last executing test programs:

1m42.78643848s ago: executing program 3 (id=1422):
r0 = fanotify_init(0x200, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/resume_offset', 0x102, 0x0)
fanotify_mark(r0, 0x39, 0x1a, r1, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r3 = getgid()
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
mount$9p_tcp(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x2002000, &(0x7f0000000500)={'trans=tcp,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r3}}, {@access_uid={'access', 0x3d, r4}}], [{@subj_type}, {@smackfstransmute={'smackfstransmute', 0x3d, '@'}}, {@flag='posixacl'}]}})
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000180)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_test={0x1a, 0x6a, 0x3d5, 0x5, [0x1, 0x7fffffff, 0x9, 0x8, 0x9]}})
io_uring_setup(0x68f6, &(0x7f00000002c0)={0x0, 0x48c7, 0x8, 0x0, 0x100016b})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x200011, 0x0)
mq_open(&(0x7f00000000c0)='ns\xbf\x12\xe1\v\xc8E\xe0\x80r\x917kj\x9cL\xceZ\x99\xf8Q%#-\xd3\xd2\x13\xe8\xdc\xe1\xfd\xde\xef\xf2\xa7\xd2\xab\x97\xc2e\'\xfc\x10\x85\x03\x00\x00\x002\xb80\x10_\\KA\x97\xb7.[O\xd56\xec^F\xdfT\xda\x9817\"\xf5h\xc0\xf8\a\x9e\xce\xa9&\xffq\xebA\x98\x96~\x17|\xc9xR\\z\x9a\x8cRJ\x85\\u\xb2\\\xedB4\xb5z\xbb\xee\xbd\x96\x19\xd1\x98\xeb\xe8\xc1u\x8b\xf8hc\x81#\r\xe8\xf8%\xd9\x7f\r\x12M\x00', 0x40, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
ioctl$sock_ax25_SIOCDELRT(r2, 0x890c, &(0x7f0000000400)={@default, @null, 0x5, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @null, @bcast, @bcast, @bcast, @null]})

1m42.716809526s ago: executing program 3 (id=1423):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fdatasync(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0)=0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x7e)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1b0000001d9e392aa5f2000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="00009600", @ANYRES16=r1], 0x1c}}, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000340), 0x401, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000140)={0x16, 0x1, 0x0, "18e889d15b38429faa8ff62438eaed752e68f3a6d09382b392b049e33958b16c"})
r4 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r4, 0xc014563b, &(0x7f0000000440)={0xa, {0xc, 0x2, 0xa, 0x4}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=@newlink={0x3c, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast2}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008005}, 0x2)
setsockopt$sock_int(r5, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(r5, 0x6, 0x0, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r5, &(0x7f0000001540)=[{{&(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10, &(0x7f0000000200)}}], 0x1, 0x2404c0c0)
r7 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
pread64(r7, &(0x7f00000002c0)=""/75, 0x4b, 0x0)
ioctl$VIDIOC_EXPBUF(r7, 0xc0405610, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x0, <r8=>0xffffffffffffffff})
ioctl$VIDIOC_G_CROP(r7, 0xc014563b, &(0x7f0000000480)={0x9, {0x7, 0x6, 0xf, 0x5}})
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000380)={{0x1, 0x1, 0x18, r8}, './file0\x00'})

1m42.586748772s ago: executing program 3 (id=1424):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0xe800) (fail_nth: 1)

1m41.007153915s ago: executing program 3 (id=1434):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x800, 0x1)
r1 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth1\x00', &(0x7f0000000240)=@ethtool_gfeatures={0x3a, 0x6, [{}, {}, {}, {}, {}, {}]}})
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000180)='./file0\x00', 0x1000)
r2 = syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$ARCH_SET_GS(0x1e, r2, 0x0, 0x1001)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@getnexthop={0x18, 0x76, 0xb0d, 0x0, 0x0, {0x3}}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x0)
unlink(&(0x7f00000002c0)='./file0\x00')
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)

1m40.946058251s ago: executing program 3 (id=1435):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r1, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000081)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x40, 0x107, 0xfffffefe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x6, 0xc, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

1m40.136328038s ago: executing program 3 (id=1447):
unshare(0x66000080)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000001314000480080002400000000008000140000000000900010073797a3000000000080007006e6174"], 0xcc}, 0x1, 0x0, 0x0, 0xc010}, 0x40)

1m40.116161876s ago: executing program 32 (id=1447):
unshare(0x66000080)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000001314000480080002400000000008000140000000000900010073797a3000000000080007006e6174"], 0xcc}, 0x1, 0x0, 0x0, 0xc010}, 0x40)

1m12.20670898s ago: executing program 2 (id=1720):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0x1381, 0x3})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f0000000880)=ANY=[@ANYBLOB="85100000fdffffff182a0000", @ANYRES32, @ANYBLOB="00000000fc1ccaf300000000b7080000ce0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000001185b0000010000000000000000000000186900000b000000", @ANYBLOB="0000000000000000b703000000000000850000000c000000b7"], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, &(0x7f0000000500), 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
set_tid_address(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xffffffff}, 0x10, 0x0, r1}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000b40)=ANY=[], 0x188}}], 0x1, 0x810)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000340)=r2, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0xc4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r5, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x94, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x400, 0x0, 0x1], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x7]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x38, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x4, 0x3, 0x2}]}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x7f}]}, {0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x4}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xc10}]}]}]}}]}, 0xc4}}, 0x8000)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r7 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x40049366, 0x0)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r8 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r8, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000680)={&(0x7f0000000940)=ANY=[@ANYBLOB="2400100021010101000005800a000100482e32343500000000000000000000000000000029d084505025bcfca1c326c9b2811286943cd46f130b5bfd9c272dad575c5a4491f4759933f5309fe52d102d27dbfa6083b99a190d0ed62d09282f0ff17f2626cbed73c9c97c487d06971390f98b76bcea2f746a05d01d48687db69bf1df8a5e3dc3fb0b4a713abcd8fbea7d18431c63a4212ae8d9e8839bd0d09a54"], 0x24}, 0x1, 0x0, 0x0, 0x20000891}, 0x24000010)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)

1m12.036548224s ago: executing program 2 (id=1721):
unshare(0x8000000)
mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x4}]})
getpid()
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
openat$dsp(0xffffff9c, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f0000003240), 0x0, 0x400f5)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r5, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRESHEX], 0x40}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000004f40)={'gre0\x00', &(0x7f0000000240)={'gretap0\x00', r5, 0x1, 0x20, 0xffffffff, 0x4, {{0x5, 0x4, 0x1, 0x8, 0x14, 0x67, 0x0, 0xdb, 0x4, 0x0, @empty, @empty}}}})
r8 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, 0xffffffffffffffff, 0xb3)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r9, 0xffffffffffffffff, 0x0)

1m11.175822957s ago: executing program 2 (id=1729):
r0 = syz_open_procfs(0x0, &(0x7f0000000780)='task\x00')
lseek(r0, 0x800005, 0x1) (async)
syz_clone3(&(0x7f000000dd80)={0xa00400, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000440), r1)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000540)={'ip6_vti0\x00', &(0x7f0000000480)={'ip6gre0\x00', <r3=>0x0, 0x2f, 0xf2, 0xb7, 0xffff6ff3, 0x41, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, 0x0, 0x7800, 0x83, 0x3fe00000}}) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x2}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) (async)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)={0x74, r2, 0x500, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x2c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x1c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4080}, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'bridge_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r6], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x400000000000235, 0x0) (async)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r8, &(0x7f00000001c0)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) (async)
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
mount$nfs4(&(0x7f0000000040)='\\}{\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000300)={[{'bridge_slave_1\x00'}, {}, {'bridge_slave_1\x00'}, {'\\'}, {'/sys/kernel/debug/sync/sw_sync\x00'}, {'/dev/infiniband/rdma_cm\x00'}, {'\'/^7\xde:--'}], [{@subj_user={'subj_user', 0x3d, 'bridge_slave_1\x00'}}, {@fsname={'fsname', 0x3d, '@%/:(+'}}, {@obj_user={'obj_user', 0x3d, '/dev/infiniband/rdma_cm\x00'}}, {@seclabel}, {@euid_gt={'euid>', r9}}]})

1m11.174218063s ago: executing program 2 (id=1730):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x12}})
r3 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000240)={"fc8b2f1e9b25fb8c20ea3b265ca523b8", 0x0, <r4=>0x0, {0x5, 0x55}, {0xffff, 0x8}, 0x4, [0x9, 0x5, 0x4, 0x40, 0x8000, 0x6, 0xff, 0x1, 0x1, 0x4, 0xfffffffffffffbb6, 0x81, 0x0, 0x8, 0x7]})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000001680)={<r5=>0x0, 0x1, 0x6})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000680)={{r2}, r4, 0x0, @inherit={0x78, &(0x7f0000000340)={0x0, 0x6, 0x4a8f, 0x7fffffffffffffff, {0x2, 0x5, 0x1, 0x6, 0x9}, [0x34e5, 0x7fffffff, 0xfffffffffffffff9, 0x1, 0x9, 0x800]}}, @devid=r5})
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r8, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe)
connect$bt_l2cap(r8, &(0x7f0000000140)={0x1f, 0x4, @none, 0x0, 0x2}, 0xe)
r9 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGMASK(r9, 0x80104592, &(0x7f0000000300)={0x2, 0xb, &(0x7f0000000000)="01c9033c7e1cd68bd7cf39"})
write$nbd(r7, &(0x7f0000000400)=ANY=[], 0x40)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x0, r3})
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r10, 0xc040aed5, &(0x7f0000000040)={0xb000, 0x3c000})

1m10.996612093s ago: executing program 2 (id=1731):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001ec0)={'ip6gretap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2d, 0xfffffffc, {0x60, 0x0, 0x0, r2, {0x0, 0x7}, {0xffff, 0xffff}, {0x8, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x3000c88c)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="11022dbd7000ffdbdf252100000009001f00706879310000000005002000000000000c00050002"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1m10.636148646s ago: executing program 2 (id=1734):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f00000000c0)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x1, {{0x1, 0xfffffff5}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x20000090)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x40000)
r2 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1a0}}, 0x800)

1m10.516217209s ago: executing program 33 (id=1734):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f00000000c0)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x1, {{0x1, 0xfffffff5}, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x20000090)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x40000)
r2 = openat$kvm(0xffffff9c, 0x0, 0x800, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1a0}}, 0x800)

8.925272011s ago: executing program 1 (id=2441):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0xce23, 0xffffffff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4}, 0x1c)
listen(0xffffffffffffffff, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r1, &(0x7f00000044c0)={0x2020, 0x0, <r2=>0x0}, 0xfffffffffffffd95)
write$FUSE_INIT(r1, &(0x7f0000000140)={0x50, 0x0, r2, {0x7, 0x2b, 0x3, 0x80, 0x7f, 0x7727, 0x4, 0x6, 0x0, 0x0, 0x8, 0x3}}, 0x50)
socket(0x1, 0x803, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r5)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a3e40a2554c4c0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d10300000800034000000001140000001100010000000000000000000300000a"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r7 = socket(0x1, 0x803, 0x0)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r8 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x0, 0xffffffff, 0xffffffff, 0x250, 0xffffffff, 0x328, 0xffffffff, 0xffffffff, 0x328, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x228, 0x250, 0x0, {}, [@common=@ipv6header={{0x28}, {0x1a, 0x1, 0x1}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@local, [0xff], @ipv6=@remote, [0x0, 0xff000000, 0xff000000, 0xffffff00], 0x4d3, 0x34ff, 0x1, 0x1, 0x15, 0x10}, {@ipv4=@multicast1, [0x0, 0xffffffff, 0xffffffff, 0xff], @ipv4=@rand_addr=0x64010100, [0xff000000, 0xffffffff], 0x4d6, 0x3503, 0x87, 0x0, 0x2, 0x10}, {@ipv4=@empty, [0x0, 0xffffffff, 0xff000000, 0xffffff00], @ipv4=@dev={0xac, 0x14, 0x14, 0x11}, [0xff000000, 0x0, 0xff, 0xff000000], 0x4d6, 0x3500, 0x3a, 0x0, 0x0, 0x4}, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, [0xff, 0xffffff00, 0x0, 0xffffff00], @ipv6=@mcast1, [0xff000000, 0xffffffff, 0xff000000, 0xffffffff], 0x4d3, 0x0, 0x2f, 0x0, 0x4, 0x4}], 0x1, 0x3}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x18}}, [], [], 'wg1\x00', 'caif0\x00', {}, {}, 0x62}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x458)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00'})

8.250270829s ago: executing program 1 (id=2448):
unshare(0x8000000)
mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x4}]})
getpid()
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f0000003240), 0x0, 0x400f5)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRESHEX], 0x40}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000004f40)={'gre0\x00', &(0x7f0000000240)={'gretap0\x00', 0x0, 0x1, 0x20, 0xffffffff, 0x4, {{0x5, 0x4, 0x1, 0x8, 0x14, 0x67, 0x0, 0xdb, 0x4, 0x0, @empty, @empty}}}})
fcntl$setstatus(r4, 0x4, 0x2c00)
r6 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, 0xffffffffffffffff, 0xb3)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)

7.431606003s ago: executing program 1 (id=2451):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xffffffff}, 0x10}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x810)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002ac0)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000280), 0xa4f, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$FUSE_BMAP(r4, &(0x7f00000000c0)={0x18, 0xfffffffffffffff5, 0x0, {0x8000000000000001}}, 0x18)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac0000000000000000000000000000001200", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}})

7.227281026s ago: executing program 1 (id=2453):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c005a5c335a06aef93814189000001000030400"/31, @ANYRES32=r2, @ANYBLOB="56060900000000001c00128009000100626f6e64000000000c00028008000400888c0000"], 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r5], 0x54}}, 0x0)

7.005498306s ago: executing program 1 (id=2454):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r3, @ANYBLOB="080001000240000095108bf2d89dbcb81318ce005148c4d3bcece4e66dd06377a611125ce4d2eebd8b2febe55255a59557f6d856db99b88ff7269032a252d3e52e1f83aeb36eabf48fe66ff4d38dd2cd08e11ba9d5dea606004dfe513ea07772b6c02a7f05000000c20e659ffe76e09db982e813af2acb1bc147d80f4fc5907b6c92e199ef604bbc1b2668746f292f7355c5d31ddd886595dd"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r2, 0x5, 0xfffffffe, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000380)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, 0x0, 0x0)

6.38520136s ago: executing program 1 (id=2458):
r0 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000800000000000003000000000000000000000000000000fdfffffffbffffff"], 0xfc}}, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="18000032b11000008b6eb906000000000700e31ab62ce413ecccffff186400eab12135e0416756000300000000000000020000009500"/72], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x7, 0x84)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
fallocate(r5, 0x3, 0x460e, 0x3)
r6 = dup3(r0, r1, 0x0)
setsockopt$inet_tcp_buf(r6, 0x6, 0x21, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000800000000000003000000000000000000000000000000fdfffffffbffffff"], 0xfc}}, 0x0) (async)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000500)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="18000032b11000008b6eb906000000000700e31ab62ce413ecccffff186400eab12135e0416756000300000000000000020000009500"/72], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$inet6_sctp(0xa, 0x7, 0x84) (async)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020) (async)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) (async)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) (async)
syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) (async)
fallocate(r5, 0x3, 0x460e, 0x3) (async)
dup3(r0, r1, 0x0) (async)
setsockopt$inet_tcp_buf(r6, 0x6, 0x21, 0x0, 0x0) (async)

4.855754547s ago: executing program 4 (id=2473):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x3)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
socket(0x1, 0x803, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="50008cff1000210400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888e16000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000001000008000500", @ANYRES32=r2], 0x50}}, 0x2)

4.313632998s ago: executing program 4 (id=2477):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
remap_file_pages(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x4, 0x100)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)={0x14, r1, 0x1, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001a00)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000880)=""/4089, 0xd000}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000180)=@ethtool_ringparam={0x51, 0x81, 0xfffffffc, 0x0, 0xffff2aef, 0x5, 0x802, 0x6, 0x1000}})
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000e80)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="010800040000000000000b01000008000300", @ANYRES32=r5, @ANYBLOB="28005080140001004abee33957edf8aaae14574df400000005000200070000000800030007ac0f"], 0x44}}, 0x0)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000040)={&(0x7f0000000540)={0x854, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x100, 0x3c}}}}, [@NL80211_ATTR_TIMEOUT={0x8, 0x110, 0x2}, @NL80211_ATTR_PEER_MEASUREMENTS={0x82c, 0x111, 0x0, 0x1, {0x828, 0x5, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x54, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x13}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x12}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x43}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x434, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x171b}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x200, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xbd}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xd0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xaf}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xdc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x313}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x20c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xd4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x29}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xd2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfff7}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x80, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}]}]}]}]}, {0x368, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1200000}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3d1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xfc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xcc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xc0}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x160, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xec, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1ff}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x98, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x90, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xdf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}]}]}}]}, 0x854}, 0x1, 0x0, 0x0, 0x4001}, 0x80000)

4.3129501s ago: executing program 4 (id=2478):
gettid()
timer_create(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x11, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000005c0)={'ip6erspan0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f00000001c0)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14)
sendmsg$netlink(r3, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a80)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYRES16, @ANYBLOB="887f318e60836ab46228ae6901ddbf4c74dc42e3f6c119b67036b2f6af787d03a6812a8a134fba001a30cae6c50d7a195bbfba06aa"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x44810)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r6, 0x8914, &(0x7f0000000180))
r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r8 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x20400)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r8, 0xc, 0x0, 0x0)
ioctl$sock_rose_SIOCADDRT(r7, 0x890b, 0x0)
r9 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r9, 0x890b, &(0x7f00000007c0)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3000000040000701fefeffff00000000017c0000040042801400018006000600800a000008000300", @ANYRES32=0x0, @ANYBLOB="000087e0"], 0x30}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
connect$rose(r9, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c)
connect$rose(r9, &(0x7f0000000240)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @null}, 0x1c)

3.403227313s ago: executing program 4 (id=2485):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}, 0x1, 0x0, 0x0, 0x40850}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000400)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa3688a8000008060095080006040003ae"], 0x0)

3.274514055s ago: executing program 4 (id=2487):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x71)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34808521, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20c01, 0x36)
io_setup(0xe00a, &(0x7f0000000100)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r3, &(0x7f00000000c0)='!', 0xb7f40, 0x3000000000000000}])
statfs(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)=""/94)

2.464551091s ago: executing program 0 (id=2495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
lchown(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001180)={0x38, r2, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)
mount$bpf(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x200, &(0x7f0000000640)={[{@gid}], [{@fsname={'fsname', 0x3d, '\\{&-)'}}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
keyctl$reject(0x13, 0x0, 0x0, 0x204, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040)="ce967224bc4202d3a53b1b1e3902203d1beae097ac348c51437459e9e585604df0d336a99c0d62be90914a6c67709a4a628845df", 0x34)
mincore(&(0x7f00001bf000/0x2000)=nil, 0x2000, &(0x7f0000000380)=""/203)

1.831042029s ago: executing program 0 (id=2496):
unshare(0x8000000)
mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x4}]})
getpid()
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
openat$dsp(0xffffff9c, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r0, &(0x7f0000003240), 0x0, 0x400f5)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRESHEX], 0x40}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000004f40)={'gre0\x00', &(0x7f0000000240)={'gretap0\x00', 0x0, 0x1, 0x20, 0xffffffff, 0x4, {{0x5, 0x4, 0x1, 0x8, 0x14, 0x67, 0x0, 0xdb, 0x4, 0x0, @empty, @empty}}}})
fcntl$setstatus(r4, 0x4, 0x2c00)
r6 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, 0xffffffffffffffff, 0xb3)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)

1.544847649s ago: executing program 5 (id=2498):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x400000, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189378, &(0x7f0000000500)={{0x1, 0x1, 0x18, <r6=>r5}, './file1\x00'})
sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000a00120002002800000019002d4400009b84136ef75afb83de066a5900e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
r7 = socket(0xb, 0x2, 0xffffffff)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="44000000100001040000000000000064167a2400", @ANYRES16=r0, @ANYRES16=r7, @ANYBLOB="0af32d37dc419341805e0294eb408e1de9fa916294a82411539451d3e9163befdfa82ca7bd916b57774e490559dd3e6e93d580522b8f2c2283b20794fdfff4b81440940b80d34d41b1d385763a1de7671ac3fcf08ce1e1b57a9f663f78455f1938c225e8622f5a01cdc8876377"], 0x44}, 0x1, 0x0, 0x0, 0x4040840}, 0x4c800)
socket(0xb, 0x5, 0xffffffff)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x121342, 0x0)
ioctl$BLKIOMIN(r8, 0x1278, &(0x7f0000000700))
mknod(&(0x7f0000001b40)='./file0\x00', 0x400, 0xffffffff)
r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0xa01, 0x0)
ppoll(&(0x7f0000002140)=[{r9, 0x2162}], 0x1, 0x0, 0x0, 0x0)
mount$nfs(0x0, &(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="fd25766b2c00f3ffffff000000008bfec814e1dd6a89"])
r10 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_timeval(r4, 0x1, 0x0, &(0x7f0000000100), 0x10)
socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r11, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000400)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa3688a8000008060095080006040003ae"], 0x0)

1.485627878s ago: executing program 5 (id=2499):
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000000)={<r1=>0x0, 0x9}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={r1, 0x8000}, &(0x7f00000000c0)=0x8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200100, 0x0)
socket$nl_audit(0x10, 0x3, 0x9) (async)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa0, 0x3ed, 0x100, 0x70bd29, 0x25dfdbfb, "3d42ac16370d0d653cbb1a9d4466c2ac59244a15ab17d3c6e339b083993f00e6ab61049b52d842b635617bd008af0175a195fc46cc261cf26abc68d1d0c7a91bc8fae130126d93785202fb83a28917a9eb3cca3dc1a2418dda1b35f2d3c77c36a728ec030aec0a981a9317b56ac112f434c95c9aa866d44ce2e54d024ef50798ad15158890cf82f6e79200b7e10907c6", [""]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x20040000)
getgroups(0x7, &(0x7f0000000300)=[0xee01, 0xee01, 0xffffffffffffffff, 0xee01, 0xee00, 0x0, 0xee00]) (async)
getgroups(0x7, &(0x7f0000000300)=[0xee01, <r4=>0xee01, 0xffffffffffffffff, 0xee01, <r5=>0xee00, <r6=>0x0, <r7=>0xee00])
chown(&(0x7f00000002c0)='./file0\x00', 0xee01, r6) (async)
chown(&(0x7f00000002c0)='./file0\x00', 0xee01, r6)
ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000340)={0x5, 0x8, 0x1, 0x4, 0xa, 0x0, [{0x5, 0xfffffffffffffff1, 0xa6, '\x00', 0x800}, {0x8, 0xb7d, 0x401, '\x00', 0x1000}, {0x65964bbf, 0xdb, 0x1, '\x00', 0x2000}, {0x5, 0x3000000000, 0x7, '\x00', 0xa04}, {0x1, 0x3, 0x97, '\x00', 0x1100}, {0x240000000000000, 0x6, 0x7ae2, '\x00', 0x800}, {0x5, 0x9, 0x1, '\x00', 0x500}, {0x5, 0x2, 0x27}, {0x8, 0x9, 0x5, '\x00', 0x1000}, {0x3, 0x3, 0x4, '\x00', 0x1400}]})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f00000005c0)={0x7, <r8=>r3, 0x1})
ioctl$KVM_SET_GUEST_DEBUG_x86(r8, 0x4048ae9b, &(0x7f0000000600)={0x80000, 0x0, {[0x200, 0x6, 0x9, 0x80000000000000, 0x7, 0x3, 0x1, 0x8]}}) (async)
ioctl$KVM_SET_GUEST_DEBUG_x86(r8, 0x4048ae9b, &(0x7f0000000600)={0x80000, 0x0, {[0x200, 0x6, 0x9, 0x80000000000000, 0x7, 0x3, 0x1, 0x8]}})
write$dsp(r8, &(0x7f0000000680)="935bce80abeb76909c634a50d345206f6dd33240af427f59fb86e1ee71a6016665467292240c9d10e81175d916a0ed87066d0431280e4080333eef6b2d7a777c0ebf483a9b1470b90e19e37f002fa3de74d58225cd0a5b5f23ae74b9d694cb32", 0x60)
ioctl$KVM_SET_SREGS2(0xffffffffffffffff, 0x4140aecd, &(0x7f0000000700)={{0x1, 0x0, 0xc, 0x7, 0x0, 0x58, 0x8, 0xb, 0x79, 0x37, 0xde}, {0xeeee0000, 0x13000, 0x10, 0x40, 0x7, 0xee, 0x4, 0x1, 0x7, 0x6, 0xd, 0xe}, {0x100000, 0xd000, 0xd, 0x9, 0x2, 0xf7, 0x6, 0xcc, 0x9, 0x2, 0x80, 0x2}, {0x2, 0x80a0000, 0xd, 0xd, 0x0, 0x40, 0x12, 0x8, 0xa, 0x3, 0x8b, 0x5}, {0x200000, 0xffffffff, 0x3, 0x2, 0x1, 0x10, 0x2b, 0x4, 0x5, 0x2, 0x3, 0x3}, {0x8000000, 0x25000, 0xb, 0x2, 0x1, 0x7, 0x9, 0x4, 0xf4, 0x7, 0x4, 0x5}, {0x2000, 0x40000, 0x10, 0x45, 0x8, 0x3, 0x36, 0x8, 0x0, 0xc, 0x8, 0x2}, {0x3000, 0x40000, 0x3, 0xfd, 0xd, 0x0, 0x5, 0x3, 0x9, 0x2, 0x0, 0x3}, {0x80a0000, 0xe}, {0x100000, 0x5}, 0x20000000, 0x0, 0xc000, 0x210000, 0x6, 0x0, 0xfec00000, 0x1, [0x0, 0x1, 0x4, 0xfffffffffffffc00]}) (async)
ioctl$KVM_SET_SREGS2(0xffffffffffffffff, 0x4140aecd, &(0x7f0000000700)={{0x1, 0x0, 0xc, 0x7, 0x0, 0x58, 0x8, 0xb, 0x79, 0x37, 0xde}, {0xeeee0000, 0x13000, 0x10, 0x40, 0x7, 0xee, 0x4, 0x1, 0x7, 0x6, 0xd, 0xe}, {0x100000, 0xd000, 0xd, 0x9, 0x2, 0xf7, 0x6, 0xcc, 0x9, 0x2, 0x80, 0x2}, {0x2, 0x80a0000, 0xd, 0xd, 0x0, 0x40, 0x12, 0x8, 0xa, 0x3, 0x8b, 0x5}, {0x200000, 0xffffffff, 0x3, 0x2, 0x1, 0x10, 0x2b, 0x4, 0x5, 0x2, 0x3, 0x3}, {0x8000000, 0x25000, 0xb, 0x2, 0x1, 0x7, 0x9, 0x4, 0xf4, 0x7, 0x4, 0x5}, {0x2000, 0x40000, 0x10, 0x45, 0x8, 0x3, 0x36, 0x8, 0x0, 0xc, 0x8, 0x2}, {0x3000, 0x40000, 0x3, 0xfd, 0xd, 0x0, 0x5, 0x3, 0x9, 0x2, 0x0, 0x3}, {0x80a0000, 0xe}, {0x100000, 0x5}, 0x20000000, 0x0, 0xc000, 0x210000, 0x6, 0x0, 0xfec00000, 0x1, [0x0, 0x1, 0x4, 0xfffffffffffffc00]})
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000840), 0x50000, 0x0)
fallocate(r3, 0xb, 0xe, 0x1)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x9) (async)
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x9)
ioctl$KVM_TPR_ACCESS_REPORTING(r8, 0xc028ae92, &(0x7f0000000880)={0x9, 0x7})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000980)={'syztnl1\x00', &(0x7f0000000900)={'ip6_vti0\x00', 0x0, 0x2f, 0x1, 0x6, 0x3, 0x30, @local, @mcast2, 0x80, 0x1, 0x9, 0x9}}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000980)={'syztnl1\x00', &(0x7f0000000900)={'ip6_vti0\x00', <r10=>0x0, 0x2f, 0x1, 0x6, 0x3, 0x30, @local, @mcast2, 0x80, 0x1, 0x9, 0x9}})
sendmsg$nl_route_sched(r9, &(0x7f0000000f40)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000f00)={&(0x7f00000009c0)=@newqdisc={0x528, 0x24, 0x100, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, r10, {0xf, 0x3}, {0xfff1}, {0xfff1, 0xb}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x81}, @qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x7, 0x1}}}, @TCA_RATE={0x6, 0x5, {0x6, 0x8}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8001}, @qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x35, 0x2, 0x176, 0x1, 0x1, 0x9}, {0x3, 0x0, 0x81, 0xc0, 0xf943, 0x7}, 0x10000, 0x401, 0x30b}}, @TCA_TBF_PTAB={0x404, 0x3, [0x8, 0x6b6, 0xffff, 0x3, 0x1000, 0xd, 0x6, 0xaa, 0x97, 0x1, 0x6, 0x1, 0x7ff, 0xf, 0x1000, 0xfffffc00, 0xfffffeff, 0x401, 0xe, 0x2, 0x80, 0xc, 0x2f63, 0x3, 0x75, 0x7, 0x0, 0x5, 0xe77, 0xdf, 0x2, 0x58d3, 0x6, 0x0, 0x3ccb, 0x1000, 0x8, 0x6, 0x5, 0x101, 0xe, 0xe, 0x8, 0x1, 0x7, 0x2, 0xa, 0x8, 0x1, 0x6, 0x4, 0x1, 0xd4, 0x5, 0x0, 0xf, 0x1b8f, 0x3, 0x0, 0x80, 0x7ff, 0x95f, 0x58e5, 0xe9, 0x401, 0x1, 0x8, 0x3, 0xe14, 0x1, 0x9, 0x2, 0x2, 0x2, 0x4, 0x80000000, 0x5, 0x2, 0x5, 0x8, 0x8, 0x401, 0x4, 0x3, 0x2, 0xff, 0x4, 0x5, 0x4, 0x8a, 0x610, 0x3, 0xfffffffe, 0x6, 0x2, 0xed5, 0x3, 0xfd, 0x3, 0x1, 0x4, 0x3, 0x80, 0x7, 0x9, 0x2, 0x8, 0x3, 0x7, 0x6, 0x80, 0x1, 0x100, 0x0, 0x7, 0x1, 0xc1a, 0x7, 0x5, 0x2, 0x8, 0x9, 0x7, 0x8, 0x7f, 0x2, 0xb19, 0x2d, 0x7, 0x7f, 0x200, 0x9, 0x7, 0x1ff, 0xff, 0x3ff, 0x1ff, 0xa, 0x4, 0x4, 0x7, 0x40, 0x0, 0x7f, 0x3, 0x1, 0x1, 0x6, 0x7fff, 0x600, 0x1, 0x46a7, 0x101, 0x7, 0x6, 0x7, 0x7, 0x846, 0x2, 0x0, 0xf1, 0xffffff01, 0x10001, 0x7, 0x9a3, 0x8ff, 0x8, 0x2, 0x4, 0x0, 0x5, 0x229, 0x8, 0x3, 0x42, 0x22851dfc, 0x5, 0x800000, 0x5, 0x5, 0x101, 0x1, 0x8, 0x99a, 0x9, 0x180, 0x1, 0x66, 0x0, 0x7, 0x5f, 0xb75c, 0x3e, 0xab, 0x200, 0x10000, 0x6, 0x6, 0x7, 0x3, 0x1, 0x6, 0xf21e, 0x1, 0x1ff, 0x8383, 0x4, 0x5, 0x5, 0x7, 0x1, 0x9, 0x4, 0x5, 0x9, 0x6, 0x0, 0x5, 0x0, 0x9, 0x3, 0x9, 0x40c, 0x8, 0xd, 0x10001, 0x4, 0x10001, 0x0, 0x4, 0x5, 0x1344, 0x5, 0x7, 0x6, 0x7, 0x80, 0xffffdc00, 0x3697, 0x6, 0x9, 0x3, 0x0, 0x6, 0x6, 0x3, 0x7, 0x40, 0x4, 0x153, 0xe6f7, 0x4, 0x7, 0xee, 0x200, 0x9]}]}}, @TCA_STAB={0xa0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x7f, 0xdac, 0x4, 0x0, 0xb, 0x4, 0x4}}, {0xc, 0x2, [0x3, 0x1, 0x6, 0x7ff]}}, {{0x1c, 0x1, {0xb, 0xc, 0xfda2, 0x4, 0x1, 0x1, 0x1, 0x1}}, {0x6, 0x2, [0x7f]}}, {{0x1c, 0x1, {0x3, 0x6, 0x3, 0x5, 0x0, 0x2, 0x7fffffff, 0x2}}, {0x8, 0x2, [0x1, 0x32e]}}, {{0x1c, 0x1, {0x7, 0x9, 0x1, 0x3, 0x3, 0x8, 0x5, 0x6}}, {0x10, 0x2, [0x5, 0x8, 0x3, 0x8, 0x7f, 0x9]}}]}]}, 0x528}, 0x1, 0x0, 0x0, 0x81}, 0x20000000)
ioctl$VIDIOC_STREAMON(r8, 0x40045612, &(0x7f0000000f80)=0x1) (async)
ioctl$VIDIOC_STREAMON(r8, 0x40045612, &(0x7f0000000f80)=0x1)
sendmsg$kcm(r9, &(0x7f00000024c0)={&(0x7f0000000fc0)=@ieee802154={0x24, @short={0x2, 0x2, 0xaaa0}}, 0x80, &(0x7f0000001180)=[{&(0x7f0000001040)="3120e79c9da2834b4435228ec5837428d139396cc4875f4b36b1d7a1838398ce8718e729229d443b807929489c89d5fa5d014eecd9213dae84ac5288c104f7e2d109be96d12ab62fdfbdb384982c49dd4dea521afb711c00b20fdce23fc5e91f63b8c79e41ac1b0acc513109eaba94782212016937f1fbbabada1483bb5dd0d4096dad93ec4a9b6df5f25a3afb7a93efe5c21191ca", 0x95}, {&(0x7f0000001100)="268dc94a0b5209f531500fd445b9cef841f9dc3258a8a295e9", 0x19}, {&(0x7f0000001140)="b7d3179c13473d276a8617d86f", 0xd}], 0x3, &(0x7f00000011c0)=[{0xa0, 0x84, 0x10000, "5d65d6f0dd28ca6f84b49086283ba092243976458e268aa70e556a7d6bfc6882afdb82fdca77734037064b440682cab921202e87345be8dae41e3c3ab7fa9f703f68ed971ba5fb88018dd2a90705400991b5c4c528005627135cd5f8485685bc8f72274aae05ca3b7eb8782b6a4a9e615e24dee91fbaec7c35b757d51003b1ae65d1a39a948be57624"}, {0x1010, 0x3, 0x3, "67270187761c04bfcb402724a7a49ee278454ffa7e7b567a5176f797565cfbe75ad9a0e6cb170bec11b93be9636f3f3ddbac70f1f86f54ef1291a3b250a9934245be0f01a404fb828c741cb484831f2c076090fcd9713fa7eb988a51e5863ff8c63a7090ceb0a2aaf53612bf5906956bef3d3f4b1f5b8d60736e41500a442c052652c8322b6466777e01a9a1512a0e733eed5c45a020e104542ff525f7ef905dec2d654611126feae71ea320494473a2482d91303b9ab037dc2b96aa60b2af853ed9be2868571ec45dcc343a22fdcb338889f7084ff771af1948487736d02ebcd54deba2e9f81261773ec3417e9166091d0b6e49ce99e2cf4d6e403c18d72aab46a60258d8dcce869b2d3eb0b3b1cd218709aa851f45a41da6f562c569e324180bc1e2d8d078d857c93d5018d504e0a83ae39aa5deade815aba88a65a0934ffcf060459c3ad6bd3f422d8d14ce515ba31f28fed4ebc368b4492ab5c8d08e4f715d114a4a90529351a954d07c4da0401a0c4af6ce60a2b9105789225c5bc6fb88c62939bade0f414f7205384ce9236abacf715d1b3b2095b6875247626f496c074f704605e7350a8b1e62e6c83d9402d89b1497eb5ee9818d84423eb23951694695d12b4e7bc5f7150dcc08be75d0376415c501f9c8fa7c573ba25b5bc4c90c209e06f4f371d2a64d321613c0ea760735071a536d6ca2193390fe721f2a5876854657c369e93ed84bbce489e537a0d8b77ef0ad0899e16e844a61553e07dac429f67f51010adcd41644f1a3688fa562dc90362c2c7632d7fd36b25c0a05513998000ff39e578c13b9b8453c154b17b7673ac5c3fa9987387fb96b81f3ab3e00c3cb20b074f1f08333f5714f5d6c6f70c8b7ac0cc9c6e7cce4c8a0ec26d849879bf3ad31c1e56c8ecbc9937286cb9a04d735371b322a33fe54e116b789f67d66b079de73022037a2222aa307cbe58f757467e06d1f7627ddf623a9b3cc4f7c8dc9120ba5659b009477c3960197b8cfbd5883d51c4aaa09266b844f1c1303a2d65eb7def72d5d2e72fb59e443ac85d33d4a0efb4b951453d6fa7d273c0baf7bd3f3626d61647fdc8c0051331fbc639dfabeb2d888fe039a76b577528fea98e72516913c18155fb7a6cb507f9b773cd20e4db3ee88a0f87c8cee5f8c68d938be6137297cd8152489944e3bfaf4db9c6c5b57a36e58c2373a5b6028f88254ec75c3fe0d3d1d9bd7680dd3acf81b35a5795f88cc76a6cfb9950d29285836b94091877b8a9985dd429e3f952218b9c12ab9f1c27e8e530f6fce81397353f913191b97f4377ad45508e87240826e2a85da522185d977b35ec688ecec4de06bd85a3500d385b22bfd710a79874bf325016c8f979a1408d905085510ec01e5f35d5eb4578482bd90fb59ec599870bd9c06366d5ca5cf15fa334df2e5f94da046b2f5f2db8cbb550032ca1fdff55c64f0799fb2546e08fa58bf4e016a114390e6580ecce49090dd2604c4fbaf83817f1104bbcf4c3bdc9336e010dc0fe16dabda604148f3ac53a8e2fa739ecabe04724c534f3ff368527de945b83dbd244dad191e3312f1a2af66d8420110851845b1deb9f5c42d41eeba45b77d45ec57340237221069a256071d77b0ac8eab521bcbc0c65ea26d18b2b6c5fc0f1a9c75487f23bf126451f1d2722caa9b82883a7eb069442ad182d2bafa746ddc40672cab0462d6c4db15eda689eca44f49bce15d9c3dd847cafdb77f917cf2e53eee4128371afd4af42b8a4745c9bf729621da7f736cbff7628b8cbb9eefba2e58413aae284692849d1ed58342171b6bf015109d556c2c416b67436d2874775aa815029e10303ff62d7b667aad5ff4c0e2782da844279e28cc256866ad27d10dea6734d39e9314a6912e041ad4c0930e83d768c6b15860337e9202a89f3df74d499947e6407dfccf233356d5b3e26922453e0f586c6a7cbc2ed1a37a3765dcdc77c5fc6ad59c76a11bdbbe7e06d0a56f23103dd6cf7a73f51eb6564490be6f2c387c0adf83a5f984bfda97948accea85a469d7703c5ac02b6ebbf4602b3464e4f7e3b033000555baedd08f0fd7954bd6ea131324c739074f2363e2634c58a53a5c73e43a94557d69cf468751046ebf9124d3115ae2f844b73bb6aa189a54398df4d0952d798785da8f57c20790f3f8a2a199c3a9d9ad21e4a623f74d37a1dda357dd62f0082dc661423eecf59926e681d32f61f6c4119dcf8dc8906f54b3684ad1ce79139ba286527f50a825f6a881bd6683d8f16fa5c9820336fd1915070d86f37d25080d634e520e0b4e58a9d107162c3ff6abd7ba1dae23923c502e73306a8c56819f3fc57849a0be6280a13c29d78cfa477c7cd95746ee56b751b4e7e1827e057de8b130bbbce9cb0afe268a310df7f7817d2cd7f53977282d157ed0842843c9b685895b8ed21c106a5b386d3674690f296211bafa1ae72fbe4a558f1291c24148165bea4a71f27a6b00dafd0534e5ae8eb0fb5bb420d7e7f83e17017ed92d9a1c917ea10ba9082d881c4545f0bb152e4f4597bdb1575d6211bc7cfdd03809cd45c70cb071fcfa93ca8039dbf02760393bff2de174915ff9be7e728b0b257014579811c25c92fb180fd5381326fe6cab4eed7f5a9ae8dd0c0c4614b0d7daffa1320038022a67a1d8ba40313073fe9b031a7a7539a5b9b9517976cc202bb02c2fde06dc17b14a2a890ceaaf233412e3b9fec6c7dded446e08250fa8724a143fc0cee60f9180e874f2718c1248f56459e6cb2e4111633a4fec74a93b1dd77ba73edec2fa28a6186dcdfde1f7e8f2c967522122f00618bca4c08aa2c11449ad3a657afefe885c15f6a6aec51bfafe36a1ff181790cfe0692848befbbf4a2a3eb1f08d1155f4df73fb6f7c830a01862342040a58eb3ecc7964fd8eb351a929e89fc562504aec789f27ec71e952c8d4ba4c1df20c0114009560ddf617d9df154c9a4473cf55ab4a44d7e64bc3ed311d2ff9826f399156799848a531aa2a72a11acf01d9c7750534293fa0139c3a0c537973c34b0bae59e7d08a9825f1e20fd4cbdbfdf423a83c9be7f8a647129cb3a2ffdf8d26a21879e73f12baf8609e176e05e15dcd99684d306d95162e1cb72a30b19717b23e8bd913831f720b87931fcee9e27fefd8928f6472469d441d7b433404bb9de9b67d17d6c9aaa91d2c5527537e20e8f161e7684fb97b06412bdeeaecd5a881e2f7d756ce4a6caef863acfc7c7c3b1fe8c9484b8cca343247e585f1572135336db9e94a2e579b2884fb538e29caecf98a94b47911e989cf58c721871e92f8c828730b440760cfe637c778645996fc94334ef74b85f30fcbddd114de13fbfb28f46e2b09cc222bd02562c46c0b4ac91513eeda9cff81c6d1c277ef1b2db6491e477185275c918b505c8f9a0a455c47b88b57bc1f55e26354195fccd236340417fc21041dcdfae1b725ba9ea7d9131337263764740be25722903174c416dab12f4b4cf402360e79a25c43cc8f052f52c918ea40b640b45cd9b33db7071e69edfcfa641137481ec4bf13113da7f3603499a4c5cd2e620153b794cd50893a37381fafb83ed5adbec2a015ea9e29ff2c967668f188583f433cdd3a0aaba261d662074e29daab86dbb6a9db82025d6dff5f14f567e18f639b25990a7be34558911c0e1b7a9acc35b5a914711adc6a3458f873c626fc6759fd077eab52c1769bfa9514acc31ed7b4ad3ccec79c1b3f1cc5ec893a49630a7cc791a8532f634b8f4e4fd46dff2ca716637f548513201904cc7cab6f925dfdc7847efd39ae586ec5927939c58c6bbcb5b6bf5a6bf23ee21fd17978e751cc4f61a5e02c7a12ecbbd7d2958371b88dde0d548789cdbaa315dfe6dc8bf6c152282c76ae8d3f9650200878f39ed5c6442886ca4d82ca954c8cd2fa67e11fa2a1ad1f41c40cd2b0c5e0a6d3ee5b3bbc3fb46d74bb4c1832e5be8f1b9405b818066f4243d5f0bccd14cfda964348b4f4ca9cdb5eb54864ce2a798b435552dfe0b83f1ecc79fbc656c53762289c49ca727fb8590d4543c65fa336c478790d6f03e3ea85b0bcea405004c840dddada6a9e7dcab1c6acffe1584f3ef3d6197edef40faaa1e9e083b34c8d736052f859422394916217f015a3a6be8d157b47d96822793e90a032d81ca69b3eabfc94a41f7ad7655e966ab6c4b213b105c227ac88bcd8f1afc4819c2b80d152de1bf96de7125a99718d75068e3f7ff706a1e7a8714c558c60d3264900bdd6d1cc280523fc7ce8afbab8c60b1ddaa1957c4f317ef591e69a0aea1e66e1976783c0d711640224c06ea700f8e9c771589ef3ba0b1493a0314a96c5974c7e8cf7fc99414ae052ad1b3c7ebce63233895d1aff2d605b33f5aa0a51383868851cd549e379404fb6f118015de38b8d0d03feb99796c1400f98a1e1baacc5da1116e9dd6dfc9829c6aed990a94851d1d5de7904f4d65342cbf2f6bc0deea3e60a8cfab01555dd67a7b8a095865893bb05b6aafa72c067eec124b3f72d87b1fa9187ec161e3189635403eeaef33ab4a4f2f811d097a36f5bcb1be13063651516088628aeab9bd7d470a6948d9eec92483946bfee17caa434b74a1cd7600235c835f28a0e45557655a89ef36bf0df27ac5d21d6da9e48d474b55a7aaf3339b600b975486728f589f60a614e9b50c9448a59207987543950f8b5cf732114882d72fcb32c3070883d7ccc217e3e9f1e4e650722a1d6e275cc41a1a4d647b22c4925c983a96592f2cb3622771d30d59eba02fdd2a8a8434b5a5ff2589e374221f05e3ed2e4a48c86f2fdfd4e4c0e5676f9dd0cf6d578f802025041cd1d1bd47e380e9feaae549b381f0836968fd21bc33708b4340686f36ba7bd4860f7bf62ff545912cbed0c230e0a316041dd0c0573cb775a35bdb18f983ff96737ee745faf25f4f5f7c151ad717ddaf948e693f60f65f66f57c51b85c519b5c97f5036777e6f4595c6b920410f24e6584bdc7eef5118d96ff380a08a8d2ede7721dc840b23b74353f96082d733edf3ee8cc0d8469eef7bb2cd264e2a4fa211b3e352fd60d1656f0b2b7258a24ea7370a1068e4af898ebcb27caa33d25731afc822aede11c6684f22ddf36dffe799c9bd89549000793866ff6b1925b5c370c1c70811271af4059c9a6555697f54af5d84b2c745383b0bb7cf9671d75e989a859e2e99e3d3eec2776904f36eb943e255fe5d0a9bd7bab16b97fc04ad81fb9452fee0a0e00a532cbd258a7dea0033bb5eae606254a3ee8d615d118484a3e44e19ca022297b9ca4ddc8d43122bad27c206a740c897bdb181fad36efbb62801b349cdf005f3829af66f836a08db71632dc16e6a15d68e0a3a75fc3fc12ce1a8fee50b0b420a06a04caa605b0a9ed214f082e166cfd0bfc0c7aa3c64c9f725468eb80fcfbd233d5bb5f802db7cd2e9012413b84870f1e9f31a9eb6ca1a892246825e8227e7c9e7e452c4af3c8bf08848acd94dbc8d9ebe3972c571f9b892b6d35b4e24383988cab67af1dc48d2411b3fba7b2215a461f05e7e5fbc14ecaaa3d04d642df7d4dbce66ad086afcc6e15f9c1467a61c6d38022253c99a0bdad5e3868584f9d4a4bdc820df7aef4162969f4d32b7c91b11767ec5562a8fce32c1355a93adb74d98a476934ccb3341b5110a96e24b681610790db2a85ad363bb0b2db07804d3c45b9c16f5bf20e481c296ef470aeadf5cc320b7b9a3aaa48af0fc4619217521652a77d6e2634d40e94ce43aebda5e26e917487dd118a6df1e0c9a37110e57bad0db2f7fe4b5bca1"}, {0x48, 0x84, 0x101, "a2512550c7f7029702b6ed92087ee8705939af6570eb5b99462ddbaa5fa6d61affbec1b72fdd157db72624fa294199c1767dc5"}, {0x90, 0x103, 0xb, "26ba322dbf0296fc91be516e5e7513043356ce898b2e6c8ff84b07587596dc83645c235f84152f9939914bdd8954fb7fff6a7276a68e79d9bd7c50430e4d65a5370087dfe50867185a100ef9bfdb432c6a8461f08fe538b216e5b818607e93d1df824b1b61a41813a9a51b807a01fae367d02a115ec6d1754f10057661de60"}, {0xa8, 0x84, 0x2, "839908cb803cce74e376c8342274f1300178d0d683bacd656443c05ec46df0c98905a4614980d012cbada6e9f249bac2f918b597826798e101de882b9db3de781dedee7806e9e54f2912d58f58a26865c5c42457a8df0df2aace35ef279ccc04972b38e6ed69ac7766a91f1dc2cdaf2a6d3a088acaf9005a8920b92a88c9a1d6535cd61999074edadcb234083bd57ffdb5d1"}, {0xc8, 0x6, 0x40, "8ed57baa8a7f5d5fc368b720d29c0f06b7e1e66a999a17f3bab9712fe36f5e202fad18cb747b47d62f5cb1f26327b84a8357158b310f643d348be9e31e047c8fdc82634ae50f345961378d8ab617288678b0be0dc29de83afc06ba99c41d389cb5fcd494ff4b069b2954374150987f7fce91c43a6324ddf6bb93ca0d069767e3aa4bc4af2f1d6e283161b22f770214d67886abd56dbb71c28e83ba258109a5fe766b3bfdeb7af21f7e8da022c30aee33a2268307cc4a3b27"}], 0x12f8}, 0x4000014)
setgroups(0x4, &(0x7f0000002500)=[r4, r4, r7, r5]) (async)
setgroups(0x4, &(0x7f0000002500)=[r4, r4, r7, r5])
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000002580)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r9, &(0x7f0000002680)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000002640)={&(0x7f00000025c0)={0x58, 0x0, 0x2, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x1, 0x11}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x21c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x5a}]}, 0x58}, 0x1, 0x0, 0x0, 0x4008080}, 0x4)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r8, 0xc018937a, &(0x7f00000026c0)={{0x1, 0x1, 0x18, <r12=>r2, {0x7}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r12, 0xc0189376, &(0x7f0000002700)={{0x1, 0x1, 0x18, r3, {0x6b5b}}, './file0\x00'})
setsockopt$ax25_int(r8, 0x101, 0xc, &(0x7f0000002740)=0xeec, 0x4)
r13 = signalfd(r0, &(0x7f0000002780)={[0x1747]}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r13, 0xc0189373, &(0x7f00000027c0)={{0x1, 0x1, 0x18, r8, {0xb}}, './file0\x00'})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r13, 0x40045532, &(0x7f0000002800)=0x200)

1.485313235s ago: executing program 5 (id=2500):
r0 = socket$packet(0x11, 0x3, 0x300) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) (async)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f0000000240)={r4, 0x0, 0x0, 0x0, 0x4}) (async)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x38, 0x10, 0x439, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, 0x69801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000d0}, 0x0) (async)
sendto$packet(r0, &(0x7f0000000040)="7538736d00ff370100000000800000f488a8", 0x12, 0x24044881, &(0x7f0000000000)={0x11, 0x88a8, r5, 0x1, 0x4, 0x6, @broadcast}, 0x14)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000f00)=@nat={'nat\x00', 0x670, 0x5, 0x4f0, 0x2c8, 0x1b8, 0xffffffff, 0x0, 0x2c8, 0x458, 0x458, 0xffffffff, 0x458, 0x458, 0x5, 0x0, {[{{@uncond, 0x0, 0x180, 0x1b8, 0x48, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@rand_addr=0x64010102, [0xffffff00, 0xff, 0xffffffff, 0xff000000], @ipv4=@rand_addr=0x64010100, [0xffffffff, 0x0, 0xffffff00, 0xffffff00], @ipv6=@local, [0xff, 0xff, 0xffffffff, 0xffffffff], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffffff, 0xff, 0xffffffff, 0xff000000], 0xc9, 0x4, 0x0, 0x4e24, 0x4e24, 0x4e21, 0x4e22, 0x1800, 0x100}, 0x40, 0x800, 0x4e24, 0x4e24, 0x4e23, 0x4e22}}, @common=@unspec=@helper={{0x48}, {0x0, 'tftp-20000\x00'}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x19, @multicast2, @loopback, @icmp_id=0x66, @port=0x4e24}}}}, {{@ip={@broadcast, @remote, 0xff, 0xff, 'nicvf0\x00', 'ipvlan1\x00', {0xff}, {}, 0xc, 0x0, 0x30}, 0x0, 0xc8, 0x110, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gre0\x00', {0x8, 0x5, 0xfffffffc, 0x8, 0x8, 0x51f2, 0x6dc0}, {0xff}}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x11, @ipv6=@mcast1, @ipv4=@loopback, @icmp_id=0x64, @port=0x4e23}}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'team_slave_0\x00'}, 0x0, 0xa0, 0xe8, 0x0, {}, [@common=@addrtype={{0x30}, {0x890, 0x218, 0x0, 0x1}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @gre_key}}}, {{@ip={@broadcast, @rand_addr=0x1, 0x0, 0x0, 'nicvf0\x00', 'pim6reg\x00', {}, {0xff}, 0x1}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0xc0000000, {0x21, @broadcast, @dev={0xac, 0x14, 0x14, 0x1c}, @gre_key=0x40, @port=0x4e23}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x550)

1.394161402s ago: executing program 5 (id=2501):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x4, &(0x7f0000000a00)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffd}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001000ffff25bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="17200000212000001c0012800c0001006d6163766c616e000c000280080003000300000008000500", @ANYRES32=r3], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0x4}}}]}, 0x78}}, 0x0)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f00000006c0), 0x80000, 0x0)
ioctl$FBIOPAN_DISPLAY(r7, 0x4606, &(0x7f0000000700)={0x80, 0x2000, 0x2000, 0x478b27d189243d75, 0x6, 0x7, 0x10, 0x1, {0x40, 0x2}, {0x0, 0xc, 0x1}, {0x0, 0x6, 0x1}, {0x8, 0x400}, 0x1, 0x1, 0xcf, 0x1ff, 0x0, 0x4, 0x5, 0x200, 0xa740000, 0x10000, 0x1, 0x6, 0x21, 0x100, 0x3, 0x3})
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0x6}, {0x8, 0x2, [@TCA_BASIC_EMATCHES={0x4}]}}]}, 0x38}}, 0x48014)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791090000000000007000000002000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3f}, 0x48)

956.107493ms ago: executing program 0 (id=2502):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x12400, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)={0x14, r2, 0x1, 0x0, 0x0, {0x19}}, 0x14}}, 0x0)

955.784836ms ago: executing program 0 (id=2503):
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x903c00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil}) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="7b87f20f", @ANYRESDEC=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x12, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

325.996009ms ago: executing program 0 (id=2504):
shmctl$IPC_RMID(0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00'/12, @ANYRES16=0x0, @ANYBLOB="20002abd7000fedbdf255c00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900070000005200000008006b005a00000008006b003c00000008006b003700000008006b003c000000"], 0x48}, 0x1, 0x0, 0x0, 0x24004000}, 0x4000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TARGET={0x8, 0x3, 0x20}, @TCA_FQ_PIE_BETA={0x8, 0x6, 0xe}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)

1.588618ms ago: executing program 5 (id=2505):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000080007020000", @ANYRES32=r0, @ANYBLOB="200001"], 0x38}}, 0x40004010)

742.359µs ago: executing program 0 (id=2506):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file4\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file1/file0\x00', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

340.485µs ago: executing program 4 (id=2507):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9071, 0xffffffffffffffff, 0x0)
getitimer(0x2, &(0x7f00000001c0)={{<r2=>0x0}})
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x5)
ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xa, &(0x7f0000000200)=ANY=[@ANYBLOB="18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000500850000008200000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYRES16=r2, @ANYRES32, @ANYRES64=r3], 0x44}, 0x1, 0x0, 0x0, 0x40850}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x11, 0x80a, 0x0)
r7 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
preadv(r7, &(0x7f0000001300)=[{&(0x7f0000000100)=""/200, 0xc8}, {0x0}, {0x0}, {&(0x7f0000001240)=""/167, 0xa7}], 0x4, 0x1000, 0x3f2f0fde)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000780)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = accept4(r8, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r9)
ioctl$VIDIOC_S_FREQUENCY(r7, 0x402c5639, &(0x7f00000000c0)={0x0, 0x4, 0xfffffffe})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r10=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r10, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000400)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa3688a8000008060095080006040003ae"], 0x0)

0s ago: executing program 5 (id=2508):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x6, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x0, @private0, 0xe}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a32000900000c000280080004008769f722"], 0x34}, 0x1, 0x0, 0x0, 0x40404}, 0x100)

kernel console output (not intermixed with test programs):

_SET_CONTEXT_MGR already set
[  237.716621][T11610] binder: 11609:11610 ioctl 4018620d 200000004a80 returned -16
[  237.832102][   T40] audit: type=1400 audit(1764147003.373:785): avc:  denied  { create } for  pid=11614 comm="syz.0.2014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  237.843649][   T40] audit: type=1400 audit(1764147003.383:786): avc:  denied  { connect } for  pid=11614 comm="syz.0.2014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  237.926155][T11621] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.983742][T11626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.989915][T11621] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.097045][T11631] binder: 11630:11631 ioctl c018620c 200000000280 returned -22
[  238.166878][T11632] erofs (device loop0): cannot find valid erofs superblock
[  238.551051][T11636] netlink: 'syz.1.2019': attribute type 10 has an invalid length.
[  238.790935][T11650] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2021'.
[  238.800245][   T40] audit: type=1400 audit(1764147004.333:787): avc:  denied  { append } for  pid=11637 comm="syz.4.2021" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  238.867298][T11638] team0 (unregistering): Port device team_slave_0 removed
[  238.875081][T11638] team0 (unregistering): Port device team_slave_1 removed
[  238.876886][T11656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2027'.
[  238.934582][T11660] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  238.980121][T11662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.038466][T11668] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.044185][T11662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.089581][T11670] netlink: 'syz.5.2032': attribute type 10 has an invalid length.
[  239.440946][   T40] audit: type=1400 audit(1764147004.983:788): avc:  denied  { watch } for  pid=11682 comm="syz.1.2037" path="/494/file0" dev="tmpfs" ino=2759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  239.448228][   T40] audit: type=1400 audit(1764147004.983:789): avc:  denied  { watch_sb watch_reads } for  pid=11682 comm="syz.1.2037" path="/494/file0" dev="tmpfs" ino=2759 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  239.536631][T11685] overlayfs: failed to resolve './file1/file0': -2
[  240.159008][T11697] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2044'.
[  240.208656][T11698] fuse: Unknown parameter 'rootmoKe'
[  240.220978][   T40] audit: type=1400 audit(1764147005.763:790): avc:  denied  { map } for  pid=11695 comm="syz.1.2042" path="socket:[49889]" dev="sockfs" ino=49889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  240.240152][T11698] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  240.243455][   T40] audit: type=1400 audit(1764147005.763:791): avc:  denied  { read } for  pid=11695 comm="syz.1.2042" path="socket:[49889]" dev="sockfs" ino=49889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  240.351763][ T5948] Bluetooth: hci2: unexpected event for opcode 0x1003
[  240.471161][T11709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.531186][T11709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.536554][T11709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.797192][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2049'.
[  241.114119][   T40] audit: type=1400 audit(1764147006.653:792): avc:  denied  { create } for  pid=11720 comm="syz.1.2053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  241.137392][T11719] loop9: detected capacity change from 0 to 7
[  241.142072][ T5941] Dev loop9: unable to read RDB block 7
[  241.144073][ T5941]  loop9: unable to read partition table
[  241.146375][ T5941] loop9: partition table beyond EOD, truncated
[  241.152167][T11719] Dev loop9: unable to read RDB block 7
[  241.154458][T11719]  loop9: unable to read partition table
[  241.156871][T11719] loop9: partition table beyond EOD, truncated
[  241.161497][T11719] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  241.234059][   T40] audit: type=1326 audit(1764147006.773:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11727 comm="syz.4.2056" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f799358f749 code=0x0
[  241.331532][T11731] overlayfs: failed to resolve './file1/file0': -2
[  241.362920][   T40] audit: type=1326 audit(1764147006.903:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11732 comm="syz.5.2058" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20e058f749 code=0x0
[  241.726856][T11738] netlink: 'syz.1.2060': attribute type 1 has an invalid length.
[  241.746422][T11738] 8021q: adding VLAN 0 to HW filter on device bond4
[  241.778604][T11738] bond4: (slave veth5): Enslaving as an active interface with a down link
[  241.786923][T11739] bond4: (slave dummy0): making interface the new active one
[  241.790860][T11739] dummy0: entered promiscuous mode
[  241.793126][T11739] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  241.796315][T11738] netlink: 'syz.1.2060': attribute type 10 has an invalid length.
[  241.800120][T11738] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2060'.
[  241.803486][T11738] bond4: (slave dummy0): Releasing active interface
[  242.176803][T11760] binder: BINDER_SET_CONTEXT_MGR already set
[  242.179507][T11760] binder: 11759:11760 ioctl 4018620d 200000004a80 returned -16
[  242.232662][T11762] IPv6: syztnl0: Disabled Multicast RS
[  242.236527][T11764] FAULT_INJECTION: forcing a failure.
[  242.236527][T11764] name failslab, interval 1, probability 0, space 0, times 0
[  242.242042][T11764] CPU: 0 UID: 0 PID: 11764 Comm: syz.5.2070 Not tainted syzkaller #0 PREEMPT(full) 
[  242.242066][T11764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  242.242077][T11764] Call Trace:
[  242.242084][T11764]  <TASK>
[  242.242091][T11764]  dump_stack_lvl+0x16c/0x1f0
[  242.242113][T11764]  should_fail_ex+0x512/0x640
[  242.242134][T11764]  ? __kmalloc_cache_noprof+0x5f/0x780
[  242.242163][T11764]  should_failslab+0xc2/0x120
[  242.242184][T11764]  __kmalloc_cache_noprof+0x72/0x780
[  242.242209][T11764]  ? rtnl_newlink+0x11b/0x2000
[  242.242251][T11764]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.242274][T11764]  ? rtnl_newlink+0x11b/0x2000
[  242.242298][T11764]  rtnl_newlink+0x11b/0x2000
[  242.242331][T11764]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.242354][T11764]  ? find_held_lock+0x2b/0x80
[  242.242377][T11764]  ? avc_has_perm_noaudit+0x117/0x3b0
[  242.242434][T11764]  ? avc_has_perm_noaudit+0x149/0x3b0
[  242.242470][T11764]  ? __lock_acquire+0x622/0x1c90
[  242.242499][T11764]  ? find_held_lock+0x2b/0x80
[  242.242520][T11764]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.242544][T11764]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.242567][T11764]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  242.242594][T11764]  ? __pfx_rtnl_newlink+0x10/0x10
[  242.242620][T11764]  rtnetlink_rcv_msg+0x95e/0xe90
[  242.242647][T11764]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  242.242680][T11764]  ? ref_tracker_free+0x37c/0x830
[  242.242705][T11764]  netlink_rcv_skb+0x158/0x420
[  242.242731][T11764]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  242.242757][T11764]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  242.242791][T11764]  ? netlink_deliver_tap+0x1ae/0xd30
[  242.242821][T11764]  netlink_unicast+0x5aa/0x870
[  242.242850][T11764]  ? __pfx_netlink_unicast+0x10/0x10
[  242.242885][T11764]  netlink_sendmsg+0x8c8/0xdd0
[  242.242915][T11764]  ? __pfx_netlink_sendmsg+0x10/0x10
[  242.242950][T11764]  ____sys_sendmsg+0xa98/0xc70
[  242.242969][T11764]  ? copy_msghdr_from_user+0x10a/0x160
[  242.242993][T11764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  242.243022][T11764]  ___sys_sendmsg+0x134/0x1d0
[  242.243048][T11764]  ? __pfx____sys_sendmsg+0x10/0x10
[  242.243070][T11764]  ? __lock_acquire+0x622/0x1c90
[  242.243117][T11764]  __sys_sendmsg+0x16d/0x220
[  242.243141][T11764]  ? __pfx___sys_sendmsg+0x10/0x10
[  242.243181][T11764]  do_syscall_64+0xcd/0xfa0
[  242.243201][T11764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.243219][T11764] RIP: 0033:0x7f20e058f749
[  242.243234][T11764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.243251][T11764] RSP: 002b:00007f20e1386038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  242.243269][T11764] RAX: ffffffffffffffda RBX: 00007f20e07e5fa0 RCX: 00007f20e058f749
[  242.243280][T11764] RDX: 0000000000000002 RSI: 0000200000000280 RDI: 0000000000000008
[  242.243290][T11764] RBP: 00007f20e1386090 R08: 0000000000000000 R09: 0000000000000000
[  242.243301][T11764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  242.243311][T11764] R13: 00007f20e07e6038 R14: 00007f20e07e5fa0 R15: 00007ffce0df0a58
[  242.243335][T11764]  </TASK>
[  242.723252][   T40] audit: type=1326 audit(1764147008.263:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11777 comm="syz.1.2074" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c6618f749 code=0x0
[  242.736121][   T40] audit: type=1400 audit(1764147008.273:796): avc:  denied  { accept } for  pid=11769 comm="syz.4.2072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  242.788336][T11783] netlink: 'syz.0.2076': attribute type 8 has an invalid length.
[  242.801083][T11785] binder: BINDER_SET_CONTEXT_MGR already set
[  242.803055][T11785] binder: 11784:11785 ioctl 4018620d 200000004a80 returned -16
[  242.853656][T11792] overlayfs: failed to resolve './file1/file0': -2
[  242.930039][T11799] netlink: 'syz.4.2083': attribute type 1 has an invalid length.
[  242.962155][T11799] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  242.970180][   T13] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  242.971497][T11799] 8021q: adding VLAN 0 to HW filter on device bond1
[  243.009262][T11799] veth3: entered promiscuous mode
[  243.014679][T11799] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  243.080856][ T1148] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  243.533343][T11807] FAULT_INJECTION: forcing a failure.
[  243.533343][T11807] name failslab, interval 1, probability 0, space 0, times 0
[  243.538160][T11807] CPU: 3 UID: 0 PID: 11807 Comm: syz.0.2085 Not tainted syzkaller #0 PREEMPT(full) 
[  243.538181][T11807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.538192][T11807] Call Trace:
[  243.538199][T11807]  <TASK>
[  243.538207][T11807]  dump_stack_lvl+0x16c/0x1f0
[  243.538228][T11807]  should_fail_ex+0x512/0x640
[  243.538248][T11807]  ? __kmalloc_noprof+0xca/0x880
[  243.538272][T11807]  should_failslab+0xc2/0x120
[  243.538292][T11807]  __kmalloc_noprof+0xdd/0x880
[  243.538313][T11807]  ? ovl_encode_real_fh+0x33a/0x420
[  243.538338][T11807]  ? ovl_get_index_name_fh+0x55/0x190
[  243.538359][T11807]  ? ovl_get_index_name_fh+0x55/0x190
[  243.538393][T11807]  ovl_get_index_name_fh+0x55/0x190
[  243.538419][T11807]  ovl_get_index_name+0x6a/0xb0
[  243.538436][T11807]  ovl_nlink_end+0x588/0xf50
[  243.538463][T11807]  ? __pfx_ovl_nlink_end+0x10/0x10
[  243.538488][T11807]  ? drop_nlink+0x97/0xd0
[  243.538510][T11807]  ovl_do_remove+0x4d7/0x1040
[  243.538532][T11807]  ? __pfx_may_link+0x10/0x10
[  243.538555][T11807]  ? __pfx_ovl_do_remove+0x10/0x10
[  243.538582][T11807]  vfs_unlink+0x2fe/0x9b0
[  243.538609][T11807]  do_unlinkat+0x4c5/0x6a0
[  243.538629][T11807]  ? __pfx_do_unlinkat+0x10/0x10
[  243.538649][T11807]  ? strncpy_from_user+0x203/0x2e0
[  243.538669][T11807]  ? getname_flags.part.0+0x1c5/0x550
[  243.538691][T11807]  ? __pfx_ksys_write+0x10/0x10
[  243.538712][T11807]  __x64_sys_unlinkat+0xbf/0x130
[  243.538731][T11807]  do_syscall_64+0xcd/0xfa0
[  243.538749][T11807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.538766][T11807] RIP: 0033:0x7f1491d8f749
[  243.538780][T11807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.538796][T11807] RSP: 002b:00007f148fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  243.538813][T11807] RAX: ffffffffffffffda RBX: 00007f1491fe5fa0 RCX: 00007f1491d8f749
[  243.538824][T11807] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  243.538835][T11807] RBP: 00007f148fff6090 R08: 0000000000000000 R09: 0000000000000000
[  243.538845][T11807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  243.538855][T11807] R13: 00007f1491fe6038 R14: 00007f1491fe5fa0 R15: 00007ffcd325a158
[  243.538879][T11807]  </TASK>
[  243.538900][T11807] overlayfs: cleanup index of '/file1' failed (-12)
[  243.625536][T11811] batadv_slave_1: vlans aren't supported yet for dev_uc|mc_add()
[  243.676450][T11819] overlayfs: failed to resolve './file1/file0': -2
[  243.680024][T11817] netlink: 'syz.1.2090': attribute type 10 has an invalid length.
[  243.691502][T11821] netlink: 'syz.4.2092': attribute type 10 has an invalid length.
[  243.846816][T11834] comedi comedi4: comedi_config --init_data is deprecated
[  243.884910][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  243.884925][   T40] audit: type=1400 audit(1764147009.423:799): avc:  denied  { mount } for  pid=11835 comm="syz.4.2098" name="/" dev="hugetlbfs" ino=51786 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  244.361407][ T5948] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  244.365182][ T5948] Bluetooth: hci2: Injecting HCI hardware error event
[  244.370398][ T5943] Bluetooth: hci2: hardware error 0x00
[  244.628653][T11841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2099'.
[  244.714972][T11849] overlayfs: failed to resolve './file1/file0': -2
[  244.715788][T11836] ceph: No mds server is up or the cluster is laggy
[  244.960829][   T40] audit: type=1326 audit(1764147010.503:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11860 comm="syz.4.2107" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f799358f749 code=0x0
[  245.453700][T11872] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2111'.
[  245.457635][T11872] block nbd0: Unsupported socket: should be TCP or UNIX.
[  245.466377][T11872] netlink: 'syz.5.2111': attribute type 1 has an invalid length.
[  245.496429][T11872] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  245.504490][   T81] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  245.505396][T11872] 8021q: adding VLAN 0 to HW filter on device bond1
[  245.525680][   T40] audit: type=1400 audit(1764147011.063:801): avc:  denied  { open } for  pid=11874 comm="syz.0.2112" path="/dev/ptyq5" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  245.535424][   T40] audit: type=1400 audit(1764147011.063:802): avc:  denied  { write } for  pid=11874 comm="syz.0.2112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  245.544004][   T40] audit: type=1400 audit(1764147011.083:803): avc:  denied  { ioctl } for  pid=11874 comm="syz.0.2112" path="socket:[50758]" dev="sockfs" ino=50758 ioctlcmd=0x5403 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  245.547257][T11872] veth3: entered promiscuous mode
[  245.560718][T11872] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  245.571386][T11872] Driver unsupported XDP return value 0 on prog  (id 159) dev N/A, expect packet loss!
[  245.620569][ T1199] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  245.819471][T10426] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  245.837188][T11883] FAULT_INJECTION: forcing a failure.
[  245.837188][T11883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.841898][T11883] CPU: 3 UID: 0 PID: 11883 Comm: syz.4.2114 Not tainted syzkaller #0 PREEMPT(full) 
[  245.841913][T11883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.841920][T11883] Call Trace:
[  245.841925][T11883]  <TASK>
[  245.841930][T11883]  dump_stack_lvl+0x16c/0x1f0
[  245.841944][T11883]  should_fail_ex+0x512/0x640
[  245.841959][T11883]  _copy_to_user+0x32/0xd0
[  245.841974][T11883]  simple_read_from_buffer+0xcb/0x170
[  245.841992][T11883]  proc_fail_nth_read+0x197/0x240
[  245.842006][T11883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  245.842019][T11883]  ? rw_verify_area+0xcf/0x6c0
[  245.842035][T11883]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  245.842047][T11883]  vfs_read+0x1e4/0xcf0
[  245.842058][T11883]  ? __pfx___mutex_lock+0x10/0x10
[  245.842070][T11883]  ? __pfx_vfs_read+0x10/0x10
[  245.842083][T11883]  ? __fget_files+0x20e/0x3c0
[  245.842098][T11883]  ksys_read+0x12a/0x250
[  245.842107][T11883]  ? __pfx_ksys_read+0x10/0x10
[  245.842121][T11883]  do_syscall_64+0xcd/0xfa0
[  245.842132][T11883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.842144][T11883] RIP: 0033:0x7f799358e15c
[  245.842154][T11883] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  245.842165][T11883] RSP: 002b:00007f79943bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  245.842176][T11883] RAX: ffffffffffffffda RBX: 00007f79937e5fa0 RCX: 00007f799358e15c
[  245.842197][T11883] RDX: 000000000000000f RSI: 00007f79943bf0a0 RDI: 0000000000000005
[  245.842203][T11883] RBP: 00007f79943bf090 R08: 0000000000000000 R09: 0000000000000000
[  245.842210][T11883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  245.842216][T11883] R13: 00007f79937e6038 R14: 00007f79937e5fa0 R15: 00007fffbf40c828
[  245.842230][T11883]  </TASK>
[  246.011767][T11890] netlink: 'syz.4.2117': attribute type 10 has an invalid length.
[  246.017981][T11885] loop9: detected capacity change from 0 to 7
[  246.021423][T11885] Dev loop9: unable to read RDB block 7
[  246.022486][T10426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.023470][T11885]  loop9: unable to read partition table
[  246.028366][T10426] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.035662][T10426] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  246.036700][T11885] loop9: partition table beyond EOD, 
[  246.042010][T10426] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  246.042039][T10426] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.045808][T10426] usb 5-1: config 0 descriptor??
[  246.048950][T11885] truncated
[  246.055432][T11885] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  246.111749][   T40] audit: type=1400 audit(1764147011.653:804): avc:  denied  { create } for  pid=11893 comm="syz.4.2121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  246.117870][   T40] audit: type=1400 audit(1764147011.653:805): avc:  denied  { ioctl } for  pid=11893 comm="syz.4.2121" path="socket:[50779]" dev="sockfs" ino=50779 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  246.209444][   T40] audit: type=1400 audit(1764147011.743:806): avc:  denied  { read write } for  pid=9934 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  246.229473][   T40] audit: type=1400 audit(1764147011.743:807): avc:  denied  { open } for  pid=9934 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  246.242688][   T40] audit: type=1400 audit(1764147011.743:808): avc:  denied  { ioctl } for  pid=9934 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  246.274614][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2122'.
[  246.299088][T11905] netlink: 'syz.4.2123': attribute type 4 has an invalid length.
[  246.359651][  T841] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  246.439551][ T5943] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  246.520904][  T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.524413][  T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.527437][  T841] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  246.531588][  T841] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  246.534485][  T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.539358][  T841] usb 6-1: config 0 descriptor??
[  246.666003][T10426] usbhid 5-1:0.0: can't add hid device: -71
[  246.668726][T10426] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  246.675148][T10426] usb 5-1: USB disconnect, device number 9
[  246.946390][  T841] hid_parser_main: 5 callbacks suppressed
[  246.946409][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.950842][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.952917][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.955205][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.958231][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.961674][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.964384][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.967226][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.970678][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.973740][  T841] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  246.980414][  T841] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  247.145991][T11896] warn_alloc: 2 callbacks suppressed
[  247.146006][T11896] syz.1.2119: vmalloc error: size 8192, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  247.156075][T11896] CPU: 3 UID: 0 PID: 11896 Comm: syz.1.2119 Not tainted syzkaller #0 PREEMPT(full) 
[  247.156098][T11896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.156109][T11896] Call Trace:
[  247.156116][T11896]  <TASK>
[  247.156123][T11896]  dump_stack_lvl+0x16c/0x1f0
[  247.156146][T11896]  warn_alloc+0x248/0x3a0
[  247.156174][T11896]  ? __pfx_warn_alloc+0x10/0x10
[  247.156198][T11896]  ? alloc_pages_mpol+0x25a/0x550
[  247.156220][T11896]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  247.156238][T11896]  ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10
[  247.156265][T11896]  ? __kmalloc_node_noprof+0x364/0x8a0
[  247.156282][T11896]  ? __get_vm_area_node+0x208/0x330
[  247.156305][T11896]  __vmalloc_node_range_noprof+0x119b/0x1480
[  247.156335][T11896]  ? hiddev_open+0x195/0x6a0
[  247.156367][T11896]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  247.156398][T11896]  ? hiddev_open+0x195/0x6a0
[  247.156420][T11896]  __vmalloc_node_noprof+0xad/0xf0
[  247.156440][T11896]  ? hiddev_open+0x195/0x6a0
[  247.156468][T11896]  hiddev_open+0x195/0x6a0
[  247.156494][T11896]  ? __pfx_hiddev_open+0x10/0x10
[  247.156521][T11896]  usb_open+0x189/0x220
[  247.156536][T11896]  ? __pfx_usb_open+0x10/0x10
[  247.156551][T11896]  chrdev_open+0x234/0x6a0
[  247.156576][T11896]  ? __pfx_chrdev_open+0x10/0x10
[  247.156596][T11896]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  247.156621][T11896]  do_dentry_open+0x982/0x1530
[  247.156639][T11896]  ? __pfx_chrdev_open+0x10/0x10
[  247.156660][T11896]  vfs_open+0x82/0x3f0
[  247.156685][T11896]  path_openat+0x1de4/0x2cb0
[  247.156712][T11896]  ? __pfx_path_openat+0x10/0x10
[  247.156732][T11896]  ? __lock_acquire+0xb8a/0x1c90
[  247.156752][T11896]  do_filp_open+0x20b/0x470
[  247.156768][T11896]  ? __pfx_do_filp_open+0x10/0x10
[  247.156805][T11896]  ? alloc_fd+0x471/0x7d0
[  247.156829][T11896]  do_sys_openat2+0x11b/0x1d0
[  247.156851][T11896]  ? __pfx_do_sys_openat2+0x10/0x10
[  247.156875][T11896]  ? __fget_files+0x20e/0x3c0
[  247.156896][T11896]  __x64_sys_openat+0x174/0x210
[  247.156919][T11896]  ? __pfx___x64_sys_openat+0x10/0x10
[  247.156940][T11896]  ? ksys_write+0x1ac/0x250
[  247.156966][T11896]  do_syscall_64+0xcd/0xfa0
[  247.156985][T11896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.157000][T11896] RIP: 0033:0x7f3c6618df90
[  247.157015][T11896] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  247.157031][T11896] RSP: 002b:00007f3c67087b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  247.157048][T11896] RAX: ffffffffffffffda RBX: 000000000000e800 RCX: 00007f3c6618df90
[  247.157059][T11896] RDX: 000000000000e800 RSI: 00007f3c67087c10 RDI: 00000000ffffff9c
[  247.157070][T11896] RBP: 00007f3c67087c10 R08: 0000000000000000 R09: 0000000000000000
[  247.157081][T11896] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  247.157092][T11896] R13: 00007f3c663e6038 R14: 00007f3c663e5fa0 R15: 00007ffe369998e8
[  247.157114][T11896]  </TASK>
[  247.157120][T11896] Mem-Info:
[  247.283820][T11896] active_anon:16641 inactive_anon:3035 isolated_anon:0
[  247.283820][T11896]  active_file:4437 inactive_file:32394 isolated_file:0
[  247.283820][T11896]  unevictable:1768 dirty:233 writeback:0
[  247.283820][T11896]  slab_reclaimable:9398 slab_unreclaimable:74496
[  247.283820][T11896]  mapped:25724 shmem:12536 pagetables:1471
[  247.283820][T11896]  sec_pagetables:317 bounce:0
[  247.283820][T11896]  kernel_misc_reclaimable:0
[  247.283820][T11896]  free:466050 free_pcp:11365 free_cma:0
[  247.301815][T11896] Node 0 active_anon:66556kB inactive_anon:11476kB active_file:17740kB inactive_file:129368kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:102888kB dirty:932kB writeback:0kB shmem:45940kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:13680kB pagetables:5624kB sec_pagetables:1268kB all_unreclaimable? no Balloon:0kB
[  247.315112][T11896] Node 1 active_anon:8kB inactive_anon:664kB active_file:8kB inactive_file:208kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:4204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:260kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  247.327197][T11896] Node 0 DMA free:14232kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:540kB inactive_anon:216kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB
[  247.339533][T11896] lowmem_reserve[]: 0 1239 1239 1239 1239
[  247.341960][T11896] Node 0 DMA32 free:242432kB boost:0kB min:27580kB low:34472kB high:41364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:66016kB inactive_anon:11260kB active_file:17740kB inactive_file:129368kB unevictable:3536kB writepending:932kB zspages:2780kB present:2080628kB managed:1269468kB mlocked:0kB bounce:0kB free_pcp:38316kB local_pcp:10620kB free_cma:0kB
[  247.354625][T11896] lowmem_reserve[]: 0 0 0 0 0
[  247.356665][T11896] Node 1 Normal free:1607576kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8kB inactive_anon:664kB active_file:8kB inactive_file:208kB unevictable:3536kB writepending:0kB zspages:288kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:7380kB local_pcp:2416kB free_cma:0kB
[  247.367238][T11896] lowmem_reserve[]: 0 0 0 0 0
[  247.368784][T11896] Node 0 DMA: 14*4kB (UM) 16*8kB (UM) 18*16kB (UM) 20*32kB (UM) 19*64kB (UM) 13*128kB (UM) 10*256kB (UM) 3*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 0*4096kB = 14232kB
[  247.374157][T11896] Node 0 DMA32: 768*4kB (ME) 586*8kB (UME) 429*16kB (UME) 374*32kB (UM) 307*64kB (UME) 216*128kB (UME) 118*256kB (UME) 100*512kB (UME) 31*1024kB (UM) 1*2048kB (M) 13*4096kB (M) = 242336kB
[  247.380048][T11896] Node 1 Normal: 108*4kB (UME) 105*8kB (UME) 110*16kB (UME) 206*32kB (UME) 116*64kB (UME) 70*128kB (UME) 56*256kB (UME) 45*512kB (UME) 36*1024kB (UME) 34*2048kB (UM) 351*4096kB (UM) = 1607576kB
[  247.386043][T11896] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.388964][T11896] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  247.391999][T11896] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  247.395647][T11896] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  247.396107][T11925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2129'.
[  247.398575][T11896] 49371 total pagecache pages
[  247.398584][T11896] 8 pages in swap cache
[  247.402671][T11925] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2129'.
[  247.403488][T11896] Free swap  = 103432kB
[  247.404967][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2129'.
[  247.407664][T11896] Total swap = 124996kB
[  247.413351][T11896] 1048443 pages RAM
[  247.414672][T11896] 0 pages HighMem/MovableOnly
[  247.416345][T11896] 281763 pages reserved
[  247.417663][T11896] 0 pages cma reserved
[  247.421536][  T841] usb 6-1: USB disconnect, device number 10
[  247.464188][T11928] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  247.473500][T11928] usb usb8: usbfs: process 11928 (syz.5.2130) did not claim interface 0 before use
[  247.557259][T11932] overlayfs: failed to resolve './file1/file0': -2
[  247.594275][T11934] FAULT_INJECTION: forcing a failure.
[  247.594275][T11934] name failslab, interval 1, probability 0, space 0, times 0
[  247.601758][T11934] CPU: 3 UID: 0 PID: 11934 Comm: syz.5.2134 Not tainted syzkaller #0 PREEMPT(full) 
[  247.601774][T11934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  247.601781][T11934] Call Trace:
[  247.601785][T11934]  <TASK>
[  247.601790][T11934]  dump_stack_lvl+0x16c/0x1f0
[  247.601806][T11934]  should_fail_ex+0x512/0x640
[  247.601819][T11934]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  247.601837][T11934]  should_failslab+0xc2/0x120
[  247.601851][T11934]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  247.601868][T11934]  ? __d_alloc+0x32/0xae0
[  247.601883][T11934]  ? __d_alloc+0x32/0xae0
[  247.601894][T11934]  __d_alloc+0x32/0xae0
[  247.601908][T11934]  d_alloc_parallel+0x111/0x1510
[  247.601929][T11934]  ? __pfx_d_alloc_parallel+0x10/0x10
[  247.601946][T11934]  ? lockdep_init_map_type+0x5c/0x280
[  247.601958][T11934]  ? lockdep_init_map_type+0x5c/0x280
[  247.601971][T11934]  __lookup_slow+0x193/0x460
[  247.601986][T11934]  ? __pfx___lookup_slow+0x10/0x10
[  247.602002][T11934]  ? shmem_link+0x280/0x530
[  247.602020][T11934]  ? shmem_link+0x280/0x530
[  247.602034][T11934]  ? d_lookup+0xe7/0x190
[  247.602051][T11934]  lookup_noperm+0xe1/0x110
[  247.602066][T11934]  simple_start_creating+0xd1/0x1b0
[  247.602078][T11934]  debugfs_start_creating.part.0+0x82/0x190
[  247.602091][T11934]  __debugfs_create_file+0xa7/0x6b0
[  247.602105][T11934]  debugfs_create_file_full+0x41/0x60
[  247.602118][T11934]  ? __pfx_vlan_setup+0x10/0x10
[  247.602131][T11934]  ref_tracker_dir_debugfs+0x19d/0x290
[  247.602145][T11934]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  247.602181][T11934]  ? alloc_netdev_mqs+0xd7/0x1550
[  247.602196][T11934]  ? lockdep_init_map_type+0x5c/0x280
[  247.602209][T11934]  alloc_netdev_mqs+0x314/0x1550
[  247.602229][T11934]  rtnl_create_link+0xc08/0xf90
[  247.602249][T11934]  rtnl_newlink+0xb69/0x2000
[  247.602268][T11934]  ? __pfx_rtnl_newlink+0x10/0x10
[  247.602282][T11934]  ? find_held_lock+0x2b/0x80
[  247.602297][T11934]  ? avc_has_perm_noaudit+0x117/0x3b0
[  247.602315][T11934]  ? avc_has_perm_noaudit+0x149/0x3b0
[  247.602372][T11934]  ? find_held_lock+0x2b/0x80
[  247.602387][T11934]  ? __pfx_rtnl_newlink+0x10/0x10
[  247.602401][T11934]  ? __pfx_rtnl_newlink+0x10/0x10
[  247.602415][T11934]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  247.602431][T11934]  ? __pfx_rtnl_newlink+0x10/0x10
[  247.602446][T11934]  rtnetlink_rcv_msg+0x95e/0xe90
[  247.602462][T11934]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  247.602481][T11934]  ? ref_tracker_free+0x37c/0x830
[  247.602495][T11934]  netlink_rcv_skb+0x158/0x420
[  247.602512][T11934]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  247.602528][T11934]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  247.602559][T11934]  ? netlink_deliver_tap+0x1ae/0xd30
[  247.602588][T11934]  netlink_unicast+0x5aa/0x870
[  247.602617][T11934]  ? __pfx_netlink_unicast+0x10/0x10
[  247.602651][T11934]  netlink_sendmsg+0x8c8/0xdd0
[  247.602675][T11934]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.602696][T11934]  ____sys_sendmsg+0xa98/0xc70
[  247.602708][T11934]  ? copy_msghdr_from_user+0x10a/0x160
[  247.602722][T11934]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.602739][T11934]  ___sys_sendmsg+0x134/0x1d0
[  247.602754][T11934]  ? __pfx____sys_sendmsg+0x10/0x10
[  247.602767][T11934]  ? __lock_acquire+0x622/0x1c90
[  247.602792][T11934]  __sys_sendmsg+0x16d/0x220
[  247.602807][T11934]  ? __pfx___sys_sendmsg+0x10/0x10
[  247.602830][T11934]  do_syscall_64+0xcd/0xfa0
[  247.602842][T11934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.602853][T11934] RIP: 0033:0x7f20e058f749
[  247.602863][T11934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.602874][T11934] RSP: 002b:00007f20e1386038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.602884][T11934] RAX: ffffffffffffffda RBX: 00007f20e07e5fa0 RCX: 00007f20e058f749
[  247.602891][T11934] RDX: 0000000000000002 RSI: 0000200000000280 RDI: 0000000000000008
[  247.602897][T11934] RBP: 00007f20e1386090 R08: 0000000000000000 R09: 0000000000000000
[  247.602903][T11934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.602909][T11934] R13: 00007f20e07e6038 R14: 00007f20e07e5fa0 R15: 00007ffce0df0a58
[  247.602923][T11934]  </TASK>
[  247.687336][T11937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2131'.
[  247.987779][T11943] netlink: 'syz.1.2136': attribute type 10 has an invalid length.
[  248.121387][T11945] loop9: detected capacity change from 0 to 7
[  248.123965][T11945] Dev loop9: unable to read RDB block 7
[  248.125809][T11945]  loop9: unable to read partition table
[  248.127779][T11945] loop9: partition table beyond EOD, truncated
[  248.130796][T11945] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  248.182533][T11950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.190311][T11952] hpfs: hpfs_map_sector(): read error
[  248.230793][T11954] netlink: 'syz.1.2141': attribute type 10 has an invalid length.
[  248.232241][ T6025] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  248.237061][ T6025] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  248.237743][T11950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.242712][   T13] wlan1: authenticated
[  248.244921][T11950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.249872][ T1148] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  248.311651][T11958] netlink: 'syz.1.2143': attribute type 17 has an invalid length.
[  248.334267][T11967] FAULT_INJECTION: forcing a failure.
[  248.334267][T11967] name failslab, interval 1, probability 0, space 0, times 0
[  248.340484][T11967] CPU: 1 UID: 0 PID: 11967 Comm: syz.4.2146 Not tainted syzkaller #0 PREEMPT(full) 
[  248.340508][T11967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.340520][T11967] Call Trace:
[  248.340527][T11967]  <TASK>
[  248.340534][T11967]  dump_stack_lvl+0x16c/0x1f0
[  248.340556][T11967]  should_fail_ex+0x512/0x640
[  248.340578][T11967]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  248.340609][T11967]  should_failslab+0xc2/0x120
[  248.340637][T11967]  kmem_cache_alloc_node_noprof+0x78/0x770
[  248.340664][T11967]  ? __alloc_skb+0x2b2/0x380
[  248.340693][T11967]  ? __alloc_skb+0x2b2/0x380
[  248.340713][T11967]  ? __pfx_netlink_insert+0x10/0x10
[  248.340738][T11967]  __alloc_skb+0x2b2/0x380
[  248.340760][T11967]  ? __pfx___alloc_skb+0x10/0x10
[  248.340784][T11967]  ? netlink_autobind.isra.0+0x158/0x370
[  248.340816][T11967]  netlink_alloc_large_skb+0x69/0x140
[  248.340844][T11967]  netlink_sendmsg+0x698/0xdd0
[  248.340874][T11967]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.340911][T11967]  ____sys_sendmsg+0xa98/0xc70
[  248.340930][T11967]  ? copy_msghdr_from_user+0x10a/0x160
[  248.340954][T11967]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.340984][T11967]  ___sys_sendmsg+0x134/0x1d0
[  248.341008][T11967]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.341030][T11967]  ? __lock_acquire+0x622/0x1c90
[  248.341077][T11967]  __sys_sendmsg+0x16d/0x220
[  248.341101][T11967]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.341140][T11967]  do_syscall_64+0xcd/0xfa0
[  248.341159][T11967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.341177][T11967] RIP: 0033:0x7f799358f749
[  248.341192][T11967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.341209][T11967] RSP: 002b:00007f79943bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.341225][T11967] RAX: ffffffffffffffda RBX: 00007f79937e5fa0 RCX: 00007f799358f749
[  248.341237][T11967] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  248.341247][T11967] RBP: 00007f79943bf090 R08: 0000000000000000 R09: 0000000000000000
[  248.341258][T11967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.341268][T11967] R13: 00007f79937e6038 R14: 00007f79937e5fa0 R15: 00007fffbf40c828
[  248.341292][T11967]  </TASK>
[  248.371112][   T81] wlan1: associate with 08:02:11:00:00:00 (try 2/3)
[  248.453458][T11973] GUP no longer grows the stack in syz.0.2147 (11973): 200000004000-20000000a000 (200000002000)
[  248.458200][T11973] CPU: 0 UID: 0 PID: 11973 Comm: syz.0.2147 Not tainted syzkaller #0 PREEMPT(full) 
[  248.458223][T11973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.458234][T11973] Call Trace:
[  248.458241][T11973]  <TASK>
[  248.458250][T11973]  dump_stack_lvl+0x16c/0x1f0
[  248.458271][T11973]  gup_vma_lookup+0x1d2/0x220
[  248.458293][T11973]  __get_user_pages+0x241/0x3530
[  248.458323][T11973]  ? find_held_lock+0x2b/0x80
[  248.458427][T11973]  ? __pfx___get_user_pages+0x10/0x10
[  248.458455][T11973]  get_user_pages_remote+0x243/0xab0
[  248.458479][T11973]  ? mast_spanning_rebalance.isra.0+0x2060/0x2060
[  248.458501][T11973]  ? __pfx_get_user_pages_remote+0x10/0x10
[  248.458528][T11973]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  248.458569][T11973]  __access_remote_vm+0x250/0xaa0
[  248.458600][T11973]  ? do_raw_spin_lock+0x12c/0x2b0
[  248.458623][T11973]  ? __pfx___access_remote_vm+0x10/0x10
[  248.458653][T11973]  proc_pid_cmdline_read+0x4de/0x8e0
[  248.458679][T11973]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  248.458705][T11973]  ? rw_verify_area+0xcf/0x6c0
[  248.458735][T11973]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  248.458757][T11973]  vfs_readv+0x5c1/0x8b0
[  248.458792][T11973]  ? __pfx_vfs_readv+0x10/0x10
[  248.458822][T11973]  ? kmem_cache_free+0x2d4/0x6c0
[  248.458855][T11973]  ? __fget_files+0x20e/0x3c0
[  248.458881][T11973]  ? do_preadv+0x1a6/0x270
[  248.458909][T11973]  do_preadv+0x1a6/0x270
[  248.458939][T11973]  ? __pfx_do_preadv+0x10/0x10
[  248.458975][T11973]  do_syscall_64+0xcd/0xfa0
[  248.458995][T11973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.459014][T11973] RIP: 0033:0x7f1491d8f749
[  248.459030][T11973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.459049][T11973] RSP: 002b:00007f148ffd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  248.459069][T11973] RAX: ffffffffffffffda RBX: 00007f1491fe6090 RCX: 00007f1491d8f749
[  248.459083][T11973] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000007
[  248.459097][T11973] RBP: 00007f1491e13f91 R08: 0000000000000000 R09: 0000000000000000
[  248.459110][T11973] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  248.459121][T11973] R13: 00007f1491fe6128 R14: 00007f1491fe6090 R15: 00007ffcd325a158
[  248.459148][T11973]  </TASK>
[  248.549538][   T13] wlan1: associate with 08:02:11:00:00:00 (try 3/3)
[  248.551253][T11979] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2147'.
[  248.660027][   T81] wlan1: association with 08:02:11:00:00:00 timed out
[  248.712122][T11983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2150'.
[  248.943803][   T40] kauditd_printk_skb: 78 callbacks suppressed
[  248.943822][   T40] audit: type=1400 audit(1764147014.483:887): avc:  denied  { bind } for  pid=11992 comm="syz.0.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  248.956110][   T40] audit: type=1400 audit(1764147014.483:888): avc:  denied  { setopt } for  pid=11992 comm="syz.0.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  248.964138][   T40] audit: type=1400 audit(1764147014.483:889): avc:  denied  { ioctl } for  pid=11992 comm="syz.0.2154" path="socket:[53481]" dev="sockfs" ino=53481 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  249.003379][   T40] audit: type=1400 audit(1764147014.543:890): avc:  denied  { create } for  pid=11992 comm="syz.0.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  249.011132][   T40] audit: type=1400 audit(1764147014.543:891): avc:  denied  { ioctl } for  pid=11992 comm="syz.0.2154" path="socket:[50926]" dev="sockfs" ino=50926 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  249.021351][   T40] audit: type=1400 audit(1764147014.543:892): avc:  denied  { connect } for  pid=11992 comm="syz.0.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  249.059523][   T34] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  249.106965][   T40] audit: type=1400 audit(1764147014.643:893): avc:  denied  { mount } for  pid=11999 comm="syz.4.2155" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  249.114426][   T40] audit: type=1400 audit(1764147014.653:894): avc:  denied  { write } for  pid=11999 comm="syz.4.2155" name="anycast6" dev="proc" ino=4026533884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  249.173066][   T40] audit: type=1400 audit(1764147014.713:895): avc:  denied  { setattr } for  pid=11999 comm="syz.4.2155" name="file0" dev="9p" ino=72095583 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  249.193005][   T40] audit: type=1400 audit(1764147014.733:896): avc:  denied  { ioctl } for  pid=12006 comm="syz.1.2157" path="socket:[53493]" dev="sockfs" ino=53493 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  249.225394][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.228901][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.233290][   T34] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  249.237738][   T34] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.241079][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.245851][   T34] usb 10-1: config 0 descriptor??
[  249.281450][T12011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.336472][T12011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.341197][T12011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  249.495218][T12021] netlink: 'syz.4.2164': attribute type 10 has an invalid length.
[  249.662926][   T34] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  249.702300][T12026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2166'.
[  249.929812][T12041] binder: 12040:12041 ioctl 4018620d 0 returned -22
[  249.986587][ T6006] usb 10-1: USB disconnect, device number 3
[  250.291145][T12061] binder: 12057:12061 ioctl 4018620d 200000000100 returned -22
[  250.525838][T12066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.562548][ T6006] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  250.566187][ T6006] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  250.580858][  T226] wlan1: authenticated
[  250.581069][T12066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.588712][  T226] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  250.588926][T12066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.592591][  T226] wlan1: associated
[  250.975994][T12076] binder: 12075:12076 ioctl 4018620d 0 returned -22
[  251.166424][T12083] netlink: 'syz.5.2185': attribute type 5 has an invalid length.
[  251.564411][T12102] netlink: 'syz.0.2193': attribute type 10 has an invalid length.
[  251.592909][T12104] FAULT_INJECTION: forcing a failure.
[  251.592909][T12104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.596970][T12104] CPU: 2 UID: 0 PID: 12104 Comm: syz.0.2194 Not tainted syzkaller #0 PREEMPT(full) 
[  251.596985][T12104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  251.596992][T12104] Call Trace:
[  251.596997][T12104]  <TASK>
[  251.597001][T12104]  dump_stack_lvl+0x16c/0x1f0
[  251.597015][T12104]  should_fail_ex+0x512/0x640
[  251.597031][T12104]  _copy_from_iter+0x29f/0x1720
[  251.597060][T12104]  ? __alloc_skb+0x200/0x380
[  251.597075][T12104]  ? __pfx__copy_from_iter+0x10/0x10
[  251.597088][T12104]  ? netlink_autobind.isra.0+0x158/0x370
[  251.597109][T12104]  netlink_sendmsg+0x820/0xdd0
[  251.597127][T12104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  251.597148][T12104]  ____sys_sendmsg+0xa98/0xc70
[  251.597159][T12104]  ? copy_msghdr_from_user+0x10a/0x160
[  251.597174][T12104]  ? __pfx_____sys_sendmsg+0x10/0x10
[  251.597191][T12104]  ___sys_sendmsg+0x134/0x1d0
[  251.597206][T12104]  ? __pfx____sys_sendmsg+0x10/0x10
[  251.597219][T12104]  ? __lock_acquire+0x622/0x1c90
[  251.597246][T12104]  __sys_sendmsg+0x16d/0x220
[  251.597260][T12104]  ? __pfx___sys_sendmsg+0x10/0x10
[  251.597283][T12104]  do_syscall_64+0xcd/0xfa0
[  251.597295][T12104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.597306][T12104] RIP: 0033:0x7f1491d8f749
[  251.597315][T12104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.597325][T12104] RSP: 002b:00007f148fff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  251.597335][T12104] RAX: ffffffffffffffda RBX: 00007f1491fe5fa0 RCX: 00007f1491d8f749
[  251.597342][T12104] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  251.597349][T12104] RBP: 00007f148fff6090 R08: 0000000000000000 R09: 0000000000000000
[  251.597355][T12104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.597361][T12104] R13: 00007f1491fe6038 R14: 00007f1491fe5fa0 R15: 00007ffcd325a158
[  251.597375][T12104]  </TASK>
[  251.728392][T12112] veth1_macvtap: left promiscuous mode
[  251.730834][T12112] macsec0: entered promiscuous mode
[  251.732423][T12112] macsec0: entered allmulticast mode
[  251.738507][T12112] veth1_macvtap: entered promiscuous mode
[  251.740862][T12112] veth1_macvtap: entered allmulticast mode
[  251.743605][T12112] macsec0: left promiscuous mode
[  251.745154][T12112] macsec0: left allmulticast mode
[  251.746753][T12112] veth1_macvtap: left allmulticast mode
[  251.752479][T12116] ALSA: mixer_oss: invalid OSS volume 'PHONEXÛ0ØIN'
[  251.754968][T12113] team0: No ports can be present during mode change
[  252.080527][T12129] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2202'.
[  252.379492][   T34] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  252.532246][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  252.536912][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  252.541249][   T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  252.546629][   T34] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  252.550650][   T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.560809][   T34] usb 5-1: config 0 descriptor??
[  252.677262][T12135] 9pnet: Could not find request transport: xen
[  252.693607][T12135] syz.4.2205 (12135) used greatest stack depth: 17720 bytes left
[  252.849469][ T5949] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  253.001150][ T5949] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.005724][ T5949] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.010079][ T5949] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  253.015192][ T5949] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  253.018529][ T5949] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.022855][ T5949] usb 10-1: config 0 descriptor??
[  253.175322][   T34] usbhid 5-1:0.0: can't add hid device: -71
[  253.177284][   T34] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  253.181627][   T34] usb 5-1: USB disconnect, device number 10
[  253.260141][T12144] FAULT_INJECTION: forcing a failure.
[  253.260141][T12144] name failslab, interval 1, probability 0, space 0, times 0
[  253.263907][T12144] CPU: 0 UID: 0 PID: 12144 Comm: syz.4.2208 Not tainted syzkaller #0 PREEMPT(full) 
[  253.263922][T12144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.263929][T12144] Call Trace:
[  253.263933][T12144]  <TASK>
[  253.263937][T12144]  dump_stack_lvl+0x16c/0x1f0
[  253.263952][T12144]  should_fail_ex+0x512/0x640
[  253.263965][T12144]  ? fs_reclaim_acquire+0xae/0x150
[  253.263979][T12144]  should_failslab+0xc2/0x120
[  253.263992][T12144]  kmem_cache_alloc_noprof+0x75/0x6e0
[  253.264008][T12144]  ? __pfx_map_id_range_down+0x10/0x10
[  253.264021][T12144]  ? security_inode_alloc+0x3b/0x2b0
[  253.264035][T12144]  ? security_inode_alloc+0x3b/0x2b0
[  253.264045][T12144]  security_inode_alloc+0x3b/0x2b0
[  253.264056][T12144]  inode_init_always_gfp+0xce4/0x1030
[  253.264070][T12144]  alloc_inode+0x86/0x240
[  253.264084][T12144]  new_inode+0x22/0x1c0
[  253.264099][T12144]  __debugfs_create_file+0x11c/0x6b0
[  253.264113][T12144]  debugfs_create_file_full+0x41/0x60
[  253.264126][T12144]  ? __pfx_vlan_setup+0x10/0x10
[  253.264139][T12144]  ref_tracker_dir_debugfs+0x19d/0x290
[  253.264154][T12144]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  253.264179][T12144]  ? alloc_netdev_mqs+0xd7/0x1550
[  253.264194][T12144]  ? lockdep_init_map_type+0x5c/0x280
[  253.264208][T12144]  alloc_netdev_mqs+0x314/0x1550
[  253.264225][T12144]  rtnl_create_link+0xc08/0xf90
[  253.264242][T12144]  rtnl_newlink+0xb69/0x2000
[  253.264261][T12144]  ? __pfx_rtnl_newlink+0x10/0x10
[  253.264275][T12144]  ? find_held_lock+0x2b/0x80
[  253.264293][T12144]  ? avc_has_perm_noaudit+0x117/0x3b0
[  253.264310][T12144]  ? avc_has_perm_noaudit+0x149/0x3b0
[  253.264336][T12144]  ? find_held_lock+0x2b/0x80
[  253.264349][T12144]  ? __pfx_rtnl_newlink+0x10/0x10
[  253.264363][T12144]  ? __pfx_rtnl_newlink+0x10/0x10
[  253.264377][T12144]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  253.264392][T12144]  ? __pfx_rtnl_newlink+0x10/0x10
[  253.264407][T12144]  rtnetlink_rcv_msg+0x95e/0xe90
[  253.264423][T12144]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  253.264442][T12144]  ? ref_tracker_free+0x37c/0x830
[  253.264457][T12144]  netlink_rcv_skb+0x158/0x420
[  253.264473][T12144]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  253.264490][T12144]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  253.264510][T12144]  ? netlink_deliver_tap+0x1ae/0xd30
[  253.264527][T12144]  netlink_unicast+0x5aa/0x870
[  253.264545][T12144]  ? __pfx_netlink_unicast+0x10/0x10
[  253.264565][T12144]  netlink_sendmsg+0x8c8/0xdd0
[  253.264583][T12144]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.264603][T12144]  ____sys_sendmsg+0xa98/0xc70
[  253.264615][T12144]  ? copy_msghdr_from_user+0x10a/0x160
[  253.264629][T12144]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.264646][T12144]  ___sys_sendmsg+0x134/0x1d0
[  253.264661][T12144]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.264674][T12144]  ? __lock_acquire+0x622/0x1c90
[  253.264700][T12144]  __sys_sendmsg+0x16d/0x220
[  253.264714][T12144]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.264727][T12144]  ? ksys_write+0x17e/0x250
[  253.264742][T12144]  ? __pfx_handle_softirqs+0x10/0x10
[  253.264759][T12144]  do_syscall_64+0xcd/0xfa0
[  253.264770][T12144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.264781][T12144] RIP: 0033:0x7f799358f749
[  253.264790][T12144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.264800][T12144] RSP: 002b:00007f79943bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.264811][T12144] RAX: ffffffffffffffda RBX: 00007f79937e5fa0 RCX: 00007f799358f749
[  253.264818][T12144] RDX: 0000000000000002 RSI: 0000200000000280 RDI: 0000000000000008
[  253.264824][T12144] RBP: 00007f79943bf090 R08: 0000000000000000 R09: 0000000000000000
[  253.264830][T12144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  253.264836][T12144] R13: 00007f79937e6038 R14: 00007f79937e5fa0 R15: 00007fffbf40c828
[  253.264850][T12144]  </TASK>
[  253.264866][T12144] debugfs: out of free dentries, can not create file 'netdev@ffff88803654c618'
[  253.429814][ T5949] hid_parser_main: 20 callbacks suppressed
[  253.429833][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.435267][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.437778][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.441935][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.445079][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.448290][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.453112][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.456355][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.459619][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.462740][ T5949] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  253.471927][ T5949] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  253.498050][T12146] loop9: detected capacity change from 0 to 7
[  253.502064][T12146] Dev loop9: unable to read RDB block 7
[  253.504082][T12146]  loop9: unable to read partition table
[  253.506536][T12146] loop9: partition table beyond EOD, truncated
[  253.510586][T12146] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  253.629263][ T6025] usb 10-1: USB disconnect, device number 4
[  253.646624][T12150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.702814][T12150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.708272][T12150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.715664][T12153] binder: 12152:12153 unknown command 0
[  253.718104][T12153] binder: 12152:12153 ioctl c0306201 200000000080 returned -22
[  253.721043][T12150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.724066][T12153] binder: BINDER_SET_CONTEXT_MGR already set
[  253.727839][T12153] binder: 12152:12153 ioctl 4018620d 200000004a80 returned -16
[  253.969070][T12158] netlink: 'syz.4.2213': attribute type 10 has an invalid length.
[  254.105686][   T40] kauditd_printk_skb: 48 callbacks suppressed
[  254.105702][   T40] audit: type=1400 audit(1764147019.643:945): avc:  denied  { create } for  pid=12163 comm="syz.4.2216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  254.115944][   T40] audit: type=1400 audit(1764147019.643:946): avc:  denied  { create } for  pid=12163 comm="syz.4.2216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  254.165081][   T40] audit: type=1326 audit(1764147019.703:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12165 comm="syz.4.2217" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f799358f749 code=0x0
[  254.222854][   T40] audit: type=1400 audit(1764147019.763:948): avc:  denied  { create } for  pid=12170 comm="syz.5.2219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  254.261720][T12176] overlayfs: failed to resolve './file1/file0': -2
[  254.271998][   T40] audit: type=1400 audit(1764147019.813:949): avc:  denied  { create } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  254.278037][   T40] audit: type=1400 audit(1764147019.813:950): avc:  denied  { listen } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  254.284701][   T40] audit: type=1400 audit(1764147019.813:951): avc:  denied  { setopt } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  254.292095][   T40] audit: type=1400 audit(1764147019.813:952): avc:  denied  { accept } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  254.309497][T12181] CIFS mount error: No usable UNC path provided in device string!
[  254.309497][T12181] 
[  254.312345][T12181] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  254.382234][   T40] audit: type=1400 audit(1764147019.923:953): avc:  denied  { create } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  254.387749][   T40] audit: type=1400 audit(1764147019.923:954): avc:  denied  { create } for  pid=12178 comm="syz.1.2221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  254.429873][T12187] FAULT_INJECTION: forcing a failure.
[  254.429873][T12187] name failslab, interval 1, probability 0, space 0, times 0
[  254.433753][T12187] CPU: 2 UID: 0 PID: 12187 Comm: syz.1.2224 Not tainted syzkaller #0 PREEMPT(full) 
[  254.433768][T12187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  254.433775][T12187] Call Trace:
[  254.433780][T12187]  <TASK>
[  254.433785][T12187]  dump_stack_lvl+0x16c/0x1f0
[  254.433800][T12187]  should_fail_ex+0x512/0x640
[  254.433813][T12187]  ? __kmalloc_noprof+0xca/0x880
[  254.433831][T12187]  should_failslab+0xc2/0x120
[  254.433844][T12187]  __kmalloc_noprof+0xdd/0x880
[  254.433858][T12187]  ? __pfx___mutex_trylock_common+0x10/0x10
[  254.433870][T12187]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  254.433886][T12187]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  254.433897][T12187]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  254.433909][T12187]  ? __mutex_lock+0x1c5/0x1060
[  254.433922][T12187]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  254.433934][T12187]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  254.433945][T12187]  ? genl_get_cmd+0x194/0x580
[  254.433966][T12187]  ? __radix_tree_lookup+0x21f/0x2c0
[  254.433983][T12187]  genl_rcv_msg+0x55c/0x800
[  254.433995][T12187]  ? __pfx_genl_rcv_msg+0x10/0x10
[  254.434006][T12187]  ? __pfx_tipc_nl_net_addr_legacy_get+0x10/0x10
[  254.434025][T12187]  netlink_rcv_skb+0x158/0x420
[  254.434041][T12187]  ? __pfx_genl_rcv_msg+0x10/0x10
[  254.434052][T12187]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.434073][T12187]  ? netlink_deliver_tap+0x1ae/0xd30
[  254.434089][T12187]  genl_rcv+0x28/0x40
[  254.434099][T12187]  netlink_unicast+0x5aa/0x870
[  254.434116][T12187]  ? __pfx_netlink_unicast+0x10/0x10
[  254.434136][T12187]  netlink_sendmsg+0x8c8/0xdd0
[  254.434154][T12187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.434174][T12187]  ____sys_sendmsg+0xa98/0xc70
[  254.434186][T12187]  ? copy_msghdr_from_user+0x10a/0x160
[  254.434201][T12187]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.434217][T12187]  ___sys_sendmsg+0x134/0x1d0
[  254.434232][T12187]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.434245][T12187]  ? __lock_acquire+0x622/0x1c90
[  254.434271][T12187]  __sys_sendmsg+0x16d/0x220
[  254.434304][T12187]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.434327][T12187]  do_syscall_64+0xcd/0xfa0
[  254.434338][T12187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.434349][T12187] RIP: 0033:0x7f3c6618f749
[  254.434362][T12187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.434373][T12187] RSP: 002b:00007f3c67088038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.434384][T12187] RAX: ffffffffffffffda RBX: 00007f3c663e5fa0 RCX: 00007f3c6618f749
[  254.434391][T12187] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  254.434397][T12187] RBP: 00007f3c67088090 R08: 0000000000000000 R09: 0000000000000000
[  254.434403][T12187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.434410][T12187] R13: 00007f3c663e6038 R14: 00007f3c663e5fa0 R15: 00007ffe369998e8
[  254.434424][T12187]  </TASK>
[  254.705510][T12195] loop9: detected capacity change from 0 to 7
[  254.709757][T12195] Dev loop9: unable to read RDB block 7
[  254.711544][T12195]  loop9: unable to read partition table
[  254.713367][T12195] loop9: partition table beyond EOD, truncated
[  254.715302][T12195] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  254.773031][T12203] netlink: 'syz.1.2229': attribute type 7 has an invalid length.
[  254.777825][T12204] geneve2: entered promiscuous mode
[  254.781294][T12204] geneve2: entered allmulticast mode
[  254.783696][ T1199] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  254.788295][ T1199] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  254.792156][ T1199] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  254.795452][ T1199] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  254.852658][T12208] overlayfs: failed to resolve './file1/file0': -2
[  255.289562][T10426] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  255.331243][ T5943] Bluetooth: hci1: unexpected event for opcode 0x0c12
[  255.358493][ T5943] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  255.452209][T10426] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.460458][T10426] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.464499][T10426] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  255.470607][T10426] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  255.474415][T10426] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.484426][T10426] usb 9-1: config 0 descriptor??
[  255.602658][T12270] hfsplus: unable to find HFS+ superblock
[  255.653357][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.656008][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.699530][ T6025] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  255.710443][T12273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.761519][T12275] overlayfs: failed to resolve './file1/file0': -2
[  255.765578][T12273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.769967][T12273] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.861131][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.864749][ T6025] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.867756][ T6025] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  255.871971][ T6025] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  255.875139][ T6025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.879796][ T6025] usb 5-1: config 0 descriptor??
[  255.908922][T10426] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  256.152983][  T841] usb 9-1: USB disconnect, device number 13
[  256.293547][ T6025] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  256.318077][T12308] binder: 12306:12308 ioctl c0306201 0 returned -14
[  256.358101][T12311] FAULT_INJECTION: forcing a failure.
[  256.358101][T12311] name failslab, interval 1, probability 0, space 0, times 0
[  256.362829][T12311] CPU: 0 UID: 0 PID: 12311 Comm: syz.5.2244 Not tainted syzkaller #0 PREEMPT(full) 
[  256.362845][T12311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  256.362851][T12311] Call Trace:
[  256.362855][T12311]  <TASK>
[  256.362860][T12311]  dump_stack_lvl+0x16c/0x1f0
[  256.362875][T12311]  should_fail_ex+0x512/0x640
[  256.362889][T12311]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  256.362908][T12311]  should_failslab+0xc2/0x120
[  256.362921][T12311]  kmem_cache_alloc_node_noprof+0x78/0x770
[  256.362937][T12311]  ? __alloc_skb+0x2b2/0x380
[  256.362953][T12311]  ? __alloc_skb+0x2b2/0x380
[  256.362965][T12311]  __alloc_skb+0x2b2/0x380
[  256.362978][T12311]  ? __pfx___alloc_skb+0x10/0x10
[  256.362991][T12311]  ? rcu_is_watching+0x12/0xc0
[  256.363007][T12311]  ? __nla_parse+0x40/0x60
[  256.363024][T12311]  tipc_nl_net_addr_legacy_get+0x81/0x5e0
[  256.363038][T12311]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  256.363053][T12311]  genl_family_rcv_msg_doit+0x209/0x2f0
[  256.363065][T12311]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  256.363076][T12311]  ? genl_get_cmd+0x194/0x580
[  256.363096][T12311]  ? __radix_tree_lookup+0x21f/0x2c0
[  256.363114][T12311]  genl_rcv_msg+0x55c/0x800
[  256.363126][T12311]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.363137][T12311]  ? __pfx_tipc_nl_net_addr_legacy_get+0x10/0x10
[  256.363155][T12311]  netlink_rcv_skb+0x158/0x420
[  256.363171][T12311]  ? __pfx_genl_rcv_msg+0x10/0x10
[  256.363182][T12311]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  256.363203][T12311]  ? netlink_deliver_tap+0x1ae/0xd30
[  256.363220][T12311]  genl_rcv+0x28/0x40
[  256.363229][T12311]  netlink_unicast+0x5aa/0x870
[  256.363246][T12311]  ? __pfx_netlink_unicast+0x10/0x10
[  256.363267][T12311]  netlink_sendmsg+0x8c8/0xdd0
[  256.363284][T12311]  ? __pfx_netlink_sendmsg+0x10/0x10
[  256.363305][T12311]  ____sys_sendmsg+0xa98/0xc70
[  256.363317][T12311]  ? copy_msghdr_from_user+0x10a/0x160
[  256.363336][T12311]  ? __pfx_____sys_sendmsg+0x10/0x10
[  256.363354][T12311]  ___sys_sendmsg+0x134/0x1d0
[  256.363369][T12311]  ? __pfx____sys_sendmsg+0x10/0x10
[  256.363381][T12311]  ? __lock_acquire+0x622/0x1c90
[  256.363421][T12311]  __sys_sendmsg+0x16d/0x220
[  256.363437][T12311]  ? __pfx___sys_sendmsg+0x10/0x10
[  256.363461][T12311]  do_syscall_64+0xcd/0xfa0
[  256.363472][T12311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.363483][T12311] RIP: 0033:0x7f20e058f749
[  256.363492][T12311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.363503][T12311] RSP: 002b:00007f20e1386038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.363514][T12311] RAX: ffffffffffffffda RBX: 00007f20e07e5fa0 RCX: 00007f20e058f749
[  256.363521][T12311] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000003
[  256.363527][T12311] RBP: 00007f20e1386090 R08: 0000000000000000 R09: 0000000000000000
[  256.363533][T12311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.363539][T12311] R13: 00007f20e07e6038 R14: 00007f20e07e5fa0 R15: 00007ffce0df0a58
[  256.363554][T12311]  </TASK>
[  256.490754][T10426] usb 5-1: USB disconnect, device number 11
[  256.537902][T12331] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input12
[  256.670511][T12350] x_tables: duplicate underflow at hook 2
[  256.674566][T12350] netlink: 183084 bytes leftover after parsing attributes in process `syz.1.2248'.
[  256.811964][T12353] loop9: detected capacity change from 0 to 7
[  256.816508][ T5941] Dev loop9: unable to read RDB block 7
[  256.818855][ T5941]  loop9: unable to read partition table
[  256.821520][ T5941] loop9: partition table beyond EOD, truncated
[  256.825403][T12353] Dev loop9: unable to read RDB block 7
[  256.827249][T12353]  loop9: unable to read partition table
[  256.829175][T12353] loop9: partition table beyond EOD, truncated
[  256.831206][T12353] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  256.906463][T12369] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2252'.
[  257.025547][T12374] binder: 12373:12374 ioctl c0306201 0 returned -14
[  257.578710][T12398] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2260'.
[  257.863964][T12420] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2265'.
[  257.868256][T12420] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2265'.
[  257.872097][T12420] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2265'.
[  258.040342][T12441] netlink: 'syz.0.2271': attribute type 10 has an invalid length.
[  258.071429][T12437] loop9: detected capacity change from 0 to 7
[  258.074527][ T5941] Dev loop9: unable to read RDB block 7
[  258.076376][ T5941]  loop9: unable to read partition table
[  258.078407][ T5941] loop9: partition table beyond EOD, truncated
[  258.089107][T12437] Dev loop9: unable to read RDB block 7
[  258.091350][T12437]  loop9: unable to read partition table
[  258.093543][T12437] loop9: partition table beyond EOD, truncated
[  258.095612][T12437] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  258.209779][T10426] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  258.349745][ T5949] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  258.372321][T10426] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.376747][T10426] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.380966][T10426] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  258.386133][T10426] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  258.389948][T10426] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.395546][T10426] usb 10-1: config 0 descriptor??
[  258.501893][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.505856][ T5949] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.508950][ T5949] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  258.512924][ T5949] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  258.515799][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.521259][ T5949] usb 5-1: config 0 descriptor??
[  258.579648][   T34] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  258.649308][T12495] binder: 12494:12495 unknown command 1077961712
[  258.651482][T12495] binder: 12494:12495 ioctl c0306201 200000004a40 returned -22
[  258.751573][   T34] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  258.755045][   T34] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  258.758734][   T34] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  258.762427][   T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  258.766770][   T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  258.772673][   T34] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  258.776058][   T34] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  258.778594][   T34] usb 6-1: Product: syz
[  258.779943][   T34] usb 6-1: Manufacturer: syz
[  258.784908][   T34] cdc_wdm 6-1:1.0: skipping garbage
[  258.786641][   T34] cdc_wdm 6-1:1.0: skipping garbage
[  258.790108][   T34] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  258.791871][   T34] cdc_wdm 6-1:1.0: Unknown control protocol
[  258.803754][T10426] hid_parser_main: 35 callbacks suppressed
[  258.803767][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.808017][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.810447][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.812929][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.815302][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.817613][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.820040][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.822384][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.824736][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.827049][T10426] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0
[  258.833829][T10426] plantronics 0003:047F:FFFF.0012: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  258.939451][ T5949] plantronics 0003:047F:FFFF.0013: hiddev2,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  258.985909][T12483] cdc_wdm 6-1:1.0: Error submitting int urb - -90
[  258.991435][ T5949] usb 6-1: USB disconnect, device number 11
[  259.030345][T12432] syzkaller0: entered promiscuous mode
[  259.032392][T12432] syzkaller0: entered allmulticast mode
[  259.112315][  T841] usb 10-1: USB disconnect, device number 5
[  259.126993][T10426] usb 5-1: USB disconnect, device number 12
[  259.224305][   T40] kauditd_printk_skb: 45 callbacks suppressed
[  259.224315][   T40] audit: type=1326 audit(1764147024.763:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.2280" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f799358f749 code=0x0
[  259.536705][T12557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2281'.
[  259.675553][   T40] audit: type=1400 audit(1764147025.213:1001): avc:  denied  { write } for  pid=12565 comm="syz.0.2284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  259.898719][   T40] audit: type=1400 audit(1764147025.433:1002): avc:  denied  { read } for  pid=12578 comm="syz.0.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  259.905446][   T40] audit: type=1400 audit(1764147025.433:1003): avc:  denied  { getopt } for  pid=12578 comm="syz.0.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  259.930285][T12581] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2288'.
[  259.960947][T12581] binder: BINDER_SET_CONTEXT_MGR already set
[  259.962989][T12581] binder: 12580:12581 ioctl 4018620d 200000004a80 returned -16
[  260.130892][   T40] audit: type=1400 audit(1764147025.673:1004): avc:  denied  { nlmsg_read } for  pid=12647 comm="syz.4.2290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  260.158138][T12650] netlink: 'syz.1.2291': attribute type 4 has an invalid length.
[  260.163352][T12650] binder: BINDER_SET_CONTEXT_MGR already set
[  260.165610][T12650] binder: 12649:12650 ioctl 4018620d 200000004a80 returned -16
[  260.401589][T12687] vivid-007: =================  START STATUS  =================
[  260.404534][T12687] vivid-007: Generate PTS: true
[  260.407265][T12687] vivid-007: Generate SCR: true
[  260.408935][T12687] tpg source WxH: 320x240 (Y'CbCr)
[  260.412501][T12687] tpg field: 1
[  260.414016][T12687] tpg crop: (0,0)/320x240
[  260.415869][T12687] tpg compose: (0,0)/320x240
[  260.417944][T12687] tpg colorspace: 8
[  260.421765][T12687] tpg transfer function: 0/0
[  260.423793][T12687] tpg Y'CbCr encoding: 0/0
[  260.425668][T12687] tpg quantization: 0/0
[  260.427388][T12687] tpg RGB range: 0/2
[  260.429087][T12687] vivid-007: ==================  END STATUS  ==================
[  260.433609][T12687] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=174 sclass=netlink_route_socket pid=12687 comm=syz.4.2295
[  260.543267][   T40] audit: type=1400 audit(1764147026.083:1005): avc:  denied  { watch watch_reads } for  pid=12696 comm="syz.4.2298" path="/204/bus" dev="overlay" ino=1172 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  261.057459][   T40] audit: type=1400 audit(1764147026.593:1006): avc:  denied  { connect } for  pid=12722 comm="syz.1.2305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  261.064304][   T40] audit: type=1400 audit(1764147026.593:1007): avc:  denied  { write } for  pid=12722 comm="syz.1.2305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  261.096412][T12720] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2304'.
[  261.120802][T12728] overlayfs: overlapping lowerdir path
[  261.157284][T12730] netlink: 'syz.1.2308': attribute type 10 has an invalid length.
[  261.226715][   T40] audit: type=1400 audit(1764147026.763:1008): avc:  denied  { create } for  pid=12733 comm="syz.1.2310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  261.234886][   T40] audit: type=1400 audit(1764147026.763:1009): avc:  denied  { connect } for  pid=12733 comm="syz.1.2310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  261.266568][T12737] veth0: entered promiscuous mode
[  261.268376][T12737] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2311'.
[  261.319335][T12740] netlink: 596 bytes leftover after parsing attributes in process `syz.4.2311'.
[  261.528337][T12745] loop9: detected capacity change from 0 to 7
[  261.532811][T12745] Dev loop9: unable to read RDB block 7
[  261.535337][T12745]  loop9: unable to read partition table
[  261.537914][T12745] loop9: partition table beyond EOD, truncated
[  261.540698][T12745] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  261.672283][T12767] overlayfs: overlapping lowerdir path
[  262.109207][T12820] overlayfs: overlapping lowerdir path
[  262.207827][T12826] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2327'.
[  262.365200][T12843] netlink: 'syz.5.2332': attribute type 10 has an invalid length.
[  262.413986][T12848] overlayfs: overlapping lowerdir path
[  262.621613][T12875] xt_bpf: check failed: parse error
[  262.625243][T12875] overlayfs: conflicting options: userxattr,redirect_dir=on
[  262.635888][T12875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.674720][T12851] cgroup: fork rejected by pids controller in /syz5
[  262.691084][T12875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.699240][T12875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.024304][T12899] loop9: detected capacity change from 0 to 7
[  263.028037][ T5941] Dev loop9: unable to read RDB block 7
[  263.030111][ T5941]  loop9: unable to read partition table
[  263.032157][ T5941] loop9: partition table beyond EOD, truncated
[  263.035109][T12899] Dev loop9: unable to read RDB block 7
[  263.037499][T12899]  loop9: unable to read partition table
[  263.039699][T12899] loop9: partition table beyond EOD, truncated
[  263.043300][T12899] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  263.155328][T12941] overlayfs: overlapping lowerdir path
[  263.172171][T12943] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2344'.
[  263.257132][T12952] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2347'.
[  263.351261][T12962] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2350'.
[  263.364342][T12962] 8021q: adding VLAN 0 to HW filter on device bond2
[  263.385880][T12962] macsec1: entered allmulticast mode
[  263.387613][T12962] bond2: entered allmulticast mode
[  263.390750][T12962] bond2: left allmulticast mode
[  263.495635][T13014] FAULT_INJECTION: forcing a failure.
[  263.495635][T13014] name failslab, interval 1, probability 0, space 0, times 0
[  263.501368][T13014] CPU: 1 UID: 0 PID: 13014 Comm: syz.5.2353 Not tainted syzkaller #0 PREEMPT(full) 
[  263.501392][T13014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  263.501404][T13014] Call Trace:
[  263.501423][T13014]  <TASK>
[  263.501430][T13014]  dump_stack_lvl+0x16c/0x1f0
[  263.501464][T13014]  should_fail_ex+0x512/0x640
[  263.501496][T13014]  should_failslab+0xc2/0x120
[  263.501518][T13014]  __kmalloc_cache_noprof+0x72/0x780
[  263.501544][T13014]  ? __hw_addr_add_ex+0x3c9/0x7c0
[  263.501568][T13014]  ? __hw_addr_add_ex+0x3c9/0x7c0
[  263.501585][T13014]  __hw_addr_add_ex+0x3c9/0x7c0
[  263.501608][T13014]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  263.501625][T13014]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  263.501652][T13014]  ? __pfx_vlan_setup+0x10/0x10
[  263.501674][T13014]  dev_addr_init+0x161/0x250
[  263.501695][T13014]  ? __pfx_dev_addr_init+0x10/0x10
[  263.501724][T13014]  alloc_netdev_mqs+0x363/0x1550
[  263.501753][T13014]  rtnl_create_link+0xc08/0xf90
[  263.501780][T13014]  rtnl_newlink+0xb69/0x2000
[  263.501811][T13014]  ? __pfx_rtnl_newlink+0x10/0x10
[  263.501833][T13014]  ? find_held_lock+0x2b/0x80
[  263.501857][T13014]  ? avc_has_perm_noaudit+0x117/0x3b0
[  263.501886][T13014]  ? avc_has_perm_noaudit+0x149/0x3b0
[  263.501932][T13014]  ? find_held_lock+0x2b/0x80
[  263.501953][T13014]  ? __pfx_rtnl_newlink+0x10/0x10
[  263.501976][T13014]  ? __pfx_rtnl_newlink+0x10/0x10
[  263.501996][T13014]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  263.502018][T13014]  ? __pfx_rtnl_newlink+0x10/0x10
[  263.502056][T13014]  rtnetlink_rcv_msg+0x95e/0xe90
[  263.502080][T13014]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  263.502109][T13014]  ? ref_tracker_free+0x37c/0x830
[  263.502133][T13014]  netlink_rcv_skb+0x158/0x420
[  263.502159][T13014]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  263.502187][T13014]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  263.502250][T13014]  ? netlink_deliver_tap+0x1ae/0xd30
[  263.502276][T13014]  netlink_unicast+0x5aa/0x870
[  263.502306][T13014]  ? __pfx_netlink_unicast+0x10/0x10
[  263.502342][T13014]  netlink_sendmsg+0x8c8/0xdd0
[  263.502372][T13014]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.502404][T13014]  ____sys_sendmsg+0xa98/0xc70
[  263.502421][T13014]  ? copy_msghdr_from_user+0x10a/0x160
[  263.502443][T13014]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.502470][T13014]  ___sys_sendmsg+0x134/0x1d0
[  263.502492][T13014]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.502511][T13014]  ? __lock_acquire+0x622/0x1c90
[  263.502556][T13014]  __sys_sendmsg+0x16d/0x220
[  263.502578][T13014]  ? __pfx___sys_sendmsg+0x10/0x10
[  263.502602][T13014]  do_syscall_64+0xcd/0xfa0
[  263.502614][T13014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.502625][T13014] RIP: 0033:0x7f20e058f749
[  263.502634][T13014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.502645][T13014] RSP: 002b:00007f20e1386038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.502656][T13014] RAX: ffffffffffffffda RBX: 00007f20e07e5fa0 RCX: 00007f20e058f749
[  263.502663][T13014] RDX: 0000000000000002 RSI: 0000200000000280 RDI: 0000000000000008
[  263.502669][T13014] RBP: 00007f20e1386090 R08: 0000000000000000 R09: 0000000000000000
[  263.502675][T13014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  263.502681][T13014] R13: 00007f20e07e6038 R14: 00007f20e07e5fa0 R15: 00007ffce0df0a58
[  263.502695][T13014]  </TASK>
[  263.708563][T13016] overlayfs: overlapping lowerdir path
[  263.872259][T13024] netlink: 'syz.1.2357': attribute type 10 has an invalid length.
[  263.905452][ T5943] Bluetooth: hci3: unexpected event for opcode 0x0c1c
[  263.936003][T13028] netlink: 'syz.1.2359': attribute type 27 has an invalid length.
[  263.967027][T13028] syz_tun: left promiscuous mode
[  263.979107][T13028] dummy0: left promiscuous mode
[  264.035065][T13028] batadv_slave_0: left promiscuous mode
[  264.042758][T13028] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.127397][T13037] netlink: 'syz.5.2361': attribute type 32 has an invalid length.
[  264.174062][T13028] gretap1: left promiscuous mode
[  264.196013][T13028] bond3: left promiscuous mode
[  264.197624][T13028] bridge2: left promiscuous mode
[  264.227378][T13028] geneve2: left promiscuous mode
[  264.229055][T13028] geneve2: left allmulticast mode
[  264.251674][T13029] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.255966][T13029] 8021q: adding VLAN 0 to HW filter on device team0
[  264.264091][T13029] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.277886][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  264.277901][   T40] audit: type=1400 audit(1764147029.813:1032): avc:  denied  { read } for  pid=5648 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  264.278061][T13039] sp0: Synchronizing with TNC
[  264.278132][   T46] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  264.278151][   T46] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  264.278217][   T46] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  264.278238][   T46] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  264.278264][   T46] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  264.278284][   T46] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  264.278303][   T46] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  264.278316][   T46] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  264.295379][   T40] audit: type=1400 audit(1764147029.833:1033): avc:  denied  { search } for  pid=5648 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.299038][T13038] [U] è
[  264.304751][   T40] audit: type=1400 audit(1764147029.833:1034): avc:  denied  { search } for  pid=5648 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.340696][   T40] audit: type=1400 audit(1764147029.833:1035): avc:  denied  { search } for  pid=5648 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.349020][   T40] audit: type=1400 audit(1764147029.833:1036): avc:  denied  { read } for  pid=5648 comm="dhcpcd" name="n108" dev="tmpfs" ino=11192 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  264.358000][   T40] audit: type=1400 audit(1764147029.833:1037): avc:  denied  { open } for  pid=5648 comm="dhcpcd" path="/run/udev/data/n108" dev="tmpfs" ino=11192 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  264.362098][T13066] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  264.368358][   T40] audit: type=1400 audit(1764147029.833:1038): avc:  denied  { getattr } for  pid=5648 comm="dhcpcd" path="/run/udev/data/n108" dev="tmpfs" ino=11192 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  264.383078][   T40] audit: type=1400 audit(1764147029.923:1039): avc:  denied  { bind } for  pid=13058 comm="syz.1.2366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  264.391279][   T40] audit: type=1400 audit(1764147029.923:1040): avc:  denied  { name_bind } for  pid=13058 comm="syz.1.2366" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  264.398417][   T40] audit: type=1400 audit(1764147029.923:1041): avc:  denied  { node_bind } for  pid=13058 comm="syz.1.2366" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  264.421846][T13052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.427751][T13052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.785743][T13106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2372'.
[  265.005722][T13114] NILFS (loop4): device size too small
[  265.163077][T13124] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2377'.
[  265.319597][   T24] usb 9-1: new low-speed USB device number 14 using dummy_hcd
[  265.477766][T13131] binder: 13130:13131 ioctl 4018620d 0 returned -22
[  265.501204][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  265.504463][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  265.508714][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  265.515005][T13134] netlink: 'syz.1.2380': attribute type 63 has an invalid length.
[  265.515307][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  265.518262][T13134] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2380'.
[  265.526055][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  265.528437][T13134] gretap0: entered allmulticast mode
[  265.534092][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  265.534866][T13134] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  265.537799][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  265.548805][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  265.553609][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  265.553636][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  265.568901][   T24] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  265.572558][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  265.576764][   T24] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  265.581525][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  265.585914][   T24] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  265.596133][   T24] usb 9-1: string descriptor 0 read error: -22
[  265.598945][   T24] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  265.603164][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.620408][   T24] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  265.709449][T13159] mac80211_hwsim hwsim13 wlan0: entered promiscuous mode
[  265.714295][T13159] macsec1: entered promiscuous mode
[  265.716490][T13159] macsec1: entered allmulticast mode
[  265.718247][T13159] mac80211_hwsim hwsim13 wlan0: entered allmulticast mode
[  265.760308][T13166] binder: 13163:13166 ioctl c0306201 0 returned -14
[  265.869660][ T6009] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  266.021231][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.025806][ T6009] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.030050][ T6009] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  266.036099][ T6009] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  266.040159][ T6009] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.045970][ T6009] usb 6-1: config 0 descriptor??
[  266.459185][ T6009] hid_parser_main: 20 callbacks suppressed
[  266.459199][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.464754][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.468187][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.471102][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.473982][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.476471][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.480116][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.482565][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.484920][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.487828][ T6009] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0
[  266.494356][ T6009] plantronics 0003:047F:FFFF.0014: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  266.660680][   T34] usb 6-1: USB disconnect, device number 12
[  267.190664][T13215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.245225][T13215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.249591][T13215] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  267.880655][   T24] usb 9-1: USB disconnect, device number 14
[  267.939013][T13266] binder: 13265:13266 ioctl c0306201 0 returned -14
[  268.051797][T13270] loop9: detected capacity change from 0 to 7
[  268.055253][T13270] Dev loop9: unable to read RDB block 7
[  268.057198][T13270]  loop9: unable to read partition table
[  268.059114][T13270] loop9: partition table beyond EOD, truncated
[  268.062290][T13270] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  268.108144][T13284] netlink: 'syz.1.2405': attribute type 10 has an invalid length.
[  268.111909][T13284] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  268.115337][T13284] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  268.119136][T13284] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  268.125433][T13287] FAULT_INJECTION: forcing a failure.
[  268.125433][T13287] name failslab, interval 1, probability 0, space 0, times 0
[  268.130556][T13287] CPU: 2 UID: 0 PID: 13287 Comm: syz.0.2406 Not tainted syzkaller #0 PREEMPT(full) 
[  268.130579][T13287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  268.130591][T13287] Call Trace:
[  268.130598][T13287]  <TASK>
[  268.130605][T13287]  dump_stack_lvl+0x16c/0x1f0
[  268.130626][T13287]  should_fail_ex+0x512/0x640
[  268.130647][T13287]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[  268.130668][T13287]  should_failslab+0xc2/0x120
[  268.130689][T13287]  __kvmalloc_node_noprof+0x141/0x9c0
[  268.130706][T13287]  ? lockdep_init_map_type+0x5c/0x280
[  268.130723][T13287]  ? alloc_netdev_mqs+0xc91/0x1550
[  268.130751][T13287]  ? alloc_netdev_mqs+0xc91/0x1550
[  268.130771][T13287]  alloc_netdev_mqs+0xc91/0x1550
[  268.130799][T13287]  rtnl_create_link+0xc08/0xf90
[  268.130826][T13287]  rtnl_newlink+0xb69/0x2000
[  268.130856][T13287]  ? __pfx_rtnl_newlink+0x10/0x10
[  268.130877][T13287]  ? find_held_lock+0x2b/0x80
[  268.130899][T13287]  ? avc_has_perm_noaudit+0x117/0x3b0
[  268.130926][T13287]  ? avc_has_perm_noaudit+0x149/0x3b0
[  268.130971][T13287]  ? find_held_lock+0x2b/0x80
[  268.130989][T13287]  ? __pfx_rtnl_newlink+0x10/0x10
[  268.131010][T13287]  ? __pfx_rtnl_newlink+0x10/0x10
[  268.131032][T13287]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  268.131056][T13287]  ? __pfx_rtnl_newlink+0x10/0x10
[  268.131079][T13287]  rtnetlink_rcv_msg+0x95e/0xe90
[  268.131104][T13287]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  268.131133][T13287]  ? ref_tracker_free+0x37c/0x830
[  268.131156][T13287]  netlink_rcv_skb+0x158/0x420
[  268.131180][T13287]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  268.131204][T13287]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  268.131236][T13287]  ? netlink_deliver_tap+0x1ae/0xd30
[  268.131265][T13287]  netlink_unicast+0x5aa/0x870
[  268.131294][T13287]  ? __pfx_netlink_unicast+0x10/0x10
[  268.131327][T13287]  netlink_sendmsg+0x8c8/0xdd0
[  268.131355][T13287]  ? __pfx_netlink_sendmsg+0x10/0x10
[  268.131392][T13287]  ____sys_sendmsg+0xa98/0xc70
[  268.131410][T13287]  ? copy_msghdr_from_user+0x10a/0x160
[  268.131432][T13287]  ? __pfx_____sys_sendmsg+0x10/0x10
[  268.131460][T13287]  ___sys_sendmsg+0x134/0x1d0
[  268.131484][T13287]  ? __pfx____sys_sendmsg+0x10/0x10
[  268.131503][T13287]  ? __lock_acquire+0x622/0x1c90
[  268.131550][T13287]  __sys_sendmsg+0x16d/0x220
[  268.131573][T13287]  ? __pfx___sys_sendmsg+0x10/0x10
[  268.131612][T13287]  do_syscall_64+0xcd/0xfa0
[  268.131630][T13287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.131647][T13287] RIP: 0033:0x7f1491d8f749
[  268.131661][T13287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.131676][T13287] RSP: 002b:00007f148fff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.131693][T13287] RAX: ffffffffffffffda RBX: 00007f1491fe5fa0 RCX: 00007f1491d8f749
[  268.131704][T13287] RDX: 0000000000000002 RSI: 0000200000000280 RDI: 0000000000000008
[  268.131714][T13287] RBP: 00007f148fff6090 R08: 0000000000000000 R09: 0000000000000000
[  268.131724][T13287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.131733][T13287] R13: 00007f1491fe6038 R14: 00007f1491fe5fa0 R15: 00007ffcd325a158
[  268.131758][T13287]  </TASK>
[  268.267976][    C2] vkms_vblank_simulate: vblank timer overrun
[  268.316811][T13296] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2409'.
[  268.371537][T13302] usb usb8: usbfs: process 13302 (syz.4.2409) did not claim interface 0 before use
[  268.751812][T13321] binder: 13320:13321 ioctl c0306201 200000000640 returned -22
[  268.774715][T13324] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  268.777885][T13324] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.784056][T13324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.801617][T13326] xt_hashlimit: overflow, rate too high: 0
[  268.805773][T13326] netlink: 'syz.0.2417': attribute type 10 has an invalid length.
[  268.809569][   T81] bond0: (slave bond_slave_0): link status definitely up
[  268.812047][   T81] bond0: (slave bond_slave_1): link status definitely up
[  268.814739][   T81] bond0: (slave syz_tun): link status definitely up
[  268.817390][   T81] bond0: active interface up!
[  268.838800][T13324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.843888][T13324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.888385][T13328] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2418'.
[  269.021693][T13334] loop9: detected capacity change from 0 to 7
[  269.026168][ T5941] Dev loop9: unable to read RDB block 7
[  269.027966][ T5941]  loop9: unable to read partition table
[  269.029926][ T5941] loop9: partition table beyond EOD, truncated
[  269.033441][T13334] Dev loop9: unable to read RDB block 7
[  269.035347][T13334]  loop9: unable to read partition table
[  269.037187][T13334] loop9: partition table beyond EOD, truncated
[  269.039515][T13334] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  269.435992][T13355] program syz.0.2423 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.682107][T13360] overlayfs: missing 'lowerdir'
[  269.719083][T13363] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2426'.
[  269.763140][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  269.763155][   T40] audit: type=1326 audit(1764147035.303:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13370 comm="syz.5.2428" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20e058f749 code=0x0
[  269.978388][T13376] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2429'.
[  269.988655][T13376] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2429'.
[  270.015744][T13376] binder: BINDER_SET_CONTEXT_MGR already set
[  270.018226][T13376] binder: 13374:13376 ioctl 4018620d 200000004a80 returned -16
[  270.637382][T13383] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2430'.
[  270.716253][   T40] audit: type=1400 audit(1764147036.253:1054): avc:  denied  { create } for  pid=13387 comm="syz.5.2432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  270.717537][T13389] (syz.5.2432,13389,1):ocfs2_get_sector:1714 ERROR: status = -5
[  270.726704][T13389] (syz.5.2432,13389,1):ocfs2_sb_probe:753 ERROR: status = -5
[  270.730890][T13389] (syz.5.2432,13389,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  270.734540][T13389] (syz.5.2432,13389,1):ocfs2_fill_super:1177 ERROR: status = -5
[  270.742211][   T40] audit: type=1400 audit(1764147036.283:1055): avc:  denied  { accept } for  pid=13387 comm="syz.5.2432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  271.029540][   T34] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  271.191269][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.195803][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.200862][   T34] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  271.206360][   T34] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  271.210403][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.215595][   T34] usb 10-1: config 0 descriptor??
[  271.288283][T13406] overlayfs: missing 'lowerdir'
[  271.412351][   T40] audit: type=1326 audit(1764147036.953:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13411 comm="syz.1.2438" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c6618f749 code=0x0
[  271.826761][   T34] usbhid 10-1:0.0: can't add hid device: -71
[  271.829095][   T34] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  271.833248][   T34] usb 10-1: USB disconnect, device number 6
[  272.270189][T13430] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  272.274958][T13430] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2440'.
[  272.279117][   T40] audit: type=1400 audit(1764147037.813:1057): avc:  denied  { setopt } for  pid=13429 comm="syz.1.2440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  272.315106][T13432] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2441'.
[  272.319493][T13432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2441'.
[  272.322741][T13432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2441'.
[  272.376460][  T841] hid_parser_main: 5 callbacks suppressed
[  272.376479][  T841] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  272.388858][   T40] audit: type=1400 audit(1764147037.923:1058): avc:  denied  { create } for  pid=13436 comm="syz.5.2442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  272.389109][  T841] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  272.401276][   T40] audit: type=1400 audit(1764147037.923:1059): avc:  denied  { read } for  pid=13436 comm="syz.5.2442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  272.410257][   T40] audit: type=1400 audit(1764147037.923:1060): avc:  denied  { connect } for  pid=13436 comm="syz.5.2442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  272.434993][T13445] fido_id[13445]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  272.440006][T13455] overlayfs: missing 'lowerdir'
[  272.699754][  T841] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  272.851247][  T841] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  272.855747][  T841] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  272.860066][  T841] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  272.863875][  T841] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.870184][T13458] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  272.877529][  T841] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  272.937858][   T40] audit: type=1326 audit(1764147038.473:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13482 comm="syz.1.2448" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3c6618f749 code=0x0
[  272.979480][   T40] audit: type=1400 audit(1764147038.513:1062): avc:  denied  { write } for  pid=13485 comm="syz.0.2449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  273.137517][ T5944] bond0: (slave syz_tun): Releasing backup interface
[  273.169175][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  273.173461][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  273.177105][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  273.181471][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  273.185095][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  273.360868][T13495] chnl_net:caif_netlink_parms(): no params data found
[  273.416132][ T6009] usb 9-1: USB disconnect, device number 15
[  273.507357][T13495] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.510034][T13495] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.512412][T13495] bridge_slave_0: entered allmulticast mode
[  273.515506][T13495] bridge_slave_0: entered promiscuous mode
[  273.521497][T13495] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.524466][T13495] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.526826][T13495] bridge_slave_1: entered allmulticast mode
[  273.531351][T13495] bridge_slave_1: entered promiscuous mode
[  273.592640][T13495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  273.600224][T13495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  273.662383][T13495] team0: Port device team_slave_0 added
[  273.666334][T13495] team0: Port device team_slave_1 added
[  273.723905][T13495] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.726898][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.738018][T13495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.744663][T13495] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.747530][T13495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.756801][T13495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.827632][T13495] hsr_slave_0: entered promiscuous mode
[  273.832859][T13495] hsr_slave_1: entered promiscuous mode
[  273.835812][T13495] debugfs: 'hsr0' already exists in 'hsr'
[  273.838274][T13495] Cannot create hsr debugfs directory
[  273.907912][T14254] loop9: detected capacity change from 0 to 7
[  273.912375][T14254] Dev loop9: unable to read RDB block 7
[  273.915213][T14254]  loop9: unable to read partition table
[  273.917653][T14254] loop9: partition table beyond EOD, truncated
[  273.923365][T14254] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  274.019157][T13495] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.026870][T13495] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.130292][T13495] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.134812][T13495] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.198543][T14526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.234557][T14529] program syz.5.2455 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  274.242247][T13495] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.246397][T13495] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.254367][T14526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.258741][T14526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  274.278638][T14534] binder: 14533:14534 ioctl c0306201 0 returned -14
[  274.331109][T13495] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.334445][T13495] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.469606][T13495] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  274.481412][T13495] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  274.487906][T13495] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  274.494594][T13495] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  274.540959][T13495] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.551632][T13495] 8021q: adding VLAN 0 to HW filter on device team0
[  274.557082][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.560241][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.570429][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.573600][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.717329][T13495] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.746583][T13495] veth0_vlan: entered promiscuous mode
[  274.754192][T13495] veth1_vlan: entered promiscuous mode
[  274.771111][T13495] veth0_macvtap: entered promiscuous mode
[  274.775139][T13495] veth1_macvtap: entered promiscuous mode
[  274.788087][T13495] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.798184][T13495] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.805556][ T1148] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.811408][ T1148] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.816534][ T1148] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.822547][ T1148] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.856502][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  274.856518][   T40] audit: type=1400 audit(1764147040.393:1069): avc:  denied  { bind } for  pid=14567 comm="syz.4.2459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  274.876269][T14571] overlay: ./file0 is not a directory
[  274.877634][   T40] audit: type=1400 audit(1764147040.413:1070): avc:  denied  { mounton } for  pid=14563 comm="syz.1.2458" path="/603/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  274.885865][   T40] audit: type=1400 audit(1764147040.413:1071): avc:  denied  { mount } for  pid=14563 comm="syz.1.2458" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  274.897669][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.904771][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.921016][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.923696][T14583] binder: 14581:14583 ioctl c0306201 2000000004c0 returned -14
[  274.924009][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.928155][T14583] binder: 14581:14583 ioctl c0306201 2000000001c0 returned -14
[  274.935788][   T40] audit: type=1400 audit(1764147040.473:1072): avc:  denied  { mounton } for  pid=13495 comm="syz-executor" path="/syzkaller.uwmjQP/syz-tmp" dev="sda1" ino=2040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  274.944149][   T40] audit: type=1400 audit(1764147040.473:1073): avc:  denied  { mount } for  pid=13495 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  274.952218][   T40] audit: type=1400 audit(1764147040.473:1074): avc:  denied  { mounton } for  pid=13495 comm="syz-executor" path="/syzkaller.uwmjQP/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  274.962614][   T40] audit: type=1400 audit(1764147040.473:1075): avc:  denied  { mounton } for  pid=13495 comm="syz-executor" path="/syzkaller.uwmjQP/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=59428 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  274.972389][   T40] audit: type=1400 audit(1764147040.483:1076): avc:  denied  { mounton } for  pid=13495 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2837 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  274.981902][   T40] audit: type=1400 audit(1764147040.483:1077): avc:  denied  { mount } for  pid=13495 comm="syz-executor" name="/" dev="gadgetfs" ino=9909 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  274.991345][   T40] audit: type=1400 audit(1764147040.483:1078): avc:  denied  { mounton } for  pid=13495 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  275.020753][T14588] __nla_validate_parse: 2 callbacks suppressed
[  275.020766][T14588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2461'.
[  275.221684][T14602] loop9: detected capacity change from 0 to 7
[  275.225033][T14602] Dev loop9: unable to read RDB block 7
[  275.227361][T14602]  loop9: unable to read partition table
[  275.230186][T14602] loop9: partition table beyond EOD, truncated
[  275.232809][T14602] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  275.240247][ T5948] Bluetooth: hci1: command tx timeout
[  275.566579][T14619] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2468'.
[  275.570610][T14619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.625183][T14619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  275.630039][T14619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.188058][T14621] binder: 14620:14621 ioctl c0306201 2000000004c0 returned -14
[  276.194668][T14621] binder: 14620:14621 ioctl c0306201 2000000001c0 returned -14
[  276.198877][T14621] binder: 14620:14621 ioctl c0306201 200000000180 returned -14
[  276.204105][T14621] binder: 14620:14621 ioctl c0306201 200000004a40 returned -14
[  276.270830][T14626] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  276.468996][T14642] loop9: detected capacity change from 0 to 7
[  276.472075][T14642] Dev loop9: unable to read RDB block 7
[  276.473861][T14642]  loop9: unable to read partition table
[  276.475734][T14642] loop9: partition table beyond EOD, truncated
[  276.478716][T14642] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  276.539670][T14648] Bluetooth: hci4: Frame reassembly failed (-84)
[  276.542560][   T81] Bluetooth: hci4: Frame reassembly failed (-84)
[  277.319582][ T5943] Bluetooth: hci1: command tx timeout
[  277.618345][ T5947] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  277.623402][ T5947] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  277.627385][T14669] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2481'.
[  277.629812][ T5947] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  277.635883][ T5947] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  277.640052][ T5947] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  277.815893][T14664] chnl_net:caif_netlink_parms(): no params data found
[  277.838303][T14777] netlink: 'syz.4.2485': attribute type 10 has an invalid length.
[  277.892242][T10069] bond0: (slave syz_tun): Releasing backup interface
[  277.977044][T14664] bridge0: port 1(bridge_slave_0) entered blocking state
[  277.980285][T14664] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.983707][T14664] bridge_slave_0: entered allmulticast mode
[  277.988193][T14664] bridge_slave_0: entered promiscuous mode
[  277.994700][T14664] bridge0: port 2(bridge_slave_1) entered blocking state
[  277.997907][T14664] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.003499][T14664] bridge_slave_1: entered allmulticast mode
[  278.007489][T14664] bridge_slave_1: entered promiscuous mode
[  278.083795][T14664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.091060][T14664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.145914][T14664] team0: Port device team_slave_0 added
[  278.149243][T14664] team0: Port device team_slave_1 added
[  278.203161][T14664] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.205922][T14664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  278.217181][T14664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.233394][T14664] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.235596][T14664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  278.246251][T14664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.321666][T14664] hsr_slave_0: entered promiscuous mode
[  278.324115][T14664] hsr_slave_1: entered promiscuous mode
[  278.326479][T14664] debugfs: 'hsr0' already exists in 'hsr'
[  278.328429][T14664] Cannot create hsr debugfs directory
[  278.475644][T15587] loop9: detected capacity change from 0 to 7
[  278.478955][T15587] Dev loop9: unable to read RDB block 7
[  278.481440][T15587]  loop9: unable to read partition table
[  278.483379][T15587] loop9: partition table beyond EOD, truncated
[  278.487188][T15587] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  278.536526][T15693] 9p: Unknown uid 00000000004294967295
[  278.537174][ T1199] bridge_slave_1: left allmulticast mode
[  278.540939][ T1199] bridge_slave_1: left promiscuous mode
[  278.543332][ T1199] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.547092][ T1199] bridge_slave_0: left allmulticast mode
[  278.548917][ T1199] bridge_slave_0: left promiscuous mode
[  278.553403][ T1199] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.613670][ T5948] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  278.614459][ T5947] Bluetooth: hci4: command 0xfc11 tx timeout
[  278.691623][ T1199] bond2 (unregistering): (slave gretap1): Releasing active interface
[  278.698391][T15701] overlayfs: missing 'lowerdir'
[  278.898866][ T1199] bond3 (unregistering): (slave bridge2): Releasing backup interface
[  279.116236][ T1199] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.121604][ T1199] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.125577][ T1199] bond0 (unregistering): Released all slaves
[  279.135409][ T1199] bond1 (unregistering): Released all slaves
[  279.145588][ T1199] bond2 (unregistering): Released all slaves
[  279.231468][ T1199] bond3 (unregistering): Released all slaves
[  279.308506][ T1199] bond4 (unregistering): (slave veth5): Releasing active interface
[  279.313413][ T1199] bond4 (unregistering): Released all slaves
[  279.399923][ T5948] Bluetooth: hci1: command tx timeout
[  279.408526][ T1199] tipc: Left network mode
[  279.460965][ T1199] IPVS: stopping backup sync thread 7643 ...
[  279.468681][T15726] tipc: Started in network mode
[  279.473486][T15726] tipc: Node identity 4, cluster identity 4711
[  279.476345][T15726] tipc: Node number set to 4
[  279.654127][T15738] netlink: 45 bytes leftover after parsing attributes in process `syz.5.2498'.
[  279.677289][T15738] netlink: 'syz.5.2498': attribute type 10 has an invalid length.
[  279.719625][ T5948] Bluetooth: hci5: command tx timeout
[  279.822334][ T1199] hsr_slave_0: left promiscuous mode
[  279.825128][ T1199] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.827905][ T1199] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.868107][T15775] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2501'.
[  279.919575][T15777] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2501'.
[  280.031228][T15780] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2501'.
[  280.465769][ T1199] team0 (unregistering): Port device team_slave_1 removed
[  280.539442][ T1199] team0 (unregistering): Port device team_slave_0 removed
[  280.881077][T15791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2504'.
[  280.884074][T15791] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2504'.
[  280.886942][T15791] netlink: 'syz.0.2504': attribute type 6 has an invalid length.
[  281.164366][T14664] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  281.172246][T14664] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  281.177456][T14664] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  281.185703][T14664] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  281.214795][T15809] overlayfs: missing 'workdir'
[  281.249440][    C2] ------------[ cut here ]------------
[  281.251659][T15813] tipc: New replicast peer: fc00:0000:0000:0000:0000:0000:0000:0000
[  281.252170][    C2] ODEBUG: free active (active state 0) object: ffff888055918890 object type: timer_list hint: rose_t0timer_expiry+0x0/0x150
[  281.255816][T15813] tipc: Enabled bearer <udp:syz2>, priority 10
[  281.261322][    C2] WARNING: CPU: 2 PID: 15808 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[  281.267882][    C2] Modules linked in:
[  281.270246][    C2] CPU: 2 UID: 0 PID: 15808 Comm: syz.0.2506 Not tainted syzkaller #0 PREEMPT(full) 
[  281.274279][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.278745][    C2] RIP: 0010:debug_print_object+0x1a2/0x2b0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  281.281377][    C2] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 84 f0 8b 4c 89 e6 48 c7 c7 20 79 f0 8b e8 ff 95 ce fc 90 <0f> 0b 90 90 58 83 05 16 c2 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  281.285025][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  281.285041][   T40] audit: type=1400 audit(1764147046.823:1101): avc:  denied  { write } for  pid=5900 comm="syz-executor" path="pipe:[6093]" dev="pipefs" ino=6093 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  281.289630][    C2] RSP: 0018:ffffc90000648a18 EFLAGS: 00010282
[  281.289657][    C2] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8
[  281.289669][    C2] RDX: ffff888044dac900 RSI: ffffffff817b1ce5 RDI: 0000000000000001
[  281.289682][    C2] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  281.289695][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07fc0
[  281.289706][    C2] R13: ffffffff8b9021e0 R14: ffffffff8a4ddd30 R15: ffffc90000648b18
[  281.289717][    C2] FS:  0000000000000000(0000) GS:ffff8880d6c05000(0000) knlGS:0000000000000000
[  281.289748][    C2] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  281.289762][    C2] CR2: 0000001b2ff22ff8 CR3: 000000003d688000 CR4: 0000000000352ef0
[  281.289774][    C2] Call Trace:
[  281.289782][    C2]  <IRQ>
[  281.303416][T14664] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.304327][    C2]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  281.339356][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  281.342172][    C2]  debug_check_no_obj_freed+0x4b7/0x600
[  281.344496][    C2]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  281.345345][T14664] 8021q: adding VLAN 0 to HW filter on device team0
[  281.347013][    C2]  ? mark_held_locks+0x49/0x80
[  281.351780][    C2]  ? kasan_quarantine_put+0x10a/0x240
[  281.354100][    C2]  ? lockdep_hardirqs_on+0x7c/0x110
[  281.356309][    C2]  kfree+0x291/0x6d0
[  281.357974][    C2]  ? rose_timer_expiry+0x53f/0x630
[  281.360485][    C2]  ? rose_timer_expiry+0x53f/0x630
[  281.362769][    C2]  rose_timer_expiry+0x53f/0x630
[  281.364938][    C2]  ? __pfx_rose_timer_expiry+0x10/0x10
[  281.367380][    C2]  call_timer_fn+0x19a/0x620
[  281.369542][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  281.371825][    C2]  ? __pfx_rose_timer_expiry+0x10/0x10
[  281.374156][    C2]  __run_timers+0x6ef/0x960
[  281.374821][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.376106][    C2]  ? __pfx___run_timers+0x10/0x10
[  281.379506][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.381222][    C2]  run_timer_base+0x114/0x190
[  281.385457][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  281.387688][    C2]  run_timer_softirq+0x1a/0x40
[  281.389791][    C2]  handle_softirqs+0x219/0x8e0
[  281.391887][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  281.393211][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.394219][    C2]  __irq_exit_rcu+0x109/0x170
[  281.394248][    C2]  irq_exit_rcu+0x9/0x30
[  281.394272][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  281.394305][    C2]  </IRQ>
[  281.394314][    C2]  <TASK>
[  281.394323][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  281.394345][    C2] RIP: 0010:unwind_next_frame+0xd6/0x20a0
[  281.394371][    C2] Code: 35 00 31 d2 45 31 c9 45 31 c0 48 8d 05 00 00 00 00 50 b9 02 00 00 00 31 f6 48 c7 c7 60 47 3c 8e e8 7f d5 2c 00 e8 5a d3 f4 09 <5a> 85 c0 0f 85 57 09 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8d 65
[  281.394392][    C2] RSP: 0018:ffffc9000586f9f0 EFLAGS: 00000246
[  281.394413][    C2] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 00000000ef9d33e4
[  281.394425][    C2] RDX: 0000000000000000 RSI: ffffffff8da06b82 RDI: ffffffff8bf073c0
[  281.394437][    C2] RBP: ffffc9000586fab0 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  281.394450][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81a7e2a0
[  281.394465][    C2] R13: ffffc9000586fa68 R14: 0000000000000000 R15: ffff888044dac900
[  281.394482][    C2]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  281.394522][    C2]  ? unwind_next_frame+0xbd/0x20a0
[  281.394546][    C2]  ? mmput+0x62/0x70
[  281.394572][    C2]  ? stack_trace_save+0x8e/0xc0
[  281.394598][    C2]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  281.394626][    C2]  arch_stack_walk+0x94/0x100
[  281.394653][    C2]  ? mmput+0x62/0x70
[  281.394680][    C2]  stack_trace_save+0x8e/0xc0
[  281.394706][    C2]  ? __pfx_stack_trace_save+0x10/0x10
[  281.396952][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  281.398949][    C2]  ? __lock_acquire+0x622/0x1c90
[  281.460161][    C2]  save_stack+0x160/0x1f0
[  281.461995][    C2]  ? __pfx_save_stack+0x10/0x10
[  281.463955][    C2]  ? __free_frozen_pages+0x7df/0x1160
[  281.465793][    C2]  ? __mmdrop+0xd5/0x580
[  281.467165][    C2]  ? __mmput+0x374/0x410
[  281.468537][    C2]  ? mmput+0x62/0x70
[  281.469863][    C2]  ? page_ext_put+0x3e/0xd0
[  281.471368][    C2]  __reset_page_owner+0x84/0x1a0
[  281.472926][    C2]  __free_frozen_pages+0x7df/0x1160
[  281.474500][    C2]  ? ___free_pages+0xcd/0x220
[  281.475949][    C2]  __mmdrop+0xd5/0x580
[  281.477469][    C2]  __mmput+0x374/0x410
[  281.479163][    C2]  mmput+0x62/0x70
[  281.480793][    C2]  do_exit+0x7c7/0x2bf0
[  281.482543][    C2]  ? __pfx_do_exit+0x10/0x10
[  281.484553][    C2]  ? preempt_schedule_thunk+0x16/0x30
[  281.486852][    C2]  do_group_exit+0xd3/0x2a0
[  281.488853][    C2]  __x64_sys_exit_group+0x3e/0x50
[  281.491035][    C2]  x64_sys_call+0x150b/0x1730
[  281.493033][    C2]  do_syscall_64+0xcd/0xfa0
[  281.495108][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.497609][    C2] RIP: 0033:0x7f92c6b8f749
[  281.499616][    C2] Code: Unable to access opcode bytes at 0x7f92c6b8f71f.
[  281.502673][    C2] RSP: 002b:00007fff68562ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  281.506151][    C2] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f92c6b8f749
[  281.509484][    C2] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  281.512758][    C2] RBP: 00007fff68562f5c R08: 0000000868562fef R09: 00000000000927c0
[  281.516118][    C2] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000013
[  281.519542][    C2] R13: 00000000000927c0 R14: 00000000000449d9 R15: 00007fff68562fb0
[  281.522868][    C2]  </TASK>
[  281.524225][    C2] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  281.527258][    C2] CPU: 2 UID: 0 PID: 15808 Comm: syz.0.2506 Not tainted syzkaller #0 PREEMPT(full) 
[  281.531129][    C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.535575][    C2] Call Trace:
[  281.537001][    C2]  <IRQ>
[  281.538253][    C2]  dump_stack_lvl+0x3d/0x1f0
[  281.540212][    C2]  vpanic+0x640/0x6f0
[  281.541931][    C2]  ? debug_print_object+0x1a2/0x2b0
[  281.544150][    C2]  panic+0xca/0xd0
[  281.545754][    C2]  ? __pfx_panic+0x10/0x10
[  281.547640][    C2]  ? check_panic_on_warn+0x1f/0xb0
[  281.549938][    C2]  check_panic_on_warn+0xab/0xb0
[  281.552011][    C2]  __warn+0xf6/0x3c0
[  281.553649][    C2]  ? debug_print_object+0x1a2/0x2b0
[  281.555826][    C2]  report_bug+0x3c3/0x580
[  281.557640][    C2]  ? debug_print_object+0x1a2/0x2b0
[  281.559923][    C2]  handle_bug+0x184/0x210
[  281.561838][    C2]  exc_invalid_op+0x17/0x50
[  281.563796][    C2]  asm_exc_invalid_op+0x1a/0x20
[  281.565881][    C2] RIP: 0010:debug_print_object+0x1a2/0x2b0
[  281.568320][    C2] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd a0 84 f0 8b 4c 89 e6 48 c7 c7 20 79 f0 8b e8 ff 95 ce fc 90 <0f> 0b 90 90 58 83 05 16 c2 d5 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[  281.576191][    C2] RSP: 0018:ffffc90000648a18 EFLAGS: 00010282
[  281.578771][    C2] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817b1cd8
[  281.582189][    C2] RDX: ffff888044dac900 RSI: ffffffff817b1ce5 RDI: 0000000000000001
[  281.585432][    C2] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  281.588646][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff8bf07fc0
[  281.591877][    C2] R13: ffffffff8b9021e0 R14: ffffffff8a4ddd30 R15: ffffc90000648b18
[  281.595178][    C2]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  281.597539][    C2]  ? __warn_printk+0x198/0x350
[  281.599571][    C2]  ? __warn_printk+0x1a5/0x350
[  281.601624][    C2]  ? debug_print_object+0x1a1/0x2b0
[  281.603840][    C2]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  281.606207][    C2]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  281.608632][    C2]  debug_check_no_obj_freed+0x4b7/0x600
[  281.611036][    C2]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  281.613617][    C2]  ? mark_held_locks+0x49/0x80
[  281.615681][    C2]  ? kasan_quarantine_put+0x10a/0x240
[  281.617948][    C2]  ? lockdep_hardirqs_on+0x7c/0x110
[  281.620164][    C2]  kfree+0x291/0x6d0
[  281.621846][    C2]  ? rose_timer_expiry+0x53f/0x630
[  281.624079][    C2]  ? rose_timer_expiry+0x53f/0x630
[  281.626191][    C2]  rose_timer_expiry+0x53f/0x630
[  281.628126][    C2]  ? __pfx_rose_timer_expiry+0x10/0x10
[  281.630192][    C2]  call_timer_fn+0x19a/0x620
[  281.632150][    C2]  ? __pfx_call_timer_fn+0x10/0x10
[  281.634362][    C2]  ? __pfx_rose_timer_expiry+0x10/0x10
[  281.636670][    C2]  __run_timers+0x6ef/0x960
[  281.638631][    C2]  ? __pfx___run_timers+0x10/0x10
[  281.640748][    C2]  run_timer_base+0x114/0x190
[  281.642774][    C2]  ? __pfx_run_timer_base+0x10/0x10
[  281.645100][    C2]  run_timer_softirq+0x1a/0x40
[  281.647156][    C2]  handle_softirqs+0x219/0x8e0
[  281.649181][    C2]  ? __pfx_handle_softirqs+0x10/0x10
[  281.651335][    C2]  __irq_exit_rcu+0x109/0x170
[  281.653283][    C2]  irq_exit_rcu+0x9/0x30
[  281.655065][    C2]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  281.657366][    C2]  </IRQ>
[  281.658604][    C2]  <TASK>
[  281.659870][    C2]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  281.662414][    C2] RIP: 0010:unwind_next_frame+0xd6/0x20a0
[  281.664809][    C2] Code: 35 00 31 d2 45 31 c9 45 31 c0 48 8d 05 00 00 00 00 50 b9 02 00 00 00 31 f6 48 c7 c7 60 47 3c 8e e8 7f d5 2c 00 e8 5a d3 f4 09 <5a> 85 c0 0f 85 57 09 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8d 65
[  281.672919][    C2] RSP: 0018:ffffc9000586f9f0 EFLAGS: 00000246
[  281.675470][    C2] RAX: 0000000000000001 RBX: 0000000000000001 RCX: 00000000ef9d33e4
[  281.678672][    C2] RDX: 0000000000000000 RSI: ffffffff8da06b82 RDI: ffffffff8bf073c0
[  281.682000][    C2] RBP: ffffc9000586fab0 R08: 0ac0d5affe09d4ff R09: 0000000000000000
[  281.685349][    C2] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81a7e2a0
[  281.688668][    C2] R13: ffffc9000586fa68 R14: 0000000000000000 R15: ffff888044dac900
[  281.692043][    C2]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  281.694588][    C2]  ? unwind_next_frame+0xbd/0x20a0
[  281.696708][    C2]  ? mmput+0x62/0x70
[  281.698392][    C2]  ? stack_trace_save+0x8e/0xc0
[  281.700464][    C2]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  281.703069][    C2]  arch_stack_walk+0x94/0x100
[  281.705076][    C2]  ? mmput+0x62/0x70
[  281.706799][    C2]  stack_trace_save+0x8e/0xc0
[  281.708791][    C2]  ? __pfx_stack_trace_save+0x10/0x10
[  281.711082][    C2]  ? __lock_acquire+0x622/0x1c90
[  281.713195][    C2]  save_stack+0x160/0x1f0
[  281.714962][    C2]  ? __pfx_save_stack+0x10/0x10
[  281.716971][    C2]  ? __free_frozen_pages+0x7df/0x1160
[  281.719197][    C2]  ? __mmdrop+0xd5/0x580
[  281.720990][    C2]  ? __mmput+0x374/0x410
[  281.722849][    C2]  ? mmput+0x62/0x70
[  281.724533][    C2]  ? page_ext_put+0x3e/0xd0
[  281.726517][    C2]  __reset_page_owner+0x84/0x1a0
[  281.728645][    C2]  __free_frozen_pages+0x7df/0x1160
[  281.730854][    C2]  ? ___free_pages+0xcd/0x220
[  281.732863][    C2]  __mmdrop+0xd5/0x580
[  281.734653][    C2]  __mmput+0x374/0x410
[  281.736397][    C2]  mmput+0x62/0x70
[  281.737995][    C2]  do_exit+0x7c7/0x2bf0
[  281.739415][    C2]  ? __pfx_do_exit+0x10/0x10
[  281.740881][    C2]  ? preempt_schedule_thunk+0x16/0x30
[  281.742605][    C2]  do_group_exit+0xd3/0x2a0
[  281.744068][    C2]  __x64_sys_exit_group+0x3e/0x50
[  281.745670][    C2]  x64_sys_call+0x150b/0x1730
[  281.747189][    C2]  do_syscall_64+0xcd/0xfa0
[  281.748812][    C2]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.750734][    C2] RIP: 0033:0x7f92c6b8f749
[  281.752152][    C2] Code: Unable to access opcode bytes at 0x7f92c6b8f71f.
[  281.754369][    C2] RSP: 002b:00007fff68562ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  281.757182][    C2] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f92c6b8f749
[  281.759748][    C2] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  281.762261][    C2] RBP: 00007fff68562f5c R08: 0000000868562fef R09: 00000000000927c0
[  281.764767][    C2] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000013
[  281.767254][    C2] R13: 00000000000927c0 R14: 00000000000449d9 R15: 00007fff68562fb0
[  281.769899][    C2]  </TASK>
[  281.771718][    C2] Kernel Offset: disabled
[  281.773092][    C2] Rebooting in 86400 seconds..