last executing test programs:

4m10.564486833s ago: executing program 0 (id=74):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="580100001000130728bd700000000000ac1414aa0000000000000000000000002001000000000000000000000000000200020001000000000a00000084000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff0100000000000000000000000000010000000032000000200100000000000000000000000000010400000000000000000000000100180008000000000000000100000001000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000007000000000000000c000000000000000000000029bd7000000000000a0000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000022000000000000000000e000000080"], 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

4m9.972218366s ago: executing program 0 (id=80):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x51c, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {0x7f00}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x578)

4m9.892304881s ago: executing program 0 (id=81):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040))
pwritev(r1, &(0x7f0000000200)=[{&(0x7f0000001380)="717ad08c8bcc77a18bd9a49a81081d9254d028aee3d9c94cf48309fe713ed78a75979c8555e752fa873444d1e4d479c803f2edd22e6324922fc126c6baf93d333951f69cfcdf765a50e10f65f6991e0842d9f05602d59d7f6ecc442c963c72bffffcddd9684b5b18913360accae6a765b6016f70716dfdee1143435385d751621db4652807a80a28324765cbd0882901daeaca930c9b441a134ad1c8037485f00927aa030bf28426e42177cd4f0b37e7be7c99b7103c1c5fe8fee7df1b4554735392a9420649aa3b5195d81cefe93f5b439c8d03dfa26e", 0xd7}, {&(0x7f0000000100)}, {&(0x7f0000001480)="57c7ef00de725122690a0083996d8d48faf72f2381d70fd1fc8e75e15f7407cc10e8088da2b6dfc612e1cc2b9f85411f71c53e16b226815ba816b4507e4447fa27f90ec3c5d1213d7b9fc2ee386ec9a775055a6e1301731023cb0bbb0905b8ae40bbdcf6cbacc77ef66b586ded750bf9a915ab52cb455be0600fe51e7ffd2e22e8f126a128012dd59dac10f5c14a6afaf04385800763aea8bb559eb0da3ea5231899d46922eb8395c4e0bc71c3d86d2b263fab240d76f8b3", 0xb8}, {0x0}, {&(0x7f0000001580)="81d66719d9b6d07ce5c99c055ea586ee15438bd6c78fe3c25dc3721930b5c63e48d718c6870d4d8b9f6bada63e927c51e1700c722c67c50efb0a7b07492f7313f6391f36656b77300e6e664fb8590184a604d4357fb4c3eeacc9fe0117e6c0cc3d0cb15addc07eb5546568df91121ff57e1c0b76718d4e347ec687addeae4be0b9c1038187262357d02857029abfc2197f363f7a45f7cad6e4069feaa094ffc0bba9d27bb81d1d8cb995fab5ddd2f5ab237a9ce1", 0xb4}, {&(0x7f0000001780)="f419e6ba570f7d988a9367685a79fd1aaa73d7295ad291489ad2b8a4866ce3c85a19b3f9545570d75bd76497347e712689a84fdc0d9670dc983cb781a5bc401cfa2cf07fa1a7d5afd578e0d234e33add7a0cefd8a295762726850aff69f3c3816488810db618a8774ff289c87ce0ef3ae7ce504799fe512d948d540f008403a6059bdc880c8f3c7a5b6d26c480c6bf11071444b4b758de078f03e0797b7902f97a0fb0dd19fb32ce8e4efecbc3355d26151015d3ff84b1534d153803e07d5e978d8751f3dec1f08627c28f05140314432efb91a754d87d348cff2a864297394ca5b2793f0c5318040a14a7304e3e0bc8eb1460a561d8d802c96831ae2deacc1e909cdd600570e7d8ad59643578d769731e72105112c5fdf3a3833c7d13ad4442768bd4e70f79528f76bdbaaacb2895e4f530b75f0a4a17ba4256c8a81db485d5d43264a57abd71af82bc5451550edf2b9f90f1d03c136aae1d009f207e58f1b0d52e0c7188dbcb5247ac03340941f7da60c05c68b14a47ea9f7567073dc58f303d67c3558415eac3fd6ecc5a4dac0ebf29874d721979112f83dc3fed4af818c458d58ea8e379b39389656bf952324a7ede44abb53bbe8220e3d1dad49353192084d8832e04b44bef9c242efe8beecbe937f834f732703d426897cf02327bc8223e387799f0834c912bc61f61ecae0e6a5b1319c8f765549daa0ee9ddaf0301f974b41361bd4799a53fd5198b8ced688273f505bdf21890dc56ca65daa706269ef2e5fabe2fc010ddac6587bd0439d09b139ee2d681cf3b6c0fadfd34f0c2f26bc9fccfa1009e4ad875eb2843613ad2118f6a2c19834db31cd3fc5836ee1c65d345864a48e0b9abf5418568f9997b729c24ad57674419246524ff518aa1ec0a52f313bab0bd2121a2c1030c9c86aeec19d88d43d0ecf5f283ffb5ef72168ec809eb1907ef1aef29e6a864ae73d084d593d147ae313e5aa1d9189365d4ec15b4ae065f5262cee336d1136c9a56b4838e00efd41f1d2c56e1e07df0342e838e94d084138041876fea99b08f5c4fc8f18cd03783ed2ff2cf8adb940b3f9adaeea789790cf032c42a34e3eca9daad120d2a160a8a8813e66e9be6bb78d9fa09ea85f50ac4e9e37ee29fb79fe6cf7addbb4a559a848c4e96adf59dddd7ebc9553e86754e8dddee2a9ad34680b6dd4c72fb8bdd8029a2317ad9a11340a69a552d2e5963ae6ccb328a6a2560763732d10d5790844656d85c0edead4e787e027ca6ddbee927f89467e096a89b23deaa1cb236d0ff83aa73c5fbd5dc64f98aab2a510b83c14b3c32be8e5da5743f54064580f6ba6899dcea4302849d46e647842dccc135abc1ddb8370c09ade8851cc86e16e4f0146f63c803ad16ced5477a74d71c44b3cb68b32aa432171adf4e4a4b81db914dbe58d2869abb989f6e75ef7ca648e1b5e4a6c62cd1a9a5621441ff0592cd256c85cd25c12bf1464a17b4c67e6e002c2eaeee8eb88dc7315e370be97664e8d4d3bcee3fbc1b53bb25074f6ee801f6a6de888e111d7dd1e33e2063fc38d87864a9e1896755d5547f377e556a938c4f74f40092948a5f78137fe0e85a32264395b0cc59b32abd4a1a477c2bdc11dad834f683694014081d1fbc59b4ff3c07b57779d28709cf16371c02b84820139adfa4a29afc524b736445ad524f21cd0d64231d122b7856b50c417a7871988af462e6c900eee325cbfdad7adfcb4f411da83f5d59591844fd50316fd1e8d7a66a5b2037e3272a148525cfb990d85416fa86085e8c59ac83169a249a19943dbc6210a39b39d75fc1a089e47e47d324634d2a1e74862c54f76a2b4a7f7ba8a7d4f2a881d473e52088900f27185e844f1d32f18e2c1d830eabe5e3a911db283f18f9f37da558d06e81438b3e55d597abbeb1f28276150c7b400f4d5cbed22ca39713c61fed23ed799a19ff886223282f17a69a798bfe8a1aa770ce13f93a58c2543c10c98bbb914297a8a0e9d2e662fa56ef9522899007f68fabb512bc99319fc991453cedc75f65f8f9b00b62836e266c86956b8123c39e84c54c0558eef8e977fb3bbd86cb7ff7abe02031a2f0afa469984cf26b1056c74034a9abfcf25ececbe7fb67288452ee802593f9cc92b093f458a12b20ba8e9af00f5b0133b21a847e67060ac9aac98c6b12733f99d96e9a833d58ca0c3416c2a3c325262a658f57512f0e5fc93564e48b0373d83304977015ead6989544d6ad2335a6ddfc5fd8f9263a77a55a94d0adb3ddfcfd885f2673c1f38b413bfd2a57093cdc2aadcac514510692a8671cdc384ce9b4b07000d23135643833a5bb48afa58b604aa017eaa69e17d2c8287a8c43a76ea22c4b0523cf263c11e48579fa4e5eeb64c6f121554afc4c9574ab17a12474608ef4332095697741f6ee1e762fb43b4d78e88ab8ed02b3bcfa8a6c13b74efdfcd9cbe641482b0fbb90eb8adf7fa9b5f5fb67aecdccc17e41cc4376d5516bcf5d536504b0f29ad5815f7439af8e2104b74196b115b3c32dd3fc43c61c0dda0e5454095482d3e891e28b231df5231f417754edb70a71f88fe52422cafb183c8da1709f05f6b4d075fa6e6cb9234ea9e1dc34e2aa1cdc3ddb710a0e7bbd6eeb3349045f6ed5b4eff3ad43d631b34154c44d0296171d9de2d5d197267b125decf892205a7280ef28617c24072f9371d3a27834332b19a7a623dde50ca68adbd140b4b379a8246608d890a6ffe5ab8838288b18b30874443bc81ab9b63d56e87b92e929b99c88cd13fbefcf0c8ab793e233c1bd4dc75fc32c7c3e60e3110cefc9ce3ad5da0bb2e804a84d358689f72e5ebecc10d2063f039c6720841ca71c22165255dfcd4e11c823b0146456d37dcbe017857010fe3550bc2c1abd4c3c9915871ab4c2a419203b1f4ac33f7e6789ba91a05b59acf74c6b4be3cca011ef9cecce0062a9f6de67aedb90dcd88f3221c25970374c6d9264c480b8716296f10b11cece75d601745aafd0967c9c2ac80a575efa8f4b371188593257fab70c81fa3fac67378c9b7085b821202e9ba35b91d500af1eb84bc001d7415770dbee3c9378fdd716516838c38abd90fa757b507d38ff07e692b0d9811d8d4350350093b6593c162589a1132fe8052f545bf5b368aef1b86e14d684619d1e1a8e98372966f0e0cce8712e4e9990f990b571069f5abb94552f8575f1f658861c7b155e00163ad6cd61f85cd7290e2ad978040a95a16b8001b61cd0efa45cc47046880f6e75a13f41a679a430949fc8fd2209dbc36c4e50d4939c4c5c0722eedc444dab921ed7b88e79273fed3f787b0774b82af16e46a2c4fbca57c3ab292d1d5d1f4e65838c92b6c49c511d84fe9a0117e69c467f2d15860f0b8816271edca493bf6346d6e466b24e989fbae570eb14e21dd402a41a8123bb2544a6e27e48064450669e74ce62a220bebe4175d14d3bc5dc95128a3d5ada0cf8fc841400652e9b08f138bf686c480b4600858d71113a862766b4d50b1e8918bca0beb112bed7c67bd6081054a684d8c986567389fe9b3f95c7cb9b399258011b9d47f63fb4d676c218907a2cfc4908a92d9a57ff3116c27afb0a894e6362e51401d11c65d744932e41617e1dfd6a2b70b859bdb758b43f5312c70258d501fef34003f4c01c065e061be8b3361d8ba96da8fe440ccb3b11cbd7a2c17d96849f4c2d7ef1dce09b8b906047138599f8a3c918698cced94281b4f3cb3064a41727d49b876d412bb5be6422355b0647ca49b325a8514768a0e31127ec016884c10cfb8fec263153b8b4f40d71ef721ae4cdb203ac55bd0f24ded4828761cd3e9aee8d502206f589be9d5bcea123590bd0b00d6d5733e597e1cbc5d1fb901e62fb94435788dfbfc80bf193a861f481725516b42c2676d232ec7369d768dd1104c43c2389872eb5e16f762dd15b449810a8aa695460d1b4d0ae4cf11396c97a33e2dcb982afb7e543814cc30eb163c56488eb862830b922952c9f88e2a90f70d56c7e02f519f7dcd2e64c777c79b7e224bd722d42d994ed51d27864a576a4488b4c101f5e9f56ca28465070cbeddd974bf77dfb23578d1bb658a0962601b29387501474b8bdc5503f20ca9123686d70a64a90cb042f26363e4ebe9a288f83acdada66950f2cca4024adee8fa445c4baf6fde84be9cf64a138c771dfe57cb8913715ae2575afd583db6c442d390614f384033640abd521a1f6a1a439a24dce39df1adc3823957610892aa12e0ca7dff6d1b19333fe3df9cbd4ab29c6954d7c76a52e7b5a5b0ea4bed9773dd9084b3640b42482fb65ff587cf0a64b0c405c989e731da1a6ee696137e36bb63d2ad3fe35c33f28dc3e1020c91fc9a9b378e3bd814f7d458c45d94278f95ba77690f3feb5f4ae36045969a3f577117c144217b2493b26d91074381948c3c79491f520a2a09294f63db9b69f87e1ebc04c7a543c40f9310c7ecd40bd645f4987e1f7a41faffdb2c0ccce76741d057f73dd5825c04372a43ed0cff8f0433c9d54da82dbc5a13784480f945339967b3579c53165c35a3e954915cadaab443dc457d126f8015189dbdec78e027dafc55c2138f86a6bb90aacd7d2c719164d56b505c76ffe54160328ce01e175dddfb16c3bc81b0e0f64b7ddad2320246e4c83899f363885bf965a72e07f07b0ccb3e3b84bc0616a1975daa2b2d31e6cf4e23b8e021aad63b6a36f232a0ffe214ef819af318739baf16131578380651dd0e9d4115d51146d642fd7653271b2bcac75656cc57ede6e05027a31d2bf8b881e8464ee3f4e6f86b0c3f2e6902e7046ece9f70fb9a827bf9bd5826e4d78ed719be2092dafcefdde1aa1c9e5b835af87625290ffd26a8b0615f51c7bb5b6e6c552460451f6ef560f08e501e5d280aa64e54115b502fa50272451ee48a3a7afeb1e62dccca544b30ffc0e52bc916d6c57f6619ddd5a7ed3d88c89a19e4f97845352bdcf8fed44a066db11039b78dc01ee4f559b14502d57f3aa2ff16abedd2eabb5018d9ffcdf0edfc80661a02997f284c6a614f56985b3f016f7ac0997562edc33a72028e585c6755d9e7811e35da9400dea83dfc8a4687b9c96be4b5c4ea47432d722bade3d2f18b1c213c58b81bd5ee8a494fed7f39e91e3095e53c08d80577b85eca246cdca15aeb926fd2c37bee4040f2bb0fa7faa072523e0948d7e97d17dd054ad4ce37b26f45e15ab4a8c890d3abbacb3e028b1ba60691f0e71fd0ff2ff5cad3876635d89bc09a4527f0e1f8abbc958806539070959430cdbf546b9c3ada909aa46f81bf3c7b6e6e4865d5e4e73004d9c182098f04ff63f5f3a5fae29bc55ab25bf5222f388893b626b1e0df971583c436d466a61a94db6426c48d4f2318cf3f0efd2091c94e2b4397a53316841313706642e44d23a079cabb5f4719ec9036b6cc68f7db441a0d28bd02558ac8bf8044160def0322f684a4fe3aa76bf8d63a088a737a3bc929fbe8c4d3dc48153e3445e83f94c3f7c69a0c0e8aba62cab6c2d343410785e273e7b3ed2c73d4c0a5e3d3862a737e38a885cd9d04ba4b3c63f9d2dcaa7e261ab94470ba38b9fe6c9967f8535859e6c8726b5982cb0aa59f60ecc0904f59516ea37ce518024b9bb6764c972b654d1628c363a76120b963d0e1fb797ced5c0b7cd4c299c09658da6aca4b8c3526eb7b6c84a24345d73cef9307d2dfd6a16feb29119dbf794eae6107c4d557e8f4a5937e8a405f01851e45f4075a93333c4557247aa3288c316acba344741f6ea3ff92d6e822b57e0293e50ca1efedd4a183d", 0xffe}], 0x6, 0x3, 0x4)
chmod(&(0x7f00000000c0)='./file0\x00', 0x8e)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = openat$nmem0(0xffffff9c, 0x0, 0x80000, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f000086b000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000001640)="dbe38666f60fc72e34030f09660fc73166b9ee0800000f32baa000ed66b97403000066b829a9823e66ba000000000f300f01c266b9800000c00f326635004000000f30", 0x43}], 0x1, 0x0, &(0x7f00000016c0)=[@dstype3, @cr4={0x1, 0x4}], 0x2)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002780)=ANY=[@ANYRESDEC=r4, @ANYRES16=r1, @ANYRES32=r3, @ANYRESHEX=r1], 0xec}, 0x1, 0x0, 0x0, 0x1}, 0x40088b0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x35d100)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0x1)
syz_io_uring_setup(0x5259, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0xfffffffc, 0x386}, &(0x7f0000000340), &(0x7f0000000280))
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
setresuid(0x0, 0xee01, 0xee00)
r6 = shmget$private(0x0, 0x3000, 0x800, &(0x7f0000877000/0x3000)=nil)
shmctl$SHM_LOCK(r6, 0xb)

4m9.582405648s ago: executing program 0 (id=85):
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
io_uring_setup(0x1369, &(0x7f0000000480)={0x0, 0x0, 0x400})
socket$nl_route(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000100)={0x8})
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@remote, @in6=@dev, 0x40, 0x0, 0x3, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_tables_matches\x00')
preadv(r5, &(0x7f0000000200)=[{&(0x7f0000000380)=""/106, 0xbe}], 0x1, 0x40fb, 0x9)
sendmsg$inet(r0, 0x0, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000180)="c6", 0x1}], 0x1}, 0x4000080)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000500)={0x8, {"4adc0a007282e1af73e8a0fc1da291011b94f5f7e17f718e41ef215f9b0033a791736bba26aa2c7acbaac0d71096b3b0160e426fe548e22e64aeaabb8259238acd360e973ca259918f2df2169cb752a23910abf6e7126d8a7cbf015f5d00fad6ba3c06d4666fc8c32c79b416206ccd212b00ef5e1832865bed8ce309daf64648536aa36da6970e62d3a2506f339785058b68dae2fd5e2fe1c28c92641ed6019583695e2d3457b6ec062315c4c41efab9a8349b9ee100aac21a6cd16afc59751bb04bcd0f0ecc3a997865f1df8f6662c1d57f7be0ce0abc0f1e84952782f879b32a74122fe8d998f22454c7cfc9b9630822a2d9c805a559f7390c4e639756fbbb2a281f97eb76a95fa2a3f3e4f48ea1e13282ba5f23c0885d093b3eeba7276cdf7e340c90fbe01ffb52dde8ae5c93b83c04cde2aae315895993d99da770eb843d01153934d5109c690e213a05ff48dcb2011de10913300f901f8634355e5e113693651f2bb5e0c43f08847f607c25597b19ed61d70e9a422af722ffe928cdb36e3828b27eef1ed6a69438385ef54f2f884d0cd63acbc448754f50bc9dd1e6170a5abdb0b64bfaeb74e832ea61130aebd2edc993d6c5dd08420dbaced06ba590d2205052f4d8e172d8bb63d68d424d7fa7493c9a54e7900126ca7019ba63d1d6f246657c034571a0dc6a4d83e28c5e6e5887ea14c54e75e5128c747e5d8207c6db149b09db0a991331e5ee96e1f1cccaf149de805c53bf6f32c06cb8a996d384705291e4f479e79a1256cc8ef7f408990e0106142cda66ddb03618d6571170efa1afc6d11cd633ba2950f36e3b7c09739b72a2730c3302250eb3f8639a1dd38d278f0c1e548cf5e08278bf8352d8ef5f2dcb885d00aa276e062f29e41a60b0cceaef85a788823b150dd4b7f91080db7dca7c7b9797c6d24c3a553ff4bab718d9fdbf5ca312dc2456d8a2426758542389511a05b397c8b9846734ea9148610ee1a50ff39df9468da035bbc1d0ef3c38c7bcd310ae6a275f3d60649e6cb1848895d211eca940ecf5f3d5c81ae04d51e9d6625a21487a6175536269fcb2a1b88df4f2c1e517481c0561eb35a239437b7dc06f10b039eadbb45c2d9db758923a66e87b3c16ee8f298e58e797b14c4810f8945af0ce71b2ff36f6b896ecf410f06dbbc3821335fc0572590105fee8a01175791143888ed6c12f2af3359f56069277c49dc391395f82dc62c8b2a7dd5828beb5bfa94a6c42151452eabdb7ab2a7945cfdd61d81858e1c922c1e317d840ae18ecd1b8d12f8a9e0b94a8e7725f6afb05197fdfb6af6da7623b5a5c8f44f40393cbda1ba166b743ecb5755fd778c5b6665a1cb63a3068778df98cecb34a0e6dba89fa9371caac9488b89757baabf9bdf0a700e4858e9d88fd05d2989cfc6100b311e3dee7277405346b432584b8b13369f3301f0ad794744dea3c94535dc5aca460e1bb55bcdd2624486ea50472a4e80c50e1bf62a411cc4e8c179174459bdfb90e31b8d66ad5202ab42357b16caf19e6ebdbbf6cd1b7249f13610519ce816f5fc642ad97d88471ea84e676845b6aa7d7518dad4c649970d46110e2cc8047d25c690e7c44ee8d1ff10e22356a50732bad2e07518e3ee529af26a9b64caf9f331253d0e37504f3bfbe7a59d9ba6fe9b19dba9b9889ed05bd5834e59b56addb746ea08b2153c3e26fcd71ef53c02962c890bb5ae739f5f2ac246f2e35e22950b5159426a4143bdb90e69328b6d0ceabbe3aa5787f3afa4ce7aa968c4f50cb2bd43bbb247b7b1d556fd5385a118d57b479d9b1d03f82fa04995b0d0d858ddd0dd5bcba0e36d3a2a04df9b51e26269bbfd48e4a70d4594f026bc75a032f76f3afddb0c823f16dcccc710aaef1b6fd26c924758c201e621757cb13ff7d3e38febe99ef4946fd07e6332c77027c5db8ba870f63518827c5dff48ad2d6ba88afc7d7e86847613de6363f4dcd02ffc73b5fbaaebbd8a5246ad4171b78d8a6d481b3616cc0071ed6c2403e1c2067bc96ab5da00deed6d6e41971096519bf8057c25a805f2aaffd24275faf35e84c6a84f25c3f53390c641d5bb345bfd2962396311852217d5064a4537c0a07ff0e2de5e00da39684f2f6febd6d1ca5b3a777408e117cc4ab0b5d49afc598587c537dfeaebbc631eeba9adb2be9c4b8ab3095e956815a4844b4cc71a5393ef04ed16ce5fd5393742fd97148663c1a2e4786a1d17135087a5e88dde29f05e48a235eb1bedb6fb1a084b1aca9800b55ca76dc478eb35f267d35586a0746d71d8b36562501f6e932278c1f6851d49c5b8016b397cfbb7e672b6f450ddde4a30519d2407cbefb53b0e3384906c4e2f8038ddae593730dd63f74bcec917c8f3ff442cf9b30574131cc47579cc78ba77965dd30816dd6642cccffd330836dbc9de3f4eaff3605b32d0258b0b85c4989c0d08396f82e3604392f9cbc4788a80ce8d237cdf4cb8ee7a544004f85a1f2e339a5b92da8c579948040b5ea55d56b02b02cda200c8131af78c2197e46a4e737b582f18d61efd4ac8a2f35d17adcee9e0e5992299a835513b94aea039f9c066797e5625f7c064f0f4e08a908557e858341cc00c26f3c729f1df4431fd60817dceced8e21b0ae02890744ec5ca92d28c6d57a2a02d1eed4e568d9002e0697ed024a70799944dbb3df04bfefe19a553cf375e9543534dabe6b7b52f575e019662de60ecc73d670f2b2ab3161ac5c3a7491ae690d3ccb9c919ad6fbb400dc0bf394e60b07424cda6856ffcabb919e99cf71daa5dcdfacde2591eb3b30505b58494db128b5caa588e5cd8a156a9f11f54280c80d9d8696c06a96bfe7ea74616cf37c23044a1073c94c41481104086e5b63332155c621ea3e70d6358d2f8bc139efdd0c16469aa064448c2fd7edc87b6bcb47e6ea6b3df7e5e130ebdd6941359837a1e4cd2b294c31b46d66dac73b6844ef82719ee4708c62e65cb2e48d9cfe543bf2a0e77fa839afcb831ce19f4f7d20b8dc744569e29faf5dbe503832a6f78458118b8d265a98bb45563fb01eb5fb783d26403bbf4a052ad9067278efc853e3bc780da430dad7064bf374f5b07e52c2b96c1271322b25944c62634cb5125905ba7fe678e0ea83594ff0c054310c6be451cab172415d674ed152882656dbfaef6e6bcc5bbc90777c9aa3f817ab755d393cec53cbfbf6476483397e6e4eb3a6d5d83b8456e882190ace41d534a4d705defb337166d3e641cb0a7e0d9069a1cff902dd98ff86478ec1a39ca33460600f2ef68cc0010145d0a618718e8787a524c5f48b176a81646c2ee91a608799b0cadea420741b9a20f4db1859b166294ddd5b2829282bcc8d3506f7679d68cfe2726a56ec1f7a078c2a6b5f43463560e6f364576d5f65d2cad1735be7ed850aad83e522666a1eb7c1deedcefea02ab4bd5101dfd40ca39a3b505539270e1c804546d866fe440e67a01749a668e8b71487876a9fa659a192e2da281e53a64fa85f4082cc90fa107bb1d8573fb8c9c18237a459e79c3a2a0b86391b2dd5127808f13136e2e4552190f16a35e715f6ed8c8b8fc46623fb203fd1663a162f6adf1baaee1b6687a59192b31eaaa4a43c893581e3f872e23e78a820c1a9210948c921073a9f6bdd8375df3226b4528fd7d484bcb9597ca7b576cca6cdb674a286f827999b6746bd99b5f01724d6c4a9024bfcfb1cbe5bc824bf2b0ee9411c616bb66f98a8418f4a7fee4db7cca5dc2cf4ccf4901b614863036515a8f16ef78e1b33fedb52beab3d58caa3caafb2a446c556c74045ba870633964704f2935b35d867651c0241845073f113279e37b1ec0c9cb87f9982cb06e5c4b7a150e3ccc24a870792a73f4613ebc283329138e66e8cd9f69fe39894581e216b136c1dae7e68e8767eafe17f28d7fa7411b01321a04d01405bd4eeaef08886fc67f7b6295c0aa76cdf4e493078942e4b6466b29c7a7c20f275b0a99a4d00857b160d6e9b65f86d96a16635c3245580d60f6f92fcaa309fa51bf7a80b37383f0656afc0584aa68349e2f5f546cf73b16c130b51eff211d5accd6f73a2cb1481370a22f21799dda72201d918f1cc2ef8a66cd9f4bf2af1d5583e91ab1e28490536db7870428060552d04bf12ee096405abe64f09e08516a2d922a1464ac3a7da2e10f999cd05cd5e07921eeadbfb22ceb63cdf0bed0c9c02b443782a6aad7c407f492d959e4f54db7e2aeaf06fea81ed51e10caf2612f8aa6dfaf7ffada679be8d54a6ec20d4f49687798506fffe76d5e249013b1b4ea91ca6c8808eb68bcb7235c566e93b30bcce4687343becf3fef02713b19d1f11131f2ef349edef8a192710268c850642ca247f32f77d39955e7b37546e4d2665267ba53afa4dd1fe4e6106102b9d670e223890d751d98d6058c931708b96d64f38320fd9a65b1941efb283d34d21815ad22d7f9ae9d5fb475ca63556b4c6975423132805fa4cfb2f45d7196716fafe08f413dc92defd89a19d28375c90caff1a54e511e65d3bb9a37f30ac789cc3ac677e3d3c748ae804e37897f253e7be43d050c95a24507ab3ffba4ddc9f7dfc6d58c30b9a5d840774e99cc9f74bef0ac2921c496c9a8b3253725096954250043e4246f686c0b9a23c05711d883c074a32e52bbbd6cd340c0d3395bed9d5dd5c71f4b60e39a80904df297ddf99d4fc18d547cc744ddf09ff41d2b8b69177f67d6069981bb2d6329001da4d9d5aa25e73f3921cc0c463cb8bd558b7c98fa4721ccb8f4d9df9551c7975a9f8c373b6234c3db410639465c500ca15e754312827b5f3e1f6a4125d22d7d4ae6f3b16e986e99cfd7ac5a230438323fbcdd8bd43c5502b90c2b9b48e3abd7050af1be788f913a52ea79a2ed33be934c2e1a37fe71ce815a59d9ec806dca30b2c55ec44b7ca8cb5bd3c2a0babe82cb31865b0a21446ff58217772cb333d4146e2f760bab5933d275e2d1b4a2c08a22fbeeed2a570bb328a22e7494d2bac793cb877fb7de44b308a54e41f1928060366e4e09f2d81d6d5500044324ef5b70f072f014bfab9e0ca690df66b52b1d373b25c69fc28c76a9a682a234a9e38cf78eac3bf09979d271d9058130615a9d5df367b99daf1008e7e47e828a33a4969ca8a4c2d991390e08e6a74abf36579e4d205401b2e88daa05e7cfa8356eac9a0b2f4c9050e68e2c646c6070025975b4b1262eed58062a36e8c2c6622faf899ad7d198177042d2b90ecb5520c67f4aedc0cbcbeb2b62c12266122c867387180adc84a8d8b12140b7ef3384dd8ac786f62f5e5fbdfd8bf91d94be687eabbc5f481e37410bf9a0756dade537b34a078c67f38718bb910c7d0b092461c710aae28299244cde7262e363bbb4cdf08f92fab66661dbbe9247419a7f79708922194a3100ae7de7cd2f3144019a5a0ca9e579e6f6b0fc27dddea78b54d232d1891c8d6b9485d4e26614718d12c2d84748fe52a6a23eb3b5a554be8a1665fd74f9ac6cf4c12e5a8982117f94bc16372a3ff706f5676fd1f0b066ef0ed51822183e49c6f7ec4fb821fb50284f275a6486fd136f4c8e284ac7f97865f6026af5f22b3fbcaec4dedaf8b2f22c017621f4926e65dc32583d5d04a06a99f475c7b02ef06bc102851b5b482256c4f5e6316322bfc9d368078de31e2bd3b3bc071d42ef1ea0a9a4637a35537f5c1467b7549614c8deb0978a4de41e97cddcca7066f1535e82fb384ef8921a7a099c1e456c0eeb6a0deea125e542671660d4b1f5060ea7dd0000c4e729372a82ddb3ea55db5d3339dcc7cd0c4", 0x1000}}, 0x1006)
syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)

4m9.162531464s ago: executing program 0 (id=86):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0) (async)
setpgid(0x0, r0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0) (async)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x12, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1) (async)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x1ee6, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003, 0x35f, 0x0, r2}, &(0x7f0000000080)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
mlock2(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240) (async)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
readv(r6, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)

4m8.242368097s ago: executing program 0 (id=91):
r0 = socket(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000700)={@void, @void, @eth={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @val={@val={0x88a8, 0x0, 0x0, 0x3}}, {@mpls_mc={0x8848, {[], @generic=')>'}}}}}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0x400}, 0x7, [0x1, 0x0, 0x0, 0x0, 0x35b5, 0x1, 0x0, 0x7ff, 0x1fe10edb, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008000, 0x0, 0x0, 0x4, 0x5, 0x0, 0xf6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x3, 0x0, 0xfffffffe, 0x10000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0xfffffffe, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x69, 0x180e, 0x0, 0x100ae4d, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x8], [0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10000000, 0x0, 0x0, 0x1, 0x0, 0x8, 0x9, 0x80, 0x0, 0x0, 0x4, 0x1ff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x0, 0x421, 0x400, 0x0, 0xed0, 0x4000000, 0x0, 0xfffffffd], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x400, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffd, 0x0, 0xf, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffe]}, 0x45c)
write$input_event(r6, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0x0)

3m53.137931816s ago: executing program 32 (id=91):
r0 = socket(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000700)={@void, @void, @eth={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}, @val={@val={0x88a8, 0x0, 0x0, 0x3}}, {@mpls_mc={0x8848, {[], @generic=')>'}}}}}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {0x0, 0x0, 0x0, 0x400}, 0x7, [0x1, 0x0, 0x0, 0x0, 0x35b5, 0x1, 0x0, 0x7ff, 0x1fe10edb, 0xfffffffd, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4008000, 0x0, 0x0, 0x4, 0x5, 0x0, 0xf6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x0, 0x3, 0x0, 0xfffffffe, 0x10000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0xfffffffe, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x69, 0x180e, 0x0, 0x100ae4d, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x8], [0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10000000, 0x0, 0x0, 0x1, 0x0, 0x8, 0x9, 0x80, 0x0, 0x0, 0x4, 0x1ff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400, 0x0, 0x421, 0x400, 0x0, 0xed0, 0x4000000, 0x0, 0xfffffffd], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x400, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffd, 0x0, 0xf, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffe]}, 0x45c)
write$input_event(r6, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0x0)

36.039248429s ago: executing program 4 (id=1823):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
unshare(0x40000c80) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (async)
socket$kcm(0x2, 0xa, 0x2) (async)
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') (async)
r3 = syz_open_dev$vcsn(&(0x7f0000000140), 0xc, 0x50000)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'dvmrp1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
write$tun(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="000086dd0000120000000000000060ec97000f982c00fb8000000000000000000000000000aaff02000000000000000000000000000189"], 0xfce)

35.660729918s ago: executing program 4 (id=1827):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='sched_switch\x00', r3, 0x0, 0x3f8}, 0x18)
socket$inet6(0xa, 0x80002, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r7 = socket(0x8000000010, 0x2, 0x0)
write(r7, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000013481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

34.742377148s ago: executing program 4 (id=1833):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$TCFLSH(r3, 0x400455c8, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0x4)
chdir(&(0x7f00000000c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x33f, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r4, 0x111, 0x3, 0x0, 0x4)
close_range(r1, 0xffffffffffffffff, 0x0)

32.618240134s ago: executing program 4 (id=1861):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e008000000c0802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09200008000c006400000008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

32.49033877s ago: executing program 4 (id=1862):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x4, &(0x7f00000009c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xdffff963}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

32.489995889s ago: executing program 4 (id=1863):
r0 = io_uring_setup(0x800253c, &(0x7f0000000000)={0x0, 0xfe50, 0x20, 0x3, 0x2})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESDEC=r1])
close_range(r0, 0xffffffffffffffff, 0x0)
openat$urandom(0xffffff9c, &(0x7f0000000200), 0x410401, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2719, &(0x7f0000019580)=""/102389, &(0x7f0000000440)=0x18ff5)
r4 = add_key$keyring(&(0x7f0000000080), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
syz_open_dev$sg(0x0, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
mkdirat(r2, 0x0, 0x1a2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r5, 0xc0bc5310, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r6, &(0x7f00000000c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x94}, 0xe)
getsockopt$bt_l2cap_L2CAP_LM(r6, 0x112, 0x4, 0x0, &(0x7f0000000080))
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e30800200000002d190c937dc6914243b0402d6dcb7154fe6727ae888746b024ee670a5882a0ad79716584e5704b7f62edac751478af9c62f000000000000", 0x40, r4)
add_key(&(0x7f00000000c0)='rxrpc_s\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000480)="c86b5ad111b6a06abdfe49748c8e24448b42066c04c7f44bb1ce06dde4ff83c359786301302476420e0e428f690f40cbdd5c07a314d9622bebe72fef79fac809e5905f1bf87fd86029d093031673506ce2d6fb442a822f95d53937526fbffb473b3d2ad0b621f5bb0b17cf87c7514fb2a962ef255d00bd5aa9e1e5d7aa0a5e8c3ec771b8d9263bdd641437f3735afd730ddb28b835820674e9558143e70e2254f4044b25da78eda55298f8bd7e378256cbcdd687f016043995f2eb9a0b3e08a4b78210f33d3ae934994327f2d2c6cf5850148deb1352ef15e9cabf8130336f5a0577af9457a1b286d03b8bddd25dd62b2d585fbb1d3e51c9cd74a7bdae97643cf6c8e7b7091b3ad47765f927bcb8cee22f77108b1357982ba5290dbfcda4683e2705c6c3d6c738ec65bb20e6080f65db5009d311d75665cfd7c28ef4440c279344052e1e7fbb9434fda954b8d64863f15b8a4d769821af4b79e567d47a152642e233701d770abc684d27ea127ef235a732a6b9f8a5eccebc81e2c03cbaa8f78bb5c6bafbe0b9fd2b1cbd1e8b055e6c643049dd0352bd81bfc9be61b0f3d566d4229683ba912fb8a2f3cf3983b3b5d103e127827a47ddda3f958b809a85e5d8b566b6a32b07e71be1e67a81ff04ad478000b61a017490df8ef8ea55e60219e54822e622609f3f251a8fe4fdd606861429c170c6cd53e54be9e681d5f6bb6c15d0707881f4845ff289b244288ba268d0147f8fe363bcb0d288e63b7fa7d0a63356410296c61c09e70b226372df7671763f2a8b814cde4db7d64ce112630906a0acb22a8e19563e64523c4935638f60a96278f525327a9cf8f4c93537559332f52c5cb65c5e2c398c6d49c35af3629f59b285e89f75e46c566e365305cf1102b58f2095a7e91c1c2fdccac4712a4cfa74d4e7bc6aced543e4e9134bad9786ce6851f49065d5832b1dab8f5cc17724444249ab1ddbae3cc1c58ddc2a21a843aefd0c400bf7389b3d99e657651247ecd498811856db012cc442c5c3cb512b0962398547716ef428b06e44a330ddc941008cf2244b9f58e3a5b40e701127e4e428da082d0d96a046418b9e82de3f532d3dc2e09e47ff720a8898877c9ede34caab0d87968f82219ea5e56ccb0d2e516d9ffe846acfeea9180b1ed1d5e1e5a313e6cb7bb7da1fd9ee90d38812d8bee5c0df32cd0512e5ab57a80831c6e307e4fbf49c9f2a5fac2f4db570705ac25cf40e611424a36c416fb5c564319657822798cadd81b74bab763d1c59bb29573a0ddf76de0698f3a77f4082ec069f59b8b536738eb9da16dbea896977e292680483dfeac0c4dc4106fdf732769790f7303c8d4b86247d1b3b52b9f92913b4c73ca09b795630b3fa049d2569f91bc817a2ccf0e35f4d48d252bcba29f05e83e156578a75c66acf2475c1b1a96f370204e1d09ea8d4af89a80530889b48a7deaa95da9ab52bbb30b087dd7d208021290378c43905f3299641720759266a7e02fd9ee3e1112b0d3eb191f6b27d34dd5620f4306b53e8216b8d308de93e26aeb5d2b7eb29270f8deb7da873be3a7ab909e7ce7952d5b0a24587076a0b4a31bb76ee6fa94dcb091c2e0ec368e0203d56abd96a2c9a42b756273a335e789dd186950936f9990f0a080c399889c3f4f3a59d3bba44147f239030260cfebea4d52850d5bd4816dfd606ae00495686825e4117cabd97b6d4161c7a38a03236849fc05aeaeb92dbe7fd0b0c1d9120be0f675f67b9964ea3510877c65ae321ba5446c3df3941eec765b8470ab3a028ff9f1303aa3078dd26f3c7bbfa34faf8eccf55ff94c37b0615e1f180cd645742f14e2825d2ff52d88897c26cc727e9231a1706d8863b4b6498d2870b8072429fcb9cec2d495329a8461b96737eaca6b9a721c1d70d33ea3530f8450c6c0ae613339e4c96bfddb69b1404303d9b821eeeb44ad8fd97483bfcb714b64ee945f911f2a4d2ae5a552239555a53a0abb02f610ec58c0864d92bd8cc99c7222515e44b69976ea6677aad49e0658ac2e32c12871a967d057d5b217b24464d28a316d264a6c6d69b0c57b9b83cb27f01665a30960bf7f2b80473bfccf9caf8ba89bba755f89ab53618dd12835db968b557b793ce3c17cb91b7a1c775c48157a06a6dda23a4a65be61d98ef7862551e925de59d2a917682a56baeb357c7e6b7a3fd0132f22b6366e5f6c40008519b056e9c08b7103b1a61ddec0ea0ee51dfc77566ccc50e8d1332cfef28083c48f81fcfddd22efdc8bcfa6f0ea0abb41e0d856598f46e57631659c3dbef0489dd05a7cfb4723b6eae7b462a4054b7505140c060ee225f9c0f356b0100100d7502aa3e4d905c4c53385c22d4abf838044a816791513da7e1df43a2e2295809962bb5bb32af55a2ce89904624791e66d771f0f276408b9fd1c1955086ed4cd57350d4e893b0aa80ddafd8814c8a7b01068445cfae0f29c310b7484e9e926ea05a0eb1211ff4bc1920f3c9214b404fd7ac9368c275eef04157c330bd68cd72e6dbf5e81288c7776b98c879cfabbbdae00558385ccc93a63b24acf0b8996f2846692cde0331db9d336876cb23c1d0e157dbf04fa7128b2d287620a37ac897835c433f59568dd04aed7f62d4d711083116d0a1003f2a837dfa2e9ddcbfa49f877dd1a7e5c8809a92ec5b26b815ed8757f5196acf8574330bb52cbcd7a1182a932d40e813ad8788d7467ab3160ef23d4c75a64789b5bebfd3fb18ef25896c27d5a07e1fe1f4e63ef7f74f02a11ab015138d3a8f71c1283d9569d56cd626050230ba7bdca12d8df85e7a541b9a92e7cf28488d880722d2d9aabc73828186dba1adb55661d7e57b5f3e8bd2d54351b377bd466df3d5d34634d90883b8627088c6ee99b7111d2ba5a101775cee41363bc4eeed0a214310b59f9adc125f9e15dc0275931db8d839c227c33d471c9fa8bc0d2ef4403424988ced83f32c032c023c9fe365b5955805feca1ffc658dec35326a5ef921c596fac1fbaa6e9126bdbaf5a9f8aa7825c0939d0f20a78ca51f812a5353df45b85e89c681cc8518bf8d9e0cb1876047b4703e217deb1cf0471eb58d27cb817e20af8913534de5d38ee5e5fd1b4688bd9e67599291eed0c4d4ea94980dd389be8ca4478cdaac4f5b665b65f69f1a9d6b403640769b79041851b201675ab9810cbb9c011bb058fa898a879c93f8dc9e4a37c654b22e26fef4cfa55531d4dab100d7c86837b806206b1577257a0b81547222af08829cd6a79213fe86e9a72dc60aa704946b3141d238f13ec723879a623ede0ad6c15f1f788beae1ea9f58037b1762878648ecead3f48f6b3d3b2aad8803f155448d4906a3e6f52478438b7690f81d57cef4ee0b77c0954b5402a45039ef09d71fc2396743360bf56875cf8afd02b0828d26434b44547c5db9f1539abd0b23bb906563b535fbe3e24e6fed096350975c82c94fa6613c94c2e74c11830ec0d8763d595e41cd47a866f7ed2f31162abede91dc108c1d6ea0938e341f8ba430a45425e11fc70876137b49ed4e9533073ac6ab748250a5c1f0f2ca2cfa87fa691f682489f3f7d3ad9f987ad9df6d82e5d4ec851385293eee1a59117d067558d0e1ccafa62fb056230c30283b8e98bce3e3e3d7461806ac14683a03881a62a8a2abd5928cc9ab96edd38326964cd027ea4500ddb06b1b92fa0d70bd8c4c0d59ddee4802e58777bda837e11eb5f9711a7cd9c49c7966518a5c4865ad3e31242ea11548fd70f566676501cb8619f1925a5b321a8dbe5c1579a3d420d16beb62a7b5daea44b4e9809260f42519c62048daf230bb487de856e13928e51fed5352bef8a99c5a4ce94c0bef29c9f451aa0aa5d457d3373804ccd3f305625ba1e5d9aa3ceb517ba1fcb819c28e21bee288fed05c8f2d1aa6aea4dfc703b287fb74afdce87778e7285f9e40eddfa580f2f77c051a19a97c78d7d8cb61938596951f682b214c2d7f170256ee13d8aef11f508f34e57529588a537f0bbc7f7227c7552c03fc1a245a72bf1c1efdc66aa15e429b6e633eadf143e5c33520756f161e73ea1b5fb099b30bd66910629f62a29166fe0e31a65780baeca8e3d2205d5c29364de43d2be14739500ee49e5acf4f546bf72fd6a6aab42fb1c79f58a3c9ef0eb453d0396609dbedded4a16384bfbf296e677a0a3d6132309fbc7522cb31614473a94bcb47744991848c3cd75ea029aa64e34adc5078914958600ca13a7dcc99a2e4f9afac7795709f4703dee96ed82b2be3dc5bbe7877beec410d95204713127c450af3181f927e5ce3a0c3aa51227504d8ff7444fa4237cfc0dbd5afc6f19176063cde915602dab9a42073c78b73c5c63693e9ffde0a90a31fc58ea767e311aaf4c0d8399b0b77525bf51f38c95f755d89343dc2c698dcc265dd0fef91979be53d058ecc6336e43ab871d5b9ef49f68cf5d0ef4c36ad383514572abbb0dfa806bfcff0fd55feb06a42ccef024899ebc1f231c82103275f3ffc224dd85e5769b7139adbab38367dda48b572dcca5f3cdfdc3d163943b9460971ceaed3414c0c37c84469533f46baa85c65ad03e9e75ab68e262490e4eeafe30fe8853c0bde5acf928560254ee886b0bfc50e6dc197be2bfd3f2bc93936f18618ebd8febbd9c38ed399b745032d613f7fa101bb390d335a56373aaf609d7bd53d1cc8a9c93f75c7c3d1a9109f462b83daaf049ea4189b9c1bdb94b1c88e06a78c9825d5232d599f71727e3b7a7f0748bde253b066496b107b5150055441b91c3222f8d1c0c4d3243972acb6aaeef77b0352bcb470838e17eb581e3748db0ebd0619055a4f85695fb7171d1dcb4eb08f24282fd9add02f383aa4441956e0512f76fe4c612910ee17c5ef4cec7b75e77c5ef9e9b77abc9a052577d9889d7c1c4110682be1f3e8d226fa3beeb0ed4f8fb019d46d1175d3b30a45faeac0d3fa32628b2f850a60121da89acc5106d71d3ebec7ad43548c604a52fe682b0ada7d9a4e4f1869d75ccf4c11fb36a535a52714c6277b6f98bee5482a08ddd6187833cc1eb5a26d331c7e81dda6227faff8f1210712147a68d273a35812a02121a2e99e8c907cea826b3dbb7f96ca870b46382e4eab6b8294ae4e593c7ccc31f6b3396b485553029ac378c6b01a6e697098d39d9cbcf5cc4af335c8ab24adb6a6f8e1beb857d80283a502f99554c9e975392395b2dd79e191cd154c9ff2a116fb275bf2cf54b2d097bcbf7a24f913dee024cd32ac25953615c09f6d784b03b2128458384c596de97a4e16a2d80bb3433cbf81b7d4b3e5221b2aea75c8f6ea87255e2585a40744901ef01eda73d935f83fbe8465752e7b31cda44bd410da62ed552e375d3be01586a1acf6175eedd91464415758e204c1f5343798ae284f1170e9eeec308694d64fb1e4ca1c106e7230165f32dc298362a6571a77351003cbb2639da8d530f0975186472d4336de72c6700928995e529fe9ab1a2968b8bfc294c14138bf463983693d6d72dd2cd6331234241479ebe9570e3ca8f7d21ce8551ec90d13a8dbb9849f958a69fd8c7dcdbe56ec246598675c77a79c419e1570e87bb20440cb214b034f05be26b4bd1271dd917a2fa4afb2a76236e127cff57549193322deea64ce1e66f6d994c3a6eaf7b95c017cd33b9f162159fedd2e8d3029eb8c18cd3ebdeeb93f71a093492ddf130753730eb5a9cc371e3def205715181e4f4e2010b4dc737add5bdd92629a00264f68cb15b3bc34c9cd005e46fc3dd5c662b1e05d99684b2fa2e81c0abfa9643ec25d387d9c", 0x1000, r4)

17.363666759s ago: executing program 33 (id=1863):
r0 = io_uring_setup(0x800253c, &(0x7f0000000000)={0x0, 0xfe50, 0x20, 0x3, 0x2})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESDEC=r1])
close_range(r0, 0xffffffffffffffff, 0x0)
openat$urandom(0xffffff9c, &(0x7f0000000200), 0x410401, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2719, &(0x7f0000019580)=""/102389, &(0x7f0000000440)=0x18ff5)
r4 = add_key$keyring(&(0x7f0000000080), &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
syz_open_dev$sg(0x0, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
mkdirat(r2, 0x0, 0x1a2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r5, 0xc0bc5310, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r6, &(0x7f00000000c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x94}, 0xe)
getsockopt$bt_l2cap_L2CAP_LM(r6, 0x112, 0x4, 0x0, &(0x7f0000000080))
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e30800200000002d190c937dc6914243b0402d6dcb7154fe6727ae888746b024ee670a5882a0ad79716584e5704b7f62edac751478af9c62f000000000000", 0x40, r4)
add_key(&(0x7f00000000c0)='rxrpc_s\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000480)="c86b5ad111b6a06abdfe49748c8e24448b42066c04c7f44bb1ce06dde4ff83c359786301302476420e0e428f690f40cbdd5c07a314d9622bebe72fef79fac809e5905f1bf87fd86029d093031673506ce2d6fb442a822f95d53937526fbffb473b3d2ad0b621f5bb0b17cf87c7514fb2a962ef255d00bd5aa9e1e5d7aa0a5e8c3ec771b8d9263bdd641437f3735afd730ddb28b835820674e9558143e70e2254f4044b25da78eda55298f8bd7e378256cbcdd687f016043995f2eb9a0b3e08a4b78210f33d3ae934994327f2d2c6cf5850148deb1352ef15e9cabf8130336f5a0577af9457a1b286d03b8bddd25dd62b2d585fbb1d3e51c9cd74a7bdae97643cf6c8e7b7091b3ad47765f927bcb8cee22f77108b1357982ba5290dbfcda4683e2705c6c3d6c738ec65bb20e6080f65db5009d311d75665cfd7c28ef4440c279344052e1e7fbb9434fda954b8d64863f15b8a4d769821af4b79e567d47a152642e233701d770abc684d27ea127ef235a732a6b9f8a5eccebc81e2c03cbaa8f78bb5c6bafbe0b9fd2b1cbd1e8b055e6c643049dd0352bd81bfc9be61b0f3d566d4229683ba912fb8a2f3cf3983b3b5d103e127827a47ddda3f958b809a85e5d8b566b6a32b07e71be1e67a81ff04ad478000b61a017490df8ef8ea55e60219e54822e622609f3f251a8fe4fdd606861429c170c6cd53e54be9e681d5f6bb6c15d0707881f4845ff289b244288ba268d0147f8fe363bcb0d288e63b7fa7d0a63356410296c61c09e70b226372df7671763f2a8b814cde4db7d64ce112630906a0acb22a8e19563e64523c4935638f60a96278f525327a9cf8f4c93537559332f52c5cb65c5e2c398c6d49c35af3629f59b285e89f75e46c566e365305cf1102b58f2095a7e91c1c2fdccac4712a4cfa74d4e7bc6aced543e4e9134bad9786ce6851f49065d5832b1dab8f5cc17724444249ab1ddbae3cc1c58ddc2a21a843aefd0c400bf7389b3d99e657651247ecd498811856db012cc442c5c3cb512b0962398547716ef428b06e44a330ddc941008cf2244b9f58e3a5b40e701127e4e428da082d0d96a046418b9e82de3f532d3dc2e09e47ff720a8898877c9ede34caab0d87968f82219ea5e56ccb0d2e516d9ffe846acfeea9180b1ed1d5e1e5a313e6cb7bb7da1fd9ee90d38812d8bee5c0df32cd0512e5ab57a80831c6e307e4fbf49c9f2a5fac2f4db570705ac25cf40e611424a36c416fb5c564319657822798cadd81b74bab763d1c59bb29573a0ddf76de0698f3a77f4082ec069f59b8b536738eb9da16dbea896977e292680483dfeac0c4dc4106fdf732769790f7303c8d4b86247d1b3b52b9f92913b4c73ca09b795630b3fa049d2569f91bc817a2ccf0e35f4d48d252bcba29f05e83e156578a75c66acf2475c1b1a96f370204e1d09ea8d4af89a80530889b48a7deaa95da9ab52bbb30b087dd7d208021290378c43905f3299641720759266a7e02fd9ee3e1112b0d3eb191f6b27d34dd5620f4306b53e8216b8d308de93e26aeb5d2b7eb29270f8deb7da873be3a7ab909e7ce7952d5b0a24587076a0b4a31bb76ee6fa94dcb091c2e0ec368e0203d56abd96a2c9a42b756273a335e789dd186950936f9990f0a080c399889c3f4f3a59d3bba44147f239030260cfebea4d52850d5bd4816dfd606ae00495686825e4117cabd97b6d4161c7a38a03236849fc05aeaeb92dbe7fd0b0c1d9120be0f675f67b9964ea3510877c65ae321ba5446c3df3941eec765b8470ab3a028ff9f1303aa3078dd26f3c7bbfa34faf8eccf55ff94c37b0615e1f180cd645742f14e2825d2ff52d88897c26cc727e9231a1706d8863b4b6498d2870b8072429fcb9cec2d495329a8461b96737eaca6b9a721c1d70d33ea3530f8450c6c0ae613339e4c96bfddb69b1404303d9b821eeeb44ad8fd97483bfcb714b64ee945f911f2a4d2ae5a552239555a53a0abb02f610ec58c0864d92bd8cc99c7222515e44b69976ea6677aad49e0658ac2e32c12871a967d057d5b217b24464d28a316d264a6c6d69b0c57b9b83cb27f01665a30960bf7f2b80473bfccf9caf8ba89bba755f89ab53618dd12835db968b557b793ce3c17cb91b7a1c775c48157a06a6dda23a4a65be61d98ef7862551e925de59d2a917682a56baeb357c7e6b7a3fd0132f22b6366e5f6c40008519b056e9c08b7103b1a61ddec0ea0ee51dfc77566ccc50e8d1332cfef28083c48f81fcfddd22efdc8bcfa6f0ea0abb41e0d856598f46e57631659c3dbef0489dd05a7cfb4723b6eae7b462a4054b7505140c060ee225f9c0f356b0100100d7502aa3e4d905c4c53385c22d4abf838044a816791513da7e1df43a2e2295809962bb5bb32af55a2ce89904624791e66d771f0f276408b9fd1c1955086ed4cd57350d4e893b0aa80ddafd8814c8a7b01068445cfae0f29c310b7484e9e926ea05a0eb1211ff4bc1920f3c9214b404fd7ac9368c275eef04157c330bd68cd72e6dbf5e81288c7776b98c879cfabbbdae00558385ccc93a63b24acf0b8996f2846692cde0331db9d336876cb23c1d0e157dbf04fa7128b2d287620a37ac897835c433f59568dd04aed7f62d4d711083116d0a1003f2a837dfa2e9ddcbfa49f877dd1a7e5c8809a92ec5b26b815ed8757f5196acf8574330bb52cbcd7a1182a932d40e813ad8788d7467ab3160ef23d4c75a64789b5bebfd3fb18ef25896c27d5a07e1fe1f4e63ef7f74f02a11ab015138d3a8f71c1283d9569d56cd626050230ba7bdca12d8df85e7a541b9a92e7cf28488d880722d2d9aabc73828186dba1adb55661d7e57b5f3e8bd2d54351b377bd466df3d5d34634d90883b8627088c6ee99b7111d2ba5a101775cee41363bc4eeed0a214310b59f9adc125f9e15dc0275931db8d839c227c33d471c9fa8bc0d2ef4403424988ced83f32c032c023c9fe365b5955805feca1ffc658dec35326a5ef921c596fac1fbaa6e9126bdbaf5a9f8aa7825c0939d0f20a78ca51f812a5353df45b85e89c681cc8518bf8d9e0cb1876047b4703e217deb1cf0471eb58d27cb817e20af8913534de5d38ee5e5fd1b4688bd9e67599291eed0c4d4ea94980dd389be8ca4478cdaac4f5b665b65f69f1a9d6b403640769b79041851b201675ab9810cbb9c011bb058fa898a879c93f8dc9e4a37c654b22e26fef4cfa55531d4dab100d7c86837b806206b1577257a0b81547222af08829cd6a79213fe86e9a72dc60aa704946b3141d238f13ec723879a623ede0ad6c15f1f788beae1ea9f58037b1762878648ecead3f48f6b3d3b2aad8803f155448d4906a3e6f52478438b7690f81d57cef4ee0b77c0954b5402a45039ef09d71fc2396743360bf56875cf8afd02b0828d26434b44547c5db9f1539abd0b23bb906563b535fbe3e24e6fed096350975c82c94fa6613c94c2e74c11830ec0d8763d595e41cd47a866f7ed2f31162abede91dc108c1d6ea0938e341f8ba430a45425e11fc70876137b49ed4e9533073ac6ab748250a5c1f0f2ca2cfa87fa691f682489f3f7d3ad9f987ad9df6d82e5d4ec851385293eee1a59117d067558d0e1ccafa62fb056230c30283b8e98bce3e3e3d7461806ac14683a03881a62a8a2abd5928cc9ab96edd38326964cd027ea4500ddb06b1b92fa0d70bd8c4c0d59ddee4802e58777bda837e11eb5f9711a7cd9c49c7966518a5c4865ad3e31242ea11548fd70f566676501cb8619f1925a5b321a8dbe5c1579a3d420d16beb62a7b5daea44b4e9809260f42519c62048daf230bb487de856e13928e51fed5352bef8a99c5a4ce94c0bef29c9f451aa0aa5d457d3373804ccd3f305625ba1e5d9aa3ceb517ba1fcb819c28e21bee288fed05c8f2d1aa6aea4dfc703b287fb74afdce87778e7285f9e40eddfa580f2f77c051a19a97c78d7d8cb61938596951f682b214c2d7f170256ee13d8aef11f508f34e57529588a537f0bbc7f7227c7552c03fc1a245a72bf1c1efdc66aa15e429b6e633eadf143e5c33520756f161e73ea1b5fb099b30bd66910629f62a29166fe0e31a65780baeca8e3d2205d5c29364de43d2be14739500ee49e5acf4f546bf72fd6a6aab42fb1c79f58a3c9ef0eb453d0396609dbedded4a16384bfbf296e677a0a3d6132309fbc7522cb31614473a94bcb47744991848c3cd75ea029aa64e34adc5078914958600ca13a7dcc99a2e4f9afac7795709f4703dee96ed82b2be3dc5bbe7877beec410d95204713127c450af3181f927e5ce3a0c3aa51227504d8ff7444fa4237cfc0dbd5afc6f19176063cde915602dab9a42073c78b73c5c63693e9ffde0a90a31fc58ea767e311aaf4c0d8399b0b77525bf51f38c95f755d89343dc2c698dcc265dd0fef91979be53d058ecc6336e43ab871d5b9ef49f68cf5d0ef4c36ad383514572abbb0dfa806bfcff0fd55feb06a42ccef024899ebc1f231c82103275f3ffc224dd85e5769b7139adbab38367dda48b572dcca5f3cdfdc3d163943b9460971ceaed3414c0c37c84469533f46baa85c65ad03e9e75ab68e262490e4eeafe30fe8853c0bde5acf928560254ee886b0bfc50e6dc197be2bfd3f2bc93936f18618ebd8febbd9c38ed399b745032d613f7fa101bb390d335a56373aaf609d7bd53d1cc8a9c93f75c7c3d1a9109f462b83daaf049ea4189b9c1bdb94b1c88e06a78c9825d5232d599f71727e3b7a7f0748bde253b066496b107b5150055441b91c3222f8d1c0c4d3243972acb6aaeef77b0352bcb470838e17eb581e3748db0ebd0619055a4f85695fb7171d1dcb4eb08f24282fd9add02f383aa4441956e0512f76fe4c612910ee17c5ef4cec7b75e77c5ef9e9b77abc9a052577d9889d7c1c4110682be1f3e8d226fa3beeb0ed4f8fb019d46d1175d3b30a45faeac0d3fa32628b2f850a60121da89acc5106d71d3ebec7ad43548c604a52fe682b0ada7d9a4e4f1869d75ccf4c11fb36a535a52714c6277b6f98bee5482a08ddd6187833cc1eb5a26d331c7e81dda6227faff8f1210712147a68d273a35812a02121a2e99e8c907cea826b3dbb7f96ca870b46382e4eab6b8294ae4e593c7ccc31f6b3396b485553029ac378c6b01a6e697098d39d9cbcf5cc4af335c8ab24adb6a6f8e1beb857d80283a502f99554c9e975392395b2dd79e191cd154c9ff2a116fb275bf2cf54b2d097bcbf7a24f913dee024cd32ac25953615c09f6d784b03b2128458384c596de97a4e16a2d80bb3433cbf81b7d4b3e5221b2aea75c8f6ea87255e2585a40744901ef01eda73d935f83fbe8465752e7b31cda44bd410da62ed552e375d3be01586a1acf6175eedd91464415758e204c1f5343798ae284f1170e9eeec308694d64fb1e4ca1c106e7230165f32dc298362a6571a77351003cbb2639da8d530f0975186472d4336de72c6700928995e529fe9ab1a2968b8bfc294c14138bf463983693d6d72dd2cd6331234241479ebe9570e3ca8f7d21ce8551ec90d13a8dbb9849f958a69fd8c7dcdbe56ec246598675c77a79c419e1570e87bb20440cb214b034f05be26b4bd1271dd917a2fa4afb2a76236e127cff57549193322deea64ce1e66f6d994c3a6eaf7b95c017cd33b9f162159fedd2e8d3029eb8c18cd3ebdeeb93f71a093492ddf130753730eb5a9cc371e3def205715181e4f4e2010b4dc737add5bdd92629a00264f68cb15b3bc34c9cd005e46fc3dd5c662b1e05d99684b2fa2e81c0abfa9643ec25d387d9c", 0x1000, r4)

1.389831903s ago: executing program 2 (id=2136):
openat$nvme_fabrics(0xffffff9c, &(0x7f0000001180), 0x1040, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003200)=@newtaction={0x1104, 0x30, 0x1, 0x0, 0x0, {}, [{0x10f0, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_vlan={0x10c0, 0x14, 0x0, 0x0, {{0x9}, {0x94, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x6, 0x7, 0x3}, 0x1}}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x5, 0x400, 0x2, 0xff, 0xde}, 0x1}}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x2, 0x394, 0x0, 0x5}, 0x1}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0xfffffff7, 0x1, 0xffffffffffffffff, 0xad4d, 0x8}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}]}, {0x1004, 0x6, "08de8d70ad81b5e9f7bbbeaff82d949100eda7dd007f32d43c8cb684fe9d4bc90a189eab2286fce1de550fea6fb9d72ac280bfcde3259e3b00f3fdc38075e03666a08617c70b8138999ed54949cf212f8ed23848c691ba3792de98a45a81303a8cc240dba3d5bb6505c6543047854291f8b64c50288401fe719039becb931a78ede42748d80c2e47a48c2c06f6374317c31fe03af5caf1794d82d80bfd738e77d5bc91d0e83d894b818b6566f3f6abb7c72eb89489498b843e811e6b498a3fd70632efe3d91486f923ba2cf4e39d85cd3d347ced6863e1734448ba12cdccd8755db374ff359e3b0f68248b61c5096f9042be61336604334f2f7b2c2d54f1e7bb95c7d39fc4e42ee291fb4cc3bff05abca60c5ea77329dfedcd32fa51ac0624447071bb25379ab247490e26c15fbeaf9f1b505ac8878e913646ba3abd869d3005c0f5ce9e60032fcf83ef0fbea623bd2255c7d01297c2dfa792958fea45dfd99c9e02f07f81175f9f927fed1df4f24c7b345abe17aee51bb925e0978da1c9e55288a4e64bed4cb48231aa978c74f0c8aa428273b3101af29d2a43cb7569a364f4e495b01f63e09e5f28d5648ae3edb1c0c032b86b611870bb8453c43a023be697283b5979e2c2a7805f9bddeedd603e7085a127941dd92fd6d08bc7dff09d66d5030a59e605c7b9b8ee839b010a69fa4d259bbb60aa90ecfe028ca1c4883be0ebb5b829793c89634c71f8c165e1163db5cdf47b8e0fec7594327e79307bb70c89ce0838392b3f40259d5976d27c204cc1f4fdb01872752b8aaf0c16030317cd74a774ca1465deeed84091390c4b2fcfc690c91983d40688d54acb398def811fc601e2387e934cacd66251448718da70d98946dff1ffb3ec9b2c4903ecbb3fbb5793d306e09daac7fa0f35ca064678f3a8d24871ca718c88b4762e6d180255262f4bc8993bbe91528b3b008c15458ad2f2c61cde77b01d17303dc079bf0c13273d82000d5c411d7e7581d9830cc044ccdf4d748b81fde3c11911985aa982f7d92b55adeaffa14c20d362fc92bd1733b429f5e3444fb0f741063ac78f997499e1cf0ab66ca49e34dc6e8a67f294ba34f2a71a6d4db3c3c70ea2cd8f630bef20ee44e7bdd854a296e5984f5e725dcd018549bd4bf5a19c0cb2856e576c449f5596aa7469fce6b7ad8593af3a6ddc0d73a70f3308a83018992e1e536dbf8efd33ea658e6469de6802e81ad0978ef87e493ec5d25f89aca7733a79095da2f18e3c1ee14b456b168bb1fb36a9520a62aa6bded7a7ee9b8d6f2fe10db549f251a4777eb49da1e7d2cea05b0ba486ec133cbf777bf71bda31fd9d39e421caebd2f41f2671f5b79c5f8f0fbca9af2bde6eb1588e5c984117bc415cd6a355186625d6a596558334c079ceb165f2c3a825cf994aa21badc960fa1994e94b172e72fb617b2899bfa603a82f4e5669dc9f517386255aa101c321cdbd0eef61c14fa2f4d0a1cb1ae274e72f766b486d3eab7e416c2e9173e60e52f52ed26cb524163e63fb33d688541732fb6956c5a009095877ad99a3bc4630caa676a3ac881f51fef618ed5f5dc85c81e5ba7ce59f1615d2a0a43be8b85909f278cadd971b984ac70ab08ad20dce0b99b5ebe798d7d37f301f12dafe13defb5ede8cb73caa42c0560e7977df854b7202016b5d07229eef563d80733e0e7eb624bcd85676a6d7dd13dc955b86785e30996e7ea9749c35665203ad65f9afb7d4a89c137babe8f3b21799ae6db0222f9e22b5670857e5d8201fac9eca4d699df5fe31055766dc2031c12724c07aede447041f8c6c20244ba343b885346eefb59d1eb3c5477e942a565e5e86ad63dda10f1f62ea3b83713a445b62389c80198f6ef5e41237845905985400394559e720d00ef3414fa6cfb2b6d45697b05dcc6c9866e2f2aa5d006898a2cd108e69ad72b2d468da521136f012e6b92a0a9579cb151045acc81eb22f7a20c2c19280cf75315e950fb076e77a0ba7940b36d49059c4ac36c19d6c072f3fc4d075a985737ddae1158b114bece5af9d63812187128ef4a31b9a9a7c5a8f5d7d53706bd9cc73e7948dbfc170463d66d69125d42158d8e8dc40e2b8237dfad857e040cc4644f423eb334e0fb2553bfd15c2058c445710ca2c91e449150d2fca71c3231c7eea0a85c8cdd261620a620d45fde69b3c7209bf7902bdc55141ee367638d8aba563a652fdadc382f12dbf08c410b71509fc1eb9cb60bfc1ded98aa06a3207cef1044d4fe7c496782948022a67ee4bdb6107b081ca28872a9abdfd25b136d1bf491d736f41963149143a9fba0b28f26a306a7194809277cab3d3859207b65af62578edb24586b0f5355d5eadbb8cf0520666dec8278c677b669bfeb86ea3c7e2be28a78bbf158c873e751088b672691865cba3478157b938996b3ee3a6b551e07e4f6f10d95d987f39926f61fe228f592433d666605f6a56dd09900570861cf8e2ef64719dc7287b90f6fd2bf869ba3edf2440520177eb8bb9f415910c8e39e41290ca13cb98efeb6bb4fc8508f237612bfda02f41a123480839e876e9da596c149aa3a22df7ac316287a7403a239dd15b5d384eef10296f6be4e0d7a2727d6737389b416f336817a7b6f9a94c08fc54388ffa4c81ed1bfd554a79c4518cafc5c9454fb5a05694a74fe66141de376a3fafffba912307deafdd3e90fd1892d65647d17990f76acdfb3ced18e1f54052db0fb5e6e39658bd354f3af6b3adf5d24a3a2736ecbb68dc0d4b1951d30e055325af2bc10e6eb2c0ea87a60eb355c700d3c6d87d78b05caacb6e897d249dd0c0e6594a647f558625b732690d9024c0b40f289a6535fb6f10e13e571438997cbcf0883bb411a75f649582bf36c1fb6e123fb15cfe22688d8936789fa4b3f48db0c1f7a1856d2f66326c46fa1279d9785d102e9ee435bc0063948f469fbe080eaf7ac5ec827fe310b0cfaf5d60fe217aefe315508123823d1fdbc4a6e2f599a7ffc2bf4803c7d3537c7e24d6806b6d70247b3f4214c219534e7e08b857bec13827eb38d205c8b85d1ce5e93e1cd779b6e310a35651b73fe78acfdd9d47550ecfa7df52668b45f1b72cabd4c68d8213fc0e44df5d05cea72dd0e77d51655ea2f8d13452eaa80114439376cb493f0309e0c59c42229b02a59ffbd42426601adc4731303d376cfd0a27265d9ef41c84daf7c7e65f47fcaa05067b5a149116c81c1412bb7507628cc263eb767c3c1082db615f7b182fc7732734e6a30b9347ec336586780b55a4807a21c523a1b6834a68466e2f1067b15ecac7e66cfeb65c109b68d28143040444952757409d204b10452406916a2a5d20470c8b40c6ac885868dcb8cf0856a3829b6dc9d9d0d938ee84d38b1253895ccf60c23fe832205c885da4d24f78e07155633d9c56b8f02e40991ba53c86db7533c0648f7f6c907f56fa17873e6edba541c86956f5b4bd74e9c88c36df18eda7fa795aced362ce6fda8a105146d3d9aa86bbc32a2631f615b7ea51be9a79a1a04957a9ebe35c2c8a1d3a7420749bfdb3be09834ed813b52478acb29e7902b7c76468d822624bb6d611c42dd3d69b462a9302c33bca950a44c4bdef5f4de2abf41df59e71368fcd0f1e882f870ea7da3d3525e71f6d4919469cb334384d5088cd54dc24ec34ad1edb201b292dc87975e706e5f07f19d60b4681d05077fa1ba83900b4a5089597b158e58d02158ecd1e3b057faba10dfffc6e83c77a1c692c07780b0f25a44178748c2d7c349483b3d8f68c35922e86e3459a3501bbb500ee5d162e56c6d22b9c57af374f48956b28095b584370343edccc8fa0d0eafb9d8fefff277ee8451a9c96b20d90c84ff5281bb47a4ef5d8f2aae33adc4bae8b9189e79cc3da0a4133de89b4d7ef123cf76c7e6a58a7748fd421790304d41d85c3cbedb5f3a693532c755a0b32485492f0e08efdb81b9483f729d938ea0ed371b234a114d2c0d2aab81cfb69e7bc8f23b1388aad096189143c7fced119ff4dcbc93042dce2d421bc4394aa3422e4e5657684bc86d87c03828a29c9a3b617e20f8c0f751fed0c604b93aaecd46395e30bec027d35fc639f1b84d2a7343447ec7e2ebe9492623a654eaca047e9a2e94df227bed087f22dd54845f8fbbff573ea64a4eb6537c0531cff2d3c3f55369dd33df905f3a2ab55ad07704be868f55c56da00958629a264ceb1fbeb6425f77c89b903f432729b9547c115f4d58537e11cdba27e84eb143d8edd0b13066c97811dfe0371fb3d00017661f9230cca4df2954ec3d2e2b12bbd36f3fc65a0d0fe1c5c5cf39f702e7d5cfc8907e9ea44d4bf7f33aadd88887613e967e5c598b3c2fa5f1a448cde27d095ebf9dcae32b253387b299d53d8d404b24c6c71680aec0b8e1fc267c6e401e66623f9d0f9b923e0d5825f682e4c20eeb09f66cd41ffdb68e3eab9abd23a0921b0482be09eefb19252f531ee98f69b2a9ad5d5ab52e2c6bc63cefa2508fcc9b84a5ad398c6e7e49cd7219a43af8c2563161909f664d31bda1ea0b3dd1ad26c1cb0d335d53983c0268615ce59a13ff356505e439e22a4cdf5f871e5a71fd18ca84e06dcb0f75ae8ec7298f3e50b6c3d81c039893a8a8102016b75a08f7b751121a76c15c150ae3c6d53361eed60872993c7d4a2fd51d3441995880177cc2e3af59bf275cfc8f440a1e917faebe39e97ad65a217269e9cf8d59d0e745cc69203d76cebdc12c8ff75fe7185f1a42c28a202dad71ed765620aa2657572961cbd317b7941208deb6c0ec12913e38d557bd7a77ab94f6f2b05ec6b3567733ff62b053c8234968fa679e9e93c559ded4ce70cc9f45b0048dc07d66e2176a6697845fffcb3af11547a24fcc5092f972a68e4df9dd9079e6742fa0ac9823c971f003664a26699a432bf088933bd2e2dc25339bf797dfb67dfc20ee6560a9202d1d7d73b57f56ce3154656d914e1769fa33bb134c70e9cb37cf8e1fcd13a65bfb1b6925e6a57097f8135497775ecd01a8bf5b336643da79a5100a6e4da41902f24e002337f41ce44eee6bac8a06f708996fdf5d09fc34ced6134eeecbd2aa21bee1d553a2df527b70cfb23d3d9f178b0f3e1b1a740664af7f0193597f61c7088629f6929a3793cd142e42faffc38b4384578cee9efb16c3d862ebb6b2a1d860682fd83f934a403c139596fd9abea691250c87fa21825ea195c275a3ce34957992acc74b7a2b4ed37ae7a8f5b0ee94b13f9424c4ab2481f207a5e672f8ae5cc965e0e69cb45c1d2d7972065dbdf4be1a5c56b21241541cc66e5329a706d1e76d900fd5c5a6fc1a9dc05ce73a1394c3b809ac77201d62dca1835f80c133de2db9ca8a005697f21e1357963dc7ed3f2d5a86f3edbf675846100e355512496169fad355d61cfe738727cd4d4c1cd6bef10ead164d45984dd846c6692b3afc0115517a8688a9e1ea69ffde5bb1cdb5e551d88265b5bd7fb667f61428efe253f4f92082c69f2d34ead7b0b479e55a3eb2c3b5de9eac9fdf0781b39221528494585392b0473b3c384e1273c067a6e5c54421872e92195315fd6bc2a5fd6514476b95fc5d8e2cb560e0302fde25c9c58ad683afbc6536e76927ad3c49d108431c0845ce130b773c8c3f469ad0be66d28599dc859ebdae51145ff1042029c0cd01047be219bf1705da749d85b0d5f1b84adc2bc6426e70a264fcbc1f1b90da4e1c2aff2a4f9e0c76fb5853e1f9259f4d21d6c7a06048d7fa34286bf4977746da500108af4a8a5a37d5d0e2994c0ecdf85e2c44462016e1d"}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x1104}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x4, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(r5)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
fcntl$lock(r6, 0x25, &(0x7f00000010c0)={0x0, 0x2, 0x1, 0x1fe})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$lock(r7, 0x6, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x2})
fcntl$lock(r7, 0x26, &(0x7f00000031c0)={0x1})
preadv(r6, &(0x7f0000000000)=[{&(0x7f0000001100)=""/4104, 0x1008}], 0x1, 0x33, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x30, 0x11, r2, 0x0, &(0x7f0000000bc0)={&(0x7f0000000380)=@xdp, 0x80, 0x0, 0x0, &(0x7f0000000b80)=""/50, 0x32}, 0x0, 0x40002000})

1.296736778s ago: executing program 1 (id=2141):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000001000000000044000220000018000000", @ANYRES32, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000005000006bf0900000000000045090100000003709500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0xffc, &(0x7f0000001e40)=""/4092, 0x40f00, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100, @void, @value}, 0x94)

1.22911543s ago: executing program 1 (id=2142):
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x102})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, 0x0)
mmap(&(0x7f000043d000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x11, r0, 0xe50a5000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = msgget$private(0x0, 0x0)
msgrcv(r4, &(0x7f0000000280)={0x0, ""/55}, 0x3f, 0x0, 0x86b1b18158a7cb82)
connect$inet6(r1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f00000000c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x80000580, 0x800005b0, 0x800005e0], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000000000000000000000000000000000000000000007fffffe0000000000000000000000000000feffffff0000000000000000000000000020000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0xe0)

1.228488906s ago: executing program 5 (id=2143):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000040)="440910bc996c301c8107070400", 0x28)
getsockopt$inet_opts(r0, 0x0, 0x4, 0x0, &(0x7f0000000000))
r1 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
pread64(r1, &(0x7f0000000040)=""/47, 0x2f, 0x3)

1.169625008s ago: executing program 5 (id=2144):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000c64000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09200008000c006400000008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

1.110255367s ago: executing program 5 (id=2146):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x4}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x3c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.109850429s ago: executing program 5 (id=2147):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0xe83, @dev={0xfe, 0x80, '\x00', 0xf}, 0xb}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000005aa4e200e22"], 0x0)

1.048433906s ago: executing program 5 (id=2148):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newtfilter={0x1b7c, 0x2c, 0xb60c2f29b121cbdc, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0xfff7}}, [@TCA_CHAIN={0x8, 0xb, 0x2eaf}, @TCA_RATE={0x6, 0x5, {0x40}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6, 0x5, {0x7, 0x7}}, @filter_kind_options=@f_u32={{0x8}, {0x1b18, 0x2, [@TCA_U32_POLICE={0x1080, 0x6, [@TCA_POLICE_RATE64={0xc, 0x8, 0x17}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x1, 0x1d6480, 0x5, 0x8000000, {0x8f, 0x0, 0xba8, 0xd28, 0x8, 0x6}, {0x40, 0x0, 0x7, 0xbf3, 0x2, 0x9}, 0x8, 0x5, 0x200}}, @TCA_POLICE_RATE={0x404, 0x2, [0x101, 0x2, 0x6, 0x80000001, 0xf0b, 0x4, 0x7, 0x7, 0x48c7, 0x10001, 0x2, 0xffffddea, 0x3, 0xa5c, 0x2, 0x9, 0x2, 0x0, 0xc1e, 0xaf, 0x2, 0x9, 0xfffffffe, 0x9, 0x2, 0x5, 0x7, 0x1, 0x5, 0xf6e9, 0x8, 0x7a, 0xaf, 0x5, 0xfb45, 0x1ff, 0x0, 0xfffff001, 0x2, 0x0, 0x7, 0xa7, 0xc36, 0x4, 0xb5f, 0xffff, 0x80000000, 0x0, 0x7, 0x0, 0x3, 0xcd0c, 0x8, 0x6, 0x1, 0xdf, 0x3, 0x5, 0x871, 0x5, 0x6, 0x81, 0x238, 0x850, 0x1, 0xffffffff, 0x0, 0x8, 0x6, 0x0, 0x10, 0x1, 0x9, 0x9, 0xfffffff9, 0x3, 0x1ff, 0x50000000, 0x7ff, 0x5, 0x7, 0x43, 0x56, 0x3ff, 0x5b, 0x28000, 0x6, 0x7, 0x8, 0x0, 0x6, 0x5, 0xf, 0x3, 0xa2fa, 0x2eb, 0x1, 0x7, 0x81, 0x6, 0x5, 0x40, 0x9, 0x5b, 0x800, 0x7, 0xa7b2, 0xff, 0x5, 0x7, 0x100, 0x2, 0x7, 0x8, 0x101, 0x4, 0xb9, 0xd17f, 0x10000, 0x2, 0x8, 0xc68e, 0x101, 0x6, 0x49, 0x3, 0x0, 0x6, 0x1, 0x3, 0x6, 0xd90, 0x7, 0x5, 0x7, 0x3c8, 0x1, 0x6, 0x8000, 0x8c, 0x51c, 0x6, 0x5, 0x7, 0x6586, 0x8, 0x2, 0x6, 0x100, 0x9, 0x5, 0xe, 0x2, 0x8, 0x2, 0x1, 0x3, 0x421c, 0x3ff, 0xf, 0x6, 0x3, 0x5, 0x4, 0x0, 0x5, 0x0, 0x4192, 0x4, 0x9, 0xf02, 0x1, 0x80, 0x0, 0x8, 0xe7, 0xff, 0x6, 0x2, 0x8, 0x5, 0x10, 0x10, 0x3, 0x3, 0x4, 0x9, 0x4, 0x2, 0x1, 0x401, 0x5, 0x401, 0x3, 0x8, 0xc, 0x5, 0x7ff, 0x7, 0x5, 0x4000, 0x3, 0x7, 0x0, 0x2, 0x0, 0x2b5, 0x3, 0x2, 0x0, 0x7fffffff, 0xfff, 0x2, 0x8, 0x9, 0x0, 0xf, 0x8, 0x6, 0xa793, 0xb, 0x9, 0x1, 0x5, 0x4, 0x2, 0xdd41, 0xcceb, 0x5, 0x51, 0xff, 0x8001, 0xd43, 0x10, 0x4698, 0x8, 0x40000, 0x401, 0x120000, 0xa, 0x1, 0xfffffffd, 0x7, 0x5, 0xac42, 0x2, 0x4acf, 0x9, 0x0, 0x40, 0x4, 0x5, 0x3ff, 0x7, 0x80000001, 0x5]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3, 0x3, 0x2, 0xffff, 0x9, 0x6, 0x8, 0x5, 0xfffffeff, 0x8001, 0x8, 0x3, 0x63df, 0x8, 0x0, 0x31a, 0xfffffff7, 0x2, 0x5, 0xd, 0x6136, 0x4, 0x7, 0x8001, 0x40, 0x2, 0x7607, 0x7, 0x10001, 0x7fffffff, 0x7f, 0x9, 0x90e, 0x3, 0x7, 0xa, 0x0, 0x7, 0xfff, 0xe3, 0xb0, 0x0, 0x5, 0x8, 0xffffffff, 0x2, 0x0, 0x9, 0x5, 0x4, 0x4, 0x80, 0x4, 0x5, 0xffffffff, 0x7, 0xfffffffa, 0x1000, 0x6, 0xf, 0x3, 0xfff, 0x7, 0x800, 0x4, 0xd, 0xa5, 0xfffff49a, 0x5, 0x88c, 0x5, 0xfffffffe, 0x10, 0x7, 0xad4, 0xffffffc0, 0x6, 0x204, 0x80, 0x3, 0x1, 0x1, 0x8, 0x63700, 0x5, 0x6, 0x4, 0x2, 0xff, 0x6, 0x4, 0x8, 0x40, 0xfffffffd, 0x7, 0x5, 0x50abb9a9, 0x2, 0x7, 0xfffffffe, 0x7, 0x2, 0x5d0, 0x9, 0x1, 0xe, 0x5, 0x2, 0x8, 0xfd, 0xfffffffb, 0xc1, 0x6, 0x5, 0x4ea3, 0x4, 0xb, 0x401, 0x2, 0x8, 0xe2b4, 0x800, 0x81, 0xb3, 0x101, 0x2, 0x3ff, 0x9, 0x8, 0xd, 0x7, 0x401, 0x200, 0x36, 0x0, 0x664a5316, 0x35, 0x80000000, 0x2, 0x3, 0x0, 0x7fffffff, 0x5, 0x9, 0x3, 0x0, 0x0, 0xe74, 0x7, 0x6, 0x9, 0x6c8164ca, 0x42e, 0x200, 0x0, 0x80, 0x9, 0x869, 0x7, 0xfff, 0xff, 0x8, 0x27, 0x10, 0x9, 0xda4, 0x7, 0x0, 0x6, 0x8001, 0xb, 0x0, 0x800, 0x19, 0x81, 0x3, 0x1bb, 0x1000, 0x1, 0x100000, 0x6, 0x101, 0x101, 0x1ff, 0x3, 0x9a8e, 0x0, 0x7, 0x9, 0x9, 0x80000000, 0x56a29d19, 0x9, 0x3, 0x5, 0x7f, 0x4, 0x10001, 0x101, 0x1, 0x27, 0x8, 0x9, 0x4, 0x7, 0x1, 0xffff, 0x4, 0x97, 0x8000, 0x1, 0x8, 0x0, 0xe3b1, 0x1, 0xf, 0x6aa186e3, 0x9, 0x0, 0xc000000, 0x3, 0x8001, 0x9, 0x7, 0x80, 0x3e, 0x5, 0x0, 0x9, 0x10000, 0x37, 0x3, 0x5, 0xf31, 0x3, 0x10, 0x10, 0x6, 0xecc6, 0x6, 0x5, 0x7f, 0x80000000, 0x380, 0x9, 0x50, 0x2, 0x200, 0xfffffffe, 0x1000, 0xffffffff, 0x5, 0x5, 0xdd5, 0x2]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x1d78, 0x10, 0x0, 0x7fffffff, 0x1, 0x9, 0x9, 0x6, 0x9, 0x0, 0x1d30, 0x7ff, 0xc5, 0x6, 0x0, 0x3, 0x10001, 0x8, 0x2, 0x4, 0x9, 0xffff0000, 0x1, 0x6, 0xbd, 0x8, 0x401, 0xaa, 0x4e538ed8, 0x8, 0xd27, 0x3, 0xfffff801, 0x47, 0xe0, 0xa0f2, 0x1, 0x2, 0x6, 0x67, 0x8, 0x1, 0x8, 0x1, 0x93, 0x80000001, 0x6, 0x3, 0x0, 0x2, 0x1, 0xdc, 0x1, 0x10000, 0x8001, 0xad, 0x1e000000, 0xfffffff8, 0xfffffff8, 0x856, 0x9f32, 0x80000001, 0x3, 0x7fff, 0x58d0, 0x7, 0xfffffffb, 0x4, 0x10, 0x3f6916e7, 0x1ff, 0x7, 0x401, 0x80000000, 0xfffffff8, 0x3, 0x7d97ab94, 0x37c3, 0x5c5e, 0x8001, 0x1, 0x81, 0xbd, 0x6, 0x8, 0xffff, 0x676f, 0x5, 0x96, 0x5d4, 0x87e, 0x9, 0x2, 0x6, 0x5ac, 0x0, 0x49, 0x4, 0x7, 0x7, 0xd0f, 0x435, 0xff, 0x6c5, 0x8, 0x0, 0xf65, 0x7, 0x1, 0x5, 0xffffff58, 0x595b, 0x134e0, 0xa6, 0xff, 0x508, 0x401, 0x83e, 0x6, 0x7f, 0x3e, 0x5, 0x7, 0x81, 0x0, 0x3ff, 0x6, 0x4, 0x3, 0x1, 0x3ff, 0x1, 0x2, 0x10000, 0x7, 0x7, 0x1ff, 0x2, 0x3a6, 0x3, 0x0, 0x2, 0x8, 0x1, 0x1000, 0x3, 0x2c, 0x28, 0x517, 0xa, 0x80000000, 0xfffffff8, 0x6, 0x80000001, 0x4, 0x3, 0x10, 0x0, 0x7, 0x200, 0x80, 0x8, 0x8, 0x0, 0xfa, 0x8001, 0x6, 0x9, 0x5, 0x12a, 0x6, 0x8, 0x7, 0x8, 0x8, 0x8, 0x2, 0xc5, 0x9, 0x6b07, 0xf, 0x2, 0x6000, 0xaafb, 0x1, 0x1, 0x4, 0x8, 0xff, 0xfffffffe, 0x5, 0x8, 0xf9, 0x5, 0xffffffff, 0x6, 0x9, 0x3, 0x8000, 0x1, 0x9, 0x7, 0x6ca, 0x8, 0x8, 0xfff, 0x2fa10477, 0x5, 0x7f, 0x9, 0x3, 0x3, 0x9, 0xfffffff8, 0x7, 0x9, 0x2, 0x8000, 0xfff, 0xa, 0x3ff, 0xd, 0xfffffff7, 0x8, 0xf, 0x5, 0xfffffffc, 0xd, 0x6, 0x1, 0x1, 0x0, 0x10001, 0x0, 0x8, 0x200, 0x3, 0xc, 0x1000, 0x0, 0x6, 0x6af40, 0x4, 0x5, 0x3, 0x2, 0xfffffc01, 0x3, 0x48a, 0x1, 0x4, 0x290, 0x80000000, 0x4, 0x4]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8}, @TCA_POLICE_RATE={0x404, 0x2, [0x80000000, 0x349, 0x1, 0x602c, 0x5, 0x3, 0x7, 0xa, 0xebcd, 0x8, 0x9, 0x0, 0x1, 0x299, 0x1, 0x10000, 0x81, 0x5d7, 0x4, 0x8, 0x200, 0xfffffff7, 0x15, 0x7, 0x3, 0x0, 0x3ff, 0x100, 0x1, 0x8, 0xfffffff8, 0x9, 0x1ff, 0x200, 0x1, 0x6, 0x3, 0x6, 0x1000200, 0x3ff, 0x4, 0x3, 0x5, 0x251e, 0xb, 0x3ff, 0x2, 0x10, 0x7, 0x5, 0x10000, 0x8001, 0x8, 0x5, 0x7, 0x0, 0x23, 0xfffffffc, 0x2, 0x19, 0x79, 0x3, 0x800, 0x1, 0x4, 0x7, 0x4, 0x6, 0x7, 0x2, 0x7fffffff, 0x9, 0x447, 0x40, 0x10000, 0x9, 0x4, 0x7fff, 0x2, 0x5, 0x9, 0x2, 0x80, 0x8, 0x1, 0xb4f8, 0x6, 0x1, 0xb, 0x3, 0x9, 0x40, 0xf, 0x5, 0x101, 0x6, 0x8, 0x3, 0x9, 0x1000, 0x3, 0x5, 0x101, 0xf9b, 0x7fffffff, 0xef, 0x7, 0x4, 0x0, 0x3ff, 0x4, 0x4, 0xa2b4, 0xf, 0x3, 0x6, 0xa0, 0x41b, 0x3, 0x4fee, 0x3636, 0x0, 0xa5b, 0x6, 0x1c, 0x4, 0x7, 0x2, 0x7f, 0x7ff, 0xff, 0x6, 0x8, 0x10, 0x3ff, 0x7, 0x0, 0x4, 0x7, 0x10001, 0x2, 0x7fffffff, 0x8, 0x2, 0x6, 0xffff, 0x7, 0x7, 0x7fffffff, 0x0, 0x86, 0xffff7fff, 0x6d5d3e3, 0x7, 0x6, 0x8, 0x8, 0xfffffffc, 0x5, 0x2, 0x7, 0x8000, 0x3, 0x3, 0x80, 0x1000, 0xc9, 0x9, 0x3, 0x3e3, 0x7, 0x4, 0x8, 0x7, 0x40, 0x7, 0x3586541e, 0x35, 0xffffffff, 0x2, 0x6, 0x5, 0x1, 0x6c8a, 0x3, 0x6, 0x10001, 0x0, 0x8000, 0x4, 0x2, 0x6, 0x1, 0x0, 0x852, 0x8, 0x312, 0x7ff, 0x9, 0x8, 0x80, 0x7, 0x80000000, 0x5, 0x6a, 0xf82, 0x7fff, 0x4, 0x8, 0x5, 0x25, 0x8000, 0xffff, 0x80, 0x4, 0x3ff, 0x1, 0x1, 0x1, 0xdf, 0x0, 0x5, 0x4, 0x6, 0x8, 0x8, 0x3, 0xa, 0x10000, 0x1d43, 0x2, 0x401, 0xfffffffa, 0xe9, 0x4, 0xa, 0x18a, 0x7f, 0xff, 0x7, 0x7, 0x1, 0x5, 0xa12, 0xff, 0x0, 0x2, 0x1000, 0x5ab, 0xfffffff9, 0x7, 0x3, 0xb, 0x5, 0x4, 0xeb]}]}, @TCA_U32_SEL={0x634, 0x5, {0xd, 0x0, 0x0, 0x1000, 0x0, 0x16, 0x609f, 0x7, [{0x5, 0x7, 0xdb9f, 0xffffffff}, {0x2, 0x5d81, 0x6, 0x7}, {0x7, 0x422b, 0x1, 0x9c3}, {0x0, 0xdf, 0xa, 0x7}, {0x9, 0x3, 0x7, 0x1}, {0x8, 0x6, 0x8, 0xd0e}, {0x1, 0x7b138, 0xe, 0x1d78}, {0x8, 0x2, 0x1ff, 0x10000}, {0xb, 0xbe, 0xb, 0x400}, {0xf, 0x1ff, 0x6, 0x9}, {0x3, 0x4, 0x6, 0x8}, {0x0, 0x5, 0x5e36, 0x7}, {0x2, 0x4, 0x1000, 0x32}, {0x4, 0x101, 0x7c3, 0x8001}, {0xffff2856, 0x5, 0x3a, 0x9}, {0x2, 0x6, 0x8194, 0xca33}, {0x0, 0xe, 0x3, 0x2}, {0x58000, 0x3, 0x200, 0x2}, {0x35b6dc93, 0x1, 0x8, 0x40}, {0x4, 0x10001, 0x7, 0x6}, {0x1, 0x2, 0x5, 0x6}, {0xff, 0xfffffffa, 0xf2de, 0x32}, {0x7, 0x4, 0x6, 0x80}, {0x3, 0x8, 0x9, 0x5}, {0x3, 0x3, 0x9, 0x40}, {0x3, 0x5, 0x5, 0xfffffffb}, {0x7ff, 0x7, 0x3ff, 0x3c}, {0x99, 0x2, 0x2, 0x10000}, {0x8, 0x10, 0x6fc00000, 0x3}, {0x46e3, 0x6, 0x4, 0x8}, {0x5, 0xc, 0xd7e, 0x9}, {0x6e0d, 0x9, 0x7fff, 0x8c63}, {0x7, 0x8f, 0x8, 0x809d}, {0x7, 0x7, 0x2, 0xfffff800}, {0x1, 0xe, 0x9, 0x8}, {0x5, 0x10001, 0x2, 0x18e5}, {0x7, 0xffff, 0x0, 0xff}, {0xa815, 0x5, 0x2, 0x6}, {0x1e, 0x9, 0x444a057e, 0x1}, {0x0, 0x10, 0xfffffffd, 0x7}, {0x6, 0x0, 0x8, 0xda0b}, {0xf21c, 0x7, 0x3ff, 0x9a76}, {0x5, 0x6a9d, 0x0, 0x101}, {0xffffffff, 0x2, 0x8146, 0x590e}, {0x3ff, 0x3, 0x6, 0xfffffff5}, {0xae, 0x3c8b, 0x40, 0x2}, {0x69, 0x46000a75, 0x3, 0x8}, {0x2, 0x2a26, 0x8, 0x8}, {0x1000, 0x4, 0x0, 0x1}, {0x80000001, 0x9, 0x9, 0x8}, {0x2, 0x0, 0x5, 0x91}, {0x1, 0x6, 0x2, 0x4}, {0x10001, 0x7f, 0x800, 0x74800}, {0x2, 0x7ff, 0x400, 0xff}, {0x3ff, 0x5, 0x2, 0xaf}, {0x7, 0x4, 0x1, 0x3}, {0x6, 0xa5, 0xff, 0x8}, {0x3, 0xce99, 0x5, 0x5}, {0x80000001, 0xb7, 0x3, 0x4cc}, {0x2, 0xffff, 0x7ead, 0x2}, {0x8, 0x0, 0x1, 0x7}, {0x9a4, 0x5, 0x7fffffff, 0x7a}, {0x0, 0xf16, 0x7fffffff, 0x7f}, {0x2, 0x8000, 0xa, 0x80000000}, {0x2, 0x35, 0x2, 0xbbd}, {0x7, 0x7, 0xfffffe00, 0x10001}, {0x80000001, 0x0, 0x1000, 0x7}, {0x1, 0x6, 0xad2, 0x8}, {0x675, 0x3, 0x7fff, 0x8}, {0x6, 0x9, 0x7, 0xcee}, {0x400, 0x0, 0x3}, {0x7fc, 0x0, 0x5, 0x9}, {0xb8b1, 0x8, 0xffffffff, 0x7}, {0x1, 0xd, 0xffffffff, 0x2}, {0x3, 0x5, 0x0, 0x1}, {0x101, 0xc, 0x1, 0x7719}, {0x0, 0x6800000, 0x2, 0x5}, {0x2, 0x1, 0x80, 0x5}, {0x4, 0x574, 0x100, 0x635e}, {0x4, 0x6, 0x4}, {0x6714859, 0x2, 0x9995, 0x6}, {0x80000000, 0x1, 0x7, 0xffffffff}, {0x7, 0x8000, 0x2, 0x8}, {0x9, 0x9, 0x4, 0x5}, {0xc3, 0x10, 0x10000, 0x527}, {0x7adc, 0x4, 0x8, 0x7fff}, {0x1, 0x1, 0x80, 0x8}, {0xfff, 0x9d5, 0x2, 0x1000}, {0x3ff, 0x7c96, 0x7fff, 0x5}, {0x80000000, 0xee16, 0x4, 0x8000}, {0x0, 0x9, 0x2, 0xfffffff7}, {0x800, 0x9, 0x0, 0x3}, {0x2, 0x3, 0x9, 0x5}, {0x5, 0x5, 0x2, 0x101}, {0x3, 0x1, 0x8000, 0x3}, {0x8, 0x5, 0x0, 0xa8b}, {0x3, 0x4, 0x0, 0x5}, {0x5f855dcf, 0x0, 0x1, 0x8}]}}, @TCA_U32_HASH={0x8, 0x2, 0xf4}, @TCA_U32_SEL={0x234, 0x5, {0xb, 0xfd, 0xb9, 0xff, 0x7fff, 0x5, 0xfffb, 0x2, [{0x6, 0xcf1, 0x7, 0x1}, {0xd, 0x2, 0x6, 0x80000001}, {0x7, 0x8, 0x10, 0x3}, {0x9, 0x7, 0xe, 0x5}, {0x1, 0x1ee, 0x401, 0x4}, {0x0, 0x900, 0x8, 0x1}, {0x6, 0xf, 0x7}, {0x5, 0x5, 0xff, 0x6}, {0xcc, 0xbcc, 0x5960, 0x829b}, {0x2, 0xb, 0x764, 0x4}, {0x3, 0x8ca, 0x7, 0xc}, {0x23e1, 0xfffff21e, 0x0, 0x7889}, {0x4, 0x81, 0x5, 0x10001}, {0xfffffffd, 0xffff, 0xfffffffc, 0x2}, {0x9, 0x10, 0x69ca928c, 0x8}, {0x25, 0x4, 0xe, 0x4}, {0xfffffeff, 0x9, 0x5, 0x2}, {0x1, 0x6f, 0x67}, {0x18d0, 0x2, 0x40, 0xffff}, {0x40000000, 0x3, 0xb9b5, 0x6}, {0x6, 0xe, 0x9, 0x80000000}, {0x4bf, 0xfffff001, 0x8, 0x80000001}, {0x2, 0x580c, 0x0, 0x400}, {0x5, 0xd5, 0x9f, 0x81}, {0x1, 0x6, 0x2, 0x800}, {0x9, 0x5, 0x4, 0x5}, {0x8, 0x7, 0x101, 0x1}, {0x52, 0x7f, 0x100, 0x9}, {0x0, 0x800, 0x401, 0x936}, {0x40, 0x9, 0x6}, {0x3, 0x3, 0x4, 0x8}, {0xa, 0x20000000, 0x3, 0x101}, {0x6, 0x4a, 0x3708, 0xfffffffa}, {0x2, 0x0, 0x7, 0xfe}]}}, @TCA_U32_SEL={0x224, 0x5, {0xb, 0x0, 0xd, 0x8, 0x1c5c, 0x800, 0x5, 0x5, [{0x1000, 0x7, 0x7, 0xfff}, {0x5, 0x1000, 0x8, 0x200}, {0x563e, 0x5, 0x9, 0x1}, {0xffffff5a, 0xdd, 0x6, 0x7}, {0xc, 0xe, 0x0, 0x2}, {0x9, 0x8, 0x8, 0x3ff}, {0x30b, 0x2, 0x0, 0x1}, {0xffffff59, 0x3, 0x2ff9, 0x5}, {0x401, 0x5, 0xfffffff7, 0x1}, {0x2, 0x6, 0x5, 0x8}, {0xf370, 0x44, 0x80000001, 0x4}, {0x6, 0xd, 0x2}, {0xfff, 0x0, 0x2, 0x36f}, {0x7ccc, 0x7, 0x70c87b02, 0x81}, {0x5, 0x2, 0x9, 0x5}, {0xf8, 0x7ff, 0x800, 0x2}, {0x9, 0x1, 0x7, 0x8}, {0x1, 0x9, 0x400, 0x4}, {0x800, 0xff, 0x3, 0x6}, {0x7fffffff, 0xae, 0x6, 0x2}, {0x8, 0x7f, 0x3e9, 0x9}, {0x800, 0xc, 0xfffff9a8, 0x5}, {0x7, 0x80, 0x5, 0x6}, {0xe, 0xfffff801, 0x7, 0x3}, {0xffffffa0, 0x200, 0x0, 0x1}, {0x75, 0x8, 0x7, 0x4}, {0x1cc00000, 0x5, 0x0, 0x7}, {0x7, 0x1, 0x3, 0x7}, {0x8, 0x6, 0x5, 0x1}, {0x80000001, 0x2991, 0x5, 0x200}, {0x10, 0x1ff, 0x7f7c0e36, 0x3ff}, {0x4, 0x9, 0x1, 0x51}, {0x8, 0xfffffffd, 0x3, 0x7c}]}}]}}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xfff3, 0x10}}]}}]}, 0x1b7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x5, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000340)='.\x00', 0xa50003d1)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f0000000140)={'ip6tnl0\x00', 0x0, 0x2f, 0x8, 0x4, 0x5, 0x2d, @ipv4={'\x00', '\xff\xff', @broadcast}, @remote, 0x8000, 0x40, 0x4, 0x80}})
socket$nl_generic(0x10, 0x3, 0x10)
mount$tmpfs(0x0, 0x0, 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='percpu_destroy_chunk\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000340)=ANY=[], 0x60)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @rand_addr, @empty}, &(0x7f00000003c0)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f00000004c0)=@newtaction={0xb8, 0x30, 0x9, 0x0, 0x0, {}, [{0xa4, 0x1, [@m_mirred={0xa0, 0x17, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xeccd, 0x3, 0x1, 0x8, 0x3}, 0x0, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x400, 0xffffffffffffffff, 0x7, 0x9}, 0x4, r6}}]}, {0x33, 0x6, "55a2fcbad77c39e8333af0c2c787d938a153bea52647a47efb590f2884ea69f501b7457dddaaa2c58e1a3e6acc70ed"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0xb8}}, 0x40000)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYRES64=r6], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$CDROM_SELECT_SPEED(r9, 0x5322, 0xc)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r8}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)

958.896675ms ago: executing program 3 (id=2149):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000300), 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r3, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x0, {0x0, 0x0, 0x0, 0x2ead, 0x7fff, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174ff100fff40000000010e200"}})

867.690796ms ago: executing program 3 (id=2150):
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1e000000090000000100008004000000d41c0000", @ANYRES32=0x1, @ANYBLOB="75ffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000400"/28], 0x50)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000001900)=ANY=[@ANYBLOB="9feb01001800000000000000800000008000000008000000000000000000000100000000520079040b000000080000060400000004000000ffff00000b000000b70800000a0000000f0000000100000009"], &(0x7f00000005c0)=""/4096, 0xa0, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xe, 0x4, 0x0, 0x7, 0x2000a, r0, 0x7, '\x00', 0x0, r1, 0x5, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x7)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x2, 0x0, 0x0, 0x2, 0xa}, {0x17b, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x100000000, 0x3}}, {{@in=@private=0xa010102, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000003c0)={&(0x7f0000001600)="6740cf472e3d91159c2ed9b96f67cbdc1e10f983033216183d37b7eac0ee12c820f09244f4c4cf68bc5845e995b18d20e8974f458d55e24c33776dae7ed86290ad9ae3c0486cf45404c8f5849fe757ccb6f1d0d7a9ecba169b62c916f68a5e3b826746d9d6c14eb2f4847ecd2e0c2790204fb1c9a23720c047afa436c196644e9396ee685df1116b87c37525ea9b2452f1e78d0abe6ca1e938dbf6e24d7a541a1a8632605cab90e21be04822800f90cc633fba736a3250f3943092c0ee2b7b2055807e47f8a54d749d24b3a5e9a6c0eaaaaea038a9834314646730305aeca7d924090698c49c3511d877a68ce5566de011e3dc", &(0x7f0000001700)=""/245, &(0x7f0000000440)="32261482734fecd80209077f951e93ec7f0fbe4ba953d7b8e5dee010d2c60946354922584fcc361076361c78d5516295e2ec81e011f69bb99b8101f6c51747fdfbffd6449ac0a521afdb702a832d9e942f861e61cd10f900", &(0x7f0000001800)="61fac2ac61c10157bb401996d9dac4d9fd487d8f1aa9c1cf9410a44ef8d80687bb3eb49fc7b7eafdc16573ebd58a65237b2f6fcecacf5ae25ab69951d5bc7a7e60622ed77037325856e6a953eac074834bf55474eae14fdd90dd2aafb1cc652331cbfd1288912f18b6ddd75428a6e13044aa182c93aa312479eca16611c306d9a6e786e91727c9df3ff9", 0x3, r0, 0x4}, 0x38)
getsockopt$inet_tcp_int(r5, 0x6, 0x17, 0x0, &(0x7f0000000400))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000019c0)={0xc8, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x74, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x3, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @local}}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}]}, 0xc8}}, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe4)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f00000001c0), 0x4)
r9 = openat$ipvs(0xffffff9c, &(0x7f00000018c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendfile(r9, r2, 0x0, 0x200)
sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
sendmsg$key(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020a00000200000000000000004e637f"], 0x10}}, 0x0)
recvmmsg(r8, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x1916)

719.970517ms ago: executing program 3 (id=2151):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000480)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0xf1}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x80ffffff}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x1, 0xb, 0xa, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

719.466775ms ago: executing program 1 (id=2152):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r1, 0x29, 0x31, 0x0, &(0x7f00000000c0))
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, [<r6=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000200)={r5, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000040)={r8})
close_range(r0, 0xffffffffffffffff, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000440)='numa_maps\x00')
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r14, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r15=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="0000d66734d7f693d948117af6c6bccd89348c525b0a5ec1cc3eb7e924c145e91e7bb895fd2dd15cb048ee3549ec462786ab3068aa1fedcd64340495196e", @ANYRES32=r15, @ANYBLOB="080026001b170000"], 0x24}, 0x1, 0x0, 0x0, 0x20000041}, 0x14)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r16}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_generic(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x33, 0x301, 0x270bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x10008090}, 0x8004)
close_range(r9, 0xffffffffffffffff, 0x0)

719.390957ms ago: executing program 3 (id=2153):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000080f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c0064009c0008000d0000000000a2000f00019c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

659.096801ms ago: executing program 3 (id=2154):
creat(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74)
r2 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x9e6a, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x100, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x28, 0x2007, @fd, 0x0, 0x0, 0x0, 0x4, 0x1, {0x0, r5}})
write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c000705ab092509b86813000aab080102000000b85b0e93210001c0f0060848050000010000000000039815fa2c53c28648000000b937799f377a00bc000c00f0036cdf0db400600033d44000040060b16a482c0a3c313012dafd5a32e273fc83ab82d710f74cec18444ef90d475ef8b2863ef3d92c94170e5bba2e177312e081f691bc5110556888100000463ae4f5df1b394cfd6239ec2a0f0d1bcae5f5502943283f4b9e611183b102b2b8f5566791cb19020191bd0733", 0xbd)
syz_genetlink_get_family_id$nfc(&(0x7f0000000300), 0xffffffffffffffff)
syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[], 0x28}}, 0x0)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

658.777527ms ago: executing program 1 (id=2155):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="580100001000130728bd700000000000ac1414aa0000000000000000000000002001000000000000000000000000000200020001000000000a00000084000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff01000000000000000000000000000100000000320000002001000000000000000000000000000104000000000000000000000001000000080000000000000001000000010000000600000080ffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000020000000000000007000000000000000c000000000000000000000029bd7000000000000a0000000000000068001200726663343534332867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000022000000000000000000e000000080"], 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

658.545979ms ago: executing program 1 (id=2156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000000400000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffd7e) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0xc0189436, &(0x7f0000000140)) (async, rerun: 32)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x7) (async)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000100)=0xff)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000000c0)=0x3a)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10) (async)
r6 = openat$bsg(0xffffff9c, &(0x7f0000000040), 0x50000, 0x0) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_AP(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c000000a475aed736dd5757f2e24d678a47bb53ffae4cf711d76667a1f9fdbe4d0c1325c3ce67eccb445345776f5d16e06bcf16cfd58775f00fa6f6b6f8e80ea60cfae325d3382134fdd25c146d6b7c142a52209ada308e50501cc754bcc8ae39278214f3b34aefc258aa3ac4eb06399230e49fbc34762fbce0a28e188143129572e4179a74c97625831e8ad454c33eaa677faa1a689e44c14adc74d32e3ac2003d7e808433e30aa448f5a7e3fd20efaec73ff3ef2ff5e113c31b0a7df189ae40c3", @ANYRES16=r7, @ANYBLOB="c96c25bd7000fbdbdf251000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4010) (async)
r8 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000001680)={'syztnl2\x00', &(0x7f0000000400)={'ip_vti0\x00', 0x0, 0x7, 0x10, 0x0, 0x0, {{0x6, 0x4, 0x3, 0x1a, 0x18, 0x66, 0x0, 0x3, 0x4, 0x0, @private=0xa010102, @local, {[@ra={0x94, 0x4}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x34f}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f0000000340)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r9, 0x47bc, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
clock_gettime(0x0, &(0x7f00000014c0)={<r12=>0x0, <r13=>0x0}) (rerun: 64)
recvmmsg(r8, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000006c0)=""/145, 0x91}, {&(0x7f0000000780)=""/254, 0xfe}, {&(0x7f0000000880)=""/206, 0xce}], 0x3}, 0xcdfb}, {{&(0x7f0000000980)=@l2tp={0x2, 0x0, @remote}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000380)=""/56, 0x38}, {&(0x7f0000000580)}, {&(0x7f0000000640)=""/44, 0x2c}, {&(0x7f0000000a00)=""/188, 0xbc}, {&(0x7f0000000ac0)=""/138, 0x8a}, {&(0x7f0000000b80)=""/108, 0x6c}, {&(0x7f0000000c00)=""/117, 0x75}, {&(0x7f0000000c80)=""/201, 0xc9}, {&(0x7f0000000d80)=""/7, 0x7}, {&(0x7f0000000dc0)=""/210, 0xd2}], 0xa}, 0x2}, {{&(0x7f0000000f40)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000001180)=[{&(0x7f0000000fc0)=""/181, 0xb5}, {&(0x7f0000001080)=""/197, 0xc5}], 0x2, &(0x7f00000011c0)=""/6, 0x6}, 0x4}, {{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000001200)=""/102, 0x66}, {&(0x7f0000001280)=""/233, 0xe9}], 0x2, &(0x7f00000013c0)=""/91, 0x5b}, 0x3}], 0x4, 0x2, &(0x7f0000001500)={r12, r13+10000000}) (async, rerun: 64)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@cgroup=r8, 0x13, 0x1, 0x23e1, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000200), &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400), <r14=>0x0}, 0x40) (rerun: 64)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000480)={@ifindex, r8, 0xe, 0x8, r8, @void, @value=r8, @void, @void, r14}, 0x20)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

469.562035ms ago: executing program 2 (id=2157):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='pids.current\x00', 0x275a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4048aecb, &(0x7f00000000c0)=ANY=[@ANYRES64=r0, @ANYRES64])
r4 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000001180), 0x1040, 0x0)
pread64(r4, &(0x7f00000014c0)=""/47, 0x2f, 0x4)

469.257716ms ago: executing program 3 (id=2158):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a1e77a68e174f000000000000000010e200"}})
socket(0x1d, 0x6, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2c, r4, 0x5, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_BSS_BASIC_RATES={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0xde7b)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)

468.818102ms ago: executing program 1 (id=2159):
openat$dsp(0xffffffffffffff9c, 0x0, 0x42001, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x7, 0xa, 0xfffffff3}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newchain={0x8d0, 0x64, 0x400, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff2}, {0x0, 0xa}, {0xe, 0xb}}, [@filter_kind_options=@f_u32={{0x8}, {0x8a4, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'ip6gre0\x00'}, @TCA_U32_ACT={0x238, 0x7, [@m_simple={0x134, 0x15, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x9, 0x3, '(*[!\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x1f3, 0x5a7, 0x2, 0x228000, 0x6}}]}, {0xe2, 0x6, "17e7746d5c45fccd1ec92e41d05c8e05a086e4cac68296497791ae089edd2620d6c05830e8007828dad7feefcdab6b74163ddfa1acb4d7871b23546de8c58ff9a434266637db352aaf860df11a91c10687d5ca93cc69488dc74224fb8ab16565160d00c8e2d6e031f4b4f67efd6a4ffe47b2be2bc33879aab2fdd356543430ffa6445c35d3f44303b11c8e265c203ef6eeb1e2b4625e232d091670a463590decf2e37f5837d23f94678e5f3d3bfba43059a98925c3f4dba59a22d9259700054e3f75cc21d39682969cb400bd8bf95ea476e9407b68820e278dece93248a3"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0x100, 0x15, 0x0, 0x0, {{0xc}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x3}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x3}]}, {0xc3, 0x6, "8ec2145f66b3e5bc72f0bda69328e3aae63f2138a1dfc0f40c942998cb7a92953ffd095889542d3091e3ef77ab29773e3a0d16e4266a215e100311cf327838cd953dd1e9ccf38618e8e08ef3b7e0d4e0a598fe5dc5e8e1aa69a0477c7a8230147f3cecf2592d89b41a037844cadf51123b30bbdc71a225bac9263266227d89cbab22dcc41426db58e0f58caf60287430bed7f2485486fba7d098c92a1726323039f66a3393642f9b04b6c38f250765b50cfd8388943918b8826cecf7e4836e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_U32_ACT={0x620, 0x7, [@m_connmark={0xf0, 0x17, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xfa, 0x3, 0x1d9}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x2, 0x5, 0x3, 0x2e83}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8a68, 0x4, 0x0, 0x7f, 0x6}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x32, 0xffffffff, 0x7, 0x7a, 0x4}, 0x81}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3ff, 0x5, 0x10000000, 0x9b, 0x3}}}]}, {0x34, 0x6, "e03ac6696659739eb6d251b68128a4abfbae663cf7973be58c825d9c48dd7cb7e13f0d8a915b28e8167df927f36a822a"}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}, @m_skbedit={0xc4, 0x1, 0x0, 0x0, {{0xc}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x3}, @TCA_SKBEDIT_MARK={0x8}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x8}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x80}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xb}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xf965}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0x5, 0x10000000, 0xffff}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x5, 0x20000000, 0x7, 0x200}}]}, {0x30, 0x6, "02acfcd01310e49d17c86163023e395c2d634f9856c2281599ff101eb080db9f1cd393f4f21a737616fa9c31"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_vlan={0x110, 0x5, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x6, 0x1, 0xffffffffefffffff, 0x6, 0x7}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x7e9}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0xaf, 0x6, "97a6b5b55456228d9fb5fab85785c2b3160ef666af343bfffc0b1bf6c6fe1ce610dd16eafb5fc53847eacafe22358a236ddea19442e000afc0494eecfbb135b46686b52a5519dd4944a50617386b24f969302b2bc7b1c51251a755a4abe6ef4193f4310b62c0350ef4add935e974656f8efe102f2c24fcb0f93c009c3081a21bad27daed475e14cff9f3cb6e54510a13454bce71334b31227312c8f8f43bb55f542ee3cd7285832f96f4da"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_sample={0x64, 0x1c, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}]}, {0x2d, 0x6, "c3095b4aaec10a1c7f451f891fbe438703efeae0968c5c9ab21d3c30866bd41cf7e16e98ce46299abc"}, {0xc, 0x7, {0xe99919134f143fe3}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_csum={0x198, 0x10, 0x0, 0x0, {{0x9}, {0x90, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x9, 0x0, 0x400, 0x7}, 0x2a}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7fff, 0x0, 0x20000000, 0x8, 0x100}, 0x6d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x2, 0x5, 0x20000000, 0x6, 0x6}, 0x2d}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x1, 0x4, 0x100, 0xd}, 0x24}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x5, 0x6, 0x401, 0xfff}, 0x5e}}]}, {0xdf, 0x6, "adadb77b00651532031eab2561e4d0b02217ffed4e940c2f76453ac550564063ff36fc84321c4d5949fc1f5fd0c5d1a818a7a9db00009e0f392c76101d80d89d1cadb3cdcb2e7960d993f2726d3187ca7b6b10c8910db629aa7b1126d85926111610d2aac544c520371c46d7a07659253fd7f5e5098e5b6ec8274eed9fd789dacbcd39bceb9662a6e0a0b479e7819309d4f307231fbb2140d647698cd161e835ff6b73bf7d0759adbd143087104b380de3ed8df4f39cd73c5a1e65dd5f11cb779a63166b32c781201190111e9f559005a71a4d35d014a6d7cd4561"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_nat={0x15c, 0x7, 0x0, 0x0, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x40, 0x1, 0xc8}, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x32}, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x615, 0x83, 0x3, 0x7f, 0x5}, @broadcast, @local, 0xff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x1, 0xffffffff, 0x7}, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x28}, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0xf, 0x10000000, 0x2, 0x1}, @multicast2, @dev={0xac, 0x14, 0x14, 0x1b}, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x80000001, 0x1, 0x5, 0x5, 0xae60}, @remote, @rand_addr=0x64010102, 0xffffff00}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7ff, 0x9, 0x8, 0x8, 0x7}, @dev={0xac, 0x14, 0x14, 0xe}, @dev={0xac, 0x14, 0x14, 0xd}, 0xffffff}}]}, {0x44, 0x6, "cf93ccbaed87b84f0af9ca210dfe918740e7e2a76f64962ddf287a68295893a7b7d976cf7f8c30bcea5e0b5350a6cdc9c046cbae260b7296e6cad4fdc3170f7e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}, @TCA_U32_MARK={0x10, 0xa, {0x9, 0x37b6acef}}, @TCA_U32_INDEV={0x14, 0x8, 'syz_tun\x00'}, @TCA_U32_MARK={0x10, 0xa, {0x0, 0x7}}]}}]}, 0x8d0}, 0x1, 0x0, 0x0, 0x2404c044}, 0x24044094)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r4 = userfaultfd(0x801)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001080)=ANY=[@ANYBLOB="12010000000000106a05310300000000000009022400010000800009040002010300010009210000000122f8040905810340000400086e01e99e3dcc227c4e0690dc2eac443f488cf538b128a2b7742b5a7df17d1aaa7164b33e7e1c6f05bd05a0575905df4122401bb23c6c4893457f09170866b58a10e35655769738ff341882552c9d335005e433bb6cab706be05abda9e9232925115a21b19bb4d4727794ccbc29f3dc3ad4ad2264001f4757bda27da72524ac7a6d10b4542dc6f9b5aec4c8251c8623a84b105d50a08d91a7bb8307ef533c43e3dd6bd3bff3bd35120000000000"], 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x6, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000001180)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r7)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x82000, 0x23)
getdents64(r8, &(0x7f0000000080)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)

309.548923ms ago: executing program 2 (id=2160):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x4}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x3f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

309.286437ms ago: executing program 2 (id=2161):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x18}}, 0x4020)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000055c0)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x17}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x38}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}}, 0x0)

309.165641ms ago: executing program 2 (id=2162):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0xe83, @dev={0xfe, 0x80, '\x00', 0xf}, 0xb}, 0x1c)
syz_emit_ethernet(0xfef3, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbfe8000000000000000000000000020aa4e200e22"], 0x0)

239.754863ms ago: executing program 2 (id=2163):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0x4000)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0), 0x0, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r1, 0x0, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="1400000010000100000000a9000000000000000a20000000000a01010000000000f50000020000000900010073797a300000000048000000030a01010000000000000000020000000900010073797a30000000000900030073797a3200000000080007006e617400140004800800014000000000080002400000000014000000020a010800000000000000000000000014000000"], 0xa4}, 0x1, 0x0, 0x0, 0xc824}, 0x0)

0s ago: executing program 5 (id=2164):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r1, 0x29, 0x31, 0x0, &(0x7f00000000c0))
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, [<r6=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000200)={r5, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000040)={r8})
close_range(r0, 0xffffffffffffffff, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000440)='numa_maps\x00')
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r14, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r15=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="0000d66734d7f693d948117af6c6bccd89348c525b0a5ec1cc3eb7e924c145e91e7bb895fd2dd15cb048ee3549ec462786ab3068aa1fedcd64340495196e", @ANYRES32=r15, @ANYBLOB="080026001b170000"], 0x24}, 0x1, 0x0, 0x0, 0x20000041}, 0x14)
r16 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r16}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$nl_generic(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x33, 0x301, 0x270bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x10008090}, 0x8004)
close_range(r9, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

in process `syz.4.696'.
[  159.299715][ T8509] netlink: 'syz.4.701': attribute type 12 has an invalid length.
[  160.059348][ T8521] netlink: 20 bytes leftover after parsing attributes in process `syz.2.708'.
[  160.097348][ T8521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.708'.
[  160.218064][ T8527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.711'.
[  160.421589][ T8540] 9pnet_fd: Insufficient options for proto=fd
[  160.921627][ T8552] lo speed is unknown, defaulting to 1000
[  160.925357][ T8552] lo speed is unknown, defaulting to 1000
[  161.765756][ T8571] netlink: 'syz.4.723': attribute type 12 has an invalid length.
[  163.305256][ T8585] loop6: detected capacity change from 0 to 63
[  163.849833][ T8608] netlink: 24 bytes leftover after parsing attributes in process `syz.2.738'.
[  164.079951][ T8611] x_tables: duplicate underflow at hook 2
[  164.094076][ T8615] tmpfs: Bad value for 'mpol'
[  164.138503][ T8611] mkiss: ax0: crc mode is auto.
[  165.159336][   T29] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  165.308593][   T29] usb 6-1: Using ep0 maxpacket: 8
[  165.314873][   T29] usb 6-1: config 92 has an invalid interface number: 120 but max is 3
[  165.319582][   T29] usb 6-1: config 92 has an invalid interface number: 136 but max is 3
[  165.326469][   T29] usb 6-1: config 92 has an invalid interface number: 22 but max is 3
[  165.331186][   T29] usb 6-1: config 92 has 3 interfaces, different from the descriptor's value: 4
[  165.335128][   T29] usb 6-1: config 92 has no interface number 0
[  165.337833][   T29] usb 6-1: config 92 has no interface number 1
[  165.340945][   T29] usb 6-1: config 92 has no interface number 2
[  165.344980][   T29] usb 6-1: config 92 interface 120 altsetting 9 has an invalid endpoint descriptor of length 6, skipping
[  165.363024][   T29] usb 6-1: config 92 interface 120 altsetting 9 has 4 endpoint descriptors, different from the interface descriptor's value: 0
[  165.384064][   T29] usb 6-1: config 92 interface 136 altsetting 175 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  165.393331][   T29] usb 6-1: config 92 interface 136 altsetting 175 has an invalid descriptor for endpoint zero, skipping
[  165.400227][   T29] usb 6-1: config 92 interface 136 altsetting 175 has a duplicate endpoint with address 0x4, skipping
[  165.409329][   T29] usb 6-1: config 92 interface 136 altsetting 175 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  165.417937][   T29] usb 6-1: config 92 interface 136 altsetting 175 has a duplicate endpoint with address 0x3, skipping
[  165.426468][   T29] usb 6-1: config 92 interface 136 altsetting 175 endpoint 0xC has invalid maxpacket 512, setting to 64
[  165.434629][   T29] usb 6-1: config 92 interface 136 altsetting 175 bulk endpoint 0x6 has invalid maxpacket 64
[  165.441410][   T29] usb 6-1: config 92 interface 22 altsetting 129 has a duplicate endpoint with address 0xA, skipping
[  165.447010][   T29] usb 6-1: config 92 interface 120 has no altsetting 0
[  165.451117][   T29] usb 6-1: config 92 interface 136 has no altsetting 0
[  165.455127][   T29] usb 6-1: config 92 interface 22 has no altsetting 0
[  165.461199][   T29] usb 6-1: New USB device found, idVendor=0bb4, idProduct=0a52, bcdDevice=a0.d0
[  165.469206][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.475857][   T29] usb 6-1: Product: syz
[  165.479257][   T29] usb 6-1: Manufacturer: syz
[  165.483698][   T29] usb 6-1: SerialNumber: syz
[  165.499046][ T8623] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  165.781025][ T8639] bond0: Error: Cannot enslave bond to itself.
[  165.983578][ T8650] loop6: detected capacity change from 0 to 63
[  166.436443][ T8658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.751'.
[  169.543394][ T8683] siw: device registration error -23
[  170.392336][ T8690] netlink: 'syz.2.759': attribute type 12 has an invalid length.
[  170.950678][ T8695] netlink: 'syz.3.760': attribute type 12 has an invalid length.
[  171.263510][  T836] usb 6-1: USB disconnect, device number 3
[  171.375400][ T8713] loop6: detected capacity change from 0 to 63
[  173.191987][ T8735] netlink: 'syz.2.772': attribute type 12 has an invalid length.
[  173.417137][ T8746] sp0: Synchronizing with TNC
[  173.461511][ T8749] fuse: Bad value for 'fd'
[  174.250064][ T8745] [U] �
[  174.635712][ T8781] netlink: 4 bytes leftover after parsing attributes in process `syz.4.785'.
[  174.685719][ T8786] lo speed is unknown, defaulting to 1000
[  174.690859][ T8786] lo speed is unknown, defaulting to 1000
[  175.530918][   T67] Bluetooth: hci1: command 0x0406 tx timeout
[  175.533691][   T67] Bluetooth: hci2: command 0x0406 tx timeout
[  179.285678][ T8864] netlink: 4 bytes leftover after parsing attributes in process `syz.4.810'.
[  180.028355][   T72] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  180.178256][   T72] usb 9-1: Using ep0 maxpacket: 16
[  180.181408][   T72] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 52, changing to 7
[  180.184765][   T72] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 9272, setting to 1024
[  180.190661][   T72] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  180.193475][   T72] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.195927][   T72] usb 9-1: Product: syz
[  180.197349][   T72] usb 9-1: Manufacturer: syz
[  180.200493][   T72] usb 9-1: SerialNumber: syz
[  180.203149][   T72] usb 9-1: config 0 descriptor??
[  180.210936][   T72] hub 9-1:0.0: bad descriptor, ignoring hub
[  180.212879][   T72] hub 9-1:0.0: probe with driver hub failed with error -5
[  180.216661][   T72] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input12
[  180.262829][ T8912] loop6: detected capacity change from 0 to 63
[  180.339681][ T8918] lo speed is unknown, defaulting to 1000
[  180.343848][ T8918] lo speed is unknown, defaulting to 1000
[  180.790974][ T8933] hub 2-0:1.0: USB hub found
[  180.793324][ T8933] hub 2-0:1.0: 2 ports detected
[  181.323504][    T9] usb 9-1: USB disconnect, device number 2
[  181.501074][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.832'.
[  182.295101][ T8977] netlink: 2048 bytes leftover after parsing attributes in process `syz.2.839'.
[  182.298408][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'.
[  182.649879][   T40] audit: type=1326 audit(1746152926.237:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.660786][   T40] audit: type=1326 audit(1746152926.237:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=234 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.667414][   T40] audit: type=1326 audit(1746152926.237:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.674437][   T40] audit: type=1326 audit(1746152926.237:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.681191][   T40] audit: type=1326 audit(1746152926.237:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.687782][   T40] audit: type=1326 audit(1746152926.237:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.694739][   T40] audit: type=1326 audit(1746152926.237:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.701570][   T40] audit: type=1326 audit(1746152926.237:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.708120][   T40] audit: type=1326 audit(1746152926.237:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.716101][ T8993] netlink: 4 bytes leftover after parsing attributes in process `syz.4.846'.
[  182.719285][ T8993] netlink: 4 bytes leftover after parsing attributes in process `syz.4.846'.
[  182.727797][   T40] audit: type=1326 audit(1746152926.237:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8989 comm="syz.4.846" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  182.815782][ T8998] lo speed is unknown, defaulting to 1000
[  182.819260][ T8998] lo speed is unknown, defaulting to 1000
[  183.436619][ T9028] netlink: 'syz.4.855': attribute type 12 has an invalid length.
[  183.580703][ T6122] libceph: connect (1)[c::]:6789 error -101
[  183.582669][ T6122] libceph: mon0 (1)[c::]:6789 connect error
[  183.848611][  T836] libceph: connect (1)[c::]:6789 error -101
[  183.851062][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  184.221570][ T9047] loop6: detected capacity change from 0 to 63
[  184.316851][ T9033] ceph: No mds server is up or the cluster is laggy
[  184.360979][ T5289] Bluetooth: hci1: unexpected event for opcode 0x202a
[  184.365957][ T9058] netlink: 40 bytes leftover after parsing attributes in process `syz.4.863'.
[  184.369816][ T9058] openvswitch: netlink: Flow key attr not present in new flow.
[  184.545530][ T9060] lo speed is unknown, defaulting to 1000
[  184.564313][ T9060] lo speed is unknown, defaulting to 1000
[  184.794722][ T9077] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'.
[  184.826876][ T9080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.872'.
[  184.848518][ T9080] netlink: 12 bytes leftover after parsing attributes in process `syz.1.872'.
[  184.863990][ T9080] overlayfs: workdir and upperdir must reside under the same mount
[  184.918430][ T9096] loop6: detected capacity change from 0 to 63
[  185.103383][ T9106] netlink: 196 bytes leftover after parsing attributes in process `syz.4.880'.
[  185.258534][ T9115] can0: slcan on ptm0.
[  185.262039][ T9115] pim6reg1: entered promiscuous mode
[  185.263803][ T9115] pim6reg1: entered allmulticast mode
[  185.350292][ T9115] can0 (unregistered): slcan off ptm0.
[  185.674630][ T9142] loop6: detected capacity change from 0 to 63
[  185.969090][ T9156] IPVS: set_ctl: invalid protocol: 192 164.0.0.0:20000
[  186.568462][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  186.701278][ T9176] netlink: 'syz.4.897': attribute type 12 has an invalid length.
[  186.765704][ T9180] loop6: detected capacity change from 0 to 63
[  186.792050][ T9182] __nla_validate_parse: 2 callbacks suppressed
[  186.792060][ T9182] netlink: 196 bytes leftover after parsing attributes in process `syz.1.901'.
[  188.294880][ T9194] netlink: 'syz.1.912': attribute type 12 has an invalid length.
[  188.371037][ T9212] overlayfs: upper fs does not support file handles, falling back to index=off.
[  188.425509][ T9216] netlink: 'syz.4.910': attribute type 72 has an invalid length.
[  188.457946][ T5289] Bluetooth: hci4: unexpected event for opcode 0x202a
[  189.291921][ T9231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.916'.
[  189.322567][ T9234] loop6: detected capacity change from 0 to 63
[  190.264590][ T9255] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  190.266814][ T9255] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  190.515998][ T9255] vhci_hcd vhci_hcd.0: Device attached
[  190.669661][ T9264] vhci_hcd: connection closed
[  190.671390][ T1173] vhci_hcd: stop threads
[  190.675310][ T1173] vhci_hcd: release socket
[  190.676998][ T1173] vhci_hcd: disconnect device
[  190.731973][ T9251] netlink: 'syz.3.924': attribute type 12 has an invalid length.
[  191.556738][ T9306] netlink: 'syz.3.932': attribute type 12 has an invalid length.
[  192.137251][ T9313] hub 6-0:1.0: USB hub found
[  192.139637][ T9313] hub 6-0:1.0: 1 port detected
[  192.185868][ T9313] kernel read not supported for file / 
�7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 9313 comm: syz.4.935)
[  192.198014][   T40] kauditd_printk_skb: 37 callbacks suppressed
[  192.200016][   T40] audit: type=1800 audit(1746152935.777:95): pid=9313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.935" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=27867 res=0 errno=0
[  192.904103][ T9325] fuse: Unknown parameter 'ro!�o��ٟr�~���s��Z`��<���otmo�c}d�'
[  192.908774][ T9324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.939'.
[  193.381940][ T9346] netlink: 'syz.1.943': attribute type 12 has an invalid length.
[  193.930996][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  193.933035][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  194.472105][ T9358] netlink: 260 bytes leftover after parsing attributes in process `syz.1.947'.
[  194.490033][ T9357] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6
[  194.500608][ T9360] netlink: 4 bytes leftover after parsing attributes in process `syz.1.949'.
[  194.515813][ T9362] loop6: detected capacity change from 0 to 63
[  195.465638][ T9386] netlink: 260 bytes leftover after parsing attributes in process `syz.3.957'.
[  195.517879][ T9390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.959'.
[  195.580669][ T9390] /dev/nullb0: Can't open blockdev
[  197.389982][   T40] audit: type=1326 audit(1746152940.977:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.3.971" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x0
[  197.471506][ T9434] netlink: 4 bytes leftover after parsing attributes in process `syz.1.972'.
[  197.558064][ T9439] netlink: 260 bytes leftover after parsing attributes in process `syz.1.974'.
[  198.723220][ T5289] Bluetooth: hci2: unexpected event for opcode 0x202a
[  199.282350][ T9452] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  199.284472][ T9452] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  199.287899][ T9452] vhci_hcd vhci_hcd.0: Device attached
[  199.436713][ T9474] vhci_hcd: connection closed
[  199.438100][   T13] vhci_hcd: stop threads
[  199.441215][   T13] vhci_hcd: release socket
[  199.444612][   T13] vhci_hcd: disconnect device
[  199.468443][ T6122] vhci_hcd: vhci_device speed not set
[  200.725466][ T9517] random: crng reseeded on system resumption
[  201.019439][ T9537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1001'.
[  201.920731][ T9552] netlink: 'syz.1.1007': attribute type 12 has an invalid length.
[  201.977439][ T9562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1010'.
[  202.225828][   T40] audit: type=1326 audit(1746152945.807:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.248291][   T40] audit: type=1326 audit(1746152945.807:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.254736][   T40] audit: type=1326 audit(1746152945.807:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.266425][   T40] audit: type=1326 audit(1746152945.807:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.273661][   T40] audit: type=1326 audit(1746152945.807:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.283070][   T40] audit: type=1326 audit(1746152945.807:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.289787][   T40] audit: type=1326 audit(1746152945.807:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.296492][   T40] audit: type=1326 audit(1746152945.817:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  202.303212][   T40] audit: type=1326 audit(1746152945.817:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9559 comm="syz.4.1009" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  204.252927][ T9610] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1023'.
[  204.266524][ T9606] netlink: 'syz.2.1021': attribute type 12 has an invalid length.
[  204.325955][ T9614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1025'.
[  204.882006][ T9632] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1032'.
[  205.019489][ T9643] netlink: 'syz.1.1030': attribute type 12 has an invalid length.
[  205.753480][ T9646] netlink: 'syz.4.1041': attribute type 12 has an invalid length.
[  205.816968][ T9657] input: syz0 as /devices/virtual/input/input13
[  205.908076][ T9666] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1042'.
[  205.936574][ T9669] loop6: detected capacity change from 0 to 63
[  206.530159][ T9684] lo speed is unknown, defaulting to 1000
[  206.538563][ T9684] lo speed is unknown, defaulting to 1000
[  206.617336][ T9687] netlink: 'syz.2.1045': attribute type 12 has an invalid length.
[  206.830322][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1050'.
[  206.871254][ T9696] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1051'.
[  207.464216][ T9712] loop6: detected capacity change from 0 to 63
[  208.077227][ T9724] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1061'.
[  208.146896][ T9728] lo speed is unknown, defaulting to 1000
[  208.150080][ T9728] lo speed is unknown, defaulting to 1000
[  208.410520][ T9744] loop6: detected capacity change from 0 to 63
[  208.818222][  T836] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  208.988241][  T836] usb 7-1: Using ep0 maxpacket: 8
[  208.991105][  T836] usb 7-1: config 92 has an invalid interface number: 120 but max is 3
[  208.994422][  T836] usb 7-1: config 92 has an invalid interface number: 136 but max is 3
[  208.997508][  T836] usb 7-1: config 92 has an invalid interface number: 22 but max is 3
[  209.000694][  T836] usb 7-1: config 92 has 3 interfaces, different from the descriptor's value: 4
[  209.003578][  T836] usb 7-1: config 92 has no interface number 0
[  209.005602][  T836] usb 7-1: config 92 has no interface number 1
[  209.007664][  T836] usb 7-1: config 92 has no interface number 2
[  209.009726][  T836] usb 7-1: config 92 interface 120 altsetting 9 has an invalid endpoint descriptor of length 6, skipping
[  209.013301][  T836] usb 7-1: config 92 interface 120 altsetting 9 has 4 endpoint descriptors, different from the interface descriptor's value: 0
[  209.017955][  T836] usb 7-1: config 92 interface 136 altsetting 175 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  209.021561][  T836] usb 7-1: config 92 interface 136 altsetting 175 has an invalid descriptor for endpoint zero, skipping
[  209.025066][  T836] usb 7-1: config 92 interface 136 altsetting 175 has a duplicate endpoint with address 0x4, skipping
[  209.028762][  T836] usb 7-1: config 92 interface 136 altsetting 175 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  209.034538][  T836] usb 7-1: config 92 interface 136 altsetting 175 has a duplicate endpoint with address 0x3, skipping
[  209.044588][  T836] usb 7-1: config 92 interface 136 altsetting 175 endpoint 0xC has invalid maxpacket 512, setting to 64
[  209.053848][  T836] usb 7-1: config 92 interface 136 altsetting 175 bulk endpoint 0x6 has invalid maxpacket 64
[  209.063356][  T836] usb 7-1: config 92 interface 22 altsetting 129 has a duplicate endpoint with address 0xA, skipping
[  209.071200][  T836] usb 7-1: config 92 interface 120 has no altsetting 0
[  209.076965][  T836] usb 7-1: config 92 interface 136 has no altsetting 0
[  209.083720][  T836] usb 7-1: config 92 interface 22 has no altsetting 0
[  209.089936][  T836] usb 7-1: New USB device found, idVendor=0bb4, idProduct=0a52, bcdDevice=a0.d0
[  209.094745][  T836] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.100859][  T836] usb 7-1: Product: syz
[  209.104170][  T836] usb 7-1: Manufacturer: syz
[  209.106796][  T836] usb 7-1: SerialNumber: syz
[  209.112743][ T9750] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  209.301614][ T9756] loop6: detected capacity change from 0 to 63
[  209.333627][ T9758] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1074'.
[  209.410780][ T9763] bond0: Error: Cannot enslave bond to itself.
[  209.431948][ T9769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1079'.
[  210.686168][ T9811] lo speed is unknown, defaulting to 1000
[  210.691372][ T9811] lo speed is unknown, defaulting to 1000
[  211.221365][ T9822] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1096'.
[  211.369237][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  211.489974][ T6122] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  211.629995][ T6122] usb 9-1: device descriptor read/64, error -71
[  211.682958][  T836] usb 7-1: USB disconnect, device number 13
[  211.958757][ T6122] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  212.088452][ T6122] usb 9-1: device descriptor read/64, error -71
[  212.208484][ T6122] usb usb9-port1: attempt power cycle
[  212.412005][ T9836] netlink: 'syz.2.1100': attribute type 12 has an invalid length.
[  212.558347][ T6122] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  212.579857][ T6122] usb 9-1: device descriptor read/8, error -71
[  212.818335][ T6122] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  212.838636][ T6122] usb 9-1: device descriptor read/8, error -71
[  212.931924][ T9862] netlink: 'syz.2.1110': attribute type 1 has an invalid length.
[  212.946492][ T9862] 8021q: adding VLAN 0 to HW filter on device bond3
[  212.948456][ T6122] usb usb9-port1: unable to enumerate USB device
[  212.960980][ T9862] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1110'.
[  213.296035][ T9868] netlink: 'syz.1.1111': attribute type 12 has an invalid length.
[  213.826742][ T9879] loop6: detected capacity change from 0 to 63
[  214.106075][ T9888] netlink: 'syz.2.1116': attribute type 4 has an invalid length.
[  214.108627][ T9888] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1116'.
[  214.114133][ T9888] : renamed from bond0 (while UP)
[  214.879278][ T9909] FAULT_INJECTION: forcing a failure.
[  214.879278][ T9909] name failslab, interval 1, probability 0, space 0, times 0
[  214.883184][ T9909] CPU: 2 UID: 0 PID: 9909 Comm: syz.2.1125 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  214.883198][ T9909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  214.883204][ T9909] Call Trace:
[  214.883208][ T9909]  <TASK>
[  214.883212][ T9909]  dump_stack_lvl+0x16c/0x1f0
[  214.883229][ T9909]  should_fail_ex+0x512/0x640
[  214.883244][ T9909]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  214.883257][ T9909]  should_failslab+0xc2/0x120
[  214.883269][ T9909]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  214.883281][ T9909]  ? __alloc_skb+0x2b2/0x380
[  214.883293][ T9909]  __alloc_skb+0x2b2/0x380
[  214.883302][ T9909]  ? __pfx___alloc_skb+0x10/0x10
[  214.883313][ T9909]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  214.883328][ T9909]  netlink_alloc_large_skb+0x69/0x130
[  214.883340][ T9909]  netlink_sendmsg+0x6a1/0xdd0
[  214.883354][ T9909]  ? __pfx_netlink_sendmsg+0x10/0x10
[  214.883366][ T9909]  ? __import_iovec+0x1c8/0x660
[  214.883385][ T9909]  ____sys_sendmsg+0xa95/0xc70
[  214.883400][ T9909]  ? __pfx_____sys_sendmsg+0x10/0x10
[  214.883412][ T9909]  ? get_compat_msghdr+0x11a/0x170
[  214.883428][ T9909]  ___sys_sendmsg+0x134/0x1d0
[  214.883439][ T9909]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.883465][ T9909]  __sys_sendmsg+0x16d/0x220
[  214.883476][ T9909]  ? __pfx___sys_sendmsg+0x10/0x10
[  214.883490][ T9909]  ? rcu_is_watching+0x12/0xc0
[  214.883503][ T9909]  ? rcu_is_watching+0x12/0xc0
[  214.883517][ T9909]  __do_fast_syscall_32+0x73/0x120
[  214.883536][ T9909]  do_fast_syscall_32+0x32/0x80
[  214.883553][ T9909]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  214.883570][ T9909] RIP: 0023:0xf7f87579
[  214.883578][ T9909] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  214.883588][ T9909] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  214.883597][ T9909] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  214.883603][ T9909] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  214.883609][ T9909] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  214.883614][ T9909] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  214.883624][ T9909] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  214.883637][ T9909]  </TASK>
[  215.820022][ T9934] netlink: 'syz.1.1133': attribute type 12 has an invalid length.
[  217.932715][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1161'.
[  218.186183][T10039] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1165'.
[  218.444649][ T9987] ceph: No mds server is up or the cluster is laggy
[  219.680509][T10102] netlink: 'syz.2.1176': attribute type 12 has an invalid length.
[  220.701627][ T6122] Process accounting resumed
[  221.568983][T10144] netlink: 'syz.1.1188': attribute type 12 has an invalid length.
[  221.602384][T10147] FAULT_INJECTION: forcing a failure.
[  221.602384][T10147] name failslab, interval 1, probability 0, space 0, times 0
[  221.607781][T10147] CPU: 2 UID: 0 PID: 10147 Comm: syz.4.1190 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  221.607803][T10147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.607814][T10147] Call Trace:
[  221.607821][T10147]  <TASK>
[  221.607827][T10147]  dump_stack_lvl+0x16c/0x1f0
[  221.607853][T10147]  should_fail_ex+0x512/0x640
[  221.607875][T10147]  ? __kmalloc_noprof+0xbf/0x510
[  221.607895][T10147]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  221.607918][T10147]  should_failslab+0xc2/0x120
[  221.607938][T10147]  __kmalloc_noprof+0xd2/0x510
[  221.607955][T10147]  ? kasan_quarantine_put+0x10a/0x240
[  221.607976][T10147]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  221.608003][T10147]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  221.608026][T10147]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  221.608048][T10147]  ? trace_cap_capable+0x18d/0x200
[  221.608071][T10147]  ? bpf_lsm_capable+0x9/0x10
[  221.608086][T10147]  ? security_capable+0x7e/0x260
[  221.608136][T10147]  ? ns_capable+0xd7/0x110
[  221.608170][T10147]  genl_rcv_msg+0x55c/0x800
[  221.608197][T10147]  ? __pfx_genl_rcv_msg+0x10/0x10
[  221.608217][T10147]  ? __pfx___dev_queue_xmit+0x10/0x10
[  221.608241][T10147]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  221.608262][T10147]  ? __pfx_nl80211_start_ap+0x10/0x10
[  221.608296][T10147]  ? __pfx_nl80211_post_doit+0x10/0x10
[  221.608319][T10147]  ? __lock_acquire+0xaa4/0x1ba0
[  221.608351][T10147]  netlink_rcv_skb+0x16a/0x440
[  221.608370][T10147]  ? __pfx_genl_rcv_msg+0x10/0x10
[  221.608393][T10147]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  221.608426][T10147]  ? __pfx_down_read+0x10/0x10
[  221.608451][T10147]  ? netlink_deliver_tap+0x1ae/0xd30
[  221.608473][T10147]  genl_rcv+0x28/0x40
[  221.608491][T10147]  netlink_unicast+0x53a/0x7f0
[  221.608513][T10147]  ? __pfx_netlink_unicast+0x10/0x10
[  221.608540][T10147]  netlink_sendmsg+0x8d1/0xdd0
[  221.608564][T10147]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.608584][T10147]  ? __import_iovec+0x1c8/0x660
[  221.608616][T10147]  ____sys_sendmsg+0xa95/0xc70
[  221.608642][T10147]  ? __pfx_____sys_sendmsg+0x10/0x10
[  221.608663][T10147]  ? get_compat_msghdr+0x11a/0x170
[  221.608694][T10147]  ___sys_sendmsg+0x134/0x1d0
[  221.608715][T10147]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.608769][T10147]  __sys_sendmsg+0x16d/0x220
[  221.608785][T10147]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.608809][T10147]  ? rcu_is_watching+0x12/0xc0
[  221.608828][T10147]  ? rcu_is_watching+0x12/0xc0
[  221.608847][T10147]  __do_fast_syscall_32+0x73/0x120
[  221.608872][T10147]  do_fast_syscall_32+0x32/0x80
[  221.608895][T10147]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  221.608916][T10147] RIP: 0023:0xf7f22579
[  221.608930][T10147] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  221.608946][T10147] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  221.608962][T10147] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  221.608973][T10147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  221.608982][T10147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  221.608992][T10147] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  221.609001][T10147] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.609023][T10147]  </TASK>
[  221.774811][T10151] loop6: detected capacity change from 0 to 63
[  222.197286][T10167] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1196'.
[  222.384809][T10177] fuse: blksize only supported for fuseblk
[  222.398445][T10177] netlink: 'syz.2.1199': attribute type 5 has an invalid length.
[  222.401486][T10177] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1199'.
[  222.408395][T10177] Bluetooth: MGMT ver 1.23
[  222.413785][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  222.413797][   T40] audit: type=1326 audit(1746152965.997:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.425421][   T40] audit: type=1326 audit(1746152965.997:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.436064][   T40] audit: type=1326 audit(1746152965.997:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.444196][   T40] audit: type=1326 audit(1746152965.997:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.452358][   T40] audit: type=1326 audit(1746152966.007:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.460469][   T40] audit: type=1326 audit(1746152966.007:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.468650][   T40] audit: type=1326 audit(1746152966.007:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.479518][   T40] audit: type=1326 audit(1746152966.057:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.487767][   T40] audit: type=1326 audit(1746152966.067:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.498233][   T40] audit: type=1326 audit(1746152966.067:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10176 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  222.977958][  T836] libceph: connect (1)[c::]:6789 error -101
[  222.980023][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  223.239529][  T836] libceph: connect (1)[c::]:6789 error -101
[  223.241605][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  223.569691][T10210] netlink: 'syz.2.1204': attribute type 12 has an invalid length.
[  223.623561][T10208] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  223.739404][T10189] ceph: No mds server is up or the cluster is laggy
[  223.750495][  T836] libceph: connect (1)[c::]:6789 error -101
[  223.753965][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  225.733770][   T72] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  225.763242][T10284] dvmrp0: entered allmulticast mode
[  225.786109][ T5937] Bluetooth: hci2: unexpected event for opcode 0x202a
[  225.901837][   T72] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.905199][   T72] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.913319][   T72] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  225.917313][   T72] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  225.921765][   T72] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.926744][   T72] usb 9-1: config 0 descriptor??
[  226.234201][T10314] FAULT_INJECTION: forcing a failure.
[  226.234201][T10314] name failslab, interval 1, probability 0, space 0, times 0
[  226.239586][T10314] CPU: 3 UID: 0 PID: 10314 Comm: syz.3.1243 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  226.239625][T10314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  226.239638][T10314] Call Trace:
[  226.239644][T10314]  <TASK>
[  226.239651][T10314]  dump_stack_lvl+0x16c/0x1f0
[  226.239680][T10314]  should_fail_ex+0x512/0x640
[  226.239707][T10314]  should_failslab+0xc2/0x120
[  226.239729][T10314]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  226.239747][T10314]  ? skb_clone+0x190/0x3f0
[  226.239770][T10314]  skb_clone+0x190/0x3f0
[  226.239789][T10314]  netlink_deliver_tap+0xabd/0xd30
[  226.239810][T10314]  netlink_unicast+0x6b2/0x7f0
[  226.239824][T10314]  ? __pfx_netlink_unicast+0x10/0x10
[  226.239835][T10314]  ? genl_rcv_msg+0x4bb/0x800
[  226.239852][T10314]  netlink_ack+0x696/0xb80
[  226.239869][T10314]  netlink_rcv_skb+0x347/0x440
[  226.239880][T10314]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.239895][T10314]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  226.239914][T10314]  ? __pfx_down_read+0x10/0x10
[  226.239930][T10314]  ? netlink_deliver_tap+0x1ae/0xd30
[  226.239943][T10314]  genl_rcv+0x28/0x40
[  226.239955][T10314]  netlink_unicast+0x53a/0x7f0
[  226.239968][T10314]  ? __pfx_netlink_unicast+0x10/0x10
[  226.239984][T10314]  netlink_sendmsg+0x8d1/0xdd0
[  226.239999][T10314]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.240012][T10314]  ? __import_iovec+0x1c8/0x660
[  226.240031][T10314]  ____sys_sendmsg+0xa95/0xc70
[  226.240069][T10314]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.240091][T10314]  ? get_compat_msghdr+0x11a/0x170
[  226.240107][T10314]  ___sys_sendmsg+0x134/0x1d0
[  226.240119][T10314]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.240146][T10314]  __sys_sendmsg+0x16d/0x220
[  226.240157][T10314]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.240171][T10314]  ? rcu_is_watching+0x12/0xc0
[  226.240182][T10314]  ? rcu_is_watching+0x12/0xc0
[  226.240193][T10314]  __do_fast_syscall_32+0x73/0x120
[  226.240208][T10314]  do_fast_syscall_32+0x32/0x80
[  226.240221][T10314]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  226.240234][T10314] RIP: 0023:0xf70fe579
[  226.240242][T10314] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  226.240252][T10314] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  226.240262][T10314] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  226.240268][T10314] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  226.240274][T10314] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  226.240279][T10314] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  226.240285][T10314] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  226.240297][T10314]  </TASK>
[  226.353927][T10316] loop6: detected capacity change from 0 to 63
[  226.389917][T10318] overlayfs: upper fs does not support file handles, falling back to index=off.
[  226.392726][T10318] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  226.462198][   T72] usbhid 9-1:0.0: can't add hid device: -71
[  226.464102][   T72] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  226.468670][   T72] usb 9-1: USB disconnect, device number 7
[  226.683764][T10336] lo speed is unknown, defaulting to 1000
[  226.686353][T10336] lo speed is unknown, defaulting to 1000
[  226.838829][T10345] Context (ID=0x10) not attached to queue pair (handle=0x0:0x9)
[  226.914303][T10347] netlink: 'syz.2.1252': attribute type 12 has an invalid length.
[  227.240140][T10356] FAULT_INJECTION: forcing a failure.
[  227.240140][T10356] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.244264][T10356] CPU: 2 UID: 0 PID: 10356 Comm: syz.4.1257 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  227.244278][T10356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.244285][T10356] Call Trace:
[  227.244289][T10356]  <TASK>
[  227.244293][T10356]  dump_stack_lvl+0x16c/0x1f0
[  227.244323][T10356]  should_fail_ex+0x512/0x640
[  227.244340][T10356]  _copy_to_user+0x32/0xd0
[  227.244356][T10356]  simple_read_from_buffer+0xcb/0x170
[  227.244371][T10356]  proc_fail_nth_read+0x197/0x270
[  227.244386][T10356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.244400][T10356]  ? rw_verify_area+0xcf/0x680
[  227.244413][T10356]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.244427][T10356]  vfs_read+0x1de/0xc70
[  227.244438][T10356]  ? __pfx___mutex_lock+0x10/0x10
[  227.244451][T10356]  ? __pfx_vfs_read+0x10/0x10
[  227.244463][T10356]  ? __fget_files+0x20e/0x3c0
[  227.244482][T10356]  ksys_read+0x12a/0x240
[  227.244490][T10356]  ? __pfx_ksys_read+0x10/0x10
[  227.244498][T10356]  ? rcu_is_watching+0x12/0xc0
[  227.244509][T10356]  ? rcu_is_watching+0x12/0xc0
[  227.244520][T10356]  __do_fast_syscall_32+0x73/0x120
[  227.244534][T10356]  do_fast_syscall_32+0x32/0x80
[  227.244547][T10356]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  227.244560][T10356] RIP: 0023:0xf7f22579
[  227.244568][T10356] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  227.244578][T10356] RSP: 002b:00000000f5046590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  227.244588][T10356] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5046620
[  227.244594][T10356] RDX: 000000000000000f RSI: 00000000f73b2ff4 RDI: 0000000000000000
[  227.244599][T10356] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  227.244604][T10356] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  227.244610][T10356] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  227.244623][T10356]  </TASK>
[  227.351324][T10358] loop6: detected capacity change from 0 to 63
[  227.826150][T10369] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  227.828854][T10369] macsec1: entered allmulticast mode
[  227.830684][T10369] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  227.844225][T10369] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[  227.848488][T10369] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  228.313409][T10409] binder: BINDER_SET_CONTEXT_MGR already set
[  228.315544][T10409] binder: 10406:10409 ioctl 4018620d 80000040 returned -16
[  229.027667][   T72] IPVS: starting estimator thread 0...
[  229.118354][T10419] IPVS: using max 45 ests per chain, 108000 per kthread
[  229.490369][T10432] capability: warning: `syz.2.1280' uses 32-bit capabilities (legacy support in use)
[  229.948131][T10438] loop6: detected capacity change from 0 to 63
[  230.783054][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1288'.
[  230.812125][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1289'.
[  231.945286][T10491] sctp: [Deprecated]: syz.2.1300 (pid 10491) Use of int in max_burst socket option deprecated.
[  231.945286][T10491] Use struct sctp_assoc_value instead
[  232.542745][T10503] netlink: 'syz.3.1303': attribute type 12 has an invalid length.
[  232.579899][T10507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1304'.
[  232.582796][T10507] bridge_slave_1: left allmulticast mode
[  232.584594][T10507] bridge_slave_1: left promiscuous mode
[  232.587504][T10507] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.598489][T10507] bridge_slave_0: left allmulticast mode
[  232.600990][T10507] bridge_slave_0: left promiscuous mode
[  232.603717][T10507] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.798617][T10512] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'.
[  232.957333][T10524] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1311'.
[  233.563437][T10548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1318'.
[  233.610705][T10552] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1320'.
[  233.986083][T10580] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1329'.
[  234.042191][T10584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1330'.
[  234.714977][T10612] loop6: detected capacity change from 0 to 63
[  234.798201][T10616] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1342'.
[  235.699436][T10659] netlink: 'syz.3.1353': attribute type 12 has an invalid length.
[  235.789146][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1354'.
[  235.871255][T10665] pimreg: entered allmulticast mode
[  236.346372][T10682] 9pnet_virtio: no channels available for device syz
[  236.384237][   T40] audit: type=1800 audit(1746153492.983:139): pid=10678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1359" name="bus" dev="9p" ino=35913973 res=0 errno=0
[  236.622798][T10689] netlink: 'syz.4.1362': attribute type 12 has an invalid length.
[  236.944155][T10700] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  236.952744][ T5937] Bluetooth: hci1: unexpected event for opcode 0x202a
[  237.113410][T10712] netlink: 'syz.2.1371': attribute type 12 has an invalid length.
[  237.327438][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1375'.
[  237.362659][T10727] netlink: 'syz.4.1376': attribute type 1 has an invalid length.
[  237.373939][T10727] 8021q: adding VLAN 0 to HW filter on device bond2
[  237.393789][T10727] bond2: (slave gretap2): making interface the new active one
[  237.398946][T10727] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  237.481568][   T40] audit: type=1326 audit(1746153494.083:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.519771][   T40] audit: type=1326 audit(1746153494.083:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.527149][   T40] audit: type=1326 audit(1746153494.083:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=242 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.535763][   T40] audit: type=1326 audit(1746153494.083:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.542404][   T40] audit: type=1326 audit(1746153494.083:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.548695][   T40] audit: type=1326 audit(1746153494.113:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.554518][   T40] audit: type=1326 audit(1746153494.113:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.568313][   T40] audit: type=1326 audit(1746153494.113:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.575906][   T40] audit: type=1326 audit(1746153494.123:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10726 comm="syz.4.1376" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f22579 code=0x7ffc0000
[  237.789405][T10736] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1378'.
[  237.991605][T10743] netlink: 'syz.1.1381': attribute type 12 has an invalid length.
[  238.457850][T10760] netlink: 'syz.4.1388': attribute type 1 has an invalid length.
[  238.477603][T10760] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  238.481853][T10760] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  238.484563][T10760] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  238.487296][T10760] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  238.492653][T10760] bond3: (slave geneve3): making interface the new active one
[  238.495342][T10760] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  238.500285][T10760] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1388'.
[  238.516947][T10760] 8021q: adding VLAN 0 to HW filter on device bond3
[  239.448356][ T5289] Bluetooth: hci4: command 0x0405 tx timeout
[  240.135608][T10793] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1397'.
[  240.694355][ T5937] Bluetooth: hci2: unexpected event for opcode 0x202a
[  242.210115][T10876] xt_TCPMSS: Only works on TCP SYN packets
[  242.212799][T10875] xt_TCPMSS: Only works on TCP SYN packets
[  243.079442][T10889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1429'.
[  243.399403][T10899] loop6: detected capacity change from 0 to 63
[  243.675100][T10925] loop6: detected capacity change from 0 to 63
[  243.699484][T10927] netlink: 'syz.3.1443': attribute type 178 has an invalid length.
[  244.559298][   T24] kernel read not supported for file /dsp (pid: 24 comm: kworker/2:0)
[  244.714763][ T5937] Bluetooth: hci1: unexpected event for opcode 0x202a
[  244.749271][T10956] loop6: detected capacity change from 0 to 63
[  244.894128][T10975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1459'.
[  244.990094][T10984] syzkaller1: entered promiscuous mode
[  244.991991][T10984] syzkaller1: entered allmulticast mode
[  245.082781][T10991] loop6: detected capacity change from 0 to 63
[  245.496424][T11009] input: syz1 as /devices/virtual/input/input15
[  245.532702][T11013] lo speed is unknown, defaulting to 1000
[  245.538734][T11013] lo speed is unknown, defaulting to 1000
[  246.304664][T11039] 9pnet_fd: Insufficient options for proto=fd
[  246.557523][T11042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1483'.
[  246.716561][T11047] tipc: Enabling of bearer <eth:ipvlan1> rejected, failed to enable media
[  246.729817][T11047] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.735801][T11047] bond0: (slave rose0): Enslaving as an active interface with an up link
[  247.365681][T11084] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1492'.
[  250.875697][T11165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1513'.
[  251.054843][T11174] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1514'.
[  251.069875][ T5937] Bluetooth: hci4: SCO packet for unknown connection handle 0
[  251.153584][T11178] input: syz1 as /devices/virtual/input/input16
[  251.643439][T11186] mkiss: ax0: crc mode is auto.
[  251.732063][T11188] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  251.889207][T11193] lo speed is unknown, defaulting to 1000
[  251.891725][T11193] lo speed is unknown, defaulting to 1000
[  252.386133][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  252.467971][T11207] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1527'.
[  252.496215][T11211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1529'.
[  252.514970][T11211] 8021q: adding VLAN 0 to HW filter on device bond0
[  252.517794][T11211] team0: Port device bond0 added
[  252.535373][T11213] loop6: detected capacity change from 0 to 63
[  252.550014][   T24] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  252.556207][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.559688][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.563064][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.565937][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.569188][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.572650][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.575619][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.579455][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.583958][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.586783][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.589864][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.593255][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.596143][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.599289][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.602651][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.605440][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.608553][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.611938][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.614757][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.617556][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.621383][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.624396][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  252.627375][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  252.632320][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  252.636953][   T24] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  252.641310][   T24] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  252.644102][   T24] usb 6-1: Product: syz
[  252.645437][   T24] usb 6-1: Manufacturer: syz
[  252.646917][   T24] usb 6-1: SerialNumber: syz
[  252.650460][   T24] usb 6-1: config 0 descriptor??
[  252.658453][   T24] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  252.746522][ T5937] Bluetooth: hci1: unexpected event for opcode 0x202a
[  253.167914][T11243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1540'.
[  253.222664][T11248] loop6: detected capacity change from 0 to 63
[  253.705697][T11271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1551'.
[  253.736165][T11276] loop6: detected capacity change from 0 to 63
[  253.781734][T11269] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  253.823088][T11286] 9pnet: Unknown protocol version 9p200
[  253.831021][T11286] bridge_slave_0: left allmulticast mode
[  253.833061][T11286] bridge_slave_0: left promiscuous mode
[  253.835203][T11286] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.839610][T11286] bridge_slave_1: left allmulticast mode
[  253.841514][T11286] bridge_slave_1: left promiscuous mode
[  253.843319][T11286] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.854491][T11286] : (slave bond_slave_0): Releasing backup interface
[  253.861336][T11286] : (slave bond_slave_1): Releasing backup interface
[  253.876216][T11286] team0: Port device team_slave_0 removed
[  253.883272][T11286] team0: Port device team_slave_1 removed
[  253.886059][T11286] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  253.890333][T11286] batman_adv: batadv0: Removing interface: batadv_slave_0
[  253.893939][T11286] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.896218][T11286] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.911747][T11286] team0: Port device geneve0 removed
[  254.524836][T11305] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1560'.
[  254.579874][T11306] binder: 11299:11306 ioctl c0306201 80000100 returned -22
[  254.724572][T11308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1563'.
[  254.889127][    C2] usb 6-1: yurex_control_callback - control failed: -2
[  254.962939][    T9] usb 6-1: USB disconnect, device number 4
[  254.973720][    T9] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  255.013643][   T40] kauditd_printk_skb: 33 callbacks suppressed
[  255.013656][   T40] audit: type=1326 audit(1746153511.613:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.022700][   T40] audit: type=1326 audit(1746153511.613:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.029902][   T40] audit: type=1326 audit(1746153511.613:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.039434][   T40] audit: type=1326 audit(1746153511.613:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.045815][   T40] audit: type=1326 audit(1746153511.613:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.053336][   T40] audit: type=1326 audit(1746153511.623:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.059916][   T40] audit: type=1326 audit(1746153511.623:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.066327][   T40] audit: type=1326 audit(1746153511.623:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.072980][   T40] audit: type=1326 audit(1746153511.623:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.079651][   T40] audit: type=1326 audit(1746153511.623:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11311 comm="syz.3.1564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  255.371476][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  255.373539][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  255.526889][T11318] loop6: detected capacity change from 0 to 63
[  256.680540][T11349] netlink: 'syz.4.1573': attribute type 12 has an invalid length.
[  257.504323][ T5937] Bluetooth: hci4: unexpected event for opcode 0x202a
[  257.912245][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  257.915102][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  257.936431][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  257.939673][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  257.998603][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  258.002827][T11376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1580'.
[  258.601157][T11410] lo speed is unknown, defaulting to 1000
[  258.603968][T11410] lo speed is unknown, defaulting to 1000
[  259.047937][T11432] lo speed is unknown, defaulting to 1000
[  259.054278][T11432] lo speed is unknown, defaulting to 1000
[  259.474299][T11449] FAULT_INJECTION: forcing a failure.
[  259.474299][T11449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.478395][T11449] CPU: 3 UID: 0 PID: 11449 Comm: syz.4.1602 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  259.478409][T11449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  259.478415][T11449] Call Trace:
[  259.478419][T11449]  <TASK>
[  259.478423][T11449]  dump_stack_lvl+0x16c/0x1f0
[  259.478441][T11449]  should_fail_ex+0x512/0x640
[  259.478457][T11449]  _copy_from_iter+0x2a4/0x15b0
[  259.478473][T11449]  ? __alloc_skb+0x200/0x380
[  259.478484][T11449]  ? __pfx__copy_from_iter+0x10/0x10
[  259.478499][T11449]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  259.478515][T11449]  netlink_sendmsg+0x829/0xdd0
[  259.478529][T11449]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.478541][T11449]  ? __import_iovec+0x1c8/0x660
[  259.478559][T11449]  ____sys_sendmsg+0xa95/0xc70
[  259.478586][T11449]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.478599][T11449]  ? get_compat_msghdr+0x11a/0x170
[  259.478616][T11449]  ___sys_sendmsg+0x134/0x1d0
[  259.478627][T11449]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.478653][T11449]  __sys_sendmsg+0x16d/0x220
[  259.478664][T11449]  ? __pfx___sys_sendmsg+0x10/0x10
[  259.478678][T11449]  ? rcu_is_watching+0x12/0xc0
[  259.478689][T11449]  ? rcu_is_watching+0x12/0xc0
[  259.478699][T11449]  __do_fast_syscall_32+0x73/0x120
[  259.478715][T11449]  do_fast_syscall_32+0x32/0x80
[  259.478728][T11449]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  259.478740][T11449] RIP: 0023:0xf7f22579
[  259.478749][T11449] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  259.478758][T11449] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  259.478768][T11449] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  259.478774][T11449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  259.478780][T11449] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  259.478785][T11449] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  259.478790][T11449] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  259.478802][T11449]  </TASK>
[  259.570467][T11454] batadv_slave_1: entered promiscuous mode
[  259.865449][T11456] batadv_slave_1: left promiscuous mode
[  259.922500][T11461] lo speed is unknown, defaulting to 1000
[  259.925186][T11461] lo speed is unknown, defaulting to 1000
[  260.061583][ T5937] Bluetooth: hci2: unexpected event for opcode 0x202a
[  260.549477][T11485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1612'.
[  260.686626][T11490] FAULT_INJECTION: forcing a failure.
[  260.686626][T11490] name failslab, interval 1, probability 0, space 0, times 0
[  260.695282][T11490] CPU: 2 UID: 0 PID: 11490 Comm: syz.3.1614 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  260.695319][T11490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  260.695329][T11490] Call Trace:
[  260.695335][T11490]  <TASK>
[  260.695342][T11490]  dump_stack_lvl+0x16c/0x1f0
[  260.695369][T11490]  should_fail_ex+0x512/0x640
[  260.695396][T11490]  should_failslab+0xc2/0x120
[  260.695415][T11490]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  260.695434][T11490]  ? skb_clone+0x190/0x3f0
[  260.695456][T11490]  skb_clone+0x190/0x3f0
[  260.695474][T11490]  netlink_deliver_tap+0xabd/0xd30
[  260.695498][T11490]  netlink_unicast+0x5df/0x7f0
[  260.695520][T11490]  ? __pfx_netlink_unicast+0x10/0x10
[  260.695546][T11490]  netlink_sendmsg+0x8d1/0xdd0
[  260.695569][T11490]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.695589][T11490]  ? __import_iovec+0x1c8/0x660
[  260.695619][T11490]  ____sys_sendmsg+0xa95/0xc70
[  260.695644][T11490]  ? __pfx_____sys_sendmsg+0x10/0x10
[  260.695664][T11490]  ? get_compat_msghdr+0x11a/0x170
[  260.695691][T11490]  ___sys_sendmsg+0x134/0x1d0
[  260.695710][T11490]  ? __pfx____sys_sendmsg+0x10/0x10
[  260.695777][T11490]  __sys_sendmsg+0x16d/0x220
[  260.695797][T11490]  ? __pfx___sys_sendmsg+0x10/0x10
[  260.695822][T11490]  ? rcu_is_watching+0x12/0xc0
[  260.695839][T11490]  ? rcu_is_watching+0x12/0xc0
[  260.695858][T11490]  __do_fast_syscall_32+0x73/0x120
[  260.695881][T11490]  do_fast_syscall_32+0x32/0x80
[  260.695903][T11490]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  260.695923][T11490] RIP: 0023:0xf70fe579
[  260.695936][T11490] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  260.695951][T11490] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  260.695967][T11490] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  260.695982][T11490] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  260.695991][T11490] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  260.696000][T11490] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  260.696009][T11490] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  260.696031][T11490]  </TASK>
[  261.876914][T11532] FAULT_INJECTION: forcing a failure.
[  261.876914][T11532] name failslab, interval 1, probability 0, space 0, times 0
[  261.881926][T11532] CPU: 2 UID: 0 PID: 11532 Comm: syz.1.1627 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  261.881942][T11532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  261.881949][T11532] Call Trace:
[  261.881954][T11532]  <TASK>
[  261.881959][T11532]  dump_stack_lvl+0x16c/0x1f0
[  261.881976][T11532]  should_fail_ex+0x512/0x640
[  261.881990][T11532]  ? __kmalloc_noprof+0xbf/0x510
[  261.882002][T11532]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  261.882017][T11532]  should_failslab+0xc2/0x120
[  261.882038][T11532]  __kmalloc_noprof+0xd2/0x510
[  261.882048][T11532]  ? kasan_quarantine_put+0x10a/0x240
[  261.882061][T11532]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  261.882077][T11532]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  261.882091][T11532]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  261.882105][T11532]  ? trace_cap_capable+0x18d/0x200
[  261.882118][T11532]  ? bpf_lsm_capable+0x9/0x10
[  261.882128][T11532]  ? security_capable+0x7e/0x260
[  261.882144][T11532]  ? ns_capable+0xd7/0x110
[  261.882156][T11532]  genl_rcv_msg+0x55c/0x800
[  261.882171][T11532]  ? __pfx_genl_rcv_msg+0x10/0x10
[  261.882183][T11532]  ? __pfx___dev_queue_xmit+0x10/0x10
[  261.882198][T11532]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  261.882211][T11532]  ? __pfx_nl80211_start_ap+0x10/0x10
[  261.882223][T11532]  ? __pfx_nl80211_post_doit+0x10/0x10
[  261.882236][T11532]  ? __lock_acquire+0xaa4/0x1ba0
[  261.882252][T11532]  netlink_rcv_skb+0x16a/0x440
[  261.882263][T11532]  ? __pfx_genl_rcv_msg+0x10/0x10
[  261.882276][T11532]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  261.882294][T11532]  ? __pfx_down_read+0x10/0x10
[  261.882309][T11532]  ? netlink_deliver_tap+0x1ae/0xd30
[  261.882326][T11532]  genl_rcv+0x28/0x40
[  261.882342][T11532]  netlink_unicast+0x53a/0x7f0
[  261.882361][T11532]  ? __pfx_netlink_unicast+0x10/0x10
[  261.882387][T11532]  netlink_sendmsg+0x8d1/0xdd0
[  261.882411][T11532]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.882430][T11532]  ? __import_iovec+0x1c8/0x660
[  261.882458][T11532]  ____sys_sendmsg+0xa95/0xc70
[  261.882479][T11532]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.882498][T11532]  ? get_compat_msghdr+0x11a/0x170
[  261.882521][T11532]  ___sys_sendmsg+0x134/0x1d0
[  261.882538][T11532]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.882583][T11532]  __sys_sendmsg+0x16d/0x220
[  261.882600][T11532]  ? __pfx___sys_sendmsg+0x10/0x10
[  261.882623][T11532]  ? rcu_is_watching+0x12/0xc0
[  261.882640][T11532]  ? rcu_is_watching+0x12/0xc0
[  261.882655][T11532]  __do_fast_syscall_32+0x73/0x120
[  261.882676][T11532]  do_fast_syscall_32+0x32/0x80
[  261.882694][T11532]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  261.882711][T11532] RIP: 0023:0xf7f35579
[  261.882723][T11532] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  261.882739][T11532] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  261.882754][T11532] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  261.882765][T11532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  261.882774][T11532] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  261.882783][T11532] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  261.882792][T11532] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  261.882814][T11532]  </TASK>
[  262.124799][T11542] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1630'.
[  262.686445][T11575] syz.2.1640: attempt to access beyond end of device
[  262.686445][T11575] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[  262.687785][T11573] xt_NFQUEUE: number of total queues is 0
[  262.711461][   T29] lo speed is unknown, defaulting to 1000
[  262.759986][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.779097][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.782238][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.784615][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.787022][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.789835][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.792199][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.795958][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.798969][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.801416][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.803873][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.806341][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.809230][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.811691][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.814572][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.817023][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.819830][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.822768][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.825247][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.827686][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.830598][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.833106][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.835588][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.838065][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.841159][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.843596][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.846065][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.848908][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.851375][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.853838][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.856306][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.859246][   T24] hid-generic 0004:FFFFFFFF:0000.0003: unknown main item tag 0x0
[  262.880202][   T24] hid-generic 0004:FFFFFFFF:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  263.009170][   T72] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  263.159869][   T72] usb 7-1: config 0 has no interfaces?
[  263.161617][   T72] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  263.164418][   T72] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.168492][   T72] usb 7-1: config 0 descriptor??
[  263.293159][T11583] FAULT_INJECTION: forcing a failure.
[  263.293159][T11583] name failslab, interval 1, probability 0, space 0, times 0
[  263.298338][T11583] CPU: 2 UID: 0 PID: 11583 Comm: syz.1.1642 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  263.298359][T11583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.298369][T11583] Call Trace:
[  263.298375][T11583]  <TASK>
[  263.298381][T11583]  dump_stack_lvl+0x16c/0x1f0
[  263.298406][T11583]  should_fail_ex+0x512/0x640
[  263.298426][T11583]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  263.298447][T11583]  should_failslab+0xc2/0x120
[  263.298465][T11583]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  263.298482][T11583]  ? __alloc_skb+0x2b2/0x380
[  263.298499][T11583]  ? bpf_lsm_capable+0x9/0x10
[  263.298519][T11583]  __alloc_skb+0x2b2/0x380
[  263.298535][T11583]  ? __pfx___alloc_skb+0x10/0x10
[  263.298550][T11583]  ? genl_rcv_msg+0x480/0x800
[  263.298569][T11583]  ? genl_rcv_msg+0x4bb/0x800
[  263.298597][T11583]  netlink_ack+0x15d/0xb80
[  263.298616][T11583]  ? __lock_acquire+0xaa4/0x1ba0
[  263.298641][T11583]  netlink_rcv_skb+0x347/0x440
[  263.298658][T11583]  ? __pfx_genl_rcv_msg+0x10/0x10
[  263.298680][T11583]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  263.298709][T11583]  ? __pfx_down_read+0x10/0x10
[  263.298732][T11583]  ? netlink_deliver_tap+0x1ae/0xd30
[  263.298752][T11583]  genl_rcv+0x28/0x40
[  263.298769][T11583]  netlink_unicast+0x53a/0x7f0
[  263.298789][T11583]  ? __pfx_netlink_unicast+0x10/0x10
[  263.298813][T11583]  netlink_sendmsg+0x8d1/0xdd0
[  263.298835][T11583]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.298854][T11583]  ? __import_iovec+0x1c8/0x660
[  263.298883][T11583]  ____sys_sendmsg+0xa95/0xc70
[  263.298928][T11583]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.298948][T11583]  ? get_compat_msghdr+0x11a/0x170
[  263.298975][T11583]  ___sys_sendmsg+0x134/0x1d0
[  263.298994][T11583]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.299041][T11583]  __sys_sendmsg+0x16d/0x220
[  263.299059][T11583]  ? __pfx___sys_sendmsg+0x10/0x10
[  263.299087][T11583]  ? rcu_is_watching+0x12/0xc0
[  263.299106][T11583]  __do_fast_syscall_32+0x73/0x120
[  263.299129][T11583]  do_fast_syscall_32+0x32/0x80
[  263.299150][T11583]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  263.299170][T11583] RIP: 0023:0xf7f35579
[  263.299183][T11583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  263.299199][T11583] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  263.299214][T11583] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  263.299225][T11583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  263.299234][T11583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  263.299242][T11583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  263.299252][T11583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  263.299271][T11583]  </TASK>
[  263.889851][   T24] usb 7-1: USB disconnect, device number 14
[  264.594885][T11621] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1657'.
[  264.601165][T11621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1657'.
[  266.346827][T11664] netlink: 'syz.3.1666': attribute type 12 has an invalid length.
[  266.449862][T11668] FAULT_INJECTION: forcing a failure.
[  266.449862][T11668] name failslab, interval 1, probability 0, space 0, times 0
[  266.453732][T11668] CPU: 0 UID: 0 PID: 11668 Comm: syz.4.1670 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  266.453747][T11668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  266.453753][T11668] Call Trace:
[  266.453757][T11668]  <TASK>
[  266.453762][T11668]  dump_stack_lvl+0x16c/0x1f0
[  266.453778][T11668]  should_fail_ex+0x512/0x640
[  266.453795][T11668]  should_failslab+0xc2/0x120
[  266.453807][T11668]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  266.453819][T11668]  ? skb_clone+0x190/0x3f0
[  266.453832][T11668]  skb_clone+0x190/0x3f0
[  266.453843][T11668]  netlink_deliver_tap+0xabd/0xd30
[  266.453857][T11668]  netlink_unicast+0x6b2/0x7f0
[  266.453870][T11668]  ? __pfx_netlink_unicast+0x10/0x10
[  266.453880][T11668]  ? genl_rcv_msg+0x4bb/0x800
[  266.453896][T11668]  netlink_ack+0x696/0xb80
[  266.453911][T11668]  netlink_rcv_skb+0x347/0x440
[  266.453922][T11668]  ? __pfx_genl_rcv_msg+0x10/0x10
[  266.453936][T11668]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  266.453954][T11668]  ? __pfx_down_read+0x10/0x10
[  266.453969][T11668]  ? netlink_deliver_tap+0x1ae/0xd30
[  266.453982][T11668]  genl_rcv+0x28/0x40
[  266.453992][T11668]  netlink_unicast+0x53a/0x7f0
[  266.454005][T11668]  ? __pfx_netlink_unicast+0x10/0x10
[  266.454020][T11668]  netlink_sendmsg+0x8d1/0xdd0
[  266.454034][T11668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.454046][T11668]  ? __import_iovec+0x1c8/0x660
[  266.454064][T11668]  ____sys_sendmsg+0xa95/0xc70
[  266.454079][T11668]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.454092][T11668]  ? get_compat_msghdr+0x11a/0x170
[  266.454108][T11668]  ___sys_sendmsg+0x134/0x1d0
[  266.454119][T11668]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.454146][T11668]  __sys_sendmsg+0x16d/0x220
[  266.454156][T11668]  ? __pfx___sys_sendmsg+0x10/0x10
[  266.454173][T11668]  ? rcu_is_watching+0x12/0xc0
[  266.454185][T11668]  __do_fast_syscall_32+0x73/0x120
[  266.454200][T11668]  do_fast_syscall_32+0x32/0x80
[  266.454213][T11668]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  266.454230][T11668] RIP: 0023:0xf7f22579
[  266.454238][T11668] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  266.454248][T11668] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  266.454257][T11668] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0
[  266.454263][T11668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  266.454269][T11668] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  266.454275][T11668] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  266.454280][T11668] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  266.454292][T11668]  </TASK>
[  266.456413][T11666] lo speed is unknown, defaulting to 1000
[  266.574764][T11666] lo speed is unknown, defaulting to 1000
[  266.869220][T11683] loop6: detected capacity change from 0 to 63
[  267.427433][T11693] Bluetooth: hci0: Frame reassembly failed (-84)
[  267.431285][ T1065] Bluetooth: hci0: Frame reassembly failed (-84)
[  267.437093][T11694] netlink: 'syz.4.1677': attribute type 10 has an invalid length.
[  267.456093][T11694] team0: Device veth0_vlan is already a lower device of the team interface
[  267.586514][T11706] lo speed is unknown, defaulting to 1000
[  267.589105][T11706] lo speed is unknown, defaulting to 1000
[  267.803388][T11712] lo speed is unknown, defaulting to 1000
[  267.805924][T11712] lo speed is unknown, defaulting to 1000
[  267.829924][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  267.829935][   T40] audit: type=1400 audit(1746153524.423:202): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04
[  268.118431][   T24] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  268.358248][   T24] usb 7-1: Using ep0 maxpacket: 16
[  268.374893][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  268.378914][   T24] usb 7-1: unable to read config index 0 descriptor/start: -71
[  268.381884][   T24] usb 7-1: can't read configurations, error -71
[  268.572571][T11732] netlink: 'syz.3.1689': attribute type 12 has an invalid length.
[  269.101521][T11745] lo speed is unknown, defaulting to 1000
[  269.104706][T11745] lo speed is unknown, defaulting to 1000
[  269.448347][ T5289] Bluetooth: hci0: command 0x1003 tx timeout
[  269.448362][ T5937] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  269.878514][T11780] netlink: 'syz.4.1705': attribute type 23 has an invalid length.
[  270.045275][T11782] netlink: 'syz.2.1704': attribute type 12 has an invalid length.
[  270.331564][T11794] lo speed is unknown, defaulting to 1000
[  270.334101][T11794] lo speed is unknown, defaulting to 1000
[  270.572538][T11779] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  270.576641][T11779] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  270.602078][T11779] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  270.604052][T11779] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  270.611324][T11779] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  270.613299][T11779] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  270.948132][T11826] lo speed is unknown, defaulting to 1000
[  270.950628][T11826] lo speed is unknown, defaulting to 1000
[  271.858216][T11844] loop6: detected capacity change from 0 to 63
[  271.928255][ T5289] Bluetooth: hci1: command 0x0406 tx timeout
[  272.133120][   T40] audit: type=1326 audit(1746153528.733:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fe598 code=0x7ffc0000
[  272.140347][   T40] audit: type=1326 audit(1746153528.733:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fe598 code=0x7ffc0000
[  272.150701][   T40] audit: type=1326 audit(1746153528.733:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fe598 code=0x7ffc0000
[  272.157711][   T40] audit: type=1326 audit(1746153528.733:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fe598 code=0x7ffc0000
[  272.164663][   T40] audit: type=1326 audit(1746153528.733:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  272.173089][   T40] audit: type=1326 audit(1746153528.733:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  272.180644][   T40] audit: type=1326 audit(1746153528.733:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fe598 code=0x7ffc0000
[  272.187186][   T40] audit: type=1326 audit(1746153528.733:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  272.194809][   T40] audit: type=1326 audit(1746153528.733:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11865 comm="syz.3.1732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  272.297702][T11870] lo speed is unknown, defaulting to 1000
[  272.300978][T11870] lo speed is unknown, defaulting to 1000
[  272.563368][T11866] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1732'.
[  272.593099][T11876] loop6: detected capacity change from 0 to 63
[  272.648440][ T5289] Bluetooth: hci4: command 0x0405 tx timeout
[  272.650695][ T5289] Bluetooth: hci2: command 0x0406 tx timeout
[  272.915809][T11892] batadv_slave_0: entered promiscuous mode
[  273.439855][T11877] batadv_slave_0: left promiscuous mode
[  273.526928][T11900] lo speed is unknown, defaulting to 1000
[  273.536946][T11900] lo speed is unknown, defaulting to 1000
[  273.686337][T11905] netlink: 'syz.1.1742': attribute type 12 has an invalid length.
[  274.008283][ T5289] Bluetooth: hci1: command 0x0406 tx timeout
[  274.731810][ T5289] Bluetooth: hci4: command 0x0405 tx timeout
[  274.738827][ T5289] Bluetooth: hci2: command 0x0406 tx timeout
[  274.808263][ T5289] Bluetooth: hci0: command 0x1003 tx timeout
[  274.808279][ T5948] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  274.902423][T11937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1752'.
[  274.906214][T11937] openvswitch: netlink: nsh attribute has 5276 unknown bytes.
[  274.909722][T11937] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  275.080406][T11945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1756'.
[  275.188016][T11946] veth1_�o_team: renamed from bridge_slave_0 (while UP)
[  276.909352][T11991] loop6: detected capacity change from 0 to 63
[  277.107732][T12006] lo speed is unknown, defaulting to 1000
[  277.110874][T12006] lo speed is unknown, defaulting to 1000
[  277.168955][T12010] mkiss: ax0: crc mode is auto.
[  277.211224][T12007] cdrom: dropping to single frame dma
[  277.753541][T12023] netlink: 'syz.4.1778': attribute type 12 has an invalid length.
[  278.376815][T12053] lo speed is unknown, defaulting to 1000
[  278.399492][T12053] lo speed is unknown, defaulting to 1000
[  278.736875][T12069] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  278.739993][T12069] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  278.743345][T12069] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  279.939969][T12137] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1815'.
[  280.480537][T12151] sp0: Synchronizing with TNC
[  280.483492][T12151] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1819'.
[  280.487074][T12151] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1819'.
[  280.493854][T12150] [U] �
[  280.732752][ T5948] Bluetooth: hci1: command 0x0406 tx timeout
[  280.808391][ T5289] Bluetooth: hci2: command 0x0406 tx timeout
[  280.810923][ T5948] Bluetooth: hci4: command 0x0405 tx timeout
[  281.811143][T12185] loop6: detected capacity change from 0 to 63
[  281.832674][T12186] netlink: 'syz.4.1827': attribute type 12 has an invalid length.
[  281.895459][T12189] netlink: 'syz.3.1828': attribute type 12 has an invalid length.
[  282.596392][T12206] FAULT_INJECTION: forcing a failure.
[  282.596392][T12206] name failslab, interval 1, probability 0, space 0, times 0
[  282.600360][T12206] CPU: 3 UID: 0 PID: 12206 Comm: syz.2.1836 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  282.600374][T12206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.600380][T12206] Call Trace:
[  282.600384][T12206]  <TASK>
[  282.600388][T12206]  dump_stack_lvl+0x16c/0x1f0
[  282.600406][T12206]  should_fail_ex+0x512/0x640
[  282.600420][T12206]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  282.600433][T12206]  should_failslab+0xc2/0x120
[  282.600445][T12206]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  282.600456][T12206]  ? __alloc_skb+0x2b2/0x380
[  282.600468][T12206]  __alloc_skb+0x2b2/0x380
[  282.600478][T12206]  ? __pfx___alloc_skb+0x10/0x10
[  282.600488][T12206]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  282.600502][T12206]  netlink_alloc_large_skb+0x69/0x130
[  282.600514][T12206]  netlink_sendmsg+0x6a1/0xdd0
[  282.600528][T12206]  ? __pfx_netlink_sendmsg+0x10/0x10
[  282.600540][T12206]  ? __import_iovec+0x1c8/0x660
[  282.600558][T12206]  ____sys_sendmsg+0xa95/0xc70
[  282.600572][T12206]  ? __pfx_____sys_sendmsg+0x10/0x10
[  282.600585][T12206]  ? get_compat_msghdr+0x11a/0x170
[  282.600600][T12206]  ___sys_sendmsg+0x134/0x1d0
[  282.600612][T12206]  ? __pfx____sys_sendmsg+0x10/0x10
[  282.600637][T12206]  __sys_sendmsg+0x16d/0x220
[  282.600648][T12206]  ? __pfx___sys_sendmsg+0x10/0x10
[  282.600663][T12206]  ? rcu_is_watching+0x12/0xc0
[  282.600675][T12206]  __do_fast_syscall_32+0x73/0x120
[  282.600689][T12206]  do_fast_syscall_32+0x32/0x80
[  282.600702][T12206]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  282.600715][T12206] RIP: 0023:0xf7f87579
[  282.600723][T12206] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  282.600733][T12206] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  282.600747][T12206] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000180
[  282.600753][T12206] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  282.600758][T12206] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  282.600764][T12206] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  282.600769][T12206] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.600781][T12206]  </TASK>
[  282.714513][T12209] 9pnet_virtio: no channels available for device syz
[  282.888299][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  283.174810][T12228] loop6: detected capacity change from 0 to 63
[  284.250577][T12256] 9pnet: Unknown protocol version 9p200
[  284.408309][ T5937] Bluetooth: hci0: command 0x1003 tx timeout
[  284.408477][ T5289] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  284.416115][T12261] trusted_key: syz.2.1858 sent an empty control message without MSG_MORE.
[  284.968292][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  284.996648][T12283] netlink: 'syz.3.1860': attribute type 12 has an invalid length.
[  285.717945][T12310] netlink: 'syz.1.1870': attribute type 12 has an invalid length.
[  286.277544][T12318] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  286.627814][T12327] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  286.630534][T12327] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  286.632960][T12327] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  287.346067][T12343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1882'.
[  287.491320][T12349] FAULT_INJECTION: forcing a failure.
[  287.491320][T12349] name failslab, interval 1, probability 0, space 0, times 0
[  287.495110][T12349] CPU: 2 UID: 0 PID: 12349 Comm: syz.1.1883 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  287.495124][T12349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  287.495130][T12349] Call Trace:
[  287.495133][T12349]  <TASK>
[  287.495138][T12349]  dump_stack_lvl+0x16c/0x1f0
[  287.495165][T12349]  should_fail_ex+0x512/0x640
[  287.495183][T12349]  should_failslab+0xc2/0x120
[  287.495195][T12349]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  287.495207][T12349]  ? skb_clone+0x190/0x3f0
[  287.495220][T12349]  skb_clone+0x190/0x3f0
[  287.495231][T12349]  netlink_deliver_tap+0xabd/0xd30
[  287.495245][T12349]  netlink_unicast+0x5df/0x7f0
[  287.495258][T12349]  ? __pfx_netlink_unicast+0x10/0x10
[  287.495273][T12349]  netlink_sendmsg+0x8d1/0xdd0
[  287.495286][T12349]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.495299][T12349]  ? __import_iovec+0x1c8/0x660
[  287.495317][T12349]  ____sys_sendmsg+0xa95/0xc70
[  287.495332][T12349]  ? __pfx_____sys_sendmsg+0x10/0x10
[  287.495344][T12349]  ? get_compat_msghdr+0x11a/0x170
[  287.495360][T12349]  ___sys_sendmsg+0x134/0x1d0
[  287.495372][T12349]  ? __pfx____sys_sendmsg+0x10/0x10
[  287.495399][T12349]  __sys_sendmsg+0x16d/0x220
[  287.495409][T12349]  ? __pfx___sys_sendmsg+0x10/0x10
[  287.495425][T12349]  ? rcu_is_watching+0x12/0xc0
[  287.495437][T12349]  __do_fast_syscall_32+0x73/0x120
[  287.495451][T12349]  do_fast_syscall_32+0x32/0x80
[  287.495464][T12349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  287.495477][T12349] RIP: 0023:0xf7f35579
[  287.495485][T12349] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  287.495513][T12349] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  287.495527][T12349] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000180
[  287.495535][T12349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  287.495543][T12349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  287.495551][T12349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  287.495558][T12349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  287.495579][T12349]  </TASK>
[  288.570582][ T5937] Bluetooth: hci1: command 0x0406 tx timeout
[  288.575822][T12402] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1891'.
[  288.618384][T12406] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1892'.
[  288.658419][ T5289] Bluetooth: hci2: command 0x0406 tx timeout
[  288.660261][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  288.927817][T12416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1896'.
[  289.013594][T12422] lo speed is unknown, defaulting to 1000
[  289.016799][T12422] lo speed is unknown, defaulting to 1000
[  289.068364][T12427] netlink: 'syz.2.1901': attribute type 1 has an invalid length.
[  289.107777][T12427] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.338974][T12416] syz.3.1896 (12416): drop_caches: 2
[  289.416227][T12436] 9pnet_fd: Insufficient options for proto=fd
[  289.445144][T12416] syz.3.1896 (12416): drop_caches: 2
[  289.456837][   T40] kauditd_printk_skb: 798 callbacks suppressed
[  289.456847][   T40] audit: type=1326 audit(1746153546.051:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.467630][   T40] audit: type=1326 audit(1746153546.051:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.495537][   T40] audit: type=1326 audit(1746153546.081:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.504750][   T40] audit: type=1326 audit(1746153546.091:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.512905][   T40] audit: type=1326 audit(1746153546.091:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.520416][   T40] audit: type=1326 audit(1746153546.091:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.527310][   T40] audit: type=1326 audit(1746153546.091:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.534537][   T40] audit: type=1326 audit(1746153546.091:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.542248][   T40] audit: type=1326 audit(1746153546.091:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  289.558634][   T40] audit: type=1326 audit(1746153546.091:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12431 comm="syz.2.1902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  290.728333][ T5937] Bluetooth: hci4: command 0x0405 tx timeout
[  291.093373][T12475] kvm: kvm [12474]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000085) = 0x0
[  291.100509][T12475] input: syz0 as /devices/virtual/input/input18
[  291.658758][T12496] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  291.669341][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1920'.
[  292.792974][ T5289] block nbd1: Receive control failed (result -107)
[  292.892063][T12523] nbd1: detected capacity change from 0 to 12
[  292.895909][T12443] block nbd1: Dead connection, failed to find a fallback
[  292.898748][T12443] block nbd1: shutting down sockets
[  292.900521][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  292.903345][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  292.949993][T12528] nbd1: detected capacity change from 12 to 6
[  292.951193][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  292.955539][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.059221][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.062078][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.064651][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.067476][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.070143][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.072985][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.075388][T12443] ldm_validate_partition_table(): Disk read failed.
[  293.077439][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.080422][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.082890][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.085613][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.088048][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.090826][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.093360][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.096126][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.098743][T12443] Dev nbd1: unable to read RDB block 0
[  293.100479][T12443] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  293.103271][T12443] Buffer I/O error on dev nbd1, logical block 0, async page read
[  293.105795][T12443]  nbd1: unable to read partition table
[  293.107657][T12443] nbd1: partition table beyond EOD, truncated
[  293.269199][T12443] ldm_validate_partition_table(): Disk read failed.
[  293.272420][T12443] Dev nbd1: unable to read RDB block 0
[  293.275003][T12443]  nbd1: unable to read partition table
[  293.277488][T12443] nbd1: partition table beyond EOD, truncated
[  293.363395][T12544] loop6: detected capacity change from 0 to 63
[  293.554195][T12553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1937'.
[  293.618232][ T5289] Bluetooth: hci4: command 0x0405 tx timeout
[  294.217905][T12565] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1941'.
[  294.273234][T12567] lo speed is unknown, defaulting to 1000
[  294.275915][T12567] lo speed is unknown, defaulting to 1000
[  295.732128][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  295.732143][   T40] audit: type=1326 audit(1746153552.331:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.758243][   T40] audit: type=1326 audit(1746153552.331:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.768268][   T40] audit: type=1326 audit(1746153552.331:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.779551][   T40] audit: type=1326 audit(1746153552.341:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.785883][   T40] audit: type=1326 audit(1746153552.341:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.799786][   T40] audit: type=1326 audit(1746153552.341:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=350 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.806252][   T40] audit: type=1326 audit(1746153552.341:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.812977][   T40] audit: type=1326 audit(1746153552.351:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.819828][   T40] audit: type=1326 audit(1746153552.351:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.826187][   T40] audit: type=1326 audit(1746153552.351:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12596 comm="syz.2.1951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x7ffc0000
[  295.970009][T12604] lo speed is unknown, defaulting to 1000
[  295.972815][T12604] lo speed is unknown, defaulting to 1000
[  296.172722][T12610] 9pnet_fd: Insufficient options for proto=fd
[  296.209213][T12612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1955'.
[  296.244435][T12614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1956'.
[  296.247993][T12615] netlink: 'syz.3.1956': attribute type 39 has an invalid length.
[  296.267674][T12615] veth0_macvtap: left promiscuous mode
[  298.720998][T12692] usb usb8: usbfs: process 12692 (syz.1.1972) did not claim interface 0 before use
[  298.726348][T12692] netlink: 'syz.1.1972': attribute type 8 has an invalid length.
[  298.728934][T12692] netlink: 236 bytes leftover after parsing attributes in process `syz.1.1972'.
[  299.151593][T12714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1975'.
[  299.212564][T12724] pim6reg: entered allmulticast mode
[  299.837201][ T5289] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  299.844198][ T5289] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  299.847154][ T5289] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  299.850218][ T5289] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  299.853376][ T5289] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  299.878111][T12745] lo speed is unknown, defaulting to 1000
[  299.880931][T12745] lo speed is unknown, defaulting to 1000
[  300.063919][T12745] chnl_net:caif_netlink_parms(): no params data found
[  300.158723][T12745] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.161025][T12745] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.163335][T12745] bridge_slave_0: entered allmulticast mode
[  300.166015][T12745] bridge_slave_0: entered promiscuous mode
[  300.169243][T12745] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.171462][T12745] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.173727][T12745] bridge_slave_1: entered allmulticast mode
[  300.176293][T12745] bridge_slave_1: entered promiscuous mode
[  300.247998][T12745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  300.271632][T12745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  300.432534][T12745] team0: Port device team_slave_0 added
[  300.437348][T12745] team0: Port device team_slave_1 added
[  300.510900][T12745] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.513588][T12745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.523506][T12745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  300.541777][T12745] batman_adv: batadv0: Adding interface: batadv_slave_1
[  300.544016][T12745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.554027][T12745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  300.605313][T12745] hsr_slave_0: entered promiscuous mode
[  300.607657][T12745] hsr_slave_1: entered promiscuous mode
[  300.609916][T12745] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  300.612295][T12745] Cannot create hsr debugfs directory
[  300.746317][T12781] netlink: 'syz.3.1984': attribute type 12 has an invalid length.
[  300.792997][T12745] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  300.798493][T12745] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  300.807773][T12745] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  300.813878][T12745] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  300.835008][T12745] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.837764][T12745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.840774][T12745] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.843583][T12745] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.882368][T12745] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.892344][ T1173] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.895752][ T1173] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.918565][T12745] 8021q: adding VLAN 0 to HW filter on device team0
[  300.932258][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.935115][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.942448][   T85] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.945047][   T85] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.095503][T12792] lo speed is unknown, defaulting to 1000
[  301.097935][T12792] lo speed is unknown, defaulting to 1000
[  301.135908][T12745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.180194][T12798] batadv_slave_0: entered promiscuous mode
[  301.185043][T12796] batadv_slave_0: left promiscuous mode
[  301.263297][T12745] veth0_vlan: entered promiscuous mode
[  301.269279][T12745] veth1_vlan: entered promiscuous mode
[  301.283603][T12745] veth0_macvtap: entered promiscuous mode
[  301.287871][T12745] veth1_macvtap: entered promiscuous mode
[  301.300678][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.303795][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.306700][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.309969][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.312813][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  301.315979][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.322133][T12745] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.331579][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.334742][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.337642][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.343546][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.346443][T12745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  301.349616][T12745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  301.363722][T12745] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.377150][T12745] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.380573][T12745] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.384190][T12745] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.387839][T12745] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.537640][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.549609][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.600110][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.603130][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.720363][T12819] loop6: detected capacity change from 0 to 63
[  301.770037][T12821] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1996'.
[  301.866043][T12825] autofs: Bad value for 'fd'
[  301.928461][ T5937] Bluetooth: hci0: command tx timeout
[  302.846240][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2008'.
[  303.698621][T12894] FAULT_INJECTION: forcing a failure.
[  303.698621][T12894] name failslab, interval 1, probability 0, space 0, times 0
[  303.704081][T12894] CPU: 2 UID: 0 PID: 12894 Comm: syz.3.2021 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  303.704096][T12894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  303.704102][T12894] Call Trace:
[  303.704106][T12894]  <TASK>
[  303.704110][T12894]  dump_stack_lvl+0x16c/0x1f0
[  303.704128][T12894]  should_fail_ex+0x512/0x640
[  303.704142][T12894]  ? __kvmalloc_node_noprof+0x122/0x600
[  303.704154][T12894]  should_failslab+0xc2/0x120
[  303.704166][T12894]  __kvmalloc_node_noprof+0x135/0x600
[  303.704176][T12894]  ? __pfx___mutex_lock+0x10/0x10
[  303.704190][T12894]  ? traverse.part.0.constprop.0+0x392/0x640
[  303.704207][T12894]  ? traverse.part.0.constprop.0+0x392/0x640
[  303.704220][T12894]  traverse.part.0.constprop.0+0x392/0x640
[  303.704235][T12894]  ? aa_file_perm+0x4c7/0xfb0
[  303.704250][T12894]  seq_read_iter+0x932/0x12c0
[  303.704269][T12894]  seq_read+0x39e/0x4e0
[  303.704283][T12894]  ? __pfx_seq_read+0x10/0x10
[  303.704296][T12894]  ? get_pid_task+0xfc/0x250
[  303.704314][T12894]  ? bpf_lsm_file_permission+0x9/0x10
[  303.704329][T12894]  ? security_file_permission+0x71/0x210
[  303.704342][T12894]  ? rw_verify_area+0xcf/0x680
[  303.704356][T12894]  ? __pfx_seq_read+0x10/0x10
[  303.704373][T12894]  vfs_read+0x1de/0xc70
[  303.704391][T12894]  ? __pfx_vfs_read+0x10/0x10
[  303.704403][T12894]  ? find_held_lock+0x2b/0x80
[  303.704418][T12894]  ? __fget_files+0x204/0x3c0
[  303.704445][T12894]  ? __fget_files+0x20e/0x3c0
[  303.704464][T12894]  ? __fget_files+0x160/0x3c0
[  303.704490][T12894]  ksys_pread64+0x16e/0x1a0
[  303.704504][T12894]  ? __pfx_ksys_pread64+0x10/0x10
[  303.704520][T12894]  ? rcu_is_watching+0x12/0xc0
[  303.704538][T12894]  __do_fast_syscall_32+0x73/0x120
[  303.704566][T12894]  do_fast_syscall_32+0x32/0x80
[  303.704616][T12894]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  303.704637][T12894] RIP: 0023:0xf70fe579
[  303.704649][T12894] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  303.704664][T12894] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4
[  303.704678][T12894] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800014c0
[  303.704687][T12894] RDX: 000000000000002f RSI: 0000000000000004 RDI: 0000000000000000
[  303.704696][T12894] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  303.704705][T12894] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  303.704713][T12894] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  303.704734][T12894]  </TASK>
[  303.805034][T12896] loop6: detected capacity change from 0 to 63
[  303.992633][T12905] netlink: 'syz.2.2017': attribute type 12 has an invalid length.
[  304.004365][T12909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2027'.
[  304.014139][ T5937] Bluetooth: hci0: command tx timeout
[  304.040420][T12911] lo speed is unknown, defaulting to 1000
[  304.042881][T12911] lo speed is unknown, defaulting to 1000
[  304.722969][T12934] netlink: 'syz.5.2025': attribute type 12 has an invalid length.
[  304.953546][T12939] syz.2.2037 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  304.983439][T12941] loop6: detected capacity change from 0 to 63
[  305.141699][T12947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2042'.
[  305.306379][T12958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2043'.
[  305.581788][   T40] kauditd_printk_skb: 29 callbacks suppressed
[  305.581800][   T40] audit: type=1326 audit(1746153562.181:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.3.2045" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fe579 code=0x0
[  306.088440][ T5937] Bluetooth: hci0: command tx timeout
[  306.572327][T12988] netlink: 'syz.1.2047': attribute type 12 has an invalid length.
[  306.854409][T13008] hfs: unable to load iocharset "io#harset"
[  307.827752][T13027] netlink: 'syz.5.2058': attribute type 11 has an invalid length.
[  307.830513][T13027] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2058'.
[  308.182072][ T5937] Bluetooth: hci0: command tx timeout
[  308.365358][T13060] lo speed is unknown, defaulting to 1000
[  308.367861][T13060] lo speed is unknown, defaulting to 1000
[  309.256237][T13090] sysfs: cannot create duplicate filename '/class/ieee80211/!寿'
[  309.259272][T13090] CPU: 1 UID: 0 PID: 13090 Comm: syz.3.2075 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  309.259286][T13090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  309.259310][T13090] Call Trace:
[  309.259315][T13090]  <TASK>
[  309.259320][T13090]  dump_stack_lvl+0x16c/0x1f0
[  309.259337][T13090]  sysfs_warn_dup+0x7f/0xa0
[  309.259353][T13090]  sysfs_do_create_link_sd+0x124/0x140
[  309.259369][T13090]  sysfs_create_link+0x61/0xc0
[  309.259384][T13090]  device_add+0x62c/0x1a70
[  309.259399][T13090]  ? __pfx_device_add+0x10/0x10
[  309.259410][T13090]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  309.259425][T13090]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  309.259442][T13090]  wiphy_register+0x1c9c/0x2850
[  309.259452][T13090]  ? netdev_run_todo+0x864/0x1320
[  309.259464][T13090]  ? __dev_printk+0x230/0x270
[  309.259476][T13090]  ? __pfx_wiphy_register+0x10/0x10
[  309.259492][T13090]  ieee80211_register_hw+0x2432/0x4020
[  309.259513][T13090]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  309.259531][T13090]  ? find_held_lock+0x2b/0x80
[  309.259541][T13090]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  309.259560][T13090]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  309.259572][T13090]  ? __hrtimer_setup+0x176/0x280
[  309.259588][T13090]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  309.259609][T13090]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  309.259623][T13090]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  309.259638][T13090]  ? __asan_memcpy+0x3c/0x60
[  309.259650][T13090]  hwsim_new_radio_nl+0xb51/0x12c0
[  309.259665][T13090]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  309.259684][T13090]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  309.259698][T13090]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  309.259715][T13090]  genl_family_rcv_msg_doit+0x206/0x2f0
[  309.259729][T13090]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  309.259742][T13090]  ? trace_cap_capable+0x18d/0x200
[  309.259756][T13090]  ? bpf_lsm_capable+0x9/0x10
[  309.259766][T13090]  ? security_capable+0x7e/0x260
[  309.259782][T13090]  ? ns_capable+0xd7/0x110
[  309.259793][T13090]  genl_rcv_msg+0x55c/0x800
[  309.259808][T13090]  ? __pfx_genl_rcv_msg+0x10/0x10
[  309.259821][T13090]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  309.259836][T13090]  ? __lock_acquire+0xaa4/0x1ba0
[  309.259851][T13090]  netlink_rcv_skb+0x16a/0x440
[  309.259862][T13090]  ? __pfx_genl_rcv_msg+0x10/0x10
[  309.259875][T13090]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  309.259894][T13090]  ? __pfx_down_read+0x10/0x10
[  309.259908][T13090]  ? netlink_deliver_tap+0x1ae/0xd30
[  309.259921][T13090]  genl_rcv+0x28/0x40
[  309.259933][T13090]  netlink_unicast+0x53a/0x7f0
[  309.259946][T13090]  ? __pfx_netlink_unicast+0x10/0x10
[  309.259961][T13090]  netlink_sendmsg+0x8d1/0xdd0
[  309.259974][T13090]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.259987][T13090]  ? __import_iovec+0x1c8/0x660
[  309.260006][T13090]  ____sys_sendmsg+0xa95/0xc70
[  309.260021][T13090]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.260033][T13090]  ? get_compat_msghdr+0x11a/0x170
[  309.260049][T13090]  ___sys_sendmsg+0x134/0x1d0
[  309.260061][T13090]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.260089][T13090]  __sys_sendmsg+0x16d/0x220
[  309.260099][T13090]  ? __pfx___sys_sendmsg+0x10/0x10
[  309.260109][T13090]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  309.260125][T13090]  ? rcu_is_watching+0x12/0xc0
[  309.260136][T13090]  ? rcu_is_watching+0x12/0xc0
[  309.260146][T13090]  __do_fast_syscall_32+0x73/0x120
[  309.260161][T13090]  do_fast_syscall_32+0x32/0x80
[  309.260174][T13090]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  309.260190][T13090] RIP: 0023:0xf70fe579
[  309.260198][T13090] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  309.260207][T13090] RSP: 002b:00000000f50cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  309.260217][T13090] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000080000040
[  309.260224][T13090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.260229][T13090] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  309.260234][T13090] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  309.260240][T13090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  309.260253][T13090]  </TASK>
[  310.129800][T13122] netlink: 'syz.5.2077': attribute type 12 has an invalid length.
[  310.181470][T13119] netlink: 'syz.1.2079': attribute type 12 has an invalid length.
[  310.570301][T13131] lo speed is unknown, defaulting to 1000
[  310.573228][T13131] lo speed is unknown, defaulting to 1000
[  311.113544][T13158] macsec0: entered promiscuous mode
[  311.115357][T13158] macsec0: entered allmulticast mode
[  311.117044][T13158] veth1_macvtap: entered allmulticast mode
[  311.931491][T13176] netlink: 'syz.5.2091': attribute type 12 has an invalid length.
[  312.036363][T13190] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  312.090538][T13192] lo speed is unknown, defaulting to 1000
[  312.093063][T13192] lo speed is unknown, defaulting to 1000
[  312.548057][   T40] audit: type=1326 audit(1746153569.141:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.561004][   T40] audit: type=1326 audit(1746153569.141:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.567701][   T40] audit: type=1326 audit(1746153569.141:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.588268][   T40] audit: type=1326 audit(1746153569.141:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.594766][   T40] audit: type=1326 audit(1746153569.141:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.612249][   T40] audit: type=1326 audit(1746153569.141:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13199 comm="syz.3.2100" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  312.676429][T13207] loop6: detected capacity change from 0 to 63
[  312.738834][T13211] lo speed is unknown, defaulting to 1000
[  312.741955][T13211] lo speed is unknown, defaulting to 1000
[  312.793901][T13219] lo: entered promiscuous mode
[  312.795813][T13219] tunl0: entered promiscuous mode
[  312.797572][T13219] gre0: entered promiscuous mode
[  312.802262][T13219] gretap0: entered promiscuous mode
[  312.804355][T13219] erspan0: entered promiscuous mode
[  312.806363][T13219] ip_vti0: entered promiscuous mode
[  312.812190][T13219] ip6_vti0: entered promiscuous mode
[  312.814167][T13219] sit0: entered promiscuous mode
[  312.815978][T13219] ip6tnl0: entered promiscuous mode
[  312.817984][T13219] ip6gre0: entered promiscuous mode
[  312.819922][T13219] syz_tun: entered promiscuous mode
[  312.821909][T13219] ip6gretap0: entered promiscuous mode
[  312.824030][T13219] bridge0: entered promiscuous mode
[  312.825988][T13219] : entered promiscuous mode
[  312.828108][T13219] 8021q: adding VLAN 0 to HW filter on device 
[  312.830845][T13219] team0: entered promiscuous mode
[  312.832872][T13219] dummy0: entered promiscuous mode
[  312.835252][T13219] nlmon0: entered promiscuous mode
[  312.837423][T13219] caif0: entered promiscuous mode
[  312.839521][T13219] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  312.924783][T13225] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2108'.
[  312.987522][T13231] fuse: Unknown parameter 'fy?0x0000000000000003'
[  313.368976][T13241] netlink: 'syz.1.2110': attribute type 12 has an invalid length.
[  313.401157][T13243] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  313.950373][T13254] lo speed is unknown, defaulting to 1000
[  313.952880][T13254] lo speed is unknown, defaulting to 1000
[  314.166458][T13266] fuse: Bad value for 'fd'
[  314.171390][T13266] xt_hashlimit: invalid interval
[  314.174648][T13266] loop9: detected capacity change from 0 to 7
[  314.176997][T13266]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  314.179516][T13266] loop9: partition table partially beyond EOD, truncated
[  314.182740][T13266] loop9: p1 size 2437361653 extends beyond EOD, truncated
[  314.351317][T13269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2121'.
[  314.748366][T13285] netlink: 'syz.5.2125': attribute type 12 has an invalid length.
[  315.547271][T13302] loop6: detected capacity change from 0 to 63
[  315.625780][T13294] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  315.722807][T13326] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2139'.
[  316.122203][T13372] loop6: detected capacity change from 0 to 63
[  316.185593][T13376] sp0: Synchronizing with TNC
[  316.194564][T13376] netlink: 'syz.3.2150': attribute type 3 has an invalid length.
[  316.268544][T13376] [U] �
[  316.368525][T13387] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2155'.
[  316.432306][T13389] sp0: Synchronizing with TNC
[  316.561581][T13396] loop6: detected capacity change from 0 to 524287999
[  316.564260][T13396] buffer_io_error: 19 callbacks suppressed
[  316.564268][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.568885][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.571437][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.574029][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.576571][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.579321][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.581889][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.584450][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.586965][T13396] ldm_validate_partition_table(): Disk read failed.
[  316.589484][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.592145][T13396] Buffer I/O error on dev loop6, logical block 0, async page read
[  316.594807][T13396] Dev loop6: unable to read RDB block 0
[  316.598300][T13396]  loop6: unable to read partition table
[  316.600245][T13396] loop_reread_partitions: partition scan of loop6 (3��x��C�

) failed (rc=-5)
[  316.799181][T13410] lo speed is unknown, defaulting to 1000
[  316.802958][T13410] lo speed is unknown, defaulting to 1000
[  316.820928][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  316.823646][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  317.078251][ T5934] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  317.228232][ T5934] usb 6-1: Using ep0 maxpacket: 16
[  317.230523][ T5934] usb 6-1: no configurations
[  317.232160][ T5934] usb 6-1: can't read configurations, error -22
[  317.358261][ T5934] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  317.508224][ T5934] usb 6-1: Using ep0 maxpacket: 16
[  317.510314][ T5934] usb 6-1: no configurations
[  317.511825][ T5934] usb 6-1: can't read configurations, error -22
[  317.513987][ T5934] usb usb6-port1: attempt power cycle
[  317.848277][ T5934] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  317.868644][ T5934] usb 6-1: Using ep0 maxpacket: 16
[  317.870757][ T5934] usb 6-1: no configurations
[  317.872289][ T5934] usb 6-1: can't read configurations, error -22
[  317.998245][ T5934] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  318.018924][ T5934] usb 6-1: Using ep0 maxpacket: 16
[  318.021328][ T5934] usb 6-1: no configurations
[  318.022841][ T5934] usb 6-1: can't read configurations, error -22
[  318.025075][ T5934] usb usb6-port1: unable to enumerate USB device
[  332.284135][ T1417] ==================================================================
[  332.286655][ T1417] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90
[  332.289316][ T1417] Read of size 8 at addr ffff888069657020 by task aoe_tx0/1417
[  332.293212][ T1417] 
[  332.294564][ T1417] CPU: 2 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  332.294579][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.294585][ T1417] Call Trace:
[  332.294589][ T1417]  <TASK>
[  332.294593][ T1417]  dump_stack_lvl+0x116/0x1f0
[  332.294610][ T1417]  print_report+0xc3/0x670
[  332.294622][ T1417]  ? __virt_addr_valid+0x5e/0x590
[  332.294635][ T1417]  ? __phys_addr+0xc6/0x150
[  332.294653][ T1417]  ? tty_write_room+0x7d/0x90
[  332.294672][ T1417]  kasan_report+0xe0/0x110
[  332.294686][ T1417]  ? tty_write_room+0x7d/0x90
[  332.294701][ T1417]  tty_write_room+0x7d/0x90
[  332.294714][ T1417]  handle_tx+0x14f/0x630
[  332.294726][ T1417]  dev_hard_start_xmit+0x93/0x740
[  332.294742][ T1417]  __dev_queue_xmit+0x7eb/0x43e0
[  332.294757][ T1417]  ? finish_task_switch.isra.0+0x22a/0xc10
[  332.294768][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.294778][ T1417]  ? __pfx___dev_queue_xmit+0x10/0x10
[  332.294793][ T1417]  ? __lock_acquire+0xaa4/0x1ba0
[  332.294805][ T1417]  ? __lock_acquire+0xaa4/0x1ba0
[  332.294818][ T1417]  ? do_raw_spin_lock+0x12c/0x2b0
[  332.294833][ T1417]  ? find_held_lock+0x2b/0x80
[  332.294841][ T1417]  ? skb_dequeue+0x126/0x180
[  332.294854][ T1417]  ? find_held_lock+0x2b/0x80
[  332.294863][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.294872][ T1417]  tx+0xcc/0x190
[  332.294882][ T1417]  ? __pfx_tx+0x10/0x10
[  332.294891][ T1417]  kthread+0x1e1/0x3e0
[  332.294905][ T1417]  ? find_held_lock+0x2b/0x80
[  332.294913][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.294927][ T1417]  ? __pfx_default_wake_function+0x10/0x10
[  332.294937][ T1417]  ? lockdep_hardirqs_on+0x7c/0x110
[  332.294950][ T1417]  ? __kthread_parkme+0x19e/0x250
[  332.294962][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.294978][ T1417]  kthread+0x3c2/0x780
[  332.294997][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295012][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295025][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295037][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295049][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.295058][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295071][ T1417]  ret_from_fork+0x45/0x80
[  332.295111][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.295126][ T1417]  ret_from_fork_asm+0x1a/0x30
[  332.295143][ T1417]  </TASK>
[  332.295146][ T1417] 
[  332.367668][ T1417] Allocated by task 8430:
[  332.369350][ T1417]  kasan_save_stack+0x33/0x60
[  332.371219][ T1417]  kasan_save_track+0x14/0x30
[  332.372855][ T1417]  __kasan_kmalloc+0xaa/0xb0
[  332.374503][ T1417]  alloc_tty_struct+0x96/0x8c0
[  332.376116][ T1417]  tty_init_dev.part.0+0x1e/0x500
[  332.377703][ T1417]  tty_open+0xa50/0xf90
[  332.379017][ T1417]  chrdev_open+0x231/0x6a0
[  332.380441][ T1417]  do_dentry_open+0x741/0x1c10
[  332.382026][ T1417]  vfs_open+0x82/0x3f0
[  332.383366][ T1417]  path_openat+0x1e5e/0x2d40
[  332.384833][ T1417]  do_filp_open+0x20b/0x470
[  332.386279][ T1417]  do_sys_openat2+0x11b/0x1d0
[  332.387813][ T1417]  __ia32_compat_sys_openat+0x16d/0x210
[  332.389545][ T1417]  __do_fast_syscall_32+0x73/0x120
[  332.391165][ T1417]  do_fast_syscall_32+0x32/0x80
[  332.392723][ T1417]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  332.394690][ T1417] 
[  332.395478][ T1417] Freed by task 5934:
[  332.396765][ T1417]  kasan_save_stack+0x33/0x60
[  332.398264][ T1417]  kasan_save_track+0x14/0x30
[  332.399776][ T1417]  kasan_save_free_info+0x3b/0x60
[  332.401375][ T1417]  __kasan_slab_free+0x51/0x70
[  332.402893][ T1417]  kfree+0x2b6/0x4d0
[  332.404154][ T1417]  process_one_work+0x9cc/0x1b70
[  332.405740][ T1417]  worker_thread+0x6c8/0xf10
[  332.407226][ T1417]  kthread+0x3c2/0x780
[  332.408534][ T1417]  ret_from_fork+0x45/0x80
[  332.409953][ T1417]  ret_from_fork_asm+0x1a/0x30
[  332.411480][ T1417] 
[  332.412267][ T1417] Last potentially related work creation:
[  332.414048][ T1417]  kasan_save_stack+0x33/0x60
[  332.415552][ T1417]  kasan_record_aux_stack+0xb8/0xd0
[  332.417205][ T1417]  insert_work+0x36/0x230
[  332.418586][ T1417]  __queue_work+0x97e/0x10f0
[  332.420069][ T1417]  queue_work_on+0x1a4/0x1f0
[  332.421546][ T1417]  release_tty+0x4de/0x5d0
[  332.422966][ T1417]  tty_release_struct+0xb7/0xe0
[  332.424525][ T1417]  tty_release+0xe2d/0x1430
[  332.425980][ T1417]  __fput+0x3ff/0xb70
[  332.427281][ T1417]  task_work_run+0x14d/0x240
[  332.428770][ T1417]  do_exit+0xafb/0x2c30
[  332.430092][ T1417]  do_group_exit+0xd3/0x2a0
[  332.431550][ T1417]  get_signal+0x2673/0x26d0
[  332.432998][ T1417]  arch_do_signal_or_restart+0x8f/0x7a0
[  332.434740][ T1417]  syscall_exit_to_user_mode+0x150/0x2a0
[  332.436529][ T1417]  __do_fast_syscall_32+0x80/0x120
[  332.438180][ T1417]  do_fast_syscall_32+0x32/0x80
[  332.439735][ T1417]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  332.441727][ T1417] 
[  332.442498][ T1417] The buggy address belongs to the object at ffff888069657000
[  332.442498][ T1417]  which belongs to the cache kmalloc-cg-2k of size 2048
[  332.446986][ T1417] The buggy address is located 32 bytes inside of
[  332.446986][ T1417]  freed 2048-byte region [ffff888069657000, ffff888069657800)
[  332.451214][ T1417] 
[  332.451997][ T1417] The buggy address belongs to the physical page:
[  332.454038][ T1417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x69650
[  332.456771][ T1417] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  332.459398][ T1417] memcg:ffff888053fddf81
[  332.460736][ T1417] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  332.463239][ T1417] page_type: f5(slab)
[  332.464536][ T1417] raw: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  332.467214][ T1417] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff888053fddf81
[  332.469890][ T1417] head: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  332.472592][ T1417] head: 0000000000000000 0000000000080008 00000000f5000000 ffff888053fddf81
[  332.475281][ T1417] head: 04fff00000000003 ffffea0001a59401 00000000ffffffff 00000000ffffffff
[  332.477976][ T1417] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  332.480651][ T1417] page dumped because: kasan: bad access detected
[  332.482631][ T1417] page_owner tracks the page as allocated
[  332.484447][ T1417] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5941, tgid 5941 (syz-executor), ts 55935716005, free_ts 0
[  332.490678][ T1417]  post_alloc_hook+0x181/0x1b0
[  332.492207][ T1417]  get_page_from_freelist+0x135c/0x3920
[  332.493940][ T1417]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  332.495813][ T1417]  alloc_pages_mpol+0x1fb/0x550
[  332.497352][ T1417]  new_slab+0x244/0x340
[  332.498659][ T1417]  ___slab_alloc+0xd9c/0x1940
[  332.500126][ T1417]  __slab_alloc.constprop.0+0x56/0xb0
[  332.501816][ T1417]  __kmalloc_cache_noprof+0xfb/0x3e0
[  332.503492][ T1417]  ipv6_add_dev+0x1c9/0x15f0
[  332.504986][ T1417]  ipv6_find_idev+0x192/0x220
[  332.506482][ T1417]  inet6_rtm_newaddr+0x59f/0x1c70
[  332.508105][ T1417]  rtnetlink_rcv_msg+0x95b/0xe90
[  332.509675][ T1417]  netlink_rcv_skb+0x16a/0x440
[  332.511332][ T1417]  netlink_unicast+0x53a/0x7f0
[  332.512857][ T1417]  netlink_sendmsg+0x8d1/0xdd0
[  332.514370][ T1417]  __sys_sendto+0x495/0x510
[  332.515838][ T1417] page_owner free stack trace missing
[  332.517526][ T1417] 
[  332.518342][ T1417] Memory state around the buggy address:
[  332.520061][ T1417]  ffff888069656f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  332.522537][ T1417]  ffff888069656f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  332.525060][ T1417] >ffff888069657000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  332.527556][ T1417]                                ^
[  332.529153][ T1417]  ffff888069657080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  332.531633][ T1417]  ffff888069657100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  332.534119][ T1417] ==================================================================
[  332.536672][    C2] vkms_vblank_simulate: vblank timer overrun
[  332.538578][ T1417] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  332.540841][ T1417] CPU: 2 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.15.0-rc4-syzkaller-00052-g4f79eaa2ceac #0 PREEMPT(full) 
[  332.544390][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.547717][ T1417] Call Trace:
[  332.548772][ T1417]  <TASK>
[  332.549718][ T1417]  dump_stack_lvl+0x3d/0x1f0
[  332.551204][ T1417]  panic+0x71c/0x800
[  332.552473][ T1417]  ? __pfx_panic+0x10/0x10
[  332.553883][ T1417]  ? mark_held_locks+0x49/0x80
[  332.555349][ T1417]  ? tty_write_room+0x7d/0x90
[  332.556814][ T1417]  ? check_panic_on_warn+0x1f/0xb0
[  332.558459][ T1417]  ? tty_write_room+0x7d/0x90
[  332.559926][ T1417]  check_panic_on_warn+0xab/0xb0
[  332.561406][ T1417]  end_report+0x107/0x170
[  332.562710][ T1417]  kasan_report+0xee/0x110
[  332.564062][ T1417]  ? tty_write_room+0x7d/0x90
[  332.565469][ T1417]  tty_write_room+0x7d/0x90
[  332.566837][ T1417]  handle_tx+0x14f/0x630
[  332.568158][ T1417]  dev_hard_start_xmit+0x93/0x740
[  332.569703][ T1417]  __dev_queue_xmit+0x7eb/0x43e0
[  332.571228][ T1417]  ? finish_task_switch.isra.0+0x22a/0xc10
[  332.573060][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.574570][ T1417]  ? __pfx___dev_queue_xmit+0x10/0x10
[  332.576194][ T1417]  ? __lock_acquire+0xaa4/0x1ba0
[  332.577723][ T1417]  ? __lock_acquire+0xaa4/0x1ba0
[  332.579270][ T1417]  ? do_raw_spin_lock+0x12c/0x2b0
[  332.580799][ T1417]  ? find_held_lock+0x2b/0x80
[  332.582227][ T1417]  ? skb_dequeue+0x126/0x180
[  332.583624][ T1417]  ? find_held_lock+0x2b/0x80
[  332.585079][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.586551][ T1417]  tx+0xcc/0x190
[  332.587717][ T1417]  ? __pfx_tx+0x10/0x10
[  332.589043][ T1417]  kthread+0x1e1/0x3e0
[  332.590328][ T1417]  ? find_held_lock+0x2b/0x80
[  332.591773][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.593287][ T1417]  ? __pfx_default_wake_function+0x10/0x10
[  332.595151][ T1417]  ? lockdep_hardirqs_on+0x7c/0x110
[  332.596813][ T1417]  ? __kthread_parkme+0x19e/0x250
[  332.598428][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.599894][ T1417]  kthread+0x3c2/0x780
[  332.601158][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.602595][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.604096][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.605525][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.607020][ T1417]  ? rcu_is_watching+0x12/0xc0
[  332.608562][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.609976][ T1417]  ret_from_fork+0x45/0x80
[  332.611370][ T1417]  ? __pfx_kthread+0x10/0x10
[  332.612810][ T1417]  ret_from_fork_asm+0x1a/0x30
[  332.614298][ T1417]  </TASK>
[  332.615923][ T1417] Kernel Offset: disabled
[  332.617275][ T1417] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:31:16  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000007 RBX=ffff88802321d370 RCX=0000000000020000 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff88802321d370 RBP=ffff88802321d370 RSP=ffffc90002f67378
R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000000 R11=ffffffff8e3bf440
R12=0000000000000000 R13=0000000000020007 R14=ffff88802321c880 R15=0000000000000000
RIP=ffffffff81973953 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977ed000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7246b50 CR3=000000002464b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000001 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000004007 RBX=ffff88802272d370 RCX=00000000fffffffe RDX=0000000000000000
RSI=00000000ffffffff RDI=00000000ffffffff RBP=ffff88802272d370 RSP=ffffc90002f77380
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000007 R13=0000000000000000 R14=ffff88802272c880 R15=0000000000000000
RIP=ffffffff81978c4b RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978ed000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73e4fe8 CR3=0000000077eb6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854bf835 RDI=ffffffff9addebc0 RBP=ffffffff9addeb80 RSP=ffffc90007abf440
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9addeb80 R15=ffffffff854bf7d0
RIP=ffffffff854bf85f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979ed000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f71b3820 CR3=000000004aad3000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000001 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=9b48f9b168d95806 0ba73e965d0aca92 a31dc53437156f8e b54bf6d37d783ec9 258480f7b0364677 5b4f76eadf7ddf04 3f680b7aa853dbbb 78da9f50c1393bbf
ZMM17=11dccbf8525c6c69 ca688d8db2a220c8 edc24a0000001e00 0000000000000000 0000000000000000 0000000000000029 736561286d636700 0400460002000400
ZMM18=67bf000000000000 26bc000000000000 009500c0ffffff01 033d100100000002 0015000000000000 20bf00000000004c 1361000000000034 126103fe08208003
ZMM19=08f8080002880300 a8f110eb7d42750f 9e3d7e871d40b5be 5aac4fb3ec87c993 49ef8edcfb279bef 8db2e266f5e7ed9f 2d3bd3daa2a9118f e92290e017c40562
ZMM20=5f2721085f272108 5f2721085f272108 5f2721085f272108 5f2721085f272108 5f2721085f272108 5f2721085f272108 5f2721085f272108 5f2721085f272108
ZMM21=0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2 0bcc02d20bcc02d2
ZMM22=8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc 8a118fcc8a118fcc
ZMM23=25088a6425088a64 25088a6425088a64 25088a6425088a64 25088a6425088a64 25088a6425088a64 25088a6425088a64 25088a6425088a64 25088a6425088a64
ZMM24=4212b2864212b286 4212b2864212b286 4212b2864212b286 4212b2864212b286 4212b2864212b286 4212b2864212b286 4212b2864212b286 4212b2864212b286
ZMM25=fb391219fb391219 fb391219fb391219 fb391219fb391219 fb391219fb391219 fb391219fb391219 fb391219fb391219 fb391219fb391219 fb391219fb391219
ZMM26=6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37 6b8f3c376b8f3c37
ZMM27=e799f51de799f51d e799f51de799f51d e799f51de799f51d e799f51de799f51d e799f51de799f51d e799f51de799f51d e799f51de799f51d e799f51de799f51d
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=730d0000730d0000 730d0000730d0000 730d0000730d0000 730d0000730d0000 730d0000730d0000 730d0000730d0000 730d0000730d0000 730d0000730d0000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=0000000000000001 RCX=000000000459ac2a RDX=ffffffff816999dd
RSI=ffffffff8dbb57e4 RDI=ffffffff8bf467e0 RBP=ffffc9000221ed40 RSP=ffffc9000221ec80
R8 =96de0f3d66735e8e R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffffff81a68c80 R13=ffffc9000221ecf8 R14=0000000000000000 R15=ffff888044040000
RIP=ffffffff81a073d0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097aed000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7495004 CR3=0000000022c9f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000001 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000020210058
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffff0f0e0d0c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000