last executing test programs:

1m4.128911726s ago: executing program 2 (id=438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r1, 0x719, 0x0, 0x25dfdbfe, {0x8}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0)

1m4.088169034s ago: executing program 2 (id=439):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="190700000000fedba8ffffffff080003003ec74303eaf02218008345c100f4c4a0db5cafb80b73d187e48d51c1ef6f2febe48e6e0d449ef1503c5bea37b04d3d369001882bd4a962450a140031aed6691bea2b80f32ba9da142030741540f7939bb2eab40303c8fefc"], 0x18}}, 0x0)

1m4.010992017s ago: executing program 2 (id=441):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x8880, 0x85)
lseek(r1, 0x1000001, 0x3)
getdents64(r2, 0x0, 0x4f)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_elf64(r0, &(0x7f0000000e00)=ANY=[@ANYBLOB="e3209b821ed4218e"], 0x1820)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x1}}, 0x3c)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})

1m3.427710999s ago: executing program 2 (id=443):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
r1 = socket(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, '\x00', 0x2d}, 0x1}, 0x1c)
sendto$inet(0xffffffffffffffff, &(0x7f0000000340)="f31252a1937b86f102bdb8caffee8d19014e7a9a0c3ce971000000", 0x1b, 0x4854, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
statx(0xffffffffffffffff, 0x0, 0x0, 0x103, 0x0)
r2 = getpgid(0x0)
r3 = fcntl$dupfd(r1, 0x0, r1)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r3, &(0x7f0000000400)={&(0x7f0000000140), 0xc, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012abd700000ce86f439e123944818718b1da9660dbee54a", @ANYRES32=r5, @ANYBLOB="0c00990001000000500000000a001a00ffffffffffff00000a001a00ffffffffffff0000"], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
syz_pidfd_open(r2, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)
setns(0xffffffffffffffff, 0x66020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)

1m3.351042598s ago: executing program 2 (id=444):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
sendto$packet(r0, &(0x7f00000012c0)="10030f00e0ff020004804788aa96a1625eb65ecef320ab3bfa870a3c3da8c37a3bb100001100f847d7007ff56bcbc65bf142b15f328c8d876547d3dfb12fc3401c669cd443cee76a1967c4ce1249eddc3a587ce88d22a607846c5a0958d002720bf1904ba942ae5cc9985458e5c892d6", 0xfffffdad, 0x50, &(0x7f00000011c0)={0x11, 0x3, 0x0, 0x1, 0x4, 0x6, @remote}, 0x14)

1m3.129510902s ago: executing program 2 (id=445):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
close(r0)
pwrite64(r0, &(0x7f0000000180)="189678fa5a56a60e5fa28dd3e3b1c3d3d1faa4ed2f266c2b42a12b8e28d8000b9a364b8d618d15507803857a321e2c91ddb01aeedd4d32980bf01340ad9c71a2771d4597911c8592d7e62f1aa934c5037d89640226ffc6e3e22f931ee1bb2cd78ddd3317da2c99d1bc3fa6a6560004e0d442fe45288eefe87753cb16a7df14a2c86ebef26f54ac3ddcf3d0a7aa28678e9375d2b8312f6f7700f449bf041108b822be7a8fc158df427218340b8278fc814cc7413aa2eece218578f5874d9776", 0xbf, 0x4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000840), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010055177000fedbdf2503000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4010)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, &(0x7f0000000000)=0x60, 0x2)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x0})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_dev$video(0x0, 0x1d24, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f00000012c0)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r6, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x10000, 0x0, {0x77359400}, {0x2, 0x0, 0x0, 0x2, 0x0, 0x4, "20635698"}, 0x3, 0x1, {}, 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x77c})
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})

1m3.063939489s ago: executing program 32 (id=445):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
close(r0)
pwrite64(r0, &(0x7f0000000180)="189678fa5a56a60e5fa28dd3e3b1c3d3d1faa4ed2f266c2b42a12b8e28d8000b9a364b8d618d15507803857a321e2c91ddb01aeedd4d32980bf01340ad9c71a2771d4597911c8592d7e62f1aa934c5037d89640226ffc6e3e22f931ee1bb2cd78ddd3317da2c99d1bc3fa6a6560004e0d442fe45288eefe87753cb16a7df14a2c86ebef26f54ac3ddcf3d0a7aa28678e9375d2b8312f6f7700f449bf041108b822be7a8fc158df427218340b8278fc814cc7413aa2eece218578f5874d9776", 0xbf, 0x4)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000840), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010055177000fedbdf2503000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4010)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, &(0x7f0000000000)=0x60, 0x2)
creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x0})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_dev$video(0x0, 0x1d24, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f00000012c0)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r6, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x10000, 0x0, {0x77359400}, {0x2, 0x0, 0x0, 0x2, 0x0, 0x4, "20635698"}, 0x3, 0x1, {}, 0x4})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x77c})
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})

1m0.276173757s ago: executing program 4 (id=446):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x78, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\a\x00\x00'}]}, 0x18}], 0x1}, 0x0) (async, rerun: 64)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0) (async, rerun: 64)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0xc000}}) (async, rerun: 64)
read$FUSE(r2, &(0x7f0000008340)={0x2020, 0x0, <r3=>0x0}, 0x2020) (rerun: 64)
write$FUSE_INIT(r2, &(0x7f0000000000)={0x50, 0x0, r3, {0x7, 0x29, 0x0, 0x20, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}}, 0x50)
write$FUSE_NOTIFY_INVAL_INODE(r2, &(0x7f0000000080)={0x28, 0x2, 0x0, {0x3, 0x1ff, 0x8}}, 0x28) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x15, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xa0}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x10}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x56010000}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {0x7, 0x0, 0x2}, {}, {}, {0x25}}], {{0x6}, {0x5}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) (async, rerun: 32)
ioctl(r0, 0x10, &(0x7f00000000c0)="ec19f4482e7e11205ddc8304fd4bb1e9775f2d") (rerun: 32)

1m0.186045841s ago: executing program 4 (id=470):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
r1 = socket(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, '\x00', 0x2d}, 0x1}, 0x1c)
sendto$inet(0xffffffffffffffff, &(0x7f0000000340)="f31252a1937b86f102bdb8caffee8d19014e7a9a0c3ce971000000", 0x1b, 0x4854, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
statx(0xffffffffffffffff, 0x0, 0x0, 0x103, 0x0)
getpgid(0x0)
fcntl$dupfd(r1, 0x0, r1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

1m0.185524795s ago: executing program 4 (id=471):
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000100)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}]) (fail_nth: 4)

57.050907926s ago: executing program 4 (id=485):
socket$kcm(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000100), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYBLOB="0500000008000000ed00000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="03"], 0x48}, 0x1, 0x0, 0x0, 0x2000c014}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r1 = syz_open_dev$dvb_frontend(&(0x7f00000000c0), 0x0, 0x40)
ioctl$FE_SET_PROPERTY(r1, 0x80106f53, &(0x7f00000001c0)={0x1e, 0x0})

56.986544835s ago: executing program 33 (id=485):
socket$kcm(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000100), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYBLOB="0500000008000000ed00000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="03"], 0x48}, 0x1, 0x0, 0x0, 0x2000c014}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
setsockopt$IP_VS_SO_SET_FLUSH(0xffffffffffffffff, 0x0, 0x485, 0x0, 0x0)
socket$kcm(0x2, 0xa, 0x2)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
r1 = syz_open_dev$dvb_frontend(&(0x7f00000000c0), 0x0, 0x40)
ioctl$FE_SET_PROPERTY(r1, 0x80106f53, &(0x7f00000001c0)={0x1e, 0x0})

26.469849312s ago: executing program 5 (id=704):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = syz_open_dev$swradio(&(0x7f0000001140), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_G_EDID(r2, 0xc0245628, &(0x7f00000002c0)={0x0, 0x7, 0x1, '\x00', &(0x7f0000000280)=0xf})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x0, 0x9, 0x2})
syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = socket(0x10, 0x800, 0xfffffffe)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth1\x00'})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast1}}}, 0x84)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000001040)={0x3, {{0x2, 0x0, @multicast1}}}, 0x88)
getsockopt$inet_buf(r4, 0x0, 0x30, &(0x7f0000000000)=""/4091, &(0x7f0000001000)=0xffb)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001140)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001200)=ANY=[@ANYBLOB], 0xc4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r5 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000899000/0x4000)=nil, 0x4000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f00006b7000/0x3000)=nil, 0x3000, 0x9)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_GET_XSAVE2(r6, 0x9000aecf, &(0x7f00005c8000/0x3000)=nil)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

26.390150691s ago: executing program 5 (id=705):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="800002010800000008001b000000000008000d"], 0x38}}, 0x0)
socket$kcm(0x29, 0x5, 0x0) (async)
r2 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000080), 0x4) (async)
setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000080), 0x4)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r4, 0x20, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
socket(0x10, 0x3, 0x0) (async)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)

26.239757723s ago: executing program 5 (id=706):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = epoll_create1(0x0)
fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r7, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r8, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c0001800600060084"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0cc5605, 0x0)
fanotify_init(0x55, 0x2)

24.229477132s ago: executing program 5 (id=711):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
statx(0xffffffffffffffff, 0x0, 0x0, 0x103, 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

24.157995795s ago: executing program 5 (id=714):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000004480)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@sndrcv={0x2c, 0x84, 0x1, {0x1, 0x0, 0x202, 0x80000001, 0x4d1, 0xf, 0xfffffffa, 0x6}}], 0x2c, 0xc0}], 0x1, 0x200400c0) (fail_nth: 2)

23.740455149s ago: executing program 5 (id=720):
r0 = inotify_init1(0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f0000001300)="92", 0x1, 0x10, &(0x7f0000000240)={0xa, 0x4e1c, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
inotify_add_watch(r0, &(0x7f0000000440)='.\x00', 0x20000000)
r2 = inotify_init1(0x80000)
inotify_add_watch(r2, &(0x7f0000000240)='.\x00', 0x60000726)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000000)='.\x00', 0x400017e)

23.699670977s ago: executing program 34 (id=720):
r0 = inotify_init1(0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f0000001300)="92", 0x1, 0x10, &(0x7f0000000240)={0xa, 0x4e1c, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
inotify_add_watch(r0, &(0x7f0000000440)='.\x00', 0x20000000)
r2 = inotify_init1(0x80000)
inotify_add_watch(r2, &(0x7f0000000240)='.\x00', 0x60000726)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000000)='.\x00', 0x400017e)

20.501051053s ago: executing program 6 (id=727):
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
write$cgroup_subtree(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="2d6e4874202d667265657a6572202d68756765746c62202d68756765746c62202b667265657a6572202d63707561e3637420"], 0x32)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xfffffffffffffffe, r3, 0x0)
accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f00000001c0), 0x100000)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0xecf86c37d53049c4)
syz_emit_ethernet(0x56, &(0x7f0000000480)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb000d010000a691aace3ce78f4da2ed504f498ba7a03c050200008fdc656b226ce86168c9c5cf52f8154c7508a2ad76b97d518e040af0c3c78d2c72a25aa451fb362b8c85b21ebc13b17e6eaef1a2bed47c07ffedf333ba4f346d86e0ff25fd6e95b678130a48972aca017677c5cb7ad04e91381c152bf9b1d5001f43f25ca53f5046fb283b5b950ca8a0769006a08058fb3c68396a7808b1d7cac3aa7f4b9e0b55857e7034b709ce1a8974ebe6a6ad06c539fd79dab1a38177dea77ba015c7bcbb00a04f6581bd8357654872f21bf47d99bb6796f957ddb0e7c2254f7fdaf3527658e0227398dab41d6b295b0069450f28854e2e475205ff35919e82cd6d1710f59f73c529c46a99b21b661595b22f"], 0x0)
close(r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$cgroup_devices(r6, &(0x7f0000000000)=ANY=[], 0x9)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
statx(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x0, 'caif0\x00', {}, 0x8})
read$FUSE(r6, &(0x7f0000002980)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000400)={0x0, 0x6}, &(0x7f0000000440)=0x8)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000002880)=ANY=[@ANYBLOB="a0000000020801030000000000000000020000025400048008000540000000020800054000000fff0800044000000010080004400000003308000740ffffff4d08000740000000920800054000000006080003400000035f080002400000094d08000540200000091400048008000000050003002f0000000900010063797a300000000005000300060000000600024000f9000053079157fb9b07d583614d38c348b571d8699544e77f7ef3432e697df00bb6c6105653309f130cbe8cecc65000"/205], 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000030000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000efffffff850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

19.560121823s ago: executing program 6 (id=739):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f00000001c0)={0xbe, 0x0, 0x1})
ioctl$KVM_GET_MSRS_cpu(r3, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x4b564d03}]})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r5 = dup3(r4, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
r7 = epoll_create1(0x0)
epoll_wait(r7, &(0x7f0000000340)=[{}], 0x1, 0x80000000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f0000000000)={0xc0002003})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

18.447169254s ago: executing program 6 (id=743):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f0000000200)) (fail_nth: 5)

18.180205322s ago: executing program 6 (id=749):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
statx(0xffffffffffffffff, 0x0, 0x0, 0x103, 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

18.179592983s ago: executing program 6 (id=750):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='stack\x00')
pread64(r0, &(0x7f0000000100)=""/45, 0x2d, 0x40000000009) (fail_nth: 1)

17.428899798s ago: executing program 6 (id=761):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c)
recvfrom$inet(r1, 0x0, 0x0, 0x140, 0x0, 0x0) (async)
recvfrom$inet(r1, 0x0, 0x0, 0x140, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x41) (async)
setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x41)
sendmmsg$inet6(r0, &(0x7f0000001680)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x1, @loopback, 0xfffffff8}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000240)="9dcd90ac", 0x4}], 0x1, 0x0, 0xffffffffffffff64}}, {{&(0x7f00000004c0)={0xa, 0x4e21, 0xfff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffff}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000500)="37768670", 0x4}], 0x1}}], 0x2, 0x4004009)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004240)={0x24, 0x2c, 0x107, 0x0, 0x25dfdbff, {0x9, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}, @nested={0x4, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c010}, 0xc010)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x4a}, @val={0x8}, @void}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x1)

17.25703758s ago: executing program 35 (id=761):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @empty}, 0x1c)
recvfrom$inet(r1, 0x0, 0x0, 0x140, 0x0, 0x0) (async)
recvfrom$inet(r1, 0x0, 0x0, 0x140, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x41) (async)
setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x41)
sendmmsg$inet6(r0, &(0x7f0000001680)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x1, @loopback, 0xfffffff8}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000240)="9dcd90ac", 0x4}], 0x1, 0x0, 0xffffffffffffff64}}, {{&(0x7f00000004c0)={0xa, 0x4e21, 0xfff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffff}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000500)="37768670", 0x4}], 0x1}}], 0x2, 0x4004009)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004240)={0x24, 0x2c, 0x107, 0x0, 0x25dfdbff, {0x9, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}, @nested={0x4, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c010}, 0xc010)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x4a}, @val={0x8}, @void}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x41}, 0x1)

4.809366516s ago: executing program 7 (id=892):
r0 = openat2$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x301040, 0x0, 0x17}, 0x18)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gretap0\x00', &(0x7f0000000100)={'erspan0\x00', <r2=>0x0, 0x80, 0x1, 0x7fff, 0x7fff, {{0x27, 0x4, 0x1, 0x2, 0x9c, 0x66, 0x0, 0x7, 0x29, 0x0, @rand_addr=0x64010101, @multicast2, {[@ra={0x94, 0x4}, @ssrr={0x89, 0xb, 0xf8, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @timestamp_addr={0x44, 0xc, 0xb3, 0x1, 0x0, [{@broadcast, 0xeb}]}, @lsrr={0x83, 0x13, 0xd1, [@local, @rand_addr=0x64010102, @local, @rand_addr=0x64010101]}, @rr={0x7, 0x7, 0xb6, [@empty]}, @noop, @timestamp={0x44, 0x10, 0xe6, 0x0, 0x4, [0x0, 0x6, 0x5]}, @timestamp_addr={0x44, 0x34, 0xdc, 0x1, 0x2, [{@broadcast, 0x8}, {@local, 0xc06}, {@local, 0x9}, {@remote, 0x7}, {@empty, 0x2}, {@broadcast, 0x1}]}, @timestamp_prespec={0x44, 0xc, 0x26, 0x3, 0x5, [{@local}]}]}}}}})
r3 = geteuid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'macsec0\x00', <r4=>0x0})
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=@updsa={0xf8, 0x1a, 0x200, 0x70bd27, 0x25dfdbfe, {{@in6=@private1, @in=@loopback, 0x4e20, 0x24, 0x4e23, 0x0, 0xd, 0x0, 0x20, 0x88, r2, r3}, {@in6=@private2, 0x4d3, 0x33}, @in=@rand_addr=0x64010100, {0x7, 0x29400, 0x9, 0x0, 0xb, 0x0, 0x6, 0x3}, {0x80, 0x5c2, 0x3, 0x9}, {0x10, 0x689bc97a, 0x5}, 0x70bd2d, 0x3503, 0x6, 0x4, 0x4}, [@offload={0xc, 0x1c, {r4}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x80}, 0x8050)
r5 = syz_io_uring_setup(0x3e23, &(0x7f00000003c0)={0x0, 0xa3c4, 0x200, 0x2, 0x16b}, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f00000005c0)={&(0x7f0000001000)={[{&(0x7f0000000500)="c97a7e3782783530ef768b5eab793d2935f9ede4bd9f29827e60e3", 0x1b, 0x3}, {&(0x7f0000000540)="dbd1eb99aa60479ac0ffa301ae5cee00355c96caae47a0e1e2697e43878f25f55384325d", 0x24, 0x2}, {&(0x7f0000000580)}]}, 0x3, 0x464}, 0x1)
setfsuid(r3)
mmap$IORING_OFF_SQES(&(0x7f0000fec000/0x11000)=nil, 0x11000, 0x2000000, 0x50, r5, 0x10000000)
r6 = socket$l2tp(0x2, 0x2, 0x73)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000000700)=0xe4)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000740)={{{@in6=@remote, @in6=@loopback, 0x4e22, 0x0, 0x4e23, 0xcc6, 0xa, 0x20, 0x0, 0x88, 0x0, r8}, {0x6, 0x5, 0x6c, 0x1, 0x9, 0x73d, 0x1, 0x1}, {0xe, 0x38000, 0x3, 0x8}, 0x3ff, 0x6e6bb4, 0x1, 0xc08a5f7d4f14fee1, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4d5, 0x2b}, 0x2, @in=@remote, 0x0, 0x0, 0x3, 0x7, 0x4, 0x80000001, 0xfffffff1}}, 0xe4)
openat$fb1(0xffffff9c, &(0x7f0000000840), 0x8000, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000880)={<r10=>0x0, @in={{0x2, 0x4e24, @remote}}, 0x2, 0x7f, 0x3000000, 0x200, 0x3, 0x10000}, &(0x7f0000000940)=0x9c)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000980)={r10, 0x9}, &(0x7f00000009c0)=0x8)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000a00)=<r11=>0x0)
prlimit64(r11, 0xc, &(0x7f0000000a40)={0x8, 0x6}, &(0x7f0000000a80))
r12 = socket$can_j1939(0x1d, 0x2, 0x7)
connect$can_j1939(r12, &(0x7f0000000ac0)={0x1d, r7, 0x0, {0x2, 0x0, 0x1}, 0x2}, 0x18)
openat$dsp1(0xffffff9c, &(0x7f0000000b00), 0x40, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000b80)={0x0, 0x0, <r13=>0x0}, &(0x7f0000000bc0)=0xc)
lchown(&(0x7f0000000b40)='./file0\x00', r8, r13)
read$FUSE(0xffffffffffffffff, &(0x7f0000002000)={0x2020, 0x0, <r14=>0x0}, 0x2020)
write$FUSE_LSEEK(r1, &(0x7f0000004040)={0x18, 0x0, r14}, 0x18)
r15 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000004080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x1, '\x00', r2, 0xffffffffffffffff, 0x3, 0x4, 0x3}, 0x50)
r16 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000004100), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004140)={0x2, 0x4, 0x8, 0x1, 0x80, r15, 0x9, '\x00', r7, r16, 0x0, 0x3}, 0x50)

4.79615766s ago: executing program 7 (id=893):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000529000/0x2000)=nil, 0x2000, 0x16)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getpeername(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x48)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r2], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x40408c5)
r3 = syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x20000, 0x18}, 0x0, 0x0, &(0x7f0000000000))
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8078927489f308e0}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x20000011)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="08000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034303030302c757365725f189a3d", @ANYRESOCT=r2, @ANYRESOCT=r1, @ANYRES32=r3])
read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x100000000, 0x0, 0x10000, {0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1000000, 0x0, 0x6000, 0x0, r6, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r5}, 0x50)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), r8)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_P2P_DEVICE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="55452abd7000ffdbdf255900000008000300", @ANYRES32=r10, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40041}, 0x14)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r11, 0x401870c8, &(0x7f0000000040))
r12 = syz_clone(0x48020100, 0x0, 0x0, 0x0, 0x0, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r13)
ioctl$sock_SIOCGIFINDEX_80211(r13, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r15=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r13, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB="2cd9b3760cf7f9000000", @ANYRES16=r14, @ANYBLOB="ab7c2ab5700003dcdf251200000008000300", @ANYRES32=r15, @ANYRES8=r12], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x10)

4.377437306s ago: executing program 1 (id=898):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x2000, &(0x7f0000000180)={&(0x7f0000000340)=@ipv4_newrule={0x24, 0x21, 0x801, 0xfffffffc, 0xfffffffc, {0x2, 0x20}, [@FRA_DST={0x8, 0x1, @empty}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)

4.279956692s ago: executing program 1 (id=900):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0x10}, {0x0, 0xf}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x20, "8b7db52bbe8e52ea493401da35a13834"}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000003c0), &(0x7f00000001c0)=0xc)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040))
syz_open_dev$tty20(0xc, 0x4, 0x1)
read$FUSE(r1, &(0x7f0000004ac0)={0x2020}, 0x2020)
r4 = openat$binder_debug(0xffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
io_uring_setup(0x5184, &(0x7f0000000100)={0x0, 0x40f7, 0x80, 0x0, 0x29e, 0x0, r4})
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000540)={0x7ff, 0xf1, 0x0, 0x1, 0x4, "41de40f0183c8e2505b9c986bffca548fae32f", 0x9, 0x5})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syslog(0x2, &(0x7f0000001640)=""/153, 0x99)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)

3.729613522s ago: executing program 7 (id=901):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x82)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x115)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000ea670000874ed38ee17c6cb6dc1bf039580eeb27ea820fd4b35fc586d6c5cc7a341583b5a9cf0ff73b2e48c1c4793f76ad9fa23714d14f9ca7f528087e2ab1f92cc5be1d0ebb4f59e0fe2e466fac6ef068495955102631", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a54000000060a010400000007000000000a0000010900010073797a3100000000200004801c000180090001006d617371000000000c000280080003400000000006000740bee100000900020073797a32"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xf, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000820000000000000060b4000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r7, r1, 0x25, 0x0, @val=@tracing={0x0, 0xa}}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[], 0x0)

3.729222739s ago: executing program 1 (id=902):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = epoll_create1(0x0)
fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r7, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r8, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c00018006000600"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0cc5605, 0x0)
fanotify_init(0x55, 0x2)

3.498874741s ago: executing program 7 (id=903):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
dup2(r2, r1)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, &(0x7f0000000280))
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timerfd_gettime(r3, &(0x7f0000000040))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="01000000000000001c0000000000000000096e64000000000c0002800500010006000000"], 0x3c}, 0x1, 0x0, 0x0, 0x404c084}, 0x24000040)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r5, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffffc}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000400)="b8", 0x1}], 0x1, 0x0, 0x0, 0xff000000}}, {{&(0x7f0000000080)={0xa, 0x4e20, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x45af}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000340)="01", 0x1}], 0x1b6}}], 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)

2.062361804s ago: executing program 7 (id=907):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f00000007c0)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x54880) (fail_nth: 5)

2.010095799s ago: executing program 3 (id=908):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x30000, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d50633"], 0x6f4}}, 0x0)

2.009766005s ago: executing program 7 (id=909):
mmap(&(0x7f0000954000/0x2000)=nil, 0x2000, 0x5, 0x100010, 0xffffffffffffffff, 0xfc6af000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prctl$PR_SET_IO_FLUSHER(0x34, 0x1)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)=ANY=[@ANYBLOB="001105"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f00000000c0)={&(0x7f0000000600)=[{0xf0c, 0x0, 0x0, 0x0}, {0xf0c, 0x8000, 0x0, 0x0}], 0x20})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x3, 0x7fff0000}]})
truncate(0x0, 0xfffffff9)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={0x0, 0x9219, 0x18}, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000070000000800000094080000", @ANYRES32=r5, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/26], 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0d00000004000000040000000700000000000000", @ANYRES32=r6, @ANYBLOB="000001000000000000000000000020000000000029b6d118843cd862a3cf9f03ab0a9df25f8b6600a619b7465121b716", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000880), 0xde9, r7, 0x0, 0x20000}, 0x38)
ioctl$SIOCSIFHWADDR(r0, 0x89b1, &(0x7f0000000900)={'bond0\x00', @random="0600002000"})
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
r9 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x4000000000000, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x21c, 0xd8, 0x8, 0xfa04, 0xd8, 0x6c02, 0x188, 0x194, 0x194, 0x188, 0x194, 0x3, 0x0, {[{{@ip={@empty, @broadcast, 0xff000000, 0xffffff00, 'veth0_to_hsr\x00', 'veth0_vlan\x00', {0xff}, {0xff}, 0x6, 0x2, 0x4}, 0x0, 0x90, 0xd8, 0x0, {0x0, 0x74020000}, [@common=@socket0={{0x20}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x5, 0x170, 0x10000, 'pptp\x00', {0x2}}}}, {{@ip={@loopback, @multicast1, 0xffffffff, 0xff000000, 'pim6reg1\x00', 'ipvlan0\x00', {}, {0xff}, 0x1, 0x0, 0x23}, 0x0, 0x70, 0xb0}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x8, 0xd5, {0x8}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x278)
read$FUSE(r8, &(0x7f0000002540)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000c80)={'lo\x00', <r11=>0x0})
removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000300)=ANY=[@ANYRES64=r1, @ANYRESDEC=r2])
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000700)=@newqdisc={0x34, 0x24, 0xd0f, 0x1ffffd, 0x0, {0x60, 0x0, 0x0, r11, {0xfff2}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x845}, 0x24008004)
r12 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
shutdown(r12, 0x0)
ppoll(&(0x7f0000000040)=[{r12, 0x1013}], 0x1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.959860115s ago: executing program 3 (id=910):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)={0x1c, 0x27, 0x9, 0x70bd25, 0x25dfd3ff, {0x1}, [@typed={0x8, 0x1, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000811}, 0x480f0)
r1 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x20000)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r1, 0x40146f2c, &(0x7f0000000000)={0xfff, 0x0, 0x3, 0x5, 0x4})
r2 = fsopen(&(0x7f0000000280)='ntfs3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000300)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x2, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4004af61, &(0x7f0000000200)=0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x80000007, 0x1}, 0x1c)
r6 = syz_io_uring_setup(0x110, 0x0, &(0x7f0000000040), &(0x7f0000000280), &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
io_uring_enter(r6, 0x1f85, 0x40110a, 0x4d, 0x0, 0xa6)
recvmmsg$unix(r5, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000005c0)=""/227, 0xe3}], 0x1}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/156, 0x9c}], 0x1}}], 0x2, 0x40000000, 0x0)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r10, 0x3ba0, 0x0)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

1.790076658s ago: executing program 1 (id=911):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'wg1\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x0, {}, 0xfd}, 0x18)
connect$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0xffef, {0x0, 0x0, 0x2}, 0xfe}, 0x18)

1.789849514s ago: executing program 1 (id=912):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@acquire={0x124, 0x17, 0x1, 0x0, 0x25dfdbfc, {{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0xfe, 0x0}}, 0x4d1}, @in=@remote, {@in6=@dev={0xfe, 0x80, '\x00', 0x15}, @in=@multicast1, 0x4e24, 0x0, 0x0, 0x6}, {{@in=@local, @in6=@ipv4={'\x00', '\xff\xff', @private=0xa010104}, 0x0, 0x0, 0x4e22, 0x0, 0x2, 0x0, 0xa0}, {0x0, 0x0, 0x5, 0x0, 0x2000000}, {0x8000000000000001}, 0x4, 0x6e6bbf, 0x0, 0x0, 0x0, 0x1}, 0xfffffffe}}, 0x124}}, 0x20004040)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
fcntl$setstatus(r0, 0x4, 0x40400)
setsockopt$IP_VS_SO_SET_EDITDEST(r1, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'sh\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e26, 0x3, 0x0, 0x8001, 0x1}}, 0x44)

1.652766193s ago: executing program 1 (id=913):
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000359000/0xa000)=nil, 0x400000, 0x2, 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x1, 0x1003, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0xfe9b5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
ioctl$XFS_IOC_START_COMMIT(r5, 0x80585882, &(0x7f0000000180)={<r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x2, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x12, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x8, 0x8, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000000)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, 0x0)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)

1.030139147s ago: executing program 3 (id=916):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f000001fa80), 0x20000000, 0x0)
ioctl$EVIOCSCLOCKID(r1, 0x40084504, &(0x7f0000ffcffc)=0x400) (fail_nth: 5)

1.029934976s ago: executing program 3 (id=917):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='source', &(0x7f0000000380)='//\xf2b\x06\b\xba\xdfXo\xdc\xea\x95\x9a\x9b/}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce\x14//\\\x00\x00\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x94=\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4c\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8p\xa1\xaa\x80I\xa5\xc6\xf3\xf2\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xf1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4b\xe3j%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xe5\xa8Q\xc9\xe75Q\xea\xd8\xa2=F\x9b\x8f\x8d\xfc\' {e\x949X\xda\xe8H\x1a\x85\xd7%\x93?w}\xfb\xd9t\xea\xbb\xbe\x9b\\\xd7\xd7\xd4\xe2\xd6c(`(r\xd2\xb1G\xe3\xda&\xca\xaa\xba\v\xc5\xa3H\xb1\x11G\xab\xa2\x1f\xa0\xc3\xd9\xcd\xfb\x1a,\x13S\xf1\xfe\xe5F\xf4\xfb\xc8|\x89\x0fNq\x97J\xb9J\x88S\xc5\xb8\x12\x93\xbe\xb9b\xc7\xbc\x03\x03.E\xab\x82\x1c\xbc1\x9d\x14\xfa\x1f\xdd\x1e*\x03`\x91\xe8x\x0f\x05\x1e\xf5\xbfNo\xd4\x0f]S\x85\x89@\xa9f\x05\xfe\x9fkM\xa5\xf6\xc2\x04\xbf\xc7\x00<\x9b\xd5vZ1\xa2j\x9a\xeb6\xa8\xb4\xd9\vv\x94O\xb1\tS\x7f\xf2\xfe\x8dl\xf8\x00\x99\f5\xb7\xee\x95\xf3\xa5\xf1\xf2\x15;\x1a4\xe7\t\x99\xfeYFf\xacL3\x87Z?\xcc\x8d\x9dy\x969\xd8}u\x88\"biYO\xac=j_\xf66{\xf0\xec\xdc1n\x1b\x15\x85N\x1d\x80Z\x1b\x86\xdby4\xcf\x90\b\xf6\x1b\xe6\xf8U\xe9F\x1c+\x14&\x00B\xb0jUS\xaa9\xe5\x1agO\x93\xfe\x98\x00\x00\x00\x00\x00\x04', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r4)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='=\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x2c, r3, 0x301, 0x70bd26, 0x25dfdbfe, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40006)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f00000007c0)={0x1c, r5, 0xe41, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x54880)

970.074963ms ago: executing program 3 (id=918):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) (async)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
socket$packet(0x11, 0x3, 0x300) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800) (async)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) (async)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x200, @local}, 0x10) (async)
sendto$inet(r2, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa) (async)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x102, 0x0, 0x0, 0x7, 0x10, "10120df60ef7f0220000ff490a0080002a00"})
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f0000000040)=0xa)

969.750379ms ago: executing program 3 (id=919):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000002380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = epoll_create1(0x0)
fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r7, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r8, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c00000400c2800c00018006000600"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0cc5605, 0x0)
fanotify_init(0x55, 0x2)

288.585049ms ago: executing program 0 (id=923):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
statx(0xffffffffffffffff, 0x0, 0x0, 0x103, 0x0)
mount$bind(&(0x7f0000000100)='.\x00', 0x0, 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

169.579091ms ago: executing program 0 (id=924):
ioctl$VHOST_VDPA_GET_STATUS(0xffffffffffffffff, 0x8001af71, &(0x7f0000000000))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r0, 0xc01064c5, &(0x7f0000000300)={0x0})
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000480)={0x2, @pix={0xffffffff, 0x0, 0x3234564e, 0x9, 0x0, 0x0, 0x9, 0xfeedcafe, 0x1, 0x1, 0x1, 0x7}})
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

169.341308ms ago: executing program 0 (id=925):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000006700000008000300", @ANYRES32=r3, @ANYBLOB="0800c300741300000800c400010000000400c5"], 0x30}}, 0x0)
ptrace$poke(0x420f, r0, 0x0, 0x101)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xfd, 0x3, 0x7ffcfffb}]})
unlink(&(0x7f0000000140)='./cgroup\x00')

58.761835ms ago: executing program 0 (id=926):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x8851}, 0x10) (fail_nth: 5)

58.410841ms ago: executing program 0 (id=927):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b30, &(0x7f0000000200)={'wlan1\x00'})
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000740)={0x104085280, 0x0, 0x0, 0x0, {0x22}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="240002200000000000000000000008000100"/36], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d530498c)
write$binfmt_script(r2, 0x0, 0x0)
r3 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000480)={'\x00', 0x6, 0x3, 0x2, 0xfffffbffffffffff, 0xe, <r4=>0xffffffffffffffff})
r5 = syz_clone(0x200000, &(0x7f0000000080)="d1f0f1ac2b942580cbdc662677ad982c20395a8b1686c5797401121d7c8a9f1162ac60e295944a2128214478b527e21dc7b95ed4bf01772054823b561a9e2a0c9b88310e5919745b354c660ff4cc6bef7169d43d89e2e647f267d65bfec057657c6ed660b3c9b6e7dff67e0b9b60c9f4f6bfb4a74814dcfebc05da8f13bf571f5b231d6fed7d71b3094a4d441ad2995c7bcf8b00a566f11f3a47a116195f911056fed873176c70c728fd1c9010e48649e6bfc952332cb9d93ac0de843bec", 0xbe, &(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240)="9552a1763bd68b394b809d8bdfbf60a626e8734d0be30438b7fdad7ebe778085a5664bc4d135bd9f9f44a94c3e5494d44b31bcd3b2fa9256a3706425c8f8e18fbc772c66a122f3e343d8328fa6ea2980903ea5e4d1ae95031c13bfb989a03403981ae525afff8a79a1c265123805e7301b7506ee044cfd0d1ee950071bb78871809439af91c31edd599d389cb0f0776f9a327e9a4fe9cd37c210")
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r8, 0x541b, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000005a00000227bd7000fbdbdf250008000300", @ANYRES32=r2, @ANYBLOB="08000300", @ANYRES32=r3, @ANYBLOB="080001000000000008000300", @ANYRES32, @ANYBLOB="08000200", @ANYRES32=r4, @ANYBLOB="080001000300000008000300", @ANYRES32, @ANYBLOB="e3e1a12e", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00'], 0x54}, 0x1, 0x0, 0x0, 0x24040090}, 0x8004000)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000300)=0xa, 0x4)

0s ago: executing program 0 (id=928):
r0 = openat(0xffffffffffffffff, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000a80)=@security={'security\x00', 0x44, 0x4, 0x4ac, 0xffffffff, 0x0, 0x31c, 0x150, 0xffffffff, 0xffffffff, 0x3e4, 0x3e4, 0x3e4, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x7b}}, [0xffffff00, 0xff, 0x0, 0xffffffff], [0xff000000, 0xff000000, 0xffffff00, 0x7e5debfdf7c2f28d], 'nr0\x00', 'batadv_slave_0\x00', {0xff}, {0xff}, 0x3a, 0xf, 0x0, 0x4}, 0x203, 0x12c, 0x150, 0x8502, {}, [@common=@unspec=@connlimit={{0x40}, {[0xffffffff, 0xff000000, 0xff000000, 0xffffffff], 0x0, 0x0, {0x2}}}, @common=@hbh={{0x48}, {0x5, 0x2, 0x1, [0x8007, 0xfffd, 0x8000, 0x9f, 0x8200, 0xb4f3, 0xffff, 0x6, 0x41, 0x7, 0xfffc, 0x6, 0x8, 0x1, 0x8, 0xd], 0x10}}]}, @common=@unspec=@CONNSECMARK={0x24, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffffff, 0xffffffff, 0xff000000, 0xffffff00], [0xff, 0x0, 0xffffffff, 0xffffff00], 'macvtap0\x00', 'team_slave_0\x00', {0xff}, {0xff}, 0x89, 0x5, 0x4, 0x20}, 0x0, 0xa4, 0x1cc}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x200000, 'system_u:object_r:modem_device_t:s0\x00'}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x508)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0xf20f, 0x40, 0x2, 0x1b}, &(0x7f0000000100), &(0x7f00000000c0), &(0x7f0000000000))
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x51b580)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000009e0000009500000000000000394845ab31952af4190490691a9ed0a7e9c6359c64b92ff73a1a2846d8ba50e7ec5c556ceac9cbd10495fa77059eed59d821bc5db404d99e4703e14e1367c5b2f20580ee681e8a9dd5d6d073434e3f60dba5de631ab1e85305203b6caf0919e4e106a614f461"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$kcm(0xa, 0x0, 0x106)
sendmsg$kcm(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000000080))
sendmsg$sock(r5, &(0x7f0000001900)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f00000015c0)="8e", 0x1}], 0x1}, 0x4004080)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYRES8=r3], 0x20}, 0x1, 0x0, 0x0, 0x48011}, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
openat$ptmx(0xffffff9c, 0x0, 0x21400, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x8040044}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb807e0000000000000000000009fe70ba83a7a66e67a0bae5cfaccbbb81e28d7b568da", @ANYRESHEX, @ANYRESOCT], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4848}, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x0, 0x642, 0x0, 0x0})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)

kernel console output (not intermixed with test programs):

154.297076][ T7041]  dump_stack_lvl+0x100/0x190
[  154.297096][ T7041]  should_fail_ex.cold+0x5/0xa
[  154.297114][ T7041]  should_failslab+0xc2/0x120
[  154.297130][ T7041]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  154.297152][ T7041]  ? __d_alloc+0x34/0xa40
[  154.297175][ T7041]  __d_alloc+0x34/0xa40
[  154.297195][ T7041]  d_alloc_parallel+0x111/0x14e0
[  154.297218][ T7041]  ? __pfx_d_alloc_parallel+0x10/0x10
[  154.297235][ T7041]  ? lockdep_init_map_type+0x5c/0x250
[  154.297255][ T7041]  ? lockdep_init_map_type+0x5c/0x250
[  154.297276][ T7041]  __lookup_slow+0x193/0x460
[  154.297302][ T7041]  ? __pfx___lookup_slow+0x10/0x10
[  154.297329][ T7041]  ? irq_entries_start+0xd0/0xcb0
[  154.297353][ T7041]  ? irq_entries_start+0xd0/0xcb0
[  154.297378][ T7041]  lookup_slow+0x50/0x70
[  154.297416][ T7041]  lookup_one_unlocked+0xb8/0xd0
[  154.297438][ T7041]  ovl_lookup_single+0x3df/0x1280
[  154.297481][ T7041]  ? __pfx_ovl_lookup_single+0x10/0x10
[  154.297514][ T7041]  ovl_lookup_layer+0x3f1/0x4b0
[  154.297541][ T7041]  ? __pfx_ovl_lookup_layer+0x10/0x10
[  154.297571][ T7041]  ovl_lookup_layers+0x355/0x2ac0
[  154.297611][ T7041]  ? __pfx_ovl_lookup_layers+0x10/0x10
[  154.297647][ T7041]  ? find_held_lock+0x2b/0x80
[  154.297683][ T7041]  ? d_alloc_parallel+0xb4e/0x14e0
[  154.297705][ T7041]  ovl_lookup+0x4a8/0x6b0
[  154.297723][ T7041]  ? d_alloc_parallel+0x864/0x14e0
[  154.297742][ T7041]  ? __pfx_ovl_lookup+0x10/0x10
[  154.297771][ T7041]  ? lockdep_init_map_type+0x5c/0x250
[  154.297796][ T7041]  __lookup_slow+0x251/0x460
[  154.297824][ T7041]  ? __pfx___lookup_slow+0x10/0x10
[  154.297873][ T7041]  lookup_slow+0x50/0x70
[  154.297901][ T7041]  path_lookupat+0x5e8/0xc40
[  154.297925][ T7041]  filename_lookup+0x202/0x590
[  154.297949][ T7041]  ? __pfx_filename_lookup+0x10/0x10
[  154.297988][ T7041]  ? strncpy_from_user+0x19d/0x2d0
[  154.298027][ T7041]  ? do_getname+0x191/0x390
[  154.298056][ T7041]  do_fchownat+0xe6/0x1f0
[  154.298083][ T7041]  ? __pfx_do_fchownat+0x10/0x10
[  154.298106][ T7041]  ? ksys_write+0x1ac/0x250
[  154.298125][ T7041]  __ia32_sys_lchown16+0xe6/0x120
[  154.298151][ T7041]  __do_fast_syscall_32+0xe7/0x950
[  154.298172][ T7041]  ? lockdep_hardirqs_on+0x78/0x100
[  154.298194][ T7041]  do_fast_syscall_32+0x32/0x70
[  154.298215][ T7041]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  154.298237][ T7041] RIP: 0023:0xf701efcc
[  154.298252][ T7041] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  154.298269][ T7041] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000010
[  154.298286][ T7041] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000000
[  154.298297][ T7041] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  154.298306][ T7041] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.298316][ T7041] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  154.298326][ T7041] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.298348][ T7041]  </TASK>
[  154.454558][   T54] usb usb40-port1: attempt power cycle
[  154.767995][ T7048] FAULT_INJECTION: forcing a failure.
[  154.767995][ T7048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.773130][ T7048] CPU: 2 UID: 0 PID: 7048 Comm: syz.3.279 Not tainted syzkaller #0 PREEMPT(full) 
[  154.773155][ T7048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  154.773165][ T7048] Call Trace:
[  154.773171][ T7048]  <TASK>
[  154.773178][ T7048]  dump_stack_lvl+0x100/0x190
[  154.773201][ T7048]  should_fail_ex.cold+0x5/0xa
[  154.773223][ T7048]  _copy_from_user+0x2e/0xd0
[  154.773251][ T7048]  ia32_restore_sigcontext+0xc5/0x620
[  154.773271][ T7048]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  154.773298][ T7048]  ? _raw_spin_unlock_irq+0x23/0x50
[  154.773316][ T7048]  ? lockdep_hardirqs_on+0x78/0x100
[  154.773340][ T7048]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  154.773361][ T7048]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  154.773383][ T7048]  ? rcu_is_watching+0x12/0xc0
[  154.773408][ T7048]  do_int80_emulation+0x141/0x700
[  154.773449][ T7048]  asm_int80_emulation+0x1a/0x20
[  154.773467][ T7048] RIP: 0023:0xf706eff7
[  154.773487][ T7048] Code: Unable to access opcode bytes at 0xf706efcd.
[  154.773494][ T7048] RSP: 002b:00000000f543b880 EFLAGS: 00000282 ORIG_RAX: 00000000000000ad
[  154.773512][ T7048] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543b90c
[  154.773523][ T7048] RDX: 00000000f543b88c RSI: 0000000000000000 RDI: 0000000000000000
[  154.773533][ T7048] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  154.773543][ T7048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.773553][ T7048] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  154.773576][ T7048]  </TASK>
[  156.193147][ T6091] usb 38-1: device descriptor read/8, error -110
[  156.739317][   T54] usb usb40-port1: unable to enumerate USB device
[  157.124824][ T6091] usb usb38-port1: attempt power cycle
[  157.158762][ T7066] tipc: Started in network mode
[  157.160508][ T7066] tipc: Node identity 967ebe71a027, cluster identity 4711
[  157.165917][ T7066] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  157.170220][ T7066] tipc: Resetting bearer <eth:syzkaller0>
[  157.174367][ T7065] tipc: Disabling bearer <eth:syzkaller0>
[  157.295062][ T7070] FAULT_INJECTION: forcing a failure.
[  157.295062][ T7070] name failslab, interval 1, probability 0, space 0, times 0
[  157.299253][ T7070] CPU: 3 UID: 0 PID: 7070 Comm: syz.0.284 Not tainted syzkaller #0 PREEMPT(full) 
[  157.299279][ T7070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.299286][ T7070] Call Trace:
[  157.299290][ T7070]  <TASK>
[  157.299295][ T7070]  dump_stack_lvl+0x100/0x190
[  157.299311][ T7070]  should_fail_ex.cold+0x5/0xa
[  157.299325][ T7070]  ? __alloc_empty_sheaf+0x35/0x50
[  157.299340][ T7070]  should_failslab+0xc2/0x120
[  157.299352][ T7070]  __kmalloc_noprof+0xe0/0x850
[  157.299368][ T7070]  ? __pcs_replace_empty_main+0x13a/0x650
[  157.299384][ T7070]  ? __pcs_replace_empty_main+0x13a/0x650
[  157.299402][ T7070]  __alloc_empty_sheaf+0x35/0x50
[  157.299417][ T7070]  __pcs_replace_empty_main+0x3e8/0x650
[  157.299448][ T7070]  kmem_cache_alloc_node_noprof+0x569/0x6f0
[  157.299465][ T7070]  ? alloc_io_context+0x21/0x2f0
[  157.299481][ T7070]  ? set_task_ioprio+0x3c0/0x670
[  157.299499][ T7070]  alloc_io_context+0x21/0x2f0
[  157.299515][ T7070]  set_task_ioprio+0x49e/0x670
[  157.299533][ T7070]  __do_sys_ioprio_set+0x55c/0xb40
[  157.299564][ T7070]  ? __do_sys_ioprio_set+0x3de/0xb40
[  157.299588][ T7070]  __do_fast_syscall_32+0xe7/0x950
[  157.299602][ T7070]  ? lockdep_hardirqs_on+0x78/0x100
[  157.299616][ T7070]  do_fast_syscall_32+0x32/0x70
[  157.299629][ T7070]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  157.299653][ T7070] RIP: 0023:0xf7fa7fcc
[  157.299663][ T7070] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  157.299673][ T7070] RSP: 002b:00000000f542450c EFLAGS: 00000292 ORIG_RAX: 0000000000000121
[  157.299684][ T7070] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  157.299690][ T7070] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  157.299696][ T7070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.299702][ T7070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.299708][ T7070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.299728][ T7070]  </TASK>
[  157.686413][ T6091] usb usb38-port1: unable to enumerate USB device
[  157.765390][ T7080] loop7: detected capacity change from 0 to 7
[  157.772945][    C1] blk_print_req_error: 25 callbacks suppressed
[  157.772958][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  157.783341][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  157.786476][    C1] buffer_io_error: 25 callbacks suppressed
[  157.786486][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.801323][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  157.804966][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.810097][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  157.813087][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.819425][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  157.822337][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  157.826386][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  157.829309][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.187279][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  158.190240][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.198698][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  158.201634][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.205107][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  158.208147][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.210841][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  158.213770][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.221586][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  158.230170][ T7080] ldm_validate_partition_table(): Disk read failed.
[  158.238136][ T7080] Dev loop7: unable to read RDB block 0
[  158.240851][ T7080]  loop7: unable to read partition table
[  158.242781][ T7080] loop7: partition table beyond EOD, truncated
[  158.245859][ T7080] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  158.256887][ T7081] ldm_validate_partition_table(): Disk read failed.
[  158.259377][ T7081] Dev loop7: unable to read RDB block 0
[  158.261512][ T7081]  loop7: unable to read partition table
[  158.263629][ T7081] loop7: partition table beyond EOD, truncated
[  158.415394][   T40] audit: type=1326 audit(1777123113.903:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.421780][ T7093] mmap: syz.3.289 (7093) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  158.436291][   T40] audit: type=1326 audit(1777123113.903:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.445321][   T40] audit: type=1326 audit(1777123113.903:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.452980][   T40] audit: type=1326 audit(1777123113.903:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=283 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.477169][   T40] audit: type=1326 audit(1777123113.903:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.510721][   T40] audit: type=1326 audit(1777123113.903:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.521683][   T40] audit: type=1326 audit(1777123113.903:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.528766][   T40] audit: type=1326 audit(1777123113.903:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.536648][   T40] audit: type=1326 audit(1777123113.903:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.545454][   T40] audit: type=1326 audit(1777123113.903:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.3.289" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  158.683176][   T24] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  158.771795][ T7099] overlayfs: missing 'workdir'
[  158.833986][  T841] usb 44-1: device descriptor read/8, error -110
[  159.239961][  T841] usb usb44-port1: attempt power cycle
[  159.353543][ T7100] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  159.355634][ T7100] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  159.443668][ T7100] vhci_hcd vhci_hcd.0: Device attached
[  159.515946][ T7100] syz2: rxe_newlink: already configured on wg2
[  159.659275][ T7101] vhci_hcd: connection closed
[  159.659579][ T1193] vhci_hcd vhci_hcd.0: stop threads
[  159.668442][ T1193] vhci_hcd vhci_hcd.0: release socket
[  159.674870][ T1193] vhci_hcd vhci_hcd.0: disconnect device
[  159.733181][ T6091] usb 38-1: enqueue for inactive port 0
[  159.764850][   T24] usb 8-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  159.767646][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.770134][   T24] usb 8-1: Product: syz
[  159.771432][   T24] usb 8-1: Manufacturer: syz
[  159.772958][   T24] usb 8-1: SerialNumber: syz
[  159.813871][  T841] usb usb44-port1: unable to enumerate USB device
[  160.224705][ T6091] usb usb38-port1: attempt power cycle
[  160.299069][ T7106] FAULT_INJECTION: forcing a failure.
[  160.299069][ T7106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.305304][ T7106] CPU: 3 UID: 0 PID: 7106 Comm: syz.2.292 Not tainted syzkaller #0 PREEMPT(full) 
[  160.305326][ T7106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  160.305337][ T7106] Call Trace:
[  160.305343][ T7106]  <TASK>
[  160.305349][ T7106]  dump_stack_lvl+0x100/0x190
[  160.305371][ T7106]  should_fail_ex.cold+0x5/0xa
[  160.305396][ T7106]  _copy_to_user+0x32/0xd0
[  160.305421][ T7106]  simple_read_from_buffer+0xcb/0x170
[  160.305439][ T7106]  proc_fail_nth_read+0x1af/0x230
[  160.305466][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  160.305487][ T7106]  ? rw_verify_area+0xce/0x6d0
[  160.305498][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  160.305514][ T7106]  vfs_read+0x1e4/0xb30
[  160.305527][ T7106]  ? __pfx_vfs_read+0x10/0x10
[  160.305537][ T7106]  ? find_held_lock+0x2b/0x80
[  160.305552][ T7106]  ? __fget_files+0x215/0x3d0
[  160.305566][ T7106]  ? __fget_files+0x21f/0x3d0
[  160.305581][ T7106]  ksys_read+0x12a/0x250
[  160.305592][ T7106]  ? __pfx_ksys_read+0x10/0x10
[  160.305605][ T7106]  ? rcu_is_watching+0x12/0xc0
[  160.305619][ T7106]  do_int80_emulation+0x141/0x700
[  160.305635][ T7106]  asm_int80_emulation+0x1a/0x20
[  160.305646][ T7106] RIP: 0023:0xf714616b
[  160.305660][ T7106] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  160.305670][ T7106] RSP: 002b:00000000f54064bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  160.305681][ T7106] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54065d0
[  160.305688][ T7106] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  160.305693][ T7106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  160.305699][ T7106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  160.305705][ T7106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  160.305718][ T7106]  </TASK>
[  160.794971][ T6091] usb usb38-port1: unable to enumerate USB device
[  160.998451][ T7124] loop7: detected capacity change from 0 to 7
[  161.003973][ T7124] ldm_validate_partition_table(): Disk read failed.
[  161.007002][ T7124] Dev loop7: unable to read RDB block 0
[  161.009918][ T7124]  loop7: unable to read partition table
[  161.011792][ T7124] loop7: partition table beyond EOD, truncated
[  161.015279][ T7124] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%�֐�ȵ4FLQk݊5) failed (rc=-5)
[  161.023171][ T1036] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  161.026801][ T7124] ldm_validate_partition_table(): Disk read failed.
[  161.030181][ T7124] Dev loop7: unable to read RDB block 0
[  161.032528][ T7124]  loop7: unable to read partition table
[  161.034673][ T7124] loop7: partition table beyond EOD, truncated
[  161.182196][ T1036] usb 5-1: Using ep0 maxpacket: 8
[  161.197258][ T1036] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  161.201650][ T1036] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  161.205537][ T1036] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  161.220566][ T1036] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  161.224348][ T1036] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  161.227879][ T1036] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.263367][ T1036] hub 5-1:1.0: bad descriptor, ignoring hub
[  161.271391][ T1036] hub 5-1:1.0: probe with driver hub failed with error -5
[  161.285915][ T1036] cdc_wdm 5-1:1.0: skipping garbage
[  161.293430][ T1036] cdc_wdm 5-1:1.0: skipping garbage
[  161.362343][ T1036] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  161.370377][ T1036] cdc_wdm 5-1:1.0: Unknown control protocol
[  161.399667][   T24] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  161.422254][   T24] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  161.463642][   T24] lan78xx 8-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  161.572561][   T24] lan78xx 8-1:1.0: probe with driver lan78xx failed with error -71
[  161.630137][   T24] usb 8-1: USB disconnect, device number 14
[  161.681627][ T7138] overlayfs: missing 'workdir'
[  162.062188][ T7140] FAULT_INJECTION: forcing a failure.
[  162.062188][ T7140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.066639][ T7140] CPU: 1 UID: 0 PID: 7140 Comm: syz.1.303 Not tainted syzkaller #0 PREEMPT(full) 
[  162.066665][ T7140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  162.066672][ T7140] Call Trace:
[  162.066676][ T7140]  <TASK>
[  162.066681][ T7140]  dump_stack_lvl+0x100/0x190
[  162.066696][ T7140]  should_fail_ex.cold+0x5/0xa
[  162.066710][ T7140]  _copy_from_iter+0x1f4/0x1690
[  162.066729][ T7140]  ? __asan_memset+0x23/0x50
[  162.066745][ T7140]  ? __pfx__copy_from_iter+0x10/0x10
[  162.066761][ T7140]  ? __pfx___alloc_skb+0x10/0x10
[  162.066782][ T7140]  netlink_sendmsg+0x808/0xda0
[  162.066798][ T7140]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.066813][ T7140]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  162.066830][ T7140]  ____sys_sendmsg+0x9e1/0xb70
[  162.066843][ T7140]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.066857][ T7140]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.066876][ T7140]  ___sys_sendmsg+0x190/0x1e0
[  162.066890][ T7140]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.066910][ T7140]  ? find_held_lock+0x2b/0x80
[  162.066932][ T7140]  __sys_sendmsg+0x170/0x220
[  162.066943][ T7140]  ? __pfx___sys_sendmsg+0x10/0x10
[  162.066958][ T7140]  ? rcu_is_watching+0x12/0xc0
[  162.066973][ T7140]  __do_fast_syscall_32+0xe7/0x950
[  162.066986][ T7140]  ? lockdep_hardirqs_on+0x78/0x100
[  162.066999][ T7140]  do_fast_syscall_32+0x32/0x70
[  162.067013][ T7140]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.067027][ T7140] RIP: 0023:0xf701efcc
[  162.067035][ T7140] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  162.067046][ T7140] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  162.067057][ T7140] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000740
[  162.067063][ T7140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  162.067069][ T7140] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.067075][ T7140] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  162.067081][ T7140] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.067094][ T7140]  </TASK>
[  164.053222][ T5839] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  164.203164][ T5839] usb 7-1: Using ep0 maxpacket: 16
[  164.206343][ T5839] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  164.211223][ T5839] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  164.214311][ T5839] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.217056][ T5839] usb 7-1: Product: syz
[  164.218359][ T5839] usb 7-1: Manufacturer: syz
[  164.219885][ T5839] usb 7-1: SerialNumber: syz
[  164.223729][ T5839] usb 7-1: config 0 descriptor??
[  164.230143][ T5839] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  164.234975][ T5839] em28xx 7-1:0.0: DVB interface 0 found: bulk
[  164.426206][ T7169] fuse: Bad value for 'fd'
[  164.593166][   T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  164.748760][ T7174] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  164.752432][ T7174] bond0: (slave lo): Error: Device can not be enslaved while up
[  164.775223][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.792796][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.800106][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  164.805037][   T24] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  164.807768][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.811288][   T24] usb 6-1: config 0 descriptor??
[  164.890391][ T1036] usb 5-1: reset high-speed USB device number 18 using dummy_hcd
[  164.895817][ T1036] usb 5-1: device reset changed ep0 maxpacket size!
[  164.901094][ T1036] usb 5-1: USB disconnect, device number 18
[  164.956563][ T5839] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  165.053898][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  165.056537][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  165.061532][   T24] usb 6-1: USB disconnect, device number 12
[  165.243247][ T1036] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  165.368320][ T5839] em28xx 7-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  165.371395][ T5839] em28xx 7-1:0.0: board has no eeprom
[  165.404424][ T1036] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.407978][ T1036] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.411331][ T1036] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  165.415665][ T1036] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  165.418953][ T1036] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.422792][ T1036] usb 5-1: config 0 descriptor??
[  165.701470][ T1036] usbhid 5-1:0.0: can't add hid device: -71
[  165.704239][ T1036] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  165.710978][ T1036] usb 5-1: USB disconnect, device number 19
[  165.723194][ T5839] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  165.726788][ T5839] em28xx 7-1:0.0: dvb set to bulk mode.
[  165.731649][ T4033] em28xx 7-1:0.0: Binding DVB extension
[  165.893061][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  166.503096][   T34] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  166.677608][ T7174] em28xx 7-1:0.0: writing to i2c device at 0xe failed (error=-5)
[  166.684104][ T1036] usb 7-1: USB disconnect, device number 13
[  166.688165][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.694396][ T1036] em28xx 7-1:0.0: Disconnecting em28xx
[  166.704114][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.708157][   T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  166.713831][   T34] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  166.717531][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.722854][   T34] usb 5-1: config 0 descriptor??
[  167.141895][   T34] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x4
[  167.158988][   T34] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  167.201496][ T4033] em28xx 7-1:0.0: Registering input extension
[  167.204578][ T1036] em28xx 7-1:0.0: Closing input extension
[  167.346104][ T1036] em28xx 7-1:0.0: Freeing device
[  168.083077][  T841] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  168.534925][  T841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  168.539656][  T841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  168.543831][  T841] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  168.549083][  T841] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  168.552796][  T841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.558798][  T841] usb 7-1: config 0 descriptor??
[  168.621443][ T7247] overlayfs: missing 'lowerdir'
[  168.655602][ T7248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'.
[  168.661424][ T7248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.333'.
[  168.664529][ T7248] netlink: 12 bytes leftover after parsing attributes in process `syz.1.333'.
[  168.761495][ T7246] block nbd1: shutting down sockets
[  168.891602][  T841] usbhid 7-1:0.0: can't add hid device: -71
[  168.894396][  T841] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  168.907329][  T841] usb 7-1: USB disconnect, device number 14
[  169.282894][  T841] usb 5-1: USB disconnect, device number 20
[  169.558303][ T7258] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  169.562161][ T7258] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  169.653118][  T841] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  169.813131][  T841] usb 5-1: Using ep0 maxpacket: 8
[  169.817701][  T841] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b
[  169.820790][  T841] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.823462][  T841] usb 5-1: Product: syz
[  169.825169][  T841] usb 5-1: Manufacturer: syz
[  169.826622][  T841] usb 5-1: SerialNumber: syz
[  169.830327][  T841] usb 5-1: config 0 descriptor??
[  169.839650][  T841] dvb-usb: found a 'DViCO FusionHDTV DVB-T USB (LGZ201)' in warm state.
[  169.844019][  T841] dvb-usb: bulk message failed: -22 (2/0)
[  169.850701][  T841] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  169.858267][  T841] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T USB (LGZ201))
[  169.862734][  T841] usb 5-1: media controller created
[  169.874491][  T841] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  170.094315][  T841] cxusb: set interface failed
[  170.096183][  T841] dvb-usb: bulk message failed: -22 (1/0)
[  170.115599][  T841] DVB: Unable to find symbol mt352_attach()
[  170.117508][  T841] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T USB (LGZ201)'
[  170.173108][  T841] rc_core: IR keymap rc-dvico-portable not found
[  170.572021][ T7282] wg2 speed is unknown, defaulting to 1000
[  170.610040][ T7283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.342'.
[  170.723772][ T7283] IPv6: addrconf: prefix option has invalid lifetime
[  171.135977][ T7289] overlayfs: missing 'workdir'
[  172.253372][ T6192] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  172.425637][ T6192] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.429439][ T6192] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.432659][ T6192] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  172.440572][ T6192] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  172.445205][ T6192] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.449497][ T6192] usb 7-1: config 0 descriptor??
[  172.567532][  T841] Registered IR keymap rc-empty
[  172.574031][  T841] rc rc0: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  172.591121][  T841] input: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input15
[  172.606958][  T841] dvb-usb: schedule remote query interval to 100 msecs.
[  172.609912][  T841] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully initialized and connected.
[  172.729238][ T6192] usbhid 7-1:0.0: can't add hid device: -71
[  172.734044][ T6192] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  172.737706][ T6192] usb 7-1: USB disconnect, device number 15
[  172.900890][ T7295] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.904657][ T7295] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.968026][ T7295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.976247][ T7295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.066164][ T1157] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.069389][ T1157] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.072379][ T1157] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.076299][  T841] usb 5-1: USB disconnect, device number 21
[  173.080512][ T1193] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  173.164071][ T7303] netlink: 'syz.3.347': attribute type 12 has an invalid length.
[  173.268240][  T841] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully deinitialized and disconnected.
[  173.669223][ T7322] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  173.671336][ T7322] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  173.674841][ T7322] vhci_hcd vhci_hcd.0: Device attached
[  173.739298][ T7322] syz2: rxe_newlink: already configured on wg2
[  173.943143][  T841] usb 38-1: SetAddress Request (22) to port 0
[  173.950501][  T841] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[  173.975072][ T7323] vhci_hcd: connection reset by peer
[  173.977496][ T1193] vhci_hcd vhci_hcd.0: stop threads
[  173.980071][ T1193] vhci_hcd vhci_hcd.0: release socket
[  173.982345][ T1193] vhci_hcd vhci_hcd.0: disconnect device
[  174.622178][ T7333] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  176.708351][ T7371] bridge1: entered promiscuous mode
[  176.710747][ T7371] bridge1: entered allmulticast mode
[  176.727039][ T7371] team0: Port device bridge1 added
[  178.993283][  T841] usb 38-1: device descriptor read/8, error -110
[  179.383901][  T841] usb usb38-port1: attempt power cycle
[  179.943722][  T841] usb usb38-port1: unable to enumerate USB device
[  198.834563][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  198.836604][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  201.300516][ T7386] netlink: 'syz.2.371': attribute type 3 has an invalid length.
[  201.305011][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.371'.
[  201.425647][ T7390] process 'syz.1.373' launched '/dev/fd/9' with NULL argv: empty string added
[  201.493174][ T5812] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  201.683081][ T5812] usb 5-1: Using ep0 maxpacket: 16
[  201.688375][ T5812] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  201.692069][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.698387][ T5812] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.702536][ T5812] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  201.708833][ T5812] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  201.903890][ T5812] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.914852][ T5812] usb 5-1: config 0 descriptor??
[  203.952081][ T7413] syzkaller0: entered promiscuous mode
[  203.954703][ T7413] syzkaller0: entered allmulticast mode
[  204.457160][ T5812] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5013.0007/input/input17
[  204.602221][ T5812] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5013.0007/input/input18
[  204.615183][ T7403] rdma_rxe: rxe_newlink: failed to add wg2
[  204.899114][ T5812] kye 0003:0458:5013.0007: input,hiddev0,hidraw1: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  205.203930][ T5812] usb 5-1: USB disconnect, device number 22
[  205.576980][ T7436] Device name cannot be null; rc = [-22]
[  205.587542][ T7436] =======================================================
[  205.587542][ T7436] WARNING: The mand mount option has been deprecated and
[  205.587542][ T7436]          and is ignored by this kernel. Remove the mand
[  205.587542][ T7436]          option from the mount to silence this warning.
[  205.587542][ T7436] =======================================================
[  205.829231][ T7452] overlayfs: failed to clone upperpath
[  205.944959][ T7447] tipc: Failed to remove unknown binding: 66,1,1/0:59233121/59233123
[  205.951905][ T7447] tipc: Failed to remove unknown binding: 66,1,1/0:59233121/59233123
[  206.095472][ T7464] FAULT_INJECTION: forcing a failure.
[  206.095472][ T7464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.106095][ T7464] CPU: 3 UID: 0 PID: 7464 Comm: syz.0.390 Not tainted syzkaller #0 PREEMPT(full) 
[  206.106114][ T7464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  206.106120][ T7464] Call Trace:
[  206.106136][ T7464]  <TASK>
[  206.106140][ T7464]  dump_stack_lvl+0x100/0x190
[  206.106157][ T7464]  should_fail_ex.cold+0x5/0xa
[  206.106171][ T7464]  _copy_from_iter+0x1f4/0x1690
[  206.106190][ T7464]  ? __asan_memset+0x23/0x50
[  206.106206][ T7464]  ? __pfx__copy_from_iter+0x10/0x10
[  206.106226][ T7464]  ? __pfx___alloc_skb+0x10/0x10
[  206.106256][ T7464]  netlink_sendmsg+0x808/0xda0
[  206.106284][ T7464]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.106303][ T7464]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  206.106321][ T7464]  ____sys_sendmsg+0x9e1/0xb70
[  206.106334][ T7464]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.106348][ T7464]  ? __pfx_____sys_sendmsg+0x10/0x10
[  206.106367][ T7464]  ___sys_sendmsg+0x190/0x1e0
[  206.106382][ T7464]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.106401][ T7464]  ? find_held_lock+0x2b/0x80
[  206.106423][ T7464]  __sys_sendmsg+0x170/0x220
[  206.106434][ T7464]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.106443][ T7464]  ? __fget_files+0x21f/0x3d0
[  206.106459][ T7464]  ? ksys_write+0x1ac/0x250
[  206.106472][ T7464]  ? rcu_is_watching+0x12/0xc0
[  206.106491][ T7464]  __do_fast_syscall_32+0xe7/0x950
[  206.106505][ T7464]  ? lockdep_hardirqs_on+0x78/0x100
[  206.106518][ T7464]  do_fast_syscall_32+0x32/0x70
[  206.106532][ T7464]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  206.106546][ T7464] RIP: 0023:0xf7fa7fcc
[  206.106556][ T7464] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  206.106567][ T7464] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  206.106577][ T7464] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000000
[  206.106584][ T7464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  206.106590][ T7464] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  206.106596][ T7464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  206.106601][ T7464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  206.106615][ T7464]  </TASK>
[  206.558178][ T7476] syzkaller0: entered promiscuous mode
[  206.560718][ T7476] syzkaller0: entered allmulticast mode
[  206.947010][ T7486] Device name cannot be null; rc = [-22]
[  207.943077][   T24] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  208.124221][   T24] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  208.127130][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.129652][   T24] usb 5-1: Product: syz
[  208.131010][   T24] usb 5-1: Manufacturer: syz
[  208.132630][   T24] usb 5-1: SerialNumber: syz
[  208.135475][   T24] usb 5-1: config 0 descriptor??
[  208.482439][   T24] usb 5-1: USB disconnect, device number 23
[  208.565252][ T7514] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  209.323515][ T7531] FAULT_INJECTION: forcing a failure.
[  209.323515][ T7531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.327588][ T7531] CPU: 3 UID: 0 PID: 7531 Comm: syz.0.408 Not tainted syzkaller #0 PREEMPT(full) 
[  209.327603][ T7531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  209.327609][ T7531] Call Trace:
[  209.327613][ T7531]  <TASK>
[  209.327617][ T7531]  dump_stack_lvl+0x100/0x190
[  209.327633][ T7531]  should_fail_ex.cold+0x5/0xa
[  209.327647][ T7531]  _copy_from_iter+0x1f4/0x1690
[  209.327666][ T7531]  ? __asan_memset+0x23/0x50
[  209.327682][ T7531]  ? __pfx__copy_from_iter+0x10/0x10
[  209.327698][ T7531]  ? __pfx___alloc_skb+0x10/0x10
[  209.327720][ T7531]  netlink_sendmsg+0x808/0xda0
[  209.327736][ T7531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  209.327751][ T7531]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  209.327769][ T7531]  ____sys_sendmsg+0x9e1/0xb70
[  209.327781][ T7531]  ? __pfx_netlink_sendmsg+0x10/0x10
[  209.327796][ T7531]  ? __pfx_____sys_sendmsg+0x10/0x10
[  209.327814][ T7531]  ___sys_sendmsg+0x190/0x1e0
[  209.327829][ T7531]  ? __pfx____sys_sendmsg+0x10/0x10
[  209.327848][ T7531]  ? find_held_lock+0x2b/0x80
[  209.327874][ T7531]  __sys_sendmsg+0x170/0x220
[  209.327886][ T7531]  ? __pfx___sys_sendmsg+0x10/0x10
[  209.327895][ T7531]  ? __fget_files+0x21f/0x3d0
[  209.327910][ T7531]  ? ksys_write+0x1ac/0x250
[  209.327923][ T7531]  ? rcu_is_watching+0x12/0xc0
[  209.327942][ T7531]  __do_fast_syscall_32+0xe7/0x950
[  209.327955][ T7531]  ? lockdep_hardirqs_on+0x78/0x100
[  209.327968][ T7531]  do_fast_syscall_32+0x32/0x70
[  209.327981][ T7531]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.327995][ T7531] RIP: 0023:0xf7fa7fcc
[  209.328004][ T7531] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  209.328015][ T7531] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  209.328025][ T7531] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  209.328032][ T7531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  209.328037][ T7531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.328043][ T7531] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  209.328049][ T7531] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.328062][ T7531]  </TASK>
[  209.617274][ T7535] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  209.619418][ T7535] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  209.633319][ T7535] vhci_hcd vhci_hcd.0: Device attached
[  209.684372][ T7535] syz2: rxe_newlink: already configured on wg2
[  209.923185][ T5812] usb 38-1: SetAddress Request (26) to port 0
[  209.930450][ T5812] usb 38-1: new SuperSpeed USB device number 26 using vhci_hcd
[  210.202065][ T7536] vhci_hcd: connection reset by peer
[  210.204460][ T1193] vhci_hcd vhci_hcd.0: stop threads
[  210.206851][ T1193] vhci_hcd vhci_hcd.0: release socket
[  210.209289][ T1193] vhci_hcd vhci_hcd.0: disconnect device
[  211.094713][ T7583] netlink: 'syz.2.431': attribute type 1 has an invalid length.
[  211.108205][ T7583] bond1: entered promiscuous mode
[  211.110105][ T7583] 8021q: adding VLAN 0 to HW filter on device bond1
[  211.135501][ T7583] netlink: 28 bytes leftover after parsing attributes in process `syz.2.431'.
[  211.147568][ T7583] Bluetooth: MGMT ver 1.23
[  211.492191][ T7594] netlink: 8 bytes leftover after parsing attributes in process `syz.0.430'.
[  211.661342][ T7594] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  211.705166][  T841] wg2 speed is unknown, defaulting to 1000
[  211.985063][ T7613] syz.1.436 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  211.988411][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  211.988422][   T40] audit: type=1326 audit(1777123167.473:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.020559][   T40] audit: type=1326 audit(1777123167.473:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.035863][   T40] audit: type=1326 audit(1777123167.473:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.061439][   T40] audit: type=1326 audit(1777123167.473:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.084533][   T40] audit: type=1326 audit(1777123167.503:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.097425][   T40] audit: type=1326 audit(1777123167.503:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.105726][   T40] audit: type=1326 audit(1777123167.503:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.113618][   T40] audit: type=1326 audit(1777123167.503:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.121482][   T40] audit: type=1326 audit(1777123167.503:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.130110][   T40] audit: type=1326 audit(1777123167.503:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7611 comm="syz.1.436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  212.744425][   T24] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  212.904419][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.907888][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.910937][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  212.915485][   T24] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  212.918262][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.922027][   T24] usb 5-1: config 0 descriptor??
[  213.007937][ T7629] capability: warning: `syz.1.442' uses deprecated v2 capabilities in a way that may be insecure
[  213.271402][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  213.274408][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  213.280879][   T24] usb 5-1: USB disconnect, device number 24
[  213.768538][ T1193] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.893736][ T1193] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.907613][ T5735] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  213.911909][ T5735] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  213.916475][ T5735] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  213.919616][ T5735] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  213.922838][ T5735] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  213.934766][ T5744] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  213.939553][ T5744] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  213.942283][ T5744] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  213.945493][ T5744] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  213.949390][ T5744] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  214.018285][ T1193] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.093111][ T5839] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  214.116899][ T1193] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.143789][ T7637] wg2 speed is unknown, defaulting to 1000
[  214.243163][ T5839] usb 5-1: Using ep0 maxpacket: 8
[  214.252194][ T5839] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b
[  214.256110][ T5839] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.259794][ T5839] usb 5-1: Product: syz
[  214.261146][ T5839] usb 5-1: Manufacturer: syz
[  214.262709][ T5839] usb 5-1: SerialNumber: syz
[  214.270236][ T5839] usb 5-1: config 0 descriptor??
[  214.277705][ T5839] dvb-usb: found a 'DViCO FusionHDTV DVB-T USB (LGZ201)' in warm state.
[  214.280456][ T5839] dvb-usb: bulk message failed: -22 (2/0)
[  214.287059][ T5839] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  214.290470][ T5839] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T USB (LGZ201))
[  214.293964][ T5839] usb 5-1: media controller created
[  214.304284][ T5839] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  214.426178][ T1193] bridge_slave_1: left allmulticast mode
[  214.428170][ T1193] bridge_slave_1: left promiscuous mode
[  214.432056][ T1193] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.439489][ T1193] bridge_slave_0: left allmulticast mode
[  214.441339][ T1193] bridge_slave_0: left promiscuous mode
[  214.446236][ T1193] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.483712][ T5839] dvb-usb: bulk message failed: -22 (1/0)
[  214.506448][ T5839] DVB: Unable to find symbol mt352_attach()
[  214.508412][ T5839] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T USB (LGZ201)'
[  214.566133][ T5839] rc_core: IR keymap rc-dvico-portable not found
[  214.568146][ T5839] Registered IR keymap rc-empty
[  214.570326][ T5839] rc rc0: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  214.575722][ T5839] input: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input21
[  214.583079][ T5839] dvb-usb: schedule remote query interval to 100 msecs.
[  214.585313][ T5839] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully initialized and connected.
[  214.670092][ T7668] fuse: Bad value for 'fd'
[  214.689394][  T841] usb 5-1: USB disconnect, device number 25
[  214.704780][ T5839] dvb-usb: bulk message failed: -22 (1/0)
[  214.728258][ T1193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.760987][ T1193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.775085][ T1193] bond0 (unregistering): Released all slaves
[  214.776828][  T841] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully deinitialized and disconnected.
[  214.788473][ T1193] bond1 (unregistering): Released all slaves
[  214.820164][ T7637] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.822501][ T7637] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.827141][ T7637] bridge_slave_0: entered allmulticast mode
[  214.830545][ T7637] bridge_slave_0: entered promiscuous mode
[  214.834093][ T7637] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.836552][ T7637] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.838821][ T7637] bridge_slave_1: entered allmulticast mode
[  214.841384][ T7637] bridge_slave_1: entered promiscuous mode
[  214.862743][ T7637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.864760][ T7679] overlayfs: failed to clone upperpath
[  214.873517][ T7637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.897403][ T7637] team0: Port device team_slave_0 added
[  214.904963][ T7637] team0: Port device team_slave_1 added
[  214.947242][ T7637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.949854][ T7637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  214.959754][ T7637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.966824][ T7637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.969598][ T7637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  214.979099][ T7637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.993144][ T5812] usb 38-1: device descriptor read/8, error -110
[  215.003154][ T7637] hsr_slave_0: entered promiscuous mode
[  215.005981][ T7637] hsr_slave_1: entered promiscuous mode
[  215.008815][ T7637] debugfs: 'hsr0' already exists in 'hsr'
[  215.010825][ T7637] Cannot create hsr debugfs directory
[  215.143517][ T5447] 8021q: adding VLAN 0 to HW filter on device eth2
[  215.179616][ T7637] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  215.186672][ T7637] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  215.189491][ T7637] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  215.195364][ T7637] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  215.198206][ T7637] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  215.202162][ T7637] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  215.205700][ T7637] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  215.217867][ T7637] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  215.247618][ T7637] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.249924][ T7637] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.253531][ T7637] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.255828][ T7637] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.304728][ T1193] hsr_slave_0: left promiscuous mode
[  215.307137][ T1193] hsr_slave_1: left promiscuous mode
[  215.310464][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  215.312865][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.321541][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  215.328936][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.359565][ T1193] veth1_macvtap: left promiscuous mode
[  215.361465][ T1193] veth0_macvtap: left promiscuous mode
[  215.364842][ T1193] veth1_vlan: left promiscuous mode
[  215.366621][ T1193] veth0_vlan: left promiscuous mode
[  215.367866][ T7700] netlink: 'syz.0.458': attribute type 1 has an invalid length.
[  215.371323][ T7700] netlink: 224 bytes leftover after parsing attributes in process `syz.0.458'.
[  215.374538][ T7700] NCSI netlink: No device for ifindex 2164177684
[  215.394909][ T5812] usb usb38-port1: attempt power cycle
[  215.571193][ T1193] team0 (unregistering): Port device team_slave_1 removed
[  215.572733][ T7711] fuse: Bad value for 'fd'
[  215.581644][ T1193] team0 (unregistering): Port device team_slave_0 removed
[  215.611075][ T7713] fuse: Bad value for 'fd'
[  215.693119][ T7717] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  215.702760][ T7637] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.712262][ T5447] 8021q: adding VLAN 0 to HW filter on device eth3
[  215.721078][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.730758][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.733984][ T7720] fuse: Bad value for 'fd'
[  215.742453][ T7637] 8021q: adding VLAN 0 to HW filter on device team0
[  215.824671][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.826987][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.005982][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.008325][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.054460][ T5735] Bluetooth: hci1: command tx timeout
[  216.190379][ T5447] 8021q: adding VLAN 0 to HW filter on device eth4
[  216.305573][ T7637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.373397][ T5447] 8021q: adding VLAN 0 to HW filter on device eth5
[  216.462910][ T7637] veth0_vlan: entered promiscuous mode
[  216.469108][ T7637] veth1_vlan: entered promiscuous mode
[  216.490114][ T7637] veth0_macvtap: entered promiscuous mode
[  216.495555][ T7637] veth1_macvtap: entered promiscuous mode
[  216.507004][ T7637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.515579][ T7637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.526762][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.530266][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.534105][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.537618][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.569714][ T1157] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.575451][ T1157] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.590765][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.593744][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.200646][ T5812] usb usb38-port1: unable to enumerate USB device
[  217.254677][ T7769] rdma_rxe: rxe_newlink: failed to add wg2
[  217.279650][ T7768] rdma_rxe: rxe_newlink: failed to add wg2
[  217.808921][ T7783] overlayfs: failed to clone upperpath
[  219.419702][ T7801] overlayfs: failed to clone upperpath
[  219.502468][ T7809] fuse: Bad value for 'fd'
[  219.821664][ T1157] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.033771][ T5744] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  220.039317][ T5744] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  220.043567][ T5744] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  220.047155][ T5744] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  220.050116][ T5744] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  220.278858][ T7816] wg2 speed is unknown, defaulting to 1000
[  220.555006][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.557417][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.559889][ T7816] bridge_slave_0: entered allmulticast mode
[  220.562904][ T7816] bridge_slave_0: entered promiscuous mode
[  220.566388][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.568730][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.571145][ T7816] bridge_slave_1: entered allmulticast mode
[  220.573724][ T7816] bridge_slave_1: entered promiscuous mode
[  220.588288][ T7816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  220.592805][ T7816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  220.610053][ T7816] team0: Port device team_slave_0 added
[  220.613279][ T7816] team0: Port device team_slave_1 added
[  220.633218][ T7816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.636144][ T7816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  220.645100][ T7816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.649555][ T7816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.651795][ T7816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  220.659625][ T7816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.683351][ T7816] hsr_slave_0: entered promiscuous mode
[  220.685461][ T7816] hsr_slave_1: entered promiscuous mode
[  220.687562][ T7816] debugfs: 'hsr0' already exists in 'hsr'
[  220.689374][ T7816] Cannot create hsr debugfs directory
[  220.781118][ T7816] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  220.786910][ T7816] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  220.789779][ T7816] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  220.793486][ T7816] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  220.796150][ T7816] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  220.800321][ T7816] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  220.802916][ T7816] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  220.806796][ T7816] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  220.819207][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.821639][ T7816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.823996][ T7816] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.826301][ T7816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.856675][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.860413][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.869231][ T7816] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.880276][ T7816] 8021q: adding VLAN 0 to HW filter on device team0
[  220.886072][  T214] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.888331][  T214] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.897999][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.900290][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  221.152172][ T7816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.308630][ T1157] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.332845][ T7816] veth0_vlan: entered promiscuous mode
[  221.338928][ T7816] veth1_vlan: entered promiscuous mode
[  221.354055][ T7816] veth0_macvtap: entered promiscuous mode
[  221.358586][ T7816] veth1_macvtap: entered promiscuous mode
[  221.376497][ T1157] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.387770][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.393716][ T7816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.399690][   T59] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.402364][   T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.407346][   T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.410033][   T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.440411][ T1157] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.462744][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.466819][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.481992][ T1193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  221.484754][ T1193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.578101][ T1157] bridge_slave_1: left allmulticast mode
[  221.580452][ T1157] bridge_slave_1: left promiscuous mode
[  221.582502][ T1157] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.588323][ T1157] bridge_slave_0: left allmulticast mode
[  221.590360][ T1157] bridge_slave_0: left promiscuous mode
[  221.592685][ T1157] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.861033][ T1157] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.866818][ T1157] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.871243][ T1157] bond0 (unregistering): Released all slaves
[  222.039525][ T5447] 8021q: adding VLAN 0 to HW filter on device eth6
[  222.123194][ T5735] Bluetooth: hci1: command tx timeout
[  222.207990][ T5447] 8021q: adding VLAN 0 to HW filter on device eth7
[  222.314895][ T7859] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  222.316905][ T7859] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  222.319896][ T7859] vhci_hcd vhci_hcd.0: Device attached
[  222.372135][ T7859] rdma_rxe: rxe_newlink: failed to add wg2
[  222.380856][ T5447] 8021q: adding VLAN 0 to HW filter on device eth8
[  222.390897][ T1157] hsr_slave_0: left promiscuous mode
[  222.400899][ T1157] hsr_slave_1: left promiscuous mode
[  222.406885][ T1157] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.409689][ T1157] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.412697][ T1157] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.415608][ T1157] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.422157][ T1157] veth1_macvtap: left promiscuous mode
[  222.427523][ T1157] veth0_macvtap: left promiscuous mode
[  222.429255][ T1157] veth1_vlan: left promiscuous mode
[  222.430881][ T1157] veth0_vlan: left promiscuous mode
[  222.570547][ T1157] team0 (unregistering): Port device team_slave_1 removed
[  222.579138][ T1157] team0 (unregistering): Port device team_slave_0 removed
[  222.603112][ T5812] usb 48-1: SetAddress Request (2) to port 0
[  222.604955][ T5812] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  222.806221][ T7879] vhci_hcd: connection reset by peer
[  222.808356][   T59] vhci_hcd vhci_hcd.5: stop threads
[  222.809972][   T59] vhci_hcd vhci_hcd.5: release socket
[  222.811787][   T59] vhci_hcd vhci_hcd.5: disconnect device
[  222.857761][ T5447] 8021q: adding VLAN 0 to HW filter on device eth9
[  222.942477][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.0.488'.
[  223.044790][ T7901] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  223.239100][ T7927] fuse: Bad value for 'fd'
[  223.317087][ T7935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'.
[  223.441492][ T7945] netlink: 28 bytes leftover after parsing attributes in process `syz.1.504'.
[  223.547589][ T7954] fuse: Bad value for 'fd'
[  223.582804][ T7956] 8021q: VLANs not supported on ip6_vti0
[  223.584979][ T7958] netlink: 28 bytes leftover after parsing attributes in process `syz.5.509'.
[  223.587709][ T7958] FAULT_INJECTION: forcing a failure.
[  223.587709][ T7958] name failslab, interval 1, probability 0, space 0, times 0
[  223.592902][ T7958] CPU: 2 UID: 0 PID: 7958 Comm: syz.5.509 Not tainted syzkaller #0 PREEMPT(full) 
[  223.592916][ T7958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  223.592923][ T7958] Call Trace:
[  223.592927][ T7958]  <TASK>
[  223.592932][ T7958]  dump_stack_lvl+0x100/0x190
[  223.592947][ T7958]  should_fail_ex.cold+0x5/0xa
[  223.592962][ T7958]  should_failslab+0xc2/0x120
[  223.592974][ T7958]  __kmalloc_cache_noprof+0x7a/0x6f0
[  223.593007][ T7958]  ? ctnetlink_alloc_filter+0x9f/0xab0
[  223.593027][ T7958]  ctnetlink_alloc_filter+0x9f/0xab0
[  223.593042][ T7958]  ? __pfx_ctnetlink_alloc_filter+0x10/0x10
[  223.593057][ T7958]  ? trace_contention_end+0x122/0x170
[  223.593069][ T7958]  ? __mutex_lock+0x26d/0x1b10
[  223.593083][ T7958]  ? nfnetlink_rcv_msg+0x8ad/0x11e0
[  223.593095][ T7958]  ctnetlink_del_conntrack+0x3a0/0xa80
[  223.593111][ T7958]  ? __pfx_ctnetlink_del_conntrack+0x10/0x10
[  223.593131][ T7958]  ? rcu_is_watching+0x12/0xc0
[  223.593147][ T7958]  nfnetlink_rcv_msg+0x9d5/0x11e0
[  223.593162][ T7958]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  223.593174][ T7958]  ? kfree_skbmem+0x19f/0x210
[  223.593202][ T7958]  ? __pfx___dev_queue_xmit+0x10/0x10
[  223.593218][ T7958]  netlink_rcv_skb+0x159/0x420
[  223.593231][ T7958]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  223.593242][ T7958]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.593262][ T7958]  ? ns_capable+0xd2/0xf0
[  223.593276][ T7958]  nfnetlink_rcv+0x1b3/0x440
[  223.593293][ T7958]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  223.593309][ T7958]  ? netlink_deliver_tap+0x1ae/0xcc0
[  223.593324][ T7958]  netlink_unicast+0x585/0x850
[  223.593339][ T7958]  ? __pfx_netlink_unicast+0x10/0x10
[  223.593356][ T7958]  netlink_sendmsg+0x8b0/0xda0
[  223.593372][ T7958]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.593387][ T7958]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  223.593405][ T7958]  ____sys_sendmsg+0x9e1/0xb70
[  223.593417][ T7958]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.593432][ T7958]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.593452][ T7958]  ___sys_sendmsg+0x190/0x1e0
[  223.593466][ T7958]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.593487][ T7958]  ? find_held_lock+0x2b/0x80
[  223.593509][ T7958]  __sys_sendmsg+0x170/0x220
[  223.593520][ T7958]  ? __pfx___sys_sendmsg+0x10/0x10
[  223.593529][ T7958]  ? __fget_files+0x21f/0x3d0
[  223.593545][ T7958]  ? ksys_write+0x1ac/0x250
[  223.593558][ T7958]  ? rcu_is_watching+0x12/0xc0
[  223.593572][ T7958]  __do_fast_syscall_32+0xe7/0x950
[  223.593585][ T7958]  ? lockdep_hardirqs_on+0x78/0x100
[  223.593600][ T7958]  do_fast_syscall_32+0x32/0x70
[  223.593613][ T7958]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  223.593626][ T7958] RIP: 0023:0xf70befcc
[  223.593635][ T7958] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  223.593646][ T7958] RSP: 002b:00000000f54ad50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  223.593656][ T7958] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000300
[  223.593663][ T7958] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  223.593669][ T7958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  223.593674][ T7958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.593681][ T7958] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  223.593694][ T7958]  </TASK>
[  223.830265][ T5735] Bluetooth: hci1: unexpected event 0x18 length: 247 > 23
[  223.925954][ T7963] rdma_rxe: rxe_newlink: failed to add wg2
[  223.937806][ T7965] netlink: 4 bytes leftover after parsing attributes in process `syz.5.512'.
[  224.102288][ T7976] fuse: Bad value for 'fd'
[  224.194134][ T5735] Bluetooth: hci1: command tx timeout
[  224.355963][ T8001] fuse: Bad value for 'fd'
[  224.701838][ T8022] fuse: Bad value for 'fd'
[  225.888421][ T8023] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.965559][ T8049] fuse: Bad value for 'fd'
[  226.030788][ T8028] rdma_rxe: rxe_newlink: failed to add wg2
[  226.143318][ T8023] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.205204][ T8023] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.273985][ T5735] Bluetooth: hci1: command tx timeout
[  226.348154][ T8023] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.400291][ T8057] netlink: 28 bytes leftover after parsing attributes in process `syz.5.548'.
[  226.420621][ T1164] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  226.428432][ T1164] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.441769][ T1164] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.456216][ T1164] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.281808][ T8077] wg2 speed is unknown, defaulting to 1000
[  227.370047][ T8092] netlink: 8 bytes leftover after parsing attributes in process `syz.5.555'.
[  227.373312][ T8092] netlink: 12 bytes leftover after parsing attributes in process `syz.5.555'.
[  227.430148][ T8097] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  227.835306][ T5812] usb 48-1: device descriptor read/8, error -110
[  228.018828][ T8122] syz2: rxe_newlink: already configured on wg2
[  228.114107][ T8144] FAULT_INJECTION: forcing a failure.
[  228.114107][ T8144] name failslab, interval 1, probability 0, space 0, times 0
[  228.118151][ T8144] CPU: 1 UID: 0 PID: 8144 Comm: syz.5.561 Not tainted syzkaller #0 PREEMPT(full) 
[  228.118165][ T8144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  228.118171][ T8144] Call Trace:
[  228.118175][ T8144]  <TASK>
[  228.118180][ T8144]  dump_stack_lvl+0x100/0x190
[  228.118196][ T8144]  should_fail_ex.cold+0x5/0xa
[  228.118209][ T8144]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  228.118226][ T8144]  should_failslab+0xc2/0x120
[  228.118238][ T8144]  __kmalloc_noprof+0xe0/0x850
[  228.118258][ T8144]  genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  228.118277][ T8144]  genl_family_rcv_msg_doit+0xc7/0x300
[  228.118293][ T8144]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  228.118308][ T8144]  ? genl_get_cmd+0x3e7/0x760
[  228.118326][ T8144]  ? __alloc_skb+0x185/0x710
[  228.118341][ T8144]  ? netlink_alloc_large_skb+0x69/0x150
[  228.118353][ T8144]  ? __radix_tree_lookup+0x217/0x2b0
[  228.118367][ T8144]  genl_rcv_msg+0x560/0x800
[  228.118383][ T8144]  ? __pfx_genl_rcv_msg+0x10/0x10
[  228.118398][ T8144]  ? __pfx_netlbl_unlabel_list+0x10/0x10
[  228.118413][ T8144]  ? __lock_acquire+0x4a5/0x2630
[  228.118426][ T8144]  netlink_rcv_skb+0x159/0x420
[  228.118439][ T8144]  ? __pfx_genl_rcv_msg+0x10/0x10
[  228.118455][ T8144]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  228.118473][ T8144]  ? netlink_deliver_tap+0x1ae/0xcc0
[  228.118487][ T8144]  genl_rcv+0x28/0x40
[  228.118500][ T8144]  netlink_unicast+0x585/0x850
[  228.118515][ T8144]  ? __pfx_netlink_unicast+0x10/0x10
[  228.118559][ T8144]  netlink_sendmsg+0x8b0/0xda0
[  228.118581][ T8144]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.118597][ T8144]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  228.118614][ T8144]  ____sys_sendmsg+0x9e1/0xb70
[  228.118627][ T8144]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.118643][ T8144]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.118662][ T8144]  ___sys_sendmsg+0x190/0x1e0
[  228.118677][ T8144]  ? __pfx____sys_sendmsg+0x10/0x10
[  228.118697][ T8144]  ? find_held_lock+0x2b/0x80
[  228.118718][ T8144]  __sys_sendmsg+0x170/0x220
[  228.118729][ T8144]  ? __pfx___sys_sendmsg+0x10/0x10
[  228.118738][ T8144]  ? __fget_files+0x21f/0x3d0
[  228.118754][ T8144]  ? ksys_write+0x1ac/0x250
[  228.118767][ T8144]  ? rcu_is_watching+0x12/0xc0
[  228.118781][ T8144]  __do_fast_syscall_32+0xe7/0x950
[  228.118794][ T8144]  ? lockdep_hardirqs_on+0x78/0x100
[  228.118807][ T8144]  do_fast_syscall_32+0x32/0x70
[  228.118821][ T8144]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  228.118834][ T8144] RIP: 0023:0xf70befcc
[  228.118843][ T8144] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  228.118853][ T8144] RSP: 002b:00000000f54ad50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  228.118864][ T8144] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800004c0
[  228.118870][ T8144] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  228.118876][ T8144] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  228.118888][ T8144] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  228.118898][ T8144] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  228.118918][ T8144]  </TASK>
[  228.134247][ T8146] fuse: Bad value for 'fd'
[  228.306178][ T5812] usb usb48-port1: attempt power cycle
[  228.355585][ T5744] Bluetooth: hci1: command tx timeout
[  228.900118][ T5812] usb usb48-port1: unable to enumerate USB device
[  228.916999][ T8172] overlayfs: failed to clone upperpath
[  230.426157][ T8187] netlink: 16 bytes leftover after parsing attributes in process `syz.0.573'.
[  230.443133][ T5735] Bluetooth: hci1: command 0x0406 tx timeout
[  230.570639][ T8192] fuse: Bad value for 'fd'
[  230.704120][ T8198] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  231.047830][ T8194] syz2: rxe_newlink: already configured on wg2
[  231.067553][   T40] kauditd_printk_skb: 395 callbacks suppressed
[  231.067569][   T40] audit: type=1326 audit(1777123186.553:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.076210][ T8204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.580'.
[  231.080646][   T40] audit: type=1326 audit(1777123186.553:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080675][   T40] audit: type=1326 audit(1777123186.553:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080695][   T40] audit: type=1326 audit(1777123186.553:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080715][   T40] audit: type=1326 audit(1777123186.553:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080734][   T40] audit: type=1326 audit(1777123186.553:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080754][   T40] audit: type=1326 audit(1777123186.553:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080775][   T40] audit: type=1326 audit(1777123186.553:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080794][   T40] audit: type=1326 audit(1777123186.553:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.080815][   T40] audit: type=1326 audit(1777123186.553:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8203 comm="syz.1.580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  231.338050][ T8214] overlayfs: failed to clone upperpath
[  232.256849][ T8218] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3482940618 (6965881236 ns) > initial count (504378442 ns). Using initial count to start timer.
[  232.298761][ T8222] fuse: Bad value for 'fd'
[  232.698502][ T8235] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  232.783472][ T1036] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  232.933228][ T1036] usb 10-1: Using ep0 maxpacket: 8
[  232.939820][ T1036] usb 10-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b
[  232.944148][ T1036] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.946979][ T1036] usb 10-1: Product: syz
[  232.948807][ T1036] usb 10-1: Manufacturer: syz
[  232.950901][ T1036] usb 10-1: SerialNumber: syz
[  232.955222][ T1036] usb 10-1: config 0 descriptor??
[  232.961016][ T1036] dvb-usb: found a 'DViCO FusionHDTV DVB-T USB (LGZ201)' in warm state.
[  232.964122][ T1036] dvb-usb: bulk message failed: -22 (2/0)
[  232.967924][ T1036] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  232.971606][ T1036] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T USB (LGZ201))
[  232.975496][ T1036] usb 10-1: media controller created
[  232.988121][ T1036] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  233.160710][ T1036] dvb-usb: bulk message failed: -22 (1/0)
[  233.185315][ T1036] DVB: Unable to find symbol mt352_attach()
[  233.187296][ T1036] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T USB (LGZ201)'
[  233.189428][ T8265] overlayfs: failed to clone upperpath
[  233.233652][ T1036] rc_core: IR keymap rc-dvico-portable not found
[  233.236137][ T1036] Registered IR keymap rc-empty
[  233.240023][ T1036] rc rc0: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0
[  233.244953][ T1036] input: DViCO FusionHDTV DVB-T USB (LGZ201) as /devices/platform/dummy_hcd.5/usb10/10-1/rc/rc0/input22
[  233.249641][ T1036] dvb-usb: schedule remote query interval to 100 msecs.
[  233.253435][ T1036] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully initialized and connected.
[  233.363743][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  233.368214][   T34] usb 10-1: USB disconnect, device number 2
[  233.394920][   T34] dvb-usb: DViCO FusionHDTV DVB-T USB (LGZ201) successfully deinitialized and disconnected.
[  233.697602][ T8279] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  233.701986][ T8279] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  233.960979][ T8289] tipc: Started in network mode
[  233.963244][ T8289] tipc: Node identity aace3b758331, cluster identity 4711
[  233.966883][ T8289] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  233.972585][ T8288] tipc: Disabling bearer <eth:syzkaller0>
[  234.248025][ T8296] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  234.573050][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  234.958249][ T8276] rdma_rxe: rxe_newlink: failed to add wg2
[  235.079332][ T8313] fuse: Bad value for 'fd'
[  235.141767][ T8319] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  236.059845][ T8348] fuse: Bad value for 'fd'
[  236.096434][ T8351] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  236.103153][ T8351] overlayfs: conflicting options: userxattr,redirect_dir=on
[  236.147741][ T8353] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  236.184420][ T8354] input: syz0 as /devices/virtual/input/input24
[  237.455922][ T8373] fuse: fd is not a fuse device
[  239.686288][ T8370] netlink: 16 bytes leftover after parsing attributes in process `syz.5.627'.
[  240.083620][ T8394] netlink: 16 bytes leftover after parsing attributes in process `syz.0.633'.
[  240.515562][ T8413] fuse: Bad value for 'fd'
[  240.571796][ T8417] netlink: 16 bytes leftover after parsing attributes in process `syz.3.641'.
[  240.738025][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.5.640'.
[  240.816351][ T8425] overlayfs: failed to clone upperpath
[  241.293590][ T8430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.645'.
[  241.783168][ T5839] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  241.935613][ T5839] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  241.939899][ T5839] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  241.947080][ T5839] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  241.950664][ T5839] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.956385][ T5839] usb 10-1: config 0 descriptor??
[  241.963644][ T5839] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[  242.193417][ T5839] usb 10-1: USB disconnect, device number 3
[  242.930346][ T8456] netlink: 'syz.5.651': attribute type 4 has an invalid length.
[  242.934771][ T8456] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.651'.
[  243.213211][ T1036] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  243.353111][ T1036] usb 10-1: device descriptor read/64, error -71
[  243.603137][ T1036] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  243.733159][ T1036] usb 10-1: device descriptor read/64, error -71
[  243.845085][ T1036] usb usb10-port1: attempt power cycle
[  243.851747][ T8443] netlink: 7076 bytes leftover after parsing attributes in process `syz.3.647'.
[  243.854832][ T8443] openvswitch: netlink: Flow key attr not present in new flow.
[  244.050588][ T8468] netlink: 16 bytes leftover after parsing attributes in process `syz.1.654'.
[  244.183125][ T1036] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  244.203589][ T1036] usb 10-1: device descriptor read/8, error -71
[  244.443197][ T1036] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  244.480271][ T1036] usb 10-1: device descriptor read/8, error -71
[  244.583298][ T1036] usb usb10-port1: unable to enumerate USB device
[  244.596744][ T8488] overlayfs: failed to clone upperpath
[  245.044178][ T8494] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  246.017460][ T8507] netlink: 220 bytes leftover after parsing attributes in process `syz.3.668'.
[  246.021639][ T8507] tc_dump_action: action bad kind
[  246.204568][ T8516] netlink: 7076 bytes leftover after parsing attributes in process `syz.5.667'.
[  246.207557][ T8516] openvswitch: netlink: Flow key attr not present in new flow.
[  247.977724][ T8554] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  248.121680][ T8562] warning: `syz.1.690' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  248.163131][ T1036] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  248.319541][ T1036] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  248.324832][ T1036] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  248.328412][ T1036] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.332409][ T1036] usb 10-1: config 0 descriptor??
[  248.336339][ T1036] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[  248.427488][ T8570] netlink: 7076 bytes leftover after parsing attributes in process `syz.1.692'.
[  248.431359][ T8570] openvswitch: netlink: Flow key attr not present in new flow.
[  248.565626][ T4033] usb 10-1: USB disconnect, device number 8
[  248.918904][ T8581] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  249.228159][ T8586] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  249.230850][ T8586] syzkaller0: entered promiscuous mode
[  249.232634][ T8586] syzkaller0: entered allmulticast mode
[  249.237504][ T8586] tipc: Resetting bearer <eth:syzkaller0>
[  249.240643][ T8585] tipc: Resetting bearer <eth:syzkaller0>
[  249.250751][ T8585] tipc: Disabling bearer <eth:syzkaller0>
[  250.072809][ T8600] fuse: fd is not a fuse device
[  250.174968][ T8605] netlink: 'syz.1.701': attribute type 1 has an invalid length.
[  250.177584][ T8605] netlink: 96 bytes leftover after parsing attributes in process `syz.1.701'.
[  250.180614][ T8605] netlink: 1 bytes leftover after parsing attributes in process `syz.1.701'.
[  250.183505][ T8605] netlink: 658 bytes leftover after parsing attributes in process `syz.1.701'.
[  250.189001][   T40] kauditd_printk_skb: 480 callbacks suppressed
[  250.189011][   T40] audit: type=1326 audit(1777123205.673:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.204209][   T40] audit: type=1326 audit(1777123205.673:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.217435][   T40] audit: type=1326 audit(1777123205.683:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.224353][   T40] audit: type=1326 audit(1777123205.683:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.232616][   T40] audit: type=1326 audit(1777123205.683:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.239462][   T40] audit: type=1326 audit(1777123205.683:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.246091][   T40] audit: type=1326 audit(1777123205.683:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.252674][   T40] audit: type=1326 audit(1777123205.683:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.259498][   T40] audit: type=1326 audit(1777123205.683:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.268925][   T40] audit: type=1326 audit(1777123205.683:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8597 comm="syz.1.701" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701efcc code=0x7ffc0000
[  250.505380][ T8610] netlink: 8 bytes leftover after parsing attributes in process `syz.5.705'.
[  250.834467][ T8619] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.706'.
[  250.838010][ T8619] openvswitch: netlink: Flow actions attr not present in new flow.
[  252.845365][ T8643] netlink: 4 bytes leftover after parsing attributes in process `syz.0.717'.
[  252.951178][ T8645] 9p: Bad value for 'rfdno'
[  252.964390][ T8645] netlink: 'syz.0.718': attribute type 1 has an invalid length.
[  252.968858][ T8645] netlink: 'syz.0.718': attribute type 2 has an invalid length.
[  253.075153][ T8650] overlayfs: failed to clone upperpath
[  253.131545][   T59] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.280457][ T5744] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  253.284591][ T5744] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  253.290590][ T5744] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  253.312161][ T5744] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  253.315554][ T8655] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.719'.
[  253.318461][ T8655] openvswitch: netlink: Flow actions attr not present in new flow.
[  253.391014][   T59] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.405511][ T5744] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  253.560087][   T59] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.720902][ T8656] wg2 speed is unknown, defaulting to 1000
[  253.755521][   T59] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.001934][   T59] bridge_slave_1: left allmulticast mode
[  254.004958][   T59] bridge_slave_1: left promiscuous mode
[  254.007913][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.012889][   T59] bridge_slave_0: left allmulticast mode
[  254.015853][   T59] bridge_slave_0: left promiscuous mode
[  254.018378][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.233171][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.243724][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.249458][   T59] bond0 (unregistering): Released all slaves
[  254.384793][   T59] tipc: Left network mode
[  254.475965][ T5447] 8021q: adding VLAN 0 to HW filter on device eth10
[  254.565978][ T8656] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.568335][ T8656] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.570674][ T8656] bridge_slave_0: entered allmulticast mode
[  254.573583][ T8656] bridge_slave_0: entered promiscuous mode
[  254.576793][ T8656] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.579076][ T8656] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.581393][ T8656] bridge_slave_1: entered allmulticast mode
[  254.585527][ T8656] bridge_slave_1: entered promiscuous mode
[  254.610969][ T8656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  254.614613][ T8689] fuse: Bad value for 'fd'
[  254.621604][ T8656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  254.666356][ T8656] team0: Port device team_slave_0 added
[  254.674764][ T8656] team0: Port device team_slave_1 added
[  254.690269][ T8656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  254.693274][ T8656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  254.701132][ T8656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  254.705678][ T5447] 8021q: adding VLAN 0 to HW filter on device eth11
[  254.710032][ T8656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  254.716448][ T8656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  254.725051][ T8656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.758571][ T8698] fuse: Bad value for 'fd'
[  254.764700][ T8656] hsr_slave_0: entered promiscuous mode
[  254.767331][ T8656] hsr_slave_1: entered promiscuous mode
[  254.769787][ T8656] debugfs: 'hsr0' already exists in 'hsr'
[  254.774197][ T8656] Cannot create hsr debugfs directory
[  254.985841][   T59] hsr_slave_0: left promiscuous mode
[  254.988391][   T59] hsr_slave_1: left promiscuous mode
[  254.990514][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.992936][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.004179][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.006748][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.015497][   T59] veth1_macvtap: left promiscuous mode
[  255.017353][   T59] veth0_macvtap: left promiscuous mode
[  255.019198][   T59] veth1_vlan: left promiscuous mode
[  255.021011][   T59] veth0_vlan: left promiscuous mode
[  255.138763][   T59] team0 (unregistering): Port device team_slave_1 removed
[  255.149385][   T59] team0 (unregistering): Port device team_slave_0 removed
[  255.224806][ T5447] 8021q: adding VLAN 0 to HW filter on device eth12
[  255.235598][ T8656] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  255.240886][ T8656] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  255.244527][ T8656] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  255.248528][ T8656] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  255.252262][ T8656] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  255.256209][ T8656] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  255.258901][ T8656] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  255.262771][ T8656] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  255.277953][ T8656] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.280293][ T8656] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.282636][ T8656] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.284862][ T8656] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.314828][ T8656] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.330616][ T1193] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.342879][ T1193] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.359915][ T8656] 8021q: adding VLAN 0 to HW filter on device team0
[  255.366008][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.368328][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.373619][ T1193] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.376170][ T1193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.413715][ T8730] fuse: Bad value for 'fd'
[  255.473306][ T5735] Bluetooth: hci1: command tx timeout
[  255.476970][ T8724] netlink: 48 bytes leftover after parsing attributes in process `syz.0.730'.
[  255.733239][ T5447] 8021q: adding VLAN 0 to HW filter on device eth13
[  255.938616][ T8656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  256.185171][ T8656] veth0_vlan: entered promiscuous mode
[  256.201141][ T8656] veth1_vlan: entered promiscuous mode
[  256.231015][ T8656] veth0_macvtap: entered promiscuous mode
[  256.235038][ T8656] veth1_macvtap: entered promiscuous mode
[  256.243884][ T8656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.249810][ T8656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  256.256516][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  256.260004][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  256.263732][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  256.266719][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  256.339691][ T1157] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.346895][ T1157] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.367008][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.369779][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  257.553101][ T5735] Bluetooth: hci1: command tx timeout
[  257.730345][ T8798] fuse: fd is not a fuse device
[  257.818843][ T8801] netlink: 52 bytes leftover after parsing attributes in process `syz.3.741'.
[  258.036859][ T8781] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.737'.
[  258.039832][ T8781] openvswitch: netlink: Flow actions attr not present in new flow.
[  258.084003][ T8779] overlayfs: failed to clone lowerpath
[  258.349950][ T8807] FAULT_INJECTION: forcing a failure.
[  258.349950][ T8807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.354589][ T8807] CPU: 0 UID: 0 PID: 8807 Comm: syz.6.743 Not tainted syzkaller #0 PREEMPT(full) 
[  258.354604][ T8807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  258.354611][ T8807] Call Trace:
[  258.354615][ T8807]  <TASK>
[  258.354619][ T8807]  dump_stack_lvl+0x100/0x190
[  258.354634][ T8807]  should_fail_ex.cold+0x5/0xa
[  258.354648][ T8807]  _copy_to_user+0x32/0xd0
[  258.354666][ T8807]  kvm_arch_vcpu_ioctl+0xc53/0x5730
[  258.354695][ T8807]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  258.354712][ T8807]  ? is_bpf_text_address+0x94/0x1a0
[  258.354728][ T8807]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  258.354743][ T8807]  ? arch_stack_walk+0xa6/0xf0
[  258.354761][ T8807]  ? __lock_acquire+0x4a5/0x2630
[  258.354772][ T8807]  ? stack_depot_save_flags+0x27/0x9d0
[  258.354783][ T8807]  ? __lock_acquire+0x4a5/0x2630
[  258.354795][ T8807]  ? lock_acquire+0x1b1/0x370
[  258.354807][ T8807]  ? rcu_is_watching+0x12/0xc0
[  258.354819][ T8807]  ? trace_contention_end+0x122/0x170
[  258.354831][ T8807]  ? __mutex_lock+0x26d/0x1b10
[  258.354845][ T8807]  ? kvm_vcpu_ioctl+0x322/0x1720
[  258.354858][ T8807]  ? __pfx___mutex_lock+0x10/0x10
[  258.354880][ T8807]  ? kvm_vcpu_ioctl+0x8a0/0x1720
[  258.354889][ T8807]  kvm_vcpu_ioctl+0x8a0/0x1720
[  258.354900][ T8807]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  258.354910][ T8807]  ? tomoyo_path_number_perm+0x188/0x580
[  258.354922][ T8807]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  258.354932][ T8807]  ? get_pid_task+0x106/0x250
[  258.354951][ T8807]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  258.354967][ T8807]  ? do_vfs_ioctl+0x226/0x13e0
[  258.354977][ T8807]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  258.354993][ T8807]  kvm_vcpu_compat_ioctl+0x20f/0x3c0
[  258.355004][ T8807]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  258.355015][ T8807]  ? __fget_files+0x21f/0x3d0
[  258.355029][ T8807]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  258.355040][ T8807]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  258.355052][ T8807]  __do_fast_syscall_32+0xe7/0x950
[  258.355065][ T8807]  ? lockdep_hardirqs_on+0x78/0x100
[  258.355079][ T8807]  do_fast_syscall_32+0x32/0x70
[  258.355092][ T8807]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  258.355105][ T8807] RIP: 0023:0xf7f32fcc
[  258.355114][ T8807] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  258.355125][ T8807] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  258.355135][ T8807] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000009000aea4
[  258.355142][ T8807] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  258.355148][ T8807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  258.355166][ T8807] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  258.355172][ T8807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  258.355185][ T8807]  </TASK>
[  258.529921][ T8812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.745'.
[  258.579460][ T8816] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  258.969629][ T8820] netlink: 4 bytes leftover after parsing attributes in process `syz.1.746'.
[  259.522090][ T1193] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.662249][ T1193] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.721790][ T5744] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  259.725477][ T5744] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  259.728711][ T5744] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  259.731546][ T5744] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  259.734608][ T5744] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  259.789509][ T1193] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.885541][ T1193] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.968884][ T8854] wg2 speed is unknown, defaulting to 1000
[  260.150785][ T1193] bridge_slave_1: left allmulticast mode
[  260.152611][ T1193] bridge_slave_1: left promiscuous mode
[  260.154905][ T1193] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.174339][ T1193] bridge_slave_0: left allmulticast mode
[  260.176173][ T1193] bridge_slave_0: left promiscuous mode
[  260.178112][ T1193] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.274980][ T1431] ieee802154 phy0 wpan0: encryption failed: -22
[  260.277542][ T1431] ieee802154 phy1 wpan1: encryption failed: -22
[  260.307246][ T1193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.311762][ T1193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.315521][ T1193] bond0 (unregistering): Released all slaves
[  260.485653][ T8854] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.488150][ T8854] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.490504][ T8854] bridge_slave_0: entered allmulticast mode
[  260.493309][ T8854] bridge_slave_0: entered promiscuous mode
[  260.497440][ T8854] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.499908][ T8854] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.502368][ T8854] bridge_slave_1: entered allmulticast mode
[  260.505358][ T8854] bridge_slave_1: entered promiscuous mode
[  260.525136][ T8854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  260.529429][ T8854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.533400][ T5447] 8021q: adding VLAN 0 to HW filter on device eth14
[  260.557051][ T8854] team0: Port device team_slave_0 added
[  260.561193][ T8854] team0: Port device team_slave_1 added
[  260.603902][ T8854] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.606938][ T8854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  260.615863][ T8854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.620873][ T8854] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.623786][ T8854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  260.631982][ T8854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.681285][ T8854] hsr_slave_0: entered promiscuous mode
[  260.689231][ T8854] hsr_slave_1: entered promiscuous mode
[  260.694113][ T8854] debugfs: 'hsr0' already exists in 'hsr'
[  260.695981][ T8854] Cannot create hsr debugfs directory
[  260.876199][ T1193] hsr_slave_0: left promiscuous mode
[  260.880526][ T1193] hsr_slave_1: left promiscuous mode
[  260.883297][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.885663][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.888455][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.890841][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.901728][ T1193] veth1_macvtap: left promiscuous mode
[  260.906108][ T1193] veth0_macvtap: left promiscuous mode
[  260.907919][ T1193] veth1_vlan: left promiscuous mode
[  260.909655][ T1193] veth0_vlan: left promiscuous mode
[  261.080726][ T1193] team0 (unregistering): Port device team_slave_1 removed
[  261.089383][ T1193] team0 (unregistering): Port device team_slave_0 removed
[  261.100773][ T8920] autofs: Unknown parameter ''
[  261.155682][ T5447] 8021q: adding VLAN 0 to HW filter on device eth15
[  261.235249][ T8854] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  261.240066][ T8854] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  261.242749][ T8854] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  261.271502][ T8854] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  261.277038][ T8854] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  261.281800][ T8854] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  261.287350][ T8854] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  261.299499][ T8854] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  261.317187][ T5447] 8021q: adding VLAN 0 to HW filter on device eth16
[  261.359865][ T8854] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.368760][ T8854] 8021q: adding VLAN 0 to HW filter on device team0
[  261.375768][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.378231][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.385038][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.388019][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.499852][ T5447] 8021q: adding VLAN 0 to HW filter on device eth17
[  261.645161][ T8854] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.691515][ T8969] netlink: 6 bytes leftover after parsing attributes in process `syz.3.784'.
[  261.721037][ T8976] netlink: 56 bytes leftover after parsing attributes in process `syz.3.785'.
[  261.769267][ T8854] veth0_vlan: entered promiscuous mode
[  261.778579][ T8854] veth1_vlan: entered promiscuous mode
[  261.793120][ T5735] Bluetooth: hci1: command tx timeout
[  261.797409][ T8854] veth0_macvtap: entered promiscuous mode
[  261.801466][ T8854] veth1_macvtap: entered promiscuous mode
[  261.802008][ T8981] IPv6: NLM_F_CREATE should be specified when creating new route
[  261.810011][ T8854] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.819171][ T8854] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.828436][ T1157] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.834226][ T1157] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.838567][ T1157] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.841526][ T1157] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.842608][ T8986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'.
[  261.883948][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.887860][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.900797][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.903834][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.917873][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.793'.
[  261.920750][ T8996] syz.1.792: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  261.925673][ T8996] CPU: 0 UID: 0 PID: 8996 Comm: syz.1.792 Not tainted syzkaller #0 PREEMPT(full) 
[  261.925688][ T8996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  261.925694][ T8996] Call Trace:
[  261.925698][ T8996]  <TASK>
[  261.925702][ T8996]  dump_stack_lvl+0x100/0x190
[  261.925718][ T8996]  warn_alloc.cold+0x95/0x1c1
[  261.925730][ T8996]  ? __pfx_warn_alloc+0x10/0x10
[  261.925750][ T8996]  ? stack_depot_save_flags+0x27/0x9d0
[  261.925762][ T8996]  ? __lock_acquire+0x4a5/0x2630
[  261.925776][ T8996]  ? xskq_create+0xfb/0x1d0
[  261.925787][ T8996]  __vmalloc_node_range_noprof+0x136c/0x1630
[  261.925802][ T8996]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  261.925819][ T8996]  ? xskq_create+0xfb/0x1d0
[  261.925832][ T8996]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  261.925852][ T8996]  ? xskq_create+0xfb/0x1d0
[  261.925862][ T8996]  vmalloc_user_noprof+0x9e/0xe0
[  261.925876][ T8996]  ? xskq_create+0xfb/0x1d0
[  261.925886][ T8996]  xskq_create+0xfb/0x1d0
[  261.925896][ T8996]  xsk_setsockopt+0x56f/0xab0
[  261.925913][ T8996]  ? __pfx_xsk_setsockopt+0x10/0x10
[  261.925929][ T8996]  ? find_held_lock+0x2b/0x80
[  261.925945][ T8996]  ? aa_sock_opt_perm+0xfe/0x1b0
[  261.925960][ T8996]  ? __pfx_xsk_setsockopt+0x10/0x10
[  261.925977][ T8996]  do_sock_setsockopt+0xf3/0x1d0
[  261.925991][ T8996]  __sys_setsockopt+0x119/0x190
[  261.926010][ T8996]  __ia32_sys_setsockopt+0xbc/0x160
[  261.926027][ T8996]  ? __do_fast_syscall_32+0x98/0x950
[  261.926060][ T8996]  ? lockdep_hardirqs_on+0x78/0x100
[  261.926074][ T8996]  __do_fast_syscall_32+0xe7/0x950
[  261.926091][ T8996]  do_fast_syscall_32+0x32/0x70
[  261.926105][ T8996]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  261.926120][ T8996] RIP: 0023:0xf701efcc
[  261.926129][ T8996] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  261.926140][ T8996] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  261.926151][ T8996] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b
[  261.926158][ T8996] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000063
[  261.926169][ T8996] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  261.926175][ T8996] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  261.926182][ T8996] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  261.926196][ T8996]  </TASK>
[  261.926200][ T8996] Mem-Info:
[  261.965910][ T9003] netlink: 'syz.7.763': attribute type 1 has an invalid length.
[  261.970018][ T8996] active_anon:1420 inactive_anon:713 isolated_anon:0
[  261.970018][ T8996]  active_file:5547 inactive_file:14096 isolated_file:0
[  261.970018][ T8996]  unevictable:1768 dirty:91 writeback:0
[  261.970018][ T8996]  slab_reclaimable:6618 slab_unreclaimable:54461
[  261.970018][ T8996]  mapped:22178 shmem:1797 pagetables:1522
[  261.970018][ T8996]  sec_pagetables:306 bounce:0
[  261.970018][ T8996]  kernel_misc_reclaimable:0
[  261.970018][ T8996]  free:74471 free_pcp:15807 free_cma:0
[  261.970082][ T8996] Node 0 active_anon:4kB inactive_anon:40kB active_file:2244kB inactive_file:288kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:316kB dirty:36kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9024kB pagetables:1420kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  261.970115][ T8996] Node 1 active_anon:5676kB inactive_anon:2812kB active_file:19944kB inactive_file:56096kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:88396kB dirty:328kB writeback:0kB shmem:3652kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4684kB pagetables:4668kB sec_pagetables:76kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  262.025480][ T9011] netlink: 8 bytes leftover after parsing attributes in process `syz.7.763'.
[  262.035491][ T8996] Node 0 DMA free:2276kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:132kB local_pcp:4kB free_cma:0kB
[  262.035533][ T8996] lowmem_reserve[]: 0
[  262.047979][ T9011] netlink: 24 bytes leftover after parsing attributes in process `syz.7.763'.
[  262.050700][ T8996]  285 285 285 285
[  262.050721][ T8996] Node 0 DMA32 free:17384kB boost:2048kB min:15140kB low:18412kB high:21684kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:2244kB inactive_file:288kB unevictable:3536kB writepending:36kB zspages:0kB present:1032196kB managed:292684kB mlocked:0kB bounce:0kB free_pcp:15024kB local_pcp:3740kB free_cma:0kB
[  262.078641][ T8996] lowmem_reserve[]: 0 0 0 0 0
[  262.080567][ T8996] Node 1 DMA32 free:277584kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:5776kB inactive_anon:2812kB active_file:19944kB inactive_file:56096kB unevictable:3536kB writepending:328kB zspages:6524kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:47896kB local_pcp:20800kB free_cma:0kB
[  262.090768][ T8996] lowmem_reserve[]: 0 0 0 0 0
[  262.092254][ T8996] Node 0 DMA: 7*4kB (U) 5*8kB (U) 4*16kB (U) 9*32kB (U) 3*64kB (U) 1*128kB (U) 0*256kB 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2276kB
[  262.096735][ T8996] Node 0 DMA32: 942*4kB (UME) 142*8kB (UME) 6*16kB (UME) 133*32kB (UME) 21*64kB (UME) 7*128kB (UME) 7*256kB (UME) 2*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 17384kB
[  262.101920][ T8996] Node 1 DMA32: 1522*4kB (UM) 1367*8kB (UM) 1199*16kB (UME) 158*32kB (ME) 200*64kB (UME) 231*128kB (UME) 198*256kB (UME) 143*512kB (UME) 42*1024kB (UM) 11*2048kB (M) 1*4096kB (M) = 277168kB
[  262.107754][ T8996] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.110710][ T8996] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  262.113622][ T8996] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  262.116656][ T8996] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  262.119893][ T8996] 22541 total pagecache pages
[  262.121400][ T8996] 1105 pages in swap cache
[  262.122877][ T8996] Free swap  = 98924kB
[  262.124453][ T8996] Total swap = 124996kB
[  262.125826][ T8996] 524155 pages RAM
[  262.127084][ T8996] 0 pages HighMem/MovableOnly
[  262.128577][ T8996] 210091 pages reserved
[  262.129895][ T8996] 0 pages cma reserved
[  262.130470][ T9019] netlink: 'syz.0.801': attribute type 1 has an invalid length.
[  262.189012][ T9019] 8021q: adding VLAN 0 to HW filter on device bond2
[  262.193479][ T9019] bond1: (slave bond2): making interface the new active one
[  262.203596][ T9019] bond1: (slave bond2): Enslaving as an active interface with an up link
[  262.211884][ T9026] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1��^!�l�1�*�$pNc�ɔ��r$�G����
[  262.245415][ T9019] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  262.255825][ T9019] netlink: 28 bytes leftover after parsing attributes in process `syz.0.801'.
[  262.520097][ T5735] Bluetooth: hci1: unexpected event 0x3c length: 14 > 7
[  262.927843][ T9056] nvme_fabrics: missing parameter 'transport=%s'
[  262.932215][ T9056] nvme_fabrics: missing parameter 'nqn=%s'
[  262.987664][ T9068] overlayfs: failed to resolve './file0/file0': -2
[  263.576523][ T9086] netlink: 20 bytes leftover after parsing attributes in process `syz.7.821'.
[  263.586543][ T9086] syzkaller0: entered promiscuous mode
[  263.588796][ T9086] syzkaller0: entered allmulticast mode
[  263.884390][ T5735] Bluetooth: hci1: command tx timeout
[  263.905810][ T9107] wg2 speed is unknown, defaulting to 1000
[  263.948836][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  263.948848][   T40] audit: type=1326 audit(1777123219.433:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9105 comm="syz.1.829" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701efcc code=0x0
[  264.006809][ T9110] overlayfs: missing 'lowerdir'
[  265.080067][ T9125] netlink: 84 bytes leftover after parsing attributes in process `syz.7.833'.
[  265.338484][ T9134] capability: warning: `syz.0.837' uses 32-bit capabilities (legacy support in use)
[  265.436880][ T9142] fuse: Bad value for 'fd'
[  265.469860][ T9150] fuse: Bad value for 'fd'
[  265.499470][ T9152] fuse: Bad value for 'fd'
[  265.963158][ T5735] Bluetooth: hci1: command tx timeout
[  266.131651][ T9174] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  266.458419][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.7.855'.
[  266.556271][ T9117] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.831'.
[  266.559253][ T9117] openvswitch: netlink: Flow actions attr not present in new flow.
[  266.946223][   T40] audit: type=1326 audit(1777123222.433:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9190 comm="syz.0.858" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa7fcc code=0x0
[  267.296679][ T9198] tipc: Failed to remove unknown binding: 66,1,1/0:2069395640/2069395642
[  267.300281][ T9198] tipc: Failed to remove unknown binding: 66,1,1/0:2069395640/2069395642
[  267.394647][ T9208] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  268.033132][ T5735] Bluetooth: hci1: command tx timeout
[  268.328933][ T9268] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.869'.
[  268.331845][ T9268] openvswitch: netlink: Flow actions attr not present in new flow.
[  269.579588][ T9290] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  270.369475][ T9317] netlink: 'syz.1.882': attribute type 1 has an invalid length.
[  270.477384][ T9321] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  270.929373][ T9333] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.887'.
[  270.932294][ T9333] openvswitch: netlink: Flow actions attr not present in new flow.
[  271.042262][ T9335] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.888'.
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x8d000)
[  272.134303][ T9357] fuse: Unknown parameter 'user_�'
[  272.258073][ T9361] wg2 speed is unknown, defaulting to 1000
[  272.357350][ T9368] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  272.433977][ T1127] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  272.436131][ T1127] ata1: failed to read log page 10h (errno=-5)
[  272.438432][ T1127] ata1.00: exception Emask 0x1 SAct 0x4000 SErr 0x0 action 0x0
[  272.446306][ T1127] ata1.00: irq_stat 0x41000000
[  272.448071][ T1127] ata1.00: failed command: READ FPDMA QUEUED
[  272.453377][ T1127] ata1.00: cmd 60/68:70:7e:ac:0a/04:00:00:00:00/40 tag 14 ncq dma 577536 in
[  272.453377][ T1127]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  272.465424][ T1127] ata1.00: status: { DRDY }
[  272.468058][ T1127] ata1.00: error: { ABRT }
[  272.472471][ T1127] ata1.00: configured for UDMA/100
[  272.474868][ T1127] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=1s
[  272.478128][ T1127] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] 
[  272.481178][ T1127] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information
[  272.484841][ T1127] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 0a ac 7e 00 04 68 00
[  272.487936][ T1127] blk_print_req_error: 61 callbacks suppressed
[  272.487944][ T1127] I/O error, dev sda, sector 699518 op 0x0:(READ) flags 0x80700 phys_seg 81 prio class 2
[  272.495048][ T1127] ata1: EH complete
[  273.414752][ T9408] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.902'.
[  273.417658][ T9408] openvswitch: netlink: Flow actions attr not present in new flow.
[  273.553514][ T5735] Bluetooth: hci1: command 0x0406 tx timeout
[  274.816232][ T9423] netlink: 48 bytes leftover after parsing attributes in process `syz.3.906'.
[  274.826527][ T9425] FAULT_INJECTION: forcing a failure.
[  274.826527][ T9425] name failslab, interval 1, probability 0, space 0, times 0
[  274.832971][ T9425] CPU: 2 UID: 0 PID: 9425 Comm: syz.7.907 Not tainted syzkaller #0 PREEMPT(full) 
[  274.832985][ T9425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  274.833002][ T9425] Call Trace:
[  274.833007][ T9425]  <TASK>
[  274.833011][ T9425]  dump_stack_lvl+0x100/0x190
[  274.833027][ T9425]  should_fail_ex.cold+0x5/0xa
[  274.833040][ T9425]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  274.833057][ T9425]  should_failslab+0xc2/0x120
[  274.833070][ T9425]  __kmalloc_noprof+0xe0/0x850
[  274.833086][ T9425]  ? lockdep_hardirqs_on+0x78/0x100
[  274.833101][ T9425]  genl_family_rcv_msg_attrs_parse.isra.0+0x100/0x2f0
[  274.833120][ T9425]  genl_family_rcv_msg_doit+0xc7/0x300
[  274.833136][ T9425]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  274.833151][ T9425]  ? genl_get_cmd+0x3e7/0x760
[  274.833167][ T9425]  ? bpf_lsm_capable+0x9/0x10
[  274.833179][ T9425]  ? security_capable+0x80/0x260
[  274.833195][ T9425]  ? ns_capable+0xd2/0xf0
[  274.833208][ T9425]  genl_rcv_msg+0x560/0x800
[  274.833225][ T9425]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.833240][ T9425]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  274.833254][ T9425]  ? __pfx_nl80211_probe_mesh_link+0x10/0x10
[  274.833269][ T9425]  ? __pfx_nl80211_post_doit+0x10/0x10
[  274.833292][ T9425]  netlink_rcv_skb+0x159/0x420
[  274.833305][ T9425]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.833321][ T9425]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  274.833418][ T9425]  ? netlink_deliver_tap+0x1ae/0xcc0
[  274.833434][ T9425]  genl_rcv+0x28/0x40
[  274.833447][ T9425]  netlink_unicast+0x585/0x850
[  274.833462][ T9425]  ? __pfx_netlink_unicast+0x10/0x10
[  274.833479][ T9425]  netlink_sendmsg+0x8b0/0xda0
[  274.833494][ T9425]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.833509][ T9425]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  274.833527][ T9425]  ____sys_sendmsg+0x9e1/0xb70
[  274.833539][ T9425]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.833553][ T9425]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.833572][ T9425]  ___sys_sendmsg+0x190/0x1e0
[  274.833587][ T9425]  ? __pfx____sys_sendmsg+0x10/0x10
[  274.833607][ T9425]  ? find_held_lock+0x2b/0x80
[  274.833629][ T9425]  __sys_sendmsg+0x170/0x220
[  274.833640][ T9425]  ? __pfx___sys_sendmsg+0x10/0x10
[  274.833648][ T9425]  ? __fget_files+0x21f/0x3d0
[  274.833664][ T9425]  ? ksys_write+0x1ac/0x250
[  274.833677][ T9425]  ? rcu_is_watching+0x12/0xc0
[  274.833692][ T9425]  __do_fast_syscall_32+0xe7/0x950
[  274.833704][ T9425]  ? lockdep_hardirqs_on+0x78/0x100
[  274.833718][ T9425]  do_fast_syscall_32+0x32/0x70
[  274.833731][ T9425]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  274.833745][ T9425] RIP: 0023:0xf7f32fcc
[  274.833754][ T9425] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  274.833765][ T9425] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  274.833775][ T9425] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001480
[  274.833782][ T9425] RDX: 0000000000054880 RSI: 0000000000000000 RDI: 0000000000000000
[  274.833788][ T9425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  274.833794][ T9425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.833800][ T9425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  274.833813][ T9425]  </TASK>
[  274.838262][ T9426] netlink: 'syz.0.905': attribute type 7 has an invalid length.
[  275.173075][ T1038] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  275.323345][ T1038] usb 12-1: device descriptor read/64, error -71
[  275.563889][ T1038] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  275.679848][ T9449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.915'.
[  275.705013][ T1038] usb 12-1: device descriptor read/64, error -71
[  275.823511][ T1038] usb usb12-port1: attempt power cycle
[  276.161043][ T9464] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.919'.
[  276.163991][ T9464] openvswitch: netlink: Flow actions attr not present in new flow.
[  276.173138][ T1038] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  276.193539][ T1038] usb 12-1: device descriptor read/8, error -71
[  276.453072][ T1038] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  276.483557][ T1038] usb 12-1: device descriptor read/8, error -71
[  276.595303][ T1038] usb usb12-port1: unable to enumerate USB device
[  276.748190][   T40] audit: type=1326 audit(1777123232.233:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz.0.925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7fcc code=0x7ffc0000
[  276.756029][   T40] audit: type=1326 audit(1777123232.233:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz.0.925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7fcc code=0x7ffc0000
[  276.763754][   T40] audit: type=1326 audit(1777123232.243:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz.0.925" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf7fa7fcc code=0x7ffc0000
[  276.770314][   T40] audit: type=1326 audit(1777123232.243:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz.0.925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7fcc code=0x7ffc0000
[  276.776814][   T40] audit: type=1326 audit(1777123232.243:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz.0.925" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7fcc code=0x7ffc0000
[  276.877091][ T9485] xt_SECMARK: invalid mode: 0
[  276.919713][ T9485] siw: device registration error -23
[  276.927451][ T9485] smc: removing ib device syz2
[  276.941946][ T9485] smbdirect: ib_dev[syz2] removed
[  277.332198][ T9485] ------------[ cut here ]------------
[  277.334027][ T9485] !xa_empty(&pool->xa)
[  277.334034][ T9485] WARNING: drivers/infiniband/sw/rxe/rxe_pool.c:116 at rxe_pool_cleanup+0x46/0x60, CPU#3: syz.0.928/9485
[  277.338828][ T9485] Modules linked in:
[  277.340374][ T9485] CPU: 3 UID: 0 PID: 9485 Comm: syz.0.928 Not tainted syzkaller #0 PREEMPT(full) 
[  277.344161][ T9485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  277.347337][ T9485] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  277.349072][ T9485] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 c6 c5 51 f9 5b e9 80 05 d4 02 e8 bb c5 51 f9 90 <0f> 0b 90 e8 b2 c5 51 f9 5b c3 cc cc cc cc e8 07 89 be f9 eb d0 0f
[  277.355125][ T9485] RSP: 0018:ffffc90003b47150 EFLAGS: 00010246
[  277.357063][ T9485] RAX: 0000000000080000 RBX: ffff888060a01398 RCX: ffffc9000c001000
[  277.359557][ T9485] RDX: 0000000000080000 RSI: ffffffff88b615a5 RDI: ffff888060a01418
[  277.362045][ T9485] RBP: ffffffff88b47300 R08: 0000000000000005 R09: 0000000000000001
[  277.364571][ T9485] R10: 0000000000000002 R11: 0000000000000000 R12: ffff888060a00698
[  277.367079][ T9485] R13: ffff8880609fffe0 R14: ffff8880609fffe0 R15: ffff888060a010f8
[  277.369590][ T9485] FS:  0000000000000000(0000) GS:ffff888097480000(0063) knlGS:00000000f5466b40
[  277.372381][ T9485] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  277.374510][ T9485] CR2: 0000000000000000 CR3: 000000002139e000 CR4: 0000000000352ef0
[  277.377057][ T9485] Call Trace:
[  277.378148][ T9485]  <TASK>
[  277.379116][ T9485]  rxe_dealloc+0x25/0xc0
[  277.380477][ T9485]  ib_dealloc_device+0x49/0x230
[  277.381975][ T9485]  __ib_unregister_device+0x396/0x480
[  277.383711][ T9485]  ? __pfx_rxe_ns_pernet_set_sk6+0x10/0x10
[  277.385557][ T9485]  ib_unregister_device_and_put+0x5a/0x80
[  277.387389][ T9485]  nldev_dellink+0x2a7/0x3c0
[  277.388882][ T9485]  ? __pfx_nldev_dellink+0x10/0x10
[  277.390548][ T9485]  ? rcu_is_watching+0x12/0xc0
[  277.392081][ T9485]  ? apparmor_capable+0x1d7/0x4d0
[  277.393741][ T9485]  ? bpf_lsm_capable+0x9/0x10
[  277.395261][ T9485]  ? security_capable+0x80/0x260
[  277.396854][ T9485]  ? ns_capable+0xd2/0xf0
[  277.398250][ T9485]  ? __pfx_nldev_dellink+0x10/0x10
[  277.399865][ T9485]  rdma_nl_rcv_msg+0x392/0x6f0
[  277.401386][ T9485]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  277.403107][ T9485]  ? __lock_acquire+0x4a5/0x2630
[  277.404706][ T9485]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  277.406759][ T9485]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  277.408945][ T9485]  ? netlink_deliver_tap+0x1ae/0xcc0
[  277.410586][ T9485]  netlink_unicast+0x585/0x850
[  277.412121][ T9485]  ? __pfx_netlink_unicast+0x10/0x10
[  277.413787][ T9485]  netlink_sendmsg+0x8b0/0xda0
[  277.415298][ T9485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.416978][ T9485]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  277.418733][ T9485]  ____sys_sendmsg+0x9e1/0xb70
[  277.420203][ T9485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.421885][ T9485]  ? __pfx_____sys_sendmsg+0x10/0x10
[  277.423603][ T9485]  ? __pfx___futex_wait+0x10/0x10
[  277.425206][ T9485]  ? __pfx_futex_wake_mark+0x10/0x10
[  277.426883][ T9485]  ___sys_sendmsg+0x190/0x1e0
[  277.428357][ T9485]  ? __pfx____sys_sendmsg+0x10/0x10
[  277.430002][ T9485]  ? find_held_lock+0x2b/0x80
[  277.431462][ T9485]  __sys_sendmsg+0x170/0x220
[  277.433033][ T9485]  ? __pfx___sys_sendmsg+0x10/0x10
[  277.434683][ T9485]  ? rcu_is_watching+0x12/0xc0
[  277.436242][ T9485]  __do_fast_syscall_32+0xe7/0x950
[  277.437853][ T9485]  do_fast_syscall_32+0x32/0x70
[  277.439421][ T9485]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.441389][ T9485] RIP: 0023:0xf7fa7fcc
[  277.442689][ T9485] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  277.448622][ T9485] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  277.451221][ T9485] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800002c0
[  277.453770][ T9485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  277.456289][ T9485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.458840][ T9485] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  277.461305][ T9485] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.463826][ T9485]  </TASK>
[  277.464811][ T9485] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  277.467094][ T9485] CPU: 3 UID: 0 PID: 9485 Comm: syz.0.928 Not tainted syzkaller #0 PREEMPT(full) 
[  277.469970][ T9485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  277.473131][ T9485] Call Trace:
[  277.474219][ T9485]  <TASK>
[  277.475180][ T9485]  dump_stack_lvl+0x100/0x190
[  277.476690][ T9485]  vpanic+0x552/0x970
[  277.478013][ T9485]  ? __pfx_vpanic+0x10/0x10
[  277.479521][ T9485]  panic+0xd1/0xe0
[  277.480759][ T9485]  ? __pfx_panic+0x10/0x10
[  277.482191][ T9485]  check_panic_on_warn.cold+0x19/0x34
[  277.483894][ T9485]  ? rxe_pool_cleanup+0x46/0x60
[  277.485442][ T9485]  __warn.cold+0x191/0x328
[  277.486909][ T9485]  __report_bug+0x296/0x3d0
[  277.488372][ T9485]  ? rxe_pool_cleanup+0x46/0x60
[  277.489934][ T9485]  ? __pfx___report_bug+0x10/0x10
[  277.491527][ T9485]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  277.493392][ T9485]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  277.495273][ T9485]  ? __flush_workqueue+0x426/0x1200
[  277.496944][ T9485]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  277.498744][ T9485]  ? rxe_pool_cleanup+0x46/0x60
[  277.500297][ T9485]  report_bug+0xb2/0x220
[  277.501670][ T9485]  ? rxe_pool_cleanup+0x46/0x60
[  277.503224][ T9485]  handle_bug+0x16a/0x2a0
[  277.504622][ T9485]  exc_invalid_op+0x17/0x50
[  277.506075][ T9485]  asm_exc_invalid_op+0x1a/0x20
[  277.507643][ T9485] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  277.509391][ T9485] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 c6 c5 51 f9 5b e9 80 05 d4 02 e8 bb c5 51 f9 90 <0f> 0b 90 e8 b2 c5 51 f9 5b c3 cc cc cc cc e8 07 89 be f9 eb d0 0f
[  277.515427][ T9485] RSP: 0018:ffffc90003b47150 EFLAGS: 00010246
[  277.517358][ T9485] RAX: 0000000000080000 RBX: ffff888060a01398 RCX: ffffc9000c001000
[  277.519845][ T9485] RDX: 0000000000080000 RSI: ffffffff88b615a5 RDI: ffff888060a01418
[  277.522339][ T9485] RBP: ffffffff88b47300 R08: 0000000000000005 R09: 0000000000000001
[  277.524814][ T9485] R10: 0000000000000002 R11: 0000000000000000 R12: ffff888060a00698
[  277.527311][ T9485] R13: ffff8880609fffe0 R14: ffff8880609fffe0 R15: ffff888060a010f8
[  277.529838][ T9485]  ? __pfx_rxe_dealloc+0x10/0x10
[  277.531423][ T9485]  ? rxe_pool_cleanup+0x45/0x60
[  277.532975][ T9485]  rxe_dealloc+0x25/0xc0
[  277.534377][ T9485]  ib_dealloc_device+0x49/0x230
[  277.535958][ T9485]  __ib_unregister_device+0x396/0x480
[  277.537695][ T9485]  ? __pfx_rxe_ns_pernet_set_sk6+0x10/0x10
[  277.539549][ T9485]  ib_unregister_device_and_put+0x5a/0x80
[  277.541340][ T9485]  nldev_dellink+0x2a7/0x3c0
[  277.542851][ T9485]  ? __pfx_nldev_dellink+0x10/0x10
[  277.544531][ T9485]  ? rcu_is_watching+0x12/0xc0
[  277.546070][ T9485]  ? apparmor_capable+0x1d7/0x4d0
[  277.547681][ T9485]  ? bpf_lsm_capable+0x9/0x10
[  277.549218][ T9485]  ? security_capable+0x80/0x260
[  277.550825][ T9485]  ? ns_capable+0xd2/0xf0
[  277.552211][ T9485]  ? __pfx_nldev_dellink+0x10/0x10
[  277.553876][ T9485]  rdma_nl_rcv_msg+0x392/0x6f0
[  277.555429][ T9485]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  277.557101][ T9485]  ? __lock_acquire+0x4a5/0x2630
[  277.558707][ T9485]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  277.560754][ T9485]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  277.562961][ T9485]  ? netlink_deliver_tap+0x1ae/0xcc0
[  277.564641][ T9485]  netlink_unicast+0x585/0x850
[  277.566250][ T9485]  ? __pfx_netlink_unicast+0x10/0x10
[  277.567955][ T9485]  netlink_sendmsg+0x8b0/0xda0
[  277.569500][ T9485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.571189][ T9485]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  277.572971][ T9485]  ____sys_sendmsg+0x9e1/0xb70
[  277.574515][ T9485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  277.576199][ T9485]  ? __pfx_____sys_sendmsg+0x10/0x10
[  277.577918][ T9485]  ? __pfx___futex_wait+0x10/0x10
[  277.579483][ T9485]  ? __pfx_futex_wake_mark+0x10/0x10
[  277.581080][ T9485]  ___sys_sendmsg+0x190/0x1e0
[  277.582546][ T9485]  ? __pfx____sys_sendmsg+0x10/0x10
[  277.584171][ T9485]  ? find_held_lock+0x2b/0x80
[  277.585621][ T9485]  __sys_sendmsg+0x170/0x220
[  277.587028][ T9485]  ? __pfx___sys_sendmsg+0x10/0x10
[  277.588586][ T9485]  ? rcu_is_watching+0x12/0xc0
[  277.590071][ T9485]  __do_fast_syscall_32+0xe7/0x950
[  277.591657][ T9485]  do_fast_syscall_32+0x32/0x70
[  277.593184][ T9485]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.595199][ T9485] RIP: 0023:0xf7fa7fcc
[  277.596504][ T9485] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  277.602526][ T9485] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  277.605061][ T9485] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800002c0
[  277.607559][ T9485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  277.610065][ T9485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.612553][ T9485] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  277.615063][ T9485] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.617603][ T9485]  </TASK>
[  277.619437][ T9485] Kernel Offset: disabled
[  277.620846][ T9485] Rebooting in 86400 seconds..