last executing test programs:

5m25.582312859s ago: executing program 0 (id=595):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x10}}], 0x1, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x39011, 0x0)

5m25.468797635s ago: executing program 0 (id=596):
pipe(&(0x7f0000000000))
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) (fail_nth: 2)

5m25.468508879s ago: executing program 0 (id=597):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f00000002c0)=0x2a278e3f)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

5m25.252454123s ago: executing program 0 (id=600):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES32=r3, @ANYBLOB="18000000000000000000000000000000850000000700000018110000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000006000000000000009500000022000000d091ac"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write(0xffffffffffffffff, &(0x7f0000000000)="0a000000010001", 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a8001600200070220f2e47300b3c1f61c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cee0090000001fb791643a5ee4ce5b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006", 0xa2}], 0x1}, 0x0)
getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f00000005c0)={@ipv4={""/10, ""/2, @remote}}, &(0x7f0000000600)=0x14)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), 0xffffffffffffffff)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r11 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r11, &(0x7f0000000180)={&(0x7f0000000300)={0x2, 0x20}, 0x10, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="280000000000000000000000070000000703ec4414"], 0x28}, 0x20000000)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r10, 0x5, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000680)=ANY=[@ANYRES32=r10, @ANYRESHEX=r12, @ANYRES32=r5, @ANYRESDEC=0x0, @ANYBLOB="f53a4a18f32092d86c9c7f4e432e46ebc7da0f1037b8ce202d63c6bc8f79721fc750d9ff135edd6fb95ddd64de0ddae47c3c5858d9336ec399d11811d622f5cdd3c56838dc0cb3e68d70500fe7e00c567df52141a1a80884083cfddb50295793c4039f0c8d8a29113ad6db854e6d4b6a9c5db624233ece7aff3f3b2bb735544625d86caca2d1d7d2df318a320f46525b3095a13a3bc292d1dd550bb024a80a7244bda1984bc72c71a61b900849eec88074feae18526f1cd4f1acfc5e4c63f94bcf82a2b0790545b23e99d64a4a621ddf2e585f76a34ede6fca5b762dd3", @ANYRES64=r8, @ANYRESOCT=0x0], 0x58}, 0x1, 0x0, 0x0, 0x2000c004}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r10, @ANYRES64, @ANYRESDEC=r13, @ANYBLOB="0a0034000202020202020000"], 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)={0x1c, r6, 0x201, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x700}, 0x0)
r14 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r14, @ANYBLOB=',wfdno=', @ANYRESHEX])

5m25.091449452s ago: executing program 0 (id=601):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x904000, 0x0, 0x5f, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000002c0)="ad56b6c5820fae9d6dcd3292ea543701fd2792bb7f71c7beef915d564c90c201000000000a284f4bc407fe67b646089f88a69cca0cb882184580b5a9f862be47409e64b3ade2290485914443c9803e1966355dbf899c1d6e82c10fce2d71ce012fbf38b8b5f55ad79fc67d5a791bc2599368b8e9cdbfaf155ebfa450bfa1240570515d80949f91fb9b0d02b16d82e489e910a9932f9fbf4dc7e8e3f590ceaf55687a8173ffe886be34030fe962c05896ddea1e4297ef2451ce35649aea1b906422989a8dcb711eca9229bf1237355d9032cbdcf42ec3aec0ab00be335f6fccf20d28ab2e16cdb5b409ce48e1a17a0b5514c73d80adc987ca4963cfb0072871cc6775a90f4999c9172e1177b30034f6151681319be1a2c374b08253f2271e84760d74c279cde063717b96da70c5bc1d825ea975963f16a5cfd660ddea59053ca79624a5090ad4ed3466cfa3c4a5154de6f0d413824966edd99d25af8861737fd7ec9d531f90dd4e39298700aaf90c9731d342a9f4bf4b1a25e7af322b7f9ee61c099b1e01b51a9b56ce406e98693e681bc88486291e644c14031b0723d2d01cf25dae0dc0a48341d70892", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[], 0xa80}, 0x1, 0x0, 0x0, 0x24000840}, 0x20004001)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
setpgid(r0, 0x0)
r3 = getpgid(r0)
setpgid(0x0, r3)
mount$fuse(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0xa0019, 0x0)

5m24.204845506s ago: executing program 0 (id=605):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x10}}], 0x1, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x39011, 0x0)

5m9.239506291s ago: executing program 32 (id=605):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x10}}], 0x1, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x39011, 0x0)

5m5.158007869s ago: executing program 3 (id=711):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000002c0), 0x4, 0x183000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xad, &(0x7f0000000140)=""/173, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0xfffffffe, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x3, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x10000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x1)
writev(r6, &(0x7f0000000780)=[{0x0}], 0x1)
connect$pptp(r5, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r3], 0x4b0}}, 0x41)
ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x5, "2a000000000000005a957fe0213b2e100af028f0030b2eff0b61e6e66b8f37ff"})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000200)=0xdb)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010003000000000000000c0000000c00000002000000000000000000000d000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x10)

5m1.989135656s ago: executing program 3 (id=731):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x12)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000140))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$video4linux(&(0x7f0000000100), 0xfffffffe, 0x200800)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900})
ioctl$VIDIOC_QUERYMENU(r2, 0xc008561c, &(0x7f0000000400)={0x980900, 0x4003, @name="b6ae8e0f0376fa7d4eac0abd15418b9c7d97029e735ede962403968545b1c117"})
write$binfmt_script(r0, &(0x7f0000000200)={'#! ', './file0', [{0x20, '\xca'}, {}], 0xa, "77bb8f7e15bbd5e8661782d79d"}, 0x1b)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r3)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$sock_SIOCOUTQNSD(r4, 0x894b, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b26, &(0x7f0000000080)={'wlan1\x00', @random="8d0000008000"})

5m1.875459368s ago: executing program 3 (id=732):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES16=r0], 0x40}}, 0x0)

5m1.874863217s ago: executing program 3 (id=733):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
io_setup(0x23, &(0x7f0000000280)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201)
ioctl$RFKILL_IOCTL_NOINPUT(r3, 0x5201)
setpgid(r2, 0x0)
setpgid(0x0, r2)
ptrace$peeksig(0x4209, r2, &(0x7f0000000000)={0x0, 0x0, 0x7}, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}])
r4 = socket$igmp6(0xa, 0x3, 0x2)
ppoll(&(0x7f0000000340)=[{r3, 0x249}, {r4}, {r3, 0x1000}, {r3, 0xc000}, {r3, 0x2609}, {r3}], 0x6, &(0x7f00000003c0)={0x77359400}, &(0x7f0000002980)={[0x4]}, 0x8)
sendmmsg$inet6(r4, &(0x7f0000002900)=[{{&(0x7f0000000140)={0xa, 0x4e24, 0x80000001, @mcast2, 0x1}, 0x1c, &(0x7f0000000980)=[{&(0x7f0000000180)="a04b292328fde026c8a025cb488ecc8ae36b53b0c39f7c216377742abaebbdd2a578323fb0d8988c63ffbf5891f686ef6bd58ee86662e6024ddaa4a40281882d071f2fbd1110e4d3364cf560501139a53bbc42b7d87fab2a44fc8b0b96374bd194cd08a49688798cb1f9057cead988eef751690b55a263b13b9ed00669bd13eac0ca6e651628575b1bd24f0f43ae6d28c709170e2b", 0x95}, {&(0x7f0000000280)="536338ce192b2d6bcd4373f39de19d368a6320001751bc566deec8875f956db968c2fc4b3863fd0a82863522c2ada973b9a2fb39f091959ce962017b9b42f8cf5b637da3ad826d7c5e8fa2281223aeccf1", 0x51}, {&(0x7f0000000300)="39972053eb8aa7c6db6baf6b", 0xc}, {&(0x7f00000007c0)="fa52240898b8ed03331ead5913c2bc5c45eac8d4c5a6c42cc6a3cd5e96d5aade4a1905b7f5bbed7050e252a688efa8b579861bd7ce959f22c4197e52159f750ef11397984f9ba7586e13a9128cb94c25049c0944c1f417ed79ddae6279d5a5ae7fc9d89cabd4b4d147e34da368fb6215b87aea82c4ac923ca4d3f0abc2c8b1b8920b7af5de32559ae27640635e084e87fa78c3c03625f8b705ce743b2f98742ab0823136c695c878d582bc1376c135867a717ea77ba97734d47efa83e5", 0xbd}, {&(0x7f0000000340)}, {&(0x7f0000000880)="07fd631503bd1046888e2abe5e380d0fedb51e2783dfa120876a1b0dc8a6e82108eb22de23894217d530507b9d3b0bec4b81e86685ffa9ba6cf8c807ca190fc437824029cac936ea4a158b9e9037042bd873434c432c60eb9a4915c2387a20bcce33d749c7d4fe3f74eba90076d0200f2040fff492237558ea6d49e695e7694a708eb3509c7d687ab271a6e8f45add7ea34e782efbcfd25413782788543ef9339fe50d1e3b1577bdd52a1afa70f70d95638016276494e7606e06e06f8ccfa337bd273ddfd1ed7d6b7d0ec288094989926961b3c03d00455d43b039adf3", 0xdd}, {&(0x7f00000003c0)}], 0x7}}, {{&(0x7f00000009c0)={0xa, 0x4e22, 0x0, @mcast2, 0xff}, 0x1c, &(0x7f0000001f00)=[{&(0x7f0000000a00)="734d401db2bc503c49b21bca5cf78734dfe804ecfd5eccff4ecd21586074f8c42cfac5c7f521faad7f8c8d9a07f97ca33c6a1d0c54564ad0f43aed4ec9856828938949b766395719c55b5922e147f1f75be907e16acc1a", 0x57}, {&(0x7f0000000a80)="b02a5fa3a3b2d888ea", 0x9}, {&(0x7f0000000ac0)='5[', 0x2}, {&(0x7f0000000b00)="05da0a5f54eb10fb280cb659b896d8c56216f70fcf4e26a423528e8b7ecfa11ca5472324dce858f3cf7f899e5c185b1777e917e6d8ba63e3477ee6175c3c7c61197c2c67d53583cd3e07cdf846a939e4dee3d553aad4f84589fdc58a1f6d877847e78ee85eae95e912eb7b0653c75f", 0x6f}, {&(0x7f0000000b80)="d0811c83d07a1de121e205090b2f51aa58e9fcfd5eb18f93c0c2e6df43ce9377792d1e172a0c9d535e68ab26541f649ef897e2ba8805ba083581fdce8656eebb07ba4fe5977b1066f33cfe54e9af9899c4d20113b4f43d8bb5571fa636925b0e43281417671aa03d8b1cdf", 0x6b}, {&(0x7f0000000c00)="6f0addfc2a5d1a04bb360eb50190f930d71d652dd47f5d0ddcbf71c97eba74c7c170e732ce7136c0f8d888b853827d58112661747a62b3b6e44a15a17b96b9620779eb275f4aec61af109e0f74e555a1c65fb41bede3b2710393b60bde86e3244e62332d71764b9ae772575a5aa87fa8c20517757c986efeeefbd501cf90700de31e57c1fcaa4bc866991e068a14ffabed9fd2fb3245447d525d5b09b9a363dd0b651d412705782b579b85705a3305db01a5bdd11085519cabc333a5cf051a5945514ca3471887221a33b7de7fd38be906c40dfe77524657a9f1c55dbedca073d45938157cd7efe105a3cf55f0bf92e9f4f5dd740cae063e6f3e7c7ead745c00a90f56b6a4a1ece2dc5d14fd9fb619be659df1346f779d37b678864afeb3abc48ccfa4990cbd84490b3b8b70184bdccd273668ac5fc837fdb519d23637e00f18600aa204b1e47fbf0a3a94e596b684082c8de214bae994a3c8e968b7d4d03e78830d51ac77d6eb94dbd0ae5b7ce7370d84f205e505f9611435eaa7b254d3188582cc646b608d93970aa5548d97a855d323db2d260f234e6f1bf4249dd62c31a4f211c4aee48a3813fcdcfbb72214bbdbc6234bf5fc8ae8bfa93db2e1acd6951f572e0d9306945290a379bb794f09e9f93c1ba4f778405e111fe0bed74c064bd2d094ad6bad0d3b594324f718241e7f8bdea4db55994d510cc22785d45efceee3944dded9726a6096d23001635df043ef77223c74cdceae89363bc5bf24f3d57d5d5e34d3eff77c573fecf98319840a99809489f47fa33995affe7789c501fa7466ec096abf13bc75896b71f2dd6e736b26a433b71c18ff20fd9556737e04c6f312098a0c72d4ee4fdad69e6947ce001695e83b262cd4e3c8534d9a2c15f0aff87e6c24d3573bba59ecbea2fa34d22c29abe341decd144378e12047d024510a5d4c0f028d71fb85fe7fb90499822ccdf804a72cb19296fb3ca7b3e8da3d0539093df950bd6c4725d03100970c8a2c7e57246ea38a2b7592418b797a8b09bf16cd1794dca1a1c309c4aa3de748eb4bb13971a290dfb0f28a8eb79e2db1bc87fc8bf1fbe6025b1278a9a74897e00863d7f089511eef5ec3070c5905d5d16878498840c4c6848d55f0c9bded194492afdcdc426a5dac25354f26490549b85fb9f8def3b9aa06cb6e853e387f54674857ebef6a44601518c5522cb406e91e67396f1c7b7d5ad75908fbdb7d1193f62997c32c91043ef984100ca5c760219d1cf2938de53a8247e3b01eef03debeb278f1bdd72fe718839c8e397072bff5dadb44ea8d334ee8f2c34dd44eb37505de86a85937ea2e24bd76059f4ee8e771d969c0a451065553a4877d2bd70d560e65c27412befb43df55b7cd5b5bbad8b2ebe0a2b1012488da0417bf0c9de7df0712345e933aa844bbecc5f03224b8cfdabd741cf0a44a3551746ae905876ab2554fc67762c2ae3cf1e28c44d121e75a2944b69e822e1e97e42584b153ab85157e24da517286a4e5bb3ec4ec6610a97bc5664ade82ad71efd50ab9618f924a411e6dd7df45d682ce0e44531d7b4865be54b264363b7f3d481ed280795c245db569470faa28e63fb7f228a50891311743d0b8e9fe14208ac6d82df101674c91c1e43a22278c13216f2e02eb1c46cdee7b6783b4736624c33851d7975904c2dbe3b2d3494eaf10326606040bc26ed2e40ae883e24d9c6c40743b9692655579248751b8a76ad63a39417b7f786b457e25a7832455716d912a201637917126481a5dd3e7bd0dcb5de56567a8195b37edbd2eaf2c643fbbdf4aabd22ce84befb2debc685de94214f44b77e6e30b6626ac3a538c93550081a0bcfffa5d29b21402227e67b47035f5a79dc2220f9a17f3de2500a188e4f11f891a80875d02cdb0114e90c4b0b1fc17f35001cf86fc43ef463178f2dbf5d36a36d268d06a56ccc62390fc9e5d163b26c4d05b387c968785b52a3286d1c0593369aa053b807e96d14f1f30876368c6db578ae772fd624127b152da7a43f41a0580cccc76fa71705b7e4d42e3b0da9f63d068234e6a9de986b8c8c502190cb86b2a8e8d3e5f0c069eece37700121aa5792e707e6ebfa69e0a1dda46246eab3bf7bc74bc885f30965a495de359fb1613489c7842a4b3c6cae199080f37af2ba89affaccd572af6eea9eb62c30c36d5bd76a60e6e6849328799d79a4f95d11d8e931a4a9f1b6e60363d330249b84f0868be7ce39b54b12b850dcfdbd46a475622361a2f77c739cea6b5dabe2d13d5e6772bc7ced66d4c4d35f268e0294e39cda2a16229a1763a6f02ca5af887c8b95258961873c34a5dae27edae7dba4154fb996a455cb581bc2eea330acba857612332dfd74e6544006ce5a67bcbe497d241ea744c4760f22c5ff2d471f27048512239f1884fdb10ca17ecb8c03da2f547e6151ea01986f6cee3fa0ee36d320c11c3359faae280b5e3679e38b52fb430ea102fc504f448ab60c00eeb9bdebe804795384e192ca2be737c766448c4c5660d6e7c380bd5c91a3b0cca8dbd7dbae381fedbb8cd66b2d263ed64c08df54b46ee83712ab61b4a04fbae8701be5feb083d3bf4c8cd5cc61e94d9a6b562da856d0ec075f9e89dfad3e52252cd272dafbb285521801b7f9620e094069473086e597715a2577572a00255983de7d0254986387ce297ecd9108481a095ae05ad851a1db9d3f852176d21740fc32a0f2ce46eb18af14107077ec51bd422c9580b6c313c5242bcfa58d5c246cd1cf6f50b8f9548ce59dec54d17e6ef6f4e3805eae54c3d248d6fc3f120466696de0f49bddbff0c820ddaeffc51038c5669af3816f403cd6bf69e49b01e00347a39ee57e6b61798b1eb8750ec67460ea1e8bf3d76580274629bb91be5a29d2fe4d7f5b28aa77541add14da02f2333b825928256827fd3ef396906465aa412df698b50a405f65d6194fd9f9b358a0aaa9ab8a5db048359b47833b13d89e4264f2a33ef1246338083210812712b41ad99b004ecd537655ee7d0f0212ce9d7c116cf3ef2f73615a52e358b4866e3dbea35dd31158220bb1ba3c610fde18bf57ee5b8ddc8b14e65d422867850dbee6c1e4df91d9205e4972cc4d4c10b707fceb893c289fc87851e4217b47e0a8bd0c522107cc085d71e5ac863ea70bb0766c45156f13aa9318cb29e9e95bba6e2863c7ef48e838c8c03fe30faa6ec5236a47d0e327789737be16e5627ff4bceedaff41e6d1921b4b93c7d8858822538ceb1de93a600765ab1aebeaa25ad532308f7f56cb41b9d98325480ee5c57cb72662725f217b23476f0888f919725d814e8c710887a7ea241805835e06e915a0194e4e1eacab98554839a85cbefecc74cdde04858a2c58f7bb4d7ad41ef005a14e73b457dba633ec169901ae65cc289bd87dfbb3aae7b90cbe7427d0429a05f4264b0e8d698bddef0746d28f857988edd59a8aa89578b6e40a237bc7495987f60edd5c152419fc644bfb5a0bf81e654dc8a079faf4d9a57fc05f6df9557ba0bf37c2cd31aba4d6490aa20a4924446815c9518eb46f1eba04056b6a7d058728e0dbe4fa7b08db7b893b97171b0baebe7f45ab56999e35440e17fe712aaa86abb4526c3723bec891016c048d2c657b260ea85e597ce03f4397b4496fafbcfb21c1614293d5c02932be6560e548c716a31ba6eb82bb24880626c8ce48c5cfc8dc422c507c84403b36cfa28366fcd915a18aaedfc2af08cb378c3cadc9cfa2d8aa6e332807d773d7abb41065b4deeefc14dfa430b6efda24ce59444e9630a20c6c8d0172cf19ba43acc34d0dea0de982640fa78eeba93715062baf4f8c7dd718a49cb673ecef9b48b7b8087d6b840969eaaf18c2f835a03468c9c7c24138790710781c661c8b57e8b8d4e321b9b0ecae30272d7581608f8ec62e6b1653b4858544363e88a96d1fecfb3528ebc8bc956d0c369fb2a6ef5a9ab4abe78509d35857cf65873286dfd5c6c51c7679d292a5e26744716ebe583b8ad0ee7351a1135b1c86d68514a36edc03e9e6a08f73599918a58ff9d50a732ea861fb7e9553e4e325dbd685eecc75e29d2f4dd4efa3ab35c485cb1d2ba26355e24682536a5bfc84fb792e65bcc8fd1f1020d2a728886c1a781adaedb28ed3193da13ed96864aa945ba33b42269fd85afd6c3d51cd47bfa30f9dbb19727b56c19467c4c8c06be0f6ff228d5de59d8854cf7a5e55579c3b6c938d727abaf9770bf43072f583418a741f0b2912cd1ac3dbd4108f62c970b704a192f8f60829b77300e567491b01fc4ae2a256722c02eaec5d7dcd753da5e92e1e7329d0b9313ee5d6d1056894b302062d631b13fbd7db09470ef0a7318101f1cd958815f12d7ba98b36957be463281e46a1af073ea06a0d11c3eb907d9ad567b322402803d9027d9617ef421afc78d0c1f97164e450135eaa31ad9295a06f93a1951171dc885aab36ab473c461a5e31d178e827445f613bf6e3a286e086c177ab0a218cbf39b93c52a7d51c16c845574c497c2d71984f0c5bec169fcea13bb147675a26c4e1c460511434fbaa9307888f41ba0b9606cb81f8640a482fcd35069879d16d109496538c5ba6fc2f174f1406f1c09a72927d4eb7b850d8ba62207698eebf69d9bce4e8aa3d54ddf90a22b3713e946bc521d3fb2fd422753318eb8ebef259d55dd53a0ff2892d1cf1ab7cf1d2ab39adbda8dc779d8ee972d418bc6be0cc7bde0c21780f6210d6c2f87a0a090235b1fe228c8564525019c725955fd64e7dcf24889f3ff8d3403ef1f432205abbf960d8d170e8ff78db30cb1ac791d5ecf899341bd3aaae034629329c6908b753171c53f8bc5e11605321b10ee8b030a915fa46e5ac8aec0cd556f43803e1ddfe819f46302e15bd164958648f60615dfccc434127f4b6f76e576aabe3a394518d1dfd48e33ac4618faef914af55c8cc0e4a5ee5adf95cadc88ac774a42c52308fc6ef9e261da3a6745ef2cf848b31b72ed1ef731945bbaaffe691b94d55067c29d420d609b217e254d79f2215a8bd22412c5816e71bf37862e49cf2d1240feaa13c404f72e62a097a40ee74b92d08108f4525f4a734b4d0a800846cb45e9ccb6719df38f8c00d5c1fe173a033af8eab9bfb3bca17ea0f9649c9a924c921e04288a4effb27737b8d6690b57c97dd603edde5ca2a1a0056bfc07e33c57e2cddbf39080c950be6dcf1bcf3fd5ab3ae5ac65ceb2d1d817465d94805cf06243706f6e2482d28f75fb9acbfe875d49f0d6ba5004eb9931f329babc4f58b6361084123577e3137914b4351291be9f05c434735f6ae8fd9c14dd60b0cd6db3f2efd97aa44e671a3351f3543917b01a80b6593fd4ab153aec7df4a065e597b0997c9e27e009aff610b684207970686506a79064de373faf5c7ce12790689d349b51d314c640b27ee1db29debdc6d3cccb0162aa864829960e40939b655114d0d8bf8311f124fef988714736c8908e93eded4c525ba1673b8f5edb8a79974bf6cba5662ffda306700ebfbe52f6a7c4edc4da4a09f34e28a4dc061737e1683bda71814df42ea078387c2f677e44ea9e107ee3a98ce7bb4e618c683f63f0293c6e5d4cda76d0c0ed95faa06d8b82961ccf4ab741d5574b17cb5b827488ceceeda6a16cf68279e61278b0408220476f5c0a63af2ee3e2be0b24d0b3be946a7524e866964fa9a5d130288861f5f465e2e87ea27ef3e30c03f3d575fcffb3228e87f49bbed43928ed9f783ccdd9c505fa6be0a7a0927ef4a43ec2755b25fb05ef1a269f3feda935be0bcee2", 0x1000}, {&(0x7f0000001c00)="217ffae72af8de93f96c2e0d5e77a506676a3d1e0e90246ba7f4410cf7e97bfbe0547e0d198cdbf5fe0f1b308ee32cf63531ac22693d550eef9eafc7d6b0dc00d8f28a6c5156788a41c22474e1cdf644814076f1ff05d9f41db85220d33fa6aedcef4f866c420255e980ffc2acc77c72ff4d31695667af60fd85afdded8c3e006207633fa955369436847c8f149a9ad1281c29686169bb6a5fa54ac942933a4af2d925b724786fe460d689b318b6ac7f282bacb4ec318b227463875be23d82da64a94ad0224b42b57858a2083fcebf8a74c1d34ac112ed61088ed6824b7096cbb1aaecd1e57279243d1387d16c668895155db0a1f02cb2c8f5d7", 0xfa}, {&(0x7f0000001d00)="2991388dc38f20ebd4b34c141dbba8e3c06974c78e33edd7037283e16087625e51ccde1e1785bdd468d0f816bc2e2d8aec8ae0e07805188ab7b4bbffae062ce61303a6669d96b2caf9a134462f4d0c44b7d76c69752626be246b3ecaf44106500bacb40b550c42f262b05f3d464e606166da0b00f0bf2845f053f379e77a8834f3fe44038de01e57a2b90a0165c03e3bc917b798aefe2ee50f8534373cf48b4ed3ed9179ec0aed43ab72aeb8884a27cf5aca1bb22db49738716c9e84d90f05e28034f06ac63b2a9795bd73ddc2c414c422a17303a018", 0xd6}, {&(0x7f0000001e00)="c2137566ee9da9ad5a422190911d0203e745ac1f5a3204bff8649a9f518e3ddcf4f20b508c3712ee87cf05716814511e0f948600fc886b95befcadb2abf5b63b7d581d44454409d9b4ce57b00cd66bcae67e87d436fc5e5e04ef6da50c207ca9a1f9e6b6356afb63b18fda4c58adb81c35a8603d717c880c0f089581c436f2b7a2d6f251fe301508b2f8ec645d511e9db864abf9029f7ef511131e48731bd217cd57537e53464adc62bb607ffdd8b521e652039517096b61ea3376afb0495bacb1a9a9b12d97ee18caefa9221b50855d99c6f75cb1d55945176fd1efde09f21ca090670aa81d667609a70b02b421da3bc7551f849bbbcc5ff3333e9b", 0xfc}], 0x9, &(0x7f0000001f80)=[@rthdr={{0x74, 0x29, 0x39, {0xee, 0xc, 0x2, 0x8, 0x0, [@private0, @private2, @loopback, @rand_addr=' \x01\x00', @remote, @local]}}}, @rthdrdstopts={{0x3c, 0x29, 0x37, {0x5c, 0x4, '\x00', [@hao={0xc9, 0x10, @private2}, @enc_lim={0x4, 0x1, 0xf9}, @calipso={0x7, 0x8, {0x2, 0x0, 0x1, 0x3}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @flowinfo={{0x10, 0x29, 0xb, 0x9}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0x3b}}, @tclass={{0x10, 0x29, 0x43, 0x8000}}, @dstopts_2292={{0xa4, 0x29, 0x4, {0x88, 0x11, '\x00', [@calipso={0x7, 0x10, {0x0, 0x2, 0x6, 0x1, [0xffffffff]}}, @calipso={0x7, 0x50, {0x1, 0x12, 0x0, 0x4, [0x8, 0x6, 0x3, 0xb6b7, 0x5, 0xb, 0x3ff, 0xe9f, 0x6]}}, @jumbo={0xc2, 0x4, 0x8}, @calipso={0x7, 0x20, {0x3, 0x6, 0x6, 0xb, [0xc014, 0x0, 0x0]}}]}}}, @hopopts_2292={{0x10c, 0x29, 0x36, {0x6c, 0x1e, '\x00', [@generic={0x0, 0x1e, "b987344b51f720b9cbdb7bb7b9bbb27895c5d08387c8358c7c44d525d5f8"}, @generic={0xff, 0xd0, "351eb8f7905bbd18f25890e7724c452ed999e72622afd87536dcbcea034f1e46bc222001676173c3bea19fca040c665c9f5df6326e0c85b92148fdd1d09ed90e678f5a40655ac456ebe8b4cd87e8d82f99a59a905853fe38559f3f67e8ff6b2c7da061de6416f24f771a58eb88ff21fb39f203baa54cd42a94f6bdff3b10a86efc2fbac0f53a42d538c382f0259cf69b49eda840e364978f8b1250a4c5123d2373864a0a2c789dd395425532e6d3d349d727d27a01bf7198c22167772d55485ebdd8e1f7f319186b37f904e839facf5c"}, @pad1]}}}], 0x290}}, {{&(0x7f0000002240)={0xa, 0x4e24, 0x7fff, @loopback, 0x5}, 0x1c, &(0x7f00000026c0)=[{&(0x7f0000002280)="681534e6f5fba94d50baf446a763decdc91b236a4a7e25e761d68aed94a7e74e722b593f89d3307852842e013766bfcc1432cbaec86bc9ca9566461956ed74a5c86e03e0be48abe66fc323246bdcdaa37f9ff25bfca45752a1953ab1f16bcfb214cfbb3e1889d0f70555994b509885ae60", 0x71}, {&(0x7f0000002300)="dcb16d343e9359fe074eb05eaae51ca86cf77a885c664f4e86bcebd1455c52dc7eb0e248bf05cd1ecedcff2662de162b2a1d05c57d9cafeaacd39c4c295677be05a96323ebbe2b39ab51227dd4ecbb89f1935619bc2c644fc944c275454dfb369dc78242b81751f77c4691eaf676f898c71a7bba1fc92ccc2345bc727e7ca7f81d0e5108072d8aa3293048211d32", 0x8e}, {&(0x7f00000023c0)="833c9953c0e839ebcf2609ecac1215ddcef167bf9f80797a0c3427a73e0bbfce05b789e843dc84105885191fdeced41d60899c82d7c6b00bcf30eac72561faef0504d69a4431ea11170c2d2cfdb955d8de0277c2ea7bdce01e55706950227a243230d49677ba0fa961d407efb3c82764e8bfefb0fce6f508698bdd3e4861aed30a8b071b64b508d77d858c1b94e86cc7b3b49da95dceb1c2497b8c710f605e42da4f3f3ef173d9a388fe472333afb50539859520be0109af03be8501f7dd6097354209be7b167f37e3a6c2bc3cd5baf51d10f77a9a917b4218bcddce31d5", 0xde}, {&(0x7f00000024c0)="00744673bd9dcba7da87a7f6b108403517aa74dfbf660ff87d80f46fa243efb9583fb04711ef3ab8bc5b71c2f85b3601f6c3e35eec60d6be64695e1f92e5e926a5193a39a13feb12ce568f1f6b61072cc38f6be036f69c7c8f7e1d0817c8a4798a855268bdc2929465d3cae21ee22cc65aa74fcdde2f04b789754360e3af51812b5331b6312240beeb1e8b8cba6cf94a1992aa20644eb691b0", 0x99}, {&(0x7f0000002580)="f252fb95611174dffe1e5bc7359f100af729199dd5206d617e0cf64b224efa1f75a6b473992360cc823a8d9dedfa2b646a5c039a2df0d478a26544733a1216de72c83ed6318aeaba", 0x48}, {&(0x7f0000002600)="34b11f746385ba110469819c177a1ecee74250a7d8e441b270a66c5ecae918372dea0239200e53aa3ae1bf7a13918b7acbcd3c66bd22dc2646fb944724ca6b3aab44a7d66c2ea8ec53dd43fddc80bd405d3691472c4ceaee8d1bb2f048adb5a59934aab759562fac6b695e318b301d867dfdc5cc87b7337c83e6e25898ad593b59ee0efbc40135d7f68291b3dd0be7f3dbb5820614dafc66695fad673806cafe2bc1", 0xa2}], 0x6, &(0x7f0000002700)=[@hoplimit_2292={{0x10, 0x29, 0x8, 0xd19}}, @hopopts={{0x2c, 0x29, 0x36, {0x29, 0x2, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}]}}}, @rthdr_2292={{0x64, 0x29, 0x39, {0xff, 0xa, 0x0, 0xf7, 0x0, [@mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, @local, @mcast2]}}}, @rthdr_2292={{0x24, 0x29, 0x39, {0x3a, 0x2, 0x0, 0x3, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}}}, @flowinfo={{0x10, 0x29, 0xb, 0x8}}, @tclass={{0x10, 0x29, 0x43, 0x6}}, @dstopts={{0x5c, 0x29, 0x37, {0x2e, 0x8, '\x00', [@calipso={0x7, 0x40, {0x3, 0xe, 0x8, 0x7fff, [0x1000, 0x2, 0x8, 0x0, 0x8, 0x8aed, 0x6]}}]}}}, @hoplimit={{0x10, 0x29, 0x34, 0x4}}, @rthdr={{0x94, 0x29, 0x39, {0x8, 0x10, 0x0, 0x7f, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @remote, @loopback, @dev={0xfe, 0x80, '\x00', 0x19}, @private2, @remote, @dev={0xfe, 0x80, '\x00', 0x12}]}}}], 0x1e4}}], 0x3, 0x40c0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f00000000c0)='./file1\x00', r5, &(0x7f0000000100)='./file0\x00')

5m1.654839952s ago: executing program 3 (id=734):
r0 = socket(0x11, 0x800000003, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffef4}], 0x5, 0x0, 0x0, 0x1f)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(r6, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendto$inet(r6, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x8890)
r8 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r8, 0x8108551b, &(0x7f0000000000)={0x0, 0x2, "ec9fe44d4dbe56a65274d7c727e7e53c1bb714e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e006204df635e731a5bfcf142f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd400cfdfe756bcb7d08e36655c00"})

5m1.453956575s ago: executing program 3 (id=736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x3, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000081811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x19)

5m1.431085444s ago: executing program 33 (id=736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x3, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000081811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x19)

3m51.949866077s ago: executing program 1 (id=1075):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$sw_sync_info(0xffffff9c, &(0x7f0000000280), 0x800, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000100)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x4, 0x0, {"00000000000000000000000000000001"}, 0xfffffffffffffffc, 0x0, 0x2000000}}}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = userfaultfd(0x801)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r10, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x40, 0x400, 0x5, 0x80, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3m48.390734977s ago: executing program 1 (id=1085):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000100))
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x6)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="61105d000000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000c80)=ANY=[@ANYBLOB], 0x210)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(r5, 0x4068aea3, &(0x7f0000000280)={0xcc, 0x0, 0x1})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
getpid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000006c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
ioctl$int_in(r8, 0x5452, &(0x7f00000000c0)=0x7f)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x20, &(0x7f0000000340)={&(0x7f00000004c0)=""/231, 0xe7, 0x0, &(0x7f0000000800)=""/4096, 0x1000}}, 0x10)
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=ANY=[], 0x24}}, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r10}}, 0x24}}, 0x0)

3m46.260489213s ago: executing program 1 (id=1096):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/237, 0xe}], 0x4)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000000))
r1 = socket$kcm(0x2, 0xa, 0x2)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000040)={0x1, 0xc2e, 0x74be, 0xb53c}, 0x10)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x1}})
socket(0x5, 0x5, 0x0)
keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000300)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r6 = memfd_secret(0x0)
mmap(&(0x7f0000ab2000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r6, 0x0)
ftruncate(r6, 0x51a9497)
r7 = userfaultfd(0x0)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309})
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1})

3m45.184980681s ago: executing program 1 (id=1099):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r0 = socket$caif_seqpacket(0x25, 0x5, 0x0)
r1 = creat(&(0x7f0000000580)='./file0/file0\x00', 0x21)
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r2, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d0042", 0x29}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000fc0)=[{{&(0x7f00000004c0)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000600)="6b02017c89726a190d38c19106707ff929dd17d362a43531d8ece8dcbfc00bfe7241e6e3dccca8667bcbef37998861e3744d2f4e86e9c83f18ab626576149f29e7f6baa7e40d240dc070af9e9e172ed490fc5c982b67aadf1a347fcd6afac20980c45735f145ead1b7eb8eedcb59ad60f53211e974d5e707cf3da3fc04a60b0618963acd4f454ebc7854983de5f8a31aa376f5c541a176d0ab7bce7c9402ed7d6d3281489a7665506e826706720e14a31cd1d4f8114613c156ea7441a1ac7bcc6670ae3d04d911b6035fcf7227f96c5b0ff0", 0xd2}, {&(0x7f0000000700)="89a5cca6b255ac0cc7cce72f777d2a3e502c35338a69ff901b6db2b60506f9d4b9ae1bce9da4d88198b5800741817ce904ba76a0c727ff78dcc0cd71975fcf2f1f968a145e9407f6aa536cc0f05a1898647e88d1537a9764d2c45be257a0bd09d79a7d210b6b8a0093da7e90ed65c031847f0569cf7fa73bcede65cb20b21dec67d397f7b708e1f2050d3f1f00611d20fbca4c0903075d050495b34f17259d0e865eb278530449f646c46a39ff09b2619209c9586972f784263c626dc8bb8094fbb3948b88a8498a7616582137f0c34c06db9e4485e0a4d3d213bc6a74779797528b5b06ead07c0b88b9e71b33809fb3661b", 0xf2}, {&(0x7f0000000800)="142948b3560dc0c11e937bc9c233ad214dc8b5cd52386633d71ed1494bf33df419fa603405847733a532b8f681fa0d16b1633db2fb06927f55dbe6d4af877aa4ce5837bd38700057b8d0cf4921b52ffbc373878025473dc05e5f3d7a511a28f0674aa65c467233d75082d80c04a330d98599b3e1be8c28b73c54b00a060bb4403dbde0caafd84930b7e2a2e32b97db1bd8a89d45a04968cd9d3b905780e1d0b9480f5171fe361c37d4c4c2552ca339f1e0", 0xb1}, {&(0x7f0000000040)="0308f536fb0169b7ecd97d678a9ed257", 0x10}], 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="0c00000001000000010000001c0000000100000001000000", @ANYRES32=r6, @ANYRES32, @ANYRES32=r7, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32=r5, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="1800230001000000060086f168beba415ab178123ad5a4b3c58d0000", @ANYRES32=r5, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="100000000100000001000000", @ANYRES32=r0, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="180000000100000002000000", @ANYRES64=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="2c0000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32, @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r1, @ANYRES32=r1], 0xc4, 0xd4}}], 0x1, 0x4000)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee3, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000180)=<r9=>0x0, &(0x7f0000000540)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000380)=@IORING_OP_OPENAT2={0x1c, 0xc, 0x0, 0xffffffffffffffff, &(0x7f0000000440)={0x121400, 0x116, 0x15}, &(0x7f0000000480)='./file1\x00', 0x18, 0x0, 0x23456})
io_uring_enter(r8, 0x47f6, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x161090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x21adc51, 0x0)
r11 = getpid()
r12 = syz_pidfd_open(r11, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB="2c72ba54d5302a5b2ab40711aa91f45aaee56f6f746d6f64653d303030303030303030303030580000003030343065724b57c14d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
setns(r12, 0x20000000)

3m44.217556019s ago: executing program 1 (id=1105):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendto$inet6(r2, 0x0, 0x0, 0x20010004, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r4, &(0x7f0000000200)=[{&(0x7f000004ca80)=""/102391, 0x18ff7}], 0x1, 0x0, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=@newtaction={0xfc4, 0x30, 0xb, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x6a00}, [{0xfb0, 0x1, [@m_pedit={0xfac, 0x7, 0x0, 0x0, {{0xa}, {0xee0, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0x81, 0x1, 0x5, 0x0, 0xacd2}, 0x1, 0x1, [{0x5, 0x2, 0x83b, 0xffff, 0x2000000, 0x7}, {0x6, 0x9, 0x4b706478, 0x7, 0x8001}, {0x1, 0xf, 0xfffffff8, 0x2, 0xfffffffd, 0x7}]}, [{0x6, 0x200, 0x4, 0x7, 0x4, 0x2}, {0x200, 0x10000, 0x101, 0x5, 0x101, 0xffff}, {0xf3, 0xfffffff4, 0x5, 0x8000, 0xc7a}, {0xf3, 0x4, 0x3, 0x8, 0xffff8001, 0x8000}, {0x5, 0x10, 0xb, 0x9a54, 0x1, 0x10001}, {0xffff, 0x1, 0x5, 0x7fff, 0xa57, 0x7fff}, {0x40, 0x6d, 0x7, 0x92, 0xfffffff9, 0x7000000}, {0xffff, 0x2, 0x5, 0x9, 0x2}, {0x8, 0xfffffff4, 0xefe, 0xe, 0x1, 0xfffffffa}, {0x8, 0xfffffffc, 0x7, 0x82e, 0xe2, 0x9}, {0xf15, 0x5, 0x1, 0x4, 0xfffffffc, 0x13050619}, {0x16e6, 0x4, 0x6, 0x1, 0x1, 0x7fff}, {0x8, 0x41e, 0x10, 0xf, 0xfffffffc, 0xf}, {0x6, 0xfff, 0x6, 0x19, 0x8, 0xc08}, {0x8, 0x7, 0x4179, 0x5425, 0x8, 0xc}, {0x9, 0x800, 0x1, 0x2}, {0x4f88, 0x3ff, 0x80, 0x9967, 0x7, 0x71cc}, {0x4fe, 0x2, 0x7f, 0x0, 0x9, 0x6}, {0x56, 0x90000, 0x8, 0x4, 0x4, 0x9}, {0x1, 0x34000, 0x400, 0x8, 0x80000001, 0x1}, {0xfffffffd, 0x5, 0x3, 0xf56d, 0x6, 0x5}, {0x7, 0x0, 0x7fff, 0x3, 0xbbb7, 0x3}, {0x8, 0xfffffffb, 0x8a9e, 0xa, 0x2, 0x4}, {0x1, 0x0, 0x2, 0x80000001, 0x0, 0x2}, {0x1, 0x2, 0x6, 0x4, 0x0, 0x1}, {0x4, 0xcee, 0x6, 0x8d, 0x5, 0x7}, {0x7, 0x8000, 0x4, 0xea7f, 0x0, 0x5}, {0x5, 0xb18b, 0x3, 0x0, 0x5, 0x9}, {0x1, 0x9, 0x100, 0x9, 0x7, 0x7ff}, {0x80, 0xff, 0x8, 0xc1, 0x3, 0x1}, {0xfffffff7, 0x3000000, 0x9, 0x7fffffff, 0x7fffffff, 0x180000}, {0x8, 0x5, 0x7f, 0xffff, 0xffffffff, 0x80000001}, {0x7, 0x0, 0x1, 0x9, 0xffffff01, 0x6}, {0x10001, 0x3, 0x98, 0x8, 0x5, 0x2}, {0x9, 0xffffff4f, 0x10000, 0x9, 0x80000001}, {0xd, 0x1, 0x3, 0x200, 0x9, 0x1}, {0x4, 0x0, 0x2, 0xe008, 0x3ff, 0x7}, {0x4, 0x3, 0xbf2, 0xd, 0x40, 0x81}, {0x80c, 0x0, 0x100, 0x9, 0x0, 0x1}, {0xf, 0x8, 0x0, 0x602a, 0x3, 0x2}, {0xe4, 0x7, 0x5c2f, 0x8, 0x0, 0x1ff}, {0x0, 0x0, 0x3b82, 0xffff7fff, 0x84, 0x8}, {0x4, 0x7fffffff, 0x698, 0xffffff85, 0x1, 0x3}, {0x3, 0x6, 0x1ff, 0x5, 0x8, 0x4}, {0x6d000000, 0x5, 0x1, 0x222f, 0x5ae49092}, {0xf1dd, 0x3, 0x0, 0x8001, 0x7, 0xffff}, {0x6, 0xb, 0x1, 0xb2, 0x101, 0x4}, {0x8001, 0xe, 0x8, 0x6, 0x9, 0x8}, {0x7, 0x89, 0x6cf, 0x595, 0xfffffeb9, 0x4000000}, {0x1, 0x47c, 0x7, 0x401, 0x2, 0x8}, {0x7, 0x8, 0x2, 0x3, 0x3, 0x1}, {0xffff7fff, 0x4, 0x3, 0xa, 0xffffa03d, 0x4}, {0xb, 0x6, 0xfff, 0x3, 0x7, 0x8}, {0x3, 0x5, 0xfffffffa, 0x1, 0x5, 0xfffffff7}, {0x5, 0x3, 0x583a, 0xfffffffc, 0x2, 0x9}, {0xa5ed, 0x7, 0xfffffffe, 0x45, 0x4, 0xffffb3f9}, {0x80000000, 0x5, 0x14a0000, 0xd, 0x4, 0x5}, {0xfffffff8, 0x85, 0x3, 0x0, 0x5, 0x5}, {0x800, 0xa0, 0x9, 0xfffffff7, 0x4, 0x1}, {0x5a0476c5, 0x6, 0x2, 0x3, 0xd, 0x587}, {0x8, 0x1, 0x8, 0x3, 0x5, 0x6}, {0x1, 0xf, 0x7ff, 0x34fb, 0xfffffff9, 0x2}, {0x0, 0x8, 0xa, 0x100, 0xfffffff2, 0x8}, {0x9, 0x1ff, 0x1, 0x1, 0x7, 0x5}, {0x5, 0x35, 0x1ff, 0x9, 0x5, 0x8}, {0x8, 0xd7, 0x8, 0xc05, 0x5, 0x3}, {0x7ff, 0x40, 0xffffffff, 0x2, 0xe17, 0xfffffffe}, {0x3, 0xffffffff, 0x5, 0xfffffffa, 0x6, 0x1}, {0x8, 0x3, 0x31fb, 0x401, 0x3, 0x40}, {0xfffffffc, 0x8, 0x6, 0x8, 0x7ff, 0x9}, {0x3b, 0x1, 0x8, 0xfffffffb, 0x7, 0x1}, {0x5, 0x0, 0x1, 0x8, 0x0, 0x7}, {0x0, 0xbcea, 0x1ff, 0x9, 0x1, 0x2}, {0x2, 0x4, 0xfff, 0x3, 0x1}, {0x8740, 0x3, 0x2, 0x6, 0x0, 0x7}, {0x8, 0x4, 0xbe, 0x1a83e55b, 0x81, 0x3}, {0x1, 0x8, 0xfffff000, 0xa, 0x9, 0x1}, {0x5d68a224, 0x0, 0xffff5528, 0xf98, 0x7, 0x2}, {0x7, 0xcf5, 0x6, 0x6, 0x0, 0x2}, {0x841b, 0x5, 0x77, 0x40, 0x0, 0x6}, {0x9, 0x1, 0x6, 0xfffff3ab, 0x71b, 0x3}, {0x6, 0x9, 0x10001, 0x9, 0x62, 0x1}, {0x7, 0x2, 0x0, 0xb, 0x14000000, 0x81}, {0xb, 0x3, 0x7f, 0x40000000, 0x7, 0x8}, {0xcf24, 0x100, 0x10001, 0x80, 0xfffffff4, 0x400000}, {0x8, 0x6, 0x4, 0xad77d2, 0x100, 0x6}, {0x0, 0xe52, 0x7f, 0x1, 0x8, 0x7f}, {0x328, 0x2, 0x400, 0xacc2, 0x1a, 0x7f}, {0x101, 0x80, 0xff, 0x2, 0x9, 0x80}, {0x63283dc3, 0x10001, 0x1, 0x4, 0x7fffffff, 0x5f4}, {0x2, 0x7fff, 0xfffffffa, 0x8, 0xa0, 0x9}, {0x1, 0x401, 0x60, 0x5, 0xb}, {0x3ff, 0x81, 0x7f, 0x8, 0x4, 0x800}, {0x1, 0x8, 0x9, 0x4, 0x4, 0x9}, {0xe, 0x80000000, 0x2, 0xf22b, 0xe33, 0x75}, {0xe94, 0x3, 0x9, 0x200, 0xd, 0x3}, {0x3, 0x9, 0x3, 0x3e, 0x8}, {0x0, 0x8, 0x5a7, 0x1, 0x9, 0x3c}, {0x0, 0x10, 0x0, 0x2, 0x8a, 0x7}, {0x1, 0x400, 0xdcb, 0xffff650b, 0x8000}, {0x3, 0x10000, 0x5e5080, 0x2, 0x8001, 0x951}, {0x4, 0x800, 0x6, 0x5, 0xe6d7, 0x8001}, {0x6, 0x10, 0x80000000, 0xfffffff8, 0xfffffbff, 0x7}, {0x7, 0x1, 0x1ff, 0x4, 0x6, 0x200}, {0xa, 0x40, 0xfff, 0x4, 0xde63, 0x3}, {0xfd9, 0xfff, 0x9, 0x6, 0xffffffff, 0x3}, {0xc, 0x5, 0x4ad, 0xbe99, 0x3d63c5e6, 0x1}, {0x7, 0x9, 0x7, 0xb1, 0x5, 0x3}, {0x5, 0x2, 0x7, 0xfffffff9, 0x5, 0x1}, {0x8, 0xc, 0x9, 0xfffff000, 0x40, 0x8001}, {0x1, 0x0, 0x1, 0x7, 0x4d277ead, 0x4}, {0xcfe, 0xfffffff7, 0x5, 0x6, 0x6, 0x7712}, {0x7, 0x2, 0x8, 0x7f, 0x3, 0x5}, {0x6, 0x101, 0xffffffdf, 0x4, 0x1d2, 0x38fcb327}, {0x168000, 0x3ff, 0xb, 0x8, 0x9, 0xfffffff8}, {0x6, 0x8, 0x6, 0x3, 0x10000, 0x918}, {0x4, 0x7, 0x7fffffff, 0x4, 0x3, 0x4}, {0x4, 0x40, 0x9a, 0x5, 0x2, 0x4}, {0x3, 0x1, 0x5, 0x8, 0x3ff, 0x3}, {0xffffff92, 0x87f, 0xd, 0x0, 0x3, 0x7}, {0x4, 0x40, 0x5aa, 0x6, 0x1, 0x1000000}, {0x800, 0x8b, 0x8, 0xf, 0x8}, {0x1, 0x3, 0x1, 0xff49, 0x6, 0x8}, {0x4, 0x1ff, 0x10000, 0x1fffe00, 0x4, 0x1ff}, {0x7, 0xdd, 0x101, 0x2, 0xf, 0x4}, {0x3, 0xe0d6, 0x6, 0x9, 0x5, 0xfffffffb}, {0x2, 0x7, 0x2, 0xffff, 0x9, 0xa}, {0x1ff, 0x2, 0x6, 0xf, 0x75c8e19d, 0x1}], [{0x1, 0x1}, {0x1, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0xd79ec2ba113b6b08}, {0x5, 0x1}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x2}, {0x2, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x0, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x2}, {0x4}, {0x5, 0x1}, {}, {0x5, 0x1}, {0x5}, {0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x6}, {0x5}, {0x0, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {}, {}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x4}, {0x2, 0x1}, {0x3}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {}, {0x3}, {0x5, 0x1}, {0x5}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x2bac2fd7df0eea97, 0x1}, {0x2}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {0x2, 0x1}, {0x4, 0x3}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x74, 0x5, 0x0, 0x1, [{0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x54, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}]}]}]}, {0xa3, 0x6, "a880270d52db49c9c8486af01c7dedb4a3a79e00da0b165683261a043e43b8b29422fad4be07d3de951ba5b8c342624da539ca3eb1e49f65ad59ec20422ada62fd2985b52eba5f5469c949a494bfd17839442ff8ac251ccd1d288c579663613978257530202768bce3ffcd7a3bbd7f0679f84b1c3b98257b64df646348d06c7694770b48f6336aa2c499a501d987c08c93d525e150433c092172b399758e53"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0xfc4}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000016c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x9, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0x10, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, @echo}}}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x28011, r7, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000e47000/0x2000)=nil)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r9, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3m43.89488659s ago: executing program 1 (id=1106):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r0)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="c5b90080d34016b5552cc677ce40bd08554f5acb1fff8bd18d3f7e72c9c0e5f3c7ceaf0e321e09c0b9a2ec6be8955b4fa6affe802c28ea1c8cfb15a7dbaf19214aef269f5d08396644c68ca306a25757a8d4040000006c2a", @ANYRES16=r1, @ANYBLOB="000126bd7000ffdbdf250c00000008000304", @ANYRES32=0x0, @ANYRES16=r0], 0x3c}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r4=>0x0})
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r5, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
r6 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r7}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r5, 0x84, 0x65, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @rand_addr=0x64010100}, @in6={0xa, 0x4e21, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, @in6={0xa, 0x4e23, 0x0, @mcast2, 0x7}, @in={0x2, 0x4e23, @empty}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}], 0x68)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0xfffe)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="05006f050000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3m43.871094319s ago: executing program 34 (id=1106):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r0)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="c5b90080d34016b5552cc677ce40bd08554f5acb1fff8bd18d3f7e72c9c0e5f3c7ceaf0e321e09c0b9a2ec6be8955b4fa6affe802c28ea1c8cfb15a7dbaf19214aef269f5d08396644c68ca306a25757a8d4040000006c2a", @ANYRES16=r1, @ANYBLOB="000126bd7000ffdbdf250c00000008000304", @ANYRES32=0x0, @ANYRES16=r0], 0x3c}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r4=>0x0})
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r5, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
r6 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r7}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @local, 0x1}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r5, 0x84, 0x65, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @rand_addr=0x64010100}, @in6={0xa, 0x4e21, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, @in6={0xa, 0x4e23, 0x0, @mcast2, 0x7}, @in={0x2, 0x4e23, @empty}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3e}}], 0x68)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r8, &(0x7f0000000040)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0xfffe)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="05006f050000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)

9.460935575s ago: executing program 2 (id=2220):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000380)={0x9, 0x4, 0x1, 0x0, 0x46fe, 0x6})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = socket$inet6(0xa, 0x80003, 0xfd)
sendmsg$sock(r1, &(0x7f0000000580)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0, 0x0, &(0x7f0000000540)=[@timestamping={{0x10}}], 0x10}, 0x40)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x1, 0xffffffffffffffff, 0x0, 0x0, 0xee00, 0x1cb, 0x38f}, 0x0, 0x0, 0xb7, 0xda, 0x4, 0x2, 0x8, 0x2, 0x101a, 0xd7df})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)

9.065615402s ago: executing program 2 (id=2221):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80047601, &(0x7f00000002c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e04e04020"], 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x80000000000002)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
close(r3)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, &(0x7f0000000100))
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="01000000080800"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x80}}, 0x24)
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x141802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

8.87135614s ago: executing program 4 (id=2225):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001040)={'wpan4\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000650000000600636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e4651544555450000000000007f0000faffffff000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000"]}, 0x25d)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x24040840)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
r4 = getpgid(0x0)
syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000140)=[r4], 0x1}, 0x58)
openat$sysfs(0xffffff9c, &(0x7f0000000280)='/sys/power/image_size', 0x40, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000080)={0x0, 0x47fff, 0x9, 0x200}, &(0x7f0000000140)=0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x20, 0xa, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0)
getdents(r2, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x15)
mount$9p_fd(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r8, 0x84, 0x82, &(0x7f0000000000)=""/4102, &(0x7f0000001080)=0x1006)
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x14, 0x14, 0x301, 0x0, 0x0, {0x1d}}, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

8.723465737s ago: executing program 4 (id=2228):
r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x80000)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000001c0)=0xd1)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x80)
mount$9p_virtio(&(0x7f0000000580), &(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x1000816, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000540)=ANY=[@ANYRESDEC=r0, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x9, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000240, 0x20000270, 0x200002a0], 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000003f49df5477e990620000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0xe0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES64=r1, @ANYBLOB="010024de7000fcdbdf252100000008000300", @ANYRESOCT=r5, @ANYBLOB="08009e000b380000"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x9590f6cc3aa755b6)
chdir(&(0x7f0000000280)='./file0\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x5)
io_setup(0x3ff, &(0x7f0000000500)=<r8=>0x0)
io_submit(r8, 0x2, &(0x7f0000000300)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8, 0xffffffffffffffff, &(0x7f00000001c0)="ff", 0x1, 0xcbc}])
writev(r7, &(0x7f0000000040)=[{&(0x7f00000000c0)="14", 0x1}], 0x1)

7.996344925s ago: executing program 2 (id=2229):
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$sw_sync_info(0xffffff9c, &(0x7f0000000280), 0x800, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000100)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x4, 0x0, {"00000000000000000000000000000001"}, 0xfffffffffffffffc, 0x0, 0x2000000}}}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x40, 0x400, 0x5, 0x80, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

7.65398138s ago: executing program 4 (id=2231):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x418000)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x40, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_LABELS_MASK={0x4}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_LABELS={0x4}]}, 0x40}}, 0x0)
sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2aa764ad070698b700400000", @ANYRES16, @ANYBLOB="01002dbd7000fbdbdf2507000000"], 0x14}}, 0x880)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r4, 0x0, r4, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), r4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00006fb2a5c1e119ab002d6cda0ec17426b100000000002000000000"], 0x48)
close(0x3)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20008081)
syz_usb_ep_write(r1, 0x4, 0xdb, &(0x7f00000002c0)="2986c294cb288e7bd9e19444a1cef2fe522afbab134d9d7a8637955bfd4bc353f3dd4dcb5067a3290be5c99329938f7d33cf47ec72a01b3610e6c46c081b1fc6d1d81ae0d6f9426c3d4544f5e051b1d6797844d2a9cb7816652f3e5a0b6672e258e55dcc6d6336b49abcd450c78734419c18131a2a3242e6fdf5c049f8b0c375fe74777f81eb03f32b230f540edcae76006be5593cc3d746566fe295e43be329b9e4f7fa8e6c9875eedc884a5550ae89f84ebca47137afa4d06a034a9172d98f2b773752bec6f533611675ca9437a94c10e814ce00e1b0633a51c6")

6.927432218s ago: executing program 5 (id=2235):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6}}}}]}]}, 0x70}}, 0x20040000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setgroups(0x4000000000000190, &(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x29d5, &(0x7f0000000100)={0x0, 0x9255})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@size={'size', 0x3d, [0x25]}}]})

5.975234515s ago: executing program 5 (id=2239):
r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x80000)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000001c0)=0xd1)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x80)
mount$9p_virtio(&(0x7f0000000580), &(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x1000816, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000540)=ANY=[@ANYRESDEC=r0, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x9, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000240, 0x20000270, 0x200002a0], 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000003f49df5477e990620000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0xe0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES64=r1, @ANYBLOB="010024de7000fcdbdf252100000008000300", @ANYRESOCT=r5, @ANYBLOB="08009e000b380000"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x9590f6cc3aa755b6)
chdir(&(0x7f0000000280)='./file0\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x5)
io_setup(0x3ff, &(0x7f0000000500)=<r8=>0x0)
io_submit(r8, 0x2, &(0x7f0000000300)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8, 0xffffffffffffffff, &(0x7f00000001c0)="ff", 0x1, 0xcbc}])
writev(r7, &(0x7f0000000040)=[{&(0x7f00000000c0)="14", 0x1}], 0x1)

4.884282456s ago: executing program 5 (id=2241):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x10)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)={[&(0x7f0000000100)='\x00', &(0x7f0000000180)='/-\\\x00']}, &(0x7f0000000380)={[&(0x7f0000000200)='\x00', &(0x7f0000000240)=':&%\x00', &(0x7f0000000280)='(]&]*)\x00', &(0x7f00000002c0)='/\x00', &(0x7f0000000300)='team\x00', &(0x7f0000000340)='\'\x00']}, 0x400)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000b19061d28a4ee4ed552affb18f31399f9909a32099d0886235d431b669c0ab85218fce3eb8c9d2cde8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$sock(r5, &(0x7f0000000740)=[{{&(0x7f0000000080)=@phonet={0x23, 0x0, 0x0, 0x7}, 0x80, 0x0, 0x0, &(0x7f0000000240)=[@txtime={{0x18}}], 0x18}}], 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)

4.65018299s ago: executing program 2 (id=2242):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000380)={0x9, 0x4, 0x1, 0x0, 0x46fe, 0x6})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0xfd)
sendmsg$sock(r3, &(0x7f0000000580)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0, 0x0, &(0x7f0000000540)=[@timestamping={{0x10}}], 0x10}, 0x40)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x1, 0xffffffffffffffff, 0x0, 0x0, 0xee00, 0x1cb, 0x38f}, 0x0, 0x0, 0xb7, 0xda, 0x4, 0x2, 0x8, 0x2, 0x101a, 0xd7df})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)

3.964378182s ago: executing program 5 (id=2246):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
connect$inet6(r1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, &(0x7f0000000200)=[{&(0x7f000004ca80)=""/102391, 0x18ff7}], 0x1, 0x0, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=@newtaction={0xf74, 0x30, 0xb, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x6a00}, [{0xf60, 0x1, [@m_pedit={0xf5c, 0x7, 0x0, 0x0, {{0xa}, {0xe90, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0x81, 0x1, 0x5, 0x0, 0xacd2}, 0x1, 0x1, [{0x5, 0x2, 0x83b, 0xffff, 0x2000000, 0x7}, {0x6, 0x9, 0x4b706478, 0x7, 0x8001}, {0x1, 0xf, 0xfffffff8, 0x2, 0xfffffffd, 0x7}]}, [{0x6, 0x200, 0x4, 0x7, 0x4, 0x2}, {0x200, 0x10000, 0x101, 0x5, 0x101, 0xffff}, {0xf3, 0xfffffff4, 0x5, 0x8000, 0xc7a}, {0xf3, 0x4, 0x3, 0x8, 0xffff8001, 0x8000}, {0x5, 0x10, 0xb, 0x9a54, 0x1, 0x10001}, {0xffff, 0x1, 0x5, 0x7fff, 0xa57, 0x7fff}, {0x40, 0x6d, 0x7, 0x92, 0xfffffff9, 0x7000000}, {0xffff, 0x2, 0x5, 0x9, 0x2}, {0x8, 0xfffffff4, 0xefe, 0xe, 0x1, 0xfffffffa}, {0x8, 0xfffffffc, 0x7, 0x82e, 0xe2, 0x9}, {0xf15, 0x5, 0x1, 0x4, 0xfffffffc, 0x13050619}, {0x16e6, 0x4, 0x6, 0x1, 0x1, 0x7fff}, {0x8, 0x41e, 0x10, 0xf, 0xfffffffc, 0xf}, {0x6, 0xfff, 0x6, 0x19, 0x8, 0xc08}, {0x8, 0x7, 0x4179, 0x5425, 0x8, 0xc}, {0x9, 0x800, 0x1, 0x2}, {0x4f88, 0x3ff, 0x80, 0x9967, 0x7, 0x71cc}, {0x4fe, 0x2, 0x7f, 0x0, 0x9, 0x6}, {0x56, 0x90000, 0x8, 0x4, 0x4, 0x9}, {0x1, 0x34000, 0x400, 0x8, 0x80000001, 0x1}, {0xfffffffd, 0x5, 0x3, 0xf56d, 0x6, 0x5}, {0x7, 0x0, 0x7fff, 0x3, 0xbbb7, 0x3}, {0x8, 0xfffffffb, 0x8a9e, 0xa, 0x2, 0x4}, {0x1, 0x0, 0x2, 0x80000001, 0x0, 0x2}, {0x1, 0x2, 0x6, 0x4, 0x0, 0x1}, {0x4, 0xcee, 0x6, 0x8d, 0x5, 0x7}, {0x7, 0x8000, 0x4, 0xea7f, 0x0, 0x5}, {0x5, 0xb18b, 0x3, 0x0, 0x5, 0x9}, {0x1, 0x9, 0x100, 0x9, 0x7, 0x7ff}, {0x80, 0xff, 0x8, 0xc1, 0x3, 0x1}, {0xfffffff7, 0x3000000, 0x9, 0x7fffffff, 0x7fffffff, 0x180000}, {0x8, 0x5, 0x7f, 0xffff, 0xffffffff, 0x80000001}, {0x7, 0x0, 0x1, 0x9, 0xffffff01, 0x6}, {0x10001, 0x3, 0x98, 0x8, 0x5, 0x2}, {0x9, 0xffffff4f, 0x10000, 0x9, 0x80000001}, {0xd, 0x1, 0x3, 0x200, 0x9, 0x1}, {0x4, 0x0, 0x2, 0xe008, 0x3ff, 0x7}, {0x4, 0x3, 0xbf2, 0xd, 0x40, 0x81}, {0x80c, 0x0, 0x100, 0x9, 0x0, 0x1}, {0xf, 0x8, 0x0, 0x602a, 0x3, 0x2}, {0xe4, 0x7, 0x5c2f, 0x8, 0x0, 0x1ff}, {0x0, 0x0, 0x3b82, 0xffff7fff, 0x84, 0x8}, {0x4, 0x7fffffff, 0x698, 0xffffff85, 0x1, 0x3}, {0x3, 0x6, 0x1ff, 0x5, 0x8, 0x4}, {0x6d000000, 0x5, 0x1, 0x222f, 0x5ae49092}, {0xf1dd, 0x3, 0x0, 0x8001, 0x7, 0xffff}, {0x6, 0xb, 0x1, 0xb2, 0x101, 0x4}, {0x8001, 0xe, 0x8, 0x6, 0x9, 0x8}, {0x7, 0x89, 0x6cf, 0x595, 0xfffffeb9, 0x4000000}, {0x1, 0x47c, 0x7, 0x401, 0x2, 0x8}, {0x7, 0x8, 0x2, 0x3, 0x3, 0x1}, {0xffff7fff, 0x4, 0x3, 0xa, 0xffffa03d, 0x4}, {0xb, 0x6, 0xfff, 0x3, 0x7, 0x8}, {0x3, 0x5, 0xfffffffa, 0x1, 0x5, 0xfffffff7}, {0x5, 0x3, 0x583a, 0xfffffffc, 0x2, 0x9}, {0xa5ed, 0x7, 0xfffffffe, 0x45, 0x4, 0xffffb3f9}, {0x80000000, 0x5, 0x14a0000, 0xd, 0x4, 0x5}, {0xfffffff8, 0x85, 0x3, 0x0, 0x5, 0x5}, {0x800, 0xa0, 0x9, 0xfffffff7, 0x4, 0x1}, {0x5a0476c5, 0x6, 0x2, 0x3, 0xd, 0x587}, {0x8, 0x1, 0x8, 0x3, 0x5, 0x6}, {0x1, 0xf, 0x7ff, 0x34fb, 0xfffffff9, 0x2}, {0x0, 0x8, 0xa, 0x100, 0xfffffff2, 0x8}, {0x9, 0x1ff, 0x1, 0x1, 0x7, 0x5}, {0x5, 0x35, 0x1ff, 0x9, 0x5, 0x8}, {0x8, 0xd7, 0x8, 0xc05, 0x5, 0x3}, {0x7ff, 0x40, 0xffffffff, 0x2, 0xe17, 0xfffffffe}, {0x3, 0xffffffff, 0x5, 0xfffffffa, 0x6, 0x1}, {0x8, 0x3, 0x31fb, 0x401, 0x3, 0x40}, {0xfffffffc, 0x8, 0x6, 0x8, 0x7ff, 0x9}, {0x3b, 0x1, 0x8, 0xfffffffb, 0x7, 0x1}, {0x5, 0x0, 0x1, 0x8, 0x0, 0x7}, {0x0, 0xbcea, 0x1ff, 0x9, 0x1, 0x2}, {0x2, 0x4, 0xfff, 0x3, 0x1}, {0x8740, 0x3, 0x2, 0x6, 0x0, 0x7}, {0x8, 0x4, 0xbe, 0x1a83e55b, 0x81, 0x3}, {0x1, 0x8, 0xfffff000, 0xa, 0x9, 0x1}, {0x5d68a224, 0x0, 0xffff5528, 0xf98, 0x7, 0x2}, {0x7, 0xcf5, 0x6, 0x6, 0x0, 0x2}, {0x841b, 0x5, 0x77, 0x40, 0x0, 0x6}, {0x9, 0x1, 0x6, 0xfffff3ab, 0x71b, 0x3}, {0x6, 0x9, 0x10001, 0x9, 0x62, 0x1}, {0x7, 0x2, 0x0, 0xb, 0x14000000, 0x81}, {0xb, 0x3, 0x7f, 0x40000000, 0x7, 0x8}, {0xcf24, 0x100, 0x10001, 0x80, 0xfffffff4, 0x400000}, {0x8, 0x6, 0x4, 0xad77d2, 0x100, 0x6}, {0x0, 0xe52, 0x7f, 0x1, 0x8, 0x7f}, {0x328, 0x2, 0x400, 0xacc2, 0x1a, 0x7f}, {0x101, 0x80, 0xff, 0x2, 0x9, 0x80}, {0x63283dc3, 0x10001, 0x1, 0x4, 0x7fffffff, 0x5f4}, {0x2, 0x7fff, 0xfffffffa, 0x8, 0xa0, 0x9}, {0x1, 0x401, 0x60, 0x5, 0xb}, {0x3ff, 0x81, 0x7f, 0x8, 0x4, 0x800}, {0x1, 0x8, 0x9, 0x4, 0x4, 0x9}, {0xe, 0x80000000, 0x2, 0xf22b, 0xe33, 0x75}, {0xe94, 0x3, 0x9, 0x200, 0xd, 0x3}, {0x3, 0x9, 0x3, 0x3e, 0x8}, {0x0, 0x8, 0x5a7, 0x1, 0x9, 0x3c}, {0x0, 0x10, 0x0, 0x2, 0x8a, 0x7}, {0x1, 0x400, 0xdcb, 0xffff650b, 0x8000}, {0x3, 0x10000, 0x5e5080, 0x2, 0x8001, 0x951}, {0x4, 0x800, 0x6, 0x5, 0xe6d7, 0x8001}, {0x6, 0x10, 0x80000000, 0xfffffff8, 0xfffffbff, 0x7}, {0x7, 0x1, 0x1ff, 0x4, 0x6, 0x200}, {0xa, 0x40, 0xfff, 0x4, 0xde63, 0x3}, {0xfd9, 0xfff, 0x9, 0x6, 0xffffffff, 0x3}, {0xc, 0x5, 0x4ad, 0xbe99, 0x3d63c5e6, 0x1}, {0x7, 0x9, 0x7, 0xb1, 0x5, 0x3}, {0x5, 0x2, 0x7, 0xfffffff9, 0x5, 0x1}, {0x8, 0xc, 0x9, 0xfffff000, 0x40, 0x8001}, {0x1, 0x0, 0x1, 0x7, 0x4d277ead, 0x4}, {0xcfe, 0xfffffff7, 0x5, 0x6, 0x6, 0x7712}, {0x7, 0x2, 0x8, 0x7f, 0x3, 0x5}, {0x6, 0x101, 0xffffffdf, 0x4, 0x1d2, 0x38fcb327}, {0x168000, 0x3ff, 0xb, 0x8, 0x9, 0xfffffff8}, {0x6, 0x8, 0x6, 0x3, 0x10000, 0x918}, {0x4, 0x7, 0x7fffffff, 0x4, 0x3, 0x4}, {0x4, 0x40, 0x9a, 0x5, 0x2, 0x4}, {0x3, 0x1, 0x5, 0x8, 0x3ff, 0x3}, {0xffffff92, 0x87f, 0xd, 0x0, 0x3, 0x7}, {0x4, 0x40, 0x5aa, 0x6, 0x1, 0x1000000}, {0x800, 0x8b, 0x8, 0xf, 0x8}, {0x1, 0x3, 0x1, 0xff49, 0x6, 0x8}, {0x4, 0x1ff, 0x10000, 0x1fffe00, 0x4, 0x1ff}, {0x7, 0xdd, 0x101, 0x2, 0xf, 0x4}, {0x3, 0xe0d6, 0x6, 0x9, 0x5, 0xfffffffb}, {0x2, 0x7, 0x2, 0xffff, 0x9, 0xa}, {0x1ff, 0x2, 0x6, 0xf, 0x75c8e19d, 0x1}], [{0x1, 0x1}, {0x1, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0xd79ec2ba113b6b08}, {0x5, 0x1}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x2}, {0x2, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x0, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x2}, {0x4}, {0x5, 0x1}, {}, {0x5, 0x1}, {0x5}, {0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x6}, {0x5}, {0x0, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {}, {}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x4}, {0x2, 0x1}, {0x3}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {}, {0x3}, {0x5, 0x1}, {0x5}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x2bac2fd7df0eea97, 0x1}, {0x2}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {0x2, 0x1}, {0x4, 0x3}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x24, 0x5, 0x0, 0x1, [{0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x4}]}]}, {0xa3, 0x6, "a880270d52db49c9c8486af01c7dedb4a3a79e00da0b165683261a043e43b8b29422fad4be07d3de951ba5b8c342624da539ca3eb1e49f65ad59ec20422ada62fd2985b52eba5f5469c949a494bfd17839442ff8ac251ccd1d288c579663613978257530202768bce3ffcd7a3bbd7f0679f84b1c3b98257b64df646348d06c7694770b48f6336aa2c499a501d987c08c93d525e150433c092172b399758e53"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0xf74}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000016c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x9, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0x10, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, @echo}}}}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000e47000/0x2000)=nil)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0)=[{{&(0x7f0000000340)=@tipc=@id, 0x80, &(0x7f0000000740)=[{0x0}], 0x1, &(0x7f0000000780)=""/178, 0xb2}, 0xfffffff1}, {{0x0, 0x0, &(0x7f0000001b40), 0x0, &(0x7f0000001a00)=""/165, 0xa5}, 0x7b7}], 0x2, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.805843934s ago: executing program 5 (id=2247):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6}}}}]}]}, 0x70}}, 0x20040000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setgroups(0x4000000000000190, &(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x29d5, &(0x7f0000000100)={0x0, 0x9255})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@size={'size', 0x3d, [0x25]}}]})

3.688225489s ago: executing program 2 (id=2248):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00')
fcntl$notify(r0, 0x402, 0x80000004)
getdents(r0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
mount$bpf(0x0, &(0x7f0000000d40)='./bus\x00', &(0x7f0000000d80), 0x44, &(0x7f0000001080)={[{@mode={'mode', 0x3d, 0x2}}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}]})
r1 = openat$vsock(0xffffff9c, 0x0, 0x40101, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @local}, 0xc)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r6, &(0x7f0000003a00)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/250, 0xfa}, {&(0x7f0000003ac0)=""/227, 0xe3}], 0x3}}, {{&(0x7f0000000200)=@l2tp={0x2, 0x0, @dev}, 0x80, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000080)=""/59, 0x3b}, {&(0x7f00000002c0)=""/26, 0x1a}, {&(0x7f0000000300)=""/52, 0x34}, {&(0x7f0000001680)=""/4096, 0x1000}], 0x5, &(0x7f00000003c0)=""/121, 0x79}}, {{0x0, 0x0, &(0x7f0000003900)=[{&(0x7f0000001540)=""/41, 0x29}, {&(0x7f0000001580)=""/99, 0x63}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/191, 0xbf}, {&(0x7f0000003740)=""/171, 0xab}, {&(0x7f0000003800)=""/205, 0xcd}], 0x6, &(0x7f0000003980)=""/74, 0x4a}}], 0x3, 0x34000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000000080)=0x6c, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x8, 0x4000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20, 0x0, 0x2}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
ioctl$KVM_NMI(r4, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
r7 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r7, 0x4610, &(0x7f00000000c0)={0x1})

2.843636551s ago: executing program 5 (id=2250):
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x42, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$sw_sync_info(0xffffff9c, &(0x7f0000000280), 0x800, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f0000000100)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x30, 0x0, @ib={0x1b, 0x4, 0x0, {"00000000000000000000000000000001"}, 0xfffffffffffffffc, 0x0, 0x2000000}}}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x40, 0x400, 0x5, 0x80, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

2.790145538s ago: executing program 2 (id=2251):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000002c0), 0x4, 0x183000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xad, &(0x7f0000000140)=""/173, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0xfffffffe, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x3, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x10000000}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x1)
writev(r6, &(0x7f0000000780)=[{0x0}], 0x1)
connect$pptp(r5, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r3], 0x4b0}}, 0x41)
ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x5, "2a000000000000005a957fe0213b2e100af028f0030b2eff0b61e6e66b8f37ff"})
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000200)=0xdb)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010003000000000000000c0000000c00000002000000000000000000000d000000000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="58001100000000000000009500ec0000000000"], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r8, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @void, @value}, 0x94)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x10)

2.447662286s ago: executing program 6 (id=2254):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x10)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)={[&(0x7f0000000100)='\x00', &(0x7f0000000180)='/-\\\x00']}, &(0x7f0000000380)={[&(0x7f0000000200)='\x00', &(0x7f0000000240)=':&%\x00', &(0x7f0000000280)='(]&]*)\x00', &(0x7f00000002c0)='/\x00', &(0x7f0000000300)='team\x00', &(0x7f0000000340)='\'\x00']}, 0x400)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000b19061d28a4ee4ed552affb18f31399f9909a32099d0886235d431b669c0ab85218fce3eb8c9d2cde8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg$sock(r5, &(0x7f0000000740)=[{{&(0x7f0000000080)=@phonet={0x23, 0x0, 0x0, 0x7}, 0x80, 0x0, 0x0, &(0x7f0000000240)=[@txtime={{0x18}}], 0x18}}], 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)

2.0418063s ago: executing program 4 (id=2255):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
connect$inet6(r1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
preadv(r2, &(0x7f0000000200)=[{&(0x7f000004ca80)=""/102391, 0x18ff7}], 0x1, 0x0, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=@newtaction={0xfbc, 0x30, 0xb, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x6a00}, [{0xfa8, 0x1, [@m_pedit={0xfa4, 0x7, 0x0, 0x0, {{0xa}, {0xed8, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0x81, 0x1, 0x5, 0x0, 0xacd2}, 0x1, 0x1, [{0x5, 0x2, 0x83b, 0xffff, 0x2000000, 0x7}, {0x6, 0x9, 0x4b706478, 0x7, 0x8001}, {0x1, 0xf, 0xfffffff8, 0x2, 0xfffffffd, 0x7}]}, [{0x6, 0x200, 0x4, 0x7, 0x4, 0x2}, {0x200, 0x10000, 0x101, 0x5, 0x101, 0xffff}, {0xf3, 0xfffffff4, 0x5, 0x8000, 0xc7a}, {0xf3, 0x4, 0x3, 0x8, 0xffff8001, 0x8000}, {0x5, 0x10, 0xb, 0x9a54, 0x1, 0x10001}, {0xffff, 0x1, 0x5, 0x7fff, 0xa57, 0x7fff}, {0x40, 0x6d, 0x7, 0x92, 0xfffffff9, 0x7000000}, {0xffff, 0x2, 0x5, 0x9, 0x2}, {0x8, 0xfffffff4, 0xefe, 0xe, 0x1, 0xfffffffa}, {0x8, 0xfffffffc, 0x7, 0x82e, 0xe2, 0x9}, {0xf15, 0x5, 0x1, 0x4, 0xfffffffc, 0x13050619}, {0x16e6, 0x4, 0x6, 0x1, 0x1, 0x7fff}, {0x8, 0x41e, 0x10, 0xf, 0xfffffffc, 0xf}, {0x6, 0xfff, 0x6, 0x19, 0x8, 0xc08}, {0x8, 0x7, 0x4179, 0x5425, 0x8, 0xc}, {0x9, 0x800, 0x1, 0x2}, {0x4f88, 0x3ff, 0x80, 0x9967, 0x7, 0x71cc}, {0x4fe, 0x2, 0x7f, 0x0, 0x9, 0x6}, {0x56, 0x90000, 0x8, 0x4, 0x4, 0x9}, {0x1, 0x34000, 0x400, 0x8, 0x80000001, 0x1}, {0xfffffffd, 0x5, 0x3, 0xf56d, 0x6, 0x5}, {0x7, 0x0, 0x7fff, 0x3, 0xbbb7, 0x3}, {0x8, 0xfffffffb, 0x8a9e, 0xa, 0x2, 0x4}, {0x1, 0x0, 0x2, 0x80000001, 0x0, 0x2}, {0x1, 0x2, 0x6, 0x4, 0x0, 0x1}, {0x4, 0xcee, 0x6, 0x8d, 0x5, 0x7}, {0x7, 0x8000, 0x4, 0xea7f, 0x0, 0x5}, {0x5, 0xb18b, 0x3, 0x0, 0x5, 0x9}, {0x1, 0x9, 0x100, 0x9, 0x7, 0x7ff}, {0x80, 0xff, 0x8, 0xc1, 0x3, 0x1}, {0xfffffff7, 0x3000000, 0x9, 0x7fffffff, 0x7fffffff, 0x180000}, {0x8, 0x5, 0x7f, 0xffff, 0xffffffff, 0x80000001}, {0x7, 0x0, 0x1, 0x9, 0xffffff01, 0x6}, {0x10001, 0x3, 0x98, 0x8, 0x5, 0x2}, {0x9, 0xffffff4f, 0x10000, 0x9, 0x80000001}, {0xd, 0x1, 0x3, 0x200, 0x9, 0x1}, {0x4, 0x0, 0x2, 0xe008, 0x3ff, 0x7}, {0x4, 0x3, 0xbf2, 0xd, 0x40, 0x81}, {0x80c, 0x0, 0x100, 0x9, 0x0, 0x1}, {0xf, 0x8, 0x0, 0x602a, 0x3, 0x2}, {0xe4, 0x7, 0x5c2f, 0x8, 0x0, 0x1ff}, {0x0, 0x0, 0x3b82, 0xffff7fff, 0x84, 0x8}, {0x4, 0x7fffffff, 0x698, 0xffffff85, 0x1, 0x3}, {0x3, 0x6, 0x1ff, 0x5, 0x8, 0x4}, {0x6d000000, 0x5, 0x1, 0x222f, 0x5ae49092}, {0xf1dd, 0x3, 0x0, 0x8001, 0x7, 0xffff}, {0x6, 0xb, 0x1, 0xb2, 0x101, 0x4}, {0x8001, 0xe, 0x8, 0x6, 0x9, 0x8}, {0x7, 0x89, 0x6cf, 0x595, 0xfffffeb9, 0x4000000}, {0x1, 0x47c, 0x7, 0x401, 0x2, 0x8}, {0x7, 0x8, 0x2, 0x3, 0x3, 0x1}, {0xffff7fff, 0x4, 0x3, 0xa, 0xffffa03d, 0x4}, {0xb, 0x6, 0xfff, 0x3, 0x7, 0x8}, {0x3, 0x5, 0xfffffffa, 0x1, 0x5, 0xfffffff7}, {0x5, 0x3, 0x583a, 0xfffffffc, 0x2, 0x9}, {0xa5ed, 0x7, 0xfffffffe, 0x45, 0x4, 0xffffb3f9}, {0x80000000, 0x5, 0x14a0000, 0xd, 0x4, 0x5}, {0xfffffff8, 0x85, 0x3, 0x0, 0x5, 0x5}, {0x800, 0xa0, 0x9, 0xfffffff7, 0x4, 0x1}, {0x5a0476c5, 0x6, 0x2, 0x3, 0xd, 0x587}, {0x8, 0x1, 0x8, 0x3, 0x5, 0x6}, {0x1, 0xf, 0x7ff, 0x34fb, 0xfffffff9, 0x2}, {0x0, 0x8, 0xa, 0x100, 0xfffffff2, 0x8}, {0x9, 0x1ff, 0x1, 0x1, 0x7, 0x5}, {0x5, 0x35, 0x1ff, 0x9, 0x5, 0x8}, {0x8, 0xd7, 0x8, 0xc05, 0x5, 0x3}, {0x7ff, 0x40, 0xffffffff, 0x2, 0xe17, 0xfffffffe}, {0x3, 0xffffffff, 0x5, 0xfffffffa, 0x6, 0x1}, {0x8, 0x3, 0x31fb, 0x401, 0x3, 0x40}, {0xfffffffc, 0x8, 0x6, 0x8, 0x7ff, 0x9}, {0x3b, 0x1, 0x8, 0xfffffffb, 0x7, 0x1}, {0x5, 0x0, 0x1, 0x8, 0x0, 0x7}, {0x0, 0xbcea, 0x1ff, 0x9, 0x1, 0x2}, {0x2, 0x4, 0xfff, 0x3, 0x1}, {0x8740, 0x3, 0x2, 0x6, 0x0, 0x7}, {0x8, 0x4, 0xbe, 0x1a83e55b, 0x81, 0x3}, {0x1, 0x8, 0xfffff000, 0xa, 0x9, 0x1}, {0x5d68a224, 0x0, 0xffff5528, 0xf98, 0x7, 0x2}, {0x7, 0xcf5, 0x6, 0x6, 0x0, 0x2}, {0x841b, 0x5, 0x77, 0x40, 0x0, 0x6}, {0x9, 0x1, 0x6, 0xfffff3ab, 0x71b, 0x3}, {0x6, 0x9, 0x10001, 0x9, 0x62, 0x1}, {0x7, 0x2, 0x0, 0xb, 0x14000000, 0x81}, {0xb, 0x3, 0x7f, 0x40000000, 0x7, 0x8}, {0xcf24, 0x100, 0x10001, 0x80, 0xfffffff4, 0x400000}, {0x8, 0x6, 0x4, 0xad77d2, 0x100, 0x6}, {0x0, 0xe52, 0x7f, 0x1, 0x8, 0x7f}, {0x328, 0x2, 0x400, 0xacc2, 0x1a, 0x7f}, {0x101, 0x80, 0xff, 0x2, 0x9, 0x80}, {0x63283dc3, 0x10001, 0x1, 0x4, 0x7fffffff, 0x5f4}, {0x2, 0x7fff, 0xfffffffa, 0x8, 0xa0, 0x9}, {0x1, 0x401, 0x60, 0x5, 0xb}, {0x3ff, 0x81, 0x7f, 0x8, 0x4, 0x800}, {0x1, 0x8, 0x9, 0x4, 0x4, 0x9}, {0xe, 0x80000000, 0x2, 0xf22b, 0xe33, 0x75}, {0xe94, 0x3, 0x9, 0x200, 0xd, 0x3}, {0x3, 0x9, 0x3, 0x3e, 0x8}, {0x0, 0x8, 0x5a7, 0x1, 0x9, 0x3c}, {0x0, 0x10, 0x0, 0x2, 0x8a, 0x7}, {0x1, 0x400, 0xdcb, 0xffff650b, 0x8000}, {0x3, 0x10000, 0x5e5080, 0x2, 0x8001, 0x951}, {0x4, 0x800, 0x6, 0x5, 0xe6d7, 0x8001}, {0x6, 0x10, 0x80000000, 0xfffffff8, 0xfffffbff, 0x7}, {0x7, 0x1, 0x1ff, 0x4, 0x6, 0x200}, {0xa, 0x40, 0xfff, 0x4, 0xde63, 0x3}, {0xfd9, 0xfff, 0x9, 0x6, 0xffffffff, 0x3}, {0xc, 0x5, 0x4ad, 0xbe99, 0x3d63c5e6, 0x1}, {0x7, 0x9, 0x7, 0xb1, 0x5, 0x3}, {0x5, 0x2, 0x7, 0xfffffff9, 0x5, 0x1}, {0x8, 0xc, 0x9, 0xfffff000, 0x40, 0x8001}, {0x1, 0x0, 0x1, 0x7, 0x4d277ead, 0x4}, {0xcfe, 0xfffffff7, 0x5, 0x6, 0x6, 0x7712}, {0x7, 0x2, 0x8, 0x7f, 0x3, 0x5}, {0x6, 0x101, 0xffffffdf, 0x4, 0x1d2, 0x38fcb327}, {0x168000, 0x3ff, 0xb, 0x8, 0x9, 0xfffffff8}, {0x6, 0x8, 0x6, 0x3, 0x10000, 0x918}, {0x4, 0x7, 0x7fffffff, 0x4, 0x3, 0x4}, {0x4, 0x40, 0x9a, 0x5, 0x2, 0x4}, {0x3, 0x1, 0x5, 0x8, 0x3ff, 0x3}, {0xffffff92, 0x87f, 0xd, 0x0, 0x3, 0x7}, {0x4, 0x40, 0x5aa, 0x6, 0x1, 0x1000000}, {0x800, 0x8b, 0x8, 0xf, 0x8}, {0x1, 0x3, 0x1, 0xff49, 0x6, 0x8}, {0x4, 0x1ff, 0x10000, 0x1fffe00, 0x4, 0x1ff}, {0x7, 0xdd, 0x101, 0x2, 0xf, 0x4}, {0x3, 0xe0d6, 0x6, 0x9, 0x5, 0xfffffffb}, {0x2, 0x7, 0x2, 0xffff, 0x9, 0xa}, {0x1ff, 0x2, 0x6, 0xf, 0x75c8e19d, 0x1}], [{0x1, 0x1}, {0x1, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x2, 0xd79ec2ba113b6b08}, {0x5, 0x1}, {0x4, 0x1}, {0x2}, {0x2, 0x1}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1}, {0x0, 0x1}, {0x3}, {0x2}, {0x2, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x2, 0x1}, {0x3}, {0x0, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x2}, {0x4}, {0x5, 0x1}, {}, {0x5, 0x1}, {0x5}, {0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x6}, {0x5}, {0x0, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {}, {}, {0x3}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x4}, {0x2, 0x1}, {0x3}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {}, {0x3}, {0x5, 0x1}, {0x5}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x2bac2fd7df0eea97, 0x1}, {0x2}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x1, 0x1}, {0x3}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x3}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {}, {0x5}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {0x2, 0x1}, {0x4, 0x3}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x6c, 0x5, 0x0, 0x1, [{0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x4c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0xa3, 0x6, "a880270d52db49c9c8486af01c7dedb4a3a79e00da0b165683261a043e43b8b29422fad4be07d3de951ba5b8c342624da539ca3eb1e49f65ad59ec20422ada62fd2985b52eba5f5469c949a494bfd17839442ff8ac251ccd1d288c579663613978257530202768bce3ffcd7a3bbd7f0679f84b1c3b98257b64df646348d06c7694770b48f6336aa2c499a501d987c08c93d525e150433c092172b399758e53"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0xfbc}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000016c0)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x9, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0x10, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}, @echo}}}}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000e47000/0x2000)=nil)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x9}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0)=[{{&(0x7f0000000340)=@tipc=@id, 0x80, &(0x7f0000000740)=[{0x0}], 0x1, &(0x7f0000000780)=""/178, 0xb2}, 0xfffffff1}, {{0x0, 0x0, &(0x7f0000001b40), 0x0, &(0x7f0000001a00)=""/165, 0xa5}, 0x7b7}], 0x2, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.817287703s ago: executing program 4 (id=2256):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r0, 0x7a6, &(0x7f0000000380)={0x9, 0x4, 0x1, 0x0, 0x46fe, 0x6})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0xfd)
sendmsg$sock(r3, &(0x7f0000000580)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0, 0x0, &(0x7f0000000540)=[@timestamping={{0x10}}], 0x10}, 0x40)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x4000, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000004c0)={{0x1, 0xffffffffffffffff, 0x0, 0x0, 0xee00, 0x1cb, 0x38f}, 0x0, 0x0, 0xb7, 0xda, 0x4, 0x2, 0x8, 0x2, 0x101a, 0xd7df})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)

1.485894649s ago: executing program 6 (id=2257):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x1d, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80800})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@gettclass={0x24, 0x2a, 0x2, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xb09006f33f661954, 0x3}, {0x1, 0x1}, {0xfff1, 0x4}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x5, 0x0)
write$tcp_congestion(r1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x70, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x35, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @random=0x9, 0x4000, @void, @val, @val={0x3, 0x1, 0x7}, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x6}, @beacon=[@NL80211_ATTR_BEACON_TAIL={0x4}]]}, 0x70}}, 0x20000880)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10)
sendto$inet6(r5, &(0x7f0000000200)='x', 0x1, 0x4000050, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x4}, 0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
add_key$fscrypt_provisioning(&(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[], 0x29, 0xfffffffffffffffc)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setpriority(0x2, 0x0, 0x7)

876.563218ms ago: executing program 4 (id=2258):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6}}}}]}]}, 0x70}}, 0x20040000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setgroups(0x4000000000000190, &(0x7f0000000080))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, 0x0, 0x24008011)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x29d5, &(0x7f0000000100)={0x0, 0x9255})
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x90}}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@size={'size', 0x3d, [0x25]}}]})

511.402858ms ago: executing program 6 (id=2259):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0xc440, 0x0)
io_setup(0x222, &(0x7f0000000180))
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0x509, 0x63d, 0x1, 0x1, 0xd59f83, 0x7, 0x8, 0x1019ef, 0x3, 0x1, 0x4, 0x27fe, 0x2, 0xba2, 0xc, 0x38, {0x8, 0xffffffff}, 0x0, 0xe}})
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000001000), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000040)={0x5, 0x102, 0x1, {0xfda, 0xda5, 0x4, 0x200}})
memfd_create(&(0x7f0000000440)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz\x03\x00\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92 \x00*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\f\xc9\xc5H\x0f;\xd3\xe2\at\x9bJ\xe6\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xee\xdc\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)\xdeA\x1ed\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97\xf6\xb8\xebN\xe2\x18\x04[\xabW}\xb1\xffo\xae~=\x9dd\x9f\x92\xd2[\xb8\xb6\x1a\x02c\xa1\xd1H\xb7@\x06\x96s\xef\xee\x92\xfaC\x15+\x84%h1O\xe2\xb8\xd3\x19R\x00\f\n\x1cpEn\xad\xa7IRf\xc65\x15<}\xb8\x05\xe4\xb7\x9e\xf3\xda\xdavzB\xf8qj\x9e\xe4\xbd\x05\xcfx\xb5\x12\t\xe0\xf2\'f\xf4+\xb3\xdeA6\x10O\xdd\x9c\xf7B', 0x7)
r2 = socket$unix(0x1, 0x5, 0x0)
clock_gettime(0x0, &(0x7f00000077c0)={<r3=>0x0, <r4=>0x0})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'sit0\x00', <r8=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r8}, 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)
recvmmsg$unix(r2, &(0x7f0000007680)=[{{&(0x7f00000003c0), 0x6e, &(0x7f0000000ac0)=[{&(0x7f00000017c0)=""/144, 0x90}, {&(0x7f0000000900)=""/156, 0x9c}, {&(0x7f00000009c0)=""/136, 0x88}, {&(0x7f0000000a80)=""/58, 0x3a}], 0x4}}, {{&(0x7f0000000b00)=@abs, 0x6e, &(0x7f0000000dc0)=[{&(0x7f0000000b80)=""/123, 0x7b}, {&(0x7f0000000c00)=""/63, 0x3f}, {&(0x7f0000000c40)}, {&(0x7f0000000c80)=""/157, 0x9d}, {&(0x7f0000000d40)=""/72, 0x48}], 0x5}}, {{&(0x7f0000000e00), 0x6e, &(0x7f0000000e80)}}, {{&(0x7f0000000ec0), 0x6e, &(0x7f00000012c0)=[{&(0x7f0000001040)=""/251, 0xfb}, {&(0x7f0000000f40)=""/168, 0xa8}, {&(0x7f0000001140)=""/135, 0x87}, {&(0x7f0000001200)=""/181, 0xb5}], 0x4}}, {{&(0x7f0000001300)=@abs, 0x6e, &(0x7f00000014c0)=[{&(0x7f0000002880)=""/4096, 0x1000}, {&(0x7f0000001380)=""/249, 0xf9}, {&(0x7f0000001480)=""/43, 0x2b}], 0x3}}, {{&(0x7f0000001500)=@abs, 0x6e, &(0x7f0000001700)=[{&(0x7f0000001580)=""/32, 0x20}, {&(0x7f00000015c0)=""/19, 0x13}, {&(0x7f0000003880)=""/4096, 0x1000}, {&(0x7f0000001600)=""/220, 0xdc}], 0x4, &(0x7f0000001740)}}, {{0x0, 0x0, &(0x7f0000005b80)=[{&(0x7f0000004880)=""/236, 0xec}, {&(0x7f0000004980)=""/172, 0xac}, {&(0x7f0000001780)=""/52, 0x34}, {&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/29, 0x1d}, {&(0x7f0000005a80)=""/191, 0xbf}, {&(0x7f0000005b40)=""/53, 0x35}], 0x7}}, {{&(0x7f0000005bc0)=@abs, 0x6e, &(0x7f0000005ec0)=[{&(0x7f0000005c40)=""/176, 0xb0}, {&(0x7f0000005d00)=""/111, 0x6f}, {&(0x7f0000005d80)=""/38, 0x26}, {&(0x7f0000005dc0)=""/195, 0xc3}], 0x4, &(0x7f0000005f00)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}], 0xc8}}, {{&(0x7f0000006000), 0x6e, &(0x7f0000006180)=[{&(0x7f0000006080)=""/48, 0x30}, {&(0x7f00000060c0)=""/190, 0xbe}], 0x2}}, {{&(0x7f00000061c0), 0x6e, &(0x7f00000075c0)=[{&(0x7f0000006240)=""/229, 0xe5}, {&(0x7f0000006340)=""/4096, 0x1000}, {&(0x7f0000007340)=""/207, 0xcf}, {&(0x7f0000007440)=""/23, 0x17}, {&(0x7f0000007480)=""/225, 0xe1}, {&(0x7f0000007580)=""/61, 0x3d}], 0x6, &(0x7f0000007600)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}], 0x7c}}], 0xa, 0x32, &(0x7f0000007800)={r3, r4+10000000})
r9 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r9, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r9, 0x8)
r10 = accept4(r9, 0x0, 0x0, 0x0)
sendto$inet(r10, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r10, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet(r10, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r10, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x2}, 0x8)
close(r10)

341.749442ms ago: executing program 6 (id=2260):
r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x80000)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000001c0)=0xd1)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x80)
mount$9p_virtio(&(0x7f0000000580), &(0x7f0000000480)='./file0\x00', &(0x7f0000000100), 0x1000816, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f0000000540)=ANY=[@ANYRESDEC=r0, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x9, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x20000240, 0x20000270, 0x200002a0], 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000003f49df5477e990620000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000"]}, 0xe0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES64=r1, @ANYBLOB="010024de7000fcdbdf252100000008000300", @ANYRESOCT=r3, @ANYBLOB="08009e000b380000"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x9590f6cc3aa755b6)
chdir(&(0x7f0000000280)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x5)
io_setup(0x3ff, &(0x7f0000000500)=<r6=>0x0)
io_submit(r6, 0x2, &(0x7f0000000300)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x8, 0xffffffffffffffff, &(0x7f00000001c0)="ff", 0x1, 0xcbc}])
writev(r5, &(0x7f0000000040)=[{&(0x7f00000000c0)="14", 0x1}], 0x1)

117.48142ms ago: executing program 6 (id=2261):
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000240)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x70}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x5, 0x1, 0x4, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000080)={0x180000000, 0xeeee0000, 0x1, 0xffffffffffffffff, 0x4})
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x9)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r4, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r6, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0xc0, 0x0, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x4, 0x58}}}}, [@NL80211_ATTR_BSS_SELECT={0x44, 0xe3, 0x0, 0x1, [@NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x4}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xc, 0x9}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xb}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x1}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x6e}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x9, 0x8}}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}]}, @NL80211_ATTR_BSS_SELECT={0x24, 0xe3, 0x0, 0x1, [@NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x2, 0x3e}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x4, 0x7}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x7fff}]}, @NL80211_ATTR_KEYS={0x30, 0x51, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x1c, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20091}, 0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r9, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
r10 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
r11 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, r10, 0xc, 0x13, r11, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

0s ago: executing program 6 (id=2262):
quotactl$Q_SETQUOTA(0x0, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r0 = fsopen(&(0x7f00000000c0)='qnx4\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
setrlimit(0x7, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0xffffffffffffff74, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd25, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x3, &(0x7f0000000540)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000003c0)=@IORING_OP_SENDMSG={0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5})
io_uring_enter(r5, 0x47f9, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=2263):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x40, r2, 0xb97534d5fe9704cf, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x6, 0x13, [{0x3, 0x1}, {0x36, 0x1}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x580}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0}, 0x20000800)

kernel console output (not intermixed with test programs):

tem tag 0x0
[  599.662324][   T35] appleir 0003:05AC:8241.0005: unknown main item tag 0x0
[  599.664602][   T35] appleir 0003:05AC:8241.0005: No inputs registered, leaving
[  599.674091][   T35] appleir 0003:05AC:8241.0005: hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  599.910980][ T5931] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  599.933212][   T35] usb 10-1: USB disconnect, device number 13
[  600.071275][ T5931] usb 7-1: Using ep0 maxpacket: 8
[  600.074349][ T5931] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  600.077368][ T5931] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  600.080482][ T5931] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  600.083897][ T5931] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  600.087219][ T5931] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  600.090012][ T5931] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  600.096090][ T5931] hub 7-1:1.0: bad descriptor, ignoring hub
[  600.098462][ T5931] hub 7-1:1.0: probe with driver hub failed with error -5
[  600.101536][ T5931] cdc_wdm 7-1:1.0: skipping garbage
[  600.103677][ T5931] cdc_wdm 7-1:1.0: skipping garbage
[  600.106732][ T5931] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  600.109120][ T5931] cdc_wdm 7-1:1.0: Unknown control protocol
[  600.580836][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  601.014440][T11814] __nla_validate_parse: 3 callbacks suppressed
[  601.014456][T11814] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1515'.
[  601.092173][T11799] usb 7-1: reset high-speed USB device number 19 using dummy_hcd
[  601.174017][T11818] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1516'.
[  601.487674][T11799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  601.490567][T11799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  601.611205][ T6006] usb 7-1: USB disconnect, device number 19
[  602.591663][T11833] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1521'.
[  602.594902][T11833] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1521'.
[  602.597607][T11833] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1521'.
[  602.600271][T11833] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1521'.
[  602.630197][T11835] 9pnet_fd: Insufficient options for proto=fd
[  602.772699][T11839] syz.4.1522: attempt to access beyond end of device
[  602.772699][T11839] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  602.779579][T11839] efs: cannot read volume header
[  603.260203][T11845] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1524'.
[  603.415236][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  603.886747][T11857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1526'.
[  604.741947][T11871] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1532'.
[  604.746840][T11871] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1532'.
[  605.297652][T11890] syz_tun: entered allmulticast mode
[  605.322179][T11889] syz_tun: left allmulticast mode
[  605.662775][ T6043] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  605.834860][ T6043] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  605.838201][ T6043] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  605.842183][ T6043] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  605.848662][ T6043] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  605.852302][ T6043] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.855676][ T6043] usb 7-1: config 0 descriptor??
[  605.858197][T11892] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  606.186344][   T35] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  606.296601][ T6043] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd
[  606.301076][ T6043] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  606.305555][ T6043] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  606.346680][   T35] usb 10-1: Using ep0 maxpacket: 8
[  606.349590][   T35] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  606.352427][   T35] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  606.354913][   T35] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.358604][   T35] usb 10-1: config 0 descriptor??
[  606.361691][   T35] iowarrior 10-1:0.0: no interrupt-in endpoint found
[  606.563714][T11907] __nla_validate_parse: 2 callbacks suppressed
[  606.563725][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1543'.
[  606.576524][  T834] usb 7-1: USB disconnect, device number 20
[  606.658660][T11916] FAULT_INJECTION: forcing a failure.
[  606.658660][T11916] name failslab, interval 1, probability 0, space 0, times 0
[  606.662238][T11916] CPU: 3 UID: 0 PID: 11916 Comm: syz.4.1546 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  606.662250][T11916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  606.662256][T11916] Call Trace:
[  606.662259][T11916]  <TASK>
[  606.662263][T11916]  dump_stack_lvl+0x16c/0x1f0
[  606.662302][T11916]  should_fail_ex+0x50a/0x650
[  606.662322][T11916]  ? fs_reclaim_acquire+0xae/0x150
[  606.662338][T11916]  should_failslab+0xc2/0x120
[  606.662351][T11916]  __kmalloc_noprof+0xce/0x4f0
[  606.662361][T11916]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  606.662373][T11916]  ? tomoyo_realpath_from_path+0xbf/0x710
[  606.662387][T11916]  tomoyo_realpath_from_path+0xbf/0x710
[  606.662398][T11916]  ? tomoyo_path_number_perm+0x235/0x5b0
[  606.662409][T11916]  tomoyo_path_number_perm+0x248/0x5b0
[  606.662418][T11916]  ? tomoyo_path_number_perm+0x235/0x5b0
[  606.662428][T11916]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  606.662448][T11916]  ? __pfx_lock_release+0x10/0x10
[  606.662459][T11916]  ? trace_lock_acquire+0x14e/0x1f0
[  606.662469][T11916]  ? lock_acquire+0x2f/0xb0
[  606.662479][T11916]  ? __fget_files+0x40/0x3a0
[  606.662491][T11916]  ? __fget_files+0x206/0x3a0
[  606.662502][T11916]  security_file_ioctl_compat+0x9b/0x240
[  606.662514][T11916]  __do_compat_sys_ioctl+0x4e/0x2c0
[  606.662529][T11916]  __do_fast_syscall_32+0x73/0x120
[  606.662544][T11916]  do_fast_syscall_32+0x32/0x80
[  606.662558][T11916]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  606.662579][T11916] RIP: 0023:0xf7f96579
[  606.662586][T11916] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  606.662595][T11916] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  606.662604][T11916] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005
[  606.662610][T11916] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  606.662615][T11916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  606.662620][T11916] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  606.662625][T11916] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  606.662636][T11916]  </TASK>
[  606.662640][T11916] ERROR: Out of memory at tomoyo_realpath_from_path.
[  607.041577][ T6006] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  607.212600][ T6006] usb 9-1: Using ep0 maxpacket: 8
[  607.215504][ T6006] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  607.218598][ T6006] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  607.221258][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  607.224987][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  607.228177][ T6006] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  607.230767][ T6006] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.235730][ T6006] hub 9-1:1.0: bad descriptor, ignoring hub
[  607.237516][ T6006] hub 9-1:1.0: probe with driver hub failed with error -5
[  607.239759][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  607.241291][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  607.245151][ T6006] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  607.247150][ T6006] cdc_wdm 9-1:1.0: Unknown control protocol
[  607.323842][T11926] syz_tun: entered allmulticast mode
[  607.327285][T11926] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1549'.
[  607.342586][T11925] syz_tun: left allmulticast mode
[  607.474963][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  608.185675][T11918] usb 9-1: reset high-speed USB device number 7 using dummy_hcd
[  608.580705][T11918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.588016][T11918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  608.619347][T11938] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1552'.
[  608.622053][T11938] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1552'.
[  608.702047][  T834] usb 9-1: USB disconnect, device number 7
[  609.710350][T11947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1555'.
[  609.711807][ T6015] usb 10-1: USB disconnect, device number 14
[  609.775439][T11953] syz_tun: entered allmulticast mode
[  609.787096][T11952] syz_tun: left allmulticast mode
[  610.590857][T11962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1559'.
[  610.594429][T11962] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1559'.
[  610.808908][ T6043] libceph: connect (1)[c::]:6789 error -101
[  610.811300][ T6043] libceph: mon0 (1)[c::]:6789 connect error
[  610.869755][T11975] ceph: No mds server is up or the cluster is laggy
[  611.558203][T11988] syz_tun: entered allmulticast mode
[  611.577660][T11987] syz_tun: left allmulticast mode
[  612.215830][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  612.215840][   T39] audit: type=1326 audit(1738499549.710:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.223897][   T39] audit: type=1326 audit(1738499549.710:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.230355][   T39] audit: type=1326 audit(1738499549.710:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.236983][   T39] audit: type=1326 audit(1738499549.710:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.243134][   T39] audit: type=1326 audit(1738499549.710:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.249498][   T39] audit: type=1326 audit(1738499549.710:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.255623][   T39] audit: type=1326 audit(1738499549.710:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.261925][   T39] audit: type=1326 audit(1738499549.710:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.268053][   T39] audit: type=1326 audit(1738499549.710:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  612.274228][   T39] audit: type=1326 audit(1738499549.710:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11996 comm="syz.2.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f54579 code=0x7ffc0000
[  613.860390][T12023] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1578'.
[  614.123415][T12037] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1579'.
[  614.129461][T12037] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1579'.
[  614.481583][T12045] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1581'.
[  614.831579][T12053] 9pnet_virtio: no channels available for device syz
[  614.904111][T12054] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1585'.
[  614.907181][T12054] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1585'.
[  614.910156][T12054] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1585'.
[  614.912946][T12054] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1585'.
[  615.458671][T12066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1588'.
[  615.790235][T12087] block device autoloading is deprecated and will be removed.
[  615.807345][T12089] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1594'.
[  615.885299][T12096] FAULT_INJECTION: forcing a failure.
[  615.885299][T12096] name failslab, interval 1, probability 0, space 0, times 0
[  615.889236][T12096] CPU: 0 UID: 0 PID: 12096 Comm: syz.5.1596 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  615.889249][T12096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  615.889255][T12096] Call Trace:
[  615.889259][T12096]  <TASK>
[  615.889263][T12096]  dump_stack_lvl+0x16c/0x1f0
[  615.889281][T12096]  should_fail_ex+0x50a/0x650
[  615.889293][T12096]  ? fs_reclaim_acquire+0xae/0x150
[  615.889309][T12096]  should_failslab+0xc2/0x120
[  615.889321][T12096]  __kmalloc_node_noprof+0xd1/0x520
[  615.889333][T12096]  ? __pfx___mutex_lock+0x10/0x10
[  615.889347][T12096]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  615.889358][T12096]  __kvmalloc_node_noprof+0xad/0x1a0
[  615.889368][T12096]  traverse.part.0.constprop.0+0x392/0x640
[  615.889383][T12096]  ? __pfx_lock_release+0x10/0x10
[  615.889395][T12096]  ? trace_lock_acquire+0x14e/0x1f0
[  615.889406][T12096]  seq_read_iter+0x934/0x12b0
[  615.889420][T12096]  ? aa_file_perm+0x4d5/0xfe0
[  615.889435][T12096]  seq_read+0x39f/0x4e0
[  615.889448][T12096]  ? __pfx_seq_read+0x10/0x10
[  615.889470][T12096]  ? __pfx_seq_read+0x10/0x10
[  615.889483][T12096]  proc_reg_read+0x23d/0x330
[  615.889493][T12096]  ? __pfx_proc_reg_read+0x10/0x10
[  615.889504][T12096]  vfs_read+0x1df/0xbf0
[  615.889513][T12096]  ? __fget_files+0x1fc/0x3a0
[  615.889528][T12096]  ? __pfx_lock_release+0x10/0x10
[  615.889539][T12096]  ? __pfx_vfs_read+0x10/0x10
[  615.889548][T12096]  ? lock_acquire+0x2f/0xb0
[  615.889558][T12096]  ? __fget_files+0x40/0x3a0
[  615.889569][T12096]  ? __fget_files+0x206/0x3a0
[  615.889582][T12096]  ksys_pread64+0x170/0x1a0
[  615.889591][T12096]  ? __pfx_ksys_pread64+0x10/0x10
[  615.889604][T12096]  __do_fast_syscall_32+0x73/0x120
[  615.889619][T12096]  do_fast_syscall_32+0x32/0x80
[  615.889632][T12096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  615.889648][T12096] RIP: 0023:0xf744e579
[  615.889655][T12096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  615.889664][T12096] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4
[  615.889673][T12096] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080
[  615.889679][T12096] RDX: 0000000000018fd4 RSI: 0000000000000c2a RDI: 0000000000000000
[  615.889684][T12096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  615.889689][T12096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  615.889694][T12096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  615.889705][T12096]  </TASK>
[  615.990023][T12098] mkiss: ax0: crc mode is auto.
[  616.096886][ T1989] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  616.269384][ T1989] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  616.273319][ T1989] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  616.279219][ T1989] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  616.282717][ T1989] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  616.286943][ T1989] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  616.294616][ T1989] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  616.297518][ T1989] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  616.300452][ T1989] usb 7-1: Product: syz
[  616.301835][ T1989] usb 7-1: Manufacturer: syz
[  616.307074][ T1989] cdc_wdm 7-1:1.0: skipping garbage
[  616.311573][ T1989] cdc_wdm 7-1:1.0: skipping garbage
[  616.314941][ T1989] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  616.316836][ T1989] cdc_wdm 7-1:1.0: Unknown control protocol
[  616.452240][T12115] FAULT_INJECTION: forcing a failure.
[  616.452240][T12115] name failslab, interval 1, probability 0, space 0, times 0
[  616.456313][T12115] CPU: 1 UID: 0 PID: 12115 Comm: syz.6.1605 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  616.456340][T12115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  616.456346][T12115] Call Trace:
[  616.456350][T12115]  <TASK>
[  616.456354][T12115]  dump_stack_lvl+0x16c/0x1f0
[  616.456373][T12115]  should_fail_ex+0x50a/0x650
[  616.456386][T12115]  ? fs_reclaim_acquire+0xae/0x150
[  616.456401][T12115]  should_failslab+0xc2/0x120
[  616.456414][T12115]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  616.456425][T12115]  ? __pfx_mark_lock+0x10/0x10
[  616.456436][T12115]  ? __alloc_skb+0x2b3/0x380
[  616.456454][T12115]  ? __pfx_mark_lock+0x10/0x10
[  616.456472][T12115]  __alloc_skb+0x2b3/0x380
[  616.456491][T12115]  ? __pfx___alloc_skb+0x10/0x10
[  616.456505][T12115]  ? __lock_acquire+0xcc5/0x3c40
[  616.456524][T12115]  ? hlock_class+0x4e/0x130
[  616.456547][T12115]  ? __lock_acquire+0xcc5/0x3c40
[  616.456559][T12115]  alloc_skb_with_frags+0xe4/0x850
[  616.456569][T12115]  ? mark_lock+0xb5/0xc60
[  616.456584][T12115]  sock_alloc_send_pskb+0x7f1/0x980
[  616.456598][T12115]  ? lock_acquire.part.0+0x11b/0x380
[  616.456643][T12115]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  616.456659][T12115]  ? hlock_class+0x4e/0x130
[  616.456673][T12115]  ? __lock_acquire+0xcc5/0x3c40
[  616.456685][T12115]  tun_get_user+0xd3b/0x3e40
[  616.456701][T12115]  ? find_held_lock+0x2d/0x110
[  616.456715][T12115]  ? __pfx_tun_get_user+0x10/0x10
[  616.456726][T12115]  ? find_held_lock+0x2d/0x110
[  616.456742][T12115]  ? __pfx_lock_release+0x10/0x10
[  616.456758][T12115]  tun_chr_write_iter+0xdc/0x210
[  616.456770][T12115]  vfs_write+0x5ae/0x1150
[  616.456780][T12115]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  616.456792][T12115]  ? __pfx_vfs_write+0x10/0x10
[  616.456802][T12115]  ? __fget_files+0x40/0x3a0
[  616.456817][T12115]  ksys_write+0x12b/0x250
[  616.456826][T12115]  ? __pfx_ksys_write+0x10/0x10
[  616.456838][T12115]  __do_fast_syscall_32+0x73/0x120
[  616.456853][T12115]  do_fast_syscall_32+0x32/0x80
[  616.456867][T12115]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  616.456882][T12115] RIP: 0023:0xf7fb7579
[  616.456890][T12115] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  616.456898][T12115] RSP: 002b:00000000f50d6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  616.456907][T12115] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000000
[  616.456913][T12115] RDX: 000000000000fdef RSI: 00000000f743cff4 RDI: 0000000000000000
[  616.456918][T12115] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.456923][T12115] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  616.456928][T12115] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.456938][T12115]  </TASK>
[  616.561133][T12081] ntfs3(sr0): Primary boot signature is not NTFS.
[  616.564373][T12081] ntfs3(sr0): try to read out of volume at offset 0xf800
[  617.142021][T12131] FAULT_INJECTION: forcing a failure.
[  617.142021][T12131] name failslab, interval 1, probability 0, space 0, times 0
[  617.146031][T12131] CPU: 2 UID: 0 PID: 12131 Comm: syz.5.1608 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  617.146044][T12131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  617.146050][T12131] Call Trace:
[  617.146053][T12131]  <TASK>
[  617.146056][T12131]  dump_stack_lvl+0x16c/0x1f0
[  617.146074][T12131]  should_fail_ex+0x50a/0x650
[  617.146085][T12131]  ? fs_reclaim_acquire+0xae/0x150
[  617.146102][T12131]  ? alloc_pipe_info+0x10e/0x590
[  617.146113][T12131]  should_failslab+0xc2/0x120
[  617.146124][T12131]  __kmalloc_cache_noprof+0x68/0x420
[  617.146133][T12131]  ? trace_lock_acquire+0x14e/0x1f0
[  617.146145][T12131]  alloc_pipe_info+0x10e/0x590
[  617.146156][T12131]  splice_direct_to_actor+0x793/0xa40
[  617.146172][T12131]  ? get_pid_task+0xfc/0x250
[  617.146181][T12131]  ? __pfx_direct_splice_actor+0x10/0x10
[  617.146196][T12131]  ? __pfx_aa_file_perm+0x10/0x10
[  617.146208][T12131]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  617.146223][T12131]  ? __fget_files+0x1fc/0x3a0
[  617.146240][T12131]  do_splice_direct+0x178/0x250
[  617.146254][T12131]  ? __pfx_do_splice_direct+0x10/0x10
[  617.146268][T12131]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  617.146285][T12131]  ? rw_verify_area+0xcf/0x680
[  617.146299][T12131]  do_sendfile+0xafb/0xe40
[  617.146315][T12131]  ? __pfx_do_sendfile+0x10/0x10
[  617.146330][T12131]  ? __fget_files+0x206/0x3a0
[  617.146342][T12131]  __ia32_compat_sys_sendfile+0x1e7/0x230
[  617.146354][T12131]  ? ksys_write+0x1ba/0x250
[  617.146362][T12131]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  617.146378][T12131]  __do_fast_syscall_32+0x73/0x120
[  617.146393][T12131]  do_fast_syscall_32+0x32/0x80
[  617.146407][T12131]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  617.146422][T12131] RIP: 0023:0xf744e579
[  617.146430][T12131] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  617.146439][T12131] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  617.146448][T12131] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000004
[  617.146454][T12131] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000000
[  617.146459][T12131] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  617.146464][T12131] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  617.146469][T12131] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  617.146480][T12131]  </TASK>
[  618.925694][  T834] usb 7-1: USB disconnect, device number 21
[  619.350548][T12173] 9pnet_virtio: no channels available for device syz
[  620.810183][T12212] ax25_connect(): syz.5.1632 uses autobind, please contact jreuter@yaina.de
[  620.820020][T12213] ax25_connect(): syz.5.1632 uses autobind, please contact jreuter@yaina.de
[  620.990917][T12221] syz_tun: entered allmulticast mode
[  621.031550][T12220] syz_tun: left allmulticast mode
[  621.059044][T12223] netlink: 'syz.4.1636': attribute type 21 has an invalid length.
[  621.062711][T12223] __nla_validate_parse: 13 callbacks suppressed
[  621.062719][T12223] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1636'.
[  621.069216][T12223] netlink: 'syz.4.1636': attribute type 5 has an invalid length.
[  621.071450][T12223] netlink: 'syz.4.1636': attribute type 6 has an invalid length.
[  621.073672][T12223] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1636'.
[  621.232196][T12234] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1634'.
[  621.235636][T12234] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1634'.
[  621.646670][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  622.200448][T12253] syz_tun: entered allmulticast mode
[  622.213690][T12252] syz_tun: left allmulticast mode
[  622.337827][T12256] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1642'.
[  622.341816][T12256] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1642'.
[  622.505293][ T1989] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  622.660250][T12264] FAULT_INJECTION: forcing a failure.
[  622.660250][T12264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  622.664249][T12264] CPU: 1 UID: 0 PID: 12264 Comm: syz.4.1648 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  622.664262][T12264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  622.664267][T12264] Call Trace:
[  622.664270][T12264]  <TASK>
[  622.664274][T12264]  dump_stack_lvl+0x16c/0x1f0
[  622.664292][T12264]  should_fail_ex+0x50a/0x650
[  622.664305][T12264]  _copy_from_user+0x2e/0xd0
[  622.664319][T12264]  __sys_bpf+0x215/0x57a0
[  622.664331][T12264]  ? __pfx_lock_release+0x10/0x10
[  622.664353][T12264]  ? __pfx___sys_bpf+0x10/0x10
[  622.664366][T12264]  ? vfs_write+0x306/0x1150
[  622.664378][T12264]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  622.664399][T12264]  ? fput+0x67/0x440
[  622.664411][T12264]  ? ksys_write+0x1ba/0x250
[  622.664420][T12264]  ? __pfx_ksys_write+0x10/0x10
[  622.664431][T12264]  __ia32_sys_bpf+0x76/0xe0
[  622.664444][T12264]  __do_fast_syscall_32+0x73/0x120
[  622.664459][T12264]  do_fast_syscall_32+0x32/0x80
[  622.664477][T12264]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  622.664492][T12264] RIP: 0023:0xf7f96579
[  622.664499][T12264] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  622.664508][T12264] RSP: 002b:00000000f509555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  622.664517][T12264] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000200003c0
[  622.664523][T12264] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  622.664528][T12264] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  622.664533][T12264] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  622.664538][T12264] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  622.664576][T12264]  </TASK>
[  622.721603][ T1989] usb 7-1: Using ep0 maxpacket: 8
[  622.724650][ T1989] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  622.727711][ T1989] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  622.730294][ T1989] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  622.733468][ T1989] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  622.736850][ T1989] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  622.739523][ T1989] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.743920][ T1989] hub 7-1:1.0: bad descriptor, ignoring hub
[  622.745731][ T1989] hub 7-1:1.0: probe with driver hub failed with error -5
[  622.748098][ T1989] cdc_wdm 7-1:1.0: skipping garbage
[  622.749665][ T1989] cdc_wdm 7-1:1.0: skipping garbage
[  622.751745][ T1989] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  622.753574][ T1989] cdc_wdm 7-1:1.0: Unknown control protocol
[  623.305865][T12272] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1650'.
[  623.308895][T12272] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1650'.
[  623.740636][T12255] usb 7-1: reset high-speed USB device number 22 using dummy_hcd
[  624.134642][T12255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  624.137829][T12255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  624.485894][T12291] ./file0: Can't lookup blockdev
[  624.571289][T12296] ./file0: Can't lookup blockdev
[  624.818360][T12299] FAULT_INJECTION: forcing a failure.
[  624.818360][T12299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  624.822304][T12299] CPU: 2 UID: 0 PID: 12299 Comm: syz.6.1659 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  624.822317][T12299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  624.822323][T12299] Call Trace:
[  624.822326][T12299]  <TASK>
[  624.822330][T12299]  dump_stack_lvl+0x16c/0x1f0
[  624.822349][T12299]  should_fail_ex+0x50a/0x650
[  624.822362][T12299]  _copy_from_user+0x2e/0xd0
[  624.822375][T12299]  get_compat_msghdr+0xa8/0x170
[  624.822389][T12299]  ? __pfx_get_compat_msghdr+0x10/0x10
[  624.822404][T12299]  ___sys_sendmsg+0x1b0/0x1e0
[  624.822420][T12299]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.822447][T12299]  ? __pfx_lock_release+0x10/0x10
[  624.822463][T12299]  ? trace_lock_acquire+0x14e/0x1f0
[  624.822476][T12299]  ? __fget_files+0x206/0x3a0
[  624.822489][T12299]  __sys_sendmsg+0x16e/0x220
[  624.822499][T12299]  ? __pfx___sys_sendmsg+0x10/0x10
[  624.822515][T12299]  __do_fast_syscall_32+0x73/0x120
[  624.822530][T12299]  do_fast_syscall_32+0x32/0x80
[  624.822544][T12299]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  624.822560][T12299] RIP: 0023:0xf7fb7579
[  624.822567][T12299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  624.822576][T12299] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  624.822586][T12299] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200002c0
[  624.822592][T12299] RDX: 0000000000004001 RSI: 0000000000000000 RDI: 0000000000000000
[  624.822597][T12299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  624.822602][T12299] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  624.822607][T12299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  624.822617][T12299]  </TASK>
[  624.882842][    C2] vkms_vblank_simulate: vblank timer overrun
[  625.380715][T12311] FAULT_INJECTION: forcing a failure.
[  625.380715][T12311] name failslab, interval 1, probability 0, space 0, times 0
[  625.384340][T12311] CPU: 1 UID: 0 PID: 12311 Comm: syz.4.1664 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  625.384352][T12311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  625.384358][T12311] Call Trace:
[  625.384361][T12311]  <TASK>
[  625.384365][T12311]  dump_stack_lvl+0x16c/0x1f0
[  625.384382][T12311]  should_fail_ex+0x50a/0x650
[  625.384393][T12311]  ? fs_reclaim_acquire+0xae/0x150
[  625.384410][T12311]  should_failslab+0xc2/0x120
[  625.384422][T12311]  __kmalloc_noprof+0xce/0x4f0
[  625.384433][T12311]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  625.384444][T12311]  ? tomoyo_realpath_from_path+0xbf/0x710
[  625.384458][T12311]  tomoyo_realpath_from_path+0xbf/0x710
[  625.384470][T12311]  ? tomoyo_path_number_perm+0x235/0x5b0
[  625.384481][T12311]  tomoyo_path_number_perm+0x248/0x5b0
[  625.384489][T12311]  ? tomoyo_path_number_perm+0x235/0x5b0
[  625.384499][T12311]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  625.384539][T12311]  ? __pfx_lock_release+0x10/0x10
[  625.384556][T12311]  ? trace_lock_acquire+0x14e/0x1f0
[  625.384566][T12311]  ? lock_acquire+0x2f/0xb0
[  625.384576][T12311]  ? __fget_files+0x40/0x3a0
[  625.384588][T12311]  ? __fget_files+0x206/0x3a0
[  625.384599][T12311]  security_file_ioctl_compat+0x9b/0x240
[  625.384610][T12311]  __do_compat_sys_ioctl+0x4e/0x2c0
[  625.384625][T12311]  __do_fast_syscall_32+0x73/0x120
[  625.384641][T12311]  do_fast_syscall_32+0x32/0x80
[  625.384655][T12311]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  625.384669][T12311] RIP: 0023:0xf7f96579
[  625.384677][T12311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  625.384686][T12311] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  625.384695][T12311] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c028aa03
[  625.384701][T12311] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[  625.384706][T12311] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  625.384711][T12311] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  625.384716][T12311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  625.384727][T12311]  </TASK>
[  625.384730][T12311] ERROR: Out of memory at tomoyo_realpath_from_path.
[  625.515695][T12315] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1662'.
[  625.518356][T12315] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1662'.
[  626.669870][T12326] FAULT_INJECTION: forcing a failure.
[  626.669870][T12326] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.678394][T12326] CPU: 1 UID: 0 PID: 12326 Comm: syz.6.1669 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  626.678416][T12326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  626.678426][T12326] Call Trace:
[  626.678431][T12326]  <TASK>
[  626.678438][T12326]  dump_stack_lvl+0x16c/0x1f0
[  626.678465][T12326]  should_fail_ex+0x50a/0x650
[  626.678486][T12326]  _copy_from_user+0x2e/0xd0
[  626.678507][T12326]  get_compat_msghdr+0xa8/0x170
[  626.678527][T12326]  ? __pfx_get_compat_msghdr+0x10/0x10
[  626.678554][T12326]  ___sys_sendmsg+0x1b0/0x1e0
[  626.678568][T12326]  ? __pfx_mark_lock+0x10/0x10
[  626.678588][T12326]  ? __pfx____sys_sendmsg+0x10/0x10
[  626.678612][T12326]  ? trace_lock_acquire+0x14e/0x1f0
[  626.678641][T12326]  __sys_sendmmsg+0x2fa/0x420
[  626.678659][T12326]  ? __pfx___sys_sendmmsg+0x10/0x10
[  626.678681][T12326]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  626.678714][T12326]  ? fput+0x67/0x440
[  626.678733][T12326]  ? ksys_write+0x1ba/0x250
[  626.678749][T12326]  ? __pfx_ksys_write+0x10/0x10
[  626.678767][T12326]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  626.678788][T12326]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  626.678810][T12326]  __do_fast_syscall_32+0x73/0x120
[  626.678836][T12326]  do_fast_syscall_32+0x32/0x80
[  626.678859][T12326]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  626.678883][T12326] RIP: 0023:0xf7fb7579
[  626.678895][T12326] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  626.678911][T12326] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  626.678927][T12326] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000200bd000
[  626.678937][T12326] RDX: 00000000ffffff2b RSI: 0000000000000000 RDI: 0000000000000000
[  626.678946][T12326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  626.678955][T12326] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  626.678964][T12326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  626.678982][T12326]  </TASK>
[  626.967406][   T39] kauditd_printk_skb: 29 callbacks suppressed
[  626.967421][   T39] audit: type=1804 audit(1738499563.517:597): pid=12335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1670" name="/newroot/144/file1" dev="fuse" ino=1 res=1 errno=0
[  626.975886][T12335] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1670'.
[  627.200742][T12342] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1672'.
[  627.515944][T12354] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  627.517960][T12354] IPv6: NLM_F_CREATE should be set when creating new route
[  627.520650][T12354] lo: entered allmulticast mode
[  627.522475][T12354] tunl0: entered allmulticast mode
[  627.525108][T12354] gre0: entered allmulticast mode
[  627.529980][T12354] gretap0: entered allmulticast mode
[  627.533000][T12354] erspan0: entered allmulticast mode
[  627.536549][T12354] ip_vti0: entered allmulticast mode
[  627.540641][T12354] ip6_vti0: entered allmulticast mode
[  627.543417][T12354] sit0: entered allmulticast mode
[  627.546740][T12354] ip6tnl0: entered allmulticast mode
[  627.549352][T12354] ip6gre0: entered allmulticast mode
[  627.558540][T12354] ip6gretap0: entered allmulticast mode
[  627.563001][T12354] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.565294][T12354] bridge0: port 1(bridge_slave_0) entered disabled state
[  627.567969][T12354] bridge0: entered allmulticast mode
[  627.572018][T12354] bond0: entered allmulticast mode
[  627.573590][T12354] bond_slave_0: entered allmulticast mode
[  627.575250][T12354] bond_slave_1: entered allmulticast mode
[  627.578337][T12354] dummy0: entered allmulticast mode
[  627.581179][T12354] nlmon0: entered allmulticast mode
[  627.583304][T12354] caif0: entered allmulticast mode
[  627.585115][T12354] vxcan0: entered allmulticast mode
[  627.587134][T12354] vxcan1: entered allmulticast mode
[  627.590410][T12354] veth0: entered allmulticast mode
[  627.593601][T12354] veth1: entered allmulticast mode
[  627.599952][T12354] wg0: entered allmulticast mode
[  627.602871][T12354] wg1: entered allmulticast mode
[  627.605607][T12354] wg2: entered allmulticast mode
[  627.608564][T12354] veth0_to_bridge: entered allmulticast mode
[  627.613921][T12354] veth1_to_bridge: entered allmulticast mode
[  627.619066][T12354] veth0_to_bond: entered allmulticast mode
[  627.622953][T12354] veth1_to_bond: entered allmulticast mode
[  627.626307][T12354] veth0_to_team: entered allmulticast mode
[  627.628887][T12354] team_slave_0: entered allmulticast mode
[  627.630927][T12354] veth1_to_team: entered allmulticast mode
[  627.633768][T12354] team_slave_1: entered allmulticast mode
[  627.636394][T12354] veth0_to_batadv: entered allmulticast mode
[  627.639764][T12354] batadv_slave_0: entered allmulticast mode
[  627.644586][T12354] veth1_to_batadv: entered allmulticast mode
[  627.647909][T12354] batadv_slave_1: entered allmulticast mode
[  627.650690][T12354] xfrm0: entered allmulticast mode
[  627.653834][T12354] veth0_to_hsr: entered allmulticast mode
[  627.656871][T12354] hsr_slave_0: entered allmulticast mode
[  627.659963][T12354] veth1_to_hsr: entered allmulticast mode
[  627.662729][T12354] hsr_slave_1: entered allmulticast mode
[  627.665703][T12354] hsr0: entered allmulticast mode
[  627.668892][T12354] veth1_virt_wifi: entered allmulticast mode
[  627.669461][T12356] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1674'.
[  627.673485][T12354] veth0_virt_wifi: entered allmulticast mode
[  627.674009][T12356] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1674'.
[  627.678359][T12354] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  627.682017][T12354] veth1_vlan: entered allmulticast mode
[  627.685438][T12354] veth0_vlan: entered allmulticast mode
[  627.691342][T12354] vlan0: entered allmulticast mode
[  627.692918][T12354] vlan1: entered allmulticast mode
[  627.694749][T12354] macvlan0: entered allmulticast mode
[  627.698178][T12354] macvlan1: entered allmulticast mode
[  627.700880][T12354] ipvlan0: entered allmulticast mode
[  627.702576][T12354] ipvlan1: entered allmulticast mode
[  627.705154][T12354] veth1_macvtap: entered allmulticast mode
[  627.708922][T12354] veth0_macvtap: entered allmulticast mode
[  627.712029][T12354] macvtap0: entered allmulticast mode
[  627.714743][T12354] macsec0: entered allmulticast mode
[  627.719194][T12354] geneve0: entered allmulticast mode
[  627.722172][T12354] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.724629][T12354] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.727195][T12354] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.729993][T12354] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.732539][T12354] geneve1: entered allmulticast mode
[  627.740603][T12354] mac80211_hwsim hwsim13 wlan0: entered allmulticast mode
[  627.746832][T12354] mac80211_hwsim hwsim14 wlan1: entered allmulticast mode
[  627.749811][T12354] veth2: entered allmulticast mode
[  627.751423][T12354] veth3: entered allmulticast mode
[  627.753053][T12354] veth4: entered allmulticast mode
[  627.754728][T12354] veth5: entered allmulticast mode
[  627.756322][T12354] veth6: entered allmulticast mode
[  627.757978][T12354] veth7: entered allmulticast mode
[  627.759560][T12354] veth8: entered allmulticast mode
[  627.761538][T12354] veth9: entered allmulticast mode
[  627.763141][T12354] bond1: entered allmulticast mode
[  627.764692][T12354] veth10: entered allmulticast mode
[  627.766285][T12354] veth11: entered allmulticast mode
[  627.767876][T12354] netdevsim netdevsim5 eth0: entered allmulticast mode
[  627.769944][T12354] netdevsim netdevsim5 eth1: entered allmulticast mode
[  627.772739][T12354] netdevsim netdevsim5 eth2: entered allmulticast mode
[  627.774792][T12354] netdevsim netdevsim5 eth3: entered allmulticast mode
[  627.776931][T12354] bond2: entered allmulticast mode
[  627.778501][T12354] veth1_to_bond.4: entered allmulticast mode
[  627.832314][T12359] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1677'.
[  627.835365][T12359] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1677'.
[  627.838040][T12359] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1677'.
[  627.840616][T12359] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1677'.
[  627.898980][ T6006] usb 7-1: USB disconnect, device number 22
[  628.482769][T12375] virt_wifi0 speed is unknown, defaulting to 1000
[  628.485141][T12375] lo speed is unknown, defaulting to 1000
[  629.007460][T12393] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1688'.
[  629.010539][T12393] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1688'.
[  629.534644][T10293] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  629.716317][T10293] usb 7-1: Using ep0 maxpacket: 8
[  629.719666][T10293] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  629.723623][T10293] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  629.726774][T10293] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.734474][T10293] usb 7-1: config 0 descriptor??
[  629.740072][T10293] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  630.522630][T12426] FAULT_INJECTION: forcing a failure.
[  630.522630][T12426] name failslab, interval 1, probability 0, space 0, times 0
[  630.526575][T12426] CPU: 0 UID: 0 PID: 12426 Comm: syz.4.1697 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  630.526588][T12426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  630.526594][T12426] Call Trace:
[  630.526598][T12426]  <TASK>
[  630.526602][T12426]  dump_stack_lvl+0x16c/0x1f0
[  630.526620][T12426]  should_fail_ex+0x50a/0x650
[  630.526632][T12426]  ? fs_reclaim_acquire+0xae/0x150
[  630.526648][T12426]  should_failslab+0xc2/0x120
[  630.526661][T12426]  __kmalloc_noprof+0xce/0x4f0
[  630.526671][T12426]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  630.526683][T12426]  ? tomoyo_realpath_from_path+0xbf/0x710
[  630.526697][T12426]  tomoyo_realpath_from_path+0xbf/0x710
[  630.526709][T12426]  ? tomoyo_path_number_perm+0x235/0x5b0
[  630.526720][T12426]  tomoyo_path_number_perm+0x248/0x5b0
[  630.526728][T12426]  ? tomoyo_path_number_perm+0x235/0x5b0
[  630.526738][T12426]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  630.526772][T12426]  ? __pfx_lock_release+0x10/0x10
[  630.526783][T12426]  ? trace_lock_acquire+0x14e/0x1f0
[  630.526793][T12426]  ? lock_acquire+0x2f/0xb0
[  630.526803][T12426]  ? __fget_files+0x40/0x3a0
[  630.526814][T12426]  ? __fget_files+0x206/0x3a0
[  630.526826][T12426]  security_file_ioctl_compat+0x9b/0x240
[  630.526837][T12426]  __do_compat_sys_ioctl+0x4e/0x2c0
[  630.526852][T12426]  __do_fast_syscall_32+0x73/0x120
[  630.526867][T12426]  do_fast_syscall_32+0x32/0x80
[  630.526882][T12426]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  630.526897][T12426] RIP: 0023:0xf7f96579
[  630.526905][T12426] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  630.526914][T12426] RSP: 002b:00000000f509555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  630.526923][T12426] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000004048aecb
[  630.526929][T12426] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  630.526934][T12426] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  630.526939][T12426] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  630.526943][T12426] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  630.526955][T12426]  </TASK>
[  630.526972][T12426] ERROR: Out of memory at tomoyo_realpath_from_path.
[  631.106632][T12440] syz_tun: entered allmulticast mode
[  631.120296][T12439] syz_tun: left allmulticast mode
[  631.241265][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  631.783206][T12453] 9pnet_virtio: no channels available for device syz
[  632.356561][T12462] __nla_validate_parse: 10 callbacks suppressed
[  632.356573][T12462] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1709'.
[  632.361027][T12462] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1709'.
[  632.363535][T12462] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1709'.
[  632.366159][T12462] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1709'.
[  632.542261][   T35] usb 7-1: USB disconnect, device number 23
[  632.855363][T12479] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1715'.
[  632.913289][T12470] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1711'.
[  632.916134][T12470] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1711'.
[  633.570404][T12493] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1717'.
[  633.572902][T12493] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1717'.
[  633.628506][T12496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1719'.
[  634.131529][T10293] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  634.302624][T10293] usb 10-1: Using ep0 maxpacket: 8
[  634.307021][T10293] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  634.311089][T10293] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  634.315263][T10293] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.321512][T10293] usb 10-1: config 0 descriptor??
[  634.326193][T10293] iowarrior 10-1:0.0: no interrupt-in endpoint found
[  634.789032][T12515] tipc: Started in network mode
[  634.790565][T12515] tipc: Node identity 7f000001, cluster identity 4711
[  634.796300][T12515] tipc: Enabled bearer <udp:syz1>, priority 10
[  634.798847][T12515] FAULT_INJECTION: forcing a failure.
[  634.798847][T12515] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  634.805371][T12515] CPU: 0 UID: 0 PID: 12515 Comm: syz.2.1724 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  634.805386][T12515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  634.805392][T12515] Call Trace:
[  634.805395][T12515]  <TASK>
[  634.805399][T12515]  dump_stack_lvl+0x16c/0x1f0
[  634.805417][T12515]  should_fail_ex+0x50a/0x650
[  634.805431][T12515]  _copy_from_user+0x2e/0xd0
[  634.805444][T12515]  get_compat_msghdr+0xa8/0x170
[  634.805457][T12515]  ? __pfx_get_compat_msghdr+0x10/0x10
[  634.805472][T12515]  ___sys_sendmsg+0x1b0/0x1e0
[  634.805483][T12515]  ? __pfx____sys_sendmsg+0x10/0x10
[  634.805497][T12515]  ? __pfx_lock_release+0x10/0x10
[  634.805509][T12515]  ? trace_lock_acquire+0x14e/0x1f0
[  634.805521][T12515]  ? __fget_files+0x206/0x3a0
[  634.805535][T12515]  __sys_sendmsg+0x16e/0x220
[  634.805544][T12515]  ? __pfx___sys_sendmsg+0x10/0x10
[  634.805563][T12515]  __do_fast_syscall_32+0x73/0x120
[  634.805581][T12515]  do_fast_syscall_32+0x32/0x80
[  634.805595][T12515]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  634.805611][T12515] RIP: 0023:0xf7f54579
[  634.805618][T12515] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  634.805628][T12515] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  634.805637][T12515] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000100
[  634.805643][T12515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  634.805648][T12515] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  634.805653][T12515] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  634.805658][T12515] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  634.805669][T12515]  </TASK>
[  635.995883][  T834] tipc: Node number set to 2130706433
[  636.083435][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  636.536500][ T5998] Bluetooth: hci4: Frame reassembly failed (-84)
[  637.047311][T12551] syz_tun: entered allmulticast mode
[  637.062431][T12549] syz_tun: left allmulticast mode
[  637.181469][  T834] usb 10-1: USB disconnect, device number 15
[  637.292464][T12560] syz.5.1737 (12560): drop_caches: 2
[  637.341922][T12558] hub 1-0:1.0: USB hub found
[  637.344610][T12558] hub 1-0:1.0: 2 ports detected
[  637.372446][T12558] virt_wifi0 speed is unknown, defaulting to 1000
[  637.376068][T12558] lo speed is unknown, defaulting to 1000
[  638.377055][ T5976] Bluetooth: hci1: unexpected event for opcode 0x2040
[  638.716036][ T5976] Bluetooth: hci4: command 0x1003 tx timeout
[  638.814202][ T5983] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  639.138599][ T6043] libceph: connect (1)[c::]:6789 error -101
[  639.141241][ T6043] libceph: mon0 (1)[c::]:6789 connect error
[  639.242306][T12597] __nla_validate_parse: 4 callbacks suppressed
[  639.242317][T12597] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1745'.
[  639.412780][T12593] ceph: No mds server is up or the cluster is laggy
[  639.415068][ T6043] libceph: connect (1)[c::]:6789 error -101
[  639.417147][ T6043] libceph: mon0 (1)[c::]:6789 connect error
[  640.171502][ T6015] libceph: connect (1)[c::]:6789 error -101
[  640.175001][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  640.243111][T12616] ceph: No mds server is up or the cluster is laggy
[  640.378547][T12623] 9pnet_virtio: no channels available for device syz
[  640.388495][T12623] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1752'.
[  640.391829][T12623] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1752'.
[  640.395172][T12623] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1752'.
[  640.398540][T12623] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1752'.
[  640.570863][T12627] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1753'.
[  641.067749][T12638] FAULT_INJECTION: forcing a failure.
[  641.067749][T12638] name failslab, interval 1, probability 0, space 0, times 0
[  641.071472][T12638] CPU: 1 UID: 0 PID: 12638 Comm: syz.5.1755 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  641.071485][T12638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  641.071491][T12638] Call Trace:
[  641.071494][T12638]  <TASK>
[  641.071498][T12638]  dump_stack_lvl+0x16c/0x1f0
[  641.071517][T12638]  should_fail_ex+0x50a/0x650
[  641.071529][T12638]  ? fs_reclaim_acquire+0xae/0x150
[  641.071546][T12638]  should_failslab+0xc2/0x120
[  641.071558][T12638]  __kmalloc_noprof+0xce/0x4f0
[  641.071568][T12638]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  641.071579][T12638]  ? tomoyo_realpath_from_path+0xbf/0x710
[  641.071593][T12638]  tomoyo_realpath_from_path+0xbf/0x710
[  641.071605][T12638]  ? tomoyo_path_number_perm+0x235/0x5b0
[  641.071615][T12638]  tomoyo_path_number_perm+0x248/0x5b0
[  641.071623][T12638]  ? tomoyo_path_number_perm+0x235/0x5b0
[  641.071633][T12638]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  641.071653][T12638]  ? __pfx_lock_release+0x10/0x10
[  641.071664][T12638]  ? trace_lock_acquire+0x14e/0x1f0
[  641.071674][T12638]  ? lock_acquire+0x2f/0xb0
[  641.071684][T12638]  ? __fget_files+0x40/0x3a0
[  641.071695][T12638]  ? __fget_files+0x206/0x3a0
[  641.071706][T12638]  security_file_ioctl_compat+0x9b/0x240
[  641.071718][T12638]  __do_compat_sys_ioctl+0x4e/0x2c0
[  641.071734][T12638]  __do_fast_syscall_32+0x73/0x120
[  641.071748][T12638]  do_fast_syscall_32+0x32/0x80
[  641.071763][T12638]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  641.071778][T12638] RIP: 0023:0xf744e579
[  641.071786][T12638] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  641.071795][T12638] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  641.071804][T12638] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000002285
[  641.071810][T12638] RDX: 0000000020000440 RSI: 0000000000000000 RDI: 0000000000000000
[  641.071815][T12638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  641.071820][T12638] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  641.071825][T12638] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  641.071836][T12638]  </TASK>
[  641.071840][T12638] ERROR: Out of memory at tomoyo_realpath_from_path.
[  641.253604][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1760'.
[  641.486730][ T6016] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  641.670569][ T6016] usb 10-1: Using ep0 maxpacket: 8
[  641.673336][ T6016] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  641.678452][ T6016] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  641.682397][ T6016] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.688407][ T6016] usb 10-1: config 0 descriptor??
[  641.695261][ T6016] iowarrior 10-1:0.0: no interrupt-in endpoint found
[  642.436620][T12662] syz.2.1762: attempt to access beyond end of device
[  642.436620][T12662] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  642.443304][T12662] XFS (nbd2): SB validate failed with error -5.
[  642.539151][T12676] syz_tun: entered allmulticast mode
[  642.550562][T12675] syz_tun: left allmulticast mode
[  642.904050][T12688] netlink: 'syz.6.1766': attribute type 10 has an invalid length.
[  642.930573][T12688] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  643.516664][T12693] FAULT_INJECTION: forcing a failure.
[  643.516664][T12693] name failslab, interval 1, probability 0, space 0, times 0
[  643.520587][T12693] CPU: 1 UID: 0 PID: 12693 Comm: syz.4.1767 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  643.520601][T12693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  643.520607][T12693] Call Trace:
[  643.520610][T12693]  <TASK>
[  643.520613][T12693]  dump_stack_lvl+0x16c/0x1f0
[  643.520632][T12693]  should_fail_ex+0x50a/0x650
[  643.520643][T12693]  ? fs_reclaim_acquire+0xae/0x150
[  643.520659][T12693]  ? __do_sys_timerfd_create+0xea/0x410
[  643.520669][T12693]  should_failslab+0xc2/0x120
[  643.520681][T12693]  __kmalloc_cache_noprof+0x68/0x420
[  643.520691][T12693]  ? __pfx_ksys_write+0x10/0x10
[  643.520702][T12693]  __do_sys_timerfd_create+0xea/0x410
[  643.520712][T12693]  ? lockdep_hardirqs_on+0x7c/0x110
[  643.520726][T12693]  __do_fast_syscall_32+0x73/0x120
[  643.520740][T12693]  do_fast_syscall_32+0x32/0x80
[  643.520755][T12693]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  643.520771][T12693] RIP: 0023:0xf7f96579
[  643.520778][T12693] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  643.520787][T12693] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000142
[  643.520796][T12693] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000080000
[  643.520802][T12693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  643.520807][T12693] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  643.520812][T12693] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  643.520817][T12693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  643.520828][T12693]  </TASK>
[  643.521543][T12693] netlink: 'syz.4.1767': attribute type 10 has an invalid length.
[  644.272051][T12710] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1771'.
[  644.545527][ T6043] usb 10-1: USB disconnect, device number 16
[  644.577000][T12714] syz_tun: entered allmulticast mode
[  644.592639][T12713] syz_tun: left allmulticast mode
[  645.315942][T12737] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1778'.
[  645.320625][T12737] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1778'.
[  645.585051][T12743] FAULT_INJECTION: forcing a failure.
[  645.585051][T12743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.589013][T12743] CPU: 2 UID: 0 PID: 12743 Comm: syz.2.1781 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  645.589026][T12743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  645.589031][T12743] Call Trace:
[  645.589035][T12743]  <TASK>
[  645.589039][T12743]  dump_stack_lvl+0x16c/0x1f0
[  645.589057][T12743]  should_fail_ex+0x50a/0x650
[  645.589075][T12743]  _copy_from_user+0x2e/0xd0
[  645.589088][T12743]  get_compat_msghdr+0xa8/0x170
[  645.589100][T12743]  ? __pfx_get_compat_msghdr+0x10/0x10
[  645.589116][T12743]  ___sys_sendmsg+0x1b0/0x1e0
[  645.589127][T12743]  ? __pfx____sys_sendmsg+0x10/0x10
[  645.589141][T12743]  ? __pfx_lock_release+0x10/0x10
[  645.589152][T12743]  ? trace_lock_acquire+0x14e/0x1f0
[  645.589164][T12743]  ? __fget_files+0x206/0x3a0
[  645.589177][T12743]  __sys_sendmsg+0x16e/0x220
[  645.589186][T12743]  ? __pfx___sys_sendmsg+0x10/0x10
[  645.589203][T12743]  __do_fast_syscall_32+0x73/0x120
[  645.589218][T12743]  do_fast_syscall_32+0x32/0x80
[  645.589232][T12743]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  645.589247][T12743] RIP: 0023:0xf7f54579
[  645.589254][T12743] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  645.589263][T12743] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  645.589272][T12743] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100
[  645.589278][T12743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  645.589283][T12743] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.589288][T12743] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  645.589293][T12743] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.589303][T12743]  </TASK>
[  645.618798][T12744] netlink: 'syz.5.1780': attribute type 10 has an invalid length.
[  645.642963][T12746] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1782'.
[  645.658734][T12744] hsr0: left allmulticast mode
[  645.681344][T12744] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  646.161256][T12758] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1786'.
[  647.087161][T12776] 9pnet_virtio: no channels available for device syz
[  647.130578][T12777] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1789'.
[  647.133857][T12777] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1789'.
[  647.137000][T12777] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1789'.
[  647.139738][T12777] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1789'.
[  647.156971][T12782] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1790'.
[  647.159694][T12782] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1790'.
[  647.661961][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  648.478674][   T56] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  648.540351][T12810] netlink: 'syz.5.1799': attribute type 12 has an invalid length.
[  648.638733][   T56] usb 7-1: Using ep0 maxpacket: 8
[  648.642464][   T56] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  648.646531][   T56] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  648.650317][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  648.654970][   T56] usb 7-1: config 0 descriptor??
[  648.660236][   T56] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  649.209399][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  651.172127][T12861] FAULT_INJECTION: forcing a failure.
[  651.172127][T12861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  651.177444][T12861] CPU: 1 UID: 0 PID: 12861 Comm: syz.6.1810 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  651.177468][T12861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  651.177474][T12861] Call Trace:
[  651.177477][T12861]  <TASK>
[  651.177481][T12861]  dump_stack_lvl+0x16c/0x1f0
[  651.177498][T12861]  should_fail_ex+0x50a/0x650
[  651.177512][T12861]  _copy_from_user+0x2e/0xd0
[  651.177525][T12861]  __sys_bpf+0x215/0x57a0
[  651.177539][T12861]  ? __pfx___sys_bpf+0x10/0x10
[  651.177549][T12861]  ? lockdep_hardirqs_on+0x7c/0x110
[  651.177563][T12861]  ? __schedule+0x3c6a/0x5890
[  651.177575][T12861]  ? __pfx___schedule+0x10/0x10
[  651.177600][T12861]  __ia32_sys_bpf+0x76/0xe0
[  651.177613][T12861]  __do_fast_syscall_32+0x73/0x120
[  651.177628][T12861]  do_fast_syscall_32+0x32/0x80
[  651.177641][T12861]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  651.177656][T12861] RIP: 0023:0xf7fb7579
[  651.177664][T12861] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  651.177673][T12861] RSP: 002b:00000000f509455c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  651.177683][T12861] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000180
[  651.177688][T12861] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  651.177694][T12861] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  651.177699][T12861] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  651.177704][T12861] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  651.177714][T12861]  </TASK>
[  651.288693][T12861] wireguard0: entered promiscuous mode
[  651.290464][T12861] wireguard0: entered allmulticast mode
[  651.518223][ T6015] usb 7-1: USB disconnect, device number 24
[  651.858029][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  652.200792][ T6015] libceph: connect (1)[c::]:6789 error -101
[  652.202881][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  652.209428][  T834] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  652.261049][T12882] ceph: No mds server is up or the cluster is laggy
[  652.380403][  T834] usb 9-1: Using ep0 maxpacket: 8
[  652.384944][  T834] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  652.388854][  T834] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  652.393374][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  652.398044][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  652.403100][  T834] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  652.406740][  T834] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.415660][  T834] hub 9-1:1.0: bad descriptor, ignoring hub
[  652.417546][  T834] hub 9-1:1.0: probe with driver hub failed with error -5
[  652.419887][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  652.421513][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  652.423661][  T834] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  652.426486][  T834] cdc_wdm 9-1:1.0: Unknown control protocol
[  652.926295][T12893] __nla_validate_parse: 10 callbacks suppressed
[  652.926306][T12893] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1819'.
[  652.936379][T12893] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1819'.
[  653.375091][T12876] usb 9-1: reset high-speed USB device number 8 using dummy_hcd
[  653.502942][ T6015] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  653.591034][T12907] syz_tun: entered allmulticast mode
[  653.674008][ T6015] usb 10-1: Using ep0 maxpacket: 8
[  653.677533][ T6015] usb 10-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  653.681498][ T6015] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  653.685941][ T6015] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  653.688809][ T6015] usb 10-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  653.692517][ T6015] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  653.695186][ T6015] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  653.702885][ T6015] usbtmc 10-1:16.0: bulk endpoints not found
[  653.770444][T12876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  653.773437][T12876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  653.899029][  T834] usb 9-1: USB disconnect, device number 8
[  654.480372][T12906] syz_tun: left allmulticast mode
[  654.602700][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  655.511215][T12945] netlink: 'syz.2.1832': attribute type 29 has an invalid length.
[  655.516962][T12945] netlink: 'syz.2.1832': attribute type 29 has an invalid length.
[  655.520175][T12945] netlink: 600 bytes leftover after parsing attributes in process `syz.2.1832'.
[  655.522892][T12945] unsupported nla_type 58
[  655.652717][T12954] ubi: mtd0 is already attached to ubi0
[  655.674047][  T834] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  655.833463][  T834] usb 9-1: Using ep0 maxpacket: 8
[  655.836134][  T834] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  655.839114][  T834] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  655.841716][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  655.845378][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  655.849724][  T834] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  655.853315][  T834] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.859787][  T834] hub 9-1:1.0: bad descriptor, ignoring hub
[  655.862197][  T834] hub 9-1:1.0: probe with driver hub failed with error -5
[  655.866221][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  655.867779][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  655.870354][  T834] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  655.872522][  T834] cdc_wdm 9-1:1.0: Unknown control protocol
[  656.479135][   T56] usb 10-1: USB disconnect, device number 17
[  656.849437][T12941] usb 9-1: reset high-speed USB device number 9 using dummy_hcd
[  656.892131][T10293] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  657.062920][T10293] usb 11-1: Using ep0 maxpacket: 8
[  657.065774][T10293] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  657.068872][T10293] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2
[  657.071409][T10293] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  657.074657][T10293] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  657.077895][T10293] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  657.080602][T10293] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.085577][T10293] hub 11-1:1.0: bad descriptor, ignoring hub
[  657.087358][T10293] hub 11-1:1.0: probe with driver hub failed with error -5
[  657.090119][T10293] cdc_wdm 11-1:1.0: skipping garbage
[  657.091659][T10293] cdc_wdm 11-1:1.0: skipping garbage
[  657.093645][T10293] cdc_wdm 11-1:1.0: cdc-wdm1: USB WDM device
[  657.095498][T10293] cdc_wdm 11-1:1.0: Unknown control protocol
[  657.228285][T12941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  657.231836][T12941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  657.476790][T12973] netlink: 'syz.5.1841': attribute type 29 has an invalid length.
[  657.479960][T10293] usb 11-1: USB disconnect, device number 6
[  657.480461][T12973] netlink: 'syz.5.1841': attribute type 29 has an invalid length.
[  657.485724][T12973] netlink: 600 bytes leftover after parsing attributes in process `syz.5.1841'.
[  658.547321][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  659.388859][T12997] syz_tun: entered allmulticast mode
[  659.402198][T12996] syz_tun: left allmulticast mode
[  659.841474][T13011] netlink: 'syz.5.1853': attribute type 1 has an invalid length.
[  659.843973][T13011] nbd: couldn't find a device at index 20
[  660.816843][T12969] cdc_wdm 9-1:1.0: Error autopm - -16
[  660.816942][  T834] usb 9-1: USB disconnect, device number 9
[  660.856672][T13029] syz_tun: entered allmulticast mode
[  660.868398][T13028] syz_tun: left allmulticast mode
[  661.136047][ T6006] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  661.490255][ T6006] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  661.492797][ T6006] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  661.495746][ T6006] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  661.498467][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  661.501971][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  661.506225][ T6006] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  661.508868][ T6006] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  661.511266][ T6006] usb 9-1: Product: syz
[  661.512509][ T6006] usb 9-1: Manufacturer: syz
[  661.515838][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  661.517389][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  661.519520][ T6006] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  661.521363][ T6006] cdc_wdm 9-1:1.0: Unknown control protocol
[  661.767426][ T6016] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  661.789373][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  661.789449][   T35] usb 9-1: USB disconnect, device number 10
[  661.791439][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  661.795352][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  661.937855][ T6016] usb 7-1: Using ep0 maxpacket: 8
[  662.261252][ T6006] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  662.266308][ T6016] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  662.269296][ T6016] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  662.271950][ T6016] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  662.275264][ T6016] usb 7-1: config 0 descriptor??
[  662.278533][ T6016] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  662.370908][T13054] syz_tun: entered allmulticast mode
[  662.381532][T13053] syz_tun: left allmulticast mode
[  662.440830][ T6006] usb 11-1: Using ep0 maxpacket: 8
[  662.443914][ T6006] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  662.447393][ T6006] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2
[  662.450542][ T6006] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  662.455095][ T6006] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  662.458730][ T6006] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  662.461967][ T6006] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  662.467644][ T6006] hub 11-1:1.0: bad descriptor, ignoring hub
[  662.469973][ T6006] hub 11-1:1.0: probe with driver hub failed with error -5
[  662.473045][ T6006] cdc_wdm 11-1:1.0: skipping garbage
[  662.475009][ T6006] cdc_wdm 11-1:1.0: skipping garbage
[  662.477347][ T6006] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  662.479504][ T6006] cdc_wdm 11-1:1.0: Unknown control protocol
[  662.645585][T13061] FAULT_INJECTION: forcing a failure.
[  662.645585][T13061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  662.649507][T13061] CPU: 3 UID: 0 PID: 13061 Comm: syz.4.1869 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  662.649520][T13061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  662.649526][T13061] Call Trace:
[  662.649529][T13061]  <TASK>
[  662.649532][T13061]  dump_stack_lvl+0x16c/0x1f0
[  662.649550][T13061]  should_fail_ex+0x50a/0x650
[  662.649563][T13061]  _copy_to_user+0x32/0xd0
[  662.649577][T13061]  simple_read_from_buffer+0xd0/0x160
[  662.649593][T13061]  proc_fail_nth_read+0x198/0x270
[  662.649607][T13061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  662.649621][T13061]  ? rw_verify_area+0xcf/0x680
[  662.649635][T13061]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  662.649648][T13061]  vfs_read+0x1df/0xbf0
[  662.649657][T13061]  ? __fget_files+0x1fc/0x3a0
[  662.649667][T13061]  ? __pfx___mutex_lock+0x10/0x10
[  662.649681][T13061]  ? __pfx_vfs_read+0x10/0x10
[  662.649693][T13061]  ? __fget_files+0x206/0x3a0
[  662.649706][T13061]  ksys_read+0x12b/0x250
[  662.649714][T13061]  ? __pfx_ksys_read+0x10/0x10
[  662.649727][T13061]  __do_fast_syscall_32+0x73/0x120
[  662.649742][T13061]  do_fast_syscall_32+0x32/0x80
[  662.649756][T13061]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  662.649771][T13061] RIP: 0023:0xf7f96579
[  662.649779][T13061] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  662.649788][T13061] RSP: 002b:00000000f50b6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  662.649797][T13061] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50b6620
[  662.649802][T13061] RDX: 000000000000000f RSI: 00000000f741cff4 RDI: 0000000000000000
[  662.649808][T13061] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  662.649813][T13061] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  662.649818][T13061] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  662.649829][T13061]  </TASK>
[  662.733092][   T39] audit: type=1326 audit(1738499596.976:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.4.1870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  662.739355][   T39] audit: type=1326 audit(1738499596.976:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.4.1870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  662.745847][   T39] audit: type=1326 audit(1738499596.976:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.4.1870" exe="/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  662.752422][   T39] audit: type=1326 audit(1738499596.976:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.4.1870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  662.758969][   T39] audit: type=1326 audit(1738499596.976:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.4.1870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  663.124727][T13052] usb 11-1: reset high-speed USB device number 7 using dummy_hcd
[  663.514045][T13052] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  663.516651][T13052] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  663.638373][  T834] usb 11-1: USB disconnect, device number 7
[  664.766634][ T5931] usb 7-1: USB disconnect, device number 25
[  665.791934][T13111] 9p: Unknown Cache mode or invalid value fscach
[  666.264435][T13117] netlink: 'syz.5.1886': attribute type 5 has an invalid length.
[  666.269175][T13117] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  666.271935][T13117] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  666.274441][T13117] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  666.276945][T13117] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  666.280077][T13117] geneve2: entered promiscuous mode
[  666.281761][T13117] geneve2: entered allmulticast mode
[  666.880193][T13125] netlink: 352 bytes leftover after parsing attributes in process `syz.2.1889'.
[  666.992354][T13129] netlink: 'syz.2.1891': attribute type 4 has an invalid length.
[  666.995014][T13129] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1891'.
[  666.998764][T13129] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  667.291441][T13135] FAULT_INJECTION: forcing a failure.
[  667.291441][T13135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  667.295624][T13135] CPU: 0 UID: 0 PID: 13135 Comm: syz.6.1893 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  667.295644][T13135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  667.295654][T13135] Call Trace:
[  667.295660][T13135]  <TASK>
[  667.295667][T13135]  dump_stack_lvl+0x16c/0x1f0
[  667.295695][T13135]  should_fail_ex+0x50a/0x650
[  667.295719][T13135]  _copy_from_user+0x2e/0xd0
[  667.295741][T13135]  vmci_host_unlocked_ioctl+0xe8b/0x1fb0
[  667.295776][T13135]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  667.295803][T13135]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  667.295842][T13135]  ? __pfx_lock_release+0x10/0x10
[  667.295862][T13135]  ? trace_lock_acquire+0x14e/0x1f0
[  667.295887][T13135]  ? __fget_files+0x206/0x3a0
[  667.295907][T13135]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  667.295933][T13135]  compat_ptr_ioctl+0x6b/0xa0
[  667.295956][T13135]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  667.295978][T13135]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  667.296005][T13135]  __do_fast_syscall_32+0x73/0x120
[  667.296031][T13135]  do_fast_syscall_32+0x32/0x80
[  667.296056][T13135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  667.296082][T13135] RIP: 0023:0xf7fb7579
[  667.296095][T13135] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  667.296110][T13135] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  667.296145][T13135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000007ab
[  667.296156][T13135] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  667.296166][T13135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  667.296175][T13135] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  667.296185][T13135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  667.296207][T13135]  </TASK>
[  667.775497][  T834] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  667.968228][  T834] usb 11-1: Using ep0 maxpacket: 8
[  667.972183][  T834] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  667.975535][  T834] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2
[  667.978400][  T834] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  667.982089][  T834] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  667.985287][  T834] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  667.987898][  T834] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.995563][  T834] hub 11-1:1.0: bad descriptor, ignoring hub
[  667.997362][  T834] hub 11-1:1.0: probe with driver hub failed with error -5
[  668.000081][  T834] cdc_wdm 11-1:1.0: skipping garbage
[  668.001658][  T834] cdc_wdm 11-1:1.0: skipping garbage
[  668.003864][  T834] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  668.005629][  T834] cdc_wdm 11-1:1.0: Unknown control protocol
[  668.963116][T13137] usb 11-1: reset high-speed USB device number 8 using dummy_hcd
[  669.274237][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  669.359399][T13137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.363403][T13137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.472053][T13167] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1904'.
[  669.477268][T13167] vlan2: entered allmulticast mode
[  669.485530][ T6006] usb 11-1: USB disconnect, device number 8
[  669.530101][   T39] audit: type=1326 audit(1738499603.337:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13166 comm="syz.4.1904" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f96579 code=0x0
[  670.614173][   T39] audit: type=1326 audit(1738499604.347:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.625785][   T39] audit: type=1326 audit(1738499604.347:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.632441][   T39] audit: type=1326 audit(1738499604.356:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.638810][   T39] audit: type=1326 audit(1738499604.356:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.645232][   T39] audit: type=1326 audit(1738499604.356:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.651733][   T39] audit: type=1326 audit(1738499604.356:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.657939][   T39] audit: type=1326 audit(1738499604.356:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.664867][   T39] audit: type=1326 audit(1738499604.356:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000
[  670.670970][   T39] audit: type=1326 audit(1738499604.356:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13180 comm="syz.5.1908" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf744e579 code=0x7ffc0000
[  671.464522][T13199] netlink: 576 bytes leftover after parsing attributes in process `syz.2.1912'.
[  671.469364][T13198] netlink: 576 bytes leftover after parsing attributes in process `syz.2.1912'.
[  671.773526][ T6016] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  671.936902][T13214] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1919'.
[  671.944276][ T6016] usb 9-1: Using ep0 maxpacket: 8
[  671.947331][ T6016] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  671.950212][ T6016] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  671.952866][ T6016] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  671.962445][ T6016] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  671.965757][ T6016] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  671.968868][ T6016] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.974274][ T6016] hub 9-1:1.0: bad descriptor, ignoring hub
[  671.976125][ T6016] hub 9-1:1.0: probe with driver hub failed with error -5
[  671.978681][ T6016] cdc_wdm 9-1:1.0: skipping garbage
[  671.980209][ T6016] cdc_wdm 9-1:1.0: skipping garbage
[  671.982285][ T6016] cdc_wdm 9-1:1.0: cdc-wdm1: USB WDM device
[  671.984014][ T6016] cdc_wdm 9-1:1.0: Unknown control protocol
[  672.016865][T13218] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1920'.
[  672.105372][T13222] vlan2: entered promiscuous mode
[  672.361271][  T834] usb 9-1: USB disconnect, device number 11
[  672.509323][T13226] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1922'.
[  672.512107][T13226] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1922'.
[  672.514746][T13226] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1922'.
[  672.517402][T13226] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1922'.
[  673.005017][T13202] cdc_wdm 11-1:1.0: Error autopm - -16
[  673.324039][  T834] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  673.457332][T13237] syz_tun: entered allmulticast mode
[  673.470085][T13236] syz_tun: left allmulticast mode
[  673.494436][  T834] usb 9-1: Using ep0 maxpacket: 8
[  673.498043][  T834] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  673.501810][  T834] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  673.505596][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  673.509964][  T834] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  673.514133][  T834] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  673.520021][  T834] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.525917][  T834] hub 9-1:1.0: bad descriptor, ignoring hub
[  673.528381][  T834] hub 9-1:1.0: probe with driver hub failed with error -5
[  673.531292][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  673.533319][  T834] cdc_wdm 9-1:1.0: skipping garbage
[  673.535837][  T834] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  673.538248][  T834] cdc_wdm 9-1:1.0: Unknown control protocol
[  673.583849][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  673.742633][T13202] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  673.745990][T13202] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  673.841953][T13247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1929'.
[  673.868787][ T6015] usb 9-1: USB disconnect, device number 12
[  674.043452][T13255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1932'.
[  674.338317][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1933'.
[  674.345237][T13261] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1933'.
[  674.348879][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1933'.
[  674.353078][T13261] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1933'.
[  674.473482][T13266] syz_tun: entered allmulticast mode
[  674.498962][T13265] syz_tun: left allmulticast mode
[  674.798862][ T6015] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  675.001742][ T6015] usb 11-1: Using ep0 maxpacket: 8
[  675.006012][ T6015] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  675.011874][ T6015] usb 11-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  675.019029][ T6015] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  675.027052][ T6015] usb 11-1: config 0 descriptor??
[  675.032937][ T6015] iowarrior 11-1:0.0: no interrupt-in endpoint found
[  677.107793][ T6015] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  677.268126][ T6015] usb 7-1: Using ep0 maxpacket: 8
[  677.271937][ T6015] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  677.274950][ T6015] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  677.277598][ T6015] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  677.280911][ T6015] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  677.284096][ T6015] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  677.286793][ T6015] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.291176][ T6015] hub 7-1:1.0: bad descriptor, ignoring hub
[  677.293000][ T6015] hub 7-1:1.0: probe with driver hub failed with error -5
[  677.295244][ T6015] cdc_wdm 7-1:1.0: skipping garbage
[  677.296794][ T6015] cdc_wdm 7-1:1.0: skipping garbage
[  677.298783][ T6015] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  677.300684][ T6015] cdc_wdm 7-1:1.0: Unknown control protocol
[  677.835262][ T6015] usb 11-1: USB disconnect, device number 9
[  677.863017][T13307] __nla_validate_parse: 2 callbacks suppressed
[  677.863028][T13307] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1946'.
[  677.867778][T13307] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1946'.
[  677.870424][T13307] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1946'.
[  677.872993][T13307] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1946'.
[  678.273484][T13298] usb 7-1: reset high-speed USB device number 26 using dummy_hcd
[  678.653741][T13298] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  678.656560][T13298] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  679.113983][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  679.512775][T13327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1954'.
[  680.064468][T13346] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1958'.
[  680.527626][T13353] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1960'.
[  680.530511][T13353] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1960'.
[  681.157722][T13356] syz_tun: entered allmulticast mode
[  681.171531][T13355] syz_tun: left allmulticast mode
[  681.259753][T13360] 9pnet_virtio: no channels available for device syz
[  681.270020][T13361] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1962'.
[  681.272603][T13361] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1962'.
[  682.231081][ T6015] usb 7-1: USB disconnect, device number 26
[  682.401875][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  682.652628][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  683.384684][T13390] __nla_validate_parse: 2 callbacks suppressed
[  683.384700][T13390] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1972'.
[  683.548126][T13395] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1971'.
[  683.551069][T13395] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1971'.
[  683.826420][T13401] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1974'.
[  683.829147][T13401] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1974'.
[  683.831701][T13401] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1974'.
[  683.834761][   T35] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[  683.837172][T13401] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1974'.
[  683.992655][   T35] usb 11-1: Using ep0 maxpacket: 8
[  683.996617][   T35] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  683.999693][   T35] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2
[  684.002387][   T35] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  684.005820][   T35] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  684.009212][   T35] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  684.011908][   T35] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.020382][   T35] hub 11-1:1.0: bad descriptor, ignoring hub
[  684.022437][   T35] hub 11-1:1.0: probe with driver hub failed with error -5
[  684.025912][   T35] cdc_wdm 11-1:1.0: skipping garbage
[  684.027538][   T35] cdc_wdm 11-1:1.0: skipping garbage
[  684.031829][   T35] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  684.033662][   T35] cdc_wdm 11-1:1.0: Unknown control protocol
[  684.513169][T13413] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1978'.
[  684.679322][T13397] usb 11-1: reset high-speed USB device number 10 using dummy_hcd
[  685.105956][T13397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.109829][T13397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.169328][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  685.233305][ T5931] usb 11-1: USB disconnect, device number 10
[  685.934180][T13433] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1983'.
[  685.937551][T13433] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1983'.
[  687.699057][T13467] syz_tun: entered allmulticast mode
[  687.709868][T13466] syz_tun: left allmulticast mode
[  687.735077][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  689.003948][T13487] __nla_validate_parse: 6 callbacks suppressed
[  689.004068][T13487] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1997'.
[  689.125676][T13491] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1998'.
[  689.128933][T13491] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1998'.
[  689.615897][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  690.017095][T13510] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  690.804340][T13524] syz_tun: entered allmulticast mode
[  690.818626][T13523] syz_tun: left allmulticast mode
[  691.962576][T13550] syz_tun: entered allmulticast mode
[  691.980966][T13549] syz_tun: left allmulticast mode
[  692.288487][ T6006] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  692.459566][ T6006] usb 9-1: Using ep0 maxpacket: 8
[  692.463438][ T6006] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.466557][ T6006] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  692.470635][ T6006] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.473848][ T6006] usb 9-1: config 0 descriptor??
[  692.476802][ T6006] iowarrior 9-1:0.0: no interrupt-in endpoint found
[  692.502352][ T6016] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  692.662662][ T6016] usb 7-1: Using ep0 maxpacket: 8
[  692.665474][ T6016] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.668561][ T6016] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  692.671971][ T6016] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.680865][ T6016] usb 7-1: config 0 descriptor??
[  692.685123][ T6016] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  693.577724][T13587] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2030'.
[  695.283421][ T6015] usb 9-1: USB disconnect, device number 13
[  695.363643][T13605] syz_tun: entered allmulticast mode
[  695.379060][T13604] syz_tun: left allmulticast mode
[  695.416813][T13607] 9pnet_virtio: no channels available for device syz
[  695.682497][ T6015] usb 7-1: USB disconnect, device number 27
[  696.617812][ T5983] Bluetooth: hci3: unexpected event for opcode 0x2040
[  696.789371][ T6015] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[  696.960272][ T6015] usb 11-1: Using ep0 maxpacket: 8
[  696.964546][ T6015] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  696.967603][ T6015] usb 11-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  696.970582][ T6015] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  696.977365][ T6015] usb 11-1: config 0 descriptor??
[  696.982400][ T6015] iowarrior 11-1:0.0: no interrupt-in endpoint found
[  698.656723][T13659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2053'.
[  699.440315][T13670] syz_tun: entered allmulticast mode
[  699.453090][T13669] syz_tun: left allmulticast mode
[  700.044047][ T6015] usb 11-1: USB disconnect, device number 11
[  700.144823][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  700.680676][ T6015] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  700.873020][ T6015] usb 9-1: Using ep0 maxpacket: 8
[  700.875934][ T6015] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  700.879081][ T6015] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  700.881750][ T6015] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  700.884953][ T6015] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  700.888160][ T6015] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  700.890776][ T6015] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  700.897827][ T6015] hub 9-1:1.0: bad descriptor, ignoring hub
[  700.899638][ T6015] hub 9-1:1.0: probe with driver hub failed with error -5
[  700.901926][ T6015] cdc_wdm 9-1:1.0: skipping garbage
[  700.903499][ T6015] cdc_wdm 9-1:1.0: skipping garbage
[  700.905868][ T6015] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  700.907663][ T6015] cdc_wdm 9-1:1.0: Unknown control protocol
[  701.279869][ T6006] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  701.439693][ T6006] usb 7-1: Using ep0 maxpacket: 8
[  701.443695][ T6006] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  701.447755][ T6006] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  701.451690][ T6006] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  701.456043][ T6006] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  701.460422][ T6006] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  701.464164][ T6006] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.471210][ T6006] hub 7-1:1.0: bad descriptor, ignoring hub
[  701.473781][ T6006] hub 7-1:1.0: probe with driver hub failed with error -5
[  701.477043][ T6006] cdc_wdm 7-1:1.0: skipping garbage
[  701.479239][ T6006] cdc_wdm 7-1:1.0: skipping garbage
[  701.867509][T13689] usb 9-1: reset high-speed USB device number 14 using dummy_hcd
[  702.094923][ T6006] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[  702.096912][ T6006] cdc_wdm 7-1:1.0: Unknown control protocol
[  702.271219][T13689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  702.274556][T13689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  702.308828][ T6006] usb 7-1: reset high-speed USB device number 28 using dummy_hcd
[  702.394540][    T9] usb 9-1: USB disconnect, device number 14
[  702.707042][T13693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  702.710031][T13693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  702.829650][ T6015] usb 7-1: USB disconnect, device number 28
[  703.400242][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  704.064519][T13735] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2076'.
[  704.429113][T13742] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2078'.
[  704.432070][T13742] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2078'.
[  704.434757][T13742] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2078'.
[  704.437429][T13742] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2078'.
[  704.685251][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  705.064350][ T6016] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  705.234807][ T6016] usb 9-1: Using ep0 maxpacket: 8
[  705.238066][ T6016] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  705.241555][ T6016] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  705.248096][ T6016] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  705.251485][ T6016] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  705.254513][ T6016] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  705.257371][ T6016] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.263700][ T6016] hub 9-1:1.0: bad descriptor, ignoring hub
[  705.265444][ T6016] hub 9-1:1.0: probe with driver hub failed with error -5
[  705.268419][ T6016] cdc_wdm 9-1:1.0: skipping garbage
[  705.270038][ T6016] cdc_wdm 9-1:1.0: skipping garbage
[  705.272629][ T6016] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  705.274336][ T6016] cdc_wdm 9-1:1.0: Unknown control protocol
[  706.039943][T13768] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2086'.
[  706.175305][T13772] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2087'.
[  706.178711][T13772] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2087'.
[  706.182771][T13772] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2087'.
[  706.186368][T13772] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2087'.
[  706.240310][T13749] usb 9-1: reset high-speed USB device number 15 using dummy_hcd
[  706.619579][T13749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  706.622934][T13749] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  706.742462][ T6006] usb 9-1: USB disconnect, device number 15
[  709.591538][T13812] 9pnet_virtio: no channels available for device syz
[  709.602581][T13812] __nla_validate_parse: 3 callbacks suppressed
[  709.602649][T13812] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2099'.
[  709.608777][T13812] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2099'.
[  709.611977][T13812] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2099'.
[  709.615087][T13812] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2099'.
[  710.355033][T13828] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2105'.
[  710.575320][T13836] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2103'.
[  710.578099][T13836] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2103'.
[  711.217833][T13845] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2109'.
[  711.226992][T13846] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2108'.
[  711.229704][T13846] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2108'.
[  711.788266][ T6016] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  711.948529][ T6016] usb 11-1: Using ep0 maxpacket: 8
[  711.952159][ T6016] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  711.955149][ T6016] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2
[  711.957841][ T6016] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  711.961706][ T6016] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  711.966090][ T6016] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  711.969692][ T6016] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.976801][ T6016] hub 11-1:1.0: bad descriptor, ignoring hub
[  711.979039][ T6016] hub 11-1:1.0: probe with driver hub failed with error -5
[  711.982412][ T6016] cdc_wdm 11-1:1.0: skipping garbage
[  711.984476][ T6016] cdc_wdm 11-1:1.0: skipping garbage
[  711.987510][ T6016] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device
[  711.989982][ T6016] cdc_wdm 11-1:1.0: Unknown control protocol
[  712.932529][T13854] usb 11-1: reset high-speed USB device number 12 using dummy_hcd
[  713.335185][T13854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  713.338417][T13854] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  713.456122][  T834] usb 11-1: USB disconnect, device number 12
[  714.141958][T13889] 9pnet_virtio: no channels available for device syz
[  716.122808][T13910] __nla_validate_parse: 9 callbacks suppressed
[  716.122821][T13910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2128'.
[  716.127238][T13910] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2128'.
[  716.332494][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  716.460097][T13919] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2131'.
[  716.462702][T13919] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2131'.
[  716.465885][T13919] netlink: 'syz.5.2131': attribute type 20 has an invalid length.
[  716.752195][T13927] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2133'.
[  717.095099][T13940] netlink: 204 bytes leftover after parsing attributes in process `syz.4.2137'.
[  717.098911][T13940] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2137'.
[  717.516002][T13953] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2141'.
[  717.518949][T13953] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2141'.
[  717.521589][T13953] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2141'.
[  718.147320][T13963] FAULT_INJECTION: forcing a failure.
[  718.147320][T13963] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  718.152237][T13963] CPU: 3 UID: 0 PID: 13963 Comm: syz.2.2145 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  718.152252][T13963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  718.152257][T13963] Call Trace:
[  718.152260][T13963]  <TASK>
[  718.152264][T13963]  dump_stack_lvl+0x16c/0x1f0
[  718.152303][T13963]  should_fail_ex+0x50a/0x650
[  718.152319][T13963]  ? __pfx___might_resched+0x10/0x10
[  718.152334][T13963]  should_fail_alloc_page+0xe7/0x130
[  718.152347][T13963]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  718.152363][T13963]  ? is_bpf_text_address+0x8a/0x1a0
[  718.152375][T13963]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  718.152388][T13963]  ? hlock_class+0x4e/0x130
[  718.152407][T13963]  ? mark_lock+0xb5/0xc60
[  718.152424][T13963]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  718.152451][T13963]  ? hlock_class+0x4e/0x130
[  718.152473][T13963]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  718.152493][T13963]  ? mark_lock+0xb5/0xc60
[  718.152509][T13963]  ? mark_lock+0xb5/0xc60
[  718.152536][T13963]  ? mark_lock+0xb5/0xc60
[  718.152553][T13963]  ? hlock_class+0x4e/0x130
[  718.152573][T13963]  ? hlock_class+0x4e/0x130
[  718.152587][T13963]  ? __pfx_mark_lock+0x10/0x10
[  718.152597][T13963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  718.152611][T13963]  ? policy_nodemask+0xea/0x4e0
[  718.152624][T13963]  alloc_pages_mpol+0x1fc/0x540
[  718.152636][T13963]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  718.152649][T13963]  ? find_held_lock+0x2d/0x110
[  718.152664][T13963]  folio_alloc_mpol_noprof+0x36/0x2f0
[  718.152678][T13963]  vma_alloc_folio_noprof+0xee/0x1b0
[  718.152691][T13963]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  718.152705][T13963]  ? __pfx___lock_acquire+0x10/0x10
[  718.152718][T13963]  do_wp_page+0x1f2c/0x4560
[  718.152730][T13963]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  718.152741][T13963]  ? __pfx_do_wp_page+0x10/0x10
[  718.152749][T13963]  ? rcu_is_watching+0x12/0xc0
[  718.152764][T13963]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  718.152777][T13963]  ? lock_acquire+0x2f/0xb0
[  718.152787][T13963]  ? __handle_mm_fault+0xf22/0x2c60
[  718.152799][T13963]  __handle_mm_fault+0x1c7c/0x2c60
[  718.152813][T13963]  ? __pfx___handle_mm_fault+0x10/0x10
[  718.152827][T13963]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  718.152859][T13963]  ? find_vma+0xc0/0x140
[  718.152882][T13963]  ? __pfx_find_vma+0x10/0x10
[  718.152907][T13963]  handle_mm_fault+0x3fa/0xaa0
[  718.152930][T13963]  do_user_addr_fault+0x7a3/0x13f0
[  718.152956][T13963]  exc_page_fault+0x5c/0xc0
[  718.152972][T13963]  asm_exc_page_fault+0x26/0x30
[  718.152984][T13963] RIP: 0010:__put_user_4+0x11/0x20
[  718.152998][T13963] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  718.153008][T13963] RSP: 0018:ffffc9000cf27b30 EFLAGS: 00050206
[  718.153016][T13963] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000000
[  718.153021][T13963] RDX: ffff888024144880 RSI: ffffffff8a587e79 RDI: ffffffff8bd2c380
[  718.153027][T13963] RBP: 1ffff920019e4f67 R08: 0000000000000000 R09: fffffbfff20bf8a2
[  718.153033][T13963] R10: ffffffff905fc517 R11: 0000000000000000 R12: 0000000000000000
[  718.153038][T13963] R13: dffffc0000000000 R14: 0000000020000000 R15: ffffffff8cb74a60
[  718.153048][T13963]  ? hidp_sock_compat_ioctl+0x299/0x5b0
[  718.153063][T13963]  hidp_sock_compat_ioctl+0x2a5/0x5b0
[  718.153075][T13963]  ? __pfx_hidp_sock_compat_ioctl+0x10/0x10
[  718.153089][T13963]  ? tomoyo_path_number_perm+0x298/0x5b0
[  718.153099][T13963]  ? __pfx_lock_release+0x10/0x10
[  718.153112][T13963]  ? tomoyo_path_number_perm+0x46d/0x5b0
[  718.153123][T13963]  ? tomoyo_path_number_perm+0x190/0x5b0
[  718.153133][T13963]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  718.153142][T13963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  718.153154][T13963]  ? do_vfs_ioctl+0x513/0x1950
[  718.153168][T13963]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  718.153187][T13963]  compat_sock_ioctl+0x17b/0x7e0
[  718.153202][T13963]  ? __pfx_hidp_sock_compat_ioctl+0x10/0x10
[  718.153214][T13963]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  718.153230][T13963]  ? __fget_files+0x206/0x3a0
[  718.153242][T13963]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  718.153254][T13963]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  718.153269][T13963]  __do_fast_syscall_32+0x73/0x120
[  718.153289][T13963]  do_fast_syscall_32+0x32/0x80
[  718.153303][T13963]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  718.153317][T13963] RIP: 0023:0xf7f54579
[  718.153324][T13963] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  718.153332][T13963] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  718.153340][T13963] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800448d2
[  718.153346][T13963] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  718.153351][T13963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  718.153356][T13963] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  718.153361][T13963] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  718.153372][T13963]  </TASK>
[  719.550416][T13998] netlink: 'syz.6.2156': attribute type 10 has an invalid length.
[  719.559883][T13998] mkiss: ax0: crc mode is auto.
[  720.265852][   T56] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  720.426152][   T56] usb 9-1: Using ep0 maxpacket: 8
[  720.429199][   T56] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  720.432682][   T56] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  720.435759][   T56] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  720.439876][   T56] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  720.443595][   T56] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  720.446638][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.450895][   T56] hub 9-1:1.0: bad descriptor, ignoring hub
[  720.452528][   T56] hub 9-1:1.0: probe with driver hub failed with error -5
[  720.454645][   T56] cdc_wdm 9-1:1.0: skipping garbage
[  720.456086][   T56] cdc_wdm 9-1:1.0: skipping garbage
[  720.457926][   T56] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  720.459596][   T56] cdc_wdm 9-1:1.0: Unknown control protocol
[  721.421653][T14011] usb 9-1: reset high-speed USB device number 16 using dummy_hcd
[  721.819953][T14011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.822499][T14011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.836428][T14035] __nla_validate_parse: 9 callbacks suppressed
[  721.836441][T14035] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2168'.
[  721.842613][T14035] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2168'.
[  721.846281][T14035] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2168'.
[  721.849968][T14035] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2168'.
[  721.944750][ T6016] usb 9-1: USB disconnect, device number 16
[  722.604506][   T39] kauditd_printk_skb: 34 callbacks suppressed
[  722.604517][   T39] audit: type=1326 audit(1738499652.969:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.614640][   T39] audit: type=1326 audit(1738499652.969:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.620807][   T39] audit: type=1326 audit(1738499652.969:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.627213][   T39] audit: type=1326 audit(1738499652.969:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.633891][   T39] audit: type=1326 audit(1738499652.969:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.640348][   T39] audit: type=1326 audit(1738499652.969:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.646478][   T39] audit: type=1326 audit(1738499652.969:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.652843][   T39] audit: type=1326 audit(1738499652.969:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.659101][   T39] audit: type=1326 audit(1738499652.969:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.665534][   T39] audit: type=1326 audit(1738499652.969:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14039 comm="syz.5.2170" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  722.741675][ T5983] Bluetooth: hci1: unexpected event for opcode 0x2040
[  724.558996][T14075] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2180'.
[  724.561642][T14075] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2180'.
[  724.564521][T14075] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2180'.
[  724.567155][T14075] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2180'.
[  725.225320][T14085] ceph: No mds server is up or the cluster is laggy
[  725.955600][   T56] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  726.124871][   T56] usb 7-1: Using ep0 maxpacket: 8
[  726.129597][   T56] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  726.133782][   T56] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  726.137752][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.150807][   T56] usb 7-1: config 0 descriptor??
[  726.154632][   T56] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  727.159467][T14119] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2194'.
[  727.163136][T14119] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2194'.
[  727.437437][ T1989] libceph: connect (1)[c::]:6789 error -101
[  727.439577][ T1989] libceph: mon0 (1)[c::]:6789 connect error
[  727.488522][T14125] ceph: No mds server is up or the cluster is laggy
[  728.144460][ T1989] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  728.305377][ T1989] usb 9-1: Using ep0 maxpacket: 8
[  728.309160][ T1989] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  728.313339][ T1989] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  728.317408][ T1989] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  728.321967][ T1989] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  728.326618][ T1989] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  728.330925][ T1989] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.338252][ T1989] hub 9-1:1.0: bad descriptor, ignoring hub
[  728.340819][ T1989] hub 9-1:1.0: probe with driver hub failed with error -5
[  728.344143][ T1989] cdc_wdm 9-1:1.0: skipping garbage
[  728.346395][ T1989] cdc_wdm 9-1:1.0: skipping garbage
[  728.349545][ T1989] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  728.352065][ T1989] cdc_wdm 9-1:1.0: Unknown control protocol
[  729.014662][ T1989] usb 7-1: USB disconnect, device number 29
[  729.174891][T14145] __nla_validate_parse: 2 callbacks suppressed
[  729.174909][T14145] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2202'.
[  729.212326][T14150] 9pnet_virtio: no channels available for device syz
[  729.223352][T14150] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2203'.
[  729.226168][T14150] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2203'.
[  729.228728][T14150] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2203'.
[  729.231290][T14150] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2203'.
[  729.281973][T14154] syz_tun: entered allmulticast mode
[  729.289033][T14130] usb 9-1: reset high-speed USB device number 17 using dummy_hcd
[  729.298881][T14153] syz_tun: left allmulticast mode
[  729.693158][T14130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  729.696599][T14130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  729.813131][ T6006] usb 9-1: USB disconnect, device number 17
[  730.152023][T14159] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2208'.
[  731.307505][T14180] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2213'.
[  731.342305][T14182] syz_tun: entered allmulticast mode
[  731.359114][T14181] syz_tun: left allmulticast mode
[  731.760536][T14190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2217'.
[  733.350867][ T5983] Bluetooth: hci2: unexpected event for opcode 0x2040
[  733.413122][T14222] syz_tun: entered allmulticast mode
[  733.422348][T14221] syz_tun: left allmulticast mode
[  733.554733][T14224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2225'.
[  733.778390][T14241] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2227'.
[  734.591612][ T6016] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  734.751652][ T6016] usb 7-1: Using ep0 maxpacket: 8
[  734.755396][ T6016] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  734.759389][ T6016] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  734.763467][ T6016] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.768146][ T6016] usb 7-1: config 0 descriptor??
[  734.772051][ T6016] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  735.040343][ T6006] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  735.200581][ T6006] usb 9-1: Using ep0 maxpacket: 8
[  735.203613][ T6006] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  735.206709][ T6006] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  735.209417][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  735.212782][ T6006] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  735.216274][ T6006] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  735.219018][ T6006] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.227772][ T6006] hub 9-1:1.0: bad descriptor, ignoring hub
[  735.229694][ T6006] hub 9-1:1.0: probe with driver hub failed with error -5
[  735.232118][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  735.233955][ T6006] cdc_wdm 9-1:1.0: skipping garbage
[  735.236365][ T6006] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  735.238175][ T6006] cdc_wdm 9-1:1.0: Unknown control protocol
[  735.778591][T14267] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2236'.
[  736.184548][T14253] usb 9-1: reset high-speed USB device number 18 using dummy_hcd
[  736.586267][T14253] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  736.591188][T14253] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  737.236707][T14280] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2240'.
[  737.651957][ T1989] usb 7-1: USB disconnect, device number 30
[  738.144756][T14292] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2243'.
[  738.147510][T14292] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2243'.
[  738.150212][T14292] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2243'.
[  738.153038][T14292] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2243'.
[  738.467323][T14300] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2245'.
[  739.614556][T14318] netlink: 'syz.2.2251': attribute type 10 has an invalid length.
[  739.620781][T14318] mkiss: ax0: crc mode is auto.
[  739.839939][T14323] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2252'.
[  739.842532][T14323] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2252'.
[  739.845048][T14323] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2252'.
[  740.237881][ T6016] usb 9-1: USB disconnect, device number 18
[  742.277132][T14352] __nla_validate_parse: 1 callbacks suppressed
[  742.277143][T14352] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2261'.
[  742.281939][T14352] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2261'.
[  742.284895][T14352] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2261'.
[  742.288106][T14352] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2261'.
[  742.483034][T14357] ------------[ cut here ]------------
[  742.485748][T14357] WARNING: CPU: 0 PID: 14357 at ./include/net/mac80211.h:7060 minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.490323][T14357] Modules linked in:
[  742.492066][T14357] CPU: 0 UID: 0 PID: 14357 Comm: syz.4.2263 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  742.497517][T14357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  742.501729][T14357] RIP: 0010:minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.504714][T14357] Code: 03 0f 8e 07 05 00 00 44 89 f6 89 df 45 8b 6c 24 10 e8 a4 c9 d7 f6 44 39 f3 0f 8c 86 f1 ff ff 4c 8b 64 24 10 e8 51 cf d7 f6 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 48 8b 54 24 38 48 c1 ea 03
[  742.512151][T14357] RSP: 0018:ffffc90003f27148 EFLAGS: 00010283
[  742.514540][T14357] RAX: 00000000000006ea RBX: 000000000000000c RCX: ffffc90031a02000
[  742.517536][T14357] RDX: 0000000000080000 RSI: ffffffff8ae10c6f RDI: 0000000000000004
[  742.520587][T14357] RBP: dffffc0000000000 R08: 0000000000000004 R09: 000000000000000c
[  742.523625][T14357] R10: 000000000000000c R11: 0000000000000003 R12: ffff888061acdc38
[  742.526647][T14357] R13: 0000000000000000 R14: 000000000000000c R15: ffffed100c35961c
[  742.529680][T14357] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f50b6b40
[  742.533038][T14357] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  742.535640][T14357] CR2: 0000000020001080 CR3: 0000000011d4c000 CR4: 0000000000352ef0
[  742.538926][T14357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  742.542110][T14357] DR3: 00000000e08e000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  742.544855][T14357] Call Trace:
[  742.545906][T14357]  <TASK>
[  742.546785][T14357]  ? __warn+0xea/0x3c0
[  742.547995][T14357]  ? minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.549982][T14357]  ? report_bug+0x3c0/0x580
[  742.551295][T14357]  ? handle_bug+0x54/0xa0
[  742.552570][T14357]  ? exc_invalid_op+0x17/0x50
[  742.553935][T14357]  ? asm_exc_invalid_op+0x1a/0x20
[  742.555452][T14357]  ? minstrel_ht_update_caps.constprop.0+0x124f/0x1a90
[  742.557402][T14357]  ? minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.559314][T14357]  ? minstrel_ht_update_caps.constprop.0+0x124f/0x1a90
[  742.561209][T14357]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  742.562749][T14357]  rate_control_rate_init+0x378/0x720
[  742.564253][T14357]  rate_control_rate_init_all_links+0x76/0x1e0
[  742.566007][T14357]  sta_apply_auth_flags.constprop.0+0x4bb/0x510
[  742.567803][T14357]  sta_apply_parameters+0xb6e/0x1740
[  742.569213][T14357]  ieee80211_add_station+0x3fa/0x6c0
[  742.570758][T14357]  nl80211_new_station+0x1442/0x1bc0
[  742.572310][T14357]  ? __rtnl_unlock+0x68/0xf0
[  742.573659][T14357]  ? __pfx_nl80211_new_station+0x10/0x10
[  742.575329][T14357]  ? nl80211_pre_doit+0x71e/0xb10
[  742.576868][T14357]  ? nl80211_pre_doit+0x1b0/0xb10
[  742.578429][T14357]  genl_family_rcv_msg_doit+0x202/0x2f0
[  742.580042][T14357]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  742.581808][T14357]  ? trace_cap_capable+0x1a2/0x210
[  742.583314][T14357]  ? bpf_lsm_capable+0x9/0x10
[  742.584707][T14357]  ? security_capable+0x7e/0x260
[  742.586146][T14357]  ? ns_capable+0xd7/0x110
[  742.587483][T14357]  genl_rcv_msg+0x565/0x800
[  742.588860][T14357]  ? __pfx_genl_rcv_msg+0x10/0x10
[  742.590318][T14357]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  742.591872][T14357]  ? __pfx_nl80211_new_station+0x10/0x10
[  742.593476][T14357]  ? __pfx_nl80211_post_doit+0x10/0x10
[  742.595090][T14357]  netlink_rcv_skb+0x165/0x410
[  742.596492][T14357]  ? __pfx_genl_rcv_msg+0x10/0x10
[  742.597990][T14357]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  742.599522][T14357]  ? down_read+0xc9/0x330
[  742.600786][T14357]  ? __pfx_down_read+0x10/0x10
[  742.602198][T14357]  ? netlink_deliver_tap+0x1ae/0xca0
[  742.603784][T14357]  genl_rcv+0x28/0x40
[  742.604977][T14357]  netlink_unicast+0x53c/0x7f0
[  742.606389][T14357]  ? __pfx_netlink_unicast+0x10/0x10
[  742.607949][T14357]  ? __phys_addr_symbol+0x30/0x80
[  742.609507][T14357]  ? __check_object_size+0x488/0x710
[  742.611022][T14357]  netlink_sendmsg+0x8b8/0xd70
[  742.612369][T14357]  ? __pfx_netlink_sendmsg+0x10/0x10
[  742.613880][T14357]  ____sys_sendmsg+0x9ae/0xb40
[  742.615316][T14357]  ? __pfx_____sys_sendmsg+0x10/0x10
[  742.616868][T14357]  ? get_compat_msghdr+0x11b/0x170
[  742.618395][T14357]  ___sys_sendmsg+0x135/0x1e0
[  742.619863][T14357]  ? __pfx____sys_sendmsg+0x10/0x10
[  742.621395][T14357]  ? __pfx_lock_release+0x10/0x10
[  742.622868][T14357]  ? trace_lock_acquire+0x14e/0x1f0
[  742.624377][T14357]  ? __fget_files+0x206/0x3a0
[  742.625817][T14357]  __sys_sendmsg+0x16e/0x220
[  742.627179][T14357]  ? __pfx___sys_sendmsg+0x10/0x10
[  742.628703][T14357]  ? __ia32_sys_futex_time32+0x1da/0x460
[  742.630386][T14357]  __do_fast_syscall_32+0x73/0x120
[  742.631982][T14357]  do_fast_syscall_32+0x32/0x80
[  742.633430][T14357]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  742.635268][T14357] RIP: 0023:0xf7f96579
[  742.636462][T14357] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  742.641941][T14357] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  742.644372][T14357] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020001080
[  742.646556][T14357] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000
[  742.648740][T14357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  742.651042][T14357] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  742.653427][T14357] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  742.655732][T14357]  </TASK>
[  742.656660][T14357] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  742.658792][T14357] CPU: 0 UID: 0 PID: 14357 Comm: syz.4.2263 Not tainted 6.13.0-syzkaller-09760-g69e858e0b8b2 #0
[  742.661713][T14357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  742.664845][T14357] Call Trace:
[  742.665841][T14357]  <TASK>
[  742.666717][T14357]  dump_stack_lvl+0x3d/0x1f0
[  742.668101][T14357]  panic+0x71d/0x800
[  742.669257][T14357]  ? __pfx_panic+0x10/0x10
[  742.670559][T14357]  ? show_trace_log_lvl+0x29d/0x3d0
[  742.672122][T14357]  ? minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.674079][T14357]  check_panic_on_warn+0xab/0xb0
[  742.675542][T14357]  __warn+0xf6/0x3c0
[  742.676626][T14357]  ? minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.678609][T14357]  report_bug+0x3c0/0x580
[  742.679900][T14357]  handle_bug+0x54/0xa0
[  742.681128][T14357]  exc_invalid_op+0x17/0x50
[  742.682464][T14357]  asm_exc_invalid_op+0x1a/0x20
[  742.683902][T14357] RIP: 0010:minstrel_ht_update_caps.constprop.0+0x1250/0x1a90
[  742.686063][T14357] Code: 03 0f 8e 07 05 00 00 44 89 f6 89 df 45 8b 6c 24 10 e8 a4 c9 d7 f6 44 39 f3 0f 8c 86 f1 ff ff 4c 8b 64 24 10 e8 51 cf d7 f6 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 48 8b 54 24 38 48 c1 ea 03
[  742.691518][T14357] RSP: 0018:ffffc90003f27148 EFLAGS: 00010283
[  742.693282][T14357] RAX: 00000000000006ea RBX: 000000000000000c RCX: ffffc90031a02000
[  742.695592][T14357] RDX: 0000000000080000 RSI: ffffffff8ae10c6f RDI: 0000000000000004
[  742.697874][T14357] RBP: dffffc0000000000 R08: 0000000000000004 R09: 000000000000000c
[  742.700182][T14357] R10: 000000000000000c R11: 0000000000000003 R12: ffff888061acdc38
[  742.702474][T14357] R13: 0000000000000000 R14: 000000000000000c R15: ffffed100c35961c
[  742.704779][T14357]  ? minstrel_ht_update_caps.constprop.0+0x124f/0x1a90
[  742.706756][T14357]  ? minstrel_ht_update_caps.constprop.0+0x124f/0x1a90
[  742.708737][T14357]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  742.710338][T14357]  rate_control_rate_init+0x378/0x720
[  742.711911][T14357]  rate_control_rate_init_all_links+0x76/0x1e0
[  742.713705][T14357]  sta_apply_auth_flags.constprop.0+0x4bb/0x510
[  742.715553][T14357]  sta_apply_parameters+0xb6e/0x1740
[  742.717096][T14357]  ieee80211_add_station+0x3fa/0x6c0
[  742.718665][T14357]  nl80211_new_station+0x1442/0x1bc0
[  742.720229][T14357]  ? __rtnl_unlock+0x68/0xf0
[  742.721596][T14357]  ? __pfx_nl80211_new_station+0x10/0x10
[  742.723231][T14357]  ? nl80211_pre_doit+0x71e/0xb10
[  742.724747][T14357]  ? nl80211_pre_doit+0x1b0/0xb10
[  742.726233][T14357]  genl_family_rcv_msg_doit+0x202/0x2f0
[  742.727865][T14357]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  742.729644][T14357]  ? trace_cap_capable+0x1a2/0x210
[  742.731152][T14357]  ? bpf_lsm_capable+0x9/0x10
[  742.732540][T14357]  ? security_capable+0x7e/0x260
[  742.733992][T14357]  ? ns_capable+0xd7/0x110
[  742.735318][T14357]  genl_rcv_msg+0x565/0x800
[  742.736631][T14357]  ? __pfx_genl_rcv_msg+0x10/0x10
[  742.738093][T14357]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  742.739631][T14357]  ? __pfx_nl80211_new_station+0x10/0x10
[  742.741241][T14357]  ? __pfx_nl80211_post_doit+0x10/0x10
[  742.742771][T14357]  netlink_rcv_skb+0x165/0x410
[  742.744147][T14357]  ? __pfx_genl_rcv_msg+0x10/0x10
[  742.745602][T14357]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  742.747104][T14357]  ? down_read+0xc9/0x330
[  742.748349][T14357]  ? __pfx_down_read+0x10/0x10
[  742.749736][T14357]  ? netlink_deliver_tap+0x1ae/0xca0
[  742.751222][T14357]  genl_rcv+0x28/0x40
[  742.752351][T14357]  netlink_unicast+0x53c/0x7f0
[  742.753708][T14357]  ? __pfx_netlink_unicast+0x10/0x10
[  742.755215][T14357]  ? __phys_addr_symbol+0x30/0x80
[  742.756664][T14357]  ? __check_object_size+0x488/0x710
[  742.758074][T14357]  netlink_sendmsg+0x8b8/0xd70
[  742.759522][T14357]  ? __pfx_netlink_sendmsg+0x10/0x10
[  742.761068][T14357]  ____sys_sendmsg+0x9ae/0xb40
[  742.762403][T14357]  ? __pfx_____sys_sendmsg+0x10/0x10
[  742.763893][T14357]  ? get_compat_msghdr+0x11b/0x170
[  742.765354][T14357]  ___sys_sendmsg+0x135/0x1e0
[  742.766699][T14357]  ? __pfx____sys_sendmsg+0x10/0x10
[  742.768182][T14357]  ? __pfx_lock_release+0x10/0x10
[  742.769618][T14357]  ? trace_lock_acquire+0x14e/0x1f0
[  742.771105][T14357]  ? __fget_files+0x206/0x3a0
[  742.772476][T14357]  __sys_sendmsg+0x16e/0x220
[  742.773793][T14357]  ? __pfx___sys_sendmsg+0x10/0x10
[  742.775324][T14357]  ? __ia32_sys_futex_time32+0x1da/0x460
[  742.776950][T14357]  __do_fast_syscall_32+0x73/0x120
[  742.778470][T14357]  do_fast_syscall_32+0x32/0x80
[  742.779884][T14357]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  742.781652][T14357] RIP: 0023:0xf7f96579
[  742.782816][T14357] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  742.788402][T14357] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  742.790813][T14357] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020001080
[  742.793115][T14357] RDX: 0000000020000800 RSI: 0000000000000000 RDI: 0000000000000000
[  742.795435][T14357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  742.797712][T14357] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  742.800017][T14357] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  742.802311][T14357]  </TASK>
[  742.803786][T14357] Kernel Offset: disabled
[  742.805180][T14357] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:34:49  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853824b5 RDI=ffffffff9aacfea0 RBP=ffffffff9aacfe60 RSP=ffffc90003f26ac8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000008
R12=0000000000000000 R13=0000000000000032 R14=ffffffff9aacfe60 R15=0000000000000000
RIP=ffffffff853824df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020001080 CR3=0000000011d4c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=0000000000037be8 RCX=ffffffff819fa324 RDX=1ffffffff1b4cd9d
RSI=ffffffff8bd2c300 RDI=ffffffff8da66ce8 RBP=0000000000000001 RSP=ffffc90003ef7a40
R8 =0000000000000000 R9 =fffffbfff20bf8a2 R10=ffffffff905fc517 R11=ffff8880264fa890
R12=ffffffff8b475914 R13=ffff8880264fa440 R14=0000000000000000 R15=ffff88802b53ed00
RIP=ffffffff819eef01 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fdec708fd00 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055d78a303000 CR3=000000004dcda000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe 62fa0bbe62fa0bbe
ZMM22=2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e 2cb3f23e2cb3f23e
ZMM23=552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14 552dcd14552dcd14
ZMM24=40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95 40cf3d9540cf3d95
ZMM25=f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c f7161a6cf7161a6c
ZMM26=94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50 94d45d5094d45d50
ZMM27=b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86 b8aa2a86b8aa2a86
ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000 4b1d00004b1d0000
info registers vcpu 2

CPU#2
RAX=fffffbfff2dc3fb0 RBX=0000000000000631 RCX=ffffffff8195322e RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff96e1fd80 RBP=fffffbfff2dc3fb0 RSP=ffffc9000467f2e0
R8 =0000000000000000 R9 =fffffbfff2dc3fb0 R10=ffffffff96e1fd87 R11=0000000000000000
R12=ffff88801ece4880 R13=0000000000000040 R14=0000000000000006 R15=1ffff920008cfe68
RIP=ffffffff821bb36a RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3f5699 CR3=000000006c8d6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000558d93 RBX=0000000000000003 RCX=ffffffff8b463e39 RDX=0000000000000000
RSI=ffffffff8b6ce5c0 RDI=ffffffff8bd2c380 RBP=ffffed1003ad3488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6f7d R10=ffff88802b737beb R11=0000000000000000
R12=0000000000000003 R13=ffff88801d69a440 R14=ffffffff905fc510 R15=0000000000000000
RIP=ffffffff8b46521f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50b5da4 CR3=0000000055374000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000