last executing test programs:

5.008241934s ago: executing program 2 (id=803):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r1=>0x0)
sched_setscheduler(r1, 0x3, &(0x7f0000000100)=0x7ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000009c0)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000340)=""/49, 0x31}, {0x0}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000900)=""/172, 0xac}], 0x5, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
close_range(r2, r0, 0x0)
r6 = semget$private(0x0, 0x4, 0x24)
semctl$GETZCNT(r6, 0x2, 0xf, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000300)=0x80000005, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f00000003c0)={'aio_iiro_16\x00', [0x4f27, 0xb, 0x2, 0x10, 0x5, 0x6, 0x8, 0x7, 0x7fffffff, 0x104, 0x7, 0x3ff, 0x1, 0x20001, 0x6, 0x101, 0x3, 0x80000000, 0x5, 0x40000003, 0x89, 0xcaa7, 0x0, 0x3, 0xb, 0xe69, 0x3c, 0xc, 0x10000006, 0x0, 0x36]})

4.162472813s ago: executing program 1 (id=806):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x200000, 0x30)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0) (async)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0) (async)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x100, r2}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e20, @multicast1}, @in6={0xa, 0x4e23, 0x3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x1}, @in={0x2, 0x4e24, @loopback}, @in6={0xa, 0x4e20, 0x7fffffff, @loopback, 0xf108}], 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x38, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x11, 0x2, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@typed={0x8, 0x18, 0x0, 0x0, @u32=0x9}]}, @generic='V']}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

4.161980985s ago: executing program 1 (id=807):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x6803, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x14, 0x16, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_emit_ethernet(0x5e, &(0x7f0000000500)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010102, @remote}, @redirect={0x5, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3}, @lsrr={0x83, 0xf, 0x0, [@remote, @private, @rand_addr]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@local}]}]}}}}}}}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x45, &(0x7f0000001ac0)=[{&(0x7f00000004c0)={0x114, 0x34, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x3ff9, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @generic="395d1d5e99b378865650ee72696fdd925abdd47ee59733d126068fa39d424f81d258997cb4c6c3dc55e217d99a4fb1c3864204018709c04ea64b797b46fa17a9fe315e1fbca6ba919485b08ef1d4c8ef95fbd9af12263fc6698b772579a49f18023acc3d7cb33558df262b062463116a8f1c6680a688569a2ff02938f0383bbd647139d9d6b7d434f3a2c0e18d915d256efc077e60770c3eb1f1b761a364d6e73f4cdcfe9401b940fac0961aed6c7500e657e73438221db53a20120526ec969ce51a560bd074a916ce57ef54a821f121fd354f2cb6ce48317133f3437129e2838a445d1f44b184e56eee6bcdde65b539", @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc013529ec47d7f69f514408049fc119a74fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x14)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000340)={'\x00', 0x9, 0x9, 0xfffffffe, 0x2, 0x5})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
close(r1)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000080010deffffffffffffff00"])
openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x123f82, 0x0)

4.036456844s ago: executing program 2 (id=808):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0xcd, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @empty, 0xd}, @ib={0x1b, 0x0, 0x0, {"7d0300"}, 0x0, 0x9, 0x6}}}, 0xfffffffffffffdb3)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6(0xa, 0x80000, 0x7)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x10010000004e20}, 0x1c)
sendmmsg$inet(r2, &(0x7f0000000b00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @local}, 0x10, 0x0}}], 0x1, 0x0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x300)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$vga_arbiter(r4, &(0x7f0000000600)=@other={'unlock', ' ', 'none'}, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, 0x0, 0x4)
r6 = socket$kcm(0x2d, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000640)=ANY=[@ANYBLOB="7c000000680008002cbd7000fcdbdf25020004000200000014000c8008000300595e0000060001f3040000000c00020002000000020000fb5e31c9614b4b2d00ff000000140006000000000000000000000000000000000008000100ffffffff06000300010000000c000200020000000b000000080005004a13baf2551676b3a2dac115140f733f0fe21d86cd1d504c3e1f3bf027534ae48e44aae7faaf788397c1a1653e6aa1177f95104fd40cb18e9694eb7163ef857170cdc242268f8b9698d328333699acfb1134f07db0d17f7d945ab70972f6968cf401e42ed15c58afb744a209a197da9c0e32b763f31c91c7de5575e010f5797a5db360265ceedb5c58334484c267586a1a70f19bb0c8b3fe6657fe3a11badf014a5f054929ebe3475546f8109a9b57b58ae1907a68165b4866d466fef5b9f8e698900c09de4213b234c5a3b3604f2c2a9ca11bb3f1e4da806c3a1e2fcf215b91c33460e23b2ffbbce8a1a2442a25f2f4127f364e213685c047fc1ab0ac1ba7af7f4740917c375b382e497487401a8c1ad80770f8bb5a7099355f0f76c9b36475221cade38a22", @ANYRES32=0x0, @ANYBLOB], 0x7c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000e0621fb44b05855b7a67c29d6480329f679de99510173acf536ab94466b9af16feede883f4bda5d9d0efff6dd0926d9f2e477ff999f4b8448a2acc86798966e9fd7a52c485b4aa6f439dbcbdc2cb7aca12d6e475bb33a875dc0b1519a1dbf4157f3d3800329212c241710ea2f74887082c6a43e23eeeef99877e09a90c2cd9090cdcfdabef77ae9918be4d60b4dc289e0d599d9419b6c2303dbdaccd93ee82f1fc92f5ac25ba0792b39a585a103b3bf6cb9023e7d9c9238b31f9c0383c45d080b4a4"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_opts(r8, 0x0, 0x480, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x89e2, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x200, 0x0, 0x0, 0x0, 0xbdc09bd12069dddf, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000001000000080001003f0000000c000200700f00000000ffff0c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
r11 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_SIOCOUTQ(r11, 0x5411, &(0x7f0000000000))
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r12, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

3.692651996s ago: executing program 1 (id=809):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x6803, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x14, 0x16, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_emit_ethernet(0x5e, &(0x7f0000000500)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010102, @remote}, @redirect={0x5, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3}, @lsrr={0x83, 0xf, 0x0, [@remote, @private, @rand_addr]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@local}]}]}}}}}}}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x45, &(0x7f0000001ac0)=[{&(0x7f00000004c0)={0x114, 0x34, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x3ff9, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @generic="395d1d5e99b378865650ee72696fdd925abdd47ee59733d126068fa39d424f81d258997cb4c6c3dc55e217d99a4fb1c3864204018709c04ea64b797b46fa17a9fe315e1fbca6ba919485b08ef1d4c8ef95fbd9af12263fc6698b772579a49f18023acc3d7cb33558df262b062463116a8f1c6680a688569a2ff02938f0383bbd647139d9d6b7d434f3a2c0e18d915d256efc077e60770c3eb1f1b761a364d6e73f4cdcfe9401b940fac0961aed6c7500e657e73438221db53a20120526ec969ce51a560bd074a916ce57ef54a821f121fd354f2cb6ce48317133f3437129e2838a445d1f44b184e56eee6bcdde65b539", @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc013529ec47d7f69f514408049fc119a74fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x14)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000340)={'\x00', 0x9, 0x9, 0xfffffffe, 0x2, 0x5})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
close(r1)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000080010deffffffffffffff00"])
openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x123f82, 0x0)

3.691940628s ago: executing program 0 (id=810):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x10000, 0x4], 0x0, 0x0, 0x2, 0x1}}, 0x40)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000100)={0x0, 'pim6reg0\x00', {0x3}, 0x7ff})

3.576799996s ago: executing program 0 (id=811):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)={0x0, 0xb, 0x5, {0x5, 0xc, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000500)={0x1, 0x4, 0x3, &(0x7f0000000200)={0x5, "000000000000000301001000"}})

3.307082727s ago: executing program 2 (id=812):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe90}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_lsm={0x1d, 0xb, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}, [@map_val={0x18, 0x5, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x0, 0xb, 0x1, 0x4, 0x40, 0x4}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @cb_func={0x18, 0x9}, @generic={0x9, 0x8, 0x2, 0x8, 0x7ff}]}, &(0x7f00000001c0)='GPL\x00', 0x2, 0xcd, &(0x7f0000000680)=""/205, 0x41000, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0xa, 0x9, 0x3}, 0x10, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)=[r3, r3, r3, r3, r3], 0x0, 0x10, 0x1ad69df0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
timer_delete(r2)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000400)=""/244, 0xf4}], 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(r0, &(0x7f0000006180)={0x2020}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x40, 0x3, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x124, 0x6000, 0x0, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x2, 0x0)
ioctl$TIOCGPTPEER(r6, 0x4004092b, 0x47ffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r7, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
r9 = userfaultfd(0x80001)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)
ioctl$TIOCGPTPEER(r8, 0x4004092b, 0x7)
socket$inet6_udp(0xa, 0x2, 0x0)

2.708972989s ago: executing program 1 (id=814):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe90}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_lsm={0x1d, 0xb, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}, [@map_val={0x18, 0x5, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x0, 0xb, 0x1, 0x4, 0x40, 0x4}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @cb_func={0x18, 0x9}, @generic={0x9, 0x8, 0x2, 0x8, 0x7ff}]}, &(0x7f00000001c0)='GPL\x00', 0x2, 0xcd, &(0x7f0000000680)=""/205, 0x41000, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x3, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0xa, 0x9, 0x3}, 0x10, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000580)=[r3, r3, r3, r3, r3], 0x0, 0x10, 0x1ad69df0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
timer_delete(r2)
readv(r1, &(0x7f0000000640)=[{&(0x7f0000000400)=""/244, 0xf4}], 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(r0, &(0x7f0000006180)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x14c0348, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x2, 0x0)
ioctl$TIOCGPTPEER(r7, 0x4004092b, 0x47ffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r8, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
r10 = userfaultfd(0x80001)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)
ioctl$TIOCGPTPEER(r9, 0x4004092b, 0x7)

2.400998784s ago: executing program 2 (id=816):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r1=>0x0)
sched_setscheduler(r1, 0x3, &(0x7f0000000100)=0x7ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000009c0)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000340)=""/49, 0x31}, {0x0}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000900)=""/172, 0xac}], 0x5, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
close_range(r2, r0, 0x0)
r6 = semget$private(0x0, 0x4, 0x24)
semctl$GETZCNT(r6, 0x2, 0xf, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000300)=0x80000005, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYRES32=r4], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x6b, '\x00', 0x0, @sched_cls=0xf2fd4ce9ba69909c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f00000003c0)={'aio_iiro_16\x00', [0x4f27, 0xb, 0x2, 0x10, 0x5, 0x6, 0x8, 0x7, 0x7fffffff, 0x104, 0x7, 0x3ff, 0x1, 0x20001, 0x6, 0x101, 0x3, 0x80000000, 0x5, 0x40000003, 0x89, 0xcaa7, 0x0, 0x3, 0xb, 0xe69, 0x3c, 0xc, 0x10000006, 0x0, 0x36]})

1.931254815s ago: executing program 3 (id=818):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x24, r4, 0x5, 0xfffffffd, 0x2, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4810)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000540)={&(0x7f0000000840)={0x774, r4, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x758, 0x11d, 0x0, 0x1, [{0x2d0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x80}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x114, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x17, 0x2, [{0x0, 0x8}, {0x0, 0x4}, {0x6, 0x2}, {0x4}, {0x7, 0x2}, {0x5, 0xa}, {0x6, 0x3}, {0x1, 0x5}, {0x7, 0x1}, {0x4, 0x1}, {0x2}, {0x3, 0x7}, {0x1, 0x3}, {0x5, 0x7}, {0x7, 0x9}, {0x6, 0x7}, {0x2, 0x7}, {0x6, 0x5}, {0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0xc, 0x36, 0xc, 0x16, 0xb, 0x1b, 0x3, 0x1, 0x60, 0x5, 0x4, 0x1b, 0x48, 0x24, 0x3b, 0xc, 0x48, 0xc, 0x3, 0x6, 0x16, 0x60, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x6, 0x1, 0xf, 0x100, 0xa, 0x9a8d, 0xb7]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x16, 0x2, [{0x1, 0x1}, {0x3, 0x3}, {0x4, 0x7}, {0x6, 0x5}, {0x7, 0x9}, {0x4}, {0x7, 0x7}, {}, {0x6}, {0x0, 0x8}, {0x0, 0x7}, {0x0, 0xa}, {0x5, 0x3}, {0x1, 0xa}, {0x5, 0x7}, {0x3, 0x8}, {0x7, 0x6}, {0x3, 0x9}]}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x2, 0x2}, {0x5}, {0x2, 0x1}, {0x5, 0xa}, {0x3, 0x1}, {0x2, 0x4}, {0x1, 0x1}, {0x0, 0x6}]}]}, @NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1000, 0x9, 0x1, 0x0, 0x3, 0x0, 0x101, 0x7]}}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x3, 0x5}, {0x1, 0x7}, {0x2, 0x2}, {0x7, 0x1}, {0x1, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x1, 0xa}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x7}, {0x1, 0x1}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x8}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x9}, {0x7, 0x1}, {0x1, 0x4}, {0x4, 0x7}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x2}, {0x6, 0x5}, {0x0, 0xa}, {0x7, 0x4}, {0x0, 0x9}, {0x1, 0x6}, {0x6, 0x2}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x5}, {0x7, 0x2}, {0x2, 0x4}, {0x3, 0x7}, {0x4, 0x1}, {0x6, 0x9}, {0x4, 0x3}, {0x1, 0x3}, {0x6, 0x8}, {0x0, 0x3}, {0x4, 0x4}, {0x4, 0x8}, {0x1, 0x7}, {0x2, 0x8}, {0x3, 0x7}, {0x1, 0x3}, {0x7, 0xa}, {0x2, 0x7}, {0x4, 0x8}, {0x1}, {0x3, 0x4}, {0x1, 0x1}, {0x5}, {0x3, 0x6}, {0x2, 0x8}, {0x4, 0x2}, {0x2, 0x8}, {0x2, 0x8}, {0x1, 0x5}, {0x5, 0x2}, {0x2}, {0x5, 0x8}, {0x6, 0x6}, {0x5, 0x9}, {0x4, 0x2}, {0x0, 0x5}, {0x5, 0x6}, {}, {0x2, 0x7}, {0x0, 0x4}, {0x5, 0xa}, {0x6, 0x1}, {0x1, 0x2}]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x6c, 0x9, 0x6, 0x48, 0x60, 0x3, 0x6, 0xb, 0x4, 0xc, 0x60, 0x3, 0x16, 0x18, 0x18, 0x18, 0x16, 0x12, 0x12, 0x5, 0x3]}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x91}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x16c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x1, 0x7}, {0x0, 0x4}, {0x0, 0x5}, {0x1, 0x9}, {0x6, 0x6}, {0x3, 0x8}, {0x7, 0x5}, {0x1, 0x4}, {0x7, 0x3}, {0x6, 0x6}, {0x5, 0x9}, {0x4, 0x3}, {0x6, 0x9}, {0x5}, {0x0, 0x5}, {0x2}, {0x6, 0x1}, {0x7, 0xa}, {0x0, 0x5}, {0x4, 0x6}, {0x1, 0x3}, {0x3, 0x9}, {0x2, 0x6}, {0x1, 0x6}, {0x7, 0x7}, {0x4, 0x4}, {0x1, 0x2}, {0x6, 0xa}, {0x6, 0x5}, {0x2, 0x5}, {0x7, 0x9}]}]}, @NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x46, 0x2, [{0x7, 0x1}, {0x3, 0x6}, {0x4, 0x9}, {0x6, 0x7}, {0x3, 0xa}, {0x0, 0x8}, {0x6, 0x9}, {0x1, 0x3}, {0x0, 0x2}, {0x7, 0x8}, {0x7, 0x4}, {0x6, 0x5}, {0x1}, {0x0, 0xa}, {0x2, 0x5}, {0x7, 0x2}, {0x0, 0x3}, {0x1, 0x3}, {0x3, 0x8}, {0x1, 0x1}, {0x2, 0x2}, {0x4, 0x1}, {0x3, 0xa}, {0x1, 0x7}, {0x2, 0x5}, {0x6}, {0x0, 0x7}, {0x1, 0xa}, {0x0, 0x3}, {0x6, 0x6}, {0x1, 0x8}, {0x3, 0x4}, {0x5, 0x7}, {0x2, 0xa}, {0x7}, {0x5, 0x5}, {0x6, 0x6}, {0x4}, {0x0, 0x6}, {0x0, 0x5}, {0x4}, {0x5, 0x6}, {0x7, 0x1}, {0x1, 0x9}, {0x4, 0x9}, {0x1, 0x3}, {0x4, 0x1}, {0x4, 0x4}, {0x4, 0x6}, {0x4, 0x3}, {0x7, 0x3}, {0x7, 0x4}, {0x7, 0x6}, {0x4, 0x1}, {0x1, 0x1}, {0x6, 0x1}, {0x1, 0x1}, {0x3, 0x4}, {0x6}, {0x7, 0x5}, {0x1, 0xa}, {0x2, 0x7}, {0x7, 0x4}, {0x6, 0x4}, {0x7, 0x5}, {0x7, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x5, 0x3, 0x4, 0xb502, 0x1c0, 0xc, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x8, 0x6, 0x6, 0x7, 0xfff3, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x7a}]}, @NL80211_BAND_2GHZ={0xb0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x42, 0x2, [{0x6}, {0x3, 0x3}, {0x4, 0x2}, {0x5, 0x9}, {0x0, 0x6}, {0x4, 0x5}, {0x3, 0x5}, {0x3}, {0x4, 0x4}, {0x7, 0x8}, {0x3, 0x7}, {0x3, 0x8}, {0x3, 0xa}, {0x0, 0x9}, {0x6}, {0x3, 0x6}, {0x4, 0x1}, {0x7, 0x6}, {0x7, 0x6}, {}, {0x6, 0x14}, {0x4}, {0x4, 0x1}, {0x0, 0x3}, {0x1, 0x5}, {0x0, 0x2}, {0x5, 0x4}, {0x6, 0x5}, {0x0, 0x5}, {0x0, 0x6}, {0x7, 0x1}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x8}, {0x1, 0x9}, {0x1, 0x5}, {0x3, 0x2}, {0x5}, {0x7, 0x1}, {0x1, 0x6}, {0x0, 0x7}, {0x0, 0x3}, {0x5, 0x4}, {0x5, 0xa}, {0x0, 0x7}, {0x2, 0x3}, {0x5, 0x4}, {0x1, 0x8}, {0x5, 0x4}, {0x6, 0x8}, {0x4, 0x2}, {0x2, 0xa}, {0x0, 0x8}, {0x4, 0x4}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x6}, {0x2, 0xa}, {0x1, 0x1}, {0x1, 0x6}, {0x6, 0x3}, {0x1, 0x5}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x3, 0x4}, {0x5, 0x3}, {0x5, 0x8}, {0x1, 0x7}, {0x1, 0x7}, {0x1}, {0x0, 0x8}, {0x6, 0x5}, {0x1, 0x7}, {0x0, 0x1}, {0x4, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0xa}, {0x0, 0x3}, {0x7, 0x8}, {0x7, 0x4}, {0x6, 0x2}, {0x1, 0x9}, {0x4, 0x8}, {0x1, 0x6}, {0x4, 0x1}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x0, 0x8}, {0x1, 0xa}, {0x4, 0xa}, {0x0, 0x3}, {0x0, 0x3}, {0x0, 0x9}, {0x1, 0x3}, {0x0, 0x8}, {0x6, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x7, 0x5385, 0x8001, 0xf0e7, 0xfffe, 0x6, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0x9, 0x40, 0x2, 0x8, 0x6]}}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x66}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x71}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x38c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf0}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x378, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x18, 0x2, [{0x3, 0xa}, {0x1, 0x2}, {0x2, 0xa}, {0x0, 0x5}, {0x2, 0x6}, {0x1}, {0x2, 0x8}, {0x1, 0x6}, {0x7, 0x4}, {0x6, 0x3}, {0x2, 0x9}, {0x4}, {0x3, 0x1}, {0x1, 0x9}, {0x0, 0x1}, {0x0, 0x7}, {0x3, 0x6}, {0x4}, {0x6, 0x1}, {0x0, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x95, 0x2, 0x3, 0xd6, 0x0, 0x6, 0x6]}}]}, @NL80211_BAND_60GHZ={0xb8, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x2, 0x4}, {0x5}, {0x3, 0x2}, {0x7, 0x3}, {0x5, 0x3}, {0x6, 0x3}, {0x7, 0x3}, {0x2}, {0x1, 0x8}, {0x7}, {0x3, 0x3}, {0x7, 0x2}, {0x5, 0x8}, {0x1, 0x7}, {0x2, 0x8}, {0x4, 0x7}, {0x2, 0x9}, {0x1}, {0x1, 0xa}, {0x1, 0xa}, {0x6, 0x6}, {0x6, 0x2}, {0x7, 0x3}, {0x6, 0x1}, {0x1}, {0x4, 0x5}, {0x1, 0x9}, {0x1}, {0x2, 0x3}, {0x0, 0x1}, {0x1, 0x4}, {0x3, 0x5}, {0x1, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0xa}, {0x6, 0xa}, {0x0, 0xa}, {0x4}, {0x4, 0x3}, {0x2, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x3, 0x78, 0x6, 0xfd, 0xdc, 0x7, 0x915]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xca8, 0x4, 0x5b5d, 0x7, 0xfff, 0x4, 0x7]}}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x18, 0x24, 0x0, 0x18, 0x4, 0x1b, 0x4, 0xc, 0x9, 0x12, 0x0, 0xc, 0x4, 0x24, 0x24, 0x16, 0x63]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x4, 0x1, 0x12, 0x6e, 0x36, 0x6c, 0x1b, 0x6, 0xb, 0x16, 0x6, 0x2, 0x6c, 0x18, 0x6c, 0x60, 0x6, 0xc, 0x16, 0x5, 0x36]}, @NL80211_TXRATE_HT={0xd, 0x2, [{0x7, 0x9}, {0x5, 0x9}, {0x5, 0x3}, {0x6, 0x2}, {0x1, 0x5}, {0x0, 0x1}, {0x7, 0x5}, {0x2, 0x1}, {0x3}]}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x5098abc75f17ee31, 0x4, 0x6, 0x9, 0x5, 0x12, 0x6c, 0x3, 0x6c, 0x1b, 0x24, 0xb, 0x12, 0x3834ceaf91043b90, 0x1b, 0x48, 0x2, 0x12, 0x6, 0x30, 0x4, 0x4, 0x6c, 0xb, 0xb, 0xc, 0xc, 0x36]}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xffff, 0x8, 0xf, 0xe, 0x2, 0x3, 0x47, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd, 0x4, 0x7, 0x7, 0x80, 0x4, 0x1, 0x3]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x49, 0x2, [{0x1, 0x3}, {0x7, 0x7}, {0x4}, {0x5, 0x2}, {0x6}, {0x1}, {0x0, 0x5}, {0x5, 0x6}, {0x4, 0x5}, {0x2, 0x5}, {0x3}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x1}, {0x7, 0x3}, {0x7, 0x8}, {0x5, 0x5}, {0x7, 0x8}, {0x0, 0x7}, {0x1, 0x6}, {0x1, 0x1}, {0x1, 0x4}, {0x3, 0x3}, {0x0, 0x3}, {0x6, 0x3}, {0x7, 0x8}, {0x1, 0x8}, {0x1, 0x9}, {0x3, 0x3}, {0x0, 0x4}, {0x2, 0x9}, {0x1, 0x8}, {0x1, 0x9}, {0x0, 0x1}, {0x4, 0x3}, {0x6, 0x8}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x2}, {0x7, 0x9}, {0x7, 0x8}, {0x3, 0x9}, {0x4, 0x5}, {0x7, 0x8}, {0x6, 0x7}, {}, {0x7, 0x9}, {0x6, 0x1}, {0x2, 0xa}, {0x3, 0x7}, {0x5, 0x2}, {0x4, 0x9}, {0x4, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x7}, {0x6, 0x2}, {0x1, 0xa}, {0x6}, {0x7, 0x1}, {0x1, 0x8}, {0x2, 0xa}, {0x0, 0xa}, {0x3, 0x2}, {0x4, 0x3}, {0x5, 0x6}, {0x0, 0x4}, {0x2, 0x2}, {0x6, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6b, 0x5, 0x3, 0x2fd, 0x8, 0x1, 0x100, 0x1]}}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x36, 0x0, 0x3ff, 0xe61, 0x0, 0x7f, 0x10]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x12]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x20, 0x2, [{0x4, 0x9}, {0x4, 0x9}, {0x1, 0xa}, {0x3, 0x4}, {0x6, 0x7}, {0x0, 0x8}, {0x1, 0xa}, {0x3, 0x3}, {0x1, 0x3}, {0x0, 0x2}, {0x4, 0xa}, {0x5}, {0x6, 0x5}, {}, {0x7, 0x5}, {0x1, 0x9}, {0x0, 0x3}, {0x3, 0x6}, {0x0, 0xa}, {0x5}, {0x0, 0x6}, {0x6, 0x9}, {0x1, 0x5}, {0x7, 0x1}, {0x1, 0x9}, {0x1, 0x3}, {0x0, 0x7}, {0x2, 0x2}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x30, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x9]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x6, 0x3, 0xdf, 0x6, 0x8, 0x2, 0x6]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x8c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x0, 0x4, 0x9, 0x8, 0x1, 0x9, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x6c, 0x48, 0x36, 0x18, 0x4, 0x5, 0x16, 0x16, 0x6c, 0x6, 0x1b, 0x6, 0x0, 0x48, 0x6, 0x4, 0x3, 0x16, 0x4, 0x4d, 0x48, 0x12, 0x6, 0x6, 0x60, 0x6c, 0x6c, 0x1, 0x1]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x2, 0x100, 0x100, 0x100, 0x9, 0xf, 0x4]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x30, 0xb, 0x48, 0x1b, 0x0, 0xc, 0x60, 0x5, 0xb, 0xe, 0x53, 0x24, 0x50, 0x1b, 0x6, 0x42acac960eb9f4a5, 0x48, 0x6, 0xb, 0xa, 0x1b, 0x6, 0x2, 0x16, 0x48, 0x4, 0x30, 0x36, 0x6]}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x29, 0x2, [{0x2, 0x5}, {0x2, 0x3}, {0x6, 0x7}, {0x7, 0x2}, {0x0, 0xa}, {0x5, 0x8}, {0x2, 0x4}, {0x7, 0x9}, {0x1, 0x3}, {0x6, 0x3}, {0x2, 0xa}, {0x7, 0x7}, {0x4, 0x4}, {0x0, 0x6}, {0x6, 0x7}, {0x1, 0x1}, {0x1, 0x5}, {0x2, 0x4}, {0x1, 0x9}, {0x3, 0x5}, {0x6, 0x2}, {0x5, 0x4}, {0x0, 0x5}, {0x0, 0x4}, {0x4, 0x2}, {0x1, 0x6}, {0x7, 0x2}, {0x5, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x0, 0x6}, {0x5, 0x6}, {0x0, 0xa}, {0x6, 0x3}, {0x5, 0x6}, {0x7, 0x1}, {0x0, 0x6}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x5, 0x6}, {0x6, 0x9}, {0x0, 0xa}, {0x5, 0x5}, {0x0, 0x9}, {0x5, 0x8}, {0x3, 0x1}, {0x3, 0xa}, {}, {0x5, 0x3}, {0x3, 0x5}, {0x0, 0x2}, {0x5, 0x6}, {0x1, 0x8}, {0x7, 0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x2}, {}, {0x7, 0x5}, {0x5, 0x1}, {0x6}, {0x4}, {0x7, 0x9}, {0x0, 0x9}, {0x1, 0x5}, {0x2, 0x2}, {0x2, 0xa}, {0x6, 0x7}, {0x0, 0x3}, {0x1, 0x8}, {0x2}, {0x0, 0x9}, {0x7, 0x8}, {0x6, 0x3}, {0x6, 0x6}, {0x5, 0x3}, {0x5, 0x8}, {0x2, 0x4}, {0x6, 0x8}, {0x1, 0x1}, {0x7, 0x8}, {0x4, 0x1}, {0x7, 0x3}, {0x2, 0x1}, {0x2, 0xa}, {0x6, 0x8}, {0x0, 0x4}, {0x7, 0x5}, {0x2, 0x7}, {0x6, 0xa}, {0x2, 0x9}, {0x1, 0x1}, {0x4, 0x3}, {0x5, 0x5}, {0x7, 0x3}, {0x6, 0x5}, {0x0, 0x3}, {0x4, 0x4}, {0x7, 0xa}, {0x1, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x3, 0x8}, {0x2, 0x6}, {0x7, 0x7}, {0x3, 0x6}, {0x2}, {0x0, 0x9}]}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x81}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xdb}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa7}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x25}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8}]}]}]}, 0x774}, 0x1, 0x0, 0x0, 0x1}, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd13a}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r8, 0x0, 0x0, 0x800)
sendmmsg$alg(r9, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r10, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.887355033s ago: executing program 0 (id=819):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x6803, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x14, 0x16, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_emit_ethernet(0x5e, &(0x7f0000000500)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010102, @remote}, @redirect={0x5, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3}, @lsrr={0x83, 0xf, 0x0, [@remote, @private, @rand_addr]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@local}]}]}}}}}}}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x45, &(0x7f0000001ac0)=[{&(0x7f00000004c0)={0x114, 0x34, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x3ff9, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @generic="395d1d5e99b378865650ee72696fdd925abdd47ee59733d126068fa39d424f81d258997cb4c6c3dc55e217d99a4fb1c3864204018709c04ea64b797b46fa17a9fe315e1fbca6ba919485b08ef1d4c8ef95fbd9af12263fc6698b772579a49f18023acc3d7cb33558df262b062463116a8f1c6680a688569a2ff02938f0383bbd647139d9d6b7d434f3a2c0e18d915d256efc077e60770c3eb1f1b761a364d6e73f4cdcfe9401b940fac0961aed6c7500e657e73438221db53a20120526ec969ce51a560bd074a916ce57ef54a821f121fd354f2cb6ce48317133f3437129e2838a445d1f44b184e56eee6bcdde65b539", @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc013529ec47d7f69f514408049fc119a74fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x14)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000340)={'\x00', 0x9, 0x9, 0xfffffffe, 0x2, 0x5})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
close(r1)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000080010deffffffffffffff00"])
openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x123f82, 0x0)

1.88411382s ago: executing program 3 (id=820):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000840)={0x6e4, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x6c8, 0x11d, 0x0, 0x1, [{0x2d0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x80}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x114, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x17, 0x2, [{0x0, 0x8}, {0x0, 0x4}, {0x6, 0x2}, {0x4}, {0x7, 0x2}, {0x5, 0xa}, {0x6, 0x3}, {0x1, 0x5}, {0x7, 0x1}, {0x4, 0x1}, {0x2}, {0x3, 0x7}, {0x1, 0x3}, {0x5, 0x7}, {0x7, 0x9}, {0x6, 0x7}, {0x2, 0x7}, {0x6, 0x5}, {0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0xc, 0x36, 0xc, 0x16, 0xb, 0x1b, 0x3, 0x1, 0x60, 0x5, 0x4, 0x1b, 0x48, 0x24, 0x3b, 0xc, 0x48, 0xc, 0x3, 0x6, 0x16, 0x60, 0x36]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x6, 0x1, 0xf, 0x100, 0xa, 0x9a8d, 0xb7]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x15, 0x2, [{0x1, 0x1}, {0x3, 0x3}, {0x4, 0x7}, {0x6, 0x5}, {0x7, 0x9}, {0x4}, {0x7, 0x7}, {}, {0x6}, {0x0, 0x8}, {0x0, 0x7}, {0x0, 0xa}, {0x5, 0x3}, {0x1, 0xa}, {0x5, 0x7}, {0x3, 0x8}, {0x7, 0x6}]}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x2, 0x2}, {0x5}, {0x5, 0xa}, {0x3, 0x1}, {0x2, 0x4}, {0x1, 0x1}, {0x0, 0x6}]}]}, @NL80211_BAND_6GHZ={0x8c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1000, 0x9, 0x1, 0x0, 0x3, 0x0, 0x101, 0x7]}}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x3, 0x5}, {0x1, 0x7}, {0x2, 0x2}, {0x7, 0x1}, {0x1, 0x8}, {0x1, 0x4}, {0x1, 0x8}, {0x1, 0xa}, {0x0, 0x2}, {0x1, 0x8}, {0x0, 0x7}, {0x1, 0x1}, {0x7, 0x7}, {0x7, 0x8}, {0x4, 0x8}, {0x0, 0x7}, {0x2, 0x3}, {0x7, 0x9}, {0x7, 0x1}, {0x1, 0x4}, {0x4, 0x7}, {0x3, 0xa}, {0x7, 0x7}, {0x7, 0x2}, {0x6, 0x5}, {0x0, 0xa}, {0x7, 0x4}, {0x0, 0x9}, {0x1, 0x6}, {0x6, 0x2}, {0x1, 0x2}, {0x5, 0xa}, {0x1, 0x5}, {0x7, 0x2}, {0x2, 0x4}, {0x3, 0x7}, {0x4, 0x1}, {0x6, 0x9}, {0x4, 0x3}, {0x1, 0x3}, {0x6, 0x8}, {0x0, 0x3}, {0x4, 0x4}, {0x4, 0x8}, {0x1, 0x7}, {0x2, 0x8}, {0x3, 0x7}, {0x1, 0x3}, {0x7, 0xa}, {0x2, 0x7}, {0x4, 0x8}, {0x1}, {0x3, 0x4}, {0x1, 0x1}, {0x5}, {0x3, 0x6}, {0x2, 0x8}, {0x4, 0x2}, {0x2, 0x8}, {0x2, 0x8}, {0x1, 0x5}, {0x5, 0x2}, {0x2}, {0x5, 0x8}, {0x6, 0x6}, {0x5, 0x9}, {0x4, 0x2}, {0x0, 0x5}, {0x5, 0x6}, {0x2, 0x7}, {0x0, 0x4}, {0x6, 0x1}, {0x1, 0x2}]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x6c, 0x9, 0x6, 0x48, 0x60, 0x3, 0x6, 0xb, 0x4, 0xc, 0x60, 0x3, 0x16, 0x18, 0x18, 0x18, 0x16, 0x12, 0x12, 0x5, 0x3]}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x91}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x16c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x21, 0x2, [{0x1, 0x7}, {0x0, 0x4}, {0x0, 0x5}, {0x1, 0x9}, {0x6, 0x6}, {0x3, 0x8}, {0x7, 0x5}, {0x1, 0x4}, {0x7, 0x3}, {0x6, 0x6}, {0x5, 0x9}, {0x4, 0x3}, {0x6, 0x9}, {0x5}, {0x0, 0x5}, {0x2}, {0x6, 0x1}, {0x7, 0xa}, {0x0, 0x5}, {0x4, 0x6}, {0x1, 0x3}, {0x3, 0x9}, {0x2, 0x6}, {0x1, 0x6}, {0x7, 0x7}, {0x4, 0x4}, {0x1, 0x2}, {0x6, 0xa}, {0x6, 0x5}]}]}, @NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x45, 0x2, [{0x7, 0x1}, {0x3, 0x6}, {0x4, 0x9}, {0x6, 0x7}, {0x3, 0xa}, {0x6, 0x4}, {0x0, 0x8}, {0x6, 0x9}, {0x1, 0x3}, {0x0, 0x2}, {0x7, 0x8}, {0x7, 0x4}, {0x6, 0x5}, {0x1}, {0x0, 0xa}, {0x2, 0x5}, {0x7, 0x2}, {0x0, 0x3}, {0x1, 0x3}, {0x3, 0x8}, {0x1, 0x1}, {0x2, 0x2}, {0x4, 0x1}, {0x3, 0xa}, {0x1, 0x7}, {0x2, 0x5}, {0x6}, {0x0, 0x7}, {0x1, 0xa}, {0x0, 0x3}, {0x6, 0x6}, {0x1, 0x8}, {0x3, 0x4}, {0x5, 0x7}, {0x2, 0xa}, {0x7}, {0x5, 0x5}, {0x6, 0x6}, {0x4}, {0x0, 0x6}, {0x0, 0x5}, {0x4}, {0x5, 0x6}, {0x7, 0x1}, {0x1, 0x9}, {0x4, 0x9}, {0x1, 0x3}, {0x4, 0x1}, {0x4, 0x4}, {0x4, 0x6}, {0x4, 0x3}, {0x7, 0x3}, {0x7, 0x4}, {0x7, 0x6}, {0x4, 0x1}, {0x1, 0x1}, {0x6, 0x1}, {0x1, 0x1}, {0x3, 0x4}, {0x6}, {0x7, 0x5}, {0x1, 0xa}, {0x2, 0x7}, {0x7, 0x4}, {0x7, 0x8}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_2GHZ={0x3c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x5, 0x3, 0x4, 0xb502, 0x1c0, 0xc, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x8, 0x6, 0x6, 0x7, 0xfff3, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x7a}]}, @NL80211_BAND_2GHZ={0xb0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x41, 0x2, [{0x6}, {0x3, 0x3}, {0x4, 0x2}, {0x5, 0x9}, {0x0, 0x6}, {0x4, 0x5}, {0x3, 0x5}, {0x3}, {0x4, 0x4}, {0x7, 0x8}, {0x3, 0x7}, {0x3, 0x8}, {0x3, 0xa}, {0x0, 0x9}, {0x6}, {0x3, 0x6}, {0x4, 0x1}, {0x7, 0x6}, {0x7, 0x6}, {}, {0x6, 0x14}, {0x4}, {0x4, 0x1}, {0x0, 0x3}, {0x1, 0x5}, {0x0, 0x2}, {0x5, 0x4}, {0x6, 0x5}, {0x0, 0x5}, {0x0, 0x6}, {0x7, 0x1}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x8}, {0x1, 0x9}, {0x1, 0x5}, {0x3, 0x2}, {0x5}, {0x7, 0x1}, {0x1, 0x6}, {0x0, 0x7}, {0x0, 0x3}, {0x5, 0x4}, {0x5, 0xa}, {0x0, 0x7}, {0x2, 0x3}, {0x5, 0x4}, {0x1, 0x8}, {0x5, 0x4}, {0x6, 0x8}, {0x4, 0x2}, {0x2, 0xa}, {0x0, 0x8}, {0x4, 0x4}, {0x3, 0x6}, {0x4, 0x9}, {0x2, 0x6}, {0x2, 0xa}, {0x1, 0x1}, {0x1, 0x6}, {0x6, 0x3}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x3, 0x4}, {0x5, 0x3}, {0x5, 0x8}, {0x1, 0x7}, {0x1, 0x7}, {0x1}, {0x0, 0x8}, {0x6, 0x5}, {0x1, 0x7}, {0x0, 0x1}, {0x4, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0xa}, {0x0, 0x3}, {0x7, 0x8}, {0x7, 0x4}, {0x6, 0x2}, {0x1, 0x9}, {0x4, 0x8}, {0x1, 0x6}, {0x4, 0x1}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x0, 0x8}, {0x1, 0xa}, {0x4, 0xa}, {0x0, 0x3}, {0x0, 0x3}, {0x0, 0x9}, {0x1, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x7, 0x5385, 0x8001, 0xf0e7, 0xfffe, 0x6, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0x9, 0x40, 0x2, 0x8, 0x6]}}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x66}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x71}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x394, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf0}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x380, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x3c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x19, 0x2, [{0x3, 0xa}, {0x1, 0x2}, {0x2, 0xa}, {0x0, 0x5}, {0x2, 0x6}, {0x1}, {0x2, 0x8}, {0x1, 0x6}, {0x7, 0x4}, {0x6, 0x3}, {0x2, 0x9}, {0x4}, {0x3, 0x1}, {0x1, 0x9}, {0x0, 0x1}, {0x0, 0x7}, {0x3, 0x6}, {0x4}, {0x7, 0x2}, {0x6, 0x1}, {0x0, 0x8}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x95, 0x2, 0x3, 0xd6, 0x0, 0x6, 0x6]}}]}, @NL80211_BAND_60GHZ={0xb4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2d, 0x2, [{0x2, 0x4}, {0x5}, {0x3, 0x2}, {0x7, 0x3}, {0x5, 0x3}, {0x6, 0x3}, {0x7, 0x3}, {0x2}, {0x1, 0x8}, {0x7}, {0x3, 0x3}, {0x7, 0x2}, {0x5, 0x8}, {0x1, 0x7}, {0x2, 0x8}, {0x4, 0x7}, {0x2, 0x9}, {0x1}, {0x1, 0xa}, {0x1, 0xa}, {0x6, 0x6}, {0x6, 0x2}, {0x7, 0x3}, {0x6, 0x1}, {0x1}, {0x4, 0x5}, {0x1, 0x9}, {0x1}, {0x2, 0x3}, {0x0, 0x1}, {0x1, 0x4}, {0x3, 0x5}, {0x1, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0xa}, {0x6, 0xa}, {0x4}, {0x4, 0x3}, {0x5, 0x2}, {0x2, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x3, 0x78, 0x6, 0xfd, 0xdc, 0x7, 0x915]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xca8, 0x4, 0x5b5d, 0x7, 0xfff, 0x4, 0x7]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x18, 0x24, 0x0, 0x18, 0x4, 0x1b, 0x4, 0xc, 0x9, 0x12, 0x0, 0x4, 0x24, 0x24, 0x16, 0x63]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x4, 0x1, 0x12, 0x6e, 0x36, 0x6c, 0x1b, 0x6, 0xb, 0x16, 0x6, 0x2, 0x6c, 0x18, 0x6c, 0x60, 0x6, 0xc, 0x16, 0x5, 0x36]}, @NL80211_TXRATE_HT={0xd, 0x2, [{0x7, 0x9}, {0x5, 0x9}, {0x5, 0x3}, {0x6, 0x2}, {0x1, 0x5}, {0x0, 0x1}, {0x7, 0x5}, {0x2, 0x1}, {0x3}]}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x21, 0x1, [0x5098abc75f17ee31, 0x4, 0x6, 0x9, 0x5, 0x12, 0x6c, 0x3, 0x6c, 0x1b, 0x24, 0x9, 0xb, 0x12, 0x3834ceaf91043b90, 0x1b, 0x48, 0x2, 0x12, 0x6, 0x30, 0x4, 0x4, 0x6c, 0xb, 0x3d, 0xc, 0xc, 0x36]}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xffff, 0x8, 0xf, 0xe, 0x2, 0x3, 0x47, 0x1]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd, 0x4, 0x7, 0x7, 0x80, 0x4, 0x1, 0x3]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x49, 0x2, [{0x1, 0x3}, {0x7, 0x7}, {0x4}, {0x5, 0x2}, {0x6}, {0x1}, {0x0, 0x5}, {0x5, 0x6}, {0x4, 0x5}, {0x2, 0x5}, {0x3}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x1}, {0x7, 0x3}, {0x7, 0x8}, {0x5, 0x5}, {0x7, 0x8}, {0x0, 0x7}, {0x1, 0x6}, {0x1, 0x1}, {0x1, 0x4}, {0x3, 0x3}, {0x0, 0x3}, {0x6, 0x3}, {0x7, 0x8}, {0x1, 0x8}, {0x1, 0x9}, {0x3, 0x3}, {0x0, 0x4}, {0x2, 0x9}, {0x1, 0x8}, {0x1, 0x9}, {0x0, 0x1}, {0x4, 0x3}, {0x6, 0x8}, {0x1, 0x5}, {0x0, 0x1}, {0x3, 0x2}, {0x7, 0x9}, {0x7, 0x8}, {0x3, 0x9}, {0x4, 0x5}, {0x7, 0x8}, {0x6, 0x7}, {}, {0x7, 0x9}, {0x6, 0x1}, {0x2, 0xa}, {0x3, 0x7}, {0x5, 0x2}, {0x4, 0x9}, {0x4, 0x8}, {0x0, 0x4}, {0x3, 0x9}, {0x4, 0x7}, {0x6, 0x2}, {0x1, 0xa}, {0x6}, {0x7, 0x1}, {0x1, 0x8}, {0x2, 0xa}, {0x0, 0xa}, {0x3, 0x2}, {0x4, 0x3}, {0x5, 0x6}, {0x0, 0x4}, {0x6, 0x4}, {0x1, 0x5}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6b, 0x5, 0x3, 0x2fd, 0x8, 0x1, 0x100, 0x1]}}]}, @NL80211_BAND_5GHZ={0x54, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x36, 0x0, 0x3ff, 0xe61, 0x0, 0x7f, 0x10]}}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x12]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x21, 0x2, [{0x4, 0x9}, {0x4, 0x9}, {0x1, 0xa}, {0x4, 0x7}, {0x3, 0x4}, {0x6, 0x7}, {0x0, 0x8}, {0x1, 0xa}, {0x3, 0x3}, {0x1, 0x3}, {0x0, 0x2}, {0x4, 0xa}, {0x5}, {0x6, 0x5}, {}, {0x7, 0x5}, {0x1, 0x9}, {0x0, 0x3}, {0x3, 0x6}, {0x0, 0xa}, {0x5}, {0x0, 0x6}, {0x5, 0x2}, {0x6, 0x9}, {0x1, 0x5}, {0x7, 0x1}, {0x1, 0x9}, {0x1, 0x3}, {0x0, 0x7}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x30, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x5, 0x1, [0x9]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x6, 0x3, 0xdf, 0x6, 0x8, 0x2, 0x6]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x8c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x0, 0x4, 0x9, 0x8, 0x1, 0x9, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x6c, 0x48, 0x36, 0x18, 0x4, 0x5, 0x16, 0x16, 0x6c, 0x6, 0x1b, 0x6, 0x0, 0x48, 0x6, 0x4, 0x3, 0x16, 0x4, 0x4d, 0x48, 0x12, 0x6, 0x6, 0x60, 0x6c, 0x6c, 0x12, 0x1]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x2, 0x100, 0x100, 0x100, 0x9, 0xf, 0x4]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x30, 0xb, 0x48, 0x1b, 0x0, 0xc, 0x60, 0x5, 0xb, 0xe, 0x53, 0x24, 0x50, 0x1b, 0x6, 0x42acac960eb9f4a5, 0x48, 0x6, 0xb, 0xa, 0x1b, 0x6, 0x2, 0x16, 0x48, 0x4, 0x30, 0x36, 0x6]}]}, @NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x29, 0x2, [{0x2, 0x5}, {0x2, 0x3}, {0x6, 0x7}, {0x7, 0x2}, {0x0, 0xa}, {0x5, 0x8}, {0x2, 0x4}, {0x7, 0x9}, {0x1, 0x3}, {0x6, 0x3}, {0x2, 0xa}, {0x7, 0x7}, {0x4, 0x4}, {0x0, 0x6}, {0x6, 0x7}, {0x1, 0x1}, {0x1, 0x5}, {0x2, 0x4}, {0x1, 0x9}, {0x3, 0x5}, {0x6, 0x2}, {0x5, 0x4}, {0x0, 0x5}, {0x0, 0x4}, {0x4, 0x2}, {0x1, 0x6}, {0x7, 0x2}, {0x5, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x0, 0x6}, {0x5, 0x6}, {0x0, 0xa}, {0x6, 0x3}, {0x0, 0x2}, {0x1, 0x9}, {0x0, 0x6}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x49, 0x2, [{0x5, 0x6}, {0x6, 0x9}, {0x0, 0xa}, {0x5, 0x5}, {0x0, 0x9}, {0x5, 0x8}, {0x3, 0x1}, {0x3, 0xa}, {}, {0x5, 0x3}, {0x3, 0x5}, {0x0, 0x2}, {0x5, 0x6}, {0x1, 0x8}, {0x7, 0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x2}, {}, {0x7, 0x5}, {0x5, 0x1}, {0x6}, {0x4}, {0x7, 0x9}, {0x0, 0x9}, {0x1, 0x5}, {0x2, 0x2}, {0x2, 0xa}, {0x6, 0x7}, {0x0, 0x3}, {0x1, 0x8}, {0x2}, {0x0, 0x9}, {0x7, 0x8}, {0x6, 0x3}, {0x6, 0x6}, {0x5, 0x3}, {0x5, 0x8}, {0x2, 0x4}, {0x6, 0x8}, {0x1, 0x1}, {0x7, 0x8}, {0x4, 0x1}, {0x7, 0x3}, {0x2, 0x1}, {0x2, 0xa}, {0x6, 0x8}, {0x0, 0x4}, {0x7, 0x5}, {0x2, 0x7}, {0x6, 0xa}, {0x2, 0x9}, {0x1, 0x1}, {0x4, 0x3}, {0x5, 0x5}, {0x7, 0x3}, {0x6, 0x5}, {0x0, 0x3}, {0x4, 0x4}, {0x7, 0xa}, {0x1, 0x6}, {0x6, 0x2}, {0x6, 0x1}, {0x3, 0x8}, {0x2, 0x6}, {0x7, 0x7}, {0x3, 0x6}, {0x2}, {0x0, 0x9}]}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x81}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}]}, 0x6e4}, 0x1, 0x0, 0x0, 0x1}, 0x4)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.813002097s ago: executing program 3 (id=821):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$dupfd(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
r3 = syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x1885, 0x80, 0x2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = socket$rds(0x15, 0x5, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r6, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r3, 0xb516, 0xc2de, 0x8, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000002400)={0x1, 0x0, [{0x40000107}]})
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000180)={0x20000008})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x400, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c5fe68bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8ba58502975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x418})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000253000/0x4000)=nil, 0x4000, 0x13)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000380)=""/176)

1.716743399s ago: executing program 1 (id=822):
io_uring_setup(0x6b22, 0x0)
r0 = memfd_create(0x0, 0xb)
ftruncate(r0, 0xffff)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x8000})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x85)
ioctl$SG_IO(r4, 0x2285, 0x0)
writev(r4, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41ceaf0e9d85e44", 0x2b}], 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x4a301, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8d11})
r6 = socket$kcm(0x2, 0xa, 0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r8, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000240)={@val={0x0, 0x1c}, @void, @mpls}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x5, 0x1, 0x4a, 0x8}, {0xf, 0x9, 0xf, 0x9}, {0x62, 0x4, 0x7, 0x5}, {0x9, 0x8, 0xec, 0x7}, {0x3, 0x9, 0x0, 0x4}, {0x8, 0xfe, 0x9, 0x7}, {0x9, 0x1, 0x2d, 0x55}]})

1.597279889s ago: executing program 3 (id=823):
creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x10000, 0x4], 0x0, 0x0, 0x2, 0x1}}, 0x40)

1.485968863s ago: executing program 3 (id=824):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000800000e373bd25b0983564000046227c905a7c4d3674c62c0b733edaeb49505ad0150b3dbbd306e5cf1ee0d72f000000000000000274fc2a108d621007c900000072fa45e13cf8bab91267e2c7f517058d12f5a9e20ec3883f3caa24f80731c48c920d87a2a5c0f508367ef12780cffc817740971f4c60978712a63ccbcda08d692e8b0ae326a66a2d48190f3d8c548f89d07bd3ee8c197de6f3d15663ae43cd212c779c50ba200a05", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="11000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000080)='{[%\x00'}, 0x30)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000540)={r4, r1, 0x25, 0x4, @void}, 0x1e)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000a6dde655713788a84d008100300086dd61ab279c000c110000000000000000000000ffffac141433fe8000000000000000000000000000aa4e244e20000c9084ca08000089f5f686455deeec448547c81bf981c4c0c853d519f8105d9915712506000000e9c249c6d04462f9131ef65fac97275f091c69b38c870ba44c4cb198e5336a8d1b497d054bd90fe3d368b46aca41d1090be1569e887866acf33c0bbfe5dd5486ff9aa2788782e7c937645adc732239e968f3a56c2790fa8b629075117dba4450f8337a802cb3d45b173be6601e47f4494a56cb69057159150000"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r6, 0x0, 0x20, &(0x7f0000000000)={@local, @empty}, 0x8)
r7 = dup(0xffffffffffffffff)
r8 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r8, 0x29, 0x30, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x90)
connect$unix(r7, 0x0, 0x0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, 0x0)
r9 = syz_io_uring_setup(0x63b3, &(0x7f0000000200)={0x0, 0xee57, 0x10100, 0x0, 0xfffffffd, 0x0, r7}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f00000001c0)=<r11=>0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x38}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r9, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000100)={0x0, 0x3938700}, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

1.407343389s ago: executing program 2 (id=825):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r1=>0x0)
sched_setscheduler(r1, 0x3, &(0x7f0000000100)=0x7ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
close_range(r2, r0, 0x0)
r6 = semget$private(0x0, 0x4, 0x24)
semctl$GETZCNT(r6, 0x2, 0xf, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000300)=0x80000005, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r7 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f00000003c0)={'aio_iiro_16\x00', [0x4f27, 0xb, 0x2, 0x10, 0x5, 0x6, 0x8, 0x7, 0x7fffffff, 0x104, 0x7, 0x3ff, 0x1, 0x20001, 0x6, 0x101, 0x3, 0x80000000, 0x5, 0x40000003, 0x89, 0xcaa7, 0x0, 0x3, 0xb, 0xe69, 0x3c, 0xc, 0x10000006, 0x0, 0x36]})

1.212906746s ago: executing program 0 (id=826):
socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=<r0=>0x0)
sched_setscheduler(r0, 0x3, &(0x7f0000000100)=0x7ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000009c0)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f00000007c0)=[{&(0x7f0000000340)=""/49, 0x31}, {0x0}, {&(0x7f0000000500)=""/25, 0x19}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000900)=""/172, 0xac}], 0x5, &(0x7f0000000800)=""/53, 0x35}, 0xfffffff3}], 0x1, 0x40012140, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
r4 = semget$private(0x0, 0x4, 0x24)
semctl$GETZCNT(r4, 0x2, 0xf, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000300)=0x80000005, 0x4)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x3, &(0x7f0000000200)=ANY=[@ANYRES32=r2], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x6b, '\x00', 0x0, @sched_cls=0xf2fd4ce9ba69909c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000003c0)={'aio_iiro_16\x00', [0x4f27, 0xb, 0x2, 0x10, 0x5, 0x6, 0x8, 0x7, 0x7fffffff, 0x104, 0x7, 0x3ff, 0x1, 0x20001, 0x6, 0x101, 0x3, 0x80000000, 0x5, 0x40000003, 0x89, 0xcaa7, 0x0, 0x3, 0xb, 0xe69, 0x3c, 0xc, 0x10000006, 0x0, 0x36]})

422.851092ms ago: executing program 2 (id=827):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xffff, 0xfd, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0xfd}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f00000012c0)={0x0, 0xb, 0x5, {0x5, 0xc, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18)
r2 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000500)={0x1, 0x4, 0x3, &(0x7f0000000200)={0x5, "000000000000000301001000"}})

272.951236ms ago: executing program 0 (id=828):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$fuse(0xffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000040)="3ed9f20f0130baa100ec0f01c9f00fc19000f0660f3838ebf082010066b8010000000f01d90f01cb3e2e3e360f01c2", 0x2f}], 0x1, 0x6c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

102.104798ms ago: executing program 0 (id=829):
set_mempolicy(0x8006, 0x0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000000)
epoll_create1(0x0)
socket(0x1, 0x80802, 0x0)
unshare(0x20000400)
syz_emit_ethernet(0x0, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
syz_emit_ethernet(0x1e, &(0x7f0000000100)={@broadcast, @remote, @void, {@can={0xc, {{0x3, 0x0, 0x1, 0x1}, 0x6, 0x2, 0x0, 0x0, "856bcbae2a45a8e7"}}}}, &(0x7f0000000140)={0x1, 0x2, [0x263, 0x62e, 0x572, 0x1d1]})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8940, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioprio_set$pid(0x2, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x40, 0x2, 0x6, 0x5, 0x0, 0x0, {0x5}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000800}, 0x48800)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="0c00000001000000e9b200000700e9ff07000000"], 0x9b5200)

101.527832ms ago: executing program 3 (id=830):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fcntl$addseals(r1, 0x409, 0x9)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[], 0x50)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', r0, &(0x7f0000000180)='./file5\x00', 0x3)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004140)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYBLOB="000000000000000018004a28e495d6e91be6fb1d9a20ff730e5fe4621b8768b5fa24cef6efd89d5718fc89b68d3ccbb4ca7dc7d615408663367bd98415", @ANYBLOB="1f15c2663936d0145be26d7ea8653335edd2c09ae5d13b36b3b2bc2aa842eff83a79fdd5ee1df58091818dbb6626a40810775e9d28a17419d6bd9352db10ad75b1f266d7981e716ed50c327f3f47b39900b4cbf7c9c986326f64e1ae288183b5f805cb2d8ad8c4a5500ecccf633d269f00c8cdfe3e0f667b511e50e4298f7884adc92b88f6a77285de48a88e0a92f57d1868982854595982fa60f18770cf39291bcf95ef86b88afee986d75ae1aebb530030166ea2a20e1133989ff904bd411675d89d9827261ed3044e5d1f0b114a6a434a92dd433ac0e84d55ff09fe13469fbfe12bb093f01635f55d4943abe6e949539a7dc64167b725e4c1b4cd8fcb52b989174ffb58e85ab2af3d46538d616af5adc3f936c5b86b2a0afec1039716c381200e26603dd9844570ab737cfc65bb147eab3863834ee8f971f1d23fde1d8586681f97b9fc715b9b81211ba0a3638565a6e389c01608080909f0b3a7ca675f52922e19cf40b1ef127bc79b0ea80671e74c326fe22e0115d3f3dff88f7ed2c313648d28c6fc8e218b528b56b1af9d2b4a898abf8f5638aedc49b9ccab69fc1d179f22d0b58093e67cddf2af12c8bc3016217ec8de0c2a191bdee789111014395b73a35000de9a4d44e974067e22773d569be4e0731f9347536dcb7a6ac924958cd9b299c67b09b9e0fb8673c596b53ff6b9714d5a86b833176b9b4c57b907a807e2505c73977a16a6f30fb3f821ed46256832c57df3b42e7cbbcf3de0fc09d6eb78d0e1d0afd002940fa0d4aa1e7e11e01b410d9a6f9dbee760f81329772033b1045649907c80d89e86adbd860a5ce55b9ca9a5fbef774be0b084746640a8ada57a684ac3f6e61d64eb766f5c0dfd9c4c2553c8fea17be7a2c438f2445198feab6149085e002482a655809b5fb523dad38bc22a506871a7f749e6dd32c25d12dd3cef6257aec8a684e87c380cf21d961dcc6a19997f07c655e0bfa1d7944b71281becac52b6d1cf6929abb6ed4f36b33a2340a18f1044159e623a592f0d9bfbea1fc66dd71a9118259b155984fdbea2aef572daed20d58cb441ed0ee395cfde5ac54e60d41210b71c9d42f52e05755aa937f8bfff15a68c493e9208b7b66203bcfd06cbeca3128832cb19ee48f246731a350aad250a70b950e90fa9d2bd641dd1c247f1a18a85d2b444a93bbe10616a864b811c8bf733a6bc603a7b4d515c156e73eba4fee34a2afa1df7d802c8ab9d5b68749f0f7c61112862ad790772d07ebd5a4cb305d826c0584e38b5eea90cac7c5799ad8bade81df39827c0797d3baa42f2227c27c2c40c29196586819547c2b9c0c6b07860b7d1af749c240273526f294be6395a4b6e19411d7cce4ade0533bd5b8bcfda54cca4c248223a35bf124a18c74c079e1d31d06729b9eb08cd39e58574de56c40fc96d62df67c0c2811ad641d1c6285b8107516aa6f0ffd69fc5e600d98d2d6dfe2c2b9603275406423fd0ce4c88f99e9962eb75be45102b2ff3b89fa0de79ea80eb65f5fd4583b86d88d34dcdced1282fc451b4d75cd43f88fd5bd74210a2785abd9d3e4f9101f5c6b8684cd7a8f4b4050dd999cc13339c3a98817da0396997b311c7e6c95ad8d40c9f96162b4a444fe07ef620c83757978584b19afe68e623a2960d215062622c0fddbdb0d2a029290b8587a4a155adcbd5629746eb981d6c9f0da4bcad8dcbc72942ec3c220b89a65f7d1bbd25e4f83100109e957c14e5dad53311de7a10c11fe2dcb1940763e9cffed673f943e382f05999e6d5dbf29d6f0fc529194d07ebae66e0172274d736058cb64d56de1774b3df1738a3acea60a763475c322a48c8932111ee01ec85e0e43ecd955541ba14a33cf67af40eee1709e2ae014eb017741ec62bddd8660eb5947c9911000b57ca81760f36c9bfa7bcf2fdbb7992a1e53f690f66582026a3e4b58812d93a8145c0066a20619f4597a70a5a9157182cd4cae9ff3e547f836b260ca93b4493ffb8a3ca1a7fb9cc21d8704fbf99cfdf2f710915fca25673e2f00a71a9754a51cb8c20738d79640932ef2c215cb142e7df1ca2ff27ead10b318f9700b7ca07c2b4858f9472c79d55b1c11a050870a67d6a9fec6b017fcdf9e1301abd00968b5f172ffe6b2c8f58092eb4ef96b71cca0c20045cff2b03dbd9f8571a5f331bee427ed38980f52899d8e8254f96bc5e65c2f2021ae7054f418489e645ab167c897aaef892a69955ce498cbc6035b0e38fdd777bf0d3b6860e4240168c343bb3152a079c204158acb052b7bcd2c55deafbf068cc194b9c4d51078fe7033df94e262082a0bbdf2ff56731ae5311e2e1b4a8dd62d54b02463befae273e35406d4607155d3cfffaddb8ddf55dfc56a6f80e3042d882711052edcd869af2019f13104ea63c04b19112577a98848468642e46b49ae3cc81e72bf5c63cb126a3312f364b0efa12b9dd97a96871459a274a127eb0d11d8c599b3309dec99ff510fb84ff916eb4c23671efb21acb61c853bc540db8dcc17a5b0e48e9402baa58ddfa1c3fc06b61cecf3162c349c77215c3b96dd8d89bd04a9bb2c3e265bbe372ccae14d81b8ba6ea331bf7a4e4bd986ec01adf275b048a6f1874834ae9d6ad768b5f0b24ddd3c1f96b496c9c5ce935de869cf964cd6331f34a86226fcf2529eec25f7baa40da08dd7ff963d4f0fdf2ef8f6685568150684b34ddf01df753b78e3750b07709e998767887f8c02ffd9d3f4817ef6e94b72cd25bc625bb9143031290d23f090f3c99a204e82089b78c2e56e5fe5b8da2ef8b7c6ec1f86b78a03c683af177088135dfa3d3ec078d950bd35930fec3864e77e2c5fcb91beb28ecdd6ba7d0855612af8ac057741becd5ffa10f44d09453dec0e0bed733144526fcbc6c39fc329f5f8368e2ede988adf2721bd67a3aac5e269f8804cdf61c33cf7b5709167b84749b8c215fdf0d7a6137167dfd78d41eba56862b9256359ac59dc6eeb22cc1b16a87733389db4404db53188a9c0d437bd530fed71df9974c487554404f3ebab7e8a64c37bb743fafbb47b74a79847ebde16c32dc22c48549a45879e4379ba5e30fd12f49faf1cd32bf67830f18c3e8334054816588492f0e070370142a7383cb05989c534d14b372d50d4900d5d7eebc3bf97808b3eea035729046743294de4d81ad2590475b9db75f9d26f34e4b1ba61fe6e30a2ba61927f63cbd4a089a9d44ca9cabb4e2bfd971f9e085e933129fdfb698ea32fbd1a962e97370f2a2ae58e0e2fa1bc59250ea8a8edeaa8125d16742e6394350eac919df4ee9a498bf08a970f76d20b241e1659f85a414167e5329fa3445b8197bfb1217582ad60c8ef8fcd4af290b48610445e8b491fe8e416f80cf6a4749ee8f98232e4407fd70689629823c4191cca64f5b5b960fe86a0409ab928f847796d26e372115772b2a16279957d96c131d103dbc292e62f1e8a5527acd3f135b9f616f74181c9514f99b77cf0c1113157ad1d2b6cb6af0384f9ac66de79868ca8f9dd4362342fa3737c2355398fd15015588ac51752670833603991a35ced11671c5254bbbaeb355b52b9efb92af097e5983b29fda57f4d9fc9220890cd982c97d0fa8e595033de3987a0652a9eef2318d36e3f2321976a2c7d7a10ae583d2859733544955032e1b13bb164870c41c19e723d7d1a6745abcfdc9becb30bf6e4fe5affbfd50c8718280bd4ed9800ce3d07870ef17ffed58cbe5505e8d50b27009c91f95188b0eb14d6bc73ea2202feeb02cdb7920d021b623d4eaa34388a8dbc9969a9d6c8e2b1166f1817f8d1f2e1ca5d675e0e898582bf429a2eb4653ad5f97a67346d881c6f450a4146604e555b247e57aa673506c3520b006dff3a53c0fea3373691ffe41bf31888d557e568ee49f8503dd83f16bf945b1bb41f234052ff2241a0df6f5ce9f54bbd2a97c2906fe1a106292580b2332c36d7813d23be7306f07a3b3c1a6ddc809047015eb8ea575d61691c31bbba34c3db97068c38da267fae47bd61964c360ead45cb6ee8b93a963cdf3d10ba9f22922695ed6bc6756a727448e3dffc8e331a4c497670296cc6a2331a5896df6314d5ab6925d2e8f18f615cb4a1a5200735d4a6e94a93f704ace359c1a0920a76ab932723c2f80895a733e9bf6f4586fbac54fe2dc94133bf5c98e0b78ff3df1323f28e545aa79c265e63521d288f741c32f3882229fbff67db8a7f9aab82e8d13c582911395366e2d9ea1d67d9ed4b75869a5894730612fe6cedc9182cec5b50e2929369138e70dda057b71f33bff986997245bd85498cba0184c0262d7372457bf88f90d4d77bc3c619e7c80d7ab75a0372b5ee54820e34efdab41d9597f2c971617a3cadefd84f7700574eac7e75db6da8300efc300c0a2a4bd8291cc4b3fd44797ee6d76ebbd5da91a28f33f8cba5d47de4d0859696c71d400abf72d1857bdbd2e36e52173dc1996e832da8a1e703315e5d4bce4061d824a844caf3c4c6b761525210f9f8fc343d06569f0645f23d586cced89849f44a5735a6272c79bccc977c319a0a7c4d3aa45af3d0675500562b5c0e5341e2a86a6355fa510e987e5998f1589e1b0f071678682c68fc3443d3e60304acfb6b5665cddcb7c4f9e6ff56e7b3e902c8bb80a0bb064762eef5df0c7751baab61f57152a80dcf151dcd458c45dc0c7461fa8462b38bebf483a58fd18a8639d601232cc6f83471822f32817aac1e8323dd8ed5cf339301faaf858c0ebc89ea5f948348b6997f509526eb95257fb8b3f42e2f705ef94c9d79087c219df28026998ea9ff1bb78ba7dbb4b4aafec20b55760da94509de0dba45eb8d4f51fc6c19f4cd1b01852efad7af6f546c1bc71cf553d7f72a9847c2fff23c9a110cb61e981d8fe2b236da79d593afc0e524cf7ef2bc446ecf5ecccb7e8a071907ffe6e3c5b80a33e913dcd7754c7736c8253bd6b524362ae437cbb01a9c063e9fb42e4fda93221203a409d239dd0af6aaff671d36c79503f0fd99b78c171a80d29bbbe5d1a2440c6add499bbdc766ce09030ef5a615430e1bdfc60a1ae7a491e9787fce0e266051525fed232697877c76cc39b3a77329780606b105ac5b7f7ab81814f4a2f629f07d42bcfcab3ee6fae67ea15ff30dde0560e91e509e944510722e97b566494daad981e3c972baec7ab1ad9672210b60fa7db5359f53a5567c0ebe7187f9a9f81bee34e4821b5fedde56b0c376a8c7d4955a88857639842dd53fc9c3f71be193e40144d41ffc1cc6f087558634f57f7c3bb89cc87d09098c7b66b992b44f8842db25ecaed77af16b8c84e3c2da5217cf47f5728260051dfe5e4a09739922737497f308e0108b1e60dce601068060d49c1e4640ba506140130d23f35c35f5cf11895e58334fdeb890d74d7a07ed7fec2e91370f283d7c252c7724345f0d58e7f7fb688f35b05b298022eb7269c85c29256777dac8199c12cbdb406ccf4e50a2de8fddd3d378daa6326ed1afcbfe077ba1aaa12848f46f9a24b6076dd06bfb54f35f6818e6dd75ac618a9cb80aa429c843c21d8d0dcfbe06507c5c4c23c048222e9dc165f9b72182e7d7e6aadcf4abd728dddb11c7e67ccad569dd034aadc63d5b2d5bf3f7e60b506fb30aaf7287eb3a0104430a9161990498e89e79e5acce74296b5770187058cdce277a38c4f82a5d3197e4f3ea691d668ebaee814fdccf1f22d0cd246d5a0f64725a7a012668fcfa7a9f303adbd002b7a871d9ac1fae9de0c74e5510ba9fe41100f821f3725ee23a2dd0e82b13b1d9d5c198c7345ddd9", @ANYRESDEC=r0, @ANYBLOB="000000000200"/28], 0x50)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r5 = socket$netlink(0x10, 0x3, 0x5)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r5, 0x10e, 0x5, 0x0, 0xfffffffffffffef3)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r5)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000340)={0x3, 0x900900, 0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x4e20, 0x1a86f, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x8}, 0x1c)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, 0x0)
io_submit(0x0, 0x2, &(0x7f0000000680)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x9, r3, &(0x7f0000000500)="0d6cf014c1eae8d5163e42f8a2e32f572c816e6256bd299b41701444c9c42b299d17fe21dce4b0a269130d358b5a0e2fd56ae20288778b2f7af105c80b4f096f4514e7c6ce5e764faf31e3f77b42eb2b26e3eccf89548e6286c7af59fbaf4d736a81b627b70f7280ca087e67ab1401ce4aaa61ff44c9a3550fbd8eaaefa2203653", 0x81, 0xce4c}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, &(0x7f0000000900)="f3e1301c51a4e4af30c8618ca9a19a6220ab034574572d738960fcb43719a3494727b960290fd9ff00baf8ffad5d79610980e732563c5cbe88e533daba442cc166a44868a5070d1e1a264d8d138e4ea8626c4042c758f5a8624fc16b83f7e97209d1f7c15af39cce5fbb0be9222691fdcc97605b8fb34d57ba207f8a4a3b48d5952aaa6de2d49a2143e08324a80ee8be4145ac7fcd9a83fd76fd1052e0a2c8fdb1d9db3a9708c77b1c4a7b1d7351543bd86f29ea34562567c8a0ebfe564c2157a3783ebbb7841a5fe0fe93d87a63705e50334ca6ecd3e3e20dd9a2328f7ac7179c5c20e4209943d6a26ed6fc5277f0517b0c", 0xf2, 0x2dc}])
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000a00)=ANY=[@ANYBLOB="1808000060000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff770000000800000018220000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf98000000000000560800200100000085000000070000bac7078ce699c7e1d5a19c00b700000000e92aef3bad4fd47ba32fbdb0d99ec569ea114fb027793f6721a7cf1db96b9f54438d6db000d1a4430fd7d872077b2e06c95baf0443194bff3d77b3b634a1a5cb56999f273b9085392d08e6511d8b65fde360fc37c4b8521867585e3dc85c236a9cd1caf89477573fff38de671608006a076bcc21f08ccfa47a780000521f040e7cc66ddcf08458f39d78183402dd2bbb71478d63802456740c0e34772174f07ea307c2803e007f1923455b62f4301c630dc748b39f2f867203b62913fe9b983a8ece01587d2d38d3f6b9ce5ce22e8e80f0cc47146de1a10052128babb2d0d27d85dc79d443a71a67538b5d31b71b278b046d1ec9d772c2732eb326d5110ec4017d56696581fc206b66f972c61361b484a89a2695be0586b95d3c4def7eea6110f6fa385bb348df251354ee4882899c3cdbd98fb39f76be2efc51b717385aee1d48e6fb099dff6f9bf56b357168e297b9b98e0212a471677cb459a323070110f2ff7ff26bbcab38ae89e5cf4bf46b5ee12da05d69230361da79cd58531bf30d956de091a852ddae9c5aa93fb82874a7024a824080db19"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x32, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

0s ago: executing program 1 (id=831):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x24, r4, 0x5, 0xfffffffd, 0x2, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4810)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000840)={0x240, r4, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x224, 0x11d, 0x0, 0x1, [{0x190, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x14, 0x2, [{0x0, 0x8}, {0x0, 0x4}, {0x6, 0x2}, {0x4}, {0x7, 0x2}, {0x6, 0x3}, {0x1, 0x5}, {0x7, 0x1}, {0x4, 0x1}, {0x2}, {0x3, 0x7}, {0x1, 0x3}, {0x5, 0x7}, {0x7, 0x9}, {0x6, 0x7}, {0x2, 0x7}]}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0xc, 0x36, 0xc, 0x16, 0xb, 0x1b, 0x3, 0x1, 0x60, 0x5, 0x4, 0x1b, 0x48, 0x24, 0x3b, 0xc, 0x3, 0x6, 0x16, 0x60, 0x36]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x2, 0x2}, {0x5, 0xa}, {0x0, 0x6}]}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x91}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x100, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x21, 0x2, [{0x1, 0x7}, {0x0, 0x4}, {0x0, 0x5}, {0x1, 0x9}, {0x6, 0x6}, {0x3, 0x8}, {0x7, 0x5}, {0x1, 0x4}, {0x7, 0x3}, {0x6, 0x6}, {0x5, 0x9}, {0x4, 0x3}, {0x6, 0x9}, {0x5}, {0x0, 0x5}, {0x2}, {0x6, 0x1}, {0x7, 0xa}, {0x0, 0x5}, {0x4, 0x6}, {0x1, 0x3}, {0x3, 0x9}, {0x2, 0x6}, {0x1, 0x6}, {0x7, 0x7}, {0x4, 0x4}, {0x1, 0x2}, {0x6, 0xa}, {0x6, 0x5}]}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x5, 0x3, 0x4, 0xb502, 0x1c0, 0xc, 0x2]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x7a}]}, @NL80211_BAND_2GHZ={0xac, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3d, 0x2, [{0x6}, {0x3, 0x3}, {0x4, 0x2}, {0x5, 0x9}, {0x0, 0x6}, {0x4, 0x5}, {0x3, 0x5}, {0x3}, {0x4, 0x4}, {0x7, 0x8}, {0x3, 0x7}, {0x3, 0x8}, {0x3, 0xa}, {0x0, 0x9}, {0x6}, {0x3, 0x6}, {0x4, 0x1}, {0x7, 0x6}, {0x7, 0x6}, {}, {0x6, 0x14}, {0x4}, {0x4, 0x1}, {0x0, 0x3}, {0x1, 0x5}, {0x0, 0x2}, {0x5, 0x4}, {0x6, 0x5}, {0x0, 0x5}, {0x0, 0x6}, {0x7, 0x1}, {0x1, 0x3}, {0x4, 0x7}, {0x4, 0x8}, {0x1, 0x9}, {0x1, 0x5}, {0x3, 0x2}, {0x5}, {0x7, 0x1}, {0x1, 0x6}, {0x0, 0x7}, {0x0, 0x3}, {0x5, 0x4}, {0x5, 0xa}, {0x0, 0x7}, {0x2, 0x3}, {0x5, 0x4}, {0x1, 0x8}, {0x5, 0x4}, {0x6, 0x8}, {0x4, 0x2}, {0x2, 0xa}, {0x0, 0x8}, {0x4, 0x4}, {0x2, 0xa}, {0x1, 0x1}, {0x6, 0x3}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x3, 0x4}, {0x5, 0x3}, {0x5, 0x8}, {0x1, 0x7}, {0x1, 0x7}, {0x1}, {0x0, 0x8}, {0x6, 0x5}, {0x1, 0x7}, {0x0, 0x1}, {0x4, 0x2}, {0x0, 0xa}, {0x4, 0x4}, {0x0, 0xa}, {0x0, 0x3}, {0x7, 0x8}, {0x7, 0x4}, {0x6, 0x2}, {0x1, 0x9}, {0x4, 0x8}, {0x1, 0x6}, {0x4, 0x1}, {0x7, 0x5}, {0x4, 0x7}, {0x2, 0x5}, {0x0, 0x8}, {0x1, 0xa}, {0x4, 0xa}, {0x0, 0x3}, {0x0, 0x3}, {0x0, 0x9}, {0x1, 0x3}, {0x0, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfff, 0x7, 0x5385, 0x8001, 0xf0e7, 0xfffe, 0x6, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0x9, 0x40, 0x2, 0x8, 0x6]}}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x66}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x4}, {0x4}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xdb}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa7}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x25}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8}]}]}]}, 0x240}, 0x1, 0x0, 0x0, 0x1}, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd13a}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r9, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r10, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

][ T1026] kernel read not supported for file /dsp (pid: 1026 comm: kworker/3:3)
[  130.142988][ T6567] ldusb 8-1:0.55: Write buffer overflow, 5 bytes dropped
[  130.148102][ T1026] usb 8-1: USB disconnect, device number 4
[  130.157529][ T1026] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  130.576115][   T40] kauditd_printk_skb: 78 callbacks suppressed
[  130.576127][   T40] audit: type=1326 audit(2000000029.929:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.587906][   T40] audit: type=1326 audit(2000000029.929:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.596850][   T40] audit: type=1326 audit(2000000029.929:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.605155][   T40] audit: type=1326 audit(2000000029.929:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.614445][   T40] audit: type=1326 audit(2000000029.929:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.622885][   T40] audit: type=1326 audit(2000000029.929:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.631871][   T40] audit: type=1326 audit(2000000029.929:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.640622][   T40] audit: type=1326 audit(2000000029.929:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.649841][   T40] audit: type=1326 audit(2000000029.939:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.661652][   T40] audit: type=1326 audit(2000000029.939:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.2.141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  130.688935][ T6597] xt_ecn: cannot match TCP bits for non-tcp packets
[  130.933167][ T6600] futex_wake_op: syz.3.144 tries to shift op by 32; fix this program
[  131.651569][ T6608] trusted_key: encrypted_key: key user:syz not found
[  131.693470][ T6609] netlink: 292 bytes leftover after parsing attributes in process `syz.3.147'.
[  132.043548][ T6612] netlink: 244 bytes leftover after parsing attributes in process `syz.0.146'.
[  132.276182][   T55] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  132.438362][   T55] usb 8-1: Using ep0 maxpacket: 8
[  132.461699][   T55] usb 8-1: config 0 interface 0 has no altsetting 0
[  132.489487][   T55] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  132.498966][   T55] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.530900][   T55] usb 8-1: config 0 descriptor??
[  132.961860][   T55] mcp2221 0003:04D8:00DD.0004: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  133.165523][   T55] usb 8-1: USB disconnect, device number 5
[  133.821557][ T6648] xt_ecn: cannot match TCP bits for non-tcp packets
[  133.822512][ T6647] fuse: Unknown parameter 'fd0x0000000000000004'
[  133.877224][ T6652] xt_ecn: cannot match TCP bits for non-tcp packets
[  134.047311][ T6653] futex_wake_op: syz.2.156 tries to shift op by 32; fix this program
[  134.105412][ T6656] futex_wake_op: syz.3.162 tries to shift op by 32; fix this program
[  135.241635][ T6676] FAULT_INJECTION: forcing a failure.
[  135.241635][ T6676] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  135.248619][ T6676] CPU: 0 UID: 0 PID: 6676 Comm: syz.2.169 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  135.248635][ T6676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  135.248642][ T6676] Call Trace:
[  135.248645][ T6676]  <TASK>
[  135.248649][ T6676]  dump_stack_lvl+0x16c/0x1f0
[  135.248664][ T6676]  should_fail_ex+0x512/0x640
[  135.248677][ T6676]  should_fail_alloc_page+0xe7/0x130
[  135.248692][ T6676]  prepare_alloc_pages+0x3c2/0x610
[  135.248707][ T6676]  ? rcu_is_watching+0x12/0xc0
[  135.248721][ T6676]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  135.248734][ T6676]  ? rcu_is_watching+0x12/0xc0
[  135.248744][ T6676]  ? trace_mm_page_alloc+0x11f/0x1a0
[  135.248759][ T6676]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  135.248772][ T6676]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  135.248790][ T6676]  ? find_held_lock+0x2b/0x80
[  135.248801][ T6676]  ? rcu_read_unlock+0x17/0x60
[  135.248819][ T6676]  ? vhost_dev_set_owner+0x191/0xb70
[  135.248859][ T6676]  __alloc_pages_noprof+0xb/0x1b0
[  135.248874][ T6676]  ___kmalloc_large_node+0x84/0x1e0
[  135.248891][ T6676]  ? vhost_dev_set_owner+0x191/0xb70
[  135.248903][ T6676]  __kmalloc_large_node_noprof+0x1c/0x70
[  135.248918][ T6676]  __kmalloc_noprof.cold+0xc/0x61
[  135.248935][ T6676]  ? rcu_is_watching+0x12/0xc0
[  135.248947][ T6676]  vhost_dev_set_owner+0x191/0xb70
[  135.248965][ T6676]  vhost_net_ioctl+0x694/0x1710
[  135.248979][ T6676]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  135.248992][ T6676]  ? hook_file_ioctl_common+0x145/0x410
[  135.249010][ T6676]  ? __fget_files+0x20e/0x3c0
[  135.249031][ T6676]  ? __fput_deferred+0x480/0x480
[  135.249045][ T6676]  ? __pfx_vhost_net_ioctl+0x10/0x10
[  135.249056][ T6676]  compat_ptr_ioctl+0x6e/0xa0
[  135.249070][ T6676]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  135.249084][ T6676]  __ia32_compat_sys_ioctl+0x23f/0x370
[  135.249101][ T6676]  __do_fast_syscall_32+0x7c/0x3a0
[  135.249114][ T6676]  do_fast_syscall_32+0x32/0x80
[  135.249125][ T6676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  135.249138][ T6676] RIP: 0023:0xf7ff2579
[  135.249147][ T6676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  135.249157][ T6676] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  135.249167][ T6676] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000af01
[  135.249173][ T6676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  135.249179][ T6676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  135.249185][ T6676] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  135.249191][ T6676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  135.249203][ T6676]  </TASK>
[  135.484414][ T6682] capability: warning: `syz.2.172' uses deprecated v2 capabilities in a way that may be insecure
[  136.953220][   T40] kauditd_printk_skb: 95 callbacks suppressed
[  136.953232][   T40] audit: type=1326 audit(2000000036.309:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  136.962666][   T40] audit: type=1326 audit(2000000036.309:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  136.972521][   T40] audit: type=1326 audit(2000000036.309:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  136.982090][   T40] audit: type=1326 audit(2000000036.309:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  136.993465][   T40] audit: type=1326 audit(2000000036.309:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  137.001833][   T40] audit: type=1326 audit(2000000036.319:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  137.010803][   T40] audit: type=1326 audit(2000000036.319:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  137.019300][   T40] audit: type=1326 audit(2000000036.319:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  137.031663][   T40] audit: type=1326 audit(2000000036.319:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  137.041825][   T40] audit: type=1326 audit(2000000036.319:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.2.188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  138.314354][ T6748] netlink: 244 bytes leftover after parsing attributes in process `syz.0.196'.
[  138.750319][ T6761] netlink: 244 bytes leftover after parsing attributes in process `syz.1.200'.
[  139.395668][ T1026] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  139.545652][ T1026] usb 8-1: Using ep0 maxpacket: 16
[  139.549079][ T1026] usb 8-1: config 1 has an invalid descriptor of length 243, skipping remainder of the config
[  139.552325][ T1026] usb 8-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  139.556775][ T1026] usb 8-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  139.559625][ T1026] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.561965][ T1026] usb 8-1: Product: syz
[  139.563377][ T1026] usb 8-1: Manufacturer: syz
[  139.564895][ T1026] usb 8-1: SerialNumber: syz
[  140.285992][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  140.435971][   T10] usb 5-1: Using ep0 maxpacket: 8
[  140.438921][   T10] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  140.441602][   T10] usb 5-1: config 179 has no interface number 0
[  140.443586][   T10] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  140.447709][   T10] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  140.451193][   T10] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  140.454710][   T10] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  140.458338][   T10] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  140.462420][   T10] usb 5-1: config 179 interface 65 has no altsetting 0
[  140.464551][   T10] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  140.467810][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.476958][ T6793] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  140.493849][   T10] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input9
[  140.691513][   T10] usb 5-1: USB disconnect, device number 4
[  140.693393][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  140.861904][ T6799] netlink: 244 bytes leftover after parsing attributes in process `syz.1.210'.
[  141.070755][ T6802] mmap: syz.3.204 (6802) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  141.205638][ T1026] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[  141.361157][ T1026] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  141.363557][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  141.373712][ T1026] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  141.379211][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  141.383919][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  141.391190][ T1026] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  141.393536][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  141.406964][ T1026] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  141.411758][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  141.425885][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  141.517308][ T1026] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  141.519755][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  141.523471][ T1026] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  141.527506][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  141.530910][ T1026] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  141.537768][ T1026] usb 7-1: string descriptor 0 read error: -22
[  141.539771][ T1026] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  141.542609][ T1026] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.550586][ T1026] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  141.754141][ T6819] netlink: 'syz.1.215': attribute type 1 has an invalid length.
[  141.761929][ T6819] netlink: 384 bytes leftover after parsing attributes in process `syz.1.215'.
[  142.177944][   T54] usb 8-1: USB disconnect, device number 6
[  142.550961][ T6832] netlink: 'syz.1.220': attribute type 10 has an invalid length.
[  142.554008][ T6832] netlink: 'syz.1.220': attribute type 10 has an invalid length.
[  142.556579][ T6832] netlink: 2 bytes leftover after parsing attributes in process `syz.1.220'.
[  142.559234][ T6832] team0: entered promiscuous mode
[  142.560740][ T6832] team_slave_0: entered promiscuous mode
[  142.562554][ T6832] team_slave_1: entered promiscuous mode
[  142.565445][ T6832] 8021q: adding VLAN 0 to HW filter on device team0
[  142.567652][ T6832] batman_adv: batadv0: Interface activated: team0
[  142.569697][ T6832] batman_adv: batadv0: Interface deactivated: team0
[  142.571791][ T6832] batman_adv: batadv0: Removing interface: team0
[  142.575038][ T6832] bridge0: port 3(team0) entered blocking state
[  142.578441][ T6832] bridge0: port 3(team0) entered disabled state
[  142.581152][ T6832] team0: entered allmulticast mode
[  142.583324][ T6832] team_slave_0: entered allmulticast mode
[  142.586545][ T6832] team_slave_1: entered allmulticast mode
[  142.590908][ T6832] bridge0: port 3(team0) entered blocking state
[  142.593602][ T6832] bridge0: port 3(team0) entered forwarding state
[  142.645824][   T54] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  142.805319][   T54] usb 8-1: Using ep0 maxpacket: 8
[  142.808824][   T54] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  142.811397][   T54] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  142.814476][   T54] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  142.817607][   T54] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  142.820677][   T54] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  142.825361][   T54] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  142.829133][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.078136][   T54] usb 8-1: usb_control_msg returned -32
[  143.079784][   T54] usbtmc 8-1:16.0: can't read capabilities
[  143.854638][   T54] usb 7-1: USB disconnect, device number 3
[  144.606081][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  144.606093][   T40] audit: type=1326 audit(2000000043.959:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.620659][   T40] audit: type=1326 audit(2000000043.959:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.627694][   T40] audit: type=1326 audit(2000000043.969:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.634373][   T40] audit: type=1326 audit(2000000043.969:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.644507][   T40] audit: type=1326 audit(2000000043.969:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.656030][   T40] audit: type=1326 audit(2000000043.969:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.662627][   T40] audit: type=1326 audit(2000000043.969:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.669609][   T40] audit: type=1326 audit(2000000043.969:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.677039][   T40] audit: type=1326 audit(2000000043.969:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  144.685207][   T40] audit: type=1326 audit(2000000043.969:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6856 comm="syz.1.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  145.263305][   T10] usb 8-1: USB disconnect, device number 7
[  145.576045][   T55] usb 7-1: new low-speed USB device number 4 using dummy_hcd
[  145.678335][ T6884] netlink: 244 bytes leftover after parsing attributes in process `syz.0.239'.
[  145.742908][   T55] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  145.765763][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  145.769104][   T55] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.773293][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  145.785932][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  145.790955][   T55] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  145.793288][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  145.797090][   T55] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.800773][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  145.804104][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  145.808858][   T55] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  145.811230][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  145.814549][   T55] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.818582][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  145.821994][   T55] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  145.828002][   T55] usb 7-1: string descriptor 0 read error: -22
[  145.829999][   T55] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  145.832804][   T55] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.840304][   T55] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  147.525948][ T5967] Bluetooth: hci4: command 0x1003 tx timeout
[  147.528423][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  147.868104][ T6913] netlink: 96 bytes leftover after parsing attributes in process `syz.3.247'.
[  148.263048][   T24] usb 7-1: USB disconnect, device number 4
[  148.693684][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  148.696031][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  150.405704][  T840] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  150.575943][  T840] usb 6-1: Using ep0 maxpacket: 32
[  150.580717][  T840] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.586010][  T840] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  150.591337][  T840] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  150.595075][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.601131][  T840] usb 6-1: config 0 descriptor??
[  150.606253][  T840] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  150.813259][ T6952] netlink: 36 bytes leftover after parsing attributes in process `syz.1.262'.
[  150.818136][ T6952] xt_CT: You must specify a L4 protocol and not use inversions on it
[  150.895119][ T6963] syzkaller0: entered promiscuous mode
[  150.898810][ T6963] syzkaller0: entered allmulticast mode
[  150.902095][ T6962] tipc: Started in network mode
[  150.903614][ T6962] tipc: Node identity 92841bd66bfb, cluster identity 4711
[  150.907252][ T6962] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  150.957301][  T842] usb 6-1: USB disconnect, device number 4
[  151.015129][   T40] kauditd_printk_skb: 52 callbacks suppressed
[  151.015141][   T40] audit: type=1804 audit(2000000050.369:423): pid=6969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.269" name="/newroot/70/file0" dev="tmpfs" ino=383 res=1 errno=0
[  151.401068][ T6975] netlink: 244 bytes leftover after parsing attributes in process `syz.0.270'.
[  151.945698][ T1026] tipc: Node number set to 4185856982
[  152.006464][   T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  152.236491][   T10] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  152.240269][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.243232][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.247328][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.250584][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.254038][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.258273][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.261285][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.264275][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.268385][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.271378][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.274321][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.279177][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.283174][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.288624][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.293165][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.298331][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.302097][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.308423][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.312640][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.317746][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.322454][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.332254][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.338949][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.342444][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  152.346779][   T10] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  152.349694][   T10] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  152.352377][   T10] usb 6-1: Product: syz
[  152.353819][   T10] usb 6-1: Manufacturer: syz
[  152.384970][   T10] usb 6-1: SerialNumber: syz
[  152.396426][   T40] audit: type=1326 audit(2000000051.749:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396478][   T40] audit: type=1326 audit(2000000051.749:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396509][   T40] audit: type=1326 audit(2000000051.749:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396543][   T40] audit: type=1326 audit(2000000051.749:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396579][   T40] audit: type=1326 audit(2000000051.749:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396614][   T40] audit: type=1326 audit(2000000051.749:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396648][   T40] audit: type=1326 audit(2000000051.759:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.396713][   T40] audit: type=1326 audit(2000000051.759:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.400515][   T40] audit: type=1326 audit(2000000051.759:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6988 comm="syz.2.276" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  152.530229][   T10] usb 6-1: config 0 descriptor??
[  152.546525][   T10] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  152.739564][   T10] usb 6-1: USB disconnect, device number 5
[  152.743381][   T10] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  152.834033][ T6994] netlink: 'syz.3.277': attribute type 27 has an invalid length.
[  153.179388][ T7004] netlink: 292 bytes leftover after parsing attributes in process `syz.3.281'.
[  153.335973][   T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  153.454725][ T7017] serio: Serial port ptm0
[  153.465633][   T10] usb 7-1: device descriptor read/64, error -71
[  153.525710][   T24] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[  153.676866][   T24] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  153.679359][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.682643][   T24] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.686971][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.690923][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.695181][   T24] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  153.697727][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.701827][   T24] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.705844][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.710400][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.716417][   T24] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  153.719317][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.723767][   T24] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.729343][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.733884][   T24] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.736535][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  153.749001][   T24] usb 6-1: string descriptor 0 read error: -22
[  153.753413][   T24] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  153.761240][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.787540][   T24] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  153.875312][   T10] usb 7-1: device descriptor read/64, error -71
[  153.997209][   T10] usb usb7-port1: attempt power cycle
[  154.345929][   T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  154.367207][   T10] usb 7-1: device descriptor read/8, error -71
[  154.605329][   T10] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  154.626114][   T10] usb 7-1: device descriptor read/8, error -71
[  154.642914][ T7030] xt_ecn: cannot match TCP bits for non-tcp packets
[  154.760888][   T10] usb usb7-port1: unable to enumerate USB device
[  155.631545][ T7039] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  155.647732][ T7039] evm: overlay not supported
[  156.020372][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  156.020386][   T40] audit: type=1326 audit(2000000055.379:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.3.294" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  156.062600][   T40] audit: type=1326 audit(2000000055.379:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.3.294" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  156.107799][   T24] usb 6-1: USB disconnect, device number 6
[  156.227002][ T7047] serio: Serial port ptm0
[  156.258560][ T7038] syz.0.292: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[  156.263389][ T7038] CPU: 2 UID: 0 PID: 7038 Comm: syz.0.292 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  156.263407][ T7038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.263414][ T7038] Call Trace:
[  156.263418][ T7038]  <TASK>
[  156.263423][ T7038]  dump_stack_lvl+0x16c/0x1f0
[  156.263439][ T7038]  warn_alloc+0x248/0x3a0
[  156.263452][ T7038]  ? __pfx_warn_alloc+0x10/0x10
[  156.263463][ T7038]  ? psi_group_change+0x6dc/0xd20
[  156.263482][ T7038]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  156.263494][ T7038]  ? psi_memstall_leave+0x1e1/0x2d0
[  156.263509][ T7038]  ? psi_memstall_leave+0x1e6/0x2d0
[  156.263526][ T7038]  __alloc_frozen_pages_noprof+0xea2/0x23f0
[  156.263544][ T7038]  ? __schedule+0x1181/0x5dd0
[  156.263562][ T7038]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  156.263581][ T7038]  ? __pfx___schedule+0x10/0x10
[  156.263600][ T7038]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  156.263619][ T7038]  ? policy_nodemask+0xea/0x4e0
[  156.263634][ T7038]  alloc_pages_mpol+0x1fb/0x550
[  156.263649][ T7038]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  156.263666][ T7038]  alloc_pages_noprof+0x131/0x390
[  156.263680][ T7038]  kimage_alloc_pages+0x75/0x350
[  156.263700][ T7038]  kimage_alloc_control_pages+0x153/0xa00
[  156.263723][ T7038]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  156.263746][ T7038]  do_kexec_load+0x480/0x8d0
[  156.263758][ T7038]  ? __pfx_do_kexec_load+0x10/0x10
[  156.263774][ T7038]  __ia32_compat_sys_kexec_load+0x37f/0x400
[  156.263788][ T7038]  ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10
[  156.263802][ T7038]  ? rcu_is_watching+0x12/0xc0
[  156.263817][ T7038]  __do_fast_syscall_32+0x7c/0x3a0
[  156.263832][ T7038]  do_fast_syscall_32+0x32/0x80
[  156.263844][ T7038]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.263859][ T7038] RIP: 0023:0xf70fe579
[  156.263868][ T7038] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.263879][ T7038] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[  156.263890][ T7038] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[  156.263897][ T7038] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000
[  156.263904][ T7038] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.263910][ T7038] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  156.263917][ T7038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.263930][ T7038]  </TASK>
[  156.263934][ T7038] Mem-Info:
[  156.347637][ T7038] active_anon:1376 inactive_anon:7852 isolated_anon:0
[  156.347637][ T7038]  active_file:629 inactive_file:11875 isolated_file:0
[  156.347637][ T7038]  unevictable:1768 dirty:144 writeback:0
[  156.347637][ T7038]  slab_reclaimable:9241 slab_unreclaimable:52246
[  156.347637][ T7038]  mapped:27393 shmem:5264 pagetables:1073
[  156.347637][ T7038]  sec_pagetables:301 bounce:0
[  156.347637][ T7038]  kernel_misc_reclaimable:0
[  156.347637][ T7038]  free:24266 free_pcp:450 free_cma:0
[  156.362560][ T7038] Node 0 active_anon:5116kB inactive_anon:6052kB active_file:600kB inactive_file:8468kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:13488kB dirty:0kB writeback:0kB shmem:10012kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8240kB pagetables:1160kB sec_pagetables:1124kB all_unreclaimable? no Balloon:0kB
[  156.373061][ T7038] Node 1 active_anon:388kB inactive_anon:25256kB active_file:1916kB inactive_file:38132kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95384kB dirty:576kB writeback:0kB shmem:11044kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4724kB pagetables:3132kB sec_pagetables:80kB all_unreclaimable? no Balloon:0kB
[  156.384629][ T7038] Node 0 DMA free:2516kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  156.394442][ T7038] lowmem_reserve[]: 0 289 289 289 289
[  156.396686][ T7038] Node 0 DMA32 free:13172kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:152KB active_anon:5116kB inactive_anon:6052kB active_file:7344kB inactive_file:1080kB unevictable:3536kB writepending:0kB present:1032196kB managed:295992kB mlocked:0kB bounce:0kB free_pcp:136kB local_pcp:0kB free_cma:0kB
[  156.408834][ T7038] lowmem_reserve[]: 0 0 0 0 0
[  156.410891][ T7038] Node 1 DMA32 free:82928kB boost:32768kB min:79912kB low:91696kB high:103480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:388kB inactive_anon:25256kB active_file:2064kB inactive_file:37632kB unevictable:3536kB writepending:576kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:3216kB local_pcp:896kB free_cma:0kB
[  156.436912][ T7038] lowmem_reserve[]: 0 0 0 0 0
[  156.441565][ T7038] Node 0 DMA: 27*4kB (UM) 17*8kB (U) 6*16kB (UM) 4*32kB (U) 2*64kB (U) 1*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2516kB
[  156.449313][ T7038] Node 0 DMA32: 250*4kB (UME) 59*8kB (UMEH) 37*16kB (UMEH) 27*32kB (UME) 81*64kB (UMEH) 15*128kB (UM) 2*256kB (U) 2*512kB (UM) 0*1024kB 1*2048kB (M) 0*4096kB = 13616kB
[  156.457251][ T7038] Node 1 DMA32: 873*4kB (UME) 780*8kB (UME) 721*16kB (UME) 537*32kB (UME) 333*64kB (UME) 88*128kB (UME) 32*256kB (UME) 9*512kB (UM) 2*1024kB (U) 0*2048kB 0*4096kB = 85876kB
[  156.466745][ T7038] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  156.470023][ T7038] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  156.473791][ T7038] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  156.478654][ T7038] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  156.481959][ T7038] 17221 total pagecache pages
[  156.484219][ T7038] 0 pages in swap cache
[  156.486958][ T7038] Free swap  = 124996kB
[  156.489369][ T7038] Total swap = 124996kB
[  156.491271][ T7038] 524155 pages RAM
[  156.492899][ T7038] 0 pages HighMem/MovableOnly
[  156.494864][ T7038] 209246 pages reserved
[  156.497211][ T7038] 0 pages cma reserved
[  157.702770][ T7038] kexec: Could not allocate control_code_buffer
[  158.143884][   T40] audit: type=1326 audit(2000000057.449:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.151234][   T40] audit: type=1326 audit(2000000057.449:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.161792][   T40] audit: type=1326 audit(2000000057.449:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.170023][   T40] audit: type=1326 audit(2000000057.449:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.177361][   T40] audit: type=1326 audit(2000000057.459:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.184270][   T40] audit: type=1326 audit(2000000057.459:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.191489][   T40] audit: type=1326 audit(2000000057.459:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.200988][   T40] audit: type=1326 audit(2000000057.459:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7077 comm="syz.0.306" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  158.556673][ T7097] syz.1.311 (7097) used greatest stack depth: 19608 bytes left
[  158.912997][   T24] IPVS: starting estimator thread 0...
[  159.015923][ T7109] IPVS: using max 44 ests per chain, 105600 per kthread
[  159.640716][ T7104] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  159.719928][ T7122] netlink: 12 bytes leftover after parsing attributes in process `syz.3.316'.
[  162.068246][ T7175] qnx6: unable to read the first superblock
[  162.335377][   T54] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  162.485289][   T54] usb 8-1: Using ep0 maxpacket: 8
[  162.489515][   T54] usb 8-1: config 0 interface 0 has no altsetting 0
[  162.491893][   T54] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  162.495202][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.507021][   T54] usb 8-1: config 0 descriptor??
[  162.612701][ T7185] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.340'.
[  162.927102][   T54] usbhid 8-1:0.0: can't add hid device: -71
[  162.939137][   T54] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  163.105679][   T54] usb 8-1: USB disconnect, device number 8
[  163.347109][ T7195] vivid-001: =================  START STATUS  =================
[  163.350703][ T7195] vivid-001: Radio HW Seek Mode: Bounded
[  163.353245][ T7195] vivid-001: Radio Programmable HW Seek: false
[  163.359493][ T7195] vivid-001: RDS Rx I/O Mode: Block I/O
[  163.361930][ T7195] vivid-001: Generate RBDS Instead of RDS: false
[  163.364648][ T7195] vivid-001: RDS Reception: true
[  163.367704][ T7195] vivid-001: RDS Program Type: 0 inactive
[  163.370168][ T7195] vivid-001: RDS PS Name:  inactive
[  163.372393][ T7195] vivid-001: RDS Radio Text:  inactive
[  163.374714][ T7195] vivid-001: RDS Traffic Announcement: false inactive
[  163.381218][ T7195] vivid-001: RDS Traffic Program: false inactive
[  163.383984][ T7195] vivid-001: RDS Music: false inactive
[  163.387493][ T7195] vivid-001: ==================  END STATUS  ==================
[  163.748674][   T40] kauditd_printk_skb: 59 callbacks suppressed
[  163.748687][   T40] audit: type=1326 audit(2000000063.109:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.757830][   T40] audit: type=1326 audit(2000000063.109:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.764725][   T40] audit: type=1326 audit(2000000063.109:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.772362][   T40] audit: type=1326 audit(2000000063.109:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.779614][   T40] audit: type=1326 audit(2000000063.109:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.787131][   T40] audit: type=1326 audit(2000000063.109:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.795065][   T40] audit: type=1326 audit(2000000063.109:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.802229][   T40] audit: type=1326 audit(2000000063.109:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.809186][   T40] audit: type=1326 audit(2000000063.109:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf710e579 code=0x7ffc0000
[  163.816109][   T40] audit: type=1326 audit(2000000063.109:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7199 comm="syz.3.346" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  165.025812][  T842] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  165.175685][  T842] usb 8-1: Using ep0 maxpacket: 8
[  165.179957][  T842] usb 8-1: config 0 interface 0 has no altsetting 0
[  165.182033][  T842] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  165.185321][  T842] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.190890][  T842] usb 8-1: config 0 descriptor??
[  166.518502][  T842] usbhid 8-1:0.0: can't add hid device: -71
[  166.520530][  T842] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  166.533286][  T842] usb 8-1: USB disconnect, device number 9
[  167.809553][ T7255] FAULT_INJECTION: forcing a failure.
[  167.809553][ T7255] name failslab, interval 1, probability 0, space 0, times 0
[  167.814647][ T7255] CPU: 2 UID: 0 PID: 7255 Comm: syz.0.361 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  167.814672][ T7255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.814682][ T7255] Call Trace:
[  167.814689][ T7255]  <TASK>
[  167.814697][ T7255]  dump_stack_lvl+0x16c/0x1f0
[  167.814738][ T7255]  should_fail_ex+0x512/0x640
[  167.814763][ T7255]  ? __kmalloc_noprof+0xbf/0x510
[  167.814783][ T7255]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  167.814810][ T7255]  should_failslab+0xc2/0x120
[  167.814832][ T7255]  __kmalloc_noprof+0xd2/0x510
[  167.814848][ T7255]  ? kmem_cache_free+0x2d1/0x4d0
[  167.814868][ T7255]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  167.814899][ T7255]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  167.814929][ T7255]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  167.814953][ T7255]  ? trace_cap_capable+0x18d/0x200
[  167.814981][ T7255]  ? bpf_lsm_capable+0x9/0x10
[  167.815012][ T7255]  ? security_capable+0x7e/0x260
[  167.815033][ T7255]  ? ns_capable+0xd7/0x110
[  167.815054][ T7255]  genl_rcv_msg+0x55c/0x800
[  167.815081][ T7255]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.815104][ T7255]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[  167.815131][ T7255]  netlink_rcv_skb+0x158/0x420
[  167.815152][ T7255]  ? __pfx_genl_rcv_msg+0x10/0x10
[  167.815176][ T7255]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  167.815207][ T7255]  ? netlink_deliver_tap+0x1ae/0xd30
[  167.815246][ T7255]  genl_rcv+0x28/0x40
[  167.815267][ T7255]  netlink_unicast+0x58a/0x850
[  167.815292][ T7255]  ? __pfx_netlink_unicast+0x10/0x10
[  167.815311][ T7255]  ? __build_skb_around+0x278/0x3b0
[  167.815337][ T7255]  ? is_vmalloc_addr+0x86/0xa0
[  167.815358][ T7255]  netlink_sendmsg+0x8d1/0xdd0
[  167.815383][ T7255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  167.815406][ T7255]  ? __import_iovec+0x1dd/0x650
[  167.815432][ T7255]  ____sys_sendmsg+0xa95/0xc70
[  167.815459][ T7255]  ? __pfx_____sys_sendmsg+0x10/0x10
[  167.815480][ T7255]  ? get_compat_msghdr+0x11a/0x170
[  167.815511][ T7255]  ___sys_sendmsg+0x134/0x1d0
[  167.815530][ T7255]  ? __pfx____sys_sendmsg+0x10/0x10
[  167.815559][ T7255]  ? find_held_lock+0x2b/0x80
[  167.815594][ T7255]  __sys_sendmsg+0x16d/0x220
[  167.815613][ T7255]  ? __pfx___sys_sendmsg+0x10/0x10
[  167.815643][ T7255]  ? rcu_is_watching+0x12/0xc0
[  167.815666][ T7255]  __do_fast_syscall_32+0x7c/0x3a0
[  167.815688][ T7255]  do_fast_syscall_32+0x32/0x80
[  167.815720][ T7255]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  167.815741][ T7255] RIP: 0023:0xf70fe579
[  167.815756][ T7255] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  167.815771][ T7255] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  167.815789][ T7255] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  167.815798][ T7255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  167.815809][ T7255] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  167.815820][ T7255] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  167.815830][ T7255] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  167.815852][ T7255]  </TASK>
[  168.687982][ T7263] FAULT_INJECTION: forcing a failure.
[  168.687982][ T7263] name failslab, interval 1, probability 0, space 0, times 0
[  168.693858][ T7263] CPU: 1 UID: 0 PID: 7263 Comm: syz.1.365 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  168.693897][ T7263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.693908][ T7263] Call Trace:
[  168.693914][ T7263]  <TASK>
[  168.693923][ T7263]  dump_stack_lvl+0x16c/0x1f0
[  168.693948][ T7263]  should_fail_ex+0x512/0x640
[  168.693970][ T7263]  should_failslab+0xc2/0x120
[  168.693993][ T7263]  __kmalloc_cache_noprof+0x6a/0x3e0
[  168.694025][ T7263]  ? __pfx_sctp_get_port_local+0x10/0x10
[  168.694045][ T7263]  ? sctp_bind_addr_match+0x193/0x300
[  168.694060][ T7263]  ? sctp_add_bind_addr+0xae/0x3f0
[  168.694081][ T7263]  sctp_add_bind_addr+0xae/0x3f0
[  168.694103][ T7263]  sctp_do_bind+0x2d6/0x700
[  168.694132][ T7263]  sctp_connect_new_asoc+0x5fd/0x790
[  168.694155][ T7263]  ? look_up_lock_class+0x59/0x150
[  168.694174][ T7263]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  168.694201][ T7263]  ? __ipv6_addr_type+0x225/0x300
[  168.694227][ T7263]  ? __ipv6_addr_type+0x225/0x300
[  168.694254][ T7263]  __sctp_connect+0x3f3/0xc60
[  168.694284][ T7263]  ? __pfx___sctp_connect+0x10/0x10
[  168.694317][ T7263]  __sctp_setsockopt_connectx+0xfc/0x170
[  168.694345][ T7263]  sctp_setsockopt+0x349a/0xb870
[  168.694375][ T7263]  ? __pfx_sctp_setsockopt+0x10/0x10
[  168.694403][ T7263]  ? __fget_files+0x204/0x3c0
[  168.694432][ T7263]  ? sock_common_setsockopt+0x2e/0xf0
[  168.694456][ T7263]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  168.694481][ T7263]  do_sock_setsockopt+0xf0/0x1d0
[  168.694507][ T7263]  __sys_setsockopt+0x120/0x1a0
[  168.694530][ T7263]  __ia32_sys_setsockopt+0xbc/0x160
[  168.694547][ T7263]  ? lockdep_hardirqs_on+0x7c/0x110
[  168.694563][ T7263]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  168.694582][ T7263]  __do_fast_syscall_32+0x7c/0x3a0
[  168.694604][ T7263]  do_fast_syscall_32+0x32/0x80
[  168.694624][ T7263]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  168.694645][ T7263] RIP: 0023:0xf7fa4579
[  168.694660][ T7263] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  168.694675][ T7263] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  168.694692][ T7263] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084
[  168.694703][ T7263] RDX: 000000000000006e RSI: 0000000080000000 RDI: 000000000000001c
[  168.694712][ T7263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  168.694723][ T7263] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  168.694733][ T7263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  168.694753][ T7263]  </TASK>
[  169.040400][   T40] kauditd_printk_skb: 84 callbacks suppressed
[  169.040442][   T40] audit: type=1326 audit(2000000068.389:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.109743][   T40] audit: type=1326 audit(2000000068.389:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.151787][   T40] audit: type=1326 audit(2000000068.389:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.198562][   T40] audit: type=1326 audit(2000000068.389:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.241359][   T40] audit: type=1326 audit(2000000068.389:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.249552][ T7271] netlink: 'syz.2.367': attribute type 10 has an invalid length.
[  169.254807][   T40] audit: type=1326 audit(2000000068.389:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.262364][   T40] audit: type=1326 audit(2000000068.389:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.269649][   T40] audit: type=1326 audit(2000000068.389:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.276776][   T40] audit: type=1326 audit(2000000068.389:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.277745][ T7271] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.283781][   T40] audit: type=1326 audit(2000000068.389:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7264 comm="syz.3.364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  169.289307][ T7271] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  169.404596][ T7276] syz.0.368 (7276): drop_caches: 2
[  170.040283][ T7286] FAULT_INJECTION: forcing a failure.
[  170.040283][ T7286] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.044559][ T7286] CPU: 1 UID: 0 PID: 7286 Comm: syz.0.372 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  170.044575][ T7286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.044582][ T7286] Call Trace:
[  170.044586][ T7286]  <TASK>
[  170.044590][ T7286]  dump_stack_lvl+0x16c/0x1f0
[  170.044605][ T7286]  should_fail_ex+0x512/0x640
[  170.044619][ T7286]  _copy_to_user+0x32/0xd0
[  170.044632][ T7286]  simple_read_from_buffer+0xcb/0x170
[  170.044650][ T7286]  proc_fail_nth_read+0x197/0x270
[  170.044666][ T7286]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.044682][ T7286]  ? rw_verify_area+0xcf/0x680
[  170.044698][ T7286]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  170.044716][ T7286]  vfs_read+0x1e4/0xc60
[  170.044726][ T7286]  ? fdget_pos+0x2a2/0x370
[  170.044738][ T7286]  ? __pfx_vfs_read+0x10/0x10
[  170.044746][ T7286]  ? find_held_lock+0x2b/0x80
[  170.044761][ T7286]  ? __fget_files+0x20e/0x3c0
[  170.044782][ T7286]  ksys_read+0x12a/0x250
[  170.044791][ T7286]  ? __pfx_ksys_read+0x10/0x10
[  170.044802][ T7286]  ? rcu_is_watching+0x12/0xc0
[  170.044816][ T7286]  __do_fast_syscall_32+0x7c/0x3a0
[  170.044829][ T7286]  do_fast_syscall_32+0x32/0x80
[  170.044840][ T7286]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.044854][ T7286] RIP: 0023:0xf70fe579
[  170.044862][ T7286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.044873][ T7286] RSP: 002b:00000000f50ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  170.044883][ T7286] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00000000f50ee620
[  170.044890][ T7286] RDX: 000000000000000f RSI: 00000000f7464ff4 RDI: 0000000000000000
[  170.044896][ T7286] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  170.044902][ T7286] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  170.044908][ T7286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.044921][ T7286]  </TASK>
[  170.455415][   T54] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  170.607098][   T54] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  170.610608][   T54] usb 5-1: config 16 has an invalid interface number: 239 but max is 0
[  170.614107][   T54] usb 5-1: config 16 has no interface number 0
[  170.617146][   T54] usb 5-1: config 16 interface 239 altsetting 255 endpoint 0x5 is Bulk; changing to Interrupt
[  170.621379][   T54] usb 5-1: config 16 interface 239 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  170.625641][   T54] usb 5-1: config 16 interface 239 altsetting 255 endpoint 0x8B is Bulk; changing to Interrupt
[  170.629998][   T54] usb 5-1: config 16 interface 239 has no altsetting 0
[  170.632902][   T54] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  170.636693][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.646629][   T54] usbtmc 5-1:16.239: bulk endpoints not found
[  172.197132][ T7312] netlink: 'syz.3.378': attribute type 10 has an invalid length.
[  172.199977][ T7312] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.202935][ T7312] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.210021][ T7312] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.212309][ T7312] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.214905][ T7312] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.217199][ T7312] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.221212][ T7312] bridge0: entered promiscuous mode
[  172.223343][ T7312] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  173.173993][ T7329] netlink: 'syz.1.386': attribute type 10 has an invalid length.
[  173.207064][   T24] usb 5-1: USB disconnect, device number 5
[  173.240212][ T7329] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  174.615787][ T7347] xt_ecn: cannot match TCP bits for non-tcp packets
[  174.819423][ T7347] futex_wake_op: syz.2.392 tries to shift op by 32; fix this program
[  175.229164][ T7354] netlink: 244 bytes leftover after parsing attributes in process `syz.1.394'.
[  175.848759][ T7365] syzkaller1: entered promiscuous mode
[  175.850518][ T7365] syzkaller1: entered allmulticast mode
[  176.557313][ T7378] serio: Serial port ptm0
[  176.806403][ T7378] block device autoloading is deprecated and will be removed.
[  177.106526][ T7378] md2: using deprecated bitmap file support
[  177.108821][ T7378] md2: error: bitmap file must be a regular file
[  178.207928][ T7398] warning: `syz.2.408' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  178.313939][ T7408] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  178.316176][ T7408] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  178.322785][ T7408] vhci_hcd vhci_hcd.0: Device attached
[  178.325603][ T7409] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 0
[  178.329141][   T43] vhci_hcd: stop threads
[  178.330487][   T43] vhci_hcd: release socket
[  178.333348][   T43] vhci_hcd: disconnect device
[  178.385730][ T7415] FAULT_INJECTION: forcing a failure.
[  178.385730][ T7415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.390030][ T7415] CPU: 2 UID: 0 PID: 7415 Comm: syz.3.413 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  178.390057][ T7415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.390065][ T7415] Call Trace:
[  178.390069][ T7415]  <TASK>
[  178.390074][ T7415]  dump_stack_lvl+0x16c/0x1f0
[  178.390089][ T7415]  should_fail_ex+0x512/0x640
[  178.390104][ T7415]  _copy_from_iter+0x29f/0x16f0
[  178.390120][ T7415]  ? __pfx__copy_from_iter+0x10/0x10
[  178.390134][ T7415]  ? __pfx___might_resched+0x10/0x10
[  178.390146][ T7415]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  178.390166][ T7415]  hci_sock_sendmsg+0x46d/0x25f0
[  178.390179][ T7415]  ? __pfx_aa_sk_perm+0x10/0x10
[  178.390195][ T7415]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  178.390205][ T7415]  ? __lock_acquire+0xb8a/0x1c90
[  178.390224][ T7415]  sock_write_iter+0x4ff/0x5b0
[  178.390240][ T7415]  ? __pfx_sock_write_iter+0x10/0x10
[  178.390254][ T7415]  ? find_held_lock+0x2b/0x80
[  178.390269][ T7415]  ? bpf_lsm_file_permission+0x9/0x10
[  178.390283][ T7415]  ? security_file_permission+0x71/0x210
[  178.390301][ T7415]  ? rw_verify_area+0xcf/0x680
[  178.390318][ T7415]  vfs_write+0x6c4/0x1150
[  178.390328][ T7415]  ? __pfx_sock_write_iter+0x10/0x10
[  178.390344][ T7415]  ? __pfx_vfs_write+0x10/0x10
[  178.390353][ T7415]  ? find_held_lock+0x2b/0x80
[  178.390372][ T7415]  ksys_write+0x1f8/0x250
[  178.390382][ T7415]  ? __pfx_ksys_write+0x10/0x10
[  178.390394][ T7415]  ? rcu_is_watching+0x12/0xc0
[  178.390407][ T7415]  __do_fast_syscall_32+0x7c/0x3a0
[  178.390420][ T7415]  do_fast_syscall_32+0x32/0x80
[  178.390432][ T7415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.390445][ T7415] RIP: 0023:0xf710e579
[  178.390454][ T7415] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.390464][ T7415] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  178.390474][ T7415] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[  178.390481][ T7415] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  178.390487][ T7415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.390493][ T7415] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  178.390499][ T7415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.390512][ T7415]  </TASK>
[  179.205461][ T7423] netlink: 244 bytes leftover after parsing attributes in process `syz.0.416'.
[  180.077462][ T7439] Bluetooth: MGMT ver 1.23
[  180.087289][ T7437] kvm: MWAIT instruction emulated as NOP!
[  181.275370][ T7459] netlink: 244 bytes leftover after parsing attributes in process `syz.2.428'.
[  181.423070][ T7461] serio: Serial port ptm0
[  181.790236][ T7465] block device autoloading is deprecated and will be removed.
[  182.283888][   T40] kauditd_printk_skb: 94 callbacks suppressed
[  182.283907][   T40] audit: type=1326 audit(2000000081.639:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.286044][ T7472] netlink: 40 bytes leftover after parsing attributes in process `syz.2.430'.
[  182.404913][   T40] audit: type=1326 audit(2000000081.639:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.424553][   T40] audit: type=1326 audit(2000000081.639:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.434019][   T40] audit: type=1326 audit(2000000081.639:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.442230][   T40] audit: type=1326 audit(2000000081.639:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.449211][   T40] audit: type=1326 audit(2000000081.639:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.457304][   T40] audit: type=1326 audit(2000000081.649:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.463850][   T40] audit: type=1326 audit(2000000081.649:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.471294][   T40] audit: type=1326 audit(2000000081.649:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  182.479329][   T40] audit: type=1326 audit(2000000081.669:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7466 comm="syz.2.430" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  184.532984][ T7510] xt_ecn: cannot match TCP bits for non-tcp packets
[  184.545404][ T7510] futex_wake_op: syz.0.445 tries to shift op by 32; fix this program
[  185.593790][ T7522] netlink: 'syz.3.450': attribute type 4 has an invalid length.
[  185.603504][ T7522] netlink: 'syz.3.450': attribute type 4 has an invalid length.
[  185.659299][ T7522] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.661680][ T7522] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.712208][ T7522] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.719095][ T7522] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.761547][ T7522] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  185.764441][ T7522] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  185.768622][ T7522] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  185.771351][ T7522] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  185.922709][ T7539] xt_ecn: cannot match TCP bits for non-tcp packets
[  185.971293][ T7541] xt_ecn: cannot match TCP bits for non-tcp packets
[  186.110472][ T7543] serio: Serial port ptm0
[  186.337628][ T7547] netlink: 'syz.2.451': attribute type 10 has an invalid length.
[  186.349893][ T7547] batman_adv: batadv0: Adding interface: team0
[  186.353998][ T7547] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.363265][ T7547] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  186.377275][ T7539] futex_wake_op: syz.1.456 tries to shift op by 32; fix this program
[  187.286187][   T40] kauditd_printk_skb: 138 callbacks suppressed
[  187.286199][   T40] audit: type=1326 audit(2000000086.639:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.317182][   T40] audit: type=1326 audit(2000000086.639:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.323499][   T40] audit: type=1326 audit(2000000086.639:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.343127][   T40] audit: type=1326 audit(2000000086.649:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.365954][   T40] audit: type=1326 audit(2000000086.649:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.386019][   T40] audit: type=1326 audit(2000000086.649:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.404942][   T40] audit: type=1326 audit(2000000086.649:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  187.425938][   T40] audit: type=1326 audit(2000000086.649:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.3.462" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  188.246930][   T40] audit: type=1326 audit(2000000087.289:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7578 comm="syz.1.469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  188.253534][   T40] audit: type=1326 audit(2000000087.289:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7578 comm="syz.1.469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000
[  188.810984][ T7595] fuse: Bad value for 'fd'
[  189.067379][   T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  189.247709][   T24] usb 6-1: Using ep0 maxpacket: 32
[  189.278189][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  189.320806][   T24] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.350358][   T24] usb 6-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.379293][   T24] usb 6-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  189.419216][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  189.427782][   T24] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  189.451922][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.534663][   T24] usb 6-1: config 0 descriptor??
[  190.214809][ T7599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.219431][ T7599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.226281][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  190.228231][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  190.234455][   T24] usb 6-1: USB disconnect, device number 7
[  191.055384][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  191.227269][   T24] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  191.230777][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.234135][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.237640][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  191.242710][   T24] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  191.245875][   T24] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  191.248543][   T24] usb 7-1: Manufacturer: syz
[  191.251251][   T24] usb 7-1: config 0 descriptor??
[  191.459255][ T7638] netlink: 96 bytes leftover after parsing attributes in process `syz.2.489'.
[  191.470404][ T7638] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  191.722000][   T24] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  191.730545][   T24] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  192.338199][ T7670] xt_ecn: cannot match TCP bits for non-tcp packets
[  192.341390][ T7673] FAULT_INJECTION: forcing a failure.
[  192.341390][ T7673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.346286][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.1.502 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  192.346302][ T7673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  192.346309][ T7673] Call Trace:
[  192.346313][ T7673]  <TASK>
[  192.346317][ T7673]  dump_stack_lvl+0x16c/0x1f0
[  192.346332][ T7673]  should_fail_ex+0x512/0x640
[  192.346346][ T7673]  _copy_from_user+0x2e/0xd0
[  192.346359][ T7673]  drm_mode_atomic_ioctl+0x633/0x25f0
[  192.346384][ T7673]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  192.346400][ T7673]  ? __lock_acquire+0xb8a/0x1c90
[  192.346424][ T7673]  ? drm_is_current_master+0x2c/0x40
[  192.346441][ T7673]  ? do_raw_spin_unlock+0x172/0x230
[  192.346460][ T7673]  drm_ioctl_kernel+0x1f1/0x3e0
[  192.346472][ T7673]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  192.346489][ T7673]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  192.346505][ T7673]  drm_ioctl+0x5c9/0xc30
[  192.346519][ T7673]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[  192.346536][ T7673]  ? __pfx_drm_ioctl+0x10/0x10
[  192.346558][ T7673]  drm_compat_ioctl+0x327/0x460
[  192.346575][ T7673]  ? __pfx_drm_compat_ioctl+0x10/0x10
[  192.346590][ T7673]  __ia32_compat_sys_ioctl+0x23f/0x370
[  192.346607][ T7673]  __do_fast_syscall_32+0x7c/0x3a0
[  192.346620][ T7673]  do_fast_syscall_32+0x32/0x80
[  192.346632][ T7673]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  192.346645][ T7673] RIP: 0023:0xf7fa4579
[  192.346654][ T7673] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  192.346665][ T7673] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  192.346676][ T7673] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c03864bc
[  192.346682][ T7673] RDX: 0000000080000580 RSI: 0000000000000000 RDI: 0000000000000000
[  192.346688][ T7673] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  192.346694][ T7673] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  192.346725][ T7673] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  192.346740][ T7673]  </TASK>
[  192.555903][ T7678] futex_wake_op: syz.0.500 tries to shift op by 32; fix this program
[  192.594651][   T40] kauditd_printk_skb: 28 callbacks suppressed
[  192.739125][   T40] audit: type=1326 audit(2000000091.939:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.746425][   T40] audit: type=1326 audit(2000000091.939:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.753510][   T40] audit: type=1326 audit(2000000091.939:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.761384][   T40] audit: type=1326 audit(2000000091.939:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.768198][   T40] audit: type=1326 audit(2000000091.939:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.775107][   T40] audit: type=1326 audit(2000000091.939:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.783312][   T40] audit: type=1326 audit(2000000091.939:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.790043][   T40] audit: type=1326 audit(2000000091.939:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.799182][   T40] audit: type=1326 audit(2000000091.949:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf710e579 code=0x7ffc0000
[  192.806632][   T40] audit: type=1326 audit(2000000091.949:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  193.390600][ T7683] netlink: 12 bytes leftover after parsing attributes in process `syz.3.504'.
[  193.525904][   T55] usb 7-1: reset high-speed USB device number 9 using dummy_hcd
[  194.123573][ T7706] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input10
[  194.485948][ T7711] netlink: 24 bytes leftover after parsing attributes in process `syz.2.513'.
[  194.520771][ T7713] tipc: Started in network mode
[  194.522359][ T7713] tipc: Node identity a23b0c4d52f4, cluster identity 4711
[  194.524507][ T7713] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  195.100550][ T7726] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  195.307277][   T24] usb 7-1: USB disconnect, device number 9
[  195.635726][    T9] tipc: Node number set to 4040100941
[  196.325643][ T7751] serio: Serial port ptm0
[  196.520545][ T7760] block device autoloading is deprecated and will be removed.
[  196.746888][ T7768] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.752889][ T7768] netlink: 'syz.0.525': attribute type 10 has an invalid length.
[  196.767127][ T7768] team0: Port device wlan1 added
[  197.805633][ T7806] netlink: 'syz.1.531': attribute type 10 has an invalid length.
[  197.812076][ T7806] bridge0: port 3(team0) entered disabled state
[  197.814982][ T7806] team0: left allmulticast mode
[  197.816881][ T7806] team_slave_0: left allmulticast mode
[  197.818813][ T7806] team_slave_1: left allmulticast mode
[  197.820733][ T7806] team0: left promiscuous mode
[  197.822469][ T7806] team_slave_0: left promiscuous mode
[  197.824838][ T7806] team_slave_1: left promiscuous mode
[  197.827670][ T7806] bridge0: port 3(team0) entered disabled state
[  197.838874][ T7806] batman_adv: batadv0: Adding interface: team0
[  197.840979][ T7806] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.851254][ T7806] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  197.955336][ T7805] netlink: 244 bytes leftover after parsing attributes in process `syz.2.532'.
[  198.915805][   T24] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  199.033861][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  199.033904][   T40] audit: type=1326 audit(2000000098.379:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.042647][   T40] audit: type=1326 audit(2000000098.379:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.065197][   T40] audit: type=1326 audit(2000000098.379:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.095864][   T40] audit: type=1326 audit(2000000098.379:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.122852][   T40] audit: type=1326 audit(2000000098.379:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.157896][   T40] audit: type=1326 audit(2000000098.379:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.191417][   T40] audit: type=1326 audit(2000000098.379:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.199451][   T40] audit: type=1326 audit(2000000098.389:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.206233][   T40] audit: type=1326 audit(2000000098.389:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.212753][   T40] audit: type=1326 audit(2000000098.389:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7821 comm="syz.3.538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  199.275656][   T24] usb 7-1: Using ep0 maxpacket: 8
[  199.278479][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  199.280547][   T24] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  199.291555][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.316898][   T24] usb 7-1: config 0 descriptor??
[  199.645633][  T842] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  199.739606][   T24] usbhid 7-1:0.0: can't add hid device: -71
[  199.741553][   T24] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  199.746844][   T24] usb 7-1: USB disconnect, device number 10
[  199.855755][  T842] usb 5-1: Using ep0 maxpacket: 8
[  199.860357][  T842] usb 5-1: config 0 interface 0 has no altsetting 0
[  199.862504][  T842] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  199.866514][  T842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.870512][  T842] usb 5-1: config 0 descriptor??
[  199.995494][ T7835] netlink: 'syz.3.541': attribute type 10 has an invalid length.
[  200.001642][ T7835] batman_adv: batadv0: Adding interface: team0
[  200.004275][ T7835] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  200.014559][ T7835] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  200.452357][ T7837] netlink: 'syz.2.542': attribute type 10 has an invalid length.
[  200.494549][  T842] usbhid 5-1:0.0: can't add hid device: -71
[  200.498642][  T842] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  200.503201][  T842] usb 5-1: USB disconnect, device number 6
[  200.527620][ T7840] netlink: 'syz.2.542': attribute type 5 has an invalid length.
[  200.530969][ T7840] netlink: 40 bytes leftover after parsing attributes in process `syz.2.542'.
[  201.548705][ T7861] netlink: 'syz.0.550': attribute type 10 has an invalid length.
[  201.803204][ T7861] batman_adv: batadv0: Adding interface: team0
[  201.820107][ T7861] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.835990][ T7861] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  202.337825][ T7864] netlink: 244 bytes leftover after parsing attributes in process `syz.1.551'.
[  202.348150][ T7874] serio: Serial port ptm0
[  202.478858][ T7882] block device autoloading is deprecated and will be removed.
[  202.687337][ T7874] md2: using deprecated bitmap file support
[  202.689780][ T7874] md2: error: bitmap file must be a regular file
[  203.076530][ T7892] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  203.095733][ T7890] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  203.123082][ T7890] ref_ctr increment failed for inode: 0x318 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804f083200
[  203.580262][ T7908] netlink: 20 bytes leftover after parsing attributes in process `syz.1.564'.
[  203.699691][ T7914] netlink: 'syz.0.562': attribute type 10 has an invalid length.
[  203.870639][   T29] libceph: connect (1)[c::]:6789 error -101
[  203.874943][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  204.125642][   T55] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  204.143462][   T29] libceph: connect (1)[c::]:6789 error -101
[  204.157288][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  204.278544][   T55] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  204.281642][   T55] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  204.287009][   T55] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  204.289871][   T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.353343][ T7915] ceph: No mds server is up or the cluster is laggy
[  204.500747][   T55] usb 6-1: usb_control_msg returned -32
[  204.502567][   T55] usbtmc 6-1:16.0: can't read capabilities
[  205.095294][   T40] kauditd_printk_skb: 46 callbacks suppressed
[  205.095311][   T40] audit: type=1326 audit(2000000104.429:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.109510][   T40] audit: type=1326 audit(2000000104.429:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.122182][   T40] audit: type=1326 audit(2000000104.429:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.134366][   T40] audit: type=1326 audit(2000000104.439:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.143669][   T40] audit: type=1326 audit(2000000104.439:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.154873][   T40] audit: type=1326 audit(2000000104.439:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.163859][   T40] audit: type=1326 audit(2000000104.439:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.174935][   T40] audit: type=1326 audit(2000000104.439:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.191161][   T40] audit: type=1326 audit(2000000104.439:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.199394][   T40] audit: type=1326 audit(2000000104.439:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7948 comm="syz.2.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  205.575664][ T7963] lo speed is unknown, defaulting to 1000
[  205.582877][ T7963] lo speed is unknown, defaulting to 1000
[  205.588437][ T7963] lo speed is unknown, defaulting to 1000
[  205.995825][ T7963] infiniband s
z1: set active
[  205.997513][ T7963] infiniband s
z1: added lo
[  206.058988][   T29] lo speed is unknown, defaulting to 1000
[  206.061462][ T7963] RDS/IB: s
z1: added
[  206.063058][ T7963] smc: adding ib device s
z1 with port count 1
[  206.065117][ T7963] smc:    ib device s
z1 port 1 has pnetid 
[  206.070811][ T7963] lo speed is unknown, defaulting to 1000
[  206.155889][ T7963] lo speed is unknown, defaulting to 1000
[  206.268584][ T7963] lo speed is unknown, defaulting to 1000
[  206.367503][ T7963] lo speed is unknown, defaulting to 1000
[  206.491509][   T29] lo speed is unknown, defaulting to 1000
[  206.897805][   T10] usb 6-1: USB disconnect, device number 8
[  209.419322][ T8030] FAULT_INJECTION: forcing a failure.
[  209.419322][ T8030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.423316][ T8030] CPU: 1 UID: 0 PID: 8030 Comm: syz.1.601 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  209.423332][ T8030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.423340][ T8030] Call Trace:
[  209.423344][ T8030]  <TASK>
[  209.423349][ T8030]  dump_stack_lvl+0x16c/0x1f0
[  209.423377][ T8030]  should_fail_ex+0x512/0x640
[  209.423395][ T8030]  strncpy_from_user+0x3b/0x2e0
[  209.423413][ T8030]  getname_flags.part.0+0x8f/0x550
[  209.423430][ T8030]  getname_flags+0x93/0xf0
[  209.423447][ T8030]  __ia32_sys_mknod+0x72/0xb0
[  209.423457][ T8030]  __do_fast_syscall_32+0x7c/0x3a0
[  209.423470][ T8030]  do_fast_syscall_32+0x32/0x80
[  209.423481][ T8030]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.423495][ T8030] RIP: 0023:0xf7fa4579
[  209.423504][ T8030] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.423515][ T8030] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 000000000000000e
[  209.423525][ T8030] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000040
[  209.423532][ T8030] RDX: 0000000000000703 RSI: 0000000000000000 RDI: 0000000000000000
[  209.423538][ T8030] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.423544][ T8030] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.423550][ T8030] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.423562][ T8030]  </TASK>
[  209.669249][ T8040] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  209.671788][ T8040] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  209.676103][ T8040] vhci_hcd vhci_hcd.0: Device attached
[  209.694219][ T8041] usbip_core: unknown command
[  209.696989][ T8041] vhci_hcd: unknown pdu 774857321
[  209.698900][ T8041] usbip_core: unknown command
[  209.706034][ T1190] vhci_hcd: stop threads
[  209.708132][ T1190] vhci_hcd: release socket
[  209.722163][ T1190] vhci_hcd: disconnect device
[  209.762784][ T8043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.602'.
[  209.772737][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  210.479984][ T8043] batman_adv: batadv0: Removing interface: team0
[  210.522999][ T8043] team0 (unregistering): Port device team_slave_0 removed
[  210.572262][ T8043] team0 (unregistering): Port device team_slave_1 removed
[  211.063955][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  211.063967][   T40] audit: type=1326 audit(2000000110.419:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.073436][   T40] audit: type=1326 audit(2000000110.419:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.080586][   T40] audit: type=1326 audit(2000000110.419:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.087725][   T40] audit: type=1326 audit(2000000110.419:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.097149][   T40] audit: type=1326 audit(2000000110.419:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.106721][   T40] audit: type=1326 audit(2000000110.419:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.115116][   T40] audit: type=1326 audit(2000000110.419:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.122043][   T40] audit: type=1326 audit(2000000110.419:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.129053][   T40] audit: type=1326 audit(2000000110.419:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.136216][   T40] audit: type=1326 audit(2000000110.419:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8045 comm="syz.0.605" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  211.945763][  T843] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  212.106001][  T843] usb 6-1: Using ep0 maxpacket: 8
[  212.113781][  T843] usb 6-1: config 0 interface 0 has no altsetting 0
[  212.119625][  T843] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  212.123683][  T843] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.132713][  T843] usb 6-1: config 0 descriptor??
[  212.749455][  T843] usbhid 6-1:0.0: can't add hid device: -71
[  212.751413][  T843] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  212.761225][  T843] usb 6-1: USB disconnect, device number 9
[  212.941104][ T8084] netlink: 244 bytes leftover after parsing attributes in process `syz.0.617'.
[  213.600977][ T8105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.622'.
[  216.069353][ T8139] FAULT_INJECTION: forcing a failure.
[  216.069353][ T8139] name failslab, interval 1, probability 0, space 0, times 0
[  216.074533][ T8139] CPU: 0 UID: 0 PID: 8139 Comm: syz.1.633 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  216.074552][ T8139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.074559][ T8139] Call Trace:
[  216.074563][ T8139]  <TASK>
[  216.074568][ T8139]  dump_stack_lvl+0x16c/0x1f0
[  216.074583][ T8139]  should_fail_ex+0x512/0x640
[  216.074598][ T8139]  should_failslab+0xc2/0x120
[  216.074612][ T8139]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  216.074624][ T8139]  ? skb_clone+0x190/0x3f0
[  216.074638][ T8139]  skb_clone+0x190/0x3f0
[  216.074650][ T8139]  netlink_deliver_tap+0xabd/0xd30
[  216.074666][ T8139]  netlink_unicast+0x62f/0x850
[  216.074681][ T8139]  ? __pfx_netlink_unicast+0x10/0x10
[  216.074698][ T8139]  netlink_sendmsg+0x8d1/0xdd0
[  216.074714][ T8139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.074728][ T8139]  ? __import_iovec+0x1dd/0x650
[  216.074749][ T8139]  ____sys_sendmsg+0xa95/0xc70
[  216.074774][ T8139]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.074797][ T8139]  ? get_compat_msghdr+0x11a/0x170
[  216.074829][ T8139]  ___sys_sendmsg+0x134/0x1d0
[  216.074855][ T8139]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.074888][ T8139]  ? find_held_lock+0x2b/0x80
[  216.074924][ T8139]  __sys_sendmsg+0x16d/0x220
[  216.074944][ T8139]  ? __pfx___sys_sendmsg+0x10/0x10
[  216.074973][ T8139]  ? rcu_is_watching+0x12/0xc0
[  216.074994][ T8139]  __do_fast_syscall_32+0x7c/0x3a0
[  216.075016][ T8139]  do_fast_syscall_32+0x32/0x80
[  216.075033][ T8139]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.075054][ T8139] RIP: 0023:0xf7fa4579
[  216.075068][ T8139] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.075084][ T8139] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  216.075101][ T8139] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  216.075112][ T8139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  216.075123][ T8139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.075132][ T8139] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.075142][ T8139] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.075165][ T8139]  </TASK>
[  216.244795][   T40] kauditd_printk_skb: 81 callbacks suppressed
[  216.244805][   T40] audit: type=1804 audit(2000000115.599:1178): pid=8144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.635" name="file0" dev="tmpfs" ino=1005 res=1 errno=0
[  216.295750][   T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  216.456053][   T10] usb 5-1: Using ep0 maxpacket: 8
[  216.459123][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  216.461270][   T10] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  216.464228][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.469159][   T10] usb 5-1: config 0 descriptor??
[  216.830001][ T8155] netlink: 'syz.2.637': attribute type 10 has an invalid length.
[  216.976493][ T5977] Bluetooth: hci1: command 0x0406 tx timeout
[  216.976516][ T5974] Bluetooth: hci2: command 0x0406 tx timeout
[  216.987542][   T10] mcp2221 0003:04D8:00DD.0006: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  217.198402][  T840] usb 5-1: USB disconnect, device number 7
[  217.754653][ T8174] 9pnet: p9_errstr2errno: server reported unknown error �(c�F	S+���v3��q�f�
[  217.814591][ T8177] FAULT_INJECTION: forcing a failure.
[  217.814591][ T8177] name failslab, interval 1, probability 0, space 0, times 0
[  217.819770][ T8177] CPU: 0 UID: 0 PID: 8177 Comm: syz.2.642 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  217.819786][ T8177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.819793][ T8177] Call Trace:
[  217.819797][ T8177]  <TASK>
[  217.819801][ T8177]  dump_stack_lvl+0x16c/0x1f0
[  217.819816][ T8177]  should_fail_ex+0x512/0x640
[  217.819828][ T8177]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  217.819842][ T8177]  should_failslab+0xc2/0x120
[  217.819854][ T8177]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  217.819865][ T8177]  ? __alloc_skb+0x2b2/0x380
[  217.819878][ T8177]  __alloc_skb+0x2b2/0x380
[  217.819888][ T8177]  ? __pfx___alloc_skb+0x10/0x10
[  217.819900][ T8177]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  217.819917][ T8177]  netlink_alloc_large_skb+0x69/0x130
[  217.819931][ T8177]  netlink_sendmsg+0x6a1/0xdd0
[  217.819946][ T8177]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.819960][ T8177]  ? __import_iovec+0x1dd/0x650
[  217.819976][ T8177]  ____sys_sendmsg+0xa95/0xc70
[  217.819990][ T8177]  ? gfs2_fallocate+0x1420/0x19d0
[  217.820003][ T8177]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.820017][ T8177]  ? get_compat_msghdr+0x11a/0x170
[  217.820035][ T8177]  ___sys_sendmsg+0x134/0x1d0
[  217.820047][ T8177]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.820065][ T8177]  ? find_held_lock+0x2b/0x80
[  217.820117][ T8177]  __sys_sendmsg+0x16d/0x220
[  217.820134][ T8177]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.820165][ T8177]  ? rcu_is_watching+0x12/0xc0
[  217.820179][ T8177]  __do_fast_syscall_32+0x7c/0x3a0
[  217.820192][ T8177]  do_fast_syscall_32+0x32/0x80
[  217.820203][ T8177]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.820217][ T8177] RIP: 0023:0xf7ff2579
[  217.820226][ T8177] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.820237][ T8177] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  217.820248][ T8177] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800006c0
[  217.820255][ T8177] RDX: 0000000004040080 RSI: 0000000000000000 RDI: 0000000000000000
[  217.820261][ T8177] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.820267][ T8177] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.820275][ T8177] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.820288][ T8177]  </TASK>
[  218.170909][ T8196] xt_ecn: cannot match TCP bits for non-tcp packets
[  218.243745][ T8197] lo speed is unknown, defaulting to 1000
[  218.760892][   T40] audit: type=1326 audit(2000000118.119:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8207 comm="syz.2.655" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x0
[  219.057533][ T8215] can0: slcan on pty20.
[  219.165483][ T8218] netlink: 8 bytes leftover after parsing attributes in process `syz.3.658'.
[  219.264673][ T8228] xt_ecn: cannot match TCP bits for non-tcp packets
[  220.011861][ T8212] can0 (unregistered): slcan off pty20.
[  220.055963][ T8262] xt_ecn: cannot match TCP bits for non-tcp packets
[  220.144037][   T40] audit: type=1326 audit(2000000119.479:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.151250][   T40] audit: type=1326 audit(2000000119.479:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.157962][   T40] audit: type=1326 audit(2000000119.479:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.164459][   T40] audit: type=1326 audit(2000000119.479:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.174607][   T40] audit: type=1326 audit(2000000119.489:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.191168][ T8265] xt_ecn: cannot match TCP bits for non-tcp packets
[  220.205822][   T40] audit: type=1326 audit(2000000119.489:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.217990][   T40] audit: type=1326 audit(2000000119.489:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.224765][   T40] audit: type=1326 audit(2000000119.489:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8244 comm="syz.2.666" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  220.347129][ T8279] FAULT_INJECTION: forcing a failure.
[  220.347129][ T8279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.351221][ T8279] CPU: 0 UID: 0 PID: 8279 Comm: syz.1.673 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  220.351236][ T8279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.351243][ T8279] Call Trace:
[  220.351248][ T8279]  <TASK>
[  220.351252][ T8279]  dump_stack_lvl+0x16c/0x1f0
[  220.351267][ T8279]  should_fail_ex+0x512/0x640
[  220.351280][ T8279]  _copy_from_iter+0x29f/0x16f0
[  220.351295][ T8279]  ? __alloc_skb+0x200/0x380
[  220.351310][ T8279]  ? __pfx__copy_from_iter+0x10/0x10
[  220.351323][ T8279]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  220.351340][ T8279]  netlink_sendmsg+0x829/0xdd0
[  220.351356][ T8279]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.351370][ T8279]  ? __import_iovec+0x1dd/0x650
[  220.351385][ T8279]  ____sys_sendmsg+0xa95/0xc70
[  220.351401][ T8279]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.351415][ T8279]  ? get_compat_msghdr+0x11a/0x170
[  220.351441][ T8279]  ___sys_sendmsg+0x134/0x1d0
[  220.351458][ T8279]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.351487][ T8279]  ? find_held_lock+0x2b/0x80
[  220.351509][ T8279]  __sys_sendmsg+0x16d/0x220
[  220.351520][ T8279]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.351538][ T8279]  ? rcu_is_watching+0x12/0xc0
[  220.351551][ T8279]  __do_fast_syscall_32+0x7c/0x3a0
[  220.351564][ T8279]  do_fast_syscall_32+0x32/0x80
[  220.351575][ T8279]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.351589][ T8279] RIP: 0023:0xf7fa4579
[  220.351597][ T8279] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  220.351608][ T8279] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  220.351618][ T8279] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000240
[  220.351625][ T8279] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000
[  220.351631][ T8279] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  220.351637][ T8279] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  220.351643][ T8279] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.351656][ T8279]  </TASK>
[  220.483936][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.1.675'.
[  220.489251][ T8285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.675'.
[  220.492087][ T8285] netlink: 24 bytes leftover after parsing attributes in process `syz.1.675'.
[  220.500677][ T8280] futex_wake_op: syz.0.670 tries to shift op by 32; fix this program
[  221.039631][ T8302] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  221.041938][ T8302] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  221.064041][ T8302] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  221.066643][ T8302] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  221.070097][ T8302] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  221.072554][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  221.085593][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  221.090425][ T8302] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  221.253424][ T8310] FAULT_INJECTION: forcing a failure.
[  221.253424][ T8310] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.258374][ T8310] CPU: 3 UID: 0 PID: 8310 Comm: syz.0.684 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  221.258390][ T8310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.258397][ T8310] Call Trace:
[  221.258402][ T8310]  <TASK>
[  221.258406][ T8310]  dump_stack_lvl+0x16c/0x1f0
[  221.258420][ T8310]  should_fail_ex+0x512/0x640
[  221.258434][ T8310]  _copy_from_iter+0x29f/0x16f0
[  221.258448][ T8310]  ? __alloc_skb+0x200/0x380
[  221.258460][ T8310]  ? __pfx__copy_from_iter+0x10/0x10
[  221.258473][ T8310]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  221.258495][ T8310]  netlink_sendmsg+0x829/0xdd0
[  221.258534][ T8310]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.258549][ T8310]  ? __import_iovec+0x1dd/0x650
[  221.258564][ T8310]  ____sys_sendmsg+0xa95/0xc70
[  221.258580][ T8310]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.258594][ T8310]  ? get_compat_msghdr+0x11a/0x170
[  221.258612][ T8310]  ___sys_sendmsg+0x134/0x1d0
[  221.258624][ T8310]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.258642][ T8310]  ? find_held_lock+0x2b/0x80
[  221.258663][ T8310]  __sys_sendmsg+0x16d/0x220
[  221.258674][ T8310]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.258691][ T8310]  ? rcu_is_watching+0x12/0xc0
[  221.258705][ T8310]  __do_fast_syscall_32+0x7c/0x3a0
[  221.258718][ T8310]  do_fast_syscall_32+0x32/0x80
[  221.258730][ T8310]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.258744][ T8310] RIP: 0023:0xf70fe579
[  221.258753][ T8310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.258764][ T8310] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  221.258774][ T8310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0
[  221.258781][ T8310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.258787][ T8310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.258793][ T8310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.258799][ T8310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.258812][ T8310]  </TASK>
[  221.360547][ T8312] loop2: detected capacity change from 0 to 7
[  221.367282][ T8312]  loop2:
[  221.368382][ T8312] loop2: partition table partially beyond EOD, truncated
[  221.505090][ T8318] netlink: 16 bytes leftover after parsing attributes in process `syz.1.688'.
[  223.046062][ T5979] Bluetooth: hci1: command 0x0406 tx timeout
[  223.127673][ T5967] Bluetooth: hci2: command 0x0406 tx timeout
[  223.127663][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout
[  225.129601][ T5979] Bluetooth: hci1: command 0x0406 tx timeout
[  225.205557][ T5979] Bluetooth: hci2: command 0x0406 tx timeout
[  225.208053][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout
[  225.530977][ T8399] xt_ecn: cannot match TCP bits for non-tcp packets
[  226.121707][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  226.121719][   T40] audit: type=1326 audit(2000000125.479:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.130657][   T40] audit: type=1326 audit(2000000125.479:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.137714][   T40] audit: type=1326 audit(2000000125.479:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.144388][   T40] audit: type=1326 audit(2000000125.479:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.151269][   T40] audit: type=1326 audit(2000000125.479:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.158422][   T40] audit: type=1326 audit(2000000125.479:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.164934][   T40] audit: type=1326 audit(2000000125.479:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.172795][   T40] audit: type=1326 audit(2000000125.479:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.180434][   T40] audit: type=1326 audit(2000000125.479:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.187344][   T40] audit: type=1326 audit(2000000125.479:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.3.716" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  226.195715][ T8406] netlink: 20 bytes leftover after parsing attributes in process `syz.0.715'.
[  226.495389][   T29] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  226.685373][   T29] usb 5-1: too many configurations: 231, using maximum allowed: 8
[  226.725333][   T29] usb 5-1: unable to read config index 0 descriptor/start: -61
[  226.727755][   T29] usb 5-1: can't read configurations, error -61
[  226.935423][   T29] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  227.205821][   T29] usb 5-1: too many configurations: 231, using maximum allowed: 8
[  227.209521][   T29] usb 5-1: unable to read config index 0 descriptor/start: -61
[  227.211776][   T29] usb 5-1: can't read configurations, error -61
[  227.215044][   T29] usb usb5-port1: attempt power cycle
[  227.286615][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout
[  227.539848][ T8443] xt_ecn: cannot match TCP bits for non-tcp packets
[  227.575366][   T29] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  227.598296][   T29] usb 5-1: too many configurations: 231, using maximum allowed: 8
[  227.611434][   T29] usb 5-1: unable to read config index 0 descriptor/start: -61
[  227.618987][   T29] usb 5-1: can't read configurations, error -61
[  227.775317][   T29] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  227.797865][   T29] usb 5-1: too many configurations: 231, using maximum allowed: 8
[  227.805698][   T29] usb 5-1: unable to read config index 0 descriptor/start: -61
[  227.810979][   T29] usb 5-1: can't read configurations, error -61
[  227.896128][   T29] usb usb5-port1: unable to enumerate USB device
[  228.321628][ T8455] xt_ecn: cannot match TCP bits for non-tcp packets
[  228.518516][ T8459] futex_wake_op: syz.3.732 tries to shift op by 32; fix this program
[  229.365414][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout
[  229.382101][ T8465] xt_ecn: cannot match TCP bits for non-tcp packets
[  230.555836][ T8466] futex_wake_op: syz.2.735 tries to shift op by 32; fix this program
[  231.671701][ T8480] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  231.679351][ T5979] Bluetooth: hci3: unexpected event for opcode 0x0c6d
[  232.038609][ T8487] xt_ecn: cannot match TCP bits for non-tcp packets
[  232.134732][ T8491] xt_ecn: cannot match TCP bits for non-tcp packets
[  233.200859][ T8497] netlink: 24 bytes leftover after parsing attributes in process `syz.1.746'.
[  233.359307][ T8500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.746'.
[  233.745690][ T8507] serio: Serial port ptm0
[  233.777822][ T8501] futex_wake_op: syz.3.745 tries to shift op by 32; fix this program
[  233.855013][ T8514] block device autoloading is deprecated and will be removed.
[  233.896255][ T8513] md2: using deprecated bitmap file support
[  233.902746][ T8513] md2: error: failed to get bitmap file
[  234.235564][   T55] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  234.403569][   T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  234.407243][   T55] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  234.410729][   T55] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  234.423699][   T55] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  234.426898][   T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  234.429533][   T55] usb 5-1: Product: syz
[  234.431144][   T55] usb 5-1: Manufacturer: syz
[  234.432941][   T55] usb 5-1: SerialNumber: syz
[  234.743134][   T55] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  234.759469][ T8538] serio: Serial port ptm0
[  234.904573][ T8547] block device autoloading is deprecated and will be removed.
[  234.981980][ T8544] md2: using deprecated bitmap file support
[  234.983984][ T8544] md2: error: failed to get bitmap file
[  235.355753][  T840] usb 5-1: USB disconnect, device number 12
[  235.426894][  T840] usblp0: removed
[  237.334071][ T8584] serio: Serial port ptm0
[  237.459253][ T8587] block device autoloading is deprecated and will be removed.
[  237.513443][ T8586] md2: using deprecated bitmap file support
[  237.515336][ T8586] md2: error: failed to get bitmap file
[  239.961309][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  239.961324][   T40] audit: type=1804 audit(2000000138.985:1275): pid=8614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.782" name="file0" dev="tmpfs" ino=1293 res=1 errno=0
[  239.964494][ T8614] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  239.975226][ T8614] ref_ctr increment failed for inode: 0x50d offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880517f3c00
[  240.420341][ T6008] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  240.640473][ T6008] usb 7-1: device descriptor read/64, error -71
[  240.909211][ T6008] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  241.051268][ T6008] usb 7-1: device descriptor read/64, error -71
[  241.179882][ T6008] usb usb7-port1: attempt power cycle
[  241.535763][   T40] audit: type=1326 audit(2000000140.453:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.550508][   T40] audit: type=1326 audit(2000000140.453:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.553542][ T6008] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  241.557900][   T40] audit: type=1326 audit(2000000140.453:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.566873][   T40] audit: type=1326 audit(2000000140.453:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.573815][   T40] audit: type=1326 audit(2000000140.453:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.580813][   T40] audit: type=1326 audit(2000000140.453:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.586253][ T6008] usb 7-1: device descriptor read/8, error -71
[  241.606994][   T40] audit: type=1326 audit(2000000140.453:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.614086][   T40] audit: type=1326 audit(2000000140.453:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.623051][   T40] audit: type=1326 audit(2000000140.453:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8636 comm="syz.3.790" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf710e579 code=0x7ffc0000
[  241.874259][ T6008] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  241.896217][ T6008] usb 7-1: device descriptor read/8, error -71
[  242.025428][ T6008] usb usb7-port1: unable to enumerate USB device
[  243.016307][ T8673] futex_wake_op: syz.3.799 tries to shift op by 32; fix this program
[  243.790292][ T8687] xt_ecn: cannot match TCP bits for non-tcp packets
[  244.058078][ T8691] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  244.231239][ T8697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.808'.
[  244.332260][ T8694] netlink: 244 bytes leftover after parsing attributes in process `syz.1.807'.
[  244.832978][ T8710] netlink: 244 bytes leftover after parsing attributes in process `syz.1.809'.
[  244.911512][ T6008] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  244.994738][ T8712] serio: Serial port ptm0
[  245.092294][ T6008] usb 5-1: Using ep0 maxpacket: 8
[  245.096200][ T6008] usb 5-1: config 0 interface 0 has no altsetting 0
[  245.098982][ T6008] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  245.113508][ T6008] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.135648][ T6008] usb 5-1: config 0 descriptor??
[  245.600483][ T8722] serio: Serial port ptm1
[  245.601076][ T6008] mcp2221 0003:04D8:00DD.0007: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  245.812555][   T29] usb 5-1: USB disconnect, device number 13
[  246.128586][   T40] kauditd_printk_skb: 82 callbacks suppressed
[  246.128599][   T40] audit: type=1326 audit(2000000144.747:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.137442][   T40] audit: type=1326 audit(2000000144.747:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.143812][   T40] audit: type=1326 audit(2000000144.756:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.150680][   T40] audit: type=1326 audit(2000000144.756:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.157373][   T40] audit: type=1326 audit(2000000144.756:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.165192][   T40] audit: type=1326 audit(2000000144.756:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.171943][   T40] audit: type=1326 audit(2000000144.756:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.180822][   T40] audit: type=1326 audit(2000000144.756:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.189763][   T40] audit: type=1326 audit(2000000144.756:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.198394][   T40] audit: type=1326 audit(2000000144.756:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8728 comm="syz.2.816" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff2579 code=0x7ffc0000
[  246.520680][ T8745] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  246.520680][ T8745]    program syz.1.822 not setting count and/or reply_len properly
[  246.635545][ T8743] netlink: 244 bytes leftover after parsing attributes in process `syz.0.819'.
[  248.064728][   T55] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  248.235779][ T8771] lo speed is unknown, defaulting to 1000
[  248.238001][ T8771] lo speed is unknown, defaulting to 1000
[  248.240527][ T8771] lo speed is unknown, defaulting to 1000
[  248.244816][ T8771] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  248.246583][   T55] usb 7-1: Using ep0 maxpacket: 8
[  248.251102][ T8771] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  248.252438][   T55] usb 7-1: config 0 interface 0 has no altsetting 0
[  248.256024][   T55] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  248.264233][ T8771] lo speed is unknown, defaulting to 1000
[  248.264790][   T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.266951][ T8771] lo speed is unknown, defaulting to 1000
[  248.271194][   T55] usb 7-1: config 0 descriptor??
[  248.271330][ T8771] lo speed is unknown, defaulting to 1000
[  248.275367][ T8771] lo speed is unknown, defaulting to 1000
[  248.307321][ T8771] smc: removing ib device s
z1
[  248.640119][ T8771] ------------[ cut here ]------------
[  248.641945][ T8771] WARNING: CPU: 0 PID: 8771 at drivers/infiniband/sw/rxe/rxe_pool.c:116 rxe_pool_cleanup+0x41/0x60
[  248.645277][ T8771] Modules linked in:
[  248.646778][ T8771] CPU: 0 UID: 0 PID: 8771 Comm: syz.3.830 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  248.651698][ T8771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.655080][ T8771] RIP: 0010:rxe_pool_cleanup+0x41/0x60
[  248.656813][ T8771] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1f 48 83 bb 80 00 00 00 00 75 06 5b e9 65 b4 0e f9 e8 60 b4 0e f9 90 <0f> 0b 90 5b e9 56 b4 0e f9 e8 61 0f 73 f9 eb da 66 66 2e 0f 1f 84
[  248.662905][ T8771] RSP: 0018:ffffc90003bff1d8 EFLAGS: 00010246
[  248.664851][ T8771] RAX: 0000000000080000 RBX: ffff88804ef75320 RCX: ffffc90026001000
[  248.667306][ T8771] RDX: 0000000000080000 RSI: ffffffff88aca090 RDI: ffff88804ef753a0
[  248.669787][ T8771] RBP: ffffffff88ab0540 R08: 0000000000000005 R09: 0000000000000001
[  248.672267][ T8771] R10: 0000000000000002 R11: 0000000000000001 R12: ffff88804ef74668
[  248.674828][ T8771] R13: ffff88804ef73fe0 R14: ffff88804ef73fe0 R15: ffff88804ef75080
[  248.677307][ T8771] FS:  0000000000000000(0000) GS:ffff88809752d000(0063) knlGS:00000000f50feb40
[  248.680043][ T8771] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  248.682081][ T8771] CR2: 00007ffb054c10c0 CR3: 00000000137c6000 CR4: 0000000000352ef0
[  248.685042][ T8771] Call Trace:
[  248.686151][ T8771]  <TASK>
[  248.687076][ T8771]  rxe_dealloc+0x25/0xc0
[  248.688416][ T8771]  ib_dealloc_device+0x49/0x230
[  248.689910][ T8771]  __ib_unregister_device+0x396/0x480
[  248.691548][ T8771]  ? __pfx_ib_device_get_by_index+0x10/0x10
[  248.693382][ T8771]  ib_unregister_device_and_put+0x5a/0x80
[  248.695173][ T8771]  nldev_dellink+0x21f/0x320
[  248.696637][ T8771]  ? __pfx_nldev_dellink+0x10/0x10
[  248.698252][ T8771]  ? apparmor_capable+0x114/0x1d0
[  248.699825][ T8771]  ? bpf_lsm_capable+0x9/0x10
[  248.701323][ T8771]  ? security_capable+0x7e/0x260
[  248.702865][ T8771]  ? ns_capable+0xd7/0x110
[  248.704271][ T8771]  ? __pfx_nldev_dellink+0x10/0x10
[  248.705916][ T8771]  rdma_nl_rcv_msg+0x38a/0x6e0
[  248.707394][ T8771]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  248.709045][ T8771]  ? __lock_acquire+0x622/0x1c90
[  248.710594][ T8771]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2d0/0x430
[  248.712586][ T8771]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  248.712809][   T55] mcp2221 0003:04D8:00DD.0008: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  248.714672][ T8771]  ? netlink_deliver_tap+0x1ae/0xd30
[  248.714704][ T8771]  ? is_vmalloc_addr+0x86/0xa0
[  248.714719][ T8771]  netlink_unicast+0x58a/0x850
[  248.722551][ T8771]  ? __pfx_netlink_unicast+0x10/0x10
[  248.724198][ T8771]  netlink_sendmsg+0x8d1/0xdd0
[  248.725673][ T8771]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.727338][ T8771]  ? __import_iovec+0x1dd/0x650
[  248.728860][ T8771]  ____sys_sendmsg+0xa95/0xc70
[  248.730357][ T8771]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.732011][ T8771]  ? get_compat_msghdr+0x11a/0x170
[  248.733589][ T8771]  ? __pfx_futex_wake_mark+0x10/0x10
[  248.735221][ T8771]  ___sys_sendmsg+0x134/0x1d0
[  248.736700][ T8771]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.738352][ T8771]  ? find_held_lock+0x2b/0x80
[  248.739830][ T8771]  __sys_sendmsg+0x16d/0x220
[  248.741289][ T8771]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.742872][ T8771]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  248.744634][ T8771]  ? rcu_is_watching+0x12/0xc0
[  248.746130][ T8771]  __do_fast_syscall_32+0x7c/0x3a0
[  248.747748][ T8771]  do_fast_syscall_32+0x32/0x80
[  248.749328][ T8771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  248.751270][ T8771] RIP: 0023:0xf710e579
[  248.752569][ T8771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  248.758493][ T8771] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  248.761074][ T8771] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[  248.763465][ T8771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  248.765903][ T8771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  248.768341][ T8771] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  248.770816][ T8771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  248.773206][ T8771]  </TASK>
[  248.774141][ T8771] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  248.776368][ T8771] CPU: 0 UID: 0 PID: 8771 Comm: syz.3.830 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[  248.779935][ T8771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.783220][ T8771] Call Trace:
[  248.784310][ T8771]  <TASK>
[  248.785238][ T8771]  dump_stack_lvl+0x3d/0x1f0
[  248.786700][ T8771]  panic+0x71c/0x800
[  248.787949][ T8771]  ? __pfx_panic+0x10/0x10
[  248.789342][ T8771]  ? show_trace_log_lvl+0x29b/0x3e0
[  248.791044][ T8771]  ? rxe_pool_cleanup+0x41/0x60
[  248.792665][ T8771]  check_panic_on_warn+0xab/0xb0
[  248.794210][ T8771]  __warn+0xf6/0x3c0
[  248.795475][ T8771]  ? rxe_pool_cleanup+0x41/0x60
[  248.797034][ T8771]  report_bug+0x3c3/0x580
[  248.798397][ T8771]  ? rxe_pool_cleanup+0x41/0x60
[  248.799950][ T8771]  handle_bug+0x184/0x210
[  248.801312][ T8771]  exc_invalid_op+0x17/0x50
[  248.802741][ T8771]  asm_exc_invalid_op+0x1a/0x20
[  248.804284][ T8771] RIP: 0010:rxe_pool_cleanup+0x41/0x60
[  248.805964][ T8771] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1f 48 83 bb 80 00 00 00 00 75 06 5b e9 65 b4 0e f9 e8 60 b4 0e f9 90 <0f> 0b 90 5b e9 56 b4 0e f9 e8 61 0f 73 f9 eb da 66 66 2e 0f 1f 84
[  248.811880][ T8771] RSP: 0018:ffffc90003bff1d8 EFLAGS: 00010246
[  248.813739][ T8771] RAX: 0000000000080000 RBX: ffff88804ef75320 RCX: ffffc90026001000
[  248.816265][ T8771] RDX: 0000000000080000 RSI: ffffffff88aca090 RDI: ffff88804ef753a0
[  248.818724][ T8771] RBP: ffffffff88ab0540 R08: 0000000000000005 R09: 0000000000000001
[  248.821162][ T8771] R10: 0000000000000002 R11: 0000000000000001 R12: ffff88804ef74668
[  248.823580][ T8771] R13: ffff88804ef73fe0 R14: ffff88804ef73fe0 R15: ffff88804ef75080
[  248.826012][ T8771]  ? __pfx_rxe_dealloc+0x10/0x10
[  248.827546][ T8771]  ? rxe_pool_cleanup+0x40/0x60
[  248.829070][ T8771]  ? rxe_pool_cleanup+0x40/0x60
[  248.830596][ T8771]  rxe_dealloc+0x25/0xc0
[  248.831953][ T8771]  ib_dealloc_device+0x49/0x230
[  248.833487][ T8771]  __ib_unregister_device+0x396/0x480
[  248.835151][ T8771]  ? __pfx_ib_device_get_by_index+0x10/0x10
[  248.836975][ T8771]  ib_unregister_device_and_put+0x5a/0x80
[  248.838733][ T8771]  nldev_dellink+0x21f/0x320
[  248.840180][ T8771]  ? __pfx_nldev_dellink+0x10/0x10
[  248.841806][ T8771]  ? apparmor_capable+0x114/0x1d0
[  248.843362][ T8771]  ? bpf_lsm_capable+0x9/0x10
[  248.844798][ T8771]  ? security_capable+0x7e/0x260
[  248.846346][ T8771]  ? ns_capable+0xd7/0x110
[  248.847729][ T8771]  ? __pfx_nldev_dellink+0x10/0x10
[  248.849331][ T8771]  rdma_nl_rcv_msg+0x38a/0x6e0
[  248.850808][ T8771]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  248.852482][ T8771]  ? __lock_acquire+0x622/0x1c90
[  248.854031][ T8771]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2d0/0x430
[  248.856028][ T8771]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  248.858157][ T8771]  ? netlink_deliver_tap+0x1ae/0xd30
[  248.859780][ T8771]  ? is_vmalloc_addr+0x86/0xa0
[  248.861306][ T8771]  netlink_unicast+0x58a/0x850
[  248.862822][ T8771]  ? __pfx_netlink_unicast+0x10/0x10
[  248.864479][ T8771]  netlink_sendmsg+0x8d1/0xdd0
[  248.866018][ T8771]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.867679][ T8771]  ? __import_iovec+0x1dd/0x650
[  248.869231][ T8771]  ____sys_sendmsg+0xa95/0xc70
[  248.870745][ T8771]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.872422][ T8771]  ? get_compat_msghdr+0x11a/0x170
[  248.874023][ T8771]  ? __pfx_futex_wake_mark+0x10/0x10
[  248.875677][ T8771]  ___sys_sendmsg+0x134/0x1d0
[  248.877129][ T8771]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.878819][ T8771]  ? find_held_lock+0x2b/0x80
[  248.880315][ T8771]  __sys_sendmsg+0x16d/0x220
[  248.881776][ T8771]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.883363][ T8771]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  248.885097][ T8771]  ? rcu_is_watching+0x12/0xc0
[  248.886586][ T8771]  __do_fast_syscall_32+0x7c/0x3a0
[  248.888203][ T8771]  do_fast_syscall_32+0x32/0x80
[  248.889735][ T8771]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  248.891706][ T8771] RIP: 0023:0xf710e579
[  248.893013][ T8771] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  248.898947][ T8771] RSP: 002b:00000000f50fe55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  248.901524][ T8771] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800002c0
[  248.903960][ T8771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  248.906385][ T8771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  248.908813][ T8771] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  248.911233][ T8771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  248.913692][ T8771]  </TASK>
[  248.915243][ T8771] Kernel Offset: disabled
[  248.916627][ T8771] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:04:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8556d185 RDI=ffffffff9b09f540 RBP=ffffffff9b09f500 RSP=ffffc90003bfeb40
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000037 R14=ffffffff9b09f500 R15=ffffffff8556d120
RIP=ffffffff8556d1af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809752d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffb054c10c0 CR3=00000000137c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000104080 Opmask01=0000000000000000 Opmask02=00000000bfdfdfdf Opmask03=0000000010008081
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd37734c10 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fd6d52e540
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fd6d534340
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffb055f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e754f4645425d05 1a474f475a054149
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 454648051a041a4f 494b5a594f474b44
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302e303a312d372f 312d372f37627375 2f322e6463685f79 6d6d75642f6d726f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000055fd6d532 0000000000000021 000000000000302e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6962757c2a646275 7c2a647361647c2a 73736963637c2a00 306d656d70006b63
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73616c632f737973 2f007a8b75014b06 79732f002f6d6555 7379736275732f73
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fb7ffffffff77ff7 6f7f7edf7ff5dffe 7f7f7fff7f7ffd77 7f7f7fef7d7feff3
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fd6d523680 0000000000000010 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055f800523675 0000000000000010 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000007f7a3d RBX=0000000000000001 RCX=ffffffff8b82bc69 RDX=0000000000000000
RSI=ffffffff8de29d1f RDI=ffffffff8c155ee0 RBP=ffffed1003bde488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666645 R10=ffff88802b33322b R11=0000000000000001
R12=0000000000000001 R13=ffff88801def2440 R14=ffffffff90a95d50 R15=0000000000000000
RIP=ffffffff8b82a7cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809762d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000030cf5ffc CR3=00000000137c6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000996fc52e9c RBX=ffff88802b423a00 RCX=00000000000006e0 RDX=0000000000000099
RSI=ffff88802b423a00 RDI=00000000000c851f RBP=00000000000c851f RSP=ffffc90000538ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b427c80
RIP=ffffffff81680535 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809772d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000801f9018 CR3=00000000206ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff81af6893 RDX=ffff88801c318000
RSI=ffffffff81af689d RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc9000048fe00
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000003 R13=ffff88801c318000 R14=ffffffff90a95d50 R15=0000000000000000
RIP=ffffffff81af689f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809782d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055fb0449e000 CR3=00000000206ae000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73e4ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000