last executing test programs:

11m44.88296856s ago: executing program 2 (id=127):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x3c)

11m44.784580719s ago: executing program 2 (id=129):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000000, 0x810, 0xffffffffffffffff, 0xc37d1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r7, 0x0, 0x10, 0x22, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60fe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fedbdf25030000005800018044000400200001000a000004000000000000000000000000000000000000000104800000200002000a00000000000000fe8000000000000000000000000000bb000000000d0001007564703adbe6d785"], 0x6c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
close(r0)
socket$vsock_stream(0x28, 0x1, 0x0)

11m43.892809112s ago: executing program 2 (id=133):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1b, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x229}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd={0x18, 0x1, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x6d}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='tlb_flush\x00', r1, 0x1100}, 0x18)

11m43.89245179s ago: executing program 2 (id=134):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f00000003c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@metacopy_on}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@verity_require}]})
r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
mount$pvfs2(&(0x7f0000000440), &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0), 0x1b304c8, &(0x7f0000000880)=ANY=[@ANYBLOB="212c61707072616973652c646f6e745f61707072616973652c736d61636b6673666c6f6f723d262c646f6e745f686173682c61756469742c6f626a5f747970653d47504c002c61756469742c0043dbbad7b29be1365e75e87a884e0e68e1d964ca1504a0e3ca8355dab7896d6cbc225ccc26c124b42382d98ce898062972141ff7fe672a4a66ecb94200bf2d8ba702b04fb09acc3bc8cf4da0e7dfca583d26835931623daf23f400e95cea21d5ed18b9040dc1feb8ee35a85c2f961ad4cb0907bd82f9280f73843329325a9d889e1decb3419110481ebb204e3f7788e5959357a66a6e60448a157f32c252480859f03727d391638c91e419bd6d80705d1e"])
r1 = syz_clone(0x0, 0x0, 0x41, 0x0, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
setxattr(&(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000240)=@known='trusted.overlay.redirect\x00', 0x0, 0x0, 0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='stat\x00')
pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r3=>0x0, 0x29, 0xa4, 0x4, 0xa, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x20, 0x40, 0xc, 0x7d7a}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x100}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8917, &(0x7f0000000000)={'veth0_to_bond\x00', {0x2, 0x4e24, @rand_addr=0xac14141d}})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x1b59, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "0000000108653904030405ffffff09c56a3000", "9384bbeb3018ad591b661fe808b21b77", {"694c875dfb1be5d2a0057a62022a1564", "a329d3a13bd5b6cc6a9471314a1d8c69"}}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = openat$full(0xffffff9c, &(0x7f0000000200), 0x561000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x21, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3ff}}, @alu={0x7, 0x0, 0x6, 0x4, 0x0, 0xfffffffffffffff0, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x31, '\x00', r3, 0x0, r6, 0x8, &(0x7f0000000380)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x10, 0x6, 0x80000000}, 0x10, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000600)=[{0x1, 0x1, 0x5, 0xb}, {0x3, 0x4}, {0x4, 0x4, 0xd, 0xa}, {0x2, 0x3, 0x0, 0x5}, {0x5, 0x1, 0x7, 0x2}, {0x5, 0x4, 0x1, 0xb}, {0x5, 0x3, 0x7, 0x1}, {0x2, 0x4, 0x5, 0x8}, {0x2, 0x5, 0x1, 0xa}], 0x10, 0x50e9}, 0x94)

11m43.438727384s ago: executing program 2 (id=139):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$bt_hci(0xffffffffffffffff, 0x0, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_io_uring_setup(0x105, &(0x7f0000000540)={0x0, 0x84d9, 0x8, 0x0, 0x2d4}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000440)=<r5=>0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r3, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)

11m42.921837021s ago: executing program 2 (id=145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x8, 0xdd, 0x40}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}]}, 0x0}, 0x94)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r1, 0x7a9, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xc, 0x9, 0x4}, {0x6, 0x0, 0x5, 0x8}}}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)

11m42.869892283s ago: executing program 32 (id=145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x8, 0xdd, 0x40}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}]}, 0x0}, 0x94)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r1, 0x7a9, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xc, 0x9, 0x4}, {0x6, 0x0, 0x5, 0x8}}}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)

6m52.680500922s ago: executing program 0 (id=1813):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x1b, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000900000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018010000646c", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000500008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x2b000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r4)
getsockname$packet(r4, &(0x7f0000000240)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x40)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x501, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, 0x6001}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r5}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x44}}, 0x40848c0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r5, 0x12e1b, 0x1a001}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast2}]}}}]}, 0x3c}}, 0x20004000)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r2}, 0x8)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r8, 0xc008ae88, &(0x7f0000000180)={0x1, 0x0, [{0xcd, 0x0, 0x67}]})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0x23}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bind(r0, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x10, 0x6, @private2, 0x800}}, 0x80)
r10 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0xffffffff, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000040), &(0x7f0000000140))
io_uring_enter(r10, 0x44f9, 0xdafb, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r12 = openat$cgroup_devices(r11, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
setresuid(0xee01, 0xee00, 0x0)
write$cgroup_devices(r12, &(0x7f0000000280)={'a', ' *:* ', 'm\x00'}, 0x8)
io_uring_register$IORING_REGISTER_FILES(r10, 0x2, &(0x7f0000000080)=[0xffffffffffffffff, r0, r0, r0, r0], 0x5)

6m52.488042456s ago: executing program 0 (id=1817):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000100)={0x0, 0x1, <r0=>0xffffffffffffffff})
dup(r0)
lstat(&(0x7f0000000380)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x8)

6m52.399307759s ago: executing program 0 (id=1818):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000140)="3751f02b82f73c", 0x7}], 0x1)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) (fail_nth: 9)

6m52.197007901s ago: executing program 0 (id=1819):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x91)
umount2(&(0x7f0000000000)='./file0\x00', 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x18)
timer_create(0x3, 0x0, &(0x7f00000001c0)=<r2=>0x0)
timer_gettime(r2, &(0x7f00000004c0))
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = memfd_create(&(0x7f00000001c0)='/duv/udmabuf\x00', 0x0)
fsetxattr$trusted_overlay_origin(r4, &(0x7f0000000080), 0x0, 0x0, 0x0)
fremovexattr(r4, &(0x7f0000000000)=@known='trusted.overlay.origin\x00')
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r3, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r7)
tkill(r7, 0x12)
tkill(r7, 0x12)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

6m52.11898029s ago: executing program 0 (id=1820):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000140)="3751f02b82f73c", 0x7}], 0x1)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r1=>0x0)
r2 = epoll_create(0x4)
r3 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r3, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000780)={0x20002000})
sendmsg$nfc_llcp(r0, &(0x7f0000000840)={&(0x7f0000000380)={0x27, r1, 0xffffffffffffffff, 0x5, 0x7f, 0x8, "462d89059d6c2c49fea01fa8bab929842a3b93f1cc8397fcb3e8cf83b3e96b3e85682d85f5707f51f50188f473185e3a2e4109d77deb072c794d18a411044a", 0x2}, 0x58, &(0x7f0000000740)=[{&(0x7f0000000400)="f5a519e4b87d4fdbc562214bbea76f32f56efda5bc21f1b874108b9095e96f2b239349728a2948b1364ee714c1c9de4d0f5573d1628714450a577e852a9e8c912da8977be47f2cc9a6cd7b129ea6f673aa8f741f5e0057e2fd6ddfee30126483d76a2da48a9809aa1c602f2a335822e819e9", 0x72}, {&(0x7f0000000180)="3e06aa43e7b09d", 0x7}, {&(0x7f0000000480)="9b2703a5b94675ed15403c5c6d77b663b7698c43a3b8bf526e7ea564752ca75305ec0425d7ad0593fe0f3e6a0f9f7e93b82ab6a609c390d36aa7e9bbec695f48e95e5cfd3a9cca46d755084271df7da1abd816e31f100a8a1e6dd1f967c0db5a05a99d856c6f832e8792987f4685cc33cef9ac3a4fd7dd99d6", 0x79}, {&(0x7f0000000500)="57f3db768edea69280da4c908283a8bc772e1e990cb120ffc7a7762bea2e988552b1d5d5985d2cbec0480a00d018b6318762dac78e0404be961c25233410f67cebfcc355ebe8d2", 0x47}, {&(0x7f0000000580)="70b5a7b496f84a941ded3aa6236a91c9448190b5df99e2a5a5e15facd461e3ebfc337c88e2aace9d6224f71c170f0176739045da2011f065e0995ac97f74685993a86d4e72a3fce406de52e73c64a21b71ecd4eadbd5edb0fce2a72a1f1ba23d1c6d54b3a70b52eca14353280aa27558d041b9e434879378b4293b4fa66b417f03ca47d4051c71090433f0ebc93e260981f3fd81383d9867f4fe25a38ac1d3ef90a3dd2a2b87f48c98904d98fec68a30cc702fc9731d14d98c58fa94daa104821dc83614a305249269f9539207ecc009e0e9fcafcda65c96d7d85336364b3b5b98", 0xe1}, {&(0x7f0000000680)="2b4b6d223489be039cb226eecdff704f69ab3210574ddfec3e3200a0f4a20f3b3c6fc904a0d55936a027585cb324e7028296708ed88fe2e0c008220e192046f2d62b578915d7d6cea9791e05ddb4a78c147240b80d8d488b668a992bbe24c793c235d3ba442ea8af3c51d6f06dd9b3c5cdf7cd9b70980bfa7eb84921473a92a165ed", 0x82}], 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="a000000015010000f50f0000963c6551251abe55ae2c0d617b5e19145ebaeb9a9c4325134c727f85ad0d2f85a27bff82a05af39182849cf7963339dea6b44ecaac68b1e62e7a9341ff22828ea0b49bdf9d7d51bed6738fc3ca7f6e3482bc936d4482b03be4649456876f1fcf906e84db5357b09041888b50b73e05f13e86da3783b16919565c45e6b6af817b920c497c3a325b880821aa1d559109cfb03100003a044ede7729dd2d5ead35028c6ac22805adcc5ebe9bd51b7f9b914c4afca6be4ff334be970f30177b9b273346a5148d49be178beb89ab3e2f6410828ea2d7f0723b48931974071c6197812a76d610864d6c61339e89494132cd5724a09ea6557f2b05c49b84f465c3997ba50528f3fc80d3828681ddd5879758339ef688cb810e0fcc57b13171d688cc896b960096b2c98ee18d55de33c587f3342e44d17cafb4f5c7"], 0xa0, 0x20000801}, 0x20000805)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="e041000b05d25a806c83c60d0b02e3170f100000000a000205053582c13708000000020180fc5416000c0000000026e62448286814aba7977cb49a75403a74b51c9b", 0x42}], 0x1}, 0x0)

6m50.810261649s ago: executing program 0 (id=1831):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)

6m50.749813642s ago: executing program 33 (id=1831):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)

5m26.259152787s ago: executing program 4 (id=2357):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x401, 0x0)
mkdir(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f0000000080)=@framed={{}, [@jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x8}, 0x94)
listen(r0, 0xfffffffc)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x20000050)
accept4(r0, 0x0, 0x0, 0x800)

5m26.078575462s ago: executing program 4 (id=2358):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0xf000, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x7c, 0x0, 0x6000, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "d1"}]}]}]}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0x1}}}, 0xb8}}, 0x40)

5m25.873579035s ago: executing program 4 (id=2359):
socket$igmp(0x2, 0x3, 0x2) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x8, 0x395, 0x5, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300)={0x0, <r0=>0x0})
ptrace$ARCH_SET_GS(0x1e, r0, &(0x7f0000000600), 0x1001) (async)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0}) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000b80)={r3, r2, 0x25, 0x0, @val=@netkit}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x3, 0x58, 0x67, 0x0, 0x7, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x1}, {0x8, 0x88be, 0x1, {{0x8, 0x1, 0x52, 0x0, 0x0, 0x1, 0x4, 0x1}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x0, {{0x6, 0x2, 0x3, 0x2, 0x1, 0x0, 0x0, 0x5}, 0x2, {0x7, 0x7, 0x0, 0x1f, 0x0, 0x0, 0x2, 0x1}}}, {0x8, 0x6558, 0x2}}}}}}, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x3)
r4 = getpid() (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socket$igmp6(0xa, 0x3, 0x2) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) (async, rerun: 64)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 64)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000025000a20000000000a01030000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003740000000c0a01020000000000000000010000000900020073797a32000000003400038030000080090006400000000024000b8020000180070001006374000014000280080001400000000008000240000000000900010073797a300000000014000000100001f481ef1498bb61134db68ed69e"], 0xe4}}, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000800)=@filter={'filter\x00', 0x4, 0x4, 0x3a4, 0xffffffff, 0x120, 0x0, 0x0, 0xfeffffff, 0xffffffff, 0x2dc, 0x2dc, 0x2dc, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xffffffff, 0xffffff00], [0x0, 0xff, 0xff000000, 0xf0969c30512e8e79], 'nr0\x00', 'veth1_to_batadv\x00', {}, {}, 0x87, 0x7, 0x2}, 0x2f2, 0xfc, 0x120, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'team0\x00', {0x44, 0x0, 0xffff, 0x9, 0x8, 0xf, 0x5, 0x20, 0x80}, {0x7}}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0xd0, 0xf4, 0x0, {}, [@common=@unspec=@realm={{0x2c}, {0x200, 0x5addaf4b}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x6}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x400) (async, rerun: 32)
prlimit64(r4, 0xd, &(0x7f0000000480), &(0x7f00000004c0)) (async, rerun: 32)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r9, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)

5m25.686082599s ago: executing program 4 (id=2360):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4048850}, 0x40000)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
socket$inet6_icmp(0xa, 0x2, 0x3a)
r7 = socket$netlink(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125499, 0x0)
mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3047c4a, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r1], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)

5m24.578111468s ago: executing program 4 (id=2370):
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000080)=0x30)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x10008, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_POLL_REMOVE={0x7, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x1, &(0x7f0000000100)=[{0x4, 0xc, 0x0, 0xfff}]})
io_uring_enter(r4, 0x4e14, 0x912a, 0x41, 0x0, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000001a00), 0x1, 0x800)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r8)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000400)='./file0\x00', 0x0, 0x210101a, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r7, 0xc1205531, &(0x7f0000001a40)={0x1, 0x6, 0x0, 0x8004, '\x00', '\x00', '\x00', 0x0, 0x5d05, 0x10000004, 0x1, "38d49788ead5f71fd65acf7132de72ec"})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000009c0)=ANY=[@ANYBLOB="740300007184b2af250f603ff0c95f6453f142bd9069c9436de43d232877d8734b98b08fa52b", @ANYRES16=0x0, @ANYBLOB="000126bd7000fedbdf25390000000c00990006000000000000007c005a800c000280050006000200000054000380190001006c060b3648241800366c042e01124806606c0b166c000000050004000200000005000600010000000d0001001b0c0c00486c16041b00000014000300070000100400020001800900030077001800008014000500030000000100d0850080030080000800b0025a8040000180140003000600c45c07000500ff07bb00100004000500040001000000050007000000000014000300030005000800010081000900070008000400010060000080140005000004200bf4ff010116a440000900020005000400000000001500010001606c0c2c0436241b16600c30600b30050000001400050009000900fcff0104080001000001060014000300ffff0002030000000500ff004300070098000080140003000000070001000b0076000300001037003d0002003c4348193b274c530c09263101004749403903405708173a3a2f4d0d52191f0b54191c311c292b163441563c571a411c090e52342a32313438000000050004000200000025000200154d11502213422214290d393420357d193139541f4949122e00354f2105322c500000000d0001000c02024d090b053601000000a80003801400050006000080ff0f0a000104891b0200ffff14000500040000000700ce91dd090500080060002d000200352220403a22054a0730503e23395107341233523b0e5128510e18324e200b1c103a40491c4446504800000014000500000078db0400090072f2010004000400140005008000020040000010cd0d09000800100014000300810008000700f9006a070b00fcff05000d00020023252745432a10454700000020000380050004000200000014000300760005000e000e24010105000400100058000380050007000000000011000200044e404145503631060131261c000000050006000100000014000300880b6797f3ff006006000200080082ff1400050001fc01000000040005000400ff000000050004000100000054000080140005000600050001000000740d01008100ca91390002002b211c571b201b032c513350431c54af1934510c1b2f56e1294002141d10562819504b432055120f4433572b35543c402a361d154800000028005a80180000801400030007000100000006000100060005000c000c0000800500040000000000"], 0x374}, 0x1, 0x0, 0x0, 0x4000001}, 0x10000000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="740000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa8886004000024001280090001007866726d000000001400028008000100010000000800020011000000050021000000000008000a00", @ANYRES32, @ANYBLOB='\n\x00:'], 0x74}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)

5m24.459988133s ago: executing program 4 (id=2373):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x134, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@rand_addr=0x64010101, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@loopback, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x134}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x18, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0xff02, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

5m24.343807924s ago: executing program 34 (id=2373):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x134, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@rand_addr=0x64010101, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@loopback, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x3f}, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x134}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x18, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0xff02, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

4m33.379524679s ago: executing program 1 (id=2579):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffc, 0x5, 0x4, @scatter={0x0, 0x0, 0x0}, &(0x7f00000008c0)="939e000000", 0x0, 0xffffffff, 0x40, 0x2, 0x0})
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f00000000c0)=0x1)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0x7fffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r4, 0xc0189374, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, 0x0, 0x4)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="020000000400000006000000aa0b"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r5, 0x0, 0xfffe}, 0x38)

4m30.980934301s ago: executing program 1 (id=2590):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@verity_on}]}) (async, rerun: 64)
r0 = socket(0x840000000002, 0x3, 0xff) (rerun: 64)
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000340)=0xd1, 0x4) (async)
r1 = openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x110, 0x2}, 0x18)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000000008003000000012000002088add374dcf3195f234ebe"])

4m30.505663544s ago: executing program 1 (id=2592):
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0cc5604, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
io_setup(0x5, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040b0b81c8001f2802e66206a66bc772c5d0da"], 0xe)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
recvmmsg(r0, &(0x7f0000000c40)=[{{&(0x7f00000006c0)=@in, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000740)=""/245}, {&(0x7f0000000840)=""/127}, {&(0x7f00000008c0)=""/28}, {&(0x7f0000000c80)=""/78}, {&(0x7f0000000980)=""/42}, {&(0x7f00000009c0)=""/30}, {&(0x7f0000000a00)=""/234}, {&(0x7f0000000b00)=""/102}, {&(0x7f0000000b80)=""/1}]}, 0xf803}], 0x1016a, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xffffffff, 0x0, 0xb49, 0x9, 0xd, 0x0, 0x3}, 0x0)
fanotify_init(0x4c, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0x40045010, &(0x7f0000000200)=0xd8e4)
sendmsg$nl_route(r2, 0x0, 0x20044000)
r4 = socket$inet6(0xa, 0x1, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@remote, @in6=@private0, 0x0, 0x0, 0x4e1d, 0x2, 0xa}, {0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x1}, {0xffffffffffffffff, 0x0, 0x7, 0x53}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0xff}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x80000000}}, 0xe4)
r6 = syz_open_dev$dri(0x0, 0x6, 0xca242)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)=[<r8=>0x0], 0x0, 0x0, 0xfffffef8, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[<r9=>0x0], &(0x7f0000000500), 0x0, 0x1, 0x0, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r7, 0xc01064ab, &(0x7f0000000380)={0x3, r9, r8})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r6, 0xc01064ab, &(0x7f0000000440)={0x5, r9})
syz_io_uring_setup(0x5bf9, &(0x7f0000000480)={0x0, 0x4002d12, 0x1000, 0x5, 0x10306}, &(0x7f0000000140), &(0x7f0000000500))
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

4m29.641506192s ago: executing program 1 (id=2593):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000200), 0x2, 0x0)
rmdir(&(0x7f0000000240)='./cgroup/../file0\x00')
lseek(r4, 0x93, 0x3)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
getpeername$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r2, &(0x7f0000000040)={0x0, 0x18000000}, &(0x7f000009de80), 0x0)

4m28.64022795s ago: executing program 1 (id=2598):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000480)={'syztnl2\x00', <r1=>0x0, 0x29, 0xa, 0x8, 0xfc01, 0x1a, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, 0x700, 0x0, 0xa, 0x5}})
setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000580)={@ll={0x11, 0x10, r1, 0x1, 0x9}, {&(0x7f0000000300)=""/19, 0x13}, &(0x7f00000003c0), 0x12}, 0xa0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@bloom_filter={0x1e, 0x0, 0xa, 0x7ffffffb, 0x14, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x7}, 0x50)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = syz_io_uring_setup(0xbc4, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x28c}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_setup(0x3210, &(0x7f0000000500)={0x0, 0x14c7, 0x80, 0x23, 0xe8})
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
r10 = dup(r9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
sendmsg$inet6(r9, &(0x7f0000000800)={&(0x7f0000000380)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000080)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
shutdown(r9, 0x1)
close_range(r8, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4d, 0x0, 0xffffffffffffffff, 0x0, r5, 0x1, 0x0, 0x2})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

4m24.107276348s ago: executing program 1 (id=2600):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200014, 0x7fffb, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xf, 0x100010, 0xffffffffffffffff, 0xdd3cd000)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x3ff, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
get_robust_list(0x0, &(0x7f0000000680)=&(0x7f0000000640)={&(0x7f0000000580)={&(0x7f0000000540)}, 0x0, &(0x7f0000000600)={&(0x7f0000000500)}}, &(0x7f00000000c0)=0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000300)=""/100)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000100)={0x2a, 0x2, 0x3fff}, 0xc)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
r5 = dup(r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
openat$vim2m(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000280)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000003c0)="ed0746a488e7cf89e206dd895883e6ef9b8992dc8b09d0e6d370a1e3dcc0bd34", 0x20}], 0x1}, 0x4048043)
r6 = dup(r4)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e22, 0x4, @loopback, 0x9c}}, 0x5, 0xfffc, 0xe652, 0x2, 0x85, 0x8, 0xff}, 0x9c)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x41a, 0x100, &(0x7f0000000000))

4m24.005588276s ago: executing program 35 (id=2600):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200014, 0x7fffb, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xf, 0x100010, 0xffffffffffffffff, 0xdd3cd000)
remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x3ff, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
get_robust_list(0x0, &(0x7f0000000680)=&(0x7f0000000640)={&(0x7f0000000580)={&(0x7f0000000540)}, 0x0, &(0x7f0000000600)={&(0x7f0000000500)}}, &(0x7f00000000c0)=0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000300)=""/100)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000100)={0x2a, 0x2, 0x3fff}, 0xc)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
r5 = dup(r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
openat$vim2m(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000280)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000003c0)="ed0746a488e7cf89e206dd895883e6ef9b8992dc8b09d0e6d370a1e3dcc0bd34", 0x20}], 0x1}, 0x4048043)
r6 = dup(r4)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e22, 0x4, @loopback, 0x9c}}, 0x5, 0xfffc, 0xe652, 0x2, 0x85, 0x8, 0xff}, 0x9c)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x41a, 0x100, &(0x7f0000000000))

7.311858803s ago: executing program 3 (id=3729):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0x0, 0x6, 0x4, @scatter={0x3, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)}, {&(0x7f00000000c0)=""/71, 0x47}, {&(0x7f0000000240)=""/127, 0x7f}]}, &(0x7f0000000200)='\x00\x00\x00\x00\x00\x00', 0x0, 0x2, 0x10031, 0x0, 0x0})
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000000)=0x5) (async)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000000)=0x5)
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2) (async)
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
readv(r1, &(0x7f0000000180)=[{&(0x7f00000015c0)=""/4096, 0x3f}], 0x1)
r2 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r2, 0xc0109414, &(0x7f0000006100)={0xca3, 0x7, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})

7.311432665s ago: executing program 3 (id=3730):
mount$fuse(0x0, 0x0, 0x0, 0x8, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x400000, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x40100, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = gettid()
timer_create(0x9, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000002c0)={'veth1\x00', 0x200})
readv(r4, &(0x7f0000000b40)=[{&(0x7f0000000a40)=""/215, 0xd7}], 0x1)
recvmmsg(r3, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}, 0xffff}], 0x1, 0x2000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
r6 = open(&(0x7f00000000c0)='.\x00', 0x1b1080, 0x246)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r6, 0x10f, 0x83, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r6}, './file1\x00'})
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r7, 0x10001, 0x0)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000000)=0xf780)
mount$tmpfs(0x0, 0x0, 0x0, 0x4800, 0x0)

5.08070322s ago: executing program 7 (id=3735):
openat$audio(0xffffffffffffff9c, 0x0, 0x81480, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$fb1(0xffffff9c, &(0x7f0000001680), 0x280000, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001e80)=@newtaction={0x48, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x34, 0x1, [@m_police={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x3, {0x1}}, {0xc, 0x8, {0x0, 0xf0}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

5.0803617s ago: executing program 6 (id=3736):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x4, 0x4, 0x8}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000000bc7a007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r6}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)

5.080137732s ago: executing program 7 (id=3737):
syz_open_dev$swradio(0x0, 0x0, 0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newtaction={0x88, 0x30, 0x1, 0x100000, 0x0, {}, [{0x74, 0x1, [@m_mirred={0x0, 0xa, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x0, 0x2, {{0xffffffeb, 0x8, 0x10000000, 0x9, 0x6}, 0x2}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0x1, 0x0, 0x7, 0x81, 0x5}, 0x3}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0xffffff83, 0xe, 0x8, 0x1ff, 0x3}, 0x2}}, @TCA_MIRRED_PARMS={0x0, 0x2, {{0xfffffffd, 0xa, 0xffffffffffffffff, 0x9, 0x8001}, 0x4}}]}, {0x0, 0x6, "95f23e0882343a95b7a2fa350c9e80a5b620350f3894534baec4beb56ab4270d3c25e3f9e1cd658a237c2004f997b57b8394a50e4436e8b64992ddb22836d2104f0a6c4f6014fe249a399f34f73d76f9dbbeacbb81b8085202ea3a838e5ad5a2101292fd300dec20f257d7613dea7311369bfc05aafc8c2a517dcd9b0f838b8b3f8b8997044f869bd866165164bcf3b9c266175657934ae826a8347f874a7580e9c18b237ffb274af4720d6d6ed00c9a88be85c6590fe83fdac03fa7263399c8519e826ed60cea565681962531e540bdcf054ae13c"}, {}, {0x0, 0x8, {0x3, 0x2}}}}, @m_ife={0x2c, 0x201, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x844}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_STATION(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000002c0)={0x1c, r5, 0x303, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x0, 0x5004)
syz_pidfd_open(0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x13, 0x4, 0x8, 0x8}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xa, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c8)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x621c2, 0x0)

4.351158795s ago: executing program 3 (id=3739):
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xffffffffffffffa3, &(0x7f00000002c0)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB='T\x00\b\x00', @ANYRES16=r4, @ANYBLOB="010000000800010000000100000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5421400020077673000000000000000000000000000060006004e230000"], 0x54}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x4008000)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x2000000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000080000000400"/20, @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB], 0x48)
migrate_pages(r0, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e04079)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0xf00)

4.244502376s ago: executing program 6 (id=3740):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
r5 = socket(0x2a, 0x2, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$netlink(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)=ANY=[@ANYBLOB="1c000000220001"], 0x1c}], 0x1}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
ioctl$IOCTL_STOP_ACCEL_DEV(0xffffffffffffffff, 0x40096101, &(0x7f0000000040)={{&(0x7f00000002c0)={'GENERAL\x00', {}, {&(0x7f0000000240)={'Accelerator0\x00'}}}}, 0x6})
sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd27, 0x10, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0x8, 0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0x20, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x12, 0x4, 0x0, 0x6fb, 0x8, 0xfcf, 0x7, 0x1}}, @TCA_U32_FLAGS={0x8, 0xb, 0x2}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000001}, 0xc004)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)

4.055747381s ago: executing program 3 (id=3741):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000300)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x9, 0x2, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x80000007, 0x1}, 0x1c)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad7, 0x10000, 0x3}, &(0x7f0000000040), &(0x7f0000000280))
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$kcm(0x11, 0x3, 0x0)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f00000001c0)={'sit0\x00', 0x400})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x301, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000040)={0xfffffeff})
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)}, 0x0)

3.998232943s ago: executing program 6 (id=3742):
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0xac, 0x0, 0x0, 0x0, 0x0, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6}, {0x5}, {0x6}, {0x8}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8}, {0x6}, {0x5}, {0x6}, {0x8}}]}, 0xac}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f0000000080)='nfs\x00', 0x0, &(0x7f00000001c0)='\x05\x00\x00\x00\x04\xb0\xfe\x98\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\xc77<r\xe9\x9cD\xb0\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3wA\xf6`>\x8b')
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0xfffffffffffffdd8)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_POLL_REMOVE={0x7, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000380)={0x1, &(0x7f0000000100)=[{0x4, 0xc, 0x0, 0xfff}]})
io_uring_enter(r3, 0x4e14, 0x912a, 0x41, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001a00), 0x1, 0x800)
r6 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x141e00, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x102)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000001c0)={[0x2000000000000002, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0xfffffffffffffffe, 0x4002004c4, 0x1002, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xfffffffffffffffe, 0x2000000000000002, 0x4, 0x404], 0x26000, 0x2010d3})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000cc98a2cb0300000000fddb005d", @ANYRES32=0x0, @ANYBLOB="1a000000002800001400350062726964676530000000000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)

3.997899459s ago: executing program 5 (id=3743):
ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f00000000c0)={0xff, 0xff, 0x5, 0xfffc, 0xe, "f682756c98cc948c"})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x22)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f000051d000/0x4000)=nil, 0x4000, 0xb635773f06ebbeef, 0x100010, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000011c0)=[{{&(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000900)="0bfc2947e3959df2c2f2c1d2a209c9e74ec2c396c412871a28df3df3d9bdbfeb61ee3b3687da5d014b2a6d012265306f5b3c5ace9f3c2f121683135e792529a8a3dc2685abc350b5464b4fcf909887ca66634bbb54923df77b3738e57b4e5b736c2216ab275a36873545b5973317ce190e9b57a36fcc0559fac8751fdd70e456b252c314016c", 0x86}, {&(0x7f00000009c0)="e4fe146fbc3701fdf1389a85106c4106cf61c8299d89276483c6d203931a655b1c7ff5669db4297d5d6f82e4a2e0eb5e614fb07d8aaa861b6d6969c68e667aed5fb766ae67eb609eb6c9b7145ea45cf9f5d372b4680eefa695a37b0f616e9b47f477217a0afccec4d0c52755451287eef39abd89510e9326ab66062618dc678dcf51ef3f0b4f25f928ed90c7aae36bb3e0442cfbbc2de98e64b07f41a5d215db095f00ed48c675ecb7606e2982f4f8d478d61146504664faed1038b9bcd371870c03256b24ff1cd16131a1fa8d6a3c2856af55bd393ebbaec47933c8a4929681d24831e6", 0xe4}, {&(0x7f0000000380)="3c77b44b2e4be6a4e4eb621e26d825162ec7b7edb85b94ef6aa0aa5ac8a80ae7118a7073f2c5ca3ad14e0c1af6f95fed60b53ce696fba2ae08e2d6075f7553ba", 0x40}, {&(0x7f0000000ac0)="8bef376cd3f0c1b42c051dbb812d0846a40d927f0de8d568efe961d8ff330f69deb75e212cea1863bceaaa9db52be21353ac9b1ac60cab2fc2a3b5ae14bd2987d70dc6cbb5b743be2728d6d5e57de8248078606fdc709cb9aa5033ec6cb03b67dd029ef2e0312d0bba921b7b353a", 0x6e}, {&(0x7f0000002080)="00503599d9472e46d11785acd33405dfc09fa6f1801097e3a6cea9809b69247e05eeff66b03c1d269f164ca5f92392d8cb369c22d91ea4a11308ab0b19faa9143797802c2eea28525f86208c7d715b3d4650beba76bfc522efa5a2fe2e78ad3b258c4c32ce51ec85835748805388955729e76eab727dff2380f250adc4370f1c36437a1185211d9cb37dc3c550ac719179d3f31de541c85255bbe9c0ddbaa895e626bea218a659e744d437c91c84abb57012ec79d65df4465fcdb78b52f7246b4a3fef0610e82dd37922ab9aa6637d996419dc20956d74595f2ddc129784fc8b6a272c27d1363824c4dc005343ec6b0923584ccd3ebf4c3734fab908da19a42e6b6818df40e893b9217e7c19eb034621a7a5ac2f8facb9e2afe0072c4177af14412f3beee5f73212eda39c6d51619179c31875ee5a4bfaa678aea97250602ab8f1a79d29f22b0de3ac622ea434078a70bf1a02330c7316240e8d6faff02ef09ce319659ac4d6bfb36ab51b8fb58ee7d6be1a8420aba56333d5cabb426e63c04e13fc59f6b875a36b487f0f220ff6d909a9a17fa3673477dbd5f138718ac9df3a360b6974f02e72af09f3fb25379106d7e1cdcaa28d7bc580c06aeb6591d47164110502561a80b8bdee69b5c915c26a17301479c0541c0323ccd9100c50e34a139406c7e5036c75d4ceb3e781100510ebc2d6fb1de986633e42805d2d5b8990789ca36634a3a7af36990df9ec1843f75c8d8c9402f8a4a57e64be33a7fcfe56f3bcc16bb9dbbe6e5c985df4c556c94ebcdb0ce4f232a31e5ae8c388195575e209d933f5e68b13f64ad9651b59adb83e2c56e388cf57fde5a0ff28976834414f8bc0f5b4db7a3ab9e83c943943e3f50eb13c8a0ae5ab5cb965821336b7f8da0dedc5bd80355dc8cb0349226fb566003c8b85af1e33145c17b773f48a281cb80a11a129cdad8d9086d662f67db6e3e607268af4c6df33b6516255abf2299ee4cd2b642d0098f47a0149d808eb3eed262b9a4c80b174d419a438af3f177a0025dfa15aab26fee272b9b6a0909f61b8c175c3e78723ad26ccbfcb8fb773c53cb99bf611817913c4436da712794a7ab1073f018b881c3c9197ed0f0351994ce43dae419b7d92a5eb25781fa10f59da0b7997ba0c99e201274f17ce8975708c4a5254b8e40734b6296ac8e337e816cc06c07e0662250034a6d84b2b45936df57352e7a9946fc3c8b8ebb7061e7b41836c7a62f7316d244388341d69c844c17aba92094fe07779f0dddd6ea7081f8188188953d1053aacda80576f44b1f394c01690b92e3323d9105e2240c41aa199bf2fa728ca2ba35dd920a4b59563d1a56de4d483eb3fef8e8ab5f26abb17703aa7b885bb8b45e84dab3d57add713944a59a2ae753f97a57669ea7884edb8be612670da2e8842d94f8d33594d8fa7d9022a2a98fbabce50fb13db997bc8be8addaa5642907cc4db24078f89c42d11fddfdb4e236b51078dde36bd4a55dc79b91aaf0e4e54df56143ee7c1ee4945f8b11ba9be558d2cc1d37ee56e9c23e68271f681915a3e178fdf251e3c8ca90a649516725696391aa9c859a3db550ee4383f8086386aae75362972bc6d5e691cc552223d82c26d1fb89c26ff02f791b6c7bd0a1743094fe55cc56aab94fc38566a9139d7fdfb932d04fb2138ee76a249a9cc4d427854bc0f11bbf3300e43c33fecb10acd007f33e9bfdf7fd814da8df2299c158963f385bf764ad53ae66f57eccf4e273382c5728049c61dab74095af7f9834ab05adf3afbeeb5d88bc6012ff8e143e77ede7bebd0b21086dd1eba2faf86258fe51032be85a095302fc92cfbd074b0b47c8f236df4a9c574188190d39c36fc3ccd027abeb7d1b802b3506283041b90331bd4edf0ae8b7c1320597ba5e9d59812d46b331974b4e480a5b12d67b29ef537333a2d51509908f3e961aa34bb84af0fc8799698c4a2c605eb3bc9641235d28b64c3e7ac4af2c9ce5de1e57e0b2b1f2d2db71a7d79b89a9e4d4e1ac61a2b3849546a98c234ec907c93165ce06f3f815d3f987c01f653052fc7103aa1e7dc16c1c0955ffe517ed584ac1cc64ae2ba2e35764762766456e323080c31435536eb17d01b6d426637ef3ab21754165f0b51d740bdd59778bbf5a19e02e44d0ceb8d436040130d6d1fc8c637ae06c549997a021726074517740fe9a781d34f93812b9374ba931efe752f1fe62133e81341af586c014bafb3ddf770b26f2f67e7308056df7b78b9555d4722ec2bd54f3cc37cb7a4f503763387da0a4779a60a4cc2d8c23d6c67dfe8c5aff85c3f2cf6263d7ca08d75cbaa162cbd0f827325d846b9638b5eebe4e79f5281fdc33690a6ddcb4f819ab317c7025f30b0904c2a2a77bc47c9eb8344473e4d37800dea7101488c22b9dbaea8b0511311afb820bf67450455f4b3d6d197aabfada90b1d1f1eda265c9dfa2b43d4347af091f10a86e21034dd6cb838b5822f017de226ff9de70b1340035bd96b529e2ca19bceaf4fab81f04428d53b50039b73dc2e8f14a52df6d838cfbcb5fd231f2912f9d47a7146b2fba348029659f104f7f3e8fe810fc5793096b5f6673f5394484a6906557920b86269e2da3274ccf87afba3e5bbca27606a7a30b1beb674a70b36d3e9ee5bcd317fabfb951fe1d329430eb82801a956907152bed2702bec807df5dfc2893afd6ad7f2f830b1e3c054dba0d5911346c20e42f5308ed8a99cb95854344d25b995c16eff6a5588a3c6527f7350090bf114000fcf1c341f9cb9fb23cedd323a52249f3dc355f40800f9495a07fa1063547aebf4141d6d496e963970c498e4d4823154acb2c160e2d78ec7fe494e73d689910e2f610b23d3b62f3bcaa0cb3040c5b813435c946df49b9f3f2fa835b12b8fbeea034e84c0513d4656a1a3a43ec9b68c0a0d9af9641cb44ea1f4adbe159ac55300e031198f650dbe47e81bfcf42fc565fc654767d164a9a68a8482fd805b6cd92c0939a99fb0caed87ee1b99a6c909d712eeaedb71c5cb249370d16d81efb3a466ac82c2219d65f847392db539fc513cd7bc05c678668e2962af9cdb00f6724e3e19305ffa7b61969e4c4b5245c17b2ef38f99d4ac0791fefa017b41602275f5583e25a36058fed74d2d89bac9b0153ed7d8d10d889bff847eab1b2a1c5f3078621cde51cac0b31625066a8a6d363c9a344f80730952310ee9bb6d87cf757a60fda32d4c7478a9daedf7aed99a9e01004e55f84d8e681af57c734aadb5a2410e4436fd384316a4edb350de61557192d4c340f7015a92e8e705034aaec25ee891b367aa9524a8f0e9c992859ec99b7cd588de4de95245e73cc0c5ca41fc9117d1783d68a3413cb748d22b2051acd006edca71320ee5efb46560641cabae4bf7ffaf4bbd6a916ee8eb4da569a5e8f23666a00af484597a8e69f03b212b3749c2cb6c6e71fb2db8b92371ac18a3317a162ab0a8fb0a926f47591099ef310e10e8dc986ebf4b93627b390931d4642fbcefa6750439bbc2422c281a5ce5b2bc7207a6b02997a47db3887f01748addb3575c9b4f54150e03ae8007f1c6dcfc9db4f94add29800f4bb2efea663df0bbad880a3ccefc0e83d4183efc596047b8e48bb2020f1d712d6c2b2215184b507ce707c7e14c088bf241440fed48ba4befc4aaec7ec9d85e644bc9282258ca9c2f8344903c3d65280b77fb36b8e712e0f875522c8a05eae970bc097423066090fb82c2492b14d5d2d597dddcf6787a60d27c3b8ff1f118f5f26022360a0604095b7465d8010d4a44228645bd8adffb647f40ae463646d12384ea6739d6520b38155bfdaebe30b4d64260d75e43a8f4aa99fe9d534234ea529abb5c5ccf472c3395fb17e7faca474931105f870ea9db9f5554e3615653f7c75a58283b736148121faf0dafdf63b5f00f0a0bdcea2e9e508bd425a59bb47fb30f8a64451f533d1821bd18e2ecd977fe2c16ddb1e9ebe27f51dd227e637af4a06edbd3ef8c2ae31b1169faca8adae02afac86cb0a1c034756cdc188029fe2a5a56b2f45a35f4b245b926004420ce4a4b67b77cd711ddc6526ba4fea48de06bb29c8421d624af95eb7b9677527ae0fe3778d9d7fef196510d469ec4d08e61120d16ec3bca8f4657dcb6430f105332e8195085490a3b0e51b3cbb95df68c68b8df68ca772e871c65992e1abd84ce1593bb76c9d2a3f99b1c4d34a773ce26fc9857177f1720316fc8465669048b1db366f9378a70c2bd3463d7e1e1f216974588b2da9ff84ad5b3138187488a490160477c21d5e6912baf82734a6871d91c4dd5b11ec7c32f4e9747418105ea505643b08a467fd1be56b8426e2632a5f57b5a99c2928f9117bb1bbf46ae0dcdc8f467b4af63b107fb0ae80f96d78470a17ab47284a7ae50ebb1154b1229c338b3cf7e13385e0433fb4bfbd1afe26e1f4b224a4e59971aa6663e4fce81fff4af3b738aeeee86b5c31d3085f74ed00649796298522ba4a3fcec173ce6cef54e65a51c97ec044e5afc29134a9246a0602f8eda2b904d6519ad6b6306aa80370f499934f191c45664012f1599fd5d0f81474889b8fe0478803ef5aa592c18cff6f19ee3fcce6eeef45b0d98abd09ac392f8f67c35a959595ac07ac9c13dbe4c46b9f424e189aa381f5d8329d01892c1368fc190d384cc66880ebde337e798ce47173009d0241811f52606d74241e03f1e592d8440954b46a2dba10582ebd8693e19a0bfc2a3cad2f1169fc096ba159b916e231ceb2f0f088bec7b5d52fb2f45e5334f042fa4818fb38b3b1a5065d6e64f69d4684f3223c2c249524e8814f26cfb500b2599497a6f74cc905120ce1f5f217312b6672a5dca5aa44f4714a008b7cad0d45442c34df410549dad4cb253aa0ece8ea446f243b742b4311dc6904b6ca1a44f5c2477f804e1f0bf492958162535b4d77a9fa32e48773b26deaa8578f486d4c22888f077de4f7f308bfc6772b693c77ffff509e45a29bfeb54ef8786ded2a24b28644ff9dea365fc891a750878a93d455cdcc1f275b04ee49f8e6a47ad7eba5dd6248efb96382c085800841b3f41163e2ca2273b9728155776a088974a44aa76e0eb3acdd5b66498d56959cdb95c54b1e547747e6acb3beb53d417425e25da6f84646850e4ef1d172bdfc54598b7be509dd9e0c34952e2d9d26192e6dcd19fbf1818da78a29480a00b91f73b2511f0cc65bf5bdb09008b87ab11677d2c2cea677a6a178e0ed256ae3857aa788d286c4b88c6c76bfb44fc06b2f85fdc17e3c19e0db77f5048ea3e002cee7573b98bedc79aaa7d0e13ab472e0f18aa570bd4712762698e2ae30b956babd6f8557f3eff365a7bb3941bda3c976d72cb5dc11c39e317ecfa583e5652d336e63628e60d607d77b8b2b4128c0ec803339bac17c2437137eea0185777df637e9dec79c8f4c64416d528067bd52dd7618519531230e0f93afb101530f336ae03463b4c2a433a26ac8944942896312d5a1228a614735078936ff2ad9ec84e65bc6c66d978ede76a420830ced8f3ac014e1278948cafe7c820c1f1f1b87059ba1c1442d10535fe2400ae63211a7e368622f76961793fb1b08f09892ecc209f4c1e6527020e9b500653a9791f19fa4eb3003386f05ec177707a2d48571f8680165617cf462b80b72aee3fdb4213923d8c8940e1e16e0a961260e324ec82df3b994ede370a787ee6278f8dc65884875bdc7f4cdeb020501253791ec8a7a56f77e9e320c5766b8fabdd2a092fb19af2887099c632a3ca8b5dbca1eeb1b696024b58f15b", 0x1000}, {&(0x7f0000000b40)="cb99bd10db1ce890929dbe0e0315e1ff9cb6efcc064d0755fa05b9d3c9f8cfe7d9b0dfef43df6b3ff0df8a9e8bcc191ecd8f628bfc8323378e93ba48cf1aa04f51b9ad555462685decadeef426b31357324bbe8fd104c60704fb0501d22eb8d6a2ed146a47fd891acec7cf5aa5ac8c16afacdf0f3a7b39d77f160bef7cc423bdcef097f80487f4fa080cf32035a78528e90ad46abbf95e0e36127993c6791ea71c11154a5af092a9025f5377e8feab17cb40cf42c8b77dd79432481d807c07f35fd7fcd1bcbe2eec0e67e6abb55b643662e66191a61bd52ada3693332ac56bd88c", 0xe1}, {&(0x7f0000000440)="4189c3eca1752ae243fcdc592d2db895aa59779bd9f3b55f0e", 0x19}, {&(0x7f0000000580)="b752f7671efcc462dd305b709cb2559452f2fb279e06fff425fd499407599420fed2116a7f9b68e29291732b9e26b9", 0x2f}, {&(0x7f0000000c40)="c8cbe99b1ec192c31571d4b3b3277f4a061b3db195af465696eee37b326293c2f19bf56cbadf3d4f2b8be19f7b081e776193b7d77f9c35db5d8a1a2640e9b69c270f7b5d2d7d507dcb1595f1d6d050d6596954cea4cf09ad711e1722d8960d468307eab125bc486ec85f870e1f730f544ddd9a89d251bb37618b0b5b06ce8ee531d73c4ca90203bc7c67baba04e116ef407da5e9d2fb0d1a543f87e2f546a51066055beb8b4f8c5a864bd3b86aff8769390a0bc534d0788e37c7ba1a23", 0xbd}, {&(0x7f0000000d00)="15c86198a8496db7cc42b289275d11571cf770ec6c09d8657cf641f0a8f7c6cab3db8b0a7fa49d777f39a8a62bd47b798188eef78a864f027d9673b779e532524c2f322740d85a7c7593f014914897fee7d1fa9a36114a035ddca3787e3e853cebf5cdf44797fb9e48f239a35dfdfc51d3ccb7defc4c7dfc5d2fa1c29e17be0e4368e1bf2d79a2eeaf2682ea0d1a9a968b6befe69d1e5cdb1b56e2af0fa35fb36155ec77063263c4f54038b8722950ba9cd769520f116a3762ef129b6652becde31fe16191d74dc03933b9c431a8bba35079d4c56777cad317211347d0b48df5ff7bf9dec15112190ad003aa9fc3363d086a8d50e5935c807bbbf358e0", 0xfd}], 0xa, &(0x7f0000001140)=[@cred={{0x18, 0x1, 0x2, {r3}}}, @cred={{0x18, 0x1, 0x2, {r3}}}, @rights={{0x24, 0x1, 0x1, [r2, r5, 0xffffffffffffffff, r0, r1, r4]}}], 0x54, 0x889790b92b8ac4f7}}], 0x1, 0x4005)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, &(0x7f00000005c0)=""/195, &(0x7f00000003c0)="a2f3eb259a349465cc14df88ff16ac4fe7d83f4e0efa18a58dadaafdc9a9661082725e2690ee16357058342ae6a7209caa6298bb7476b89c71780fbc60b254cc4d717b6f475c204a3e184c7f49a5fd1a55f1a6e5cacecc7d92169ec3994973c103ace7d31f48e982c1271b266dcf0a", &(0x7f00000006c0)="ab4851a501000000f217cc259e85e9f520625f0061e7485a18353ac87170ebcb307a547dd06c0b89c16210f1b79e70c2a552f91efb382e243dbf3cd826799fe58bb21777d0a08d92375d4ad533cdd0c4d12ffc98fdf61d339b998470ad005cb436c6e48161efe6bf769d12ed48435121d1f51150754d844d67c524c1c61ed7bb94d0eedb6809b932db90681196cf2c372006e318fd940d6ac9d16e2b9aee8415cf2ba731c5e5b3bd1f7154db2c5b415a270a513715b4cc30c3e8cf31e1e4cf25791d2d9178850e840b5a6d09fd06a316b48c27699921dc5284d88b090560389fc030dc7acd18258c164a8dc065f0c577fdbe6d51fcfbc29a854fbeb77e2409670be2f0f58effd40a1a2989a65f056589ab9afb05e2e42b58dd8a5c13d9", 0x2}, 0x38)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000996000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x1000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000098000/0x3000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000051a000/0x4000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x64)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x200080c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000013c0)='cgroup.kill\x00', 0x275a, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
setresuid(0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_VERSION(r6, 0x0, 0x480, &(0x7f0000000300), &(0x7f0000000340)=0x40)
write$UHID_CREATE2(r6, 0x0, 0x118)
write$binfmt_misc(r1, &(0x7f00000002c0)="0d2cd73fc270a65ec4f31ba5adc764d2dbdb732132018659e65c06c46690", 0x1e)

2.811709665s ago: executing program 5 (id=3744):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x1, 0xfffffffd}, 0x28)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mount$9p_virtio(&(0x7f00000002c0), 0x0, 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="2800000022000106294d62e00800000000000000003795839080c9873426a8a0a910f1210f0000007e727a4e29bb1fe250665e913fbaf7bf45b8ed59dd98f0699940f23eedef278f7ab674b2c91683a25d79de9e0ea1a518b52a4e28bbdf8edaa466d655a026efbd6abbf97d0941300f4b2af5eb797b372fc4621575956659283dd4d1e8283a65a29869373a63882e794b23fe413cce23683302cd085f5057ce31c2e7569a7cc472fc66ed8090f7e9da23d6c42b7d13fb0fee275fe611ca0c32d3abcee6f4fc21b2e992acc131f17d5714bcabc94f7c18cfd948b063c8cb3d1e577c93c133780bce"], 0x28}], 0x1}, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000100)={0x0, 0x1, 0x6, @remote}, 0x10)
signalfd(r0, &(0x7f0000000040)={[0x5, 0x1]}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000240)={'ip6gre0\x00', 0x0, 0x29, 0x9, 0x9a, 0x7, 0x2, @remote, @loopback, 0x7800, 0x8000, 0x80000000, 0x6}})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000700)=@o_path={&(0x7f00000006c0)='./file0\x00'}, 0x14)
r4 = openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
inotify_add_watch(r4, 0x0, 0x84000502)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000007c0), 0x4)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
syz_emit_vhci(&(0x7f0000000b00)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xba}, "febfcc72c12f75a9e69e57d3b26f15304eb9b2c39f3f49df9f84bb642318bdde956780c9973d88b90a7c05bb41d402fefb4136bf803eb2fbd8990f1227773c0f107556bacd08a845154ad202f2900ff7b77f95f475b7fd1532f84ea80e3c26c4ed3434549445795f991bb3d457d00282ae977390560c2df3d8fae2caa1515c50bf83aeaa6e292198c07b3a8eb7d38eed5d6b210253fac6929cb2f169bec402c705ba99151bbaba25fc482ead7493ac64c72c4a7d3535d76e9774"}, 0xbe)
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))

2.606898146s ago: executing program 6 (id=3745):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000100fffffff5000000000a00000a20000000000a01080000000000000000010000090900010073797a310000000054000000030a030000000000000000000100000a0900010073797a31000000000900030073797a300000000028000480080002401501ad7d1400030076657468305f766972745f7769666900080001"], 0x9c}, 0x1, 0x0, 0x0, 0x24000144}, 0x20000050)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x500, 0x2400c000}, 0x20008800)

2.296884654s ago: executing program 6 (id=3746):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0xffffffffffffff9f, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="28000000100001000100"/20, @ANYRES32=0x0, @ANYBLOB="e60200293002c78095dc1c4eb79786470000"], 0x28}}, 0x0)
r3 = socket$kcm(0x2, 0x1000000000000005, 0x0)
sendmsg$inet(r3, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x4e21, @rand_addr=0xa9fe0000}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000080)='r', 0x1}], 0x1, &(0x7f0000007880)=[@ip_retopts={{0xc, 0x84}}], 0xc}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r4, &(0x7f0000000480)={0x10, 0x0, 0x25dfdbfe, 0x1000000}, 0xc)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfe}, 0xc)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
openat$fuse(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
sendmsg$IPSET_CMD_TYPE(r1, &(0x7f00000005c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000580)={&(0x7f0000000400)={0x1c, 0xd, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x20088095)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000002100), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='f$=', @ANYRESHEX=r6, @ANYRESDEC=0x0, @ANYBLOB="0700727d45025f29643d17edac4f26753570bf5c98011f743419d10fc19c", @ANYRESDEC=r2])
read$FUSE(r6, &(0x7f0000006180)={0x2020, 0x0, 0x0, <r7=>0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(r6, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x8002, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xffff, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, r7, r8, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000600)=0x400, 0x12)
read$FUSE(0xffffffffffffffff, &(0x7f0000000740)={0x2020}, 0x2020)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x3f, 0x9, 0x0, 0x0, {0x4}, [@typed={0x4, 0x3ffd}, @typed={0x8, 0x8, 0x0, 0x0, @binary='a^&/'}]}, 0x20}}, 0x4004080)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000247000/0x1000)=nil, 0x1000, 0x0)
munlockall()
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x19)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000440)={0x34, r5, 0x1, 0x8000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, 0x14, 0x1, 0x70bd26, 0x25dfdbfb, {0x28, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000000)

429.322935ms ago: executing program 7 (id=3747):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000500)={0x2, 0x1, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000140)=0x5, 0x4)
sendmmsg$inet(r0, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}, 0x3f00}], 0x1, 0x2000c044)

420.287079ms ago: executing program 5 (id=3748):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000005580)='/sys/kernel/vmcoreinfo', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1335f0a6)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r3, 0x80845663, &(0x7f00000004c0))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRESDEC=r2], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x14, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r4, @ANYRES64, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000040000008500000086000000bf91000000000000b7020000010000008500000085000000b70000000000008095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='spi_message_done\x00', r5, 0x0, 0x7}, 0x18)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYRES32=0x0], &(0x7f00000000c0)='GPL\x00', 0x10000000, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380))
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000100)={0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
openat$vicodec1(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x20d1, &(0x7f00000002c0)=ANY=[@ANYBLOB="307b02104deeffff0000"], 0x10, 0x4045}}], 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x20, 0x242)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x7c, 0x9, 0x8, 0x0, {0x9, 0xd6, 0x1c, 0x10, 0x5, 0x401, 0xfff5, 0xa, 0x2, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r8, 0xc01864c6, 0x0)

420.134019ms ago: executing program 7 (id=3749):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002800)={0xa4, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x4}]}]}]}, 0xa4}}, 0x0)

419.920183ms ago: executing program 7 (id=3750):
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x80, 0x3, 0x4, 0x2}, 0x10}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffff9c, 0x0, 0x2, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(0xffffffffffffffff, 0x0, 0x48088)
sendmsg$NFC_CMD_ENABLE_SE(0xffffffffffffffff, 0x0, 0x848d0)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000047c0)=[{{0x0, 0xf0ff, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x1}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0)

418.924488ms ago: executing program 3 (id=3751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="ff0c0000000c0000000700000005000000000000060400000000400000006100000000000000"], 0x0, 0x2b, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000001400)=@base={0xb, 0x6, 0x4, 0x3a7, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x19, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002f400008500000082000000850000000f000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}}, 0x2, 0x2, 0x5, 0x1, 0x5}, &(0x7f00000000c0)=0x98)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
r8 = socket$inet6(0xa, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0)
ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000480)=@attr_other={0x0, 0x1, 0x1, &(0x7f0000000440)=0x6})
sendto$inet6(r8, 0x0, 0x0, 0x40000, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x200100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x80001000001000, 0x49}, 0x0, &(0x7f0000000140)={0x3ff, 0x7, 0xffffffffffffffff, 0x20000009, 0x1, 0xc, 0x80004006, 0x802}, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc641}, 0x94)

417.558776ms ago: executing program 5 (id=3752):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r4 = fsopen(&(0x7f0000000100)='udf\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='+\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
pread64(r3, &(0x7f00000001c0)=""/142, 0x8e, 0x6)
sendmsg$inet6(r1, &(0x7f00000006c0)={&(0x7f0000000200)={0xa, 0x4e21, 0x4ad, @private2, 0xc}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000680)="f1", 0x1}, {&(0x7f0000000780)="a596908ffda3196fee4ef3714263dde15e0fb266770577acec6c85b2889519154110846e316a2b2dfa3b386e6a184a3f7d77cba05931304c06991e1a548ba1d8176a6d5cc4ca58a3dccbecc3c1ab87ca2f4853f3f4c73bf7c6c5d43dc2b23804a21f1c29076b7fef2ce9b7a252d888396ff91a967e92b8d03e120549ca681b7a058d37401561f9e77d0b892d6d27e069fe9d8c9cac748910a4cea0e3d795e9834181ca14791c373f6360e7df121db1d22f29276a3f694764e79b000acbe58ac2bb6b04b2fe10a1767feef867729fd6de55fee1963d0ca84ba535f85c7570f33c24c5a4167201ddd4eecf908ecd08f6d476165a5ef1449ff4e1ed52a3ce4aebaca2a6393355b8c058dc5057cd7f5357722c5dbc3611456b684716bd3759eafc", 0x11f}, {&(0x7f0000001300)="27f76236b842f1878adbe4a4e75488cb0a7190bf6d80a4efd6536622c2e7e6517efcd3aaa1e8f8a027ef44cc22aa0f1e39585702925aee46f0e24909659a9532244711e7c8b54278f9d7a7f895b2bbcccbce466abdc5a69c62323cc77859ff0035fb2da6acfcbb108a46a15c6725f60aa69eb6294c0a811f6947b4c688b6d1dfb48b2d6081ad6db453897bd48eadb713b41f73812fd9d0e1bc2103babb2de74b1a45a6f84b91f1aeadc1d2c2964190ffa122c95568f1d0fc7256a47e4f162361f423cca9204c03f38b84330c4e45ce1b95043b2984d42e32b4132d669cdd8b95b62561ede85b86da9db58a78ef87ee37eff6be5eae635cf08b73ccbeade16bdb1d277f938bdc43ae0a4100571c90d363f3deba35544035aeb031ee0a77ef8ca8c1a61572a11a45e4efda7a692c3a143162079c66cc5d15100ca120588a4e79efd14db492995eb4bca4f2a5c4815f29a713ee5672958ca9f5fe437b92d27ec465f0c20eba0bbd6fc66e19887ab9b2a188b3e157f7938c3e26c367dc8224d096424d19c7159e679a3e8a3b4fa1489a403c6d8420f6e1fc66505f0b1e31e65faf1ab752b87cb2159ad37af7de9adfd51063a2efb0aea3026e3d9717824b2118911f7dac9836966be2ad6b4be74a15dfa520050d92bbf713bd45566965921c01ac45200db127960a87b7c8cd286e76214cbc00e1535c2920caf0f3e7f42c5007f25c93b4c116028b2e49b44c1f5389dc2abfde12eebb8b52a218ecccf4395cbfafef8cfb4939258029ec51030a7743e7e9a63e4038ce43012d4b2eba4296e432c84b717868954e4a689e3d79c900c189eb068c7ec13da23e2d55a07b888f9b2da7509f76250fb5861333d1e3e863e75b49ced681817c3bb0ad4519d53c4b619f042085868bf8df8c2c66160834fe2d33eed09aa41b5a6f8dad8b20d445b53bddcc65837e6be8ab237460280604b4e4a12b7ae8fdbc764259b2fd06b7bf57f3ded5455fd0965dab5e12f9843874ea70182237be34d5e441188a4cf51f117000e6be59ab336e146865c811cfd23ef440d3156165938ee10166eb43d9cb87e49b5e6d6602a7da9eed1acf78b1c6aa8b6ee107937f5c0a2a08d387a09f59cb6e69ac3e1ee2aabc0f088e462d9c20d9437e2ada45f4c824ce0e54b3de007e69a655cf7ca0cba02d2129c9dcca00b932321ed369b8422fd616f8aa3bf3120a3776e22d64082d0c114d1ae6ec3897a0d3a51f6f919b2f59ac7a4fea34c465c0ee605373030b75ecf4239681949c1f943f698575d0662721ec5855f59c38073760be4ca723c01d4e36b5b82349527dc598c7146585e054daf10175551973a3a499d732a9061c3cf7b8c833b11f20178f32780a95668926b6c729eae984d56160bb98ba075a6f508549734cdc57158844c05a0a41222cddcc294f11ceb5271ded042453efedccb31e1041f69c3a663bb86566baacc20f56b3557da05c5867903411cca3ff0185401793a195ea80f2ec87a3e04e0fcc442c7566b323c5d49c9602b2f6442b70fa52a5efbbd8950b7bab29ede0c7a18b7d811efc5742f4b9cfb2f5e58339102ffc6c0346d9a126f3ef40315ec1530dec421b1cc79c9fbcfed9048bd93064cf5f1e967993d1fb79d786c76f3832473d19424caeba3724c3ccc257622a239b4ec142de8fb73aa2be94dab2d037214838adaf3edf8cd8f3e679eace065434f4bcb5245679e9a6878889ea578b0780337c78dc9dbe73f478e1f739f654da93180eb5ec0fb1afa7b6164f9add955fe9cba9d8f5136ce0b800fa6777e9cdf9fc37d7a6a6ab49b5d573862ede2e21a2e9c57f6ad6ca6f94529aa899411dfa0f594590f121dfec1000dbb356dda0041f81e4c636bfb915fcd5ba20377512fef8a4c60d6878779a8ace19ecd7a36fd4f7f3ca598cd58ee186f022c4d9e447330e893e34088e245cbde971116c6b965c80536441a4af59772d4eac29c793480ba0c76d922bcfedd82ccf2be5e99bf9dece585a3e1453e6bb47a226ae57d70431158d01c4dde5e27acfe400018ecc7b899448f605060372b5a6b0e5ddb2a6e4ea471a4eac40dbbb4f2ca6bfe01e108aa1ab74a38657e57e02f33990bc4ceeaa45ec5af43788edc891e10a750c7e17cd35bd6009e975dd0dfc09049c534f56d13e54ac90ef69f5444a2198dc4a4de53d82940e61bcb7fa809c4a2a2b8cf9d282c8f9d492cc9ba7cd8237c804bac9b1d04f731aeeab1918d7a716faea6088b73d5b9cda893f358745028949b11135bfbad25802e5e9394644a1e99b9dcf13f49174f84be3b8253ff39e227d8c5d2a149cac9ac83500445f417ad95e45ca78fca0a728235265c6e4c7ec18c3392c1bb41becebeed73ad65744548c4f95ff82809eacd41383ca3967f9d576203832290201f211dd2f8d415e04ded111d8b9d140c2600cce5926017306b88e48d7d9cdf2d742ab9a273bef5cf883eccc63beb9239b64d20f4403a4ed5e11d4eeb26842145ee27733970e79d49b83c806ce42ced579f85859aeca2c546dc537acc3302e0227095f9ce43e9fa8d5d022147f55341beb92b689ca17e10e746a42d2b2b476515e89492c510ba939664176b0a9fcf3c005aae38c28a49728c9864ecd1139fb664d9d446883613449f325bb894319891e8cb4ce90da8c8fe490f9765c21ccad4216345dbeca4d8eefaf87f1bd26269e480eac06df582621244b517ab5119ca71800bf290de989257ffac4c1d2e370a22db21391b2fc3fb24ef2cf22a53b6da3f255959f9f6c10a0c74880c699e4111770360f7b5012371b66bac1c843224425679c42b4710ffed55aea34073a719f6c16fd770a192c530add35245317b24d59b2026abc2c4d58578aa8a6b4fb9d09404745746f79f774f35b4e6b67c8085c0f4a5e0d414f5eb4cd9e0a13751c8a75d612ec6e24ae4925195af80277e2f49e65bfbd96075a0f21fc5f1167a3d38effa321964ae43d63d9f972ca474becbc2713c0f5c30aec759e81a525d38beb206190cda4a14ad557ed57799315be97d490ffc6a120c2304d91861081db23a1e91b9f2f0a0f09ef8a66f45c72e74ff677f0d86e9882c6f48b713ff9cb624c65169953e5749d99b24c1f106a82830d73e4182f5c000b16769b3586f7efdb6ac0744f6135664ee18257915093666bfe53f60f25b31dd0d8b05156965ce0941f0e0d9b41c50ec56607d7d6e39d4703f740678d538803e966e25303ab4f31c173e91735cdf85ed77d40f787c050601fc7ec2dc60c413957519f0639d3f739207c3f82d99cd1ab6bdc9a766028d456985c4cf55767ae5598094cea398211dee4cfdaa0aec101238fa54b5eb30f5a71e656563bd01401030e7e7c4bdcae94f5934e192e8bfc8cb84e1cb9b6a1f2ef6a5c804e1b4e64b7d7043e2f13f6952d4ab6293eed09acea5957a98c472ea0fb7bc3add656606cfeb9533c5afa339f5a9ee997f9f36bb0dd197b0eef98239a097f1a2f5e9e1100a083b9061d14816904903e0d518d6d37bb10cf9cf0032b1a16f066388b8d21917769c30cabcfe681ff1b582924799457346023b030d7737be2ae5b4930aab5b4428537d25091fc56de6109d6dbb00aba069b949b622206519d1e5466af56bb27238efe76ea50974e09d126b8acfd44374351b4a863d6229f8eb802639f84a84039135fdceb994bba13095dd3cdeb626e652660b136a0f416b73632fc8128fa60c36ce0bbf3a4b53db80025e1f35f7b175a75738875f13f38fc005c5b56753ed55a9af99e7a6e8440fc02e0780ac4f2615026fcb387552d518e2fc1981edc53c8698161b2b8ae438db1621f963bd6f98103499e919f34f3a569a2ead55420062ba6a02467848d1ac8bfdc0b054fc02edfa542cd8e5e0b6cfafd194fd6e2e18c34d8dcd3ffe982893b9bf1140722a62c509c8773b39711c443f3e66b4ea1155203efb627183ba2166c4644fbc05fcafd9a28e01fea1f6fa167d8626e7dbaf3e066bb12b10a3798a8fd41798815dafeb8f18d716f80cd7ca02bb574cf79aebb23f855132965f9ba6d7e8023d810713ac56d4ffe7967b4c27de90216009e3b5a3fea714e8d4205394b444878a91b14b6f5f2bf9aea21b37a64069ed7c7110eba6cbc50b2c7128eaec537721d7c9bde30120f80c6769414da965896955e2d6e622ca1b7e92f499dc0d73f3073ff9c39cc9d55ecf827ac106cbd9efe97b975d20bebfb8512c71add7ce2889bfcf10304df1c92e4f4bcdd1e267f09331b5d5a219e24e6b6a980fda254a19944b3438dc3eb8e778e30866046172384b75f9eeb5e82132b0aefc3cdaecbb01fe1dd7e64410cc52f1d6ac516b15e3c1fec60745a5f71ca9e1ee1e63cfea1d9a6f7176fbf0a282b9c778aaea20e62b3bfeda7b214a2fb902f5a517d1a50b3fda0460d9ef4f34312585879c3593d6c354f2ddb6d08ba26ef08f387d1caf8b0185b4a0ceddb4f4515458605eaef640b8be8639cdf5972d0de1880bd11d5714ac96ed7c490730f52f2af0e055a2be9b14e54f074801b2086704c23e0a3622e6095a961f4692c19d1d091c8189a65e992d78f75626f80c4332d61c1cdb41b50c5aa769e2379acd54d234571f89a3d0c1cb5df89f758477942b5772ddd93374ba2667c0c1394671e1400750cb25d0752cfa62fc9064c626916b4f7f9efe33e0e8aa4d4e7d6f6dac258031674a8816302a2711ac2cbb3d28448376cd041d249a4cc26fbfcf866c41a8d5070e0eb7044476b9cd6bf47ed52a1975c04794b899725989e4eb102afd4bbcf4c2cb6cd04152c15f6f187b15c3f094546010f8091fefc53d97c94289cccd3b8c117e81271f13a9a17f1bdb889a8cf30acd058371021880d08cc62ebb2b9572ac16b89f03ede5112757fe2a63e3f2f324b47c3376a53e6562fce77c884f156e5f4c04b9d475724ab4998c06293a48658bb42e0555b9f9f34d71f081f7e8437ba26edfcacee6896b5cb484d66358767410a74f7390b29ebd25327fc059336778c52353da372a711e2fbfd116b4102ca4bb5b75e3bfbfbc82a0fd7a2c8a3862f066ca1f0219bf3abcc28a36ca14bc8e5ad5388283bc35ee0e42b0c17b3cfb7b1a1db1c618d1ff16f23d65a17595287623f73061960e91299e805e18a02d4b03e2f0eea35ffabd0ae481d55ae4fed0d56cefa561c799bb3e0dd35d8ce05159e4bcf75646cd496435d3873c5dd0982fb3e9e56dff9ce4f709213400f082d7894d0fbcc245b06da1e843bccf674140054b5e85a1bbd070a8f924fb2bc8d819b3182418ba3c08791a8bf1ca65caae4d13e1745ede7471c673f073d0693a4ad3ee2ea9c9e4147ca44c0ab2a1d3abce778f05415d3a7ab0d8160b26023a30cdeda44da59f118795164f4da3926439b7c21b3bde8d87515e106a007a78b5df27a985ad39bdc7ecff9a1e58d9fb98539124968b95c682e6fa53cecb95542c7c7e54e201509f3c581c378cf7a95c4b40370fb48fa671808faf4c46b94d6a0e26eabc1719b62b480b977683be24018cee8d7653dc7f22707d9183eba5b531c042ba42ab0655ae46efe9ddd9d5551f8f7a382d79ae6833b45a63f1d3a0f833470bd43cd9d898e0e37cb6a1297db2ee90057f57f1a2b2c00456fe59dffb6228a7df924e8bb23021410e9c21d37a58840396de9c0a477c9439a2352868dfc98983a8447b1a4f7d85dd6fab90da1d91f2ec44c2e560e12976df67958ebcdcdb3f77f266ea1d01b15815d97e9ebd27328df064a4b1d097725a0b450e4a54b4b0a089e0c206e7899b1a923125d382a4c503f4bbf", 0x1000}, {&(0x7f00000003c0)="b28fddbcd32a99401965bfc2a4b8978022e04a64da5d0dd2a1859d902dfd", 0x1e}, {&(0x7f0000000400)="207deafe8cec64a2cebcc0ba97a673d54c9c56ac6c9bd64d8fd3b14eafae8cbc511a13bbb5723165f217ba978b5d944433941728750be98683f789a6776d0f5db9e30daac2fbbd82805e0fab7239893bc2a09cd3c5308d5ee5de4cc910ca30dcfd95", 0x62}, {&(0x7f0000000480)="7dac80e11074032ba6bd493a1735441bb64c47d37838cde7323f891e59318a8575fd14da600f3f83880c74ed2daf6eba96e3c66f5e75430742ef424db857a4492aa0b41a2f37f1c5c22609dfbcc8fd54766f089aaa6c9326c257b875313e64a2797e2125e46c87e57d9f4b03c9613ce28c6567f166b283dd5e85be8799f040799c3f6752e4e4", 0x86}, {&(0x7f0000000540)="cb4a645cadc2b237b20da27ed9ecc52ce609822798cfea0c5d9a00d01f7751cde0f417f1ac6103bc6561c43ec94abe6ef4988219507e64d02391765246", 0x3d}, {&(0x7f0000000580)="a7bb34f054ca9a909831c463fec84cf78b816693917d4f9f00ef60ec98aff84b68686db07142f04d83d5119f64d8a3ddf79797996e8c58ce6723ca4f0dd20491161e6f90af32d3ee8cf5a667fadf1cb811a4cc7e518583c1b7e006cf9e1a862c71dfed530a252cae9a532d929217a3907ce1e659cd851b0082d91e06625f52", 0x7f}], 0x8, &(0x7f0000000700)=ANY=[], 0x14}, 0x40104)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd22, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xc, 0xa}, {}, {0xfff1, 0x2}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8848}, 0x80)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r5, {0xffe0, 0xc}, {0x0, 0xfff1}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041810)

417.230565ms ago: executing program 5 (id=3753):
mkdirat(0xffffffffffffff9c, 0x0, 0x140) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a80)=ANY=[@ANYBLOB="680200001900010000000000fbdbdf251d010900500012804c00f8801400330000000000000000000000ffff000101013400fb8030003280290033800400168096dbc7fe81960e9c3a467e80a501638be4c1577d2952cc91e8bfd4a452b0539cad000000040206800002ac"], 0x268}, 0x1, 0x0, 0x0, 0x5}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000004, 0x4010, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f0000001280)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)=""/226}, {&(0x7f0000000300)=""/33}, {&(0x7f0000000480)=""/185}, {&(0x7f00000005c0)=""/83}], 0x0, &(0x7f0000000640)=""/79}, 0x7fb7}, {{&(0x7f0000000700)=@l2={0x1f, 0x0, @fixed}, 0x0, &(0x7f0000000800)=[{&(0x7f0000000780)=""/87}, {&(0x7f0000000900)=""/194}, {&(0x7f0000000a00)=""/76}, {&(0x7f0000000b00)=""/245}, {&(0x7f0000000c00)=""/67}, {&(0x7f0000000c80)=""/87}], 0x0, &(0x7f0000000d00)=""/152}, 0x3}, {{&(0x7f0000000dc0)=@in={0x2, 0x0, @private}, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e40)=""/135}, {&(0x7f0000000a80)=""/60}, {&(0x7f0000000f80)=""/221}, {&(0x7f0000000f00)=""/34}, {&(0x7f0000001080)=""/236}]}, 0xeaff}, {{&(0x7f00000011c0)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x0, &(0x7f0000001240)}, 0xfd32}], 0x80000f7, 0x122, 0x0)
mount(&(0x7f0000000080)=@nullb, 0x0, &(0x7f00000000c0)='affs\x00', 0xa48410, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0) (async)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f2b, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x3, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x1, 0x6, 0x0, 0xfffffff8]})
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r4, &(0x7f0000000280)={0xa, 0x0, 0x0, @empty}, 0x20) (async)
sendmmsg$inet6(r4, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0, 0x0, 0x0, 0x0, 0xc0fe}}], 0x17fd147c801ae9af, 0xff14) (async)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}}, 0xb4}}, 0x4c050)
syz_emit_ethernet(0x46, &(0x7f00000009c0)=ANY=[@ANYBLOB="0180c20000000180c200000286dd6000000000103afffe800000000000000800000000000000ff0200000000000000000000000000018600907800"/70], 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x0) (async)
connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) (async)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)

417.01894ms ago: executing program 5 (id=3754):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000108500000075000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_int(r6, 0x1, 0x2a, 0x0, &(0x7f0000000000))
sendmsg$IPSET_CMD_ADD(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c00000011000100000000000200000007000000", @ANYRES16=r8, @ANYBLOB="00000000000000000c001a800800058004000180", @ANYBLOB="83855fc59478b298d342474513bc68740eb0085f627aac10f8760062be55a657cbdc1dedc3c60acf21da19b639f9bbc2f04332f420fdf9fcb007d577341df8706b491415184aee0703245ee7fab3689263a9bf41a9331c73cc18d15b6ce9b3fbf9e3de4b3111542d0576ca3ed72960a0d4952ef40a3e12e1719dc69650f570b5b98b879ac6e99caaebd4d1e46defebfe3c262cc7dfe89424d5282f8ef54143fd650240cdc486d87d3babc1fe44e8fbc7405189c94ae095e66b370f56f8bf533a15d4485f2f541a931fa85c634824be8bb77dbe6fcb98f624962d1680a7764ed3be41348096c43bf7e77b0af363247c7f40e0cae23cf5ae80e0b7293849ac4291b6bf994468edc33a915dfe2119d874dffc60a144215f2147b1fb79ea41b538db11351bbc533117f2f7c9e3e8d7bfbd4ca4ec325620252685c0237a407ff7caf706c79f8904330f9c954fd0b86de15107630c3c95aaac033b59549ffe2afe5101085558eb635947b1dd5109e3dcebac3e3bceabbde7e82116725a11c476787dfc57c587e149dbd6cee13883984e0b980506be7e1dda5667dd24f918505fd287e82e7300b393348c507398d6fe1584e7935e6e8e597fa3871a7dfec4afe2ce444889cf0d6604536a9d78cea094880c1de8b5874c98cc8f30907b376325700f75d6447284024768e9340cc075609793bcb91fc1c2851c17a11b1f5ab9911346da2057e97499f76db4284b9f035ea37f5c80a8f490fd62481ae39b4fde1288865b18712e7f7bcc9dc3d61479a5bdb5f0161c199ce55972f80b6e6019cbd8331533fb335ef002b1705d364e64852601c0c0bfcde439a130f59868ed09e693215027d48dc3d1d10e5d44d77ea19ab2ba93725fb110b4ba660f693f28ddb3c7398243781b59bc6e83f2b843f18b104bbe313a6d3f8abaa8df42d786d6b6afb7b6467c034e1ad39667c85e6b0182e01303c764ea92eeb5aae7afa7586944f342e7c87fe0773cbabf6bd3d18c91483d9cd9436e19deb7c417a51735db3a3f65f089f8c1d7733c211281683a1b644d1bd1145c0db2fc703964ebdb8cbe5d3c4f6ba2da9021bc608f870bf495dcc6e058fd790f0d1b72e0b3bf7a8d5320605bf6fc1ef6ba7155f153bf527cdc398cf7b22736471112952f9e4b13c2c15a032af94c3404c3d55e4d1c7c1daef0f2ea6b0c2ffcaf9474dcfd402df760f13dee779dced24452777e6728a18ff32f29c5ec2aff6c953023342e07f3302fa5f5d3f88bdc67f36e8494cccd08ec7e0261080bc68a87f7cee7644eafdc94aa7878666bcb8f4288294035de14bfdceedf6cd6a76f1d99074edf0f8baf7e426b04b7c0a1800a1154c86c40ead918042e6084a97228cf2e9407bbaf22f9a2a88dea43e6a20cb314563fc6de65990df27be51613bdd8b3fc21fdc795f259fc69e9465e157d9d7aa39b443c25fd24cd98782c0057343a64ef896eee904aba0e2b920f12da8b8f3bcbbe5796eb7f47b713e42accef00ef7f083bde6ff9a289204f820d5771f01d2336ab1e56851a31e5b3fcf7ce1b798a91dff0bee39721d33894bfc90f4ca4fd2075d7d0ec5d5097389aac893cddf1d6404e2fc5fb6b0e648aeaa9d6cb78a3feb386c8ada152b4aad491f405b96e78b641cc7e1088207a264000f7ec637bd4e3f9a0bbf202465550614df1e0c6ddeb92cd500347f7246f8044b57457cd76bc3b906ec0dcdba3e15cbedc864382585b533b9e84b47a7df5a53f286e6d88625d396152710c23146b917d9460d0dbcef7edcae54fc47f51990d7950ca02bccdc3758efa78254ce26988c1c5c85548e1f590a0420786d62adaa80b7c40d096444a76222d6e69e52b4a0a25e2fc1fa05a1728697f3ad7364eaf97ecce48c0640b54f07977c91252ab1bb50b88899e71a48dc1317f445d1bc7be7e1cc140bb550b6ae42d6b70127a4426a8df2c299c90efa5a2772f82f342cd101012c5eecde998d4edf43708a11aecbfcdb607c6e363c32acb34fb97da43d0f000bd97524e09e368c4ea4690536ed53cf744eef0ead7cf8803e0a9352fceff878348c13e2ecf3e7bba6511a37ac55e4c101038e59d1db9a0bba8259ee4110aaad58ded817c167ae437bb2f0c0948464afd92bd2bd0769428e8c15821597171c44825270cd937479a8630530f8ffa5e6559ea672f37d8633ce00e96485835d892e8cb2dc97f16e96200a2f50b74c6c003f3ac3addc57a086d1aa5b6342a190825ecb2b3cc3f064367cb3dc0be01b69be8bc8a67b45fd422e308ed9b7590a84405171ef4cfe7b4ef420865cdc3818319eb8b1794ee40128945cfd3b6d95fa2c5fe35d4723c3c761b7fe16e358719dec214c823f7efbabce98753f52f16779abc75df1c39141e5453e04e01e019ee5f5d01d6b3ba8f2169836ef9a4da0573ea90a8758c03b8ff367ccca878b87a218d1f97bf1df54a7b0cc014bc0894d69ee5d4c2d7fbb90eb116c1b7544270d33f36c6b47f6681f33aeb8e302604393f9429c36d8bfd8aaa8e4b4a7822887c4b239fc7c225951608d2b722d968d7339b06b369dfaa0f5ebffcad949ecd4ece7324fb173450c452704cd8713c9e9e27a985f1bb65431c1aa86527d742ce6c16c3573e8499a2811383a80efd3132b18c843e5250a9610c5469702c9797720266c0c27312cdc6dde64a17c9a97fe34a6d5399ab5ec1f708576584855d0068fc4220bf8aedcf2417d091dc978e44e860a90dbd688d5900976bb754c611da01cabf426822b6718068a6d786c2e11412cd463e35b51edb1e98f476e42cd4679b6515ed80b8113988a1b59f49efdc1e43d7fbabbdee9e2fa9840bc23413e0ae08f31036f18ba4a178dfc19c7174418cec50d94a160f27c67216b8cffd1d54531b6d948dad6a66bbb179ee74825ed34e58cbbeac1a23274a0ae7d344d71033dd3f797aae6164007aefe2f4fcdcb64e5046f3ecb3842fa6ecc13e45cf87c7bda8f8cdab30f2cc3cb9f80047ea1efa50bf03278d7034c902ccbeca8decbaefa9846285c01b7f9cb8aa94c93b8c41d46977a6094bbff69a05fa99f4a76660002baa21d856e11a5aaf516d31e51ce08cf277a51f306c39c7afd981d7e4109820fe5a81a91faac4595149e4684bca8b76aa19c79c4050eaad27ce9075378e8b7505e97adf91c8c14ea1aaf3b38634896e72a33b513e749045b6460dfaddf116656ebd8c795f14897f036753a174c67f1d9b33a4380a88d1ae0084beb1f3dff1c5558f8ecd6ac8aa7411fe7a2da5da39808c4df8f57208773e13db47b532eeaafe2a7bc61045df3939bae66800324e519825efe5d45019933526d875a8f1a5139d6ea392b6c62cea4be42552423180ba16f8e4ac310c4059b639c8b782aad635697272487f73b110fc8b2862d5d260a4ddc9115b9620c7cfe87c62b9f2883839d67237c6757c70ba0dce56beec65f43fd13dc9494882dcd3d6c0f26e87d94b44b8cfc1e4bce288abbe60515a945b8c1e9651300c0d2d5dfd1403b25639d1bcf7230e1c1c2e5d02c3fc7beeab77bf4e5735f5e834e7322b731f0f99b34a190ab9e66eda9f7d72fefe7d14db5ddd8bba89a5a9571d35861c7d17d903febe58c88c90f89cfe637a73ab872081ec648979a2d3da675dd40b9f7dc94f30966ea48a070de827b20de3f2c089779b7cfc557bdd861d6e53c1bc02ced769646b74c2666231472ee3f60a41a438d79fb73745621a54295bf36c01dd3b1111563b0b122f9e0f6a135141bebaaabf71eb42a5f62d3409b8cb3e062b8dd437469610361aaa71d7bb098ad644812bcf636b44adef65ef8726b92ab328019f61f9909404bbecbbfd7a3597f57975a8108fb8f2b672f8459478d2e9722c1751ae8b1f1ce881167cc81ab3b6cd28adfab6bf977c91c51390619bb42568ed549cc9f615e252de204e82e017c18bc84d8523717ccb9867fa97ab5e13f9d0eaacc5ae5796b342ed24da87002a003ce04b76ce60bd6c4a89e43e36aac0393eb36420d255b0f623f215efa7bd5446ee9ccded1f7443e31ca22df879b12379f182733877cf84955aee6be14c44a9e7b2d64582d13ebc05df3a4284fd65ec66ed7edbefa4bc9551aa1637276fe4b7285d34ac514d108b84e1e54baf2a5c6309c34a36f8be9ab9a17494a12b5f847edc83e665c68f1eae9642856b4396c7a1dddbefd7b752a7d814355302025d2ab86ff1df124c83864cd3c6847603b3e12767a335d22ce2d8463a9d8ca862b807c1525c233c13ddd6edf4ee4825f446d9764ad794f8957618788a04cafee903986129a2d8a8616b1fb50147471ef18c4c2a6043679c234615e004a4e4abb2666d42d0dc59956a2600b22a0fcf0cba2cb80c372e9ade607980b6f63e0681074c53c7ee974177619cc10128b671494be48ff23b791a10edfcb8278dfd275c14665451a1ebef80f14c532d61211577118aa361df6ecf535c5bd53d7b5ea7c7d37c9a634fe06029631026a8fadb24b80a01d6418c33fcb176a17da6f9286bec5998510f71ecb60abf705917b6f6f0712748cdd8409886b53d30f3892259a9e79c8ac4aa97e71c93108ef15f0f59986d562cb81e2471ce1b245ddac257e5f522856dc73368255ee0929ece1aec30cac1b11a8445c77ee9f8745a74e7230e99bafcaf4f644c8e59bfc7f8e15d25796ab98610bcc31551a377095bfcb3babc34021c6cc1e320d9b90facb2fe0896779d2a402b3956b5fcf4ab43f5461c9bab254bd4d5e06ed960db94941f11fd48bb5197e3a200792fdbebde4058b1a45407d6c0cc2bfb507d04c6a0345e7983c0f4f7be07737a4e218c97b52e48e2066f4f45f0ff11b4a39ec0b94522bd1841870543e6fd7d3cd3a2034581fcb9c01ccbecf01460c8561d302901e9d1eae461c39c5664660abcca01f360ee828ef4ef72a562d1be6cf2b48a17de08877cecf9685d9b2de401762a9816c30c38cc23430a2691c0dc3ae4e07b591e1f6834e95ea43d30a54ce2d1d0f7b25c579e2d576f8f80d2f620369961c9aee3b08792080a2aa879dc50c3502c3f3c6510116fd1f593797b6d16b1c92cb4f463effb90a7cf793e3337b6fe93288755abe6f284f939a6221f00e347ec8cb2d83907881ae33a0ae3d11992ae4c2a466e59700aad979b0113ba3b9a7c042a1b07834d4a600eb3ec9b25c84c19565b94e4a0eae6493e7e28a4a0aa2575b64a2b7a2201dc2efb0d153e5c001db71eecd1389e19bfa3740f7f8e864a3251452a6ae37ba71ebebae9d33d363bf8efba92964a3aeee68912725eeaf86bcbba5b5db6f173513bd5bc5610871c735b61ced2235a6b3b635cb9675810246ea97f64c60bf940271c5e751d1e2fdf9cc2b37c7114780b94c0e5dbe387102a8a3d9ef142bdaebd1bc7f8440d657ff2f93fed0edafa4f6321e07b1c2b64d38f1667146ee8145ccf759e03cfe14f2ce6d299cfcfee9d820f884dd553ffb46f61b8a57d31fc4ee6363e84c09fe56a71e4d11b678cb40b9cd1ae62fc010649a49dcdc9e21399b89f2d2069ec0bbd156ccc414b563f197bbf7f8da84614c870219d41340efd76344ef44d9ce552d4f5c6cee0d55fcb6b471f2565f7224a96b93b8a31d6fd26f84daccd3339d1a0bccbd12569ed33cb740656c2bbffd0630ef0a9fd0367f44038965dea6e4c600dd26755a800de46097dea4da6a29a1edc2ba656781c8510046c92dca08df87c9e416c9bf622ece55207ca517b3de0dd7b410a0f433f6419d0ac9b1561dc7fa5469e7fdd749095f969f3351d9c40aabce7b7b3c751b06631a299f1d857ea9dcd"], 0x2c}}, 0x0)

154.769396ms ago: executing program 3 (id=3755):
syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x22, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x9, 0x0, 0x0, 0x2}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x8, 0x28b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f00000003c0)=0x10000034)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x4)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @broadcast}, 0xc)
r4 = syz_open_procfs(r0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r4, &(0x7f0000000380)=[{&(0x7f0000000640)=""/212, 0xd4}], 0x1, 0x6, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0xffffffffffffff37, &(0x7f0000001340)=[{0x0, 0xffffffffffffffec}], 0x1, 0x0, 0x0, 0xc9e}, 0x4050)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000004200040027bd7000fcdbdf25000000002927e83735832d8a635dfbcaec2f10ed9d7d2743f55a19079012d0468c1ba13c2cd813f548b2f543579c9792d0a61a58"], 0x14}, 0x1, 0x0, 0x0, 0x24040080}, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300)="ad", 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000002100010324bd7002fd08df2501"], 0x14}}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x3}, 0x10)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)

4.043705ms ago: executing program 6 (id=3756):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB], 0x0, 0x26, 0x0, 0x1, 0xfffffffd}, 0x28)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mount$9p_virtio(&(0x7f00000002c0), 0x0, 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="2800000022000106294d62e00800000000000000003795839080c9873426a8a0a910f1210f0000007e727a4e29bb1fe250665e913fbaf7bf45b8ed59dd98f0699940f23eedef278f7ab674b2c91683a25d79de9e0ea1a518b52a4e28bbdf8edaa466d655a026efbd6abbf97d0941300f4b2af5eb797b372fc4621575956659283dd4d1e8283a65a29869373a63882e794b23fe413cce23683302cd085f5057ce31c2e7569a7cc472fc66ed8090f7e9da23d6c42b7d13fb0fee275fe611ca0c32d3abcee6f4fc21b2e992acc131f17d5714bcabc94f7c18cfd948b063c8cb3d1e577c93c133780bce"], 0x28}], 0x1}, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000100)={0x0, 0x1, 0x6, @remote}, 0x10)
signalfd(r0, &(0x7f0000000040)={[0x5, 0x1]}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000240)={'ip6gre0\x00', 0x0, 0x29, 0x9, 0x9a, 0x7, 0x2, @remote, @loopback, 0x7800, 0x8000, 0x80000000, 0x6}})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000700)=@o_path={&(0x7f00000006c0)='./file0\x00'}, 0x14)
r4 = openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
inotify_add_watch(r4, 0x0, 0x84000502)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000007c0), 0x4)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
syz_emit_vhci(&(0x7f0000000b00)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xba}, "febfcc72c12f75a9e69e57d3b26f15304eb9b2c39f3f49df9f84bb642318bdde956780c9973d88b90a7c05bb41d402fefb4136bf803eb2fbd8990f1227773c0f107556bacd08a845154ad202f2900ff7b77f95f475b7fd1532f84ea80e3c26c4ed3434549445795f991bb3d457d00282ae977390560c2df3d8fae2caa1515c50bf83aeaa6e292198c07b3a8eb7d38eed5d6b210253fac6929cb2f169bec402c705ba99151bbaba25fc482ead7493ac64c72c4a7d3535d76e9774"}, 0xbe)
ioctl$sock_netdev_private(r2, 0x8949, &(0x7f0000000000))

0s ago: executing program 7 (id=3757):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000340)="18000000010003", 0x7)
read(r0, &(0x7f00000000c0)=""/46, 0x2e)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
chdir(&(0x7f0000000080)='./file0\x00')
setpgid(r1, r1)
setpgid(0x0, r1)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1f00, 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40100, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r4}, './file0\x00'})

kernel console output (not intermixed with test programs):

04.821087][T18351] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  604.825522][T18351] overlayfs: missing 'lowerdir'
[  605.010569][T18357] lo speed is unknown, defaulting to 1000
[  605.118400][T18359] SQUASHFS error: Failed to read block 0x0: -5
[  605.120596][T18359] unable to read squashfs_super_block
[  606.267990][T18366] syzkaller1: entered promiscuous mode
[  606.270357][T18366] syzkaller1: entered allmulticast mode
[  606.423815][T16119] usb 50-1: device descriptor read/8, error -110
[  606.429039][T18313] vhci_hcd: connection reset by peer
[  606.438762][T17398] vhci_hcd vhci_hcd.5: stop threads
[  606.440616][T17398] vhci_hcd vhci_hcd.5: release socket
[  606.448584][T17398] vhci_hcd vhci_hcd.5: disconnect device
[  606.631086][T16119] usb usb50-port1: attempt power cycle
[  606.661069][T18374] loop6: detected capacity change from 0 to 2640
[  606.664046][T18374] buffer_io_error: 6 callbacks suppressed
[  606.664059][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.669320][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.672188][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.675382][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.678354][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.682042][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.684678][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.687178][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.689777][T18374] ldm_validate_partition_table(): Disk read failed.
[  606.691910][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.694451][T18374] Buffer I/O error on dev loop6, logical block 0, async page read
[  606.696982][T18374] Dev loop6: unable to read RDB block 0
[  606.698819][T18374]  loop6: unable to read partition table
[  606.700763][T18374] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  606.844020][T18374] loop6: detected capacity change from 2640 to 524288000
[  607.554115][T18388] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2997'.
[  607.594430][T16119] usb usb50-port1: unable to enumerate USB device
[  607.603167][T18388] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  607.606061][T18388] overlayfs: missing 'lowerdir'
[  607.803672][T18394] SQUASHFS error: Failed to read block 0x0: -5
[  607.805959][T18394] unable to read squashfs_super_block
[  607.814536][T18393] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  607.817400][T18393] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  607.851180][    T9] usb 48-1: device descriptor read/8, error -110
[  607.871209][T18393] vhci_hcd vhci_hcd.0: Device attached
[  607.953223][T18399] input: syz0 as /devices/virtual/input/input51
[  608.169669][T14834] usb 44-1: SetAddress Request (69) to port 0
[  608.171759][T14834] usb 44-1: new SuperSpeed USB device number 69 using vhci_hcd
[  608.250868][T18403] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  608.252980][T18403] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  608.255976][T18403] vhci_hcd vhci_hcd.0: Device attached
[  608.288021][    T9] usb usb48-port1: attempt power cycle
[  608.429562][T18407] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3002'.
[  608.577961][ T6089] usb 50-1: SetAddress Request (14) to port 0
[  608.581858][ T6089] usb 50-1: new SuperSpeed USB device number 14 using vhci_hcd
[  608.600109][T18395] vhci_hcd: connection reset by peer
[  608.602527][ T1141] vhci_hcd vhci_hcd.3: stop threads
[  608.604292][ T1141] vhci_hcd vhci_hcd.3: release socket
[  608.609045][ T1141] vhci_hcd vhci_hcd.3: disconnect device
[  608.748206][T18411] input: syz0 as /devices/virtual/input/input52
[  608.900347][    T9] usb usb48-port1: unable to enumerate USB device
[  609.618877][T18418] SQUASHFS error: Failed to read block 0x0: -5
[  609.620995][T18418] unable to read squashfs_super_block
[  610.704313][T18423] sp0: Synchronizing with TNC
[  611.046824][T18430] input: syz0 as /devices/virtual/input/input53
[  611.553442][T18404] vhci_hcd: connection reset by peer
[  611.569374][ T4853] vhci_hcd vhci_hcd.6: stop threads
[  611.571149][ T4853] vhci_hcd vhci_hcd.6: release socket
[  611.573034][ T4853] vhci_hcd vhci_hcd.6: disconnect device
[  611.848818][T18440] SQUASHFS error: Failed to read block 0x0: -5
[  611.850812][T18440] unable to read squashfs_super_block
[  612.026471][T18445] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  612.028638][T18445] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  612.032463][T18445] vhci_hcd vhci_hcd.0: Device attached
[  612.425645][T18450] wg2 speed is unknown, defaulting to 1000
[  612.444275][T18450] wg2 speed is unknown, defaulting to 1000
[  612.452876][T18450] wg2 speed is unknown, defaulting to 1000
[  612.642598][T18450] infiniband syz2: set active
[  612.644365][ T6469] wg2 speed is unknown, defaulting to 1000
[  612.657590][T18450] infiniband syz2: added wg2
[  612.667885][T18446] vhci_hcd: connection closed
[  612.668692][T10146] vhci_hcd vhci_hcd.3: stop threads
[  612.672033][T10146] vhci_hcd vhci_hcd.3: release socket
[  612.678912][T10146] vhci_hcd vhci_hcd.3: disconnect device
[  612.681361][T18450] RDS/IB: syz2: added
[  612.682669][T18450] smc: adding ib device syz2 with port count 1
[  612.685141][T18450] smc:    ib device syz2 port 1 has no pnetid
[  612.688798][ T6469] wg2 speed is unknown, defaulting to 1000
[  612.692675][T18450] wg2 speed is unknown, defaulting to 1000
[  612.913846][T18459] SQUASHFS error: Failed to read block 0x0: -5
[  612.915825][T18450] wg2 speed is unknown, defaulting to 1000
[  612.915881][T18459] unable to read squashfs_super_block
[  613.073957][T18450] wg2 speed is unknown, defaulting to 1000
[  613.236355][T18469] input: syz0 as /devices/virtual/input/input54
[  613.241445][T18450] wg2 speed is unknown, defaulting to 1000
[  613.337762][T18450] wg2 speed is unknown, defaulting to 1000
[  613.426730][T18450] wg2 speed is unknown, defaulting to 1000
[  613.451606][T18471] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  613.454364][T18471] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  613.458244][T18471] vhci_hcd vhci_hcd.0: Device attached
[  613.536332][T18453] 9pnet_fd: p9_fd_create_tcp (18453): problem connecting socket to 127.0.0.1
[  613.657946][T14834] usb 44-1: device descriptor read/8, error -110
[  613.754039][ T6013] usb 52-1: SetAddress Request (18) to port 0
[  613.756017][ T6013] usb 52-1: new SuperSpeed USB device number 18 using vhci_hcd
[  613.784586][T18480] netlink: 6032 bytes leftover after parsing attributes in process `syz.7.3021'.
[  613.927433][T18481] SQUASHFS error: Failed to read block 0x0: -5
[  613.930835][T18481] unable to read squashfs_super_block
[  613.973963][T18486] input: syz0 as /devices/virtual/input/input55
[  613.996103][ T6089] usb 50-1: device descriptor read/8, error -110
[  614.114108][T14834] usb usb44-port1: attempt power cycle
[  614.424186][ T6089] usb usb50-port1: attempt power cycle
[  614.795429][T18497] SQUASHFS error: Failed to read block 0x0: -5
[  614.797454][T18497] unable to read squashfs_super_block
[  614.860263][T14834] usb usb44-port1: unable to enumerate USB device
[  615.034251][ T6089] usb usb50-port1: unable to enumerate USB device
[  615.053645][T18502] input: syz0 as /devices/virtual/input/input56
[  615.245975][T18506] SQUASHFS error: Failed to read block 0x0: -5
[  615.248690][T18506] unable to read squashfs_super_block
[  615.505534][T18493] 9pnet_fd: p9_fd_create_tcp (18493): problem connecting socket to 127.0.0.1
[  616.195391][T18511] SQUASHFS error: Failed to read block 0x0: -5
[  616.197423][T18511] unable to read squashfs_super_block
[  616.678228][T18472] vhci_hcd: connection reset by peer
[  616.710214][T18510] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  616.712306][T18510] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  616.716106][T18510] vhci_hcd vhci_hcd.0: Device attached
[  616.730990][T17675] vhci_hcd vhci_hcd.7: stop threads
[  616.745533][T17675] vhci_hcd vhci_hcd.7: release socket
[  616.770395][T17675] vhci_hcd vhci_hcd.7: disconnect device
[  616.807654][T18516] vhci_hcd: connection closed
[  616.808196][T17675] vhci_hcd vhci_hcd.3: stop threads
[  616.811472][T17675] vhci_hcd vhci_hcd.3: release socket
[  616.813278][T17675] vhci_hcd vhci_hcd.3: disconnect device
[  617.197702][T18526] SQUASHFS error: Failed to read block 0x0: -5
[  617.200428][T18526] unable to read squashfs_super_block
[  617.683040][T18542] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  617.685757][T18542] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  617.689546][T18542] vhci_hcd vhci_hcd.0: Device attached
[  617.784000][T18546] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  617.786132][T18546] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  617.788861][T18546] vhci_hcd vhci_hcd.0: Device attached
[  617.973165][ T6032] usb 50-1: SetAddress Request (18) to port 0
[  617.983752][ T6032] usb 50-1: new SuperSpeed USB device number 18 using vhci_hcd
[  618.053645][T18551] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3043'.
[  618.141159][T18553] SQUASHFS error: Failed to read block 0x0: -5
[  618.143249][T18553] unable to read squashfs_super_block
[  618.401424][T18547] vhci_hcd: connection closed
[  618.401722][ T1047] vhci_hcd vhci_hcd.7: stop threads
[  618.409932][ T1047] vhci_hcd vhci_hcd.7: release socket
[  618.412860][ T1047] vhci_hcd vhci_hcd.7: disconnect device
[  618.641745][T18563] SQUASHFS error: Failed to read block 0x0: -5
[  618.643917][T18563] unable to read squashfs_super_block
[  619.138484][ T6013] usb 52-1: device descriptor read/8, error -110
[  619.600565][ T6013] usb usb52-port1: attempt power cycle
[  619.624888][T18575] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[  619.627024][T18575] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  619.630225][T18575] vhci_hcd vhci_hcd.0: Device attached
[  619.736933][ T6013] usb 52-1: SetAddress Request (20) to port 0
[  619.741305][ T6013] usb 52-1: new SuperSpeed USB device number 20 using vhci_hcd
[  619.747429][T18568] 9pnet_fd: p9_fd_create_tcp (18568): problem connecting socket to 127.0.0.1
[  620.098919][T18580] vhci_hcd: connection reset by peer
[  620.101583][ T1141] vhci_hcd vhci_hcd.7: stop threads
[  620.103721][ T1141] vhci_hcd vhci_hcd.7: release socket
[  620.109386][ T1141] vhci_hcd vhci_hcd.7: disconnect device
[  620.807481][T18593] SQUASHFS error: Failed to read block 0x0: -5
[  620.809569][T18593] unable to read squashfs_super_block
[  620.917529][T18543] vhci_hcd: connection reset by peer
[  620.928198][   T46] vhci_hcd vhci_hcd.6: stop threads
[  620.929939][   T46] vhci_hcd vhci_hcd.6: release socket
[  620.935080][   T46] vhci_hcd vhci_hcd.6: disconnect device
[  621.147105][T18610] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  621.677455][T18623] SQUASHFS error: Failed to read block 0x0: -5
[  621.679560][T18623] unable to read squashfs_super_block
[  621.763090][T18627] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  621.765182][T18627] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  621.774060][T18627] vhci_hcd vhci_hcd.0: Device attached
[  622.033794][T18631] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3066'.
[  622.099776][T14834] usb 48-1: SetAddress Request (34) to port 0
[  622.104340][T14834] usb 48-1: new SuperSpeed USB device number 34 using vhci_hcd
[  622.798447][T18635] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[  622.801204][T18635] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  622.804799][T18635] vhci_hcd vhci_hcd.0: Device attached
[  623.113443][T18642] vhci_hcd: connection closed
[  623.130370][T16790] vhci_hcd vhci_hcd.6: stop threads
[  623.135108][T16790] vhci_hcd vhci_hcd.6: release socket
[  623.137107][T16790] vhci_hcd vhci_hcd.6: disconnect device
[  623.414475][ T6032] usb 50-1: device descriptor read/8, error -110
[  623.864283][ T6032] usb usb50-port1: attempt power cycle
[  624.473586][ T6032] usb usb50-port1: unable to enumerate USB device
[  624.580215][T18661] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  625.019105][T18628] vhci_hcd: connection reset by peer
[  625.029148][T17675] vhci_hcd vhci_hcd.5: stop threads
[  625.032293][T17675] vhci_hcd vhci_hcd.5: release socket
[  625.037761][T17675] vhci_hcd vhci_hcd.5: disconnect device
[  625.114363][ T6013] usb 52-1: device descriptor read/8, error -110
[  625.192655][T18671] SQUASHFS error: Failed to read block 0x0: -5
[  625.194620][T18671] unable to read squashfs_super_block
[  625.304815][T18672] comedi comedi0: Minor 47 could not be opened
[  625.311768][T18672] netlink: 'syz.5.3078': attribute type 1 has an invalid length.
[  625.366911][T18672] bond3: entered promiscuous mode
[  625.370727][T18672] 8021q: adding VLAN 0 to HW filter on device bond3
[  625.535059][ T6013] usb usb52-port1: unable to enumerate USB device
[  625.615837][T18672] 8021q: adding VLAN 0 to HW filter on device bond3
[  625.618881][T18672] bond3: (slave gre1): The slave device specified does not support setting the MAC address
[  625.621980][T18672] bond3: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  625.634409][T18672] bond3: (slave gre1): making interface the new active one
[  625.636675][T18672] gre1: entered promiscuous mode
[  625.643009][T18672] bond3: (slave gre1): Enslaving as an active interface with an up link
[  626.570133][T18687] mac80211_hwsim hwsim14 syzkaller0: entered promiscuous mode
[  626.572716][T18687] mac80211_hwsim hwsim14 syzkaller0: entered allmulticast mode
[  626.585397][T18688] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  627.520272][T14834] usb 48-1: device descriptor read/8, error -110
[  627.959411][T14834] usb usb48-port1: attempt power cycle
[  628.175242][T18708] 9pnet_fd: p9_fd_create_tcp (18708): problem connecting socket to 127.0.0.1
[  628.331923][T18722] SQUASHFS error: Failed to read block 0x0: -5
[  628.332150][T18722] unable to read squashfs_super_block
[  628.589211][T14834] usb usb48-port1: unable to enumerate USB device
[  629.187895][T18732] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  629.189944][T18732] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  629.289217][T18732] vhci_hcd vhci_hcd.0: Device attached
[  629.562013][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  629.572281][T14834] usb 49-1: new low-speed USB device number 3 using vhci_hcd
[  629.765725][T18749] netlink: 'syz.7.3099': attribute type 16 has an invalid length.
[  629.769242][T18749] netlink: 'syz.7.3099': attribute type 17 has an invalid length.
[  630.005386][T18733] vhci_hcd: connection reset by peer
[  630.008554][   T13] vhci_hcd vhci_hcd.6: stop threads
[  630.010712][   T13] vhci_hcd vhci_hcd.6: release socket
[  630.021310][   T13] vhci_hcd vhci_hcd.6: disconnect device
[  630.134381][T18756] siw: device registration error -23
[  630.627881][T18764] SQUASHFS error: Failed to read block 0x0: -5
[  630.630036][T18764] unable to read squashfs_super_block
[  631.284377][T18771] netlink: 'syz.3.3106': attribute type 1 has an invalid length.
[  631.287409][T18771] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3106'.
[  632.107386][T18793] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  632.435953][ T5946] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  632.558473][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  634.202755][T18822] input: syz0 as /devices/virtual/input/input60
[  634.361986][T18821] syzkaller0: entered promiscuous mode
[  634.363830][T18821] syzkaller0: entered allmulticast mode
[  634.837075][T18825] netlink: 'syz.5.3122': attribute type 5 has an invalid length.
[  634.929785][T18825] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  634.932610][T18825] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  634.935163][T18825] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  634.951902][T18825] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  635.220205][T14834] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  635.228527][T18825] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  635.231449][T18825] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  635.244009][T18825] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  636.770549][T18847] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  636.898271][T18841] netlink: 'syz.6.3135': attribute type 5 has an invalid length.
[  636.959681][T18841] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  636.963273][T18841] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  636.965926][T18841] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  637.923226][T18865] input: syz0 as /devices/virtual/input/input61
[  638.440074][T18878] FAULT_INJECTION: forcing a failure.
[  638.440074][T18878] name failslab, interval 1, probability 0, space 0, times 0
[  638.444223][T18878] CPU: 3 UID: 0 PID: 18878 Comm: syz.7.3137 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  638.444251][T18878] Tainted: [L]=SOFTLOCKUP
[  638.444257][T18878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  638.444267][T18878] Call Trace:
[  638.444275][T18878]  <TASK>
[  638.444282][T18878]  dump_stack_lvl+0x16c/0x1f0
[  638.444433][T18878]  should_fail_ex+0x512/0x640
[  638.444490][T18878]  ? __kmalloc_noprof+0xca/0x910
[  638.444512][T18878]  should_failslab+0xc2/0x120
[  638.444539][T18878]  __kmalloc_noprof+0xeb/0x910
[  638.444558][T18878]  ? nla_strdup+0xc6/0x150
[  638.444582][T18878]  ? nla_strdup+0xc6/0x150
[  638.444601][T18878]  ? kasan_save_track+0x14/0x30
[  638.444653][T18878]  nla_strdup+0xc6/0x150
[  638.444677][T18878]  nf_tables_newtable+0xdfe/0x1b50
[  638.444702][T18878]  ? __pfx___nla_validate_parse+0x10/0x10
[  638.444731][T18878]  ? __pfx_nf_tables_newtable+0x10/0x10
[  638.444757][T18878]  ? __nla_parse+0x40/0x60
[  638.444782][T18878]  nfnetlink_rcv_batch+0x190d/0x2350
[  638.444815][T18878]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  638.444839][T18878]  ? lockdep_hardirqs_on+0x7c/0x110
[  638.444866][T18878]  ? __dev_queue_xmit+0x782/0x46b0
[  638.444898][T18878]  ? __local_bh_enable_ip+0xa4/0x120
[  638.444951][T18878]  ? __nla_parse+0x40/0x60
[  638.444978][T18878]  nfnetlink_rcv+0x3c1/0x430
[  638.444999][T18878]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  638.445027][T18878]  netlink_unicast+0x5aa/0x870
[  638.445073][T18878]  ? __pfx_netlink_unicast+0x10/0x10
[  638.445107][T18878]  netlink_sendmsg+0x8c8/0xdd0
[  638.445135][T18878]  ? __pfx_netlink_sendmsg+0x10/0x10
[  638.445164][T18878]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  638.445195][T18878]  ____sys_sendmsg+0xa5d/0xc30
[  638.445209][T18878]  ? __pfx_____sys_sendmsg+0x10/0x10
[  638.445219][T18878]  ? get_compat_msghdr+0x11a/0x170
[  638.445241][T18878]  ___sys_sendmsg+0x134/0x1d0
[  638.445258][T18878]  ? __pfx____sys_sendmsg+0x10/0x10
[  638.445279][T18878]  ? find_held_lock+0x2b/0x80
[  638.445303][T18878]  __sys_sendmsg+0x16d/0x220
[  638.445318][T18878]  ? __pfx___sys_sendmsg+0x10/0x10
[  638.445339][T18878]  ? do_user_addr_fault+0x843/0x1370
[  638.445356][T18878]  __do_fast_syscall_32+0xe8/0x680
[  638.445370][T18878]  do_fast_syscall_32+0x32/0x80
[  638.445381][T18878]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  638.445395][T18878] RIP: 0023:0xf7f57579
[  638.445405][T18878] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  638.445416][T18878] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  638.445427][T18878] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  638.445435][T18878] RDX: 0000000020008800 RSI: 0000000000000000 RDI: 0000000000000000
[  638.445442][T18878] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  638.445448][T18878] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  638.445455][T18878] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  638.445469][T18878]  </TASK>
[  639.140499][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  639.140533][ T5303] Bluetooth: hci0: command 0x0c1a tx timeout
[  639.142737][ T5946] Bluetooth: hci2: command 0x206a tx timeout
[  639.447419][T18897] netlink: 'syz.3.3141': attribute type 5 has an invalid length.
[  639.549725][T18897] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  639.552196][T18897] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  639.554667][T18897] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  639.775653][T18911] lo speed is unknown, defaulting to 1000
[  639.778272][T18911] wg2 speed is unknown, defaulting to 1000
[  639.833740][T18914] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3144'.
[  641.706244][T18893] Bluetooth: hci2: command 0x206a tx timeout
[  641.708877][ T5960] Bluetooth: hci3: command 0x0c1a tx timeout
[  641.712915][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  643.359791][T18956] netlink: 'syz.7.3157': attribute type 5 has an invalid length.
[  643.467638][T18976] fuse: Bad value for 'fd'
[  643.471027][T18956] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  643.481220][T18956] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  643.487336][T18956] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  643.807832][T18980] 9p: Bad value for 'rfdno'
[  643.854020][T18984] FAULT_INJECTION: forcing a failure.
[  643.854020][T18984] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  643.859667][T18984] CPU: 3 UID: 0 PID: 18984 Comm: syz.7.3169 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  643.859712][T18984] Tainted: [L]=SOFTLOCKUP
[  643.859719][T18984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  643.859731][T18984] Call Trace:
[  643.859738][T18984]  <TASK>
[  643.859746][T18984]  dump_stack_lvl+0x16c/0x1f0
[  643.859781][T18984]  should_fail_ex+0x512/0x640
[  643.859803][T18984]  should_fail_alloc_page+0xe7/0x130
[  643.859831][T18984]  prepare_alloc_pages+0x401/0x670
[  643.859863][T18984]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  643.859889][T18984]  ? mark_held_locks+0x49/0x80
[  643.859912][T18984]  ? smp_call_function_many_cond+0x120f/0x15e0
[  643.859940][T18984]  ? lockdep_hardirqs_on+0x7c/0x110
[  643.859968][T18984]  ? __pfx_flush_tlb_func+0x10/0x10
[  643.859988][T18984]  ? smp_call_function_many_cond+0x457/0x15e0
[  643.860018][T18984]  ? __pfx_should_flush_tlb+0x10/0x10
[  643.860044][T18984]  ? __pfx_flush_tlb_func+0x10/0x10
[  643.860063][T18984]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  643.860084][T18984]  ? arch_stack_walk+0xa6/0x100
[  643.860118][T18984]  ? stack_trace_save+0x8e/0xc0
[  643.860145][T18984]  ? __pfx_stack_trace_save+0x10/0x10
[  643.860175][T18984]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  643.860203][T18984]  ? policy_nodemask+0xea/0x4e0
[  643.860232][T18984]  alloc_pages_mpol+0x1fb/0x550
[  643.860260][T18984]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  643.860289][T18984]  ? __mmu_notifier_arch_invalidate_secondary_tlbs+0x170/0x1e0
[  643.860321][T18984]  folio_alloc_mpol_noprof+0x36/0x2f0
[  643.860342][T18984]  vma_alloc_folio_noprof+0xed/0x1e0
[  643.860360][T18984]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  643.860379][T18984]  ? rcu_read_unlock+0x2d/0xb0
[  643.860406][T18984]  do_wp_page+0x1183/0x5010
[  643.860441][T18984]  ? __pfx_do_wp_page+0x10/0x10
[  643.860470][T18984]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  643.860499][T18984]  __handle_mm_fault+0x1bd2/0x2bb0
[  643.860526][T18984]  ? __pfx___handle_mm_fault+0x10/0x10
[  643.860547][T18984]  ? __pte_offset_map_lock+0x174/0x310
[  643.860597][T18984]  ? vm_normal_page+0x1c4/0x320
[  643.860620][T18984]  ? find_held_lock+0x2b/0x80
[  643.860650][T18984]  ? follow_page_pte+0x5cf/0x1390
[  643.860682][T18984]  handle_mm_fault+0x3fe/0xad0
[  643.860706][T18984]  __get_user_pages+0x54e/0x3590
[  643.860743][T18984]  ? __pfx___get_user_pages+0x10/0x10
[  643.860777][T18984]  populate_vma_page_range+0x267/0x3f0
[  643.860808][T18984]  ? __pfx_populate_vma_page_range+0x10/0x10
[  643.860840][T18984]  ? vma_set_page_prot+0xb1/0x120
[  643.860869][T18984]  mprotect_fixup+0x8c3/0xb80
[  643.860893][T18984]  ? __pfx_mprotect_fixup+0x10/0x10
[  643.860928][T18984]  do_mprotect_pkey+0x9bc/0xd40
[  643.860956][T18984]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  643.860978][T18984]  ? __mutex_unlock_slowpath+0x161/0x790
[  643.861004][T18984]  ? __fget_files+0x20e/0x3c0
[  643.861040][T18984]  ? __pfx_ksys_write+0x10/0x10
[  643.861073][T18984]  __ia32_sys_mprotect+0x75/0xb0
[  643.861092][T18984]  ? lockdep_hardirqs_on+0x7c/0x110
[  643.861119][T18984]  __do_fast_syscall_32+0xe8/0x680
[  643.861140][T18984]  do_fast_syscall_32+0x32/0x80
[  643.861158][T18984]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  643.861181][T18984] RIP: 0023:0xf7f57579
[  643.861196][T18984] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  643.861213][T18984] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 000000000000007d
[  643.861230][T18984] RAX: ffffffffffffffda RBX: 0000000080ffc000 RCX: 0000000000004000
[  643.861242][T18984] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  643.861252][T18984] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  643.861263][T18984] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  643.861273][T18984] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  643.861298][T18984]  </TASK>
[  644.593053][T18994] netlink: 'syz.5.3179': attribute type 5 has an invalid length.
[  644.803984][T18994] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  644.810961][T18994] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  644.814651][T18994] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  645.973694][T19011] 9pnet_fd: p9_fd_create_tcp (19011): problem connecting socket to 127.0.0.1
[  646.154323][T19026] SQUASHFS error: Failed to read block 0x0: -5
[  646.156367][T19026] unable to read squashfs_super_block
[  646.349796][T19034] SQUASHFS error: Failed to read block 0x0: -5
[  646.351933][T19034] unable to read squashfs_super_block
[  646.871184][T19041] netlink: 'syz.6.3185': attribute type 5 has an invalid length.
[  646.905233][T19024] 9pnet_fd: p9_fd_create_tcp (19024): problem connecting socket to 127.0.0.1
[  646.969972][T19041] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  646.971942][T19041] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  646.973860][T19041] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  647.047053][T19048] netlink: 'syz.5.3189': attribute type 10 has an invalid length.
[  647.052857][T19048] bond0: (slave wlan1): Opening slave failed
[  647.328995][T19064] SQUASHFS error: Failed to read block 0x0: -5
[  647.331294][T19064] unable to read squashfs_super_block
[  647.756625][T19063] SQUASHFS error: Failed to read block 0x0: -5
[  647.758846][T19063] unable to read squashfs_super_block
[  649.146779][ T5960] Bluetooth: hci3: command 0x0c1a tx timeout
[  649.146893][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  649.148555][T18893] Bluetooth: hci2: command 0x206a tx timeout
[  649.214368][T19086] netlink: 'syz.3.3198': attribute type 5 has an invalid length.
[  649.308135][T19086] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  649.311718][T19086] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  649.314394][T19086] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  649.598544][T19121] SQUASHFS error: Failed to read block 0x0: -5
[  649.604853][T19121] unable to read squashfs_super_block
[  649.747063][T19123] SQUASHFS error: Failed to read block 0x0: -5
[  649.749098][T19123] unable to read squashfs_super_block
[  650.181399][T19096] 9pnet_fd: p9_fd_create_tcp (19096): problem connecting socket to 127.0.0.1
[  650.394160][T19130] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3210'.
[  651.388284][T19151] binder: 19150:19151 ioctl c0306201 80000480 returned -22
[  651.456042][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  651.456088][ T5960] Bluetooth: hci0: command 0x0c1a tx timeout
[  651.458523][T18893] Bluetooth: hci2: command 0x206a tx timeout
[  651.478855][ T6089] hid-generic 0005:0007:0007.0015: reserved main item tag 0xd
[  651.481223][ T6089] hid-generic 0005:0007:0007.0015: unexpected long global item
[  651.483741][ T6089] hid-generic 0005:0007:0007.0015: probe with driver hid-generic failed with error -22
[  651.488631][T19154] netlink: 372 bytes leftover after parsing attributes in process `syz.7.3216'.
[  651.500794][T19154] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3216'.
[  651.712911][    T9] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  651.814389][T19162] comedi comedi0: Minor 47 could not be opened
[  651.818654][T19162] netlink: 'syz.7.3217': attribute type 1 has an invalid length.
[  651.861458][T19162] bond1: entered promiscuous mode
[  651.863757][T19162] 8021q: adding VLAN 0 to HW filter on device bond1
[  651.947690][T19162] 8021q: adding VLAN 0 to HW filter on device bond1
[  651.950834][T19162] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  651.954057][T19162] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  651.963203][T19162] bond1: (slave gre1): making interface the new active one
[  651.965581][T19162] gre1: entered promiscuous mode
[  651.970363][T19162] bond1: (slave gre1): Enslaving as an active interface with an up link
[  651.971079][    T9] usb 11-1: config index 0 descriptor too short (expected 39, got 27)
[  651.976957][    T9] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  651.980418][    T9] usb 11-1: config 0 interface 0 has no altsetting 0
[  651.985812][    T9] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  651.989027][    T9] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  651.991868][    T9] usb 11-1: Product: syz
[  651.993269][    T9] usb 11-1: Manufacturer: syz
[  651.994787][    T9] usb 11-1: SerialNumber: syz
[  652.072755][T19161] SQUASHFS error: Failed to read block 0x0: -5
[  652.076347][T19161] unable to read squashfs_super_block
[  652.078495][    T9] usb 11-1: config 0 descriptor??
[  652.081606][    T9] hub 11-1:0.0: bad descriptor, ignoring hub
[  652.083524][    T9] hub 11-1:0.0: probe with driver hub failed with error -5
[  652.094815][    T9] usb 11-1: selecting invalid altsetting 0
[  653.913384][T19175] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  653.918054][T19175] block device autoloading is deprecated and will be removed.
[  654.622295][T19186] netlink: 'syz.7.3223': attribute type 5 has an invalid length.
[  654.695354][T19186] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  654.697594][T19186] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  654.699711][T19186] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  654.739747][T19176] 9pnet_fd: p9_fd_create_tcp (19176): problem connecting socket to 127.0.0.1
[  655.235290][T19200] SQUASHFS error: Failed to read block 0x0: -5
[  655.238316][T19200] unable to read squashfs_super_block
[  656.025779][    T9] usb 11-1: USB disconnect, device number 3
[  656.521082][ T5946] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  656.673817][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  656.844603][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  656.850236][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  656.852437][ T5946] Bluetooth: hci2: command 0x206a tx timeout
[  657.350853][T19244] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  657.353658][T19244] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  657.359520][T19244] vhci_hcd vhci_hcd.0: Device attached
[  657.645895][T19253] netlink: 6032 bytes leftover after parsing attributes in process `syz.3.3238'.
[  657.688714][ T6089] usb 44-1: SetAddress Request (73) to port 0
[  657.704838][ T6089] usb 44-1: new SuperSpeed USB device number 73 using vhci_hcd
[  659.069298][T18893] Bluetooth: hci3: command 0x0c1a tx timeout
[  659.303236][T19260] SQUASHFS error: Failed to read block 0x0: -5
[  659.305311][T19260] unable to read squashfs_super_block
[  660.057557][T19278] siw: device registration error -23
[  660.589845][T19245] vhci_hcd: connection reset by peer
[  660.598092][   T12] vhci_hcd vhci_hcd.3: stop threads
[  660.599803][   T12] vhci_hcd vhci_hcd.3: release socket
[  660.601615][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  660.895805][T18893] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  661.100579][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  661.647748][T19311] syzkaller0: entered promiscuous mode
[  661.649563][T19311] syzkaller0: entered allmulticast mode
[  662.448622][T19324] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  662.450760][T19324] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  662.453401][T19324] vhci_hcd vhci_hcd.0: Device attached
[  662.586193][T19328] netlink: 6032 bytes leftover after parsing attributes in process `syz.7.3257'.
[  662.841482][ T6034] usb 52-1: SetAddress Request (22) to port 0
[  662.843695][ T6034] usb 52-1: new SuperSpeed USB device number 22 using vhci_hcd
[  663.087428][ T6089] usb 44-1: device descriptor read/8, error -110
[  663.526074][ T6089] usb usb44-port1: attempt power cycle
[  664.380970][ T6089] usb usb44-port1: unable to enumerate USB device
[  666.230711][T18893] Bluetooth: hci2: SCO packet for unknown connection handle 201
[  666.337724][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  666.590377][T19325] vhci_hcd: connection reset by peer
[  666.592404][T17675] vhci_hcd vhci_hcd.7: stop threads
[  666.604592][T17675] vhci_hcd vhci_hcd.7: release socket
[  666.606991][T17675] vhci_hcd vhci_hcd.7: disconnect device
[  667.740680][T19371] syzkaller0: entered promiscuous mode
[  667.742452][T19371] syzkaller0: entered allmulticast mode
[  667.763394][T18893] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  667.781423][T19374] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  667.787462][T19374] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  667.790904][T19374] vhci_hcd vhci_hcd.0: Device attached
[  667.937835][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  667.954191][T19385] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3272'.
[  668.090604][ T6469] usb 48-1: SetAddress Request (38) to port 0
[  668.092812][ T6469] usb 48-1: new SuperSpeed USB device number 38 using vhci_hcd
[  668.304431][ T6034] usb 52-1: device descriptor read/8, error -110
[  668.740762][ T6034] usb usb52-port1: attempt power cycle
[  668.860771][T19393] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  668.872109][T19393] block device autoloading is deprecated and will be removed.
[  669.341784][ T6034] usb usb52-port1: unable to enumerate USB device
[  670.595507][T19410] siw: device registration error -23
[  670.970523][T19415] SQUASHFS error: Failed to read block 0x0: -5
[  670.972527][T19415] unable to read squashfs_super_block
[  671.030440][T19375] vhci_hcd: connection reset by peer
[  671.032794][T17398] vhci_hcd vhci_hcd.5: stop threads
[  671.034835][T17398] vhci_hcd vhci_hcd.5: release socket
[  671.037103][T17398] vhci_hcd vhci_hcd.5: disconnect device
[  671.213226][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  671.408557][T19421] SQUASHFS error: Failed to read block 0x0: -5
[  671.415523][T19421] unable to read squashfs_super_block
[  671.992045][T19442] syzkaller0: entered promiscuous mode
[  671.994919][T19442] syzkaller0: entered allmulticast mode
[  672.555549][T19447] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  672.557599][T19447] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  672.560221][T19447] vhci_hcd vhci_hcd.0: Device attached
[  672.761919][T19453] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3291'.
[  676.301448][T19448] vhci_hcd: connection reset by peer
[  676.308697][T17398] vhci_hcd vhci_hcd.5: stop threads
[  676.310309][T17398] vhci_hcd vhci_hcd.5: release socket
[  676.322537][T17398] vhci_hcd vhci_hcd.5: disconnect device
[  676.397284][ T6469] usb 48-1: device descriptor read/8, error -110
[  676.636299][T19475] SQUASHFS error: Failed to read block 0x0: -5
[  676.638556][T19475] unable to read squashfs_super_block
[  676.846299][ T6469] usb usb48-port1: attempt power cycle
[  677.356440][T19507] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  677.358514][T19507] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  677.364721][T19507] vhci_hcd vhci_hcd.0: Device attached
[  677.605653][ T6469] usb 48-1: SetAddress Request (41) to port 0
[  677.610294][ T6469] usb 48-1: new SuperSpeed USB device number 41 using vhci_hcd
[  677.670273][T19513] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3304'.
[  679.338851][T19538] netlink: 'syz.6.3312': attribute type 5 has an invalid length.
[  679.663789][T19546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3316'.
[  680.043001][T19538] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  680.048905][T19538] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  680.055435][T19538] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  680.571054][T19508] vhci_hcd: connection reset by peer
[  680.576977][T18646] vhci_hcd vhci_hcd.5: stop threads
[  680.595458][T18646] vhci_hcd vhci_hcd.5: release socket
[  680.597728][T18646] vhci_hcd vhci_hcd.5: disconnect device
[  680.801075][ T5946] Bluetooth: hci0: Dropping invalid advertising data
[  680.804208][ T5946] Bluetooth: hci0: Malformed LE Event: 0x02
[  681.002523][T19582] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  681.004885][T19582] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  681.007587][T19582] vhci_hcd vhci_hcd.0: Device attached
[  681.021164][T19581] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  681.023268][T19581] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  681.028990][T19581] vhci_hcd vhci_hcd.0: Device attached
[  681.113508][T19587] random: crng reseeded on system resumption
[  681.325593][ T6034] usb 52-1: SetAddress Request (26) to port 0
[  681.329246][ T6034] usb 52-1: new SuperSpeed USB device number 26 using vhci_hcd
[  681.394392][T19591] siw: device registration error -23
[  681.723188][T19585] vhci_hcd: connection reset by peer
[  681.726685][   T91] vhci_hcd vhci_hcd.7: stop threads
[  681.728962][   T91] vhci_hcd vhci_hcd.7: release socket
[  681.731365][   T91] vhci_hcd vhci_hcd.7: disconnect device
[  681.734705][T19583] vhci_hcd: connection closed
[  681.734933][   T91] vhci_hcd vhci_hcd.5: stop threads
[  681.739119][   T91] vhci_hcd vhci_hcd.5: release socket
[  681.741999][   T91] vhci_hcd vhci_hcd.5: disconnect device
[  681.989568][T19598] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  681.992442][T19598] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  681.996184][T19598] vhci_hcd vhci_hcd.0: Device attached
[  682.132689][T19602] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3329'.
[  682.245010][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  682.245042][ T5960] Bluetooth: hci0: command 0x0c1a tx timeout
[  682.248399][ T5946] Bluetooth: hci2: command 0x206a tx timeout
[  682.277309][ T6032] usb 50-1: SetAddress Request (22) to port 0
[  682.279323][ T6032] usb 50-1: new SuperSpeed USB device number 22 using vhci_hcd
[  682.919648][T19616] netlink: 'syz.5.3332': attribute type 5 has an invalid length.
[  683.016378][ T6469] usb 48-1: device descriptor read/8, error -110
[  683.096013][T19622] siw: device registration error -23
[  683.137727][ T6469] usb usb48-port1: unable to enumerate USB device
[  683.686850][T19616] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  683.693005][T19616] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  683.695351][T19616] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  683.772331][T19630] netlink: 'syz.5.3338': attribute type 1 has an invalid length.
[  683.776705][T19630] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3338'.
[  684.004392][T19638] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  684.042198][T19638] tipc: Resetting bearer <eth:syzkaller0>
[  684.666852][T19652] FAULT_INJECTION: forcing a failure.
[  684.666852][T19652] name failslab, interval 1, probability 0, space 0, times 0
[  684.675457][T19652] CPU: 1 UID: 0 PID: 19652 Comm: syz.5.3344 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  684.675491][T19652] Tainted: [L]=SOFTLOCKUP
[  684.675498][T19652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  684.675509][T19652] Call Trace:
[  684.675516][T19652]  <TASK>
[  684.675525][T19652]  dump_stack_lvl+0x16c/0x1f0
[  684.675560][T19652]  should_fail_ex+0x512/0x640
[  684.675581][T19652]  ? fs_reclaim_acquire+0xae/0x150
[  684.675613][T19652]  should_failslab+0xc2/0x120
[  684.675642][T19652]  __kmalloc_noprof+0xeb/0x910
[  684.675665][T19652]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  684.675697][T19652]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  684.675723][T19652]  tomoyo_realpath_from_path+0xc2/0x6e0
[  684.675752][T19652]  ? tomoyo_profile+0x47/0x60
[  684.675783][T19652]  tomoyo_path_number_perm+0x245/0x580
[  684.675805][T19652]  ? tomoyo_path_number_perm+0x237/0x580
[  684.675830][T19652]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  684.675876][T19652]  ? find_held_lock+0x2b/0x80
[  684.675900][T19652]  ? hook_file_ioctl_common+0x144/0x410
[  684.675929][T19652]  ? __fget_files+0x20e/0x3c0
[  684.675954][T19652]  ? __fput_deferred+0x420/0x480
[  684.675980][T19652]  security_file_ioctl_compat+0x9b/0x240
[  684.676005][T19652]  __ia32_compat_sys_ioctl+0xc3/0x370
[  684.676033][T19652]  __do_fast_syscall_32+0xe8/0x680
[  684.676055][T19652]  do_fast_syscall_32+0x32/0x80
[  684.676075][T19652]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.676099][T19652] RIP: 0023:0xf70ad579
[  684.676114][T19652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  684.676131][T19652] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  684.676150][T19652] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004018aee1
[  684.676162][T19652] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  684.676174][T19652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  684.676185][T19652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  684.676197][T19652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  684.676247][T19652]  </TASK>
[  684.677144][T19652] ERROR: Out of memory at tomoyo_realpath_from_path.
[  685.156051][T18893] Bluetooth: hci2: command 0x206a tx timeout
[  685.231908][T19599] vhci_hcd: connection reset by peer
[  685.236221][T16790] vhci_hcd vhci_hcd.6: stop threads
[  685.239159][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  685.246347][T16790] vhci_hcd vhci_hcd.6: release socket
[  685.248828][T16790] vhci_hcd vhci_hcd.6: disconnect device
[  685.599875][T19665] netlink: 'syz.6.3348': attribute type 5 has an invalid length.
[  685.666086][T19665] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  685.668933][T19665] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  685.671530][T19665] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  686.375545][T19686] lo speed is unknown, defaulting to 1000
[  686.378838][T19686] wg2 speed is unknown, defaulting to 1000
[  686.417532][T19691] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  686.420106][T19691] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  686.423178][T19691] vhci_hcd vhci_hcd.0: Device attached
[  686.431773][T19687] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3362'.
[  686.592345][T19700] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3356'.
[  686.778319][ T6034] usb 52-1: device descriptor read/8, error -110
[  687.053159][T19709] netlink: 'syz.5.3358': attribute type 5 has an invalid length.
[  687.152152][T19709] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  687.154884][T19709] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  687.173427][T19709] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  687.195566][ T6034] usb usb52-port1: attempt power cycle
[  687.375922][T18893] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  687.525853][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  687.843753][ T6034] usb usb52-port1: unable to enumerate USB device
[  688.564392][T19734] netlink: 'syz.7.3368': attribute type 5 has an invalid length.
[  688.750124][T19738] siw: device registration error -23
[  688.930274][T19734] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  688.937423][T19734] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  688.939779][T19734] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  689.497978][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  690.375689][T19748] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  690.403311][T19748] syzkaller0: mtu greater than device maximum
[  690.445143][T19692] vhci_hcd: connection reset by peer
[  690.455608][T16790] vhci_hcd vhci_hcd.6: stop threads
[  690.457346][T16790] vhci_hcd vhci_hcd.6: release socket
[  690.459185][ T6032] usb 50-1: device descriptor read/8, error -110
[  690.459234][T16790] vhci_hcd vhci_hcd.6: disconnect device
[  690.731284][T19758] tipc: Resetting bearer <eth:syzkaller0>
[  690.773476][T16790] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  690.780965][   T12] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  690.784812][   T12] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  690.797514][   T12] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  690.875775][ T6032] usb usb50-port1: attempt power cycle
[  690.939499][T19774] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  690.942002][T19774] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  690.998492][T19774] vhci_hcd vhci_hcd.0: Device attached
[  691.006609][T19779] SQUASHFS error: Failed to read block 0x0: -5
[  691.008670][T19779] unable to read squashfs_super_block
[  691.038521][T18893] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  691.139851][T18893] Bluetooth: hci2: command 0x206a tx timeout
[  691.144373][ T5303] Bluetooth: hci0: command 0x0c1a tx timeout
[  691.146406][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  691.174975][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  691.278771][T16118] usb 52-1: SetAddress Request (30) to port 0
[  691.280900][T16118] usb 52-1: new SuperSpeed USB device number 30 using vhci_hcd
[  691.437230][T19753] overlayfs: statfs failed on './file0'
[  691.515343][T19777] netlink: 6032 bytes leftover after parsing attributes in process `syz.7.3382'.
[  691.572409][T19782] netlink: 'syz.3.3383': attribute type 5 has an invalid length.
[  691.642723][T19782] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  691.655567][T19782] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  691.662444][T19782] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  691.960413][ T6032] usb usb50-port1: unable to enumerate USB device
[  692.087535][T19796] SQUASHFS error: Failed to read block 0x0: -5
[  692.090229][T19796] unable to read squashfs_super_block
[  693.655434][T19817] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[  693.657509][T19817] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  693.666577][T19815] netlink: 'syz.5.3395': attribute type 5 has an invalid length.
[  693.705377][T19815] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  693.707462][T19815] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  693.709497][T19815] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  693.858295][T19817] vhci_hcd vhci_hcd.0: Device attached
[  694.160900][T19818] vhci_hcd: connection closed
[  694.161065][   T13] vhci_hcd vhci_hcd.6: stop threads
[  694.164940][   T13] vhci_hcd vhci_hcd.6: release socket
[  694.166807][ T6366] usb 50-1: SetAddress Request (26) to port 0
[  694.168847][   T13] vhci_hcd vhci_hcd.6: disconnect device
[  694.170698][ T6366] usb 50-1: new SuperSpeed USB device number 26 using vhci_hcd
[  694.176868][T19775] vhci_hcd: connection reset by peer
[  694.180423][  T104] vhci_hcd vhci_hcd.7: stop threads
[  694.182728][  T104] vhci_hcd vhci_hcd.7: release socket
[  694.197016][  T104] vhci_hcd vhci_hcd.7: disconnect device
[  694.207928][ T6366] usb 50-1: enqueue for inactive port 0
[  694.636441][ T6366] usb usb50-port1: attempt power cycle
[  694.649671][T19841] syzkaller0: entered promiscuous mode
[  694.651561][T19841] syzkaller0: entered allmulticast mode
[  694.933077][T19848] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  694.935927][T19848] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  694.939535][T19848] vhci_hcd vhci_hcd.0: Device attached
[  694.953413][T19843] syzkaller0: entered promiscuous mode
[  694.955203][T19843] syzkaller0: entered allmulticast mode
[  695.009619][ T6366] usb 50-1: SetAddress Request (28) to port 0
[  695.011706][ T6366] usb 50-1: new SuperSpeed USB device number 28 using vhci_hcd
[  695.151979][T19852] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3404'.
[  695.929063][ T5303] Bluetooth: hci0: command 0x0c1a tx timeout
[  695.929091][T19603] Bluetooth: hci2: command 0x206a tx timeout
[  695.931433][T18893] Bluetooth: hci3: command 0x0c1a tx timeout
[  696.709655][T16118] usb 52-1: device descriptor read/8, error -110
[  697.218941][T16118] usb usb52-port1: attempt power cycle
[  697.273514][T19858] netlink: 'syz.3.3407': attribute type 5 has an invalid length.
[  698.004525][T16118] usb usb52-port1: unable to enumerate USB device
[  698.152589][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  698.623349][T19858] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  698.627384][T19858] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  698.632491][T19858] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  698.946228][T19849] vhci_hcd: connection reset by peer
[  699.055346][ T1259] vhci_hcd vhci_hcd.6: stop threads
[  699.057332][ T1259] vhci_hcd vhci_hcd.6: release socket
[  699.081013][ T1259] vhci_hcd vhci_hcd.6: disconnect device
[  700.190595][T19888] SQUASHFS error: Failed to read block 0x0: -5
[  700.192642][T19888] unable to read squashfs_super_block
[  700.472564][ T6366] usb 50-1: device descriptor read/8, error -110
[  700.836289][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  700.838943][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  700.841557][ T5946] Bluetooth: hci2: command 0x206a tx timeout
[  700.900933][ T6366] usb usb50-port1: unable to enumerate USB device
[  701.358920][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  701.358937][   T40] audit: type=1326 audit(1768265951.545:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19893 comm="syz.5.3417" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x0
[  701.532919][T19901] lo speed is unknown, defaulting to 1000
[  701.536117][T19901] wg2 speed is unknown, defaulting to 1000
[  701.834909][T19904] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  701.844562][T19904] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  702.009062][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024a22000: rx timeout, send abort
[  702.327560][T19913] netlink: 'syz.3.3420': attribute type 5 has an invalid length.
[  702.444935][T19913] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  702.461051][T19913] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  702.466934][T19913] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  702.540866][T19922] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  702.542942][T19922] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  702.546230][    C3] vcan0: j1939_tp_rxtimer: 0xffff888024a22000: abort rx timeout. Force session deactivation
[  702.557262][T19922] vhci_hcd vhci_hcd.0: Device attached
[  702.651430][T19927] netlink: 6032 bytes leftover after parsing attributes in process `syz.3.3423'.
[  702.824731][    T9] usb 44-1: SetAddress Request (77) to port 0
[  702.827590][    T9] usb 44-1: new SuperSpeed USB device number 77 using vhci_hcd
[  703.298276][T19923] vhci_hcd: connection reset by peer
[  703.321713][   T46] vhci_hcd vhci_hcd.3: stop threads
[  703.325538][   T46] vhci_hcd vhci_hcd.3: release socket
[  703.337054][   T46] vhci_hcd vhci_hcd.3: disconnect device
[  703.466137][ T5946] Bluetooth: hci2: unexpected event for opcode 0x0000
[  703.879835][T19936] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  704.021679][T19941] syzkaller0: entered promiscuous mode
[  704.025395][T19941] syzkaller0: entered allmulticast mode
[  704.568411][ T1120] sr 2:0:0:0: [sr0] tag#5 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  704.579945][ T1120] sr 2:0:0:0: [sr0] tag#5 Sense Key : Illegal Request [current] 
[  704.587850][ T1120] sr 2:0:0:0: [sr0] tag#5 Add. Sense: Invalid command operation code
[  704.593720][ T1120] sr 2:0:0:0: [sr0] tag#5 CDB: Write(10) 2a 00 00 00 00 00 00 00 02 00
[  704.600898][ T1120] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2
[  704.611713][ T1120] buffer_io_error: 6 callbacks suppressed
[  704.611748][ T1120] Buffer I/O error on dev sr0, logical block 0, lost async page write
[  704.652457][T19603] Bluetooth: hci0: command 0x0c1a tx timeout
[  704.654424][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  704.968525][T19956] netlink: 'syz.5.3431': attribute type 5 has an invalid length.
[  706.700375][T19951] syzkaller0: entered promiscuous mode
[  706.702685][T19951] syzkaller0: entered allmulticast mode
[  706.924412][T19977] sd 0:0:0:0: PR command failed: 1026
[  706.926260][T19977] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  706.928428][T19977] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  707.818451][ T5946] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  707.823096][ T5946] Bluetooth: hci2: Injecting HCI hardware error event
[  707.828062][T19603] Bluetooth: hci2: hardware error 0x00
[  708.244864][    T9] usb 44-1: device descriptor read/8, error -110
[  708.682652][T19994] SQUASHFS error: Failed to read block 0x0: -5
[  708.685807][T19994] unable to read squashfs_super_block
[  708.698101][    T9] usb usb44-port1: attempt power cycle
[  709.082068][ T6366] kernel write not supported for file /adsp1 (pid: 6366 comm: kworker/3:5)
[  709.464346][T20005] siw: device registration error -23
[  709.896102][T20010] netlink: 'syz.7.3443': attribute type 5 has an invalid length.
[  709.988470][T20010] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  709.994702][T20010] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  710.031122][    T9] usb usb44-port1: unable to enumerate USB device
[  710.047219][T19603] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  710.202495][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  710.923265][T20038] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  710.926143][T20038] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  710.930778][T20038] vhci_hcd vhci_hcd.0: Device attached
[  711.069713][T20043] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3450'.
[  711.217151][T16119] usb 50-1: SetAddress Request (30) to port 0
[  711.311628][T16119] usb 50-1: new SuperSpeed USB device number 30 using vhci_hcd
[  711.314384][T20047] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  711.316470][T20047] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  711.318901][T20047] vhci_hcd vhci_hcd.0: Device attached
[  711.405748][T20052] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  711.412897][T20052] syzkaller0: entered promiscuous mode
[  711.417214][T20052] syzkaller0: entered allmulticast mode
[  711.493102][T20053] overlay: Unknown parameter 'obj_type'
[  711.495620][T20055] FAULT_INJECTION: forcing a failure.
[  711.495620][T20055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  711.495641][T20055] CPU: 2 UID: 0 PID: 20055 Comm: syz.7.3453 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  711.495657][T20055] Tainted: [L]=SOFTLOCKUP
[  711.495661][T20055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  711.495668][T20055] Call Trace:
[  711.495672][T20055]  <TASK>
[  711.495677][T20055]  dump_stack_lvl+0x16c/0x1f0
[  711.495698][T20055]  should_fail_ex+0x512/0x640
[  711.495714][T20055]  _copy_from_iter+0x43b/0x16c0
[  711.495732][T20055]  ? __pfx__copy_from_iter+0x10/0x10
[  711.495746][T20055]  ? find_held_lock+0x2b/0x80
[  711.495763][T20055]  ? rawv6_sendmsg+0xb68/0x4860
[  711.495777][T20055]  rawv6_sendmsg+0x238c/0x4860
[  711.495787][T20055]  ? aa_label_sk_perm+0x194/0x5f0
[  711.495803][T20055]  ? aa_profile_af_perm+0x360/0x390
[  711.495818][T20055]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  711.495848][T20055]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  711.495859][T20055]  ? inet_sendmsg+0x11c/0x140
[  711.495873][T20055]  inet_sendmsg+0x11c/0x140
[  711.495887][T20055]  ____sys_sendmsg+0x973/0xc30
[  711.495901][T20055]  ? __pfx_____sys_sendmsg+0x10/0x10
[  711.495912][T20055]  ? get_compat_msghdr+0x11a/0x170
[  711.495930][T20055]  ? __pfx__kstrtoull+0x10/0x10
[  711.495948][T20055]  ___sys_sendmsg+0x134/0x1d0
[  711.495987][T20055]  ? __pfx____sys_sendmsg+0x10/0x10
[  711.496018][T20055]  __sys_sendmmsg+0x2f9/0x420
[  711.496035][T20055]  ? __pfx___sys_sendmmsg+0x10/0x10
[  711.496055][T20055]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  711.496072][T20055]  ? fput+0x70/0xf0
[  711.496083][T20055]  ? ksys_write+0x1ac/0x250
[  711.496099][T20055]  ? __pfx_ksys_write+0x10/0x10
[  711.496117][T20055]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  711.496133][T20055]  ? lockdep_hardirqs_on+0x7c/0x110
[  711.496151][T20055]  __do_fast_syscall_32+0xe8/0x680
[  711.496164][T20055]  do_fast_syscall_32+0x32/0x80
[  711.496175][T20055]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  711.496190][T20055] RIP: 0023:0xf7f57579
[  711.496199][T20055] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  711.496210][T20055] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  711.496221][T20055] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002b80
[  711.496228][T20055] RDX: 0000000000000001 RSI: 000000004404c880 RDI: 0000000000000000
[  711.496235][T20055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  711.496242][T20055] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  711.496248][T20055] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  711.496262][T20055]  </TASK>
[  711.569322][ T6032] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[  711.865223][T20059] siw: device registration error -23
[  711.986182][T20039] vhci_hcd: connection reset by peer
[  711.988313][T17675] vhci_hcd vhci_hcd.6: stop threads
[  711.991722][T17675] vhci_hcd vhci_hcd.6: release socket
[  711.994277][T17675] vhci_hcd vhci_hcd.6: disconnect device
[  712.159826][T20049] vhci_hcd: connection reset by peer
[  712.164372][T17675] vhci_hcd vhci_hcd.5: stop threads
[  712.174503][T17675] vhci_hcd vhci_hcd.5: release socket
[  712.176923][T17675] vhci_hcd vhci_hcd.5: disconnect device
[  712.178714][T18893] Bluetooth: hci3: command 0x0c1a tx timeout
[  712.178725][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  712.234724][   T75] IPVS: starting estimator thread 0...
[  712.237511][T20061] IPVS: ip_vs_edit_dest(): server weight less than zero
[  712.265931][T20051] tipc: Resetting bearer <eth:syzkaller0>
[  712.293148][T20051] tipc: Disabling bearer <eth:syzkaller0>
[  712.328697][T20064] IPVS: using max 26 ests per chain, 62400 per kthread
[  712.465613][T20063] netlink: 'syz.6.3456': attribute type 5 has an invalid length.
[  712.471700][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  712.820439][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  713.013357][T20063] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  713.016263][T20063] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  713.201336][T20081] tipc: Resetting bearer <eth:syzkaller0>
[  713.673316][ T6469] libceph: connect (1)[c::]:6789 error -101
[  713.687369][ T6469] libceph: mon0 (1)[c::]:6789 connect error
[  713.952250][T20102] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  713.955211][T20102] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  713.958998][T20102] vhci_hcd vhci_hcd.0: Device attached
[  713.975137][ T6469] libceph: connect (1)[c::]:6789 error -101
[  713.977295][ T6469] libceph: mon0 (1)[c::]:6789 connect error
[  714.038351][T20105] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3464'.
[  714.305521][T20095] ceph: No mds server is up or the cluster is laggy
[  714.361281][T20107] macsec1: entered promiscuous mode
[  714.363322][T20107] dummy0: entered promiscuous mode
[  714.365575][T20107] macsec1: entered allmulticast mode
[  714.367317][T20107] dummy0: entered allmulticast mode
[  714.380803][T20107] dummy0: left allmulticast mode
[  714.384659][T20107] dummy0: left promiscuous mode
[  714.553108][T20119] netlink: 'syz.3.3466': attribute type 1 has an invalid length.
[  714.621653][T20122] syzkaller0: entered promiscuous mode
[  714.623529][T20122] syzkaller0: entered allmulticast mode
[  714.661969][T20103] vhci_hcd: connection closed
[  714.662319][  T104] vhci_hcd vhci_hcd.5: stop threads
[  714.670045][  T104] vhci_hcd vhci_hcd.5: release socket
[  714.680531][  T104] vhci_hcd vhci_hcd.5: disconnect device
[  715.022601][T20121] netlink: 'syz.6.3469': attribute type 5 has an invalid length.
[  715.173665][T18893] Bluetooth: hci0: command 0x0c1a tx timeout
[  715.176426][T19603] Bluetooth: hci3: command 0x0c1a tx timeout
[  715.664165][T20121] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  715.667815][T20121] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  716.722185][T16119] usb 50-1: device descriptor read/8, error -110
[  716.981226][T20148] tipc: Failed to remove unknown binding: 66,1,1/2126:767707335/767707337
[  716.984244][T20148] tipc: Failed to remove unknown binding: 66,1,1/2126:767707335/767707337
[  717.064365][ T6032] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  717.150607][T16119] usb usb50-port1: attempt power cycle
[  717.770340][T16119] usb usb50-port1: unable to enumerate USB device
[  717.823304][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  717.835139][T19603] Bluetooth: hci0: command 0x0c1a tx timeout
[  718.104447][T20159] siw: device registration error -23
[  718.411679][ T6366] usb usb48-port1: attempt power cycle
[  718.482519][T20157] siw: device registration error -23
[  718.484756][T20162] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  718.486956][T20162] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  718.490256][T20162] vhci_hcd vhci_hcd.0: Device attached
[  718.812546][ T6032] usb 44-1: SetAddress Request (81) to port 0
[  718.815124][ T6032] usb 44-1: new SuperSpeed USB device number 81 using vhci_hcd
[  718.882093][T20168] netlink: 6032 bytes leftover after parsing attributes in process `syz.3.3478'.
[  719.010788][ T6366] usb usb48-port1: unable to enumerate USB device
[  719.900754][T20180] tipc: Resetting bearer <eth:syzkaller0>
[  719.931677][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  720.057645][T19603] Bluetooth: hci3: command 0x0c1a tx timeout
[  720.623795][T20194] FAULT_INJECTION: forcing a failure.
[  720.623795][T20194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.632152][T20194] CPU: 0 UID: 0 PID: 20194 Comm: syz.7.3487 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  720.632173][T20194] Tainted: [L]=SOFTLOCKUP
[  720.632177][T20194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  720.632184][T20194] Call Trace:
[  720.632188][T20194]  <TASK>
[  720.632193][T20194]  dump_stack_lvl+0x16c/0x1f0
[  720.632215][T20194]  should_fail_ex+0x512/0x640
[  720.632232][T20194]  _copy_from_user+0x2e/0xd0
[  720.632246][T20194]  kstrtouint_from_user+0xd6/0x1d0
[  720.632263][T20194]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  720.632279][T20194]  ? __lock_acquire+0x436/0x2890
[  720.632296][T20194]  proc_fail_nth_write+0x83/0x220
[  720.632308][T20194]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  720.632323][T20194]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  720.632334][T20194]  vfs_write+0x2a0/0x11d0
[  720.632351][T20194]  ? __pfx___mutex_lock+0x10/0x10
[  720.632364][T20194]  ? __pfx_vfs_write+0x10/0x10
[  720.632379][T20194]  ? find_held_lock+0x2b/0x80
[  720.632397][T20194]  ? __fget_files+0x20e/0x3c0
[  720.632418][T20194]  ksys_write+0x12a/0x250
[  720.632434][T20194]  ? __pfx_ksys_write+0x10/0x10
[  720.632454][T20194]  __do_fast_syscall_32+0xe8/0x680
[  720.632467][T20194]  do_fast_syscall_32+0x32/0x80
[  720.632478][T20194]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  720.632493][T20194] RIP: 0023:0xf7f57579
[  720.632502][T20194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  720.632514][T20194] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  720.632525][T20194] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[  720.632532][T20194] RDX: 0000000000000001 RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  720.632539][T20194] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  720.632546][T20194] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  720.632552][T20194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  720.632567][T20194]  </TASK>
[  720.868113][T20198] siw: device registration error -23
[  721.518065][T20207] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  721.521190][T20207] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  721.556816][T20207] vhci_hcd vhci_hcd.0: Device attached
[  721.728019][T20164] vhci_hcd: connection reset by peer
[  721.736267][ T1140] vhci_hcd vhci_hcd.3: stop threads
[  721.737935][ T1140] vhci_hcd vhci_hcd.3: release socket
[  721.739969][ T1140] vhci_hcd vhci_hcd.3: disconnect device
[  721.853919][T16118] usb 48-1: SetAddress Request (46) to port 0
[  721.855949][T16118] usb 48-1: new SuperSpeed USB device number 46 using vhci_hcd
[  721.856285][T20212] netlink: 112 bytes leftover after parsing attributes in process `syz.3.3491'.
[  721.919824][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  722.057375][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  722.107397][T20209] vhci_hcd: connection reset by peer
[  722.112702][   T91] vhci_hcd vhci_hcd.5: stop threads
[  722.114895][   T91] vhci_hcd vhci_hcd.5: release socket
[  722.117298][   T91] vhci_hcd vhci_hcd.5: disconnect device
[  722.208701][T20232] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3499'.
[  722.272116][T19603] Bluetooth: hci3: command 0x0c1a tx timeout
[  722.411722][T20235] siw: device registration error -23
[  722.514395][T20234] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.599713][T20234] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.680124][T20238] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  722.682412][T20238] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  722.692279][T20238] vhci_hcd vhci_hcd.0: Device attached
[  722.699474][T20234] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.798133][T20234] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.818121][T20244] fuse: Bad value for 'group_id'
[  722.819779][T20244] fuse: Bad value for 'group_id'
[  722.941094][ T1140] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  722.955848][ T1140] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  722.968207][ T1140] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  722.974748][T17398] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  722.987021][   T75] usb 50-1: SetAddress Request (34) to port 0
[  722.990006][   T75] usb 50-1: new SuperSpeed USB device number 34 using vhci_hcd
[  723.080369][T20245] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3500'.
[  723.372376][ T6013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  723.400289][T20252] fuse: Unknown parameter 'group_id00000000000000000000'
[  723.805449][T20265] FAULT_INJECTION: forcing a failure.
[  723.805449][T20265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  723.809581][T20265] CPU: 3 UID: 0 PID: 20265 Comm: syz.7.3508 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  723.809600][T20265] Tainted: [L]=SOFTLOCKUP
[  723.809604][T20265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  723.809611][T20265] Call Trace:
[  723.809615][T20265]  <TASK>
[  723.809620][T20265]  dump_stack_lvl+0x16c/0x1f0
[  723.809642][T20265]  should_fail_ex+0x512/0x640
[  723.809658][T20265]  _copy_from_user+0x2e/0xd0
[  723.809672][T20265]  __do_compat_sys_mq_getsetattr+0xe6/0x290
[  723.809685][T20265]  ? __pfx___do_compat_sys_mq_getsetattr+0x10/0x10
[  723.809697][T20265]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  723.809710][T20265]  ? __fget_files+0x20e/0x3c0
[  723.809729][T20265]  ? fput+0x70/0xf0
[  723.809743][T20265]  ? do_user_addr_fault+0x843/0x1370
[  723.809760][T20265]  __do_fast_syscall_32+0xe8/0x680
[  723.809772][T20265]  do_fast_syscall_32+0x32/0x80
[  723.809783][T20265]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  723.809798][T20265] RIP: 0023:0xf7f57579
[  723.809807][T20265] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  723.809818][T20265] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 000000000000011a
[  723.809829][T20265] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 0000000080000040
[  723.809837][T20265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  723.809843][T20265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  723.809850][T20265] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  723.809857][T20265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  723.809870][T20265]  </TASK>
[  723.956758][T20268] overlayfs: missing 'lowerdir'
[  724.240853][ T6032] usb 44-1: device descriptor read/8, error -110
[  724.285508][T20272] siw: device registration error -23
[  724.617326][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  724.676460][ T6032] usb usb44-port1: attempt power cycle
[  724.751466][ T6013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  724.776479][T20280] fuse: Unknown parameter 'group_id00000000000000000000'
[  725.306413][ T6032] usb usb44-port1: unable to enumerate USB device
[  725.914934][T20239] vhci_hcd: connection reset by peer
[  725.939806][   T91] vhci_hcd vhci_hcd.6: stop threads
[  725.941482][   T91] vhci_hcd vhci_hcd.6: release socket
[  725.943407][   T91] vhci_hcd vhci_hcd.6: disconnect device
[  726.135688][T20304] fuse: Bad value for 'user_id'
[  726.137346][T20304] fuse: Bad value for 'user_id'
[  726.184133][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  726.324808][T20312] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  726.329497][T20312] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  726.332076][T20312] vhci_hcd vhci_hcd.0: Device attached
[  726.386848][ T6013] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  726.428580][T20315] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.3526'.
[  726.521233][T20322] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  726.523342][T20322] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  726.532620][T20322] vhci_hcd vhci_hcd.0: Device attached
[  727.113583][T20323] vhci_hcd: connection closed
[  727.114399][   T91] vhci_hcd vhci_hcd.5: stop threads
[  727.119631][   T91] vhci_hcd vhci_hcd.5: release socket
[  727.122126][   T91] vhci_hcd vhci_hcd.5: disconnect device
[  727.231702][T16118] usb 48-1: device descriptor read/8, error -110
[  727.776683][T16118] usb usb48-port1: attempt power cycle
[  728.489337][T16118] usb usb48-port1: unable to enumerate USB device
[  729.231954][T20351] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3537'.
[  729.583978][T20313] vhci_hcd: connection reset by peer
[  729.592299][   T46] vhci_hcd vhci_hcd.6: stop threads
[  729.600914][   T46] vhci_hcd vhci_hcd.6: release socket
[  729.607693][   T75] usb 50-1: device descriptor read/8, error -110
[  729.611045][   T46] vhci_hcd vhci_hcd.6: disconnect device
[  729.883475][T20361] fuse: Bad value for 'fd'
[  730.042414][   T75] usb usb50-port1: attempt power cycle
[  730.183128][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  730.652861][   T75] usb usb50-port1: unable to enumerate USB device
[  730.746233][T20367] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3543'.
[  730.754264][T17675] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.758953][T17675] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  730.909401][T20373] FAULT_INJECTION: forcing a failure.
[  730.909401][T20373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  730.919262][T20373] CPU: 0 UID: 0 PID: 20373 Comm: syz.6.3545 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  730.919309][T20373] Tainted: [L]=SOFTLOCKUP
[  730.919316][T20373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  730.919328][T20373] Call Trace:
[  730.919336][T20373]  <TASK>
[  730.919344][T20373]  dump_stack_lvl+0x16c/0x1f0
[  730.919378][T20373]  should_fail_ex+0x512/0x640
[  730.919404][T20373]  _copy_from_user+0x2e/0xd0
[  730.919425][T20373]  bpf_test_init.isra.0+0xce/0x130
[  730.919452][T20373]  bpf_prog_test_run_xdp+0x66c/0x1660
[  730.919483][T20373]  ? __fget_files+0x204/0x3c0
[  730.919511][T20373]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  730.919538][T20373]  ? __might_fault+0x20/0x190
[  730.919564][T20373]  ? fput+0x70/0xf0
[  730.919581][T20373]  ? __bpf_prog_get+0x97/0x2a0
[  730.919604][T20373]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  730.919630][T20373]  __sys_bpf+0x1035/0x4980
[  730.919652][T20373]  ? __pfx___sys_bpf+0x10/0x10
[  730.919669][T20373]  ? find_held_lock+0x2b/0x80
[  730.919699][T20373]  ? find_held_lock+0x2b/0x80
[  730.919728][T20373]  ? __mutex_unlock_slowpath+0x161/0x790
[  730.919760][T20373]  ? fput+0x70/0xf0
[  730.919777][T20373]  ? ksys_write+0x1ac/0x250
[  730.919830][T20373]  ? __pfx_ksys_write+0x10/0x10
[  730.919860][T20373]  __ia32_sys_bpf+0x76/0xe0
[  730.919879][T20373]  ? lockdep_hardirqs_on+0x7c/0x110
[  730.919908][T20373]  __do_fast_syscall_32+0xe8/0x680
[  730.919929][T20373]  do_fast_syscall_32+0x32/0x80
[  730.919949][T20373]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  730.919973][T20373] RIP: 0023:0xf70ad579
[  730.919988][T20373] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  730.920007][T20373] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  730.920027][T20373] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000b80
[  730.920039][T20373] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  730.920051][T20373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  730.920062][T20373] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  730.920073][T20373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  730.920097][T20373]  </TASK>
[  731.125577][T20379] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  731.127684][T20379] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  731.130321][T20379] vhci_hcd vhci_hcd.0: Device attached
[  731.297583][T20384] netlink: 6032 bytes leftover after parsing attributes in process `syz.3.3547'.
[  731.438249][T20387] FAULT_INJECTION: forcing a failure.
[  731.438249][T20387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  731.471950][T20387] CPU: 0 UID: 0 PID: 20387 Comm: syz.7.3548 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  731.471995][T20387] Tainted: [L]=SOFTLOCKUP
[  731.472003][T20387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  731.472015][T20387] Call Trace:
[  731.472021][T20387]  <TASK>
[  731.472028][T20387]  dump_stack_lvl+0x16c/0x1f0
[  731.472061][T20387]  should_fail_ex+0x512/0x640
[  731.472086][T20387]  _copy_from_user+0x2e/0xd0
[  731.472114][T20387]  kstrtouint_from_user+0xd6/0x1d0
[  731.472141][T20387]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  731.472165][T20387]  ? __lock_acquire+0x436/0x2890
[  731.472195][T20387]  proc_fail_nth_write+0x83/0x220
[  731.472215][T20387]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  731.472239][T20387]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  731.472256][T20387]  vfs_write+0x2a0/0x11d0
[  731.472283][T20387]  ? __pfx___mutex_lock+0x10/0x10
[  731.472303][T20387]  ? __pfx_vfs_write+0x10/0x10
[  731.472325][T20387]  ? find_held_lock+0x2b/0x80
[  731.472354][T20387]  ? __fget_files+0x20e/0x3c0
[  731.472387][T20387]  ksys_write+0x12a/0x250
[  731.472411][T20387]  ? __pfx_ksys_write+0x10/0x10
[  731.472444][T20387]  __do_fast_syscall_32+0xe8/0x680
[  731.472465][T20387]  do_fast_syscall_32+0x32/0x80
[  731.472483][T20387]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  731.472507][T20387] RIP: 0023:0xf7f57579
[  731.472522][T20387] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  731.472539][T20387] RSP: 002b:00000000f5425590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  731.472557][T20387] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5425620
[  731.472569][T20387] RDX: 0000000000000001 RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  731.472580][T20387] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  731.472591][T20387] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  731.472602][T20387] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  731.472627][T20387]  </TASK>
[  731.603478][ T6366] usb 44-1: SetAddress Request (85) to port 0
[  731.611409][ T6366] usb 44-1: new SuperSpeed USB device number 85 using vhci_hcd
[  731.718401][T20394] fuse: Bad value for 'fd'
[  732.042172][ T6032] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  732.082994][T20399] FAULT_INJECTION: forcing a failure.
[  732.082994][T20399] name failslab, interval 1, probability 0, space 0, times 0
[  732.088426][T20399] CPU: 1 UID: 0 PID: 20399 Comm: syz.7.3553 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  732.088447][T20399] Tainted: [L]=SOFTLOCKUP
[  732.088452][T20399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  732.088458][T20399] Call Trace:
[  732.088462][T20399]  <TASK>
[  732.088467][T20399]  dump_stack_lvl+0x16c/0x1f0
[  732.088488][T20399]  should_fail_ex+0x512/0x640
[  732.088502][T20399]  ? __kmalloc_cache_noprof+0x5f/0x800
[  732.088517][T20399]  should_failslab+0xc2/0x120
[  732.088534][T20399]  __kmalloc_cache_noprof+0x80/0x800
[  732.088547][T20399]  ? aa_label_sk_perm+0x194/0x5f0
[  732.088561][T20399]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  732.088577][T20399]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  732.088590][T20399]  tcp_sendmsg_fastopen+0x24d/0x750
[  732.088606][T20399]  tcp_sendmsg_locked+0x2410/0x42a0
[  732.088621][T20399]  ? bpf_ksym_find+0x124/0x1c0
[  732.088635][T20399]  ? __lock_acquire+0x436/0x2890
[  732.088648][T20399]  ? __pfx___might_resched+0x10/0x10
[  732.088665][T20399]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  732.088684][T20399]  ? do_raw_spin_lock+0x12c/0x2b0
[  732.088702][T20399]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  732.088724][T20399]  ? __local_bh_enable_ip+0xa4/0x120
[  732.088746][T20399]  tcp_sendmsg+0x2e/0x50
[  732.088758][T20399]  ? __pfx_tcp_sendmsg+0x10/0x10
[  732.088771][T20399]  inet_sendmsg+0xb9/0x140
[  732.088786][T20399]  ____sys_sendmsg+0x973/0xc30
[  732.088800][T20399]  ? __pfx_____sys_sendmsg+0x10/0x10
[  732.088810][T20399]  ? get_compat_msghdr+0x11a/0x170
[  732.088833][T20399]  ___sys_sendmsg+0x134/0x1d0
[  732.088850][T20399]  ? __pfx____sys_sendmsg+0x10/0x10
[  732.088871][T20399]  ? find_held_lock+0x2b/0x80
[  732.088895][T20399]  __sys_sendmsg+0x16d/0x220
[  732.088910][T20399]  ? __pfx___sys_sendmsg+0x10/0x10
[  732.088931][T20399]  ? do_user_addr_fault+0x843/0x1370
[  732.088948][T20399]  __do_fast_syscall_32+0xe8/0x680
[  732.088960][T20399]  do_fast_syscall_32+0x32/0x80
[  732.088972][T20399]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  732.088987][T20399] RIP: 0023:0xf7f57579
[  732.088996][T20399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  732.089007][T20399] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  732.089019][T20399] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  732.089026][T20399] RDX: 000000003000c0c0 RSI: 0000000000000000 RDI: 0000000000000000
[  732.089033][T20399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  732.089039][T20399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  732.089046][T20399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  732.089060][T20399]  </TASK>
[  734.377626][T20380] vhci_hcd: connection reset by peer
[  734.380511][   T13] vhci_hcd vhci_hcd.3: stop threads
[  734.383916][   T13] vhci_hcd vhci_hcd.3: release socket
[  734.387463][   T13] vhci_hcd vhci_hcd.3: disconnect device
[  734.390749][T20421] CUSE: info not properly terminated
[  734.551505][   T40] audit: type=1326 audit(1768265982.600:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.568495][   T40] audit: type=1326 audit(1768265982.600:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.595550][   T40] audit: type=1326 audit(1768265982.619:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.616485][   T40] audit: type=1326 audit(1768265982.628:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.625298][   T40] audit: type=1326 audit(1768265982.637:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.632177][   T40] audit: type=1326 audit(1768265982.637:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.639105][   T40] audit: type=1326 audit(1768265982.637:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.648491][   T40] audit: type=1326 audit(1768265982.637:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.657453][   T40] audit: type=1326 audit(1768265982.637:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.666185][   T40] audit: type=1326 audit(1768265982.637:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20420 comm="syz.5.3561" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  734.743069][T20431] ubi: mtd0 is already attached to ubi31
[  735.135144][ T6089] kernel read not supported for file /vga_arbiter (pid: 6089 comm: kworker/3:3)
[  735.314107][T20443] FAULT_INJECTION: forcing a failure.
[  735.314107][T20443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  735.318390][T20443] CPU: 3 UID: 0 PID: 20443 Comm: syz.7.3568 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  735.318409][T20443] Tainted: [L]=SOFTLOCKUP
[  735.318414][T20443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  735.318421][T20443] Call Trace:
[  735.318426][T20443]  <TASK>
[  735.318431][T20443]  dump_stack_lvl+0x16c/0x1f0
[  735.318454][T20443]  should_fail_ex+0x512/0x640
[  735.318469][T20443]  _copy_to_user+0x32/0xd0
[  735.318484][T20443]  simple_read_from_buffer+0xcb/0x170
[  735.318502][T20443]  proc_fail_nth_read+0x197/0x240
[  735.318523][T20443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  735.318542][T20443]  ? rw_verify_area+0xcf/0x6c0
[  735.318558][T20443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  735.318576][T20443]  vfs_read+0x1e4/0xcf0
[  735.318593][T20443]  ? __pfx___mutex_lock+0x10/0x10
[  735.318606][T20443]  ? __pfx_vfs_read+0x10/0x10
[  735.318620][T20443]  ? find_held_lock+0x2b/0x80
[  735.318639][T20443]  ? __fget_files+0x20e/0x3c0
[  735.318660][T20443]  ksys_read+0x12a/0x250
[  735.318676][T20443]  ? __pfx_ksys_read+0x10/0x10
[  735.318696][T20443]  __do_fast_syscall_32+0xe8/0x680
[  735.318709][T20443]  do_fast_syscall_32+0x32/0x80
[  735.318720][T20443]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  735.318734][T20443] RIP: 0023:0xf7f57579
[  735.318744][T20443] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  735.318756][T20443] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  735.318767][T20443] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5446620
[  735.318778][T20443] RDX: 000000000000000f RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  735.318785][T20443] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  735.318791][T20443] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  735.318798][T20443] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  735.318812][T20443]  </TASK>
[  735.367121][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  735.684049][T20459] IPVS: Error connecting to the multicast addr
[  735.789193][T20460] siw: device registration error -23
[  736.459653][T20478] FAULT_INJECTION: forcing a failure.
[  736.459653][T20478] name failslab, interval 1, probability 0, space 0, times 0
[  736.463923][T20478] CPU: 1 UID: 0 PID: 20478 Comm: syz.3.3580 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.463942][T20478] Tainted: [L]=SOFTLOCKUP
[  736.463946][T20478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.463953][T20478] Call Trace:
[  736.463958][T20478]  <TASK>
[  736.463962][T20478]  dump_stack_lvl+0x16c/0x1f0
[  736.463985][T20478]  should_fail_ex+0x512/0x640
[  736.463999][T20478]  ? __kmalloc_cache_noprof+0x5f/0x800
[  736.464014][T20478]  should_failslab+0xc2/0x120
[  736.464032][T20478]  __kmalloc_cache_noprof+0x80/0x800
[  736.464050][T20478]  ? bpf_raw_tp_link_attach+0x191/0x630
[  736.464064][T20478]  ? bpf_raw_tp_link_attach+0x191/0x630
[  736.464074][T20478]  bpf_raw_tp_link_attach+0x191/0x630
[  736.464086][T20478]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  736.464096][T20478]  ? find_held_lock+0x2b/0x80
[  736.464111][T20478]  ? __fget_files+0x204/0x3c0
[  736.464134][T20478]  ? fput+0x70/0xf0
[  736.464145][T20478]  ? __bpf_prog_get+0x97/0x2a0
[  736.464160][T20478]  __sys_bpf+0x20c1/0x4980
[  736.464173][T20478]  ? __pfx___sys_bpf+0x10/0x10
[  736.464183][T20478]  ? find_held_lock+0x2b/0x80
[  736.464200][T20478]  ? find_held_lock+0x2b/0x80
[  736.464217][T20478]  ? __mutex_unlock_slowpath+0x161/0x790
[  736.464237][T20478]  ? fput+0x70/0xf0
[  736.464247][T20478]  ? ksys_write+0x1ac/0x250
[  736.464263][T20478]  ? __pfx_ksys_write+0x10/0x10
[  736.464281][T20478]  __ia32_sys_bpf+0x76/0xe0
[  736.464292][T20478]  ? lockdep_hardirqs_on+0x7c/0x110
[  736.464310][T20478]  __do_fast_syscall_32+0xe8/0x680
[  736.464322][T20478]  do_fast_syscall_32+0x32/0x80
[  736.464334][T20478]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.464349][T20478] RIP: 0023:0xf7f51579
[  736.464358][T20478] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.464369][T20478] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  736.464380][T20478] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000040
[  736.464388][T20478] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[  736.464394][T20478] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  736.464400][T20478] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  736.464407][T20478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.464420][T20478]  </TASK>
[  736.551422][T20483] comedi comedi2: ni_at_a2150: I/O port conflict (0x6,28)
[  736.600921][T20485] FAULT_INJECTION: forcing a failure.
[  736.600921][T20485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.606102][T20485] CPU: 1 UID: 0 PID: 20485 Comm: syz.3.3582 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.606121][T20485] Tainted: [L]=SOFTLOCKUP
[  736.606125][T20485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.606132][T20485] Call Trace:
[  736.606137][T20485]  <TASK>
[  736.606142][T20485]  dump_stack_lvl+0x16c/0x1f0
[  736.606164][T20485]  should_fail_ex+0x512/0x640
[  736.606180][T20485]  _copy_to_user+0x32/0xd0
[  736.606195][T20485]  simple_read_from_buffer+0xcb/0x170
[  736.606224][T20485]  proc_fail_nth_read+0x197/0x240
[  736.606247][T20485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.606266][T20485]  ? rw_verify_area+0xcf/0x6c0
[  736.606281][T20485]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.606299][T20485]  vfs_read+0x1e4/0xcf0
[  736.606316][T20485]  ? __pfx___mutex_lock+0x10/0x10
[  736.606329][T20485]  ? __pfx_vfs_read+0x10/0x10
[  736.606343][T20485]  ? find_held_lock+0x2b/0x80
[  736.606362][T20485]  ? __fget_files+0x20e/0x3c0
[  736.606382][T20485]  ksys_read+0x12a/0x250
[  736.606398][T20485]  ? __pfx_ksys_read+0x10/0x10
[  736.606414][T20485]  ? do_user_addr_fault+0x843/0x1370
[  736.606431][T20485]  __do_fast_syscall_32+0xe8/0x680
[  736.606444][T20485]  do_fast_syscall_32+0x32/0x80
[  736.606456][T20485]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.606470][T20485] RIP: 0023:0xf7f51579
[  736.606480][T20485] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.606491][T20485] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  736.606502][T20485] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[  736.606509][T20485] RDX: 000000000000000f RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  736.606516][T20485] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  736.606523][T20485] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  736.606530][T20485] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.606544][T20485]  </TASK>
[  736.709988][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  736.863644][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  736.890831][T20497] overlay: ./file1 is not a directory
[  736.921842][T20500] FAULT_INJECTION: forcing a failure.
[  736.921842][T20500] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.926033][T20500] CPU: 2 UID: 0 PID: 20500 Comm: syz.3.3587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.926053][T20500] Tainted: [L]=SOFTLOCKUP
[  736.926057][T20500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.926064][T20500] Call Trace:
[  736.926069][T20500]  <TASK>
[  736.926073][T20500]  dump_stack_lvl+0x16c/0x1f0
[  736.926095][T20500]  should_fail_ex+0x512/0x640
[  736.926111][T20500]  _copy_to_user+0x32/0xd0
[  736.926125][T20500]  simple_read_from_buffer+0xcb/0x170
[  736.926143][T20500]  proc_fail_nth_read+0x197/0x240
[  736.926163][T20500]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.926183][T20500]  ? rw_verify_area+0xcf/0x6c0
[  736.926197][T20500]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  736.926216][T20500]  vfs_read+0x1e4/0xcf0
[  736.926233][T20500]  ? __pfx___mutex_lock+0x10/0x10
[  736.926245][T20500]  ? __pfx_vfs_read+0x10/0x10
[  736.926260][T20500]  ? find_held_lock+0x2b/0x80
[  736.926279][T20500]  ? __fget_files+0x20e/0x3c0
[  736.926300][T20500]  ksys_read+0x12a/0x250
[  736.926315][T20500]  ? __pfx_ksys_read+0x10/0x10
[  736.926335][T20500]  __do_fast_syscall_32+0xe8/0x680
[  736.926348][T20500]  do_fast_syscall_32+0x32/0x80
[  736.926359][T20500]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.926374][T20500] RIP: 0023:0xf7f51579
[  736.926383][T20500] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.926395][T20500] RSP: 002b:00000000f5446590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  736.926407][T20500] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5446620
[  736.926414][T20500] RDX: 000000000000000f RSI: 00000000f73e6ff4 RDI: 0000000000000000
[  736.926421][T20500] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  736.926427][T20500] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  736.926434][T20500] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.926448][T20500]  </TASK>
[  736.978815][T20501] FAULT_INJECTION: forcing a failure.
[  736.978815][T20501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.991567][ T6366] usb 44-1: device descriptor read/8, error -110
[  736.993428][T20501] CPU: 1 UID: 0 PID: 20501 Comm: syz.6.3585 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  736.993459][T20501] Tainted: [L]=SOFTLOCKUP
[  736.993464][T20501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.993471][T20501] Call Trace:
[  736.993476][T20501]  <TASK>
[  736.993481][T20501]  dump_stack_lvl+0x16c/0x1f0
[  736.993503][T20501]  should_fail_ex+0x512/0x640
[  736.993519][T20501]  _copy_from_user+0x2e/0xd0
[  736.993533][T20501]  do_devconfig_ioctl+0x11c/0x710
[  736.993552][T20501]  ? comedi_unlocked_ioctl+0x167/0x2eb0
[  736.993564][T20501]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  736.993587][T20501]  ? kasan_save_track+0x14/0x30
[  736.993602][T20501]  ? kasan_save_free_info+0x3b/0x60
[  736.993614][T20501]  ? __kasan_slab_free+0x5f/0x80
[  736.993629][T20501]  ? kfree+0x2f8/0x6e0
[  736.993640][T20501]  ? tomoyo_path_number_perm+0x470/0x580
[  736.993653][T20501]  ? security_file_ioctl_compat+0x9b/0x240
[  736.993667][T20501]  ? __ia32_compat_sys_ioctl+0xc3/0x370
[  736.993681][T20501]  ? __do_fast_syscall_32+0xe8/0x680
[  736.993696][T20501]  comedi_unlocked_ioctl+0x1582/0x2eb0
[  736.993712][T20501]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  736.993732][T20501]  ? kasan_quarantine_put+0x10a/0x240
[  736.993747][T20501]  ? lockdep_hardirqs_on+0x7c/0x110
[  736.993767][T20501]  ? find_held_lock+0x2b/0x80
[  736.993783][T20501]  ? tomoyo_path_number_perm+0x295/0x580
[  736.993798][T20501]  ? tomoyo_path_number_perm+0x18d/0x580
[  736.993817][T20501]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  736.993832][T20501]  comedi_compat_ioctl+0x1ed/0xda0
[  736.993845][T20501]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  736.993857][T20501]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  736.993875][T20501]  ? do_vfs_ioctl+0x128/0x14f0
[  736.993889][T20501]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  736.993906][T20501]  ? find_held_lock+0x2b/0x80
[  736.993920][T20501]  ? hook_file_ioctl_common+0x144/0x410
[  736.993937][T20501]  ? __fget_files+0x20e/0x3c0
[  736.993952][T20501]  ? __fput_deferred+0x420/0x480
[  736.993966][T20501]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  736.993979][T20501]  __ia32_compat_sys_ioctl+0x242/0x370
[  736.993995][T20501]  __do_fast_syscall_32+0xe8/0x680
[  736.994007][T20501]  do_fast_syscall_32+0x32/0x80
[  736.994018][T20501]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.994033][T20501] RIP: 0023:0xf70ad579
[  736.994042][T20501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.994052][T20501] RSP: 002b:00000000f547c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  736.994064][T20501] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040946400
[  736.994071][T20501] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  736.994077][T20501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  736.994083][T20501] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  736.994090][T20501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.994104][T20501]  </TASK>
[  737.095145][T20506] fuse: Invalid rootmode
[  738.035274][ T6366] usb usb44-port1: attempt power cycle
[  738.252871][T20522] siw: device registration error -23
[  738.669685][ T6366] usb usb44-port1: unable to enumerate USB device
[  739.042961][T20533] siw: device registration error -23
[  739.619553][T20538] fuse: Invalid rootmode
[  739.795321][T20546] loop9: detected capacity change from 0 to 7
[  739.799676][T20546] Dev loop9: unable to read RDB block 7
[  739.801490][T20546]  loop9: unable to read partition table
[  739.814053][T20546] loop9: partition table beyond EOD, truncated
[  739.816089][T20546] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  739.846390][T20545] netlink: 'syz.5.3602': attribute type 8 has an invalid length.
[  739.852200][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  739.852523][T20545] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3602'.
[  739.956632][T20545] bond0: entered promiscuous mode
[  739.960410][T20545] gretap0: entered promiscuous mode
[  739.964796][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  739.969656][T20545] bond0: left promiscuous mode
[  739.975217][T20545] gretap0: left promiscuous mode
[  740.269853][T20550] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3603'.
[  740.936831][T20562] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  740.939659][T20562] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  740.943069][T20562] vhci_hcd vhci_hcd.0: Device attached
[  740.971540][T20565] vhci_hcd: connection closed
[  740.974512][T17675] vhci_hcd vhci_hcd.5: stop threads
[  740.979915][T17675] vhci_hcd vhci_hcd.5: release socket
[  740.982204][T17675] vhci_hcd vhci_hcd.5: disconnect device
[  741.215500][T20577] FAULT_INJECTION: forcing a failure.
[  741.215500][T20577] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.219931][T20577] CPU: 2 UID: 0 PID: 20577 Comm: syz.5.3610 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  741.219951][T20577] Tainted: [L]=SOFTLOCKUP
[  741.219955][T20577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  741.219962][T20577] Call Trace:
[  741.219967][T20577]  <TASK>
[  741.219972][T20577]  dump_stack_lvl+0x16c/0x1f0
[  741.219996][T20577]  should_fail_ex+0x512/0x640
[  741.220012][T20577]  save_fsave_header+0x14c/0x2f0
[  741.220030][T20577]  ? __pfx_save_fsave_header+0x10/0x10
[  741.220052][T20577]  ? copy_fpstate_to_sigframe+0x2c3/0xad0
[  741.220068][T20577]  ? rcu_is_watching+0x12/0xc0
[  741.220084][T20577]  ? __local_bh_enable_ip+0xa4/0x120
[  741.220103][T20577]  copy_fpstate_to_sigframe+0x74f/0xad0
[  741.220122][T20577]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  741.220139][T20577]  ? posixtimer_deliver_signal+0x105/0x6b0
[  741.220156][T20577]  ? rcu_is_watching+0x12/0xc0
[  741.220170][T20577]  ? irqentry_exit+0x1dd/0x8c0
[  741.220181][T20577]  ? lockdep_hardirqs_on+0x7c/0x110
[  741.220197][T20577]  ? x86_task_fpu+0x5f/0x90
[  741.220213][T20577]  get_sigframe+0x4a8/0x9c0
[  741.220230][T20577]  ? __pfx_get_sigframe+0x10/0x10
[  741.220245][T20577]  ? trace_irq_enable.constprop.0+0x2f/0x110
[  741.220264][T20577]  ? _raw_spin_unlock_irq+0x29/0x50
[  741.220280][T20577]  ? siginfo_layout+0x177/0x290
[  741.220296][T20577]  ia32_setup_rt_frame+0xe4/0xb30
[  741.220311][T20577]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  741.220322][T20577]  ? trace_irq_enable.constprop.0+0x2f/0x110
[  741.220341][T20577]  ? _raw_spin_unlock_irq+0x29/0x50
[  741.220359][T20577]  arch_do_signal_or_restart+0x475/0x7a0
[  741.220375][T20577]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  741.220394][T20577]  ? fput+0x70/0xf0
[  741.220409][T20577]  exit_to_user_mode_loop+0x8c/0x540
[  741.220425][T20577]  __do_fast_syscall_32+0x4a4/0x680
[  741.220438][T20577]  do_fast_syscall_32+0x32/0x80
[  741.220449][T20577]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  741.220464][T20577] RIP: 0023:0xf70ad579
[  741.220473][T20577] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  741.220484][T20577] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000104
[  741.220496][T20577] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  741.220503][T20577] RDX: 000000008006b000 RSI: 0000000000000000 RDI: 0000000000000000
[  741.220509][T20577] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  741.220516][T20577] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  741.220522][T20577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  741.220536][T20577]  </TASK>
[  742.530566][T20594] netlink: 'syz.7.3615': attribute type 2 has an invalid length.
[  743.427126][T20623] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  743.429841][T20623] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  743.433129][T20623] vhci_hcd vhci_hcd.0: Device attached
[  743.594790][T20627] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  743.597112][T20627] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  743.601067][T20627] vhci_hcd vhci_hcd.0: Device attached
[  743.716025][ T6469] usb 48-1: SetAddress Request (50) to port 0
[  743.718228][ T6469] usb 48-1: new SuperSpeed USB device number 50 using vhci_hcd
[  743.897828][ T6034] usb 50-1: SetAddress Request (38) to port 0
[  743.900486][ T6034] usb 50-1: new SuperSpeed USB device number 38 using vhci_hcd
[  743.939096][T20637] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3627'.
[  744.071648][T20641] fuse: Bad value for 'rootmode'
[  744.087772][T20626] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3625'.
[  744.297821][T20645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3630'.
[  744.341476][T20631] vhci_hcd: connection reset by peer
[  744.351425][T17675] vhci_hcd vhci_hcd.6: stop threads
[  744.364487][T17675] vhci_hcd vhci_hcd.6: release socket
[  744.375999][T17675] vhci_hcd vhci_hcd.6: disconnect device
[  745.164539][T20652] syzkaller0: entered promiscuous mode
[  745.166215][T20652] syzkaller0: entered allmulticast mode
[  745.225760][T20655] netlink: 'syz.6.3632': attribute type 5 has an invalid length.
[  745.266265][T20655] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  745.268761][T20655] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  746.670740][T20624] vhci_hcd: connection reset by peer
[  746.673034][  T104] vhci_hcd vhci_hcd.5: stop threads
[  746.675815][  T104] vhci_hcd vhci_hcd.5: release socket
[  746.678198][  T104] vhci_hcd vhci_hcd.5: disconnect device
[  747.414948][T18893] Bluetooth: hci0: command 0x0c1a tx timeout
[  747.416870][T19603] Bluetooth: hci3: command 0x0c1a tx timeout
[  747.819836][T20672] fuse: Unknown parameter 'use00000000000000000000'
[  747.890942][T20674] FAULT_INJECTION: forcing a failure.
[  747.890942][T20674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  747.895208][T20674] CPU: 2 UID: 0 PID: 20674 Comm: syz.5.3638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  747.895229][T20674] Tainted: [L]=SOFTLOCKUP
[  747.895232][T20674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  747.895240][T20674] Call Trace:
[  747.895245][T20674]  <TASK>
[  747.895250][T20674]  dump_stack_lvl+0x16c/0x1f0
[  747.895272][T20674]  should_fail_ex+0x512/0x640
[  747.895289][T20674]  _copy_from_iter+0x2a4/0x16c0
[  747.895304][T20674]  ? __alloc_skb+0x220/0x410
[  747.895318][T20674]  ? __alloc_skb+0x35d/0x410
[  747.895331][T20674]  ? __pfx__copy_from_iter+0x10/0x10
[  747.895344][T20674]  ? netlink_autobind.isra.0+0x158/0x370
[  747.895366][T20674]  netlink_sendmsg+0x820/0xdd0
[  747.895386][T20674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  747.895405][T20674]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  747.895428][T20674]  ____sys_sendmsg+0xa5d/0xc30
[  747.895441][T20674]  ? __pfx_____sys_sendmsg+0x10/0x10
[  747.895451][T20674]  ? get_compat_msghdr+0x11a/0x170
[  747.895473][T20674]  ___sys_sendmsg+0x134/0x1d0
[  747.895489][T20674]  ? __pfx____sys_sendmsg+0x10/0x10
[  747.895510][T20674]  ? find_held_lock+0x2b/0x80
[  747.895547][T20674]  __sys_sendmsg+0x16d/0x220
[  747.895563][T20674]  ? __pfx___sys_sendmsg+0x10/0x10
[  747.895583][T20674]  ? do_user_addr_fault+0x843/0x1370
[  747.895600][T20674]  __do_fast_syscall_32+0xe8/0x680
[  747.895614][T20674]  do_fast_syscall_32+0x32/0x80
[  747.895625][T20674]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  747.895663][T20674] RIP: 0023:0xf70ad579
[  747.895674][T20674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  747.895686][T20674] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  747.895698][T20674] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  747.895705][T20674] RDX: 0000000020040014 RSI: 0000000000000000 RDI: 0000000000000000
[  747.895712][T20674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  747.895718][T20674] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  747.895724][T20674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  747.895738][T20674]  </TASK>
[  748.564167][T20693] siw: device registration error -23
[  748.998760][T20698] fuse: Unknown parameter 'use00000000000000000000'
[  749.008210][   T75] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  749.040935][T20687] random: crng reseeded on system resumption
[  749.053735][T20701] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3647'.
[  749.057584][T20702] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3647'.
[  749.061618][T20702] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3647'.
[  749.125670][ T6469] usb 48-1: device descriptor read/8, error -110
[  749.145216][T20708] syzkaller0: entered promiscuous mode
[  749.148339][T20708] syzkaller0: entered allmulticast mode
[  749.296495][ T6034] usb 50-1: device descriptor read/8, error -110
[  749.553496][ T6469] usb usb48-port1: attempt power cycle
[  749.713828][ T6034] usb usb50-port1: attempt power cycle
[  750.021083][T20720] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3654'.
[  750.152233][ T6469] usb usb48-port1: unable to enumerate USB device
[  750.292570][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  750.292588][   T40] audit: type=1326 audit(1768265997.323:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20716 comm="syz.5.3652" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ad579 code=0x0
[  751.239454][ T6034] usb usb50-port1: unable to enumerate USB device
[  752.392766][T18893] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  752.485796][T20740] fuse: Unknown parameter 'use00000000000000000000'
[  753.566265][T20722] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.703516][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  753.709950][T20722] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.738290][T20750] 8021q: adding VLAN 0 to HW filter on device bond0
[  753.741197][T20750] 8021q: adding VLAN 0 to HW filter on device team0
[  753.746035][T20750] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  753.821218][T20722] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.917628][T20722] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.081435][T17675] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  754.099616][T17675] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  754.112759][T17675] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  754.115968][T20760] siw: device registration error -23
[  754.124483][T17675] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  754.636617][T20769] fuse: Unknown parameter 'user_i00000000000000000000'
[  755.079427][T20781] syzkaller0: entered promiscuous mode
[  755.081895][T20781] syzkaller0: entered allmulticast mode
[  755.536833][   T40] audit: type=1326 audit(1768266002.215:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20787 comm="syz.6.3674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  755.592775][T20795] cgroup: Unknown subsys name 'measure'
[  755.659382][T20795] lo speed is unknown, defaulting to 1000
[  755.665304][T20795] wg2 speed is unknown, defaulting to 1000
[  755.667475][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  755.918018][   T40] audit: type=1326 audit(1768266002.215:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20787 comm="syz.6.3674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  755.925211][   T40] audit: type=1326 audit(1768266002.215:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20787 comm="syz.6.3674" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  755.932049][   T40] audit: type=1326 audit(1768266002.505:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20787 comm="syz.6.3674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  755.939038][   T40] audit: type=1326 audit(1768266002.505:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20787 comm="syz.6.3674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad579 code=0x7ffc0000
[  756.339116][T20807] syz.6.3677 (20807): drop_caches: 2
[  756.342473][T20807] syz.6.3677 (20807): drop_caches: 2
[  757.985382][T20828] siw: device registration error -23
[  758.422861][T20836] FAULT_INJECTION: forcing a failure.
[  758.422861][T20836] name failslab, interval 1, probability 0, space 0, times 0
[  758.436988][T20836] CPU: 3 UID: 0 PID: 20836 Comm: syz.5.3686 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  758.437016][T20836] Tainted: [L]=SOFTLOCKUP
[  758.437021][T20836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  758.437032][T20836] Call Trace:
[  758.437038][T20836]  <TASK>
[  758.437044][T20836]  dump_stack_lvl+0x16c/0x1f0
[  758.437073][T20836]  should_fail_ex+0x512/0x640
[  758.437092][T20836]  ? __kmalloc_cache_noprof+0x5f/0x800
[  758.437112][T20836]  should_failslab+0xc2/0x120
[  758.437136][T20836]  __kmalloc_cache_noprof+0x80/0x800
[  758.437154][T20836]  ? nfnl_err_add+0x4e/0x350
[  758.437175][T20836]  ? nfnl_err_add+0x4e/0x350
[  758.437191][T20836]  nfnl_err_add+0x4e/0x350
[  758.437209][T20836]  nfnetlink_rcv_batch+0xb5f/0x2350
[  758.437239][T20836]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  758.437262][T20836]  ? kasan_save_stack+0x33/0x60
[  758.437282][T20836]  ? kasan_save_track+0x14/0x30
[  758.437301][T20836]  ? __kasan_slab_alloc+0x89/0x90
[  758.437321][T20836]  ? kmem_cache_alloc_node_noprof+0x298/0x800
[  758.437339][T20836]  ? kmalloc_reserve+0x18b/0x2c0
[  758.437391][T20836]  ? __nla_parse+0x40/0x60
[  758.437415][T20836]  nfnetlink_rcv+0x3c1/0x430
[  758.437432][T20836]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  758.437456][T20836]  netlink_unicast+0x5aa/0x870
[  758.437482][T20836]  ? __pfx_netlink_unicast+0x10/0x10
[  758.437514][T20836]  netlink_sendmsg+0x8c8/0xdd0
[  758.437540][T20836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  758.437575][T20836]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  758.437607][T20836]  ____sys_sendmsg+0xa5d/0xc30
[  758.437625][T20836]  ? __pfx_____sys_sendmsg+0x10/0x10
[  758.437639][T20836]  ? get_compat_msghdr+0x11a/0x170
[  758.437669][T20836]  ___sys_sendmsg+0x134/0x1d0
[  758.437691][T20836]  ? __pfx____sys_sendmsg+0x10/0x10
[  758.437722][T20836]  ? find_held_lock+0x2b/0x80
[  758.437757][T20836]  __sys_sendmsg+0x16d/0x220
[  758.437778][T20836]  ? __pfx___sys_sendmsg+0x10/0x10
[  758.437807][T20836]  ? do_user_addr_fault+0x843/0x1370
[  758.437830][T20836]  __do_fast_syscall_32+0xe8/0x680
[  758.437848][T20836]  do_fast_syscall_32+0x32/0x80
[  758.437862][T20836]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  758.437881][T20836] RIP: 0023:0xf70ad579
[  758.437893][T20836] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  758.437908][T20836] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  758.437924][T20836] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  758.437934][T20836] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  758.437943][T20836] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  758.437952][T20836] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  758.437961][T20836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  758.437982][T20836]  </TASK>
[  758.651145][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  759.527211][T20863] siw: device registration error -23
[  759.689189][T20862] syzkaller0: entered promiscuous mode
[  759.690946][T20862] syzkaller0: entered allmulticast mode
[  759.754857][T20865] lo speed is unknown, defaulting to 1000
[  759.758759][T20865] wg2 speed is unknown, defaulting to 1000
[  759.805657][T20871] random: crng reseeded on system resumption
[  760.059383][T20877] siw: device registration error -23
[  760.286595][T16118] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  760.489593][T16118] usb 10-1: config 1 interface 0 altsetting 15 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  760.493692][T16118] usb 10-1: config 1 interface 0 has no altsetting 0
[  760.501889][T16118] usb 10-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  760.511108][T16118] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  760.513766][T16118] usb 10-1: Product: syz
[  760.515358][T16118] usb 10-1: Manufacturer: syz
[  760.516904][T16118] usb 10-1: SerialNumber: syz
[  761.836698][T20886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3703'.
[  761.840848][T20889] mac80211_hwsim hwsim14 syzkaller0: left promiscuous mode
[  761.847309][T20889] mac80211_hwsim hwsim14 syzkaller0: left allmulticast mode
[  761.896871][T20895] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3705'.
[  761.912444][T20895] netlink: 212328 bytes leftover after parsing attributes in process `syz.6.3705'.
[  761.916731][T20895] netlink: Unknown conntrack attr (type=2304, max=9)
[  762.406871][T18893] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  762.554177][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  762.629239][T20908] nbd: must specify an index to disconnect
[  762.883390][T20910] siw: device registration error -23
[  763.088877][T20912] netlink: 48 bytes leftover after parsing attributes in process `syz.7.3709'.
[  763.262092][T20920] netlink: zone id is out of range
[  763.462262][T16118] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 15 proto 1 vid 0x04B8 pid 0x0202
[  763.472277][T16118] usb 10-1: USB disconnect, device number 8
[  764.280071][T16118] usblp0: removed
[  765.409447][T20950] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3720'.
[  765.485232][T19603] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  765.622756][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  765.899048][ T6034] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  766.070621][ T6034] usb 11-1: Using ep0 maxpacket: 16
[  766.075132][ T6034] usb 11-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  766.078844][ T6034] usb 11-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  766.082559][ T6034] usb 11-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  766.085821][ T6034] usb 11-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  766.090284][ T6034] usb 11-1: config 7 interface 0 has no altsetting 0
[  766.092502][ T6034] usb 11-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  766.095365][ T6034] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.197092][T20947] 9pnet_fd: p9_fd_create_unix (20947): problem connecting socket: ./file0/file0: -107
[  766.232821][T20968] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  766.234924][T20968] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  766.237459][T20968] vhci_hcd vhci_hcd.0: Device attached
[  766.464274][T20971] netlink: 6032 bytes leftover after parsing attributes in process `syz.5.3726'.
[  766.540491][ T6366] usb 48-1: SetAddress Request (54) to port 0
[  766.542729][ T6366] usb 48-1: new SuperSpeed USB device number 54 using vhci_hcd
[  766.581650][ T6034] input: HID 0458:5010 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:7.0/0003:0458:5010.0016/input/input64
[  766.848125][ T6034] kye 0003:0458:5010.0016: input,hiddev0,hidraw1: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.6-1/input0
[  767.000761][T19603] Bluetooth: hci4: command 0x1003 tx timeout
[  767.005316][T18893] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  767.102479][T20979] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  767.104624][T20979] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  767.107884][T20979] vhci_hcd vhci_hcd.0: Device attached
[  767.406364][ T6089] usb 50-1: SetAddress Request (42) to port 0
[  767.408390][ T6089] usb 50-1: new SuperSpeed USB device number 42 using vhci_hcd
[  767.892170][T20994] netlink: 'syz.7.3731': attribute type 10 has an invalid length.
[  767.932714][T20993] /dev/sr0: Can't open blockdev
[  768.357257][T18893] Bluetooth: hci0: SCO packet for unknown connection handle 201
[  768.519870][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  768.901759][T20980] vhci_hcd: connection reset by peer
[  768.910468][ T6469] usb 11-1: USB disconnect, device number 4
[  768.918670][T16747] vhci_hcd vhci_hcd.6: stop threads
[  768.922728][T16747] vhci_hcd vhci_hcd.6: release socket
[  768.942042][T16747] vhci_hcd vhci_hcd.6: disconnect device
[  769.209909][T21001] FAULT_INJECTION: forcing a failure.
[  769.209909][T21001] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  769.222561][T21001] CPU: 1 UID: 0 PID: 21001 Comm: syz.6.3734 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  769.222581][T21001] Tainted: [L]=SOFTLOCKUP
[  769.222585][T21001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  769.222592][T21001] Call Trace:
[  769.222597][T21001]  <TASK>
[  769.222601][T21001]  dump_stack_lvl+0x16c/0x1f0
[  769.222623][T21001]  should_fail_ex+0x512/0x640
[  769.222638][T21001]  should_fail_alloc_page+0xe7/0x130
[  769.222658][T21001]  prepare_alloc_pages+0x401/0x670
[  769.222676][T21001]  ? rcu_is_watching+0x12/0xc0
[  769.222694][T21001]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  769.222711][T21001]  ? __lock_acquire+0x436/0x2890
[  769.222726][T21001]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  769.222740][T21001]  ? __mod_zone_page_state+0xcc/0x1a0
[  769.222753][T21001]  ? lru_gen_add_folio+0x1a4/0xef0
[  769.222769][T21001]  ? __lock_acquire+0x436/0x2890
[  769.222780][T21001]  ? __lock_acquire+0x436/0x2890
[  769.222790][T21001]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  769.222809][T21001]  ? policy_nodemask+0xea/0x4e0
[  769.222827][T21001]  alloc_pages_mpol+0x1fb/0x550
[  769.222845][T21001]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  769.222866][T21001]  folio_alloc_mpol_noprof+0x36/0x2f0
[  769.222879][T21001]  vma_alloc_folio_noprof+0xed/0x1e0
[  769.222891][T21001]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  769.222906][T21001]  do_anonymous_page+0xc81/0x2190
[  769.222923][T21001]  __handle_mm_fault+0x1ecf/0x2bb0
[  769.222939][T21001]  ? __pfx___handle_mm_fault+0x10/0x10
[  769.222959][T21001]  ? find_vma+0xbf/0x140
[  769.222974][T21001]  ? __pfx_find_vma+0x10/0x10
[  769.222991][T21001]  handle_mm_fault+0x3fe/0xad0
[  769.223005][T21001]  do_user_addr_fault+0x7a6/0x1370
[  769.223021][T21001]  ? rcu_is_watching+0x12/0xc0
[  769.223038][T21001]  exc_page_fault+0x64/0xc0
[  769.223071][T21001]  asm_exc_page_fault+0x26/0x30
[  769.223083][T21001] RIP: 0010:rep_stos_alternative+0x40/0x80
[  769.223097][T21001] Code: c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  769.223108][T21001] RSP: 0018:ffffc90024277b80 EFLAGS: 00050202
[  769.223117][T21001] RAX: 0000000000000000 RBX: 0000000080014a80 RCX: 0000000000000a80
[  769.223124][T21001] RDX: ffff88805ada24c0 RSI: ffffffff84a8c135 RDI: 0000000080015000
[  769.223131][T21001] RBP: 000000007ffed000 R08: 00000000ffffffff R09: 00000000ffffffff
[  769.223138][T21001] R10: 0000000000000001 R11: ffff88805ada2ff0 R12: 0000000080015a80
[  769.223145][T21001] R13: 0000000000000000 R14: 0000000000012000 R15: 0000000000001000
[  769.223156][T21001]  ? iov_iter_zero+0x1b5/0x15b0
[  769.223170][T21001]  iov_iter_zero+0x1c5/0x15b0
[  769.223185][T21001]  ? find_held_lock+0x2b/0x80
[  769.223199][T21001]  ? __pfx_iov_iter_zero+0x10/0x10
[  769.223213][T21001]  ? get_pid_task+0xfc/0x250
[  769.223226][T21001]  ? common_file_perm+0x1b1/0x500
[  769.223242][T21001]  read_iter_zero+0x13a/0x340
[  769.223260][T21001]  ? rw_verify_area+0xcf/0x6c0
[  769.223276][T21001]  vfs_read+0x8bf/0xcf0
[  769.223297][T21001]  ? __pfx_vfs_read+0x10/0x10
[  769.223318][T21001]  ? find_held_lock+0x2b/0x80
[  769.223346][T21001]  ksys_read+0x12a/0x250
[  769.223362][T21001]  ? __pfx_ksys_read+0x10/0x10
[  769.223378][T21001]  ? do_user_addr_fault+0x843/0x1370
[  769.223394][T21001]  __do_fast_syscall_32+0xe8/0x680
[  769.223407][T21001]  do_fast_syscall_32+0x32/0x80
[  769.223418][T21001]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  769.223432][T21001] RIP: 0023:0xf70ad579
[  769.223459][T21001] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  769.223470][T21001] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  769.223480][T21001] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002a80
[  769.223487][T21001] RDX: 00000000fffffffe RSI: 0000000000000000 RDI: 0000000000000000
[  769.223494][T21001] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  769.223500][T21001] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  769.223507][T21001] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  769.223521][T21001]  </TASK>
[  769.227360][T21003] netlink: 'syz.7.3735': attribute type 3 has an invalid length.
[  769.635559][T20969] vhci_hcd: connection reset by peer
[  769.637897][T18389] vhci_hcd vhci_hcd.5: stop threads
[  769.640360][T18389] vhci_hcd vhci_hcd.5: release socket
[  769.642710][T18389] vhci_hcd vhci_hcd.5: disconnect device
[  769.704924][T21011] siw: device registration error -23
[  770.518148][T21017] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3740'.
[  770.521311][T21017] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3740'.
[  770.749453][T21027] syzkaller0: entered promiscuous mode
[  770.751646][T21027] syzkaller0: entered allmulticast mode
[  771.544903][   T40] audit: type=1326 audit(1768266017.210:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21021 comm="syz.6.3742" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ad579 code=0x0
[  771.612639][T21028] netfs: Couldn't get user pages (rc=-14)
[  771.960597][ T6366] usb 48-1: device descriptor read/8, error -110
[  772.400815][ T6366] usb usb48-port1: attempt power cycle
[  772.429756][T21039] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3746'.
[  772.905466][ T6089] usb 50-1: device descriptor read/8, error -110
[  773.030517][ T6366] usb usb48-port1: unable to enumerate USB device
[  773.182333][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  773.210122][T21047] netlink: 'syz.7.3749': attribute type 2 has an invalid length.
[  773.747297][ T6089] usb usb50-port1: attempt power cycle
[  774.770807][T21077] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  774.773185][T21077] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  774.776040][T21077] vhci_hcd vhci_hcd.0: Device attached
[  774.858661][ T6034] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  774.863207][T21080] 
[  774.864428][T21080] ======================================================
[  774.867340][T21080] WARNING: possible circular locking dependency detected
[  774.870228][T21080] syzkaller #0 Tainted: G             L     
[  774.872851][T21080] ------------------------------------------------------
[  774.873773][ T6089] usb usb50-port1: unable to enumerate USB device
[  774.875621][T21080] syz.7.3757/21080 is trying to acquire lock:
[  774.875636][T21080] ffff888013711468 (&pipe->mutex){+.+.}-{4:4}, at: anon_pipe_write+0x15d/0x1bd0
[  774.883727][T21080] 
[  774.883727][T21080] but task is already holding lock:
[  774.886809][T21080] ffff88804f06f148 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60
[  774.890075][T21080] 
[  774.890075][T21080] which lock already depends on the new lock.
[  774.890075][T21080] 
[  774.893263][T21080] 
[  774.893263][T21080] the existing dependency chain (in reverse order) is:
[  774.896130][T21080] 
[  774.896130][T21080] -> #3 (&sbi->pipe_mutex){+.+.}-{4:4}:
[  774.898976][T21080]        __mutex_lock+0x1aa/0x1ca0
[  774.900619][T21080]        autofs_notify_daemon+0x4a6/0xd60
[  774.902572][T21080]        autofs_wait+0x10f3/0x1ac0
[  774.904207][T21080]        autofs_mount_wait+0x132/0x3c0
[  774.905924][T21080]        autofs_d_automount+0x4b2/0x960
[  774.907663][T21080]        __traverse_mounts+0x1b9/0x830
[  774.909368][T21080]        step_into_slowpath+0x772/0xf50
[  774.911134][T21080]        path_lookupat+0x627/0xc40
[  774.912818][T21080]        filename_lookup+0x224/0x5f0
[  774.914536][T21080]        kern_path+0x35/0x50
[  774.916012][T21080]        lookup_bdev+0xd8/0x280
[  774.917553][T21080]        resume_store+0x1d6/0x490
[  774.919144][T21080]        kobj_attr_store+0x58/0x80
[  774.920736][T21080]        sysfs_kf_write+0xf2/0x150
[  774.922345][T21080]        kernfs_fop_write_iter+0x3af/0x570
[  774.924166][T21080]        vfs_write+0x7d3/0x11d0
[  774.925696][T21080]        ksys_write+0x12a/0x250
[  774.927205][T21080]        __do_fast_syscall_32+0xe8/0x680
[  774.928974][T21080]        do_fast_syscall_32+0x32/0x80
[  774.930628][T21080]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  774.932698][T21080] 
[  774.932698][T21080] -> #2 (&of->mutex){+.+.}-{4:4}:
[  774.934837][T21080]        __mutex_lock+0x1aa/0x1ca0
[  774.936295][T21080]        kernfs_seq_start+0x4f/0x2a0
[  774.937929][T21080]        seq_read_iter+0x2c1/0x12d0
[  774.939557][T21080]        kernfs_fop_read_iter+0x46c/0x610
[  774.941346][T21080]        vfs_read+0x8bf/0xcf0
[  774.942822][T21080]        ksys_read+0x12a/0x250
[  774.944331][T21080]        __do_fast_syscall_32+0xe8/0x680
[  774.946088][T21080]        do_fast_syscall_32+0x32/0x80
[  774.947780][T21080]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  774.949928][T21080] 
[  774.949928][T21080] -> #1 (&p->lock){+.+.}-{4:4}:
[  774.952111][T21080]        __mutex_lock+0x1aa/0x1ca0
[  774.953709][T21080]        seq_read_iter+0xe1/0x12d0
[  774.955301][T21080]        kernfs_fop_read_iter+0x46c/0x610
[  774.957066][T21080]        copy_splice_read+0x618/0xc20
[  774.958729][T21080]        do_splice_read+0x285/0x370
[  774.960366][T21080]        splice_file_to_pipe+0x109/0x120
[  774.962102][T21080]        do_sendfile+0x400/0xe50
[  774.963671][T21080]        __ia32_compat_sys_sendfile+0x1e5/0x220
[  774.965601][T21080]        __do_fast_syscall_32+0xe8/0x680
[  774.967343][T21080]        do_fast_syscall_32+0x32/0x80
[  774.969018][T21080]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  774.971116][T21080] 
[  774.971116][T21080] -> #0 (&pipe->mutex){+.+.}-{4:4}:
[  774.973388][T21080]        __lock_acquire+0x1669/0x2890
[  774.975046][T21080]        lock_acquire+0x179/0x330
[  774.976611][T21080]        __mutex_lock+0x1aa/0x1ca0
[  774.978166][T21080]        anon_pipe_write+0x15d/0x1bd0
[  774.979795][T21080]        __kernel_write_iter+0x720/0xb10
[  774.981529][T21080]        __kernel_write+0xf5/0x140
[  774.983119][T21080]        autofs_notify_daemon+0x4db/0xd60
[  774.984905][T21080]        autofs_wait+0x10f3/0x1ac0
[  774.986452][T21080]        autofs_mount_wait+0x132/0x3c0
[  774.988172][T21080]        autofs_d_automount+0x4b2/0x960
[  774.989848][T21080]        __traverse_mounts+0x1b9/0x830
[  774.991512][T21080]        step_into_slowpath+0x772/0xf50
[  774.993193][T21080]        path_lookupat+0x627/0xc40
[  774.994776][T21080]        filename_lookup+0x224/0x5f0
[  774.996445][T21080]        kern_path+0x35/0x50
[  774.997893][T21080]        lookup_bdev+0xd8/0x280
[  774.999427][T21080]        resume_store+0x1d6/0x490
[  775.001003][T21080]        kobj_attr_store+0x58/0x80
[  775.002602][T21080]        sysfs_kf_write+0xf2/0x150
[  775.004172][T21080]        kernfs_fop_write_iter+0x3af/0x570
[  775.005989][T21080]        vfs_write+0x7d3/0x11d0
[  775.007550][T21080]        ksys_write+0x12a/0x250
[  775.009097][T21080]        __do_fast_syscall_32+0xe8/0x680
[  775.010853][T21080]        do_fast_syscall_32+0x32/0x80
[  775.012542][T21080]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  775.014612][T21080] 
[  775.014612][T21080] other info that might help us debug this:
[  775.014612][T21080] 
[  775.017657][T21080] Chain exists of:
[  775.017657][T21080]   &pipe->mutex --> &of->mutex --> &sbi->pipe_mutex
[  775.017657][T21080] 
[  775.021376][T21080]  Possible unsafe locking scenario:
[  775.021376][T21080] 
[  775.023624][T21080]        CPU0                    CPU1
[  775.025256][T21080]        ----                    ----
[  775.026891][T21080]   lock(&sbi->pipe_mutex);
[  775.028220][T21080]                                lock(&of->mutex);
[  775.030218][T21080]                                lock(&sbi->pipe_mutex);
[  775.032377][T21080]   lock(&pipe->mutex);
[  775.033712][T21080] 
[  775.033712][T21080]  *** DEADLOCK ***
[  775.033712][T21080] 
[  775.036222][T21080] 5 locks held by syz.7.3757/21080:
[  775.037869][T21080]  #0: ffff88805942ed38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  775.040717][T21080]  #1: ffff8880455cc420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  775.043565][T21080]  #2: ffff888023982c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570
[  775.046672][T21080]  #3: ffff88801c3570f8 (kn->active#71){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570
[  775.049755][T21080]  #4: ffff88804f06f148 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60
[  775.052861][T21080] 
[  775.052861][T21080] stack backtrace:
[  775.054733][T21080] CPU: 0 UID: 0 PID: 21080 Comm: syz.7.3757 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  775.054761][T21080] Tainted: [L]=SOFTLOCKUP
[  775.054768][T21080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  775.054779][T21080] Call Trace:
[  775.054787][T21080]  <TASK>
[  775.054794][T21080]  dump_stack_lvl+0x116/0x1f0
[  775.054826][T21080]  print_circular_bug+0x275/0x340
[  775.054853][T21080]  check_noncircular+0x146/0x160
[  775.054884][T21080]  __lock_acquire+0x1669/0x2890
[  775.054902][T21080]  ? __kasan_check_byte+0x13/0x50
[  775.054927][T21080]  lock_acquire+0x179/0x330
[  775.054942][T21080]  ? anon_pipe_write+0x15d/0x1bd0
[  775.054966][T21080]  ? __pfx___might_resched+0x10/0x10
[  775.054990][T21080]  ? rcu_is_watching+0x12/0xc0
[  775.055016][T21080]  __mutex_lock+0x1aa/0x1ca0
[  775.055032][T21080]  ? anon_pipe_write+0x15d/0x1bd0
[  775.055058][T21080]  ? is_bpf_text_address+0x94/0x1a0
[  775.055079][T21080]  ? kernel_text_address+0x8d/0x100
[  775.055092][T21080]  ? anon_pipe_write+0x15d/0x1bd0
[  775.055108][T21080]  ? unwind_get_return_address+0x59/0xa0
[  775.055124][T21080]  ? __bfs+0x148/0x290
[  775.055138][T21080]  ? __pfx___mutex_lock+0x10/0x10
[  775.055149][T21080]  ? check_irq_usage+0xe8/0xbc0
[  775.055169][T21080]  ? anon_pipe_write+0x15d/0x1bd0
[  775.055185][T21080]  anon_pipe_write+0x15d/0x1bd0
[  775.055202][T21080]  ? lockdep_unlock+0x64/0xd0
[  775.055216][T21080]  ? __lock_acquire+0x12c2/0x2890
[  775.055227][T21080]  ? __pfx_anon_pipe_write+0x10/0x10
[  775.055244][T21080]  ? lock_acquire+0x179/0x330
[  775.055255][T21080]  ? __pfx_anon_pipe_write+0x10/0x10
[  775.055271][T21080]  __kernel_write_iter+0x720/0xb10
[  775.055287][T21080]  ? __pfx___kernel_write_iter+0x10/0x10
[  775.055303][T21080]  ? __mutex_lock+0x27b/0x1ca0
[  775.055313][T21080]  ? __kernel_text_address+0xd/0x40
[  775.055326][T21080]  ? autofs_notify_daemon+0x45a/0xd60
[  775.055340][T21080]  __kernel_write+0xf5/0x140
[  775.055356][T21080]  ? __pfx___kernel_write+0x10/0x10
[  775.055371][T21080]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  775.055412][T21080]  autofs_notify_daemon+0x4db/0xd60
[  775.055430][T21080]  ? __pfx_autofs_notify_daemon+0x10/0x10
[  775.055444][T21080]  ? kernfs_fop_write_iter+0x3af/0x570
[  775.055466][T21080]  ? vfs_write+0x7d3/0x11d0
[  775.055481][T21080]  ? ksys_write+0x12a/0x250
[  775.055502][T21080]  ? lockdep_init_map_type+0x5c/0x270
[  775.055513][T21080]  ? lockdep_init_map_type+0x5c/0x270
[  775.055525][T21080]  autofs_wait+0x10f3/0x1ac0
[  775.055538][T21080]  ? __pfx_autofs_wait+0x10/0x10
[  775.055551][T21080]  ? __pfx_path_check_mount+0x10/0x10
[  775.055562][T21080]  ? find_held_lock+0x2b/0x80
[  775.055578][T21080]  ? path_has_submounts+0xcf/0x120
[  775.055592][T21080]  ? do_raw_spin_unlock+0x172/0x230
[  775.055607][T21080]  ? find_held_lock+0x2b/0x80
[  775.055622][T21080]  autofs_mount_wait+0x132/0x3c0
[  775.055635][T21080]  autofs_d_automount+0x4b2/0x960
[  775.055649][T21080]  __traverse_mounts+0x1b9/0x830
[  775.055662][T21080]  step_into_slowpath+0x772/0xf50
[  775.055676][T21080]  ? __up_read+0x2d1/0x700
[  775.055688][T21080]  ? __pfx_step_into_slowpath+0x10/0x10
[  775.055702][T21080]  ? lookup_slow+0x50/0x70
[  775.055716][T21080]  path_lookupat+0x627/0xc40
[  775.055731][T21080]  filename_lookup+0x224/0x5f0
[  775.055747][T21080]  ? __pfx_filename_lookup+0x10/0x10
[  775.055766][T21080]  ? getname_kernel+0x52/0x370
[  775.055777][T21080]  ? __asan_memcpy+0x3c/0x60
[  775.055791][T21080]  kern_path+0x35/0x50
[  775.055806][T21080]  lookup_bdev+0xd8/0x280
[  775.055818][T21080]  ? __pfx_lookup_bdev+0x10/0x10
[  775.055829][T21080]  ? __asan_memcpy+0x3c/0x60
[  775.055842][T21080]  resume_store+0x1d6/0x490
[  775.055857][T21080]  ? __pfx_resume_store+0x10/0x10
[  775.055872][T21080]  ? find_held_lock+0x2b/0x80
[  775.055887][T21080]  ? __pfx_resume_store+0x10/0x10
[  775.055900][T21080]  kobj_attr_store+0x58/0x80
[  775.055910][T21080]  ? __pfx_kobj_attr_store+0x10/0x10
[  775.055920][T21080]  sysfs_kf_write+0xf2/0x150
[  775.055932][T21080]  kernfs_fop_write_iter+0x3af/0x570
[  775.055948][T21080]  ? __pfx_sysfs_kf_write+0x10/0x10
[  775.055959][T21080]  vfs_write+0x7d3/0x11d0
[  775.055974][T21080]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  775.055991][T21080]  ? __pfx_vfs_write+0x10/0x10
[  775.056006][T21080]  ? find_held_lock+0x2b/0x80
[  775.056023][T21080]  ksys_write+0x12a/0x250
[  775.056038][T21080]  ? __pfx_ksys_write+0x10/0x10
[  775.056055][T21080]  __do_fast_syscall_32+0xe8/0x680
[  775.056067][T21080]  do_fast_syscall_32+0x32/0x80
[  775.056078][T21080]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  775.056092][T21080] RIP: 0023:0xf7f57579
[  775.056102][T21080] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  775.056113][T21080] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  775.056124][T21080] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  775.056131][T21080] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  775.056138][T21080] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  775.056144][T21080] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  775.056150][T21080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  775.056160][T21080]  </TASK>
[  775.365977][T21086] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  775.445759][T16119] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  775.458267][T21078] vhci_hcd: connection closed
[  775.459257][   T12] vhci_hcd vhci_hcd.3: stop threads
[  775.463449][   T12] vhci_hcd vhci_hcd.3: release socket
[  775.465784][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  775.509812][T16119] usb 43-1: new full-speed USB device number 3 using vhci_hcd
[  775.512476][T16119] usb 43-1: enqueue for inactive port 0
[  775.549644][T21093] syzkaller0: entered promiscuous mode
[  775.551552][T21093] syzkaller0: entered allmulticast mode
[  775.584717][T16119] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  775.677322][T21080] PM: Image not found (code -22)
[  777.519037][   T12] bridge4 (unregistering): left promiscuous mode
[  777.522662][   T12] team0: Port device bridge4 removed
[  777.638826][   T12] bond0 (unregistering): left promiscuous mode
[  777.640821][   T12] bond_slave_0: left promiscuous mode
[  777.642631][   T12] bond_slave_1: left promiscuous mode
[  777.644973][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  777.648354][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  777.651405][   T12] bond0 (unregistering): Released all slaves
[  777.735987][   T12] bond1 (unregistering): (slave bond2): Releasing active interface
[  777.738774][   T12] bond1 (unregistering): Released all slaves
[  777.817564][   T12] bond2 (unregistering): Released all slaves
[  777.909498][   T12] tipc: Left network mode
[  778.167775][   T12] team0: left promiscuous mode
[  778.169295][   T12] team_slave_0: left promiscuous mode
[  778.171036][   T12] team_slave_1: left promiscuous mode
[  778.175043][   T12] hsr_slave_0: left promiscuous mode
[  778.177017][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  778.179522][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  778.475568][   T12] team0 (unregistering): Port device team_slave_1 removed
[  778.504328][   T12] team0 (unregistering): Port device team_slave_0 removed