541:2625): avc:  denied  { module_request } for  pid=25121 comm="syz.5.6241" kmod="rtnl-link-bridge_slave" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  617.250799][   T40] audit: type=1400 audit(1780010922.551:2626): avc:  denied  { create } for  pid=25119 comm="syz.8.6240" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  617.252183][T25122] netlink: 48 bytes leftover after parsing attributes in process `syz.5.6241'.
[  617.402376][T25127] FAULT_INJECTION: forcing a failure.
[  617.402376][T25127] name failslab, interval 1, probability 0, space 0, times 0
[  617.407268][T25127] CPU: 3 UID: 0 PID: 25127 Comm: syz.8.6243 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  617.407298][T25127] Tainted: [L]=SOFTLOCKUP
[  617.407305][T25127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  617.407316][T25127] Call Trace:
[  617.407324][T25127]  <TASK>
[  617.407332][T25127]  dump_stack_lvl+0x100/0x190
[  617.407358][T25127]  should_fail_ex.cold+0x5/0xa
[  617.407385][T25127]  should_failslab+0xc2/0x120
[  617.407406][T25127]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  617.407436][T25127]  ? vfs_parse_fs_qstr+0x112/0x1c0
[  617.407462][T25127]  ? rcu_is_watching+0x12/0xc0
[  617.407498][T25127]  kmemdup_nul+0x49/0xd0
[  617.407549][T25127]  vfs_parse_fs_qstr+0x112/0x1c0
[  617.407578][T25127]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[  617.407605][T25127]  ? kstrdup+0xb3/0xe0
[  617.407625][T25127]  ? alloc_fs_context+0x65a/0xf40
[  617.407657][T25127]  path_mount+0x75a/0x23d0
[  617.407688][T25127]  ? __pfx_path_mount+0x10/0x10
[  617.407712][T25127]  ? lockdep_hardirqs_on+0x78/0x100
[  617.407738][T25127]  ? putname+0xb1/0x110
[  617.407761][T25127]  ? kmem_cache_free+0x127/0x6c0
[  617.407795][T25127]  ? __x64_sys_mount+0x293/0x310
[  617.407819][T25127]  __x64_sys_mount+0x293/0x310
[  617.407846][T25127]  ? __pfx___x64_sys_mount+0x10/0x10
[  617.407875][T25127]  ? rcu_is_watching+0x12/0xc0
[  617.407903][T25127]  do_syscall_64+0x115/0x870
[  617.407927][T25127]  ? clear_bhb_loop+0x40/0x90
[  617.407948][T25127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  617.407965][T25127] RIP: 0033:0x7f999b39ce59
[  617.407980][T25127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  617.407997][T25127] RSP: 002b:00007f999c1e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  617.408014][T25127] RAX: ffffffffffffffda RBX: 00007f999b615fa0 RCX: 00007f999b39ce59
[  617.408025][T25127] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[  617.408037][T25127] RBP: 00007f999c1e8090 R08: 00002000000000c0 R09: 0000000000000000
[  617.408047][T25127] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[  617.408058][T25127] R13: 00007f999b616038 R14: 00007f999b615fa0 R15: 00007fffc2eaed88
[  617.408080][T25127]  </TASK>
[  617.542366][ T5736] Bluetooth: hci5: ACL packet for unknown connection handle 200
[  617.604857][T25132] autofs4:pid:25132:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  617.828446][T25142] netlink: 'syz.5.6249': attribute type 1 has an invalid length.
[  617.832283][T25142] netlink: 'syz.5.6249': attribute type 4 has an invalid length.
[  617.835817][T25142] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.6249'.
[  617.913777][T25144] syzkaller0: entered promiscuous mode
[  617.917035][T25144] syzkaller0: entered allmulticast mode
[  617.970271][T25146] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  618.209046][T25153] syzkaller0: entered promiscuous mode
[  618.210629][T25153] syzkaller0: entered allmulticast mode
[  618.493947][T25155] bond5: Unable to set up delay as MII monitoring is disabled
[  618.501668][T25155] bond5 (unregistering): Released all slaves
[  618.532420][   T39] usb 12-1: USB disconnect, device number 6
[  618.738517][T25168] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6260'.
[  618.807210][T25170] bridge_slave_0: left allmulticast mode
[  618.809730][T25170] bridge_slave_0: left promiscuous mode
[  618.814773][T25170] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.823216][T25170] bridge_slave_1: left allmulticast mode
[  618.825523][T25170] bridge_slave_1: left promiscuous mode
[  618.828534][T25170] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.836880][T25170] bond0: (slave bond_slave_0): Releasing backup interface
[  618.845546][T25170] bond0: (slave bond_slave_1): Releasing backup interface
[  618.851982][T25170] team0: Port device team_slave_0 removed
[  618.856542][T25170] team0: Port device team_slave_1 removed
[  618.859554][T25170] batman_adv: batadv0: Removing interface: batadv_slave_0
[  618.862282][T25170] batman_adv: batadv0: Removing interface: batadv_slave_1
[  618.864928][T25170] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  618.875904][T25174] netlink: 204 bytes leftover after parsing attributes in process `syz.7.6263'.
[  618.948052][T25178] binder: 25177:25178 unknown command 0
[  618.957296][T25178] binder: 25177:25178 ioctl c0306201 2000000003c0 returned -22
[  619.022856][T25187] syzkaller0: entered promiscuous mode
[  619.024949][T25187] syzkaller0: entered allmulticast mode
[  619.077616][T25189] Invalid/unusable pipe
[  619.368588][T25208] syzkaller0: entered promiscuous mode
[  619.370641][T25208] syzkaller0: entered allmulticast mode
[  619.384959][T25208] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  619.637917][T25213] mac80211_hwsim hwsim42 wlan1: entered allmulticast mode
[  619.836439][T25229] netlink: 'syz.5.6283': attribute type 1 has an invalid length.
[  619.879724][T25229] 8021q: adding VLAN 0 to HW filter on device bond5
[  619.988477][T25227] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  622.476419][   T40] kauditd_printk_skb: 142 callbacks suppressed
[  622.476438][   T40] audit: type=1400 audit(1780010927.781:2769): avc:  denied  { read } for  pid=25260 comm="syz.5.6292" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  622.489779][   T40] audit: type=1400 audit(1780010927.781:2770): avc:  denied  { open } for  pid=25260 comm="syz.5.6292" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  622.499396][   T40] audit: type=1400 audit(1780010927.791:2771): avc:  denied  { ioctl } for  pid=25260 comm="syz.5.6292" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  622.525142][   T40] audit: type=1400 audit(1780010927.831:2772): avc:  denied  { read write } for  pid=22167 comm="syz-executor" name="loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  622.532673][   T40] audit: type=1400 audit(1780010927.831:2773): avc:  denied  { open } for  pid=22167 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=666 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  622.540898][   T40] audit: type=1400 audit(1780010927.831:2774): avc:  denied  { ioctl } for  pid=22167 comm="syz-executor" path="/dev/loop8" dev="devtmpfs" ino=666 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  622.569567][   T40] audit: type=1400 audit(1780010927.871:2775): avc:  denied  { write } for  pid=25260 comm="syz.5.6292" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  622.600070][   T40] audit: type=1400 audit(1780010927.911:2776): avc:  denied  { read } for  pid=25262 comm="syz.7.6293" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  622.606975][   T40] audit: type=1400 audit(1780010927.911:2777): avc:  denied  { open } for  pid=25262 comm="syz.7.6293" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  622.617646][   T40] audit: type=1400 audit(1780010927.921:2778): avc:  denied  { create } for  pid=25269 comm="syz.6.6295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  622.709489][T25277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  622.855856][T25261] kvm_intel: kvm [25260]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0xffff000000009d25
[  622.874012][T25261] kvm_pr_unimpl_wrmsr: 1 callbacks suppressed
[  622.874027][T25261] kvm: kvm [25260]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0xffff00000000cf20
[  622.996813][T25292] Process accounting resumed
[  623.077026][T25301] netlink: 148 bytes leftover after parsing attributes in process `syz.5.6305'.
[  623.377948][T25323] F2FS-fs (nbd5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  623.381248][T25323] F2FS-fs (nbd5): Can't find valid F2FS filesystem in 1th superblock
[  623.384930][T25323] F2FS-fs (nbd5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  623.388521][T25323] F2FS-fs (nbd5): Can't find valid F2FS filesystem in 2th superblock
[  623.425995][T25325] F2FS-fs (nbd5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  623.431963][T25325] F2FS-fs (nbd5): Can't find valid F2FS filesystem in 1th superblock
[  623.438917][T25325] F2FS-fs (nbd5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  623.441414][T25325] F2FS-fs (nbd5): Can't find valid F2FS filesystem in 2th superblock
[  623.542907][T25337] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  623.594005][T25339] fuse: Unknown parameter 'fdÃÄ.iå&.'
[  623.662425][T25348] binder: 25346:25348 unknown command 1661272064
[  623.665119][T25348] binder: 25346:25348 ioctl c0306201 2000000003c0 returned -22
[  623.709232][T25349] syzkaller0: entered promiscuous mode
[  623.711619][T25349] syzkaller0: entered allmulticast mode
[  624.723792][T25379] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6328'.
[  626.299503][T25394] syzkaller0: entered promiscuous mode
[  626.301310][T25394] syzkaller0: entered allmulticast mode
[  626.460518][T25401] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6335'.
[  626.479219][T25414] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6338'.
[  626.544844][T25416] autofs4:pid:25416:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  626.691805][T25431] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  626.977509][T25444] x_tables: duplicate underflow at hook 2
[  627.244962][   T62] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  627.253378][   T62] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  627.262181][   T62] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  627.265910][   T62] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  627.269887][   T62] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  627.523347][   T40] kauditd_printk_skb: 215 callbacks suppressed
[  627.523365][   T40] audit: type=1400 audit(1780010932.831:2994): avc:  denied  { read write } for  pid=25465 comm="syz.5.6354" name="video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  627.536948][   T40] audit: type=1400 audit(1780010932.831:2995): avc:  denied  { open } for  pid=25465 comm="syz.5.6354" path="/dev/video7" dev="devtmpfs" ino=975 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  627.546814][   T40] audit: type=1400 audit(1780010932.831:2996): avc:  denied  { ioctl } for  pid=25465 comm="syz.5.6354" path="/dev/video7" dev="devtmpfs" ino=975 ioctlcmd=0x5605 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  627.675965][   T40] audit: type=1400 audit(1780010932.981:2997): avc:  denied  { read } for  pid=5449 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  627.790451][   T40] audit: type=1400 audit(1780010933.101:2998): avc:  denied  { read } for  pid=5449 comm="dhcpcd" name="n76" dev="tmpfs" ino=27262 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  627.803953][   T40] audit: type=1400 audit(1780010933.101:2999): avc:  denied  { open } for  pid=5449 comm="dhcpcd" path="/run/udev/data/n76" dev="tmpfs" ino=27262 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  627.813295][   T40] audit: type=1400 audit(1780010933.101:3000): avc:  denied  { getattr } for  pid=5449 comm="dhcpcd" path="/run/udev/data/n76" dev="tmpfs" ino=27262 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  627.903711][   T40] audit: type=1400 audit(1780010933.211:3001): avc:  denied  { map_create } for  pid=25411 comm="syz.8.6337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  627.919957][   T40] audit: type=1400 audit(1780010933.211:3002): avc:  denied  { map_read map_write } for  pid=25411 comm="syz.8.6337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  627.934527][   T40] audit: type=1400 audit(1780010933.231:3003): avc:  denied  { create } for  pid=25473 comm="syz.6.6355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  628.027433][T10037] team0: Port device bond0 removed
[  628.030829][T10037] bond0 (unregistering): Released all slaves
[  628.039518][T10037] bond1 (unregistering): Released all slaves
[  628.191887][T25474] syzkaller0: entered promiscuous mode
[  628.193715][T25474] syzkaller0: entered allmulticast mode
[  628.229841][T10037] tipc: Left network mode
[  628.847805][T25508] kvm: kvm [25507]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6522
[  628.851051][T25508] kvm: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x6523
[  628.885289][T25508] kvm: kvm [25507]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xa338
[  628.888745][T25508] kvm: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0xa339
[  628.936989][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  628.960072][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  628.988058][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.010678][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.034107][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.055029][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.077032][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.098317][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.118335][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.138743][T25508] kvm_intel: kvm [25507]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x1d9) = 0x1
[  629.270092][ T1438] ieee802154 phy0 wpan0: encryption failed: -22
[  629.272437][ T1438] ieee802154 phy1 wpan1: encryption failed: -22
[  629.356540][ T5736] Bluetooth: hci0: command tx timeout
[  629.727238][ T5736] Bluetooth: hci3: unexpected event for opcode 0x2007
[  629.732000][T25524] netlink: 'syz.5.6365': attribute type 39 has an invalid length.
[  629.806949][T25525] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  630.817590][ T5449] 8021q: adding VLAN 0 to HW filter on device eth14
[  630.873527][T25532] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  630.909688][T25455] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.912598][T25455] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.915611][T25455] bridge_slave_0: entered allmulticast mode
[  630.918296][T25455] bridge_slave_0: entered promiscuous mode
[  630.921523][T25455] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.923835][T25455] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.926083][T25455] bridge_slave_1: entered allmulticast mode
[  630.928803][T25455] bridge_slave_1: entered promiscuous mode
[  630.943769][T25455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.949889][T25455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.967667][T25455] team0: Port device team_slave_0 added
[  630.982198][T25455] team0: Port device team_slave_1 added
[  631.019990][ T5449] 8021q: adding VLAN 0 to HW filter on device eth15
[  631.025743][T25455] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.033619][T25455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  631.047463][T25455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.053327][T25455] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.055398][T25455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  631.063873][T25455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.138926][T25455] hsr_slave_0: entered promiscuous mode
[  631.143681][T25455] hsr_slave_1: entered promiscuous mode
[  631.290619][T25455] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  631.295913][T25455] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  631.299995][ T5449] 8021q: adding VLAN 0 to HW filter on device eth16
[  631.303150][T25455] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  631.307631][T25455] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  631.310911][T25455] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  631.318524][T25455] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  631.321463][T25455] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  631.335868][T25455] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  631.381364][T25563] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6373'.
[  631.402372][T25455] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.405106][T25455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  631.408394][T25455] bridge0: port 1(bridge_slave_0) entered blocking state
[  631.410833][T25455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  631.422922][T25572] netlink: 'syz.6.6374': attribute type 1 has an invalid length.
[  631.424297][T25545] kvm: kvm [25544]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xffff00000000f208
[  631.427459][ T5736] Bluetooth: hci0: command tx timeout
[  631.427587][T25572] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  631.427671][T25572] IPv6: NLM_F_CREATE should be set when creating new route
[  631.432300][T25545] kvm: kvm [25544]: vcpu1, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0xffff0000000054ad
[  631.460901][T10037] hsr_slave_0: left promiscuous mode
[  631.468665][T10037] hsr_slave_1: left promiscuous mode
[  631.588054][T25588] netlink: 212348 bytes leftover after parsing attributes in process `syz.6.6376'.
[  631.753267][ T5449] 8021q: adding VLAN 0 to HW filter on device eth17
[  631.809847][T25590] syzkaller0: entered promiscuous mode
[  631.813434][T25590] syzkaller0: entered allmulticast mode
[  631.833601][   T99] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.851878][   T99] bridge0: port 2(bridge_slave_1) entered disabled state
[  632.049147][T25610] Bluetooth: MGMT ver 1.23
[  632.682566][   T40] kauditd_printk_skb: 144 callbacks suppressed
[  632.682579][   T40] audit: type=1400 audit(1780010937.981:3148): avc:  denied  { module_request } for  pid=25626 comm="syz.8.6386" kmod="rtnl-link-bridge_slave" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  633.507225][ T5736] Bluetooth: hci0: command tx timeout
[  634.543096][T25618] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  634.579504][T25455] 8021q: adding VLAN 0 to HW filter on device bond0
[  634.596245][T25455] 8021q: adding VLAN 0 to HW filter on device team0
[  634.631178][  T162] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.634446][  T162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.642396][  T217] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.644663][  T217] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.649778][   T40] audit: type=1400 audit(1780010939.961:3149): avc:  denied  { search } for  pid=25635 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  634.668678][   T40] audit: type=1400 audit(1780010939.971:3150): avc:  denied  { create } for  pid=25636 comm="syz.5.6389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  634.695042][   T40] audit: type=1400 audit(1780010939.971:3151): avc:  denied  { write } for  pid=25636 comm="syz.5.6389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  634.703964][T25632] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6387'.
[  634.710479][   T40] audit: type=1400 audit(1780010939.991:3152): avc:  denied  { read write } for  pid=25631 comm="syz.8.6387" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  634.727319][   T40] audit: type=1400 audit(1780010939.991:3153): avc:  denied  { open } for  pid=25631 comm="syz.8.6387" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  634.736719][   T40] audit: type=1400 audit(1780010940.001:3154): avc:  denied  { ioctl } for  pid=25631 comm="syz.8.6387" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  634.751406][   T40] audit: type=1400 audit(1780010940.001:3155): avc:  denied  { create } for  pid=25631 comm="syz.8.6387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  634.764408][   T40] audit: type=1400 audit(1780010940.011:3156): avc:  denied  { write } for  pid=25631 comm="syz.8.6387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  634.777161][   T40] audit: type=1400 audit(1780010940.011:3157): avc:  denied  { nlmsg_write } for  pid=25631 comm="syz.8.6387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  634.856008][T25652] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25652 comm=syz.5.6391
[  634.883930][T10037] IPVS: stop unused estimator thread 0...
[  634.982608][    C2] sr 2:0:0:0: [sr0] tag#7 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  634.985828][    C2] sr 2:0:0:0: [sr0] tag#7 CDB: Read DVD structure ad d1 8b b6 80 3d
[  635.028922][T25668] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  635.034790][T25455] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.035622][T25668] FAULT_INJECTION: forcing a failure.
[  635.035622][T25668] name failslab, interval 1, probability 0, space 0, times 0
[  635.045712][T25668] CPU: 0 UID: 0 PID: 25668 Comm: syz.8.6396 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  635.045738][T25668] Tainted: [L]=SOFTLOCKUP
[  635.045744][T25668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  635.045754][T25668] Call Trace:
[  635.045762][T25668]  <TASK>
[  635.045768][T25668]  dump_stack_lvl+0x100/0x190
[  635.045794][T25668]  should_fail_ex.cold+0x5/0xa
[  635.045819][T25668]  should_failslab+0xc2/0x120
[  635.045840][T25668]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  635.045867][T25668]  ? prepare_creds+0x2c/0x950
[  635.045897][T25668]  prepare_creds+0x2c/0x950
[  635.045923][T25668]  ovl_override_creator_creds+0x110/0x340
[  635.045956][T25668]  ovl_create_or_link+0x18a/0x390
[  635.045987][T25668]  ovl_create_object+0x2bf/0x3b0
[  635.046014][T25668]  ? __pfx_ovl_create_object+0x10/0x10
[  635.046041][T25668]  ? inode_permission+0x374/0x620
[  635.046073][T25668]  ovl_mkdir+0x2a/0x40
[  635.046099][T25668]  vfs_mkdir+0x361/0x850
[  635.046120][T25668]  filename_mkdirat+0x48b/0x5e0
[  635.046149][T25668]  ? __pfx_filename_mkdirat+0x10/0x10
[  635.046173][T25668]  ? strncpy_from_user+0x19d/0x2d0
[  635.046199][T25668]  ? do_getname+0x191/0x390
[  635.046235][T25668]  __x64_sys_mkdirat+0x89/0xc0
[  635.046260][T25668]  do_syscall_64+0x115/0x870
[  635.046284][T25668]  ? clear_bhb_loop+0x40/0x90
[  635.046307][T25668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.046325][T25668] RIP: 0033:0x7f999b39ce59
[  635.046341][T25668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  635.046358][T25668] RSP: 002b:00007f999c1e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  635.046376][T25668] RAX: ffffffffffffffda RBX: 00007f999b615fa0 RCX: 00007f999b39ce59
[  635.046388][T25668] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  635.046399][T25668] RBP: 00007f999c1e8090 R08: 0000000000000000 R09: 0000000000000000
[  635.046410][T25668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  635.046421][T25668] R13: 00007f999b616038 R14: 00007f999b615fa0 R15: 00007fffc2eaed88
[  635.046446][T25668]  </TASK>
[  635.047232][T25675] syzkaller0: entered promiscuous mode
[  635.120598][T25675] syzkaller0: entered allmulticast mode
[  635.279940][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6522
[  635.284120][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x6523
[  635.296236][T25455] veth0_vlan: entered promiscuous mode
[  635.304449][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x9b94
[  635.307621][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x9b95
[  635.310845][T25455] veth1_vlan: entered promiscuous mode
[  635.339700][T25455] veth0_macvtap: entered promiscuous mode
[  635.346221][T25455] veth1_macvtap: entered promiscuous mode
[  635.363729][T25455] batman_adv: batadv0: Interface activated: batadv_slave_0
[  635.369523][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xa44c
[  635.372626][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0xa44d
[  635.385681][T25455] batman_adv: batadv0: Interface activated: batadv_slave_1
[  635.390524][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x154c
[  635.393512][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x187) = 0x154d
[  635.394876][T10029] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  635.399647][T10029] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  635.419063][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xb16c
[  635.422174][T25682] kvm: kvm [25680]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xb16d
[  635.434332][T25695] 8021q: adding VLAN 0 to HW filter on device bond6
[  635.438584][T10029] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  635.441634][T25682] kvm_pr_unimpl_wrmsr: 25 callbacks suppressed
[  635.441647][T25682] kvm_intel: kvm [25680]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x3216
[  635.442308][T10029] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  635.541672][T10040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  635.553634][T10040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  635.581566][T10029] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  635.584095][T10029] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  635.589089][ T5736] Bluetooth: hci0: command tx timeout
[  635.680405][T25701] FAULT_INJECTION: forcing a failure.
[  635.680405][T25701] name failslab, interval 1, probability 0, space 0, times 0
[  635.690120][T25701] CPU: 2 UID: 0 PID: 25701 Comm: syz.9.6349 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  635.690140][T25701] Tainted: [L]=SOFTLOCKUP
[  635.690144][T25701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  635.690150][T25701] Call Trace:
[  635.690155][T25701]  <TASK>
[  635.690159][T25701]  dump_stack_lvl+0x100/0x190
[  635.690177][T25701]  should_fail_ex.cold+0x5/0xa
[  635.690192][T25701]  should_failslab+0xc2/0x120
[  635.690205][T25701]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  635.690224][T25701]  ? sidtab_sid2str_get+0x17a/0x670
[  635.690238][T25701]  kmemdup_noprof+0x29/0x60
[  635.690250][T25701]  sidtab_sid2str_get+0x17a/0x670
[  635.690262][T25701]  security_sid_to_context_core+0x35a/0x6d0
[  635.690281][T25701]  avc_audit_post_callback+0x109/0x900
[  635.690292][T25701]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  635.690304][T25701]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  635.690315][T25701]  ? skb_put+0x138/0x180
[  635.690328][T25701]  ? audit_log_n_string+0x256/0x550
[  635.690343][T25701]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  635.690354][T25701]  common_lsm_audit+0x23f/0x2b0
[  635.690371][T25701]  ? __pfx_common_lsm_audit+0x10/0x10
[  635.690387][T25701]  ? lockdep_hardirqs_on+0x78/0x100
[  635.690402][T25701]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  635.690417][T25701]  slow_avc_audit+0x186/0x210
[  635.690430][T25701]  ? __pfx_slow_avc_audit+0x10/0x10
[  635.690443][T25701]  ? avc_denied+0x14a/0x190
[  635.690455][T25701]  ? avc_has_perm_noaudit+0x2fc/0x3b0
[  635.690469][T25701]  avc_has_perm+0x1a6/0x1e0
[  635.690482][T25701]  ? __pfx_avc_has_perm+0x10/0x10
[  635.690494][T25701]  ? tomoyo_mount_permission+0x252/0x460
[  635.690513][T25701]  inode_has_perm+0x166/0x1d0
[  635.690527][T25701]  selinux_mount+0x362/0x440
[  635.690538][T25701]  ? __pfx_selinux_mount+0x10/0x10
[  635.690559][T25701]  security_sb_mount+0x10b/0x270
[  635.690581][T25701]  path_mount+0x158/0x23d0
[  635.690606][T25701]  ? __pfx_path_mount+0x10/0x10
[  635.690621][T25701]  ? lockdep_hardirqs_on+0x78/0x100
[  635.690636][T25701]  ? putname+0xb1/0x110
[  635.690650][T25701]  ? kmem_cache_free+0x127/0x6c0
[  635.690669][T25701]  ? __x64_sys_mount+0x293/0x310
[  635.690684][T25701]  __x64_sys_mount+0x293/0x310
[  635.690700][T25701]  ? __pfx___x64_sys_mount+0x10/0x10
[  635.690722][T25701]  ? rcu_is_watching+0x12/0xc0
[  635.690740][T25701]  do_syscall_64+0x115/0x870
[  635.690754][T25701]  ? clear_bhb_loop+0x40/0x90
[  635.690768][T25701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.690779][T25701] RIP: 0033:0x7f8fff99ce59
[  635.690789][T25701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  635.690799][T25701] RSP: 002b:00007f900077e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  635.690810][T25701] RAX: ffffffffffffffda RBX: 00007f8fffc15fa0 RCX: 00007f8fff99ce59
[  635.690817][T25701] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[  635.690824][T25701] RBP: 00007f900077e090 R08: 00002000000000c0 R09: 0000000000000000
[  635.690830][T25701] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[  635.690836][T25701] R13: 00007f8fffc16038 R14: 00007f8fffc15fa0 R15: 00007ffc3438e048
[  635.690856][T25701]  </TASK>
[  636.188299][T25723] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  636.205130][T25728] Invalid logical block size (4608)
[  636.252602][T25730] bridge_slave_0: left allmulticast mode
[  636.254566][T25730] bridge_slave_0: left promiscuous mode
[  636.259278][T25730] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.271655][T25730] bridge_slave_1: left allmulticast mode
[  636.276638][T25730] bridge_slave_1: left promiscuous mode
[  636.281841][T25730] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.299336][T25730] bond0: (slave bond_slave_0): Releasing backup interface
[  636.306425][T25730] bond0: (slave bond_slave_1): Releasing backup interface
[  636.313482][T25730] team0: Port device team_slave_0 removed
[  636.321182][T25730] team0: Port device team_slave_1 removed
[  636.324558][T25730] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  636.337555][T25730] batman_adv: batadv0: Removing interface: batadv_slave_0
[  636.344735][T25730] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  636.349091][T25730] batman_adv: batadv0: Removing interface: batadv_slave_1
[  636.354249][T25730] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  636.367014][T25738] overlayfs: failed to resolve './file0': -2
[  636.428986][T25740] overlay: Unknown parameter 'uid<00000000000000000000'
[  636.538367][T25749] netlink: 'syz.9.6423': attribute type 1 has an invalid length.
[  636.702630][T25753] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6424'.
[  636.705420][T25753] netlink: 'syz.9.6424': attribute type 30 has an invalid length.
[  636.714997][T25753] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6424'.
[  636.715079][T10029] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  636.718352][T25753] netlink: 'syz.9.6424': attribute type 30 has an invalid length.
[  636.723236][T10029] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  636.732770][T10029] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  636.736478][T10029] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  636.828600][T25763] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6428'.
[  636.932918][T25773] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6432'.
[  636.935854][T25773] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6432'.
[  636.995616][T25773] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6432'.
[  636.999475][T25773] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6432'.
[  637.064627][T25780] syzkaller0: entered promiscuous mode
[  637.066872][T25780] syzkaller0: entered allmulticast mode
[  637.079961][T25780] 0: reclassify loop, rule prio 0, protocol 800
[  637.115402][T25786] netlink: 148 bytes leftover after parsing attributes in process `syz.9.6437'.
[  637.178999][T25792] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6439'.
[  637.324361][T25806] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6445'.
[  637.413802][T25808] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  637.610694][T25823] mac80211_hwsim hwsim53 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  637.733324][   T40] kauditd_printk_skb: 218 callbacks suppressed
[  637.733341][   T40] audit: type=1400 audit(1780010943.041:3376): avc:  denied  { read write } for  pid=25827 comm="syz.8.6452" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  637.746621][   T40] audit: type=1400 audit(1780010943.051:3377): avc:  denied  { open } for  pid=25827 comm="syz.8.6452" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  637.757322][   T40] audit: type=1400 audit(1780010943.051:3378): avc:  denied  { allowed } for  pid=25827 comm="syz.8.6452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  637.765714][   T40] audit: type=1400 audit(1780010943.051:3379): avc:  denied  { create } for  pid=25827 comm="syz.8.6452" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  637.774804][   T40] audit: type=1400 audit(1780010943.051:3380): avc:  denied  { perfmon } for  pid=25827 comm="syz.8.6452" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  637.784205][   T40] audit: type=1400 audit(1780010943.051:3381): avc:  denied  { prog_run } for  pid=25827 comm="syz.8.6452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  637.793615][T25828] KVM: debugfs: duplicate directory 25828-9
[  637.945268][   T40] audit: type=1400 audit(1780010943.251:3382): avc:  denied  { read write } for  pid=25831 comm="syz.8.6454" name="uinput" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  637.955337][   T40] audit: type=1400 audit(1780010943.251:3383): avc:  denied  { open } for  pid=25831 comm="syz.8.6454" path="/dev/uinput" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  637.978134][   T40] audit: type=1400 audit(1780010943.251:3384): avc:  denied  { ioctl } for  pid=25831 comm="syz.8.6454" path="/dev/uinput" dev="devtmpfs" ino=944 ioctlcmd=0x5565 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  638.003530][   T40] audit: type=1400 audit(1780010943.251:3385): avc:  denied  { module_request } for  pid=25831 comm="syz.8.6454" kmod="rtnl-link-bridge_slave" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  638.301689][T25851] sg_write: data in/out 16777180/10 bytes for SCSI command 0x0-- guessing data in;
[  638.301689][T25851]    program syz.6.6460 not setting count and/or reply_len properly
[  638.358442][T25854] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  638.449932][T25861] netlink: 'syz.9.6463': attribute type 7 has an invalid length.
[  638.453243][T25861] netlink: 'syz.9.6463': attribute type 8 has an invalid length.
[  638.456426][T25861] netlink: 'syz.9.6463': attribute type 7 has an invalid length.
[  638.565176][T25880] dlm: no locking on control device
[  639.668647][T10029] wlan1: Trigger new scan to find an IBSS to join
[  641.521981][T25870] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  641.907158][T25924] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  641.915144][T25924] FAULT_INJECTION: forcing a failure.
[  641.915144][T25924] name failslab, interval 1, probability 0, space 0, times 0
[  641.920412][T25924] CPU: 3 UID: 0 PID: 25924 Comm: syz.6.6482 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  641.920429][T25924] Tainted: [L]=SOFTLOCKUP
[  641.920434][T25924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  641.920440][T25924] Call Trace:
[  641.920444][T25924]  <TASK>
[  641.920449][T25924]  dump_stack_lvl+0x100/0x190
[  641.920471][T25924]  should_fail_ex.cold+0x5/0xa
[  641.920487][T25924]  ? lsm_blob_alloc+0x68/0x90
[  641.920502][T25924]  should_failslab+0xc2/0x120
[  641.920514][T25924]  __kmalloc_noprof+0xe0/0x850
[  641.920531][T25924]  ? trace_kmem_cache_alloc+0xd5/0x100
[  641.920546][T25924]  lsm_blob_alloc+0x68/0x90
[  641.920557][T25924]  security_prepare_creds+0x2d/0x290
[  641.920570][T25924]  prepare_creds+0x5d6/0x950
[  641.920586][T25924]  ovl_override_creator_creds+0x110/0x340
[  641.920605][T25924]  ovl_create_or_link+0x18a/0x390
[  641.920623][T25924]  ovl_create_object+0x2bf/0x3b0
[  641.920640][T25924]  ? __pfx_ovl_create_object+0x10/0x10
[  641.920662][T25924]  ? inode_permission+0x374/0x620
[  641.920682][T25924]  ovl_mkdir+0x2a/0x40
[  641.920698][T25924]  vfs_mkdir+0x361/0x850
[  641.920710][T25924]  filename_mkdirat+0x48b/0x5e0
[  641.920730][T25924]  ? __pfx_filename_mkdirat+0x10/0x10
[  641.920750][T25924]  ? strncpy_from_user+0x19d/0x2d0
[  641.920773][T25924]  ? do_getname+0x191/0x390
[  641.920798][T25924]  __x64_sys_mkdirat+0x89/0xc0
[  641.920820][T25924]  do_syscall_64+0x115/0x870
[  641.920865][T25924]  ? clear_bhb_loop+0x40/0x90
[  641.920889][T25924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.920906][T25924] RIP: 0033:0x7f874959ce59
[  641.920923][T25924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  641.920937][T25924] RSP: 002b:00007f87477f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  641.920948][T25924] RAX: ffffffffffffffda RBX: 00007f8749815fa0 RCX: 00007f874959ce59
[  641.920955][T25924] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  641.920962][T25924] RBP: 00007f87477f6090 R08: 0000000000000000 R09: 0000000000000000
[  641.920968][T25924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  641.920974][T25924] R13: 00007f8749816038 R14: 00007f8749815fa0 R15: 00007ffdffcbb0b8
[  641.920989][T25924]  </TASK>
[  642.036189][T25929] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  642.040130][T25929] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  642.044568][T25929] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  642.141326][T25937] __nla_validate_parse: 4 callbacks suppressed
[  642.141344][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.149486][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.157945][T25939] FAULT_INJECTION: forcing a failure.
[  642.157945][T25939] name failslab, interval 1, probability 0, space 0, times 0
[  642.167745][T25939] CPU: 1 UID: 0 PID: 25939 Comm: syz.6.6488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  642.167774][T25939] Tainted: [L]=SOFTLOCKUP
[  642.167782][T25939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  642.167793][T25939] Call Trace:
[  642.167801][T25939]  <TASK>
[  642.167810][T25939]  dump_stack_lvl+0x100/0x190
[  642.167837][T25939]  should_fail_ex.cold+0x5/0xa
[  642.167865][T25939]  should_failslab+0xc2/0x120
[  642.167886][T25939]  __kmalloc_cache_noprof+0x7a/0x6f0
[  642.167911][T25939]  ? v9fs_get_tree+0x9c/0xb50
[  642.167936][T25939]  v9fs_get_tree+0x9c/0xb50
[  642.167949][T25939]  ? rcu_is_watching+0x12/0xc0
[  642.167978][T25939]  ? __pfx_v9fs_get_tree+0x10/0x10
[  642.167999][T25939]  ? bpf_lsm_capable+0x9/0x10
[  642.168019][T25939]  ? security_capable+0x80/0x260
[  642.168041][T25939]  vfs_get_tree+0x92/0x320
[  642.168060][T25939]  path_mount+0x7d0/0x23d0
[  642.168091][T25939]  ? __pfx_path_mount+0x10/0x10
[  642.168112][T25939]  ? lockdep_hardirqs_on+0x78/0x100
[  642.168139][T25939]  ? putname+0xb1/0x110
[  642.168163][T25939]  ? kmem_cache_free+0x127/0x6c0
[  642.168193][T25939]  ? __x64_sys_mount+0x293/0x310
[  642.168219][T25939]  __x64_sys_mount+0x293/0x310
[  642.168245][T25939]  ? __pfx___x64_sys_mount+0x10/0x10
[  642.168273][T25939]  ? rcu_is_watching+0x12/0xc0
[  642.168299][T25939]  do_syscall_64+0x115/0x870
[  642.168322][T25939]  ? clear_bhb_loop+0x40/0x90
[  642.168346][T25939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.168367][T25939] RIP: 0033:0x7f874959ce59
[  642.168381][T25939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  642.168399][T25939] RSP: 002b:00007f87477f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  642.168417][T25939] RAX: ffffffffffffffda RBX: 00007f8749815fa0 RCX: 00007f874959ce59
[  642.168428][T25939] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[  642.168439][T25939] RBP: 00007f87477f6090 R08: 00002000000000c0 R09: 0000000000000000
[  642.168451][T25939] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[  642.168461][T25939] R13: 00007f8749816038 R14: 00007f8749815fa0 R15: 00007ffdffcbb0b8
[  642.168482][T25939]  </TASK>
[  642.197970][T25942] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.228076][T25943] netlink: 'syz.5.6489': attribute type 25 has an invalid length.
[  642.254752][T25945] overlayfs: failed to resolve './bus': -2
[  642.281728][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.286248][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.316269][T25951] syz.5.6492(25951): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  642.325103][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.328204][T25937] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6487'.
[  642.678376][T25972] overlayfs: failed to resolve './bus': -2
[  642.711051][T25977] overlayfs: failed to resolve './bus': -2
[  642.724064][  T162] wlan1: Trigger new scan to find an IBSS to join
[  642.740644][   T40] kauditd_printk_skb: 115 callbacks suppressed
[  642.740656][   T40] audit: type=1400 audit(1780010948.051:3501): avc:  denied  { map } for  pid=25978 comm="syz.9.6502" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  642.761565][   T40] audit: type=1400 audit(1780010948.071:3502): avc:  denied  { mount } for  pid=25978 comm="syz.9.6502" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  642.764155][T25979] nfs: Unknown parameter '00000000000000000003'
[  642.769876][T25982] loop2: detected capacity change from 0 to 7
[  642.775290][T25982] buffer_io_error: 7 callbacks suppressed
[  642.775306][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.781395][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.784698][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.788333][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.789407][   T40] audit: type=1400 audit(1780010948.101:3503): avc:  denied  { unmount } for  pid=25455 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  642.791687][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.802898][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.806756][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.810185][T25982] ldm_validate_partition_table(): Disk read failed.
[  642.812907][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.816669][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.819407][T25982] Buffer I/O error on dev loop2, logical block 0, async page read
[  642.822361][T25982] Dev loop2: unable to read RDB block 0
[  642.824854][T25982]  loop2: unable to read partition table
[  642.826715][T25982] loop2: partition table beyond EOD, truncated
[  642.830133][T25982] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  642.882173][   T40] audit: type=1400 audit(1780010948.191:3504): avc:  denied  { setopt } for  pid=25985 comm="syz.5.6505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  642.889625][   T40] audit: type=1400 audit(1780010948.201:3505): avc:  denied  { ioctl } for  pid=25985 comm="syz.5.6505" path="socket:[118897]" dev="sockfs" ino=118897 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  642.897497][   T40] audit: type=1400 audit(1780010948.211:3506): avc:  denied  { write } for  pid=25985 comm="syz.5.6505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  642.905445][   T40] audit: type=1400 audit(1780010948.211:3507): avc:  denied  { create } for  pid=25985 comm="syz.5.6505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  642.911842][   T40] audit: type=1400 audit(1780010948.221:3508): avc:  denied  { read } for  pid=25985 comm="syz.5.6505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  642.944091][   T40] audit: type=1400 audit(1780010948.251:3509): avc:  denied  { create } for  pid=25989 comm="syz.5.6506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  642.945622][T25990] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[  643.020202][   T40] audit: type=1400 audit(1780010948.331:3510): avc:  denied  { read write } for  pid=25993 comm="syz.5.6508" name="raw-gadget" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  643.124117][T26002] overlayfs: failed to resolve './bus': -2
[  643.161000][T26006] netlink: 'syz.8.6513': attribute type 1 has an invalid length.
[  643.174981][T26006] 8021q: adding VLAN 0 to HW filter on device bond7
[  643.187326][T26006] bond7: (slave geneve3): making interface the new active one
[  643.190811][T26006] bond7: (slave geneve3): Enslaving as an active interface with an up link
[  643.287133][T19760] usb 10-1: new full-speed USB device number 10 using dummy_hcd
[  643.459604][T19760] usb 10-1: config 0 interface 0 altsetting 255 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  643.465231][T19760] usb 10-1: config 0 interface 0 altsetting 255 endpoint 0x8F has invalid maxpacket 111, setting to 64
[  643.470173][T19760] usb 10-1: config 0 interface 0 has no altsetting 0
[  643.475374][T19760] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  643.481353][T19760] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  643.487813][T19760] usb 10-1: Product: syz
[  643.489205][T19760] usb 10-1: Manufacturer: syz
[  643.497181][T19760] usb 10-1: SerialNumber: syz
[  643.505794][T19760] usb 10-1: config 0 descriptor??
[  643.512736][T25994] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  643.519424][T19760] usb 10-1: selecting invalid altsetting 0
[  643.767200][T26026] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(3)
[  643.769802][T26026] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  643.773010][T26026] vhci_hcd vhci_hcd.0: Device attached
[  643.929697][T26030] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6520'.
[  643.987019][T26032] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  644.027296][   T24] usb 55-1: new high-speed USB device number 2 using vhci_hcd
[  644.030401][  T845] usb 14-1: new high-speed USB device number 2 using dummy_hcd
[  644.190522][  T845] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  644.195681][  T845] usb 14-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  644.200424][  T845] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  644.203358][  T845] usb 14-1: Product: syz
[  644.205267][  T845] usb 14-1: Manufacturer: syz
[  644.208208][  T845] usb 14-1: SerialNumber: syz
[  644.247573][   T34] usb 10-1: USB disconnect, device number 10
[  644.325385][T26060] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6531'.
[  644.331593][T26060] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6531'.
[  644.342775][T26058] syzkaller0: entered promiscuous mode
[  644.344567][T26058] syzkaller0: entered allmulticast mode
[  645.237681][  T845] cdc_ncm 14-1:1.0: MAC-Address: 42:42:42:42:42:42
[  645.240013][  T845] cdc_ncm 14-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  645.242451][  T845] cdc_ncm 14-1:1.0: setting rx_max = 2048
[  645.677377][T10044] wlan1: Trigger new scan to find an IBSS to join
[  646.289796][T26060] workqueue: Failed to create a rescuer kthread for wq "bond6": -EINTR
[  646.305343][T26026] ªªªªªª: renamed from hsr0 (while UP)
[  646.324926][  T845] cdc_ncm 14-1:1.0: setting tx_max = 88
[  646.325534][T26027] vhci_hcd: connection reset by peer
[  646.340523][T10040] vhci_hcd vhci_hcd.9: stop threads
[  646.346075][T10040] vhci_hcd vhci_hcd.9: release socket
[  646.351462][T10040] vhci_hcd vhci_hcd.9: disconnect device
[  646.379502][  T845] cdc_ncm 14-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.9-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  646.388628][T26087] syzkaller0: entered promiscuous mode
[  646.392619][T26087] syzkaller0: entered allmulticast mode
[  646.392676][  T845] usb 14-1: USB disconnect, device number 2
[  646.399683][T26087] 0: reclassify loop, rule prio 0, protocol 800
[  646.409353][  T845] cdc_ncm 14-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.9-1, CDC NCM (NO ZLP)
[  646.498301][T26100] 9p: Bad value for 'port'
[  646.636038][  T217] wlan1: Creating new IBSS network, BSSID c2:81:48:45:5e:aa
[  646.638946][T26116] netlink: 'syz.6.6546': attribute type 23 has an invalid length.
[  646.662079][T26121] autofs4:pid:26121:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  646.677831][ T5736] Bluetooth: hci5: unexpected event for opcode 0x2019
[  646.785003][T26131] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  647.210170][T26154] input: syz0 as /devices/virtual/input/input115
[  647.481628][T26164] ==================================================================
[  647.484061][T26164] BUG: KASAN: slab-use-after-free in netfs_unbuffered_write+0x1c21/0x21e0
[  647.486553][T26164] Read of size 2 at addr ffff88803f281724 by task syz.6.6556/26164
[  647.489453][T26164] 
[  647.490520][T26164] CPU: 3 UID: 0 PID: 26164 Comm: syz.6.6556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  647.490537][T26164] Tainted: [L]=SOFTLOCKUP
[  647.490541][T26164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  647.490548][T26164] Call Trace:
[  647.490552][T26164]  <TASK>
[  647.490556][T26164]  dump_stack_lvl+0x100/0x190
[  647.490570][T26164]  print_report+0x13d/0x4b0
[  647.490586][T26164]  ? __virt_addr_valid+0x239/0x430
[  647.490599][T26164]  ? netfs_unbuffered_write+0x1c21/0x21e0
[  647.490612][T26164]  kasan_report+0xdf/0x1d0
[  647.490624][T26164]  ? netfs_unbuffered_write+0x1c21/0x21e0
[  647.490637][T26164]  netfs_unbuffered_write+0x1c21/0x21e0
[  647.490650][T26164]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[  647.490663][T26164]  ? rolling_buffer_init+0x8a/0xb0
[  647.490677][T26164]  ? netfs_create_write_req+0x527/0x860
[  647.490696][T26164]  netfs_unbuffered_write_iter_locked+0x7e2/0xa90
[  647.490710][T26164]  netfs_unbuffered_write_iter+0x442/0x740
[  647.490723][T26164]  v9fs_file_write_iter+0xbf/0x100
[  647.490743][T26164]  vfs_write+0x6ac/0x1070
[  647.490755][T26164]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  647.490770][T26164]  ? __pfx_vfs_write+0x10/0x10
[  647.490785][T26164]  ksys_write+0x12a/0x250
[  647.490796][T26164]  ? __pfx_ksys_write+0x10/0x10
[  647.490808][T26164]  ? rcu_is_watching+0x12/0xc0
[  647.490824][T26164]  do_syscall_64+0x115/0x870
[  647.490845][T26164]  ? clear_bhb_loop+0x40/0x90
[  647.490857][T26164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.490868][T26164] RIP: 0033:0x7f874959ce59
[  647.490877][T26164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  647.490888][T26164] RSP: 002b:00007f87477f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  647.490899][T26164] RAX: ffffffffffffffda RBX: 00007f8749815fa0 RCX: 00007f874959ce59
[  647.490906][T26164] RDX: 00000000fffffdd8 RSI: 0000200000000540 RDI: 0000000000000004
[  647.490913][T26164] RBP: 00007f8749632d6f R08: 0000000000000000 R09: 0000000000000000
[  647.490919][T26164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.490926][T26164] R13: 00007f8749816038 R14: 00007f8749815fa0 R15: 00007ffdffcbb0b8
[  647.490936][T26164]  </TASK>
[  647.490940][T26164] 
[  647.560733][T26164] Allocated by task 26164:
[  647.562077][T26164]  kasan_save_stack+0x30/0x50
[  647.563530][T26164]  kasan_save_track+0x14/0x30
[  647.565175][T26164]  __kasan_slab_alloc+0x89/0x90
[  647.566745][T26164]  kmem_cache_alloc_noprof+0x241/0x6e0
[  647.568407][T26164]  mempool_alloc_noprof+0x1b7/0x310
[  647.570002][T26164]  netfs_alloc_subrequest+0xc1/0x3c0
[  647.571604][T26164]  netfs_prepare_write+0x76/0x780
[  647.573125][T26164]  netfs_unbuffered_write+0x7b8/0x21e0
[  647.574764][T26164]  netfs_unbuffered_write_iter_locked+0x7e2/0xa90
[  647.576696][T26164]  netfs_unbuffered_write_iter+0x442/0x740
[  647.578453][T26164]  v9fs_file_write_iter+0xbf/0x100
[  647.580038][T26164]  vfs_write+0x6ac/0x1070
[  647.581377][T26164]  ksys_write+0x12a/0x250
[  647.582697][T26164]  do_syscall_64+0x115/0x870
[  647.584176][T26164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.585960][T26164] 
[  647.586711][T26164] Freed by task 26164:
[  647.587984][T26164]  kasan_save_stack+0x30/0x50
[  647.589427][T26164]  kasan_save_track+0x14/0x30
[  647.590887][T26164]  kasan_save_free_info+0x3b/0x70
[  647.592454][T26164]  __kasan_slab_free+0x5f/0x80
[  647.593932][T26164]  kmem_cache_free+0x127/0x6c0
[  647.595370][T26164]  mempool_free+0xde/0x130
[  647.596724][T26164]  netfs_put_subrequest+0x282/0x4c0
[  647.598313][T26164]  netfs_unbuffered_write+0x13ed/0x21e0
[  647.600031][T26164]  netfs_unbuffered_write_iter_locked+0x7e2/0xa90
[  647.601986][T26164]  netfs_unbuffered_write_iter+0x442/0x740
[  647.603768][T26164]  v9fs_file_write_iter+0xbf/0x100
[  647.605332][T26164]  vfs_write+0x6ac/0x1070
[  647.606658][T26164]  ksys_write+0x12a/0x250
[  647.607989][T26164]  do_syscall_64+0x115/0x870
[  647.609402][T26164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.611239][T26164] 
[  647.611981][T26164] The buggy address belongs to the object at ffff88803f281680
[  647.611981][T26164]  which belongs to the cache netfs_subrequest of size 200
[  647.616239][T26164] The buggy address is located 164 bytes inside of
[  647.616239][T26164]  freed 200-byte region [ffff88803f281680, ffff88803f281748)
[  647.620306][T26164] 
[  647.621046][T26164] The buggy address belongs to the physical page:
[  647.622964][T26164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803f281a40 pfn:0x3f280
[  647.625976][T26164] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  647.628503][T26164] memcg:ffff88803f2800d9
[  647.629791][T26164] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  647.632342][T26164] page_type: f5(slab)
[  647.633552][T26164] raw: 00fff00000000240 ffff88801c3597c0 ffffea0001758190 ffffea0000b22c90
[  647.636125][T26164] raw: ffff88803f281a40 0000014000190016 00000000f5000000 ffff88803f2800d9
[  647.638670][T26164] head: 00fff00000000240 ffff88801c3597c0 ffffea0001758190 ffffea0000b22c90
[  647.641289][T26164] head: ffff88803f281a40 0000014000190016 00000000f5000000 ffff88803f2800d9
[  647.643875][T26164] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[  647.646473][T26164] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  647.649080][T26164] page dumped because: kasan: bad access detected
[  647.651048][T26164] page_owner tracks the page as allocated
[  647.652786][T26164] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2880(GFP_NOWAIT|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 24581, tgid 24581 (syz.5.6076), ts 595580790336, free_ts 587741119347
[  647.659625][T26164]  post_alloc_hook+0xfd/0x120
[  647.661133][T26164]  get_page_from_freelist+0x11a6/0x3410
[  647.662838][T26164]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  647.664663][T26164]  new_slab+0xa6/0x6c0
[  647.665930][T26164]  refill_objects+0x277/0x420
[  647.667392][T26164]  __pcs_replace_empty_main+0x375/0x650
[  647.669081][T26164]  kmem_cache_alloc_noprof+0x480/0x6e0
[  647.670739][T26164]  mempool_alloc_noprof+0x1b7/0x310
[  647.672336][T26164]  netfs_alloc_subrequest+0xc1/0x3c0
[  647.673948][T26164]  netfs_prepare_write+0x76/0x780
[  647.675499][T26164]  netfs_advance_write+0x3af/0x4c0
[  647.677068][T26164]  netfs_write_folio+0xc09/0x1810
[  647.678604][T26164]  netfs_writepages+0x2b9/0x990
[  647.680136][T26164]  do_writepages+0x278/0x600
[  647.681572][T26164]  filemap_writeback+0x22d/0x2e0
[  647.683082][T26164]  v9fs_dir_release+0x2d1/0x590
[  647.684595][T26164] page last free pid 50 tgid 50 stack trace:
[  647.686409][T26164]  __free_frozen_pages+0x794/0x10a0
[  647.688019][T26164]  kasan_depopulate_vmalloc_pte+0x5d/0x80
[  647.689763][T26164]  __apply_to_page_range+0xb1d/0x1520
[  647.691438][T26164]  __kasan_release_vmalloc+0xd7/0xe0
[  647.693045][T26164]  purge_vmap_node+0x210/0xb40
[  647.694537][T26164]  process_one_work+0xa0e/0x1980
[  647.696059][T26164]  worker_thread+0x5ef/0xe50
[  647.697475][T26164]  kthread+0x370/0x450
[  647.698727][T26164]  ret_from_fork+0x72b/0xd50
[  647.700171][T26164]  ret_from_fork_asm+0x1a/0x30
[  647.701653][T26164] 
[  647.702396][T26164] Memory state around the buggy address:
[  647.704142][T26164]  ffff88803f281600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  647.706703][T26164]  ffff88803f281680: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  647.709173][T26164] >ffff88803f281700: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc
[  647.711582][T26164]                                ^
[  647.713118][T26164]  ffff88803f281780: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  647.715510][T26164]  ffff88803f281800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  647.717900][T26164] ==================================================================
[  647.721520][T26164] Kernel panic - not syncing: KASAN: panic_on_warn set ...
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  647.723743][T26164] CPU: 3 UID: 0 PID: 26164 Comm: syz.6.6556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  647.727278][T26164] Tainted: [L]=SOFTLOCKUP
[  647.728614][T26164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  647.731654][T26164] Call Trace:
[  647.732682][T26164]  <TASK>
[  647.733576][T26164]  dump_stack_lvl+0x100/0x190
[  647.735026][T26164]  vpanic+0x552/0x970
[  647.736264][T26164]  ? __pfx_vpanic+0x10/0x10
[  647.737668][T26164]  ? mark_held_locks+0x40/0x70
[  647.739162][T26164]  ? netfs_unbuffered_write+0x1c21/0x21e0
[  647.740948][T26164]  panic+0xd1/0xe0
[  647.742114][T26164]  ? __pfx_panic+0x10/0x10
[  647.743487][T26164]  ? netfs_unbuffered_write+0x1c21/0x21e0
[  647.745227][T26164]  ? preempt_schedule_common+0x42/0xc0
[  647.746902][T26164]  check_panic_on_warn.cold+0x19/0x34
[  647.748550][T26164]  end_report.part.0+0x3a/0x90
[  647.750025][T26164]  kasan_report.cold+0xe/0x18
[  647.751479][T26164]  ? netfs_unbuffered_write+0x1c21/0x21e0
[  647.753214][T26164]  netfs_unbuffered_write+0x1c21/0x21e0
[  647.754888][T26164]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[  647.756714][T26164]  ? rolling_buffer_init+0x8a/0xb0
[  647.758300][T26164]  ? netfs_create_write_req+0x527/0x860
[  647.760028][T26164]  netfs_unbuffered_write_iter_locked+0x7e2/0xa90
[  647.761992][T26164]  netfs_unbuffered_write_iter+0x442/0x740
[  647.763784][T26164]  v9fs_file_write_iter+0xbf/0x100
[  647.765354][T26164]  vfs_write+0x6ac/0x1070
[  647.766690][T26164]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  647.768429][T26164]  ? __pfx_vfs_write+0x10/0x10
[  647.769898][T26164]  ksys_write+0x12a/0x250
[  647.771258][T26164]  ? __pfx_ksys_write+0x10/0x10
[  647.772764][T26164]  ? rcu_is_watching+0x12/0xc0
[  647.774226][T26164]  do_syscall_64+0x115/0x870
[  647.775649][T26164]  ? clear_bhb_loop+0x40/0x90
[  647.777247][T26164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.779410][T26164] RIP: 0033:0x7f874959ce59
[  647.780883][T26164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  647.787316][T26164] RSP: 002b:00007f87477f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  647.790264][T26164] RAX: ffffffffffffffda RBX: 00007f8749815fa0 RCX: 00007f874959ce59
[  647.793008][T26164] RDX: 00000000fffffdd8 RSI: 0000200000000540 RDI: 0000000000000004
[  647.795725][T26164] RBP: 00007f8749632d6f R08: 0000000000000000 R09: 0000000000000000
[  647.798437][T26164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.801023][T26164] R13: 00007f8749816038 R14: 00007f8749815fa0 R15: 00007ffdffcbb0b8
[  647.803784][T26164]  </TASK>
[  647.805812][T26164] Kernel Offset: disabled
[  647.807276][T26164] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:29:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff8e7e5620 RCX=ffffffff91848e01 RDX=0000000000000000
RSI=ffffffff8c1c4400 RDI=0000000000000000 RBP=ffffffff81b7c1ae RSP=ffffc90000127770
R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000200 R11=0000000000017658
R12=ffff88801e6da540 R13=ffffc90000127828 R14=0000000000000202 R15=ffffc9000012785c
RIP=ffffffff81e4817d RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6386000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000006437e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc3438e536
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc3438e536 00007ffc3438e53c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fffa33352
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fffa33392
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fffa334f6
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fffa33384
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000c490
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fffbed5f8 00007f8fffbed5c8 00007f8fffbed600 00007f8fffbed5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000766977 RBX=ffff88801e6e2540 RCX=ffffffff8b894285 RDX=0000000000000000
RSI=ffffffff8df0eee6 RDI=ffffffff8c1c4480 RBP=0000000000000000 RSP=ffffc90000177df0
R8 =0000000000000001 R9 =ffffed100d4a67b5 R10=ffff88806a533dab R11=0000000000000000
R12=0000000000000001 R13=ffffed1003cdc4a8 R14=0000000000000001 R15=ffffffff90d70550
RIP=ffffffff8b8928df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6486000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f87496c7e90 CR3=00000000488ee000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010001 Opmask01=0000000000007fff Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6 00007ffdffcbb5ac
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633352
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633392
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87496334f6
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633384
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87497ed5f8 00007f87497ed5c8 00007f87497ed600 00007f87497ed5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffffffff81000130 RCX=ffffc9000635ef4c RDX=1ffff92000c6be08
RSI=ffffffff8dee9983 RDI=ffffffff81000130 RBP=ffffc9000635f040 RSP=ffffc9000635efd0
R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000200 R11=00000000000a88a1
R12=ffffffff81f2e530 R13=ffffc9000635f0b8 R14=0000000000000000 R15=ffff88802d0c2540
RIP=ffffffff81d0781d RFL=00000296 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f1bfa20a6c0 ffffffff 00c00000
GS =0000 ffff8880d6586000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffcb8e50fb8 CR3=0000000027575000 CR4=00352ef0
DR0=0000000000000001 DR1=00000000000001f8 DR2=0000000000000003 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6576697372756365 725f64656772656d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6 00007ffdffcbb5ac
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633352
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633392
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87496334f6
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633384
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff857e74e5 RDI=ffffffff9b45dca0 RBP=ffffffff9b45dc60 RSP=ffffc9000613f508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2e7a7973203a5043
R12=0000000000000000 R13=0000000000000032 R14=0000000000000010 R15=ffffffff857e7480
RIP=ffffffff857e750f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f87477f66c0 ffffffff 00c00000
GS =0000 ffff8880d6686000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f87477d4ff8 CR3=00000000488ee000 CR4=00352ef0
DR0=0000000000000001 DR1=00000000000001f8 DR2=0000000000000003 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000010001 Opmask01=0000000000007fff Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 203a6b6361747320 6461657268747020
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdffcbb5a6 00007ffdffcbb5ac
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633352
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633392
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87496334f6
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8749633384
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 657a6973203c2065 7a69736565726600 632e6b6361747365 7461636f6c6c6100
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 405f4c5605190540 5f4c564040574300 460b4e4644515640 5144464a49494400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f87497ed5f8 00007f87497ed5c8 00007f87497ed600 00007f87497ed5e0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000