last executing test programs:

4m22.188505336s ago: executing program 2 (id=737):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000280), r0)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, 0x0, 0x4040000)

4m22.064669736s ago: executing program 2 (id=738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0xff}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x49, &(0x7f0000000000)=0x3, 0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_exit\x00', r2, 0x0, 0x4000000000000004}, 0x18)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70fd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0x40}]}}}]}, 0x40}}, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendto$inet(r6, &(0x7f0000000040)="89325a0000000000", 0x8, 0x6000c804, 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r6, 0x4010ae42, &(0x7f0000000080)={0x1ff, 0x0, &(0x7f0000ffe000/0x2000)=nil})

4m21.413135907s ago: executing program 2 (id=741):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x20000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x4000003a)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80001)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
chdir(&(0x7f0000000140)='./file0\x00')
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x65]}, 0x8, 0x80000)
read$FUSE(r5, &(0x7f0000000700)={0x2020}, 0x2020)
r6 = openat$cgroup_ro(r5, &(0x7f00000002c0)='freezer.self_freezing\x00', 0x275a, 0x0)
ftruncate(r6, 0x8008976)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000})
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x5000, 0x1, @remote, 0x5}, 0x1c)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)

4m17.355825018s ago: executing program 2 (id=750):
r0 = syz_open_dev$vbi(&(0x7f00000002c0), 0x0, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x8, 0x4, 0x0, 0x1})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000000), 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3000a}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_RSS_QUERY_EN={0xc, 0x7, {0xffffffff, 0x9}}]}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0)
getsockopt$sock_buf(r3, 0x1, 0x1f, &(0x7f0000000180)=""/229, &(0x7f0000000280)=0xe5)
r4 = openat$pfkey(0xffffff9c, &(0x7f0000000040), 0x80000, 0x0)
read$FUSE(r4, &(0x7f0000000240)={0x2020}, 0x2020)
getsockopt$inet_tcp_buf(r4, 0x6, 0x21, &(0x7f0000000300)=""/34, &(0x7f0000000340)=0x22)
lgetxattr(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)=@known='system.posix_acl_default\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000002380)={0x0, 0xa}, 0x8)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000023c0)={&(0x7f00000007c0)={0x164, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x118, 0x8, 0x0, 0x1, [{0x78, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x20}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0807ee6675c"}]}, {0x50, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x9, 0x7, @empty, 0x3}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x164}, 0x1, 0x0, 0x0, 0x4004840}, 0x4010)
ioctl$EVIOCGLED(r4, 0x80404519, &(0x7f0000002280)=""/252)

4m16.477489117s ago: executing program 0 (id=751):
syz_emit_ethernet(0x4b, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff88a81400810028008847e57e03e7b44fcb38de3a9f1817d47e9dbc04461877b5a2a6f9c507af70d4aa73e1e3bee837a1daea1464f57cd3a49ca6cd90bf4df80d62"], &(0x7f0000000040)={0x1, 0x3, [0xe7a, 0x36e, 0xf23, 0xd4c]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=ANY=[@ANYBLOB="38000000030101045e0000000000000002000000a40001801400018071c1c0e00000010c000280050000000000001e000000000000000000c08c6fe004db53584f0ad67bfc6b7c93a8e895039c74586656abadc2be74be7bb8c87e714a1a2ebb54a590fc52921518dda82bfe8962e362448f99f67907e79d3e152f84a2d827be96ab043e61776a8669a7c20e2fb793790add95e1e733c7a8a698710537642944310db915b748db05a398104e4afb1309a7c85835a54c7496bb63db97736b1923a001d9254d63b72546ae3a9e925e1a45f057df10ec87a26da0e77102d36f08463245b24e25edf56661766fe85414d03300136672802367baf86e1987cc98da50c54e96bae625dbebf3ba8b3baf069ad5d54a68000000d4f704de13da8c9f2c2d7bb097ec3ad7465f6531e3976e164d9b8c4bbfc8606ba9e5bc6f77c7d3b9b0eae46095385b4021ab361c3c66c3169ae2b1d1698a6857cf51950be623597603ecd3ca9da188fe2594fdbb653c220d5aff2f91e2"], 0x38}}, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x40002016})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
epoll_pwait(r5, &(0x7f00000001c0)=[{}], 0x1, 0x81, 0x0, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000c40)=ANY=[@ANYBLOB="8caa9ce6aaaa0180c20000000800450000b00000000000119078000000000000000000004e20009c5157907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649ff7f0000000000008dfa871c51852e4451b57d037ac045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1173669ca"], 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_RESVSP(r8, 0x402c5828, &(0x7f0000000440)={0x0, 0x2, 0x8001, 0x3d7})
r9 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000004700)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r9, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r10}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)

4m16.341132599s ago: executing program 2 (id=753):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x28, 0x3, 0x8, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x40)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='svc_xprt_accept\x00', r1}, 0x18)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240))
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000001c0), 0x0)
sendto$unix(r6, 0x0, 0x0, 0x800, 0x0, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)

4m11.735566372s ago: executing program 0 (id=757):
userfaultfd(0x80801)
socket(0x2b, 0x80801, 0x1)
userfaultfd(0x80801)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6}, 0x0, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
write$snddsp(r2, &(0x7f0000000200)="a3", 0x1)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x20, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0) (fail_nth: 2)

4m5.602654991s ago: executing program 2 (id=761):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r0, &(0x7f0000000380)=""/46, 0xfffffeb4)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000200)={0x0, 0x27, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080601080000000000000004000000040500010006"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10)

4m4.552290774s ago: executing program 0 (id=762):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x78, 0x24, 0x50b, 0x8, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0xffff}, {0x1, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x200, 0x5, 0x0, 0x0, 0xf407}, 0xfffffffb, 0x1, 0x0, 0x4, 0x7, 0x4, 0x40, 0x9, 0x0, 0x1ff, {0x0, 0x0, 0x0, 0x4}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000140)=0x2) (fail_nth: 2)

4m3.216531399s ago: executing program 0 (id=763):
pipe(&(0x7f0000000500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000340)={0x30, r5, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}, @NL80211_ATTR_REG_RULES={0xc, 0x22, 0x0, 0x1, [{0x4}, {0x59}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040001}, 0x2400c000)
mkdirat(r3, &(0x7f0000000000)='./file0\x00', 0x10e)
r6 = open_tree(r3, &(0x7f0000000140)='./file0\x00', 0x1)
openat(r6, &(0x7f0000000040)='./file0\x00', 0x1d1883, 0x1e0)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x2, &(0x7f0000000300)=[0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc01c64b9, &(0x7f0000000380)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0], 0x6, r8, 0xbbbbbbbb})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000180)=[0x0], &(0x7f0000000100)=[<r9=>0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0x1, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000200)={0x0, 0x0, 0x80000})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[r9, 0x0], 0x2, 0x800})

4m0.472344231s ago: executing program 0 (id=765):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='xprt_ping\x00', r3, 0x0, 0x5}, 0x18)
r4 = syz_open_dev$evdev(0x0, 0x2, 0x0)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000280)=0x8001)
close(r4)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
r5 = io_uring_setup(0x2f00, &(0x7f0000000700)={0x0, 0xe8e2, 0x400, 0x20001, 0x2d6})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
r6 = io_uring_setup(0x7625, &(0x7f0000000600)={0x0, 0x653f, 0x0, 0x0, 0x100028e, 0x0, r5})
io_uring_register$IORING_REGISTER_FILES(r6, 0x1e, &(0x7f0000000000)=[r5], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000440), 0x0)
unlink(&(0x7f0000000380)='./file0\x00')
r7 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0xffff, 0x80600})
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x200000e, 0x6c032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x8)

3m56.844069075s ago: executing program 0 (id=766):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000540))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x134}, 0x1, 0x0, 0x0, 0x4000041}, 0x20044810)
r0 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000280)={0x80000000, 0x0, &(0x7f0000000300)=[{}, {{}, {<r1=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={r1, 0x0, 0x0})
socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x48804)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x800006}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250101f4800c00180008ac0f000000000014000100fc01000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22ab0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43e2621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a647857d321c3ed16c000000000000000000"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
setuid(0xee01)
setuid(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)

3m46.465052882s ago: executing program 32 (id=761):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r0, &(0x7f0000000380)=""/46, 0xfffffeb4)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000200)={0x0, 0x27, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080601080000000000000004000000040500010006"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10)

3m41.968649275s ago: executing program 33 (id=766):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000540))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x134}, 0x1, 0x0, 0x0, 0x4000041}, 0x20044810)
r0 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000280)={0x80000000, 0x0, &(0x7f0000000300)=[{}, {{}, {<r1=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, &(0x7f0000000100)={r1, 0x0, 0x0})
socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x48804)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x800006}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002f00010000000000fcdbdf250101f4800c00180008ac0f000000000014000100fc01000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22ab0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43e2621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a647857d321c3ed16c000000000000000000"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
setuid(0xee01)
setuid(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)

3m23.118631187s ago: executing program 3 (id=791):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a"], 0x7c}}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000380))
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r4=>0x0}, &(0x7f0000000280)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b0000001f0000000200b1d78bad1549d6ade55bc700c50000a2bf000001000000", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r4, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[], 0x74}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x50, r7, 0x1, 0x4, 0x1, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

3m20.186531823s ago: executing program 3 (id=794):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/route\x00')
pread64(r2, &(0x7f0000003b00)=""/195, 0xc3, 0x591f)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r3)
sendmsg$IEEE802154_SET_MACPARAMS(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)={0x20, r4, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4881}, 0x84)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r3)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000080)=<r6=>0x0)
sendmsg$NFC_CMD_ENABLE_SE(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100002}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r5, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004010}, 0x40000)
syz_usb_control_io$sierra_net(r0, &(0x7f0000000240)={0xc, &(0x7f00000001c0)={0x40, 0xd, 0x9, {0x9, 0x23, "c91d62e38c68d4"}}, &(0x7f0000000200)={0x0, 0x3, 0x2a, @string={0x2a, 0x3, "69347ca00ff4cc6f97234344b2893ee3f71d4bfa80193eb549886656b5cf0ba4eb84f7d8b37c55b6"}}}, &(0x7f00000003c0)={0x10, &(0x7f00000002c0)={0x40, 0xf, 0x84, "c7b157d704db6c4f74e588289e5d078778a2e551569f62effef7f49c758870b9886a13cb664921724bee29b71dad53d6b29dd65f218bb361825a27062560d34342f8253c872799bd2f0e1cd588b8297de84a1638b30836d8ac57a89cb6ecb1611fe4b0ed71d52db2299ba3075b1aa0040c232586fa0ac879f27e0033f7d345b3d1a59491"}, &(0x7f0000000800)={0xa1, 0x1, 0x400, "db2d0cd2c78574cf00712c5a324fb4b3639b346cde794e85572fba2e3d6e7143ad6c6272db1b3b36329188750a15b3b788175848c8f4b7872027aaf7d7a110eb564ab8155025b2584b7771a4d8adf06e4953b173d325e1d6759fa0cf671aa5994927ec6d7d2c9d23b871e3cfb248a515ccfd656b6dd2a639521e19a4591238f8516b90c966dcfddd15482fac53f68aa64cb92a582e9b69f33e320c1a7a1dbd30b0ed8d65735d04b357db7e085070beb16449ea26687edd7879842f2b459df6a0f5453f4164be847e318ecd80802f455185cc58416902f2a8d048b2c423a645ede5ddb11c2d4dc8306e4af13a9b68bf5f8ef7730fbdc15d38edfabf631553b0ebf2d39b71011bdca3dbb7e6ea47dbcf0a0ca9d86085fe0227d650394a6331cc1f27551d0fe216b9ed18ad363b4400872de98a32fa709faef65617bf17bd61d7203fda3e4f7b60b183948c722a216bc12e96a5607a5ddf72381679c7aa024d220868e198d43638dec6a98e92ec50b84167e2a29b30b3c2fa6a9fc0a214cfc5031fc4f5948eea6b4f871d1abc6d5efc7e8e02f28174c974a61b40f9d49781d32cd44edd225ed5ceab5dbfadc92f5dbecf476e93e5aab16ddd1df20d24066ea7268ebc08346e1d413159cd2fbfe3b64137d5800957096bafc44c308866d15cec7fb9370ef5f79f708a6a4ab5990863869643e5d97a26a49d06509a82155783bcda0b4eb7ae91bd119710d5c359e0efc9b532461ad9c0d2d55f1f9b01f36e11e098ff18287f6119af7ceb72ed88ec53990a7976d0f1d4fc9378d9d2c89ba81172b3b1c98d928d1410a3bb197c9eb92285daca9e3f0e3523c1138328281d67e444ea9c5ca37828ffd1ae73a943d4f9f9b60086a49c4e774e85be35f563bccf5bc2fceed34514774beff82cfc2735ac29827d8b371c3d5d82a1f370aec811930f6ee7d5d9bb07d29a7ccdf192b19dac4471417628ff50f584b6a520fc607d314a0358196e5a0062d74f91968fd6dcd74f14bcf38b2273a241c47a8378e7d419f6ef3a884111d2bde5688dda945f35b9c8e693cb72626624930863c89c56d0132521b64630733fed83a9505d2b198a66c8426e3e5438dd170f9b89109505ef9f7de569aa78855b3e7f565490ae6882749d56321ecc716ae8640b574d3324b1ac939887ef5728ec1f21c4c3e723c3023610d1d141a83d9c4f4e724890b5d9dfb30dd370cd9e3ab10f51ff64ef3a0e136443b34ff6463403fe2602f985c3e38d382bc6d528dbc2ac308e0773d6e32b9f01d0e3f0e679063f8516fae54f44bb3ff20d01a3bc66756cb8bd342487fc20f232fed19d7e7b393565b10cb4e36b5a5c9ffa677aa957c1d4862e627d4faf8f4ccee98c6a3bbb0a8ab424d2b9305631eaab9d523481e820b05e0e914b979e34553215757d3c7bc3859c328c84cdd368f6b68cf5bae1"}, &(0x7f0000000380)})

3m17.033750499s ago: executing program 3 (id=795):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x58, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x4}, @IFLA_MACVLAN_BC_QUEUE_LEN={0x8, 0x9, 0x1}]}}}, @IFLA_ALT_IFNAME={0x14, 0x35, 'macvlan0\x00'}]}, 0x58}}, 0x8000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f00000001c0), r2)

3m13.442000515s ago: executing program 3 (id=796):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000200)="400001", 0x3}, {&(0x7f00000013c0)="1a2b936dc1fb35184db35eab1d", 0xd}], 0x2}}], 0x1, 0x4404c880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='fsi_master_acf_poll_response_busy\x00', r5}, 0x18)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0x0, 0x0, 0x9, 0x1, 0xc45, 0x1012, 0xc7, 0x2, 0x7, 'syz0\x00'})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
get_mempolicy(0x0, 0x0, 0x73e, &(0x7f0000419000/0x8000)=nil, 0x3)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'})

3m10.787364018s ago: executing program 3 (id=798):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xc4}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4001, 0x3, @private0}, 0x1c)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, 0x0, &(0x7f0000000040))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000580)={0x1, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000540)={0x20, r8, 0x111, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
sendmsg$IPVS_CMD_DEL_DEST(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8c00ff00", @ANYRES16=r8, @ANYBLOB="000227bd7000fedbdf250700000014000380080001000100000005000800090000005c0003801400020074756e6c30000000000000000000000014000600fe8800000000000000000000000001010600040001000000060007004e20000006000400080000000800030002000000060007004e2200000800050000007fff0800040000010000"], 0x8c}, 0x1, 0x0, 0x0, 0x4400}, 0x4000000)
sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x74, r8, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x4}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x9}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x20044050}, 0x844)
syz_emit_ethernet(0x1e, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@can={0xc, {{0x0, 0x0, 0x1, 0x1}, 0x5, 0x0, 0x0, 0x0, "4bc7135978e1192b"}}}}, 0x0)
r9 = socket$inet(0x2, 0x2, 0x0)
shutdown(r9, 0x0)
recvmmsg(r9, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="b8509bf83d2737a61bc61fb8e579b60c70613aad65461478913e12577f8bad2c0959b4f1a4012b39ebdcb5207b38ab056eee92fbe4316d3511f9bbb2d97b93bf80c209a508de1001866076b96094ac636996580a686199a4de08007e2b7ea711214ca0cb50184431379421a3553e4cf4ab0df2c02579e637c698297ebd5b8b706b8ea40f8d7b2efaffe20cf8a6c05f01254dbf59bbef4f5492849a717721b31212ab441dc3409651d55507363c94051d3df6e8cf9aae25c1441d23a871893f878a01f7146f2b1aa244625c0a2576d5bb98eafd3e54a144a81a82f23c11689ab0b53d29cb6cd0fe90571f2799eeebba350d6622a143563b613c73190217c46f41ada0f3a076f1ae341a43b0a7bcbb8704d8c20dbbbde598b3ed61921a5d401cea3b37772cb39611e076820d7ea7610a8d9a07fe4e87b37e85cc94221140de026ab16cfba1618fb21b88bbb39c0dbc21040416299eac88995f7ab220952571593ce91022cfe086da4a321eda1cdcbf83295d88632ffae99c2461ad0f5a45397a4d209aa4c0517e22afca08b6ce074bbf12c6aa039a6464fbe029cb3db2429afe22dad2d2030b67ae3b6f21a2126e57ba972981e0f059492cdf8deeaf6f3642ee02cb7b3d95d300f9dcf45fbb7c12c81bfc604be81ecd8a8c41a10ddbe16d7b30f1c0b214d8823e74413d8284cefd1197ac000d43cd289d250b7665233e3c4400d8f03b2794204394ecfde3ad3d98108c633ff553af176a364d357f87556712fc57740f61127dbd817a1fea51f9712c68a059e7e8feee4c42895dc53c730e09c9987bdaa7061e458fe88a358c13e9902b1d14130c622891bb2ad5a690a517a721d955a00f66c6e32eb426996b060edc7dc99e23be8816f5ff6b88457659a789ec8d83117907302522870116cd8a92f13fe93cb39689f1beb333a986ba8f4a9b0a3fd4d0500c7975658240a0859e47eefd68b832dc3b64a40b8c43709fcd911569dce4ca4d31099e7b6374af9204ae83379a10bd3b630fb937bf751edd79d89d38878a045b769afb848b23ad0581a1cd7d563e7f0ccfc8d19306c5d8f4fbf0b124aa57442a070ebeeffa607e9b5fd342623dcfd80bc1434505d909208b1ec7d89816643609c2db310d7baf928aadcc3ccd9441714eb5b4c1669bfd112763620bdd1edd82b354cfecdc9aa9855e2a5fc93fd6ff9d7ceb5d59a6cc5ba437a3d758d2d8be08b38354d7c6d66d864e4c609eacfa9c625bcd4c5e961c15b8b3c9472bc6b9011650711e27d675ee96c41dbbb2178694815f01baafabef1c24280d68955cf0553854f718a4d93cee5d22c84c6ca00f56fd6efc9412d5e0356135aa10a02be778db01bdc13eef3eaa1d8c7b8c143fc76547f9471aa5c2dd118309d73e28d15735b57e8de1326902c82bece5c498afff328d9fbfda96dcae57615f481ca0ef572811831837760c022867eb6352aa484d2b383584503b9d7de910eed2a2c1442db80d6edec13d21fa38c49d9ee7e3d4f8624d55d64c6772af888a73f829fc2d8e47564ad0f42803a31e81e02474f9b8dd2b2150dbf2f4f752ffcdc49b6f5fa22f1226329c2ef146a3af08e2d0b364bc12cd11b7cbee8b24fc56f5dbb55e5df62009fe74d98bced9b60667b225f6afcb20a1e9153ebd61b1333b2b0ad227854a92603c887e464a973624a837119e93b27003629b7d89d3ceafe37e02396f6d45f5af666434e0c3c6fb79a06744868e69c90b376417b2c1aa78832177330579a2c2d8df4f2a6d3d2dc4f3de0d9cc97d110e0acb3e704b9565128883ba3780cfd783cf8299193540181c4edcffa6361908a88a054ce7bd42035072c7357c79bc872c1879693e22cc9f122c7b159c55d95c55ebf4717e98f9fc9718163e763b1f6a5efdbdc3f0d2d1f3965c8e0c14c5a6526c0e532613a1882fc87c137cd0d599a30f2155285f99e1ef58d19a2d97ddd19c72071de875e133cb4fc33b27a9a84b7a2049d7d493fcfb06d38ee1a2a7f22cf2379257b3289af16ad7c82dca1430d3cea9a3543ee42b9afb5bb99956699b665c4a30dd27e5d8ec17f3da5b4b0f6a716b7178b7e5ef544fa93c3631cb63d81c68e2580b33b19377dfdcb42d6aaf704d476ae05ca8823f8836980f483e33e51dff364438e00ad9182c49e81cec7631256e66465fc3561425d1546fab4b06a321de2e813e7f2e2b0a214e7e84870f46620180848bc30d26ac80ae6efe43c290b883ec7312c084e4e5a9b095365353c52731910a698153b001fbc5c205fb020eeb1f9dec9c7d9e86af7f4af7bbd628b4b5fe7b7d916b5d8aae8a57306776cf7b1ee6cf4757d9799b375fd969c06dcf5922ff557f76fcaab2032d041461d90e8d7c44dd6d9fad21fb6faa8f5e01d9cba41fba3a8edd28a8519d958858a9523f0ee8b0f9caf43030d923edfb287d34c5c83e956e70637955d71e8fc7fcbc2bff73278339833083d37a784b003212e629c0ce3d71e0cce4be7f6d2ee6436653605e3c6ee953f59b66e3f0bc72c4191a65b830b06072ccb62655714e51f1202e8b09e49572c9e1dc4c29e3d5b4d371e5bb74e9168e94e57360f1f2059beee6c90e9eaf2b0db8e8a375cfd02404cfe532493b327b5ccbc33c2ec112a99d8fa3d21cd1d6353b5c48d9cde8161483487d3c7cd1e66fef1f86b5b2df9fccce27f7620d42bd5d8880c97928a08dfffd1f65e3ef8c034aff49b196fc453a498b547e5cc2a9b577ea4af1f494a3af9a451b52d7152ef8db419a318f80f3ee05071e6a159f72f78cc88eb4f0ca308066119cd47928d8b2f8d24ef253ca12c97bbe955515129765b09d8c59d95a89a26e53022466d44aee47cc1058c37fcf814cd9e1d4bad855b306cfc994f57fafe944f7130e7b84332ce5113e91dac600df4c760b1a82b6cb147ae03d9ab28e136c6528ad3c2f99fc75560e2aaed0309bd3200be69ed4bdd7dccc6e9ac89606d7d1cfbac85895395ce61a0c69606be2fe0569334c0e1918663b69bf94accd1646ee5b91b97c1904423f3d7b9a209eeef3ba6a842e9384e09db015f02d9fb5e1bc00ed4a52ae07a86f443ee21443d79fd5213c6dfc622873a80ff0be1109357ae1eeebdfc1a8d121eada478154cb44a4969e755c4b1655e6004d95c8dd17d0152f7339fdc2f593ca547172095afa127b78bbd8967812a4f546bf814029286cef0171a2e57f03256e3497ba301388038c5db7a783b4dc32f3518ecbb46cbe79bfef7a11aadabaa05ef810ee95adf13d461c44729ca0664e896de426af056ec2b4e9eeda75f440df4bf46183eb44b6ef89ada33361e5d93ca3c07faeda3ead814ba9e7d3521dccc8958c154ead3b7f86167306b712211cb9f476cacf6d0105c74fd3bb772d4d6774d148169bdc8c4ad2228894404db1e80722e9d8b2065c776cc8d1c86f3ef6134ff8cab43fa9d6a0ffa7d3c29bdb301cbca5589b51f6cab7b9a66ffa250c532eab63a6246bbc824e37f78c8b8b7b8294c5a3f81f16a4c92e992dbbab22bdda879327cc703cb54f93caafb4fc4160f42502d587b2f9f3d3d323b20877b8f7fc5b0230f891bfcbf1bf25b12a4bfcf763dbc6ce24ab810521081da73cf8fdc2d68cf161eb2cd066e6fb3f6caef4812f15f059135684d97c4a9ebb6ec783560e711a8e273b65b675a25938d47d65ac70cb095277b1a4fe0f441d11792c1bf636854bad8691084cbf32022c50ccf5c0b427d8a51e4993e4174231fe36ffb8fdcb219ca0ec205bdb0effdbcbc82e1f328347cf1d40e6c3f7d9763ed9e58fedbded8ae181039840e6dcb52da7089bf1d455dccad127d59623d9716da7d778a27d6434c556188b72a7bb573599b8acd92e711a6c47129e10e300684f657ee6e81c44f79b9807e2369bb1c4681c8ce8252f51515e6830d8e1616a54047487b0a246940ffbce7219c6940e37ab72f8d345e5b55924cfab40e84fd1d4273a069f162bbe9f35fdb0a86b2dd6d066adb446b15548d92b72f1af81f5ae7db6116fdfe7f24424a8bbae84c88e33765c1934299f1ace211610d4e7bda5e09e0e483a45204a2b73f078870e6cd5129848aa6f30d39eab12b83ffe155dbdb87dabc21bcade9f9b6fc8369e2e372892097f781b7b71549e3170250dd0470ae07cc18fb4b6099426c4271b12a16aae3b9066c88688c24ea2c6c6844283471a2589367950ef6f44f122a4605d3c23445f58f8831bdd30b59e80edb9cce35be0a8c11e846d7424067bd88e3e8f283aec704a3b72ed122635ce2dfebe82df953df7283030ed5457632564a15632e4178b370a54ab484a4b7e76b0cca1260e6bbc5ec5f152e2f3f95138e4058875cfaca5d11f0c1ec7922b91ad5265d8f5cfbf0ff6046a94685f686f2fcf6c533f62ec3644414865c66b2148e669277d43607ebc6207990f21ace296162923460866a68897a0c3bf72864217ad0739be9c329071f61bb5efe6672d96743703192a2be6c3a3b4bd1870104b0db58bc9db8d2208b37230c4ee409ed17fc6b8bf97617287bcad3ab5960d1a63795f30169eccb7a079f359a1dff4a27ff9d4ee734d164acf064c28b6874645b0246bcac8c2aaf1203a8690572e82d3dbfbd73a20dada27be69e0848ce7b38ca7a84e4bf6ce2552201363af242001dbd013bfb0ae0256c2c671f225cf39ccdf28ad40f036c82cc908f1fda4b12b24ebc7b0b23c06e52c99b52713945faafebb216b6ba42b172685b3ac0d21858b05afae708849eb6cbb2c6a70d35f20f67c8e8fb9c08d389c2b20c3568b48b6cf1668b1b558e2379a9709f48cf40d7992e3679197f03bf9cf86f1b6775dbedaca5f88b100b7e304ea67075f66415dc86a3597bd756fa0aaf5c8ac20944159c52cf7570290325d47775f55b13b2ace49f817dfb89fa0dcc8947e1e18685abb82efdb2d648fed50a89dac388cb3123b04110fc8402b0c8c2d726273078884f7ead25124e54c93340166f1e119b343060972a9f428792c47602dab21329fe5a214419ebc21cd6c756709708f015ca3c977aba9c42973da8634f1859ddcebfb289e20293b231ad0e55194044f0d674af628cc0954a16531a0f6d2c8877a5ee83218cc1f23c29d44fae3bb40617224f74893739e2be57d9d87076d4c50696298048f0e4bd4f2b51e62e46a8142acfa61dff3fe1961e6286524835ea803c55251e55f5c85dcb8c97cf6c36e9e339688976adda15c8b1a5e521cbbfab92717566babf131ca9e06ec45dbf3e957b5e264d589bf8b9719a0e9f959db8ad7dd121342c3de6ba5fa76cfc9c423d1fa25a7b0081d7bf5751e451297270f44d03ca983cec82bea793d5eb5630fa5589d4836aa3c41105ae39d319bd85c0f8e89f9958be308f449117a74ee32ecdec1a033dedfd99a38225b013581fd831333c01009f4b545a96c4d29bdfe614dd34a3b55a42813b1afe565d95f8fe499a8fb85258a93f8a124ab9fe44f78a0527bd0fa87f15be3751acc59c6cb10e93ac9080e6074d5d31c69954e6e3fa52d4c895e3012c15b88683d5bee748232a5552a10338a33aa9f120a18eae11299646c0aaff75e2ad9e7b1905e18a747246ea70eeaf452dfa4a91cf5e2510bfba3a73d8976272497ebb58ba26ebf5958c7797d781e0a1b0b6dac8b59d5f449cef8cb31f47294cb690621bc56c1d23692670ac293a9c3b09c046ee2e8db7d261efcf59c11774c30a3ebe09732618136b2ce560d056e04bddc7704026e07b2e62d64f81fd46fe43b35c05a2c010c29c91a14cbfb805de0b99b389b5c8a144fc09122d1a621c06c4cc31b30", @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x70bd2d, 0x700, {0x0, 0x0, 0x0, 0x0, 0x4500, 0x1000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40098d0}, 0xc0b0)

3m6.499590667s ago: executing program 3 (id=799):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_clone(0x30088000, &(0x7f0000000480)="c3cf7efa1484132ca2f1b4b6951633c0d48659573075632ae820df23c58fa8bbcfae86ba523b7c116aceeef1eb2f64ad441e38df3705acbdf858d41df4f0682c648d8940123b23314777bac452a3c2fa4a618defa909e82e06955310ea69a6005ce59e8dbf90193474a58bcc3a919134e8351659c1107c9ce7071478022903", 0x7f, 0x0, &(0x7f0000000340), &(0x7f0000000500)="7504b0437264347af616b179adc0b5db1d294e96a4e34fa78b77e9061b75c0d2d0cc75306943bdf9cf4ac8a9cf58b67a5f573e8f4fe9ecd0d33bd1eb3d47d7e33f853f0e5115ab")
prlimit64(r0, 0x6, 0x0, &(0x7f0000000400))
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3})
r4 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133b0cc64874f1a44052e038135a564", 0x1d, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r4, r5, r4}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r7 = syz_pidfd_open(r6, 0x0)
r8 = pidfd_getfd(r7, r7, 0x0)
setns(r8, 0x66020000)

2m53.045273832s ago: executing program 34 (id=799):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_clone(0x30088000, &(0x7f0000000480)="c3cf7efa1484132ca2f1b4b6951633c0d48659573075632ae820df23c58fa8bbcfae86ba523b7c116aceeef1eb2f64ad441e38df3705acbdf858d41df4f0682c648d8940123b23314777bac452a3c2fa4a618defa909e82e06955310ea69a6005ce59e8dbf90193474a58bcc3a919134e8351659c1107c9ce7071478022903", 0x7f, 0x0, &(0x7f0000000340), &(0x7f0000000500)="7504b0437264347af616b179adc0b5db1d294e96a4e34fa78b77e9061b75c0d2d0cc75306943bdf9cf4ac8a9cf58b67a5f573e8f4fe9ecd0d33bd1eb3d47d7e33f853f0e5115ab")
prlimit64(r0, 0x6, 0x0, &(0x7f0000000400))
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3})
r4 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133b0cc64874f1a44052e038135a564", 0x1d, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r4, r5, r4}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r6 = getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r7 = syz_pidfd_open(r6, 0x0)
r8 = pidfd_getfd(r7, r7, 0x0)
setns(r8, 0x66020000)

17.704218172s ago: executing program 6 (id=1545):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a"], 0x7c}}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000380))
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r4=>0x0}, &(0x7f0000000280)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b0000001f0000000200b1d78bad1549d6ade55bc700c50000a2bf000001000000", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r4, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500"], 0x74}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000230000008500000008000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x50, r7, 0x1, 0x4, 0x1, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

16.164378245s ago: executing program 6 (id=1550):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xffbe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
unshare(0x6a040380)
openat$tun(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$binderfs(0xffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x304e, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)

15.920782586s ago: executing program 6 (id=1551):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x20880, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x3}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x7}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x4}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x6}]}]}, 0x38}}, 0x4000000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x50, 0x20, 0xff}, {0x6}]}, 0x8)
r5 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
getrandom(0x0, 0x0, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000700)={@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, {&(0x7f0000000280)=""/191, 0xbf}, &(0x7f0000000180)}, 0xa0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
write(r5, &(0x7f0000000000)="3c00000043001f001307f4f9002304000a04d65f0800080000000002170003800500000099db3500b0406700000000548593223487ee891c0ebf0798", 0x3c)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x284, 0xffffff7a, 0xffffffff, 0x284, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xffffff00, 'veth1\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x190, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "e4ff0100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9eb85f401b0000000000ffffff7f00", 0x7d}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x3, 0x0, 0x7, 0x7, 0x4, 0x1], 0x1, 0x8}, {0x0, [0x6, 0x1, 0x5, 0x0, 0x0, 0x2], 0x4, 0x1}}}}, {{@ip={@multicast2, @multicast1, 0xff000000, 0xffffffff, 'ipvlan0\x00', 'wlan1\x00', {}, {0xff}, 0x8, 0x3, 0x62}, 0x0, 0x94, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x4}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x5, 0x0, 0x0, 0x1]}, {0x0, [], 0x0, 0x1}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x374)

15.757803546s ago: executing program 6 (id=1553):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0xeb)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e22, @remote}, 0x10)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000000)={{{@in=@multicast1, @in6=@ipv4={""/10, ""/2, @broadcast}}}, {{@in6=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000140)=0xe4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x70bd27, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x7ffffffe}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004040}, 0x20041040)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)

15.513782915s ago: executing program 6 (id=1556):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000440)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x11, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2f}}}, 0x1b)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "83c47262b150c59a", "a0060bc741e3025ad12bd49bd721255a", "3999d240", "5d0121a99c9e934f"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000500)=@gcm_128={{0x304}, "e8ffff0700", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000003c0)={0x14, 0x0, 0x0, &(0x7f00000006c0)=ANY=[], 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCSFLAG(r3, 0x4004480f, &(0x7f0000000000)=0x2)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r4 = socket(0x1e, 0x4, 0x4)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req={0x5f0, 0x6, 0x9}, 0x10)
recvmsg$unix(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000580)={0x3, {{0xa, 0xce24, 0xffffffff, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @private0, 0x4ef}}}, 0x104)
openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r7 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r7, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="030000000a004e230000000cff010000000000000000000000000001f8ffffff0000000000000000000000008d8cefc5b2b7b9544dce00"/140], 0x8c)
recvmsg$unix(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)

14.364283362s ago: executing program 1 (id=1561):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x20880, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x3}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x7}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x4}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x6}]}]}, 0x38}}, 0x4000000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x50, 0x20, 0xff}, {0x6}]}, 0x8)
r5 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
getrandom(0x0, 0x0, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000700)={@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, {&(0x7f0000000280)=""/191, 0xbf}, &(0x7f0000000180)}, 0xa0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
write(r5, &(0x7f0000000000)="3c00000043001f001307f4f9002304000a04d65f0800080000000002170003800500000099db3500b0406700000000548593223487ee891c0ebf0798", 0x3c)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x284, 0xffffff7a, 0xffffffff, 0x284, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xffffff00, 'veth1\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x190, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "e4ff0100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9eb85f401b0000000000ffffff7f00", 0x7d}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x3, 0x0, 0x7, 0x7, 0x4, 0x1], 0x1, 0x8}, {0x0, [0x6, 0x1, 0x5, 0x0, 0x0, 0x2], 0x4, 0x1}}}}, {{@ip={@multicast2, @multicast1, 0xff000000, 0xffffffff, 'ipvlan0\x00', 'wlan1\x00', {}, {0xff}, 0x8, 0x3, 0x62}, 0x0, 0x94, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x4}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x5, 0x0, 0x0, 0x1]}, {0x0, [], 0x0, 0x1}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x374)

14.185456257s ago: executing program 1 (id=1562):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)={0x10c4, r1, 0x4, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void, @val={0xc, 0x99, {0x20000, 0x4e}}}}, [@NL80211_ATTR_VENDOR_DATA={0x96, 0xc5, "5240e89151ed1b854b11f7cf79ae49c22eb401cdd4a2c753de92259819f8535754666a6567e047da828626197ec01105188578e95a437b192e4996af0071827bd40e23ac219bff435c7249092cc697ffa8aaa62bec7df8ce8c4fb0cc3702930f71e47c4c5aaed84a0c03a6d96a5bd54b151571ef4a665a55cd619e7a8eda094cdf8e674da727bf20d8137a9a0cf37cc0eff8"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x101}, @NL80211_ATTR_VENDOR_DATA={0x1004, 0xc5, "f7bbaf835cf2d1eb51307f7ca678691ec0b11f0da63da176b17f70e7532f3c0c70ca042a901432edc1302a95887c54147614b7de80a5e28784a9229fa62fc4188d79a35d61f1ce6744986e35139fdbbcb7abedcb14c71c0136f54834cf64645acbaaedf348465a7ed1ea82aa5a411390c03fefda74d4681ae000e65734d49bf9f0b7ea6429965755bccbedb54559c09170b09ec7c037f6c575633b1bab2bd6f29d177ac54b54549eaba3173e4566c86673d77f587bbea2aafe0955974658b4018d1cd315a895637e8a8fbaca379e02712cda2b493fdd71e08aed490e58f765df79140df16349aaba3fe13cff60649848c713b30326f7cc9f1412912c7261de0cf135f49c83587d65a07d464f59c0df44ce7d4adf100102d67383f282f156d102a0a71923546e5e0c27889783e50cda206b0fcafe3c3b20c851ae33d0d71b4dc27cd69f806e8bf1f96df6e78e211cab2279f342e7b3dc37785b5e8d2543df98c697ccf70cef4f328c95482bb584c5d5ca05bba7923632cfec1028d4cedf1741d5463e287fa3302b816d804106a6b0828abf9aec24b7768f8b3cc1cbef0e382e2ce3162574bf922c9ec848fde028ba0dd434dfe7e04b11eb54d592b051d198a7b0f8c4c49bdec6cf9a7978b89e5a740cb6cf61bf9b6887288816a4870e228c056dd793ba7324c16397fa08ae5a14707dddc8d358880b9292406a4053bf7b3572bcf5e8aeb247826916a940d8292c1a0b8437deb3ec6b10a72e31d77fd95fcaa55b90282b232a1d04a8afdedfc8cd076c43f2eb0e737921cffc87b663a1cfc49a416d1237891f154e9b635ea2af90c614265c33b65aba5785cee1e5568eef90d6a2de28769fda85c889a9dbda339eadfe5977b6da9e4991c5e40c052f7fe4c1d145950ae638a76920901d3bbd5d4a342bb7e9fe1da92486b8af2a901fe7366ac8100463f84e1586ddd424aaf7de8ee9f5e6d8d1e1393bdc946293117dcd448d14d87f21d33027a58fbc3e583d0b93e52868f0e89f387046e1b09a60cfec73f56dfd6db9c5e832c0dce5530359cc67e31e751d755a7baa1a87d8fb36235a86ea631bf54299a4dc5f303ee3827f9825439ce69374402a71ea2d681ffed81f81e01c98a00bf35b82ce8e32beeca2b777613cd136bc726b019bfd8e96f8ec37c033e6e658ffdc71bd23dc0fdec3b5c305670c615521165d80ecb563adf48a14106fd2055b51d039b237bd264b2735af4fced5a520280887a0dc5b3b0d9c5dcc8a70af9e0090da2e0ca79eed6ca388148bbee13d545f092274c831723f500b947998f6a88d897e8b34158025a6121e4104e18d4103464bab2b4dfe3932b1d03abd27af8db3cfddd1886e6929aabfc602921a581a9427b40a63f692a0e413261d23d4ba6fa6186742699cc84e30dc66759cf6802d975add7c5ec24c19a71ef367059610028c42e91a0ed7b94f21f9164c1493bf97fadc23e4b5c8b406d094d35030cdf394aa58101ff14085a7e0d89d32948e97ebfa5fa75ce2ab57a4d645fac5447ccf1464f12f962c6533f797445300a73d11afb9b087e8035064464f318331f97724014a04d35de0ea025ea4861eb62e1cf30ae30e3e3b495a66eefdcb01947af52966cd4c4c33a5a4850a19ec642bd4f7b3a2890e045450dca425a3d04457d926004f4f8be92838c36395d0e1009c5a8dbe53dc44e339e3bae4610bfda00ed1da846b6a7ae62530f3d7a7140de56fe7bb8026438d6d27634e52752fda3fabc36460ed247a5f5b738386afdba17171514e8ca46ec3c18bc9224bf2df50c39ce06406849190a8f2033c9670c39efd8251fb7ce8d36d7b25f6a2394d609ec65ad9286c3fb8ce0c4a894484f25e0ea067365935e47d4a918066d2f01f07b0c41128028b05a4bf48d91cbf91aba8301262a862f2ec8abf6cdab1b33d2f2dbb9ed9ea0b5806f252546447348e48c8cec9a974955db7768b2e44480d52225d7ca6a0974bb59416d76ac00ad78c24db9f8278f6b6c6602240b74dcea2331b030524245ebadd0ba16680c1782ceb82e959944abfe688567066e96915ed2611895bf5110b2d931aa4ac7d9671a0e02f8940acefdda77fa494730286028c2ee44472da70df975a80b71ebb7acf013cbf19b8efca69a5a2b44d2d9cd423a5f6c500e735eb0948f71a2eed4ff6a14948f205fe91c77e6da50acbdc3bd3400175c92294d9baa900882fb7b13f049460cce40c27a05975314300666dd86f411be46806852bc33bf1c8dbfde58dfb1c2e2121fb6d256107a82f235f823ca79b69d838ca9b9718f8b8657e2e74d97bb16a035f284407b36daaa353e21537092cfb3b5fdd9c1ffa76682a080f86aa2085cdb432fafbaf3a2e2f36aff4bd334c6c617c626ad564c7f5c5cb2b5151d7e4b2019aca605606cc626f6a96bc294e8411dc733ab36c8a8dc2e4e8d25a44c4c953174cca97a811242dff387728e2e8c7f0d78fdefb8ad526e4060d4df0e0a6a72b879648d1a89eae679339e48fbc720b577326df8f5d10c8f06af5f1403656d597863ac7a701849078c89bd35e122632b186ab53efa50c63a202d91084b1016cc617a98ad70803c0762927ccbc25d9a353e6d5fbbf4cd264bed51e677ac6c84bf3c7cbc00978f67d12c895379ebe71561d68210072bf0a06c60d2dc0b308743fe331d99cd6c71de91375a039ecaa99cf1debb864feef9ee1dcd9e95b21ef60c04eb0ee9a6d7e035553ab4ca753a10610f276edbce2bf0dd73cba34da6f3d96500cfd0c24937c380d2ae8b255eabd2b8898f030c885ff30f0d7ba765ce9108d96b89f253b097c15fe23209b5e5d89890cd6a539a9473d48a96fe3944e4e93a3f29e7cfb6a7d7e03ccddab662f8da72e744a5fa3994df5cdfc69449eda4a0f7eea3843f6103924a8cfaf78c065582a9f6bc2bd97c3229c1290be0ce23f80dca897d291b535949c95e90a22a76e83873804f9f5fcedfdb178e358d1a9dfea789fa9a48fa6eeb3ae163c09608a6c95179aebf0ea8dcca83f63ffc50ae3c424edb512a0655a26fe038788746c18f99cefdbb54159fbfc30af82c7e99ca458eb2caf2d30e9d0c58b9f4914121fda4fc8f95ea1dc3219f51f98413f461c87498ce09c233f1398e82a082014806cde945cace431b9e436d6bf2a9531c68f66e1c9c439ddf39b50590c8db29d9b7a0e5972201aba91f4fe02d728778c674d29abe507a90fda8bd834a5f67877d8a593890b81df0f541bdf6540e245f992a8d7b880648ce076e52903f053c1306cd3db5a0499938fc7ab7da97cc3b16ab3974b1baa1cf3f3830e882f6c34c1408ff7830b2168a3996e616fb1c069c37af0176f974e292e648b8f3dce969b60e07691b5399b5c83f71ccb6e364cc37706a7fe52caa2ebec32722ab135cd2cd0dcc860de41d74a2066984cb94acc0b67298b4d7c9cab9e5ca2ccebe4d2043470f9f01168617dc4cf021405e58f115e0307e93186551691455269a8f3236d15155407dc532508fd36b98b60140aa8340fe622ae2d919cd1ecc76393800d9ddd14a9a667c8538c639456c8abff4e48ab6e8e7784d62f48d3e1686b808e6c80db7dcb37b4f57c4cec189c86c747bbf3b2cdb4310d8002c6a2d2eb0d603f72e278f06fe144fec276aced24d1a7aeaf03204499ebe330c56b912f4c2fece6862692c2d48a4ff6a8a53429ca99bcb8cf6db4dd30232445d29ec55b411569cced2fc335a1255747fd3f7c9e79c32e298bc36498c924156c00481947bb3a12dca75af493267f6764abf54157aff00aeed3d2e0bc8fe8aaa05e1d80e2f2f84e814de761f5724b32bbff24e3a25597c9d9e1837d17c8ca9af052d91d6d7491bbf4983e279a0c68739d1c6cb07c353cf7749b62d015db5eeaa07713be10d71fe686130e2fbd83523aa7ca8178862e215f8fb1bd20a4fd454bbfb37f3b90c44098708bed91bf81ad52d49f29a775be9b8475ad04c21ac3e7befe825ce80f57af1fb071c313c64e210fa2ddafaad48bd04337ff9d77aab6fe4825c786af89e0bf2100ba3cb5bedf13f93ca2e6854cc1402eefbeaf9d1e2922b3fbdbb04f43035671f05dc5e52bb5d6b6ad51547ed4b05cf5cf0ccf74bcc749fd0fc861cb5d145eec3219df8594049d0070709adca90e66b8bc586b0c5f47beca830fc7e835dabd78395a0793204b866cb5c2c7c119505468ff42b6aadbe58abbca0a2853472ee5d597707de35d8e5a80d38caf5d158a4000f1415cb52e410bbb3e3f0859e2ef60ee2d42c733acdd3b3c2c78c23424a923d831521e765849d0cfd75268dd1a5319053193e62d19950fadad3d784f3ea5c9252781e9f099a9b234a7ea306ef9df668ea7e2c21a17229f3be4068093a29bb7c42958a6d2fae9fc4ea13eaf9b72371f5151d5dcb121501dc79cb12a1a05528cbf6f4966ab443664ea288476c8edb841ce9a6f992c6856dd172f47c7c8ebcacb9d2de40f939a5dc356b973f3266ae2109c67b185bfe39e0b48bf85744eef2ebc0d9c353a241e80e7cec5db02c929d8fa4d3fe2ea2de0ea97b4732843f0b3ce977648a60fe5c34470cb3e548723032fba21552e05ec4b013dd1b80a87c7cc0b5d0e615bd415ad81a3c6801ca6f6194f9d1ca84b35f0dcaea9706633815f09d2f94ec2ff2283c29488dc9b4af8a4271cf8a52618b413e8a47b8ccefc360b33b21cf3e7b510fdf6e32fff00865be6c4cf60bebe65a984fd021c5050149bada336d6db2a0ab3d8f5760d40b2f8c4906ac1813ed7388764564d24a41823b736c99397ae020ef581af669cdd7b1cedbbde46ebfc4a5cdb262cf2883889512beb86883cb67c9f32b4ef5014db998c30d7209ae97b0ff0f7d6e1bb6c6534681dc7b23a26489b05292f76e2e731104534fe2faf4fbdc7d9ebf80432792471ab614f8b6a07e90cee800957029d928f237787f4094088d30d8b3a9b9afb1d1d92d25cd36024892d25a3c2b395ff4c991ad5e5db2bf88f2840e069194b8214361af94f0480075975135895379b782d7f2e1cb63ac74b32a9ca9242cf49013e9e620b11f57c84f7e7ddc290f9725f4697f74f7e391887b46364996e8c5063038cb0e4707104d052ff1b1bd7c609be5a8f586e7e9c0324031df13e60b531b33ab8752ce93a8d9ab291f5afe0ad261cfcf78100d189e399c842e83b0e16be14491bf46b2b61a86c127e344d75cfde262f23b9bf25caed17e4993fb949d68f8bf9e21a1fd272d75e13d4b6c3f2bfde090ea4e30490ffd18b771d78b74a8094aa83e33b603a51bb6fbf062e84302e681ca2a8e7734f07cc38a159a51ae95f341acdd957eb6251bfa76d6ce2a125975ef1b49011b83c3ee4fc8c3bb2e58661bfddbed20e69c513983894c56365ffe9011947f039e42228ffcd473c5f41387fce4feb55c21ecf85d23d93d9b8af56863f153f9226860f41af9dda26edc90e92364318501ebe1c899627e90f387947ef3016e42032a6fdbf0f21789e350bf8856f79258e11b877509552e6023f7501f53e0d4e84b11954063233c1cb4609978429b3ebf82e8c3483a6d6807d53e632f146be14d076da2ffbc1662b7827b94b77ec2e7743be67635ca1c841ef4d17afbfe4cf3ef2a7ab8994f416364c5c1a1940e48322315b19cd24977f8e8512f966b01c72259fd0f63f813cb8ba1ce155b122b7a1a6f4d4d2fad74483b5418b5a0a397310b4590a2f0bfd3a3bb75e64b883e104c3251daed96a76652c989164e25b6948f1ed04060d99756355006db15c693263268bf35188708d2fe8d935bc68983b1d60df0ecd"}]}, 0x10c4}, 0x1, 0x0, 0x0, 0x24004005}, 0x20000010)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) (async)
connect$inet6(r3, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c) (async)
getsockopt$inet6_mreq(r3, 0x29, 0x1, 0x0, &(0x7f0000000300)) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r5=>0x0})
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r2, r5, 0x25, 0x4}, 0x14)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r6, 0x0, 0x0}, 0x10)

14.17393742s ago: executing program 4 (id=1563):
r0 = syz_open_dev$radio(&(0x7f0000000100), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f00000000c0)={0x0, 0x1, 0xfffffffa, 0x1000, 0x5, 0x100059a, 0xbfc4bb97dfede4bd})
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f0000000b40)={0x0, 0xfe188532045f82fa, &(0x7f0000000b00)={&(0x7f0000000080)={0x28, r3, 0x1, 0x70bd27, 0x25dfdb7f, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'a\x00'}, @NL80211_ATTR_REG_RULES={0xc}]}, 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x14048000)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
sendto$packet(r1, &(0x7f0000000080)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0xfffffffffffffee7, 0x40001, &(0x7f0000000040)={0x11, 0xe4, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14)

14.103465808s ago: executing program 1 (id=1565):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x106, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1000, 0x85}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, &(0x7f0000000980)=""/103, 0x0, &(0x7f0000000600), 0x80, r3, 0x0, 0x7}, 0x38)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
getsockname$packet(r4, 0x0, &(0x7f00000006c0))
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180), 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0300000000000000000007000000f8ff010073797a300000000034000000090a010400000000000000000700a73dcb1f020073797a31000000000900010073797a30000000000800054000000006440000001e0a05010000000000000000070000000900020073797a31000000000900010073797a30000000001800038014000080100001800a000100fefe807eb37b0000140000001000010000000000000000000084000a"], 0xc0}}, 0x0)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000080)={r5, 0x58, &(0x7f0000000300)}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x110, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = socket$inet6(0xa, 0x1, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_PUBL_GET(r8, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)={0x20, 0x0, 0x341, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x2400c090}, 0x14)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r7, 0x0)
pread64(r3, &(0x7f0000000380)=""/89, 0x59, 0x7fffffff)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000f59000/0x2000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff81, 0x1, 0x0, 0xfffffffffffffe27}, &(0x7f0000000800)=0x40)

14.103338729s ago: executing program 4 (id=1566):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)

14.102989852s ago: executing program 4 (id=1567):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file4\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4)

94.515533ms ago: executing program 4 (id=1568):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f00000001c0)={0x9, [0xb, 0x5], 0x5}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeec, 0x8931, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xe, "fe4042c317ae82c6d1a51a1e45a7"}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r6)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r7, 0x8910, &(0x7f0000000000)={'macsec0\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r7, 0x8949, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000180)={0x3, 0x98f904, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r9, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setitimer(0x2, 0x0, 0x0)
setsockopt$MRT_ADD_VIF(r9, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @empty}, 0x10)

94.324812ms ago: executing program 5 (id=1569):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000000)=0x8a)
ioctl$TCXONC(r0, 0x4b3a, 0x0)

93.981428ms ago: executing program 5 (id=1570):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x20880, 0x0)
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x3}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x7}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x5}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x4}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x6}]}]}, 0x38}}, 0x4000000)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x50, 0x20, 0xff}, {0x6}]}, 0x8)
r5 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
getrandom(0x0, 0x0, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000700)={@pptp={0x18, 0x2, {0x0, @private=0xa010101}}, {&(0x7f0000000280)=""/191, 0xbf}, &(0x7f0000000180)}, 0xa0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
write(r5, &(0x7f0000000000)="3c00000043001f001307f4f9002304000a04d65f0800080000000002170003800500000099db3500b0406700000000548593223487ee891c0ebf0798", 0x3c)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x284, 0xffffff7a, 0xffffffff, 0x284, 0xffffffff, 0x7fffffe, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xffffff00, 'veth1\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x41}, 0x6, 0x130, 0x190, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "e4ff0100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9eb85f401b0000000000ffffff7f00", 0x7d}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x3, 0x0, 0x7, 0x7, 0x4, 0x1], 0x1, 0x8}, {0x0, [0x6, 0x1, 0x5, 0x0, 0x0, 0x2], 0x4, 0x1}}}}, {{@ip={@multicast2, @multicast1, 0xff000000, 0xffffffff, 'ipvlan0\x00', 'wlan1\x00', {}, {0xff}, 0x8, 0x3, 0x62}, 0x0, 0x94, 0xf4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x4}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x5, 0x0, 0x0, 0x1]}, {0x0, [], 0x0, 0x1}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x374)

89.399297ms ago: executing program 5 (id=1571):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xffbe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
unshare(0x6a040380)
openat$tun(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x304e, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)

71.897641ms ago: executing program 4 (id=1572):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a"], 0x7c}}, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000380))
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, <r4=>0x0}, &(0x7f0000000280)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0b0000001f0000000200b1d78bad1549d6ade55bc700c50000a2bf000001000000", @ANYRES32, @ANYBLOB='\b\x00'/20, @ANYRES32=r4, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500"], 0x74}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x50, r7, 0x1, 0x4, 0x1, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

71.126204ms ago: executing program 5 (id=1573):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/notes', 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x24, r2, 0x1, 0x50bd26, 0x25dfdbf8, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r1}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x20044040}, 0x24008004)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0)
ioctl$KVM_CREATE_DEVICE(r6, 0xc00caee0, &(0x7f0000000100)={0x4})
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000001500)={0x1c, r3, 0x1, 0x70bd07, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x64}, @void, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000a0}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0x3)

70.828953ms ago: executing program 1 (id=1574):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/notes', 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x24, r2, 0x1, 0x50bd26, 0x25dfdbf8, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r1}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x20044040}, 0x24008004)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc00caee0, &(0x7f0000000100)={0x4})

70.401791ms ago: executing program 5 (id=1575):
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_coalesce={0xf, 0x40000004, 0x7, 0x6, 0x7, 0x10, 0x9, 0x400, 0x81, 0x3, 0x101, 0x80000000, 0x3, 0x8000, 0x3, 0x3, 0x9, 0x8000807, 0x2, 0x9, 0xb, 0x6}})
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x81, "566000004004d1c42317af0900001051000000000800000100", <r2=>0xffffffffffffffff})
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r4, <r5=>0xffffffffffffffff})
r6 = socket$inet6(0xa, 0x1, 0x0)
r7 = dup2(r6, r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'})
ioctl$sock_inet6_SIOCDELRT(r7, 0x890c, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000180)={0xd5})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f0000000000)={"601339aa869b3c3d98fb24d90436a7576fd3224a41055a32a64734051375e22c", r2})

54.934793ms ago: executing program 5 (id=1576):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0x3ff, @loopback}, 0x1c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d47c"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000200)={0x10, 0x0, &(0x7f0000000000)=[@request_death], 0x0, 0x1000000, 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f0000000480)={0x2020}, 0x2020)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0xffffffffffffff66, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/18, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r6 = syz_io_uring_setup(0x68e, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x80, 0x1d4, 0x0, r2}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000080)='/dev/usbmon#\x00')
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r9, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x122)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x40, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000c80)='|', 0x1, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000a00)={0x0, 0x1}, 0x8)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x34000}], 0x1)
socket$kcm(0x10, 0x2, 0x0)
io_uring_setup(0x7fc0, &(0x7f0000000000)={0x0, 0x7, 0x40})

54.674653ms ago: executing program 1 (id=1577):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x4004810)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@v2={0x2000000, [{0x8000, 0x8}, {0x40000, 0xfffffffe}]}, 0x14, 0x1)
socket$inet6(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x35dc00, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x4000000)
read$FUSE(r1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0xffe, 0x3, 0x1000, 0x3a, 0x0, 0x0, 0x7}, 0x75)
r5 = dup2(r4, r4)
read$FUSE(r5, &(0x7f00000063c0)={0x2020}, 0x2020)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\b\x00'/28], 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x1c, &(0x7f00000003c0)=ANY=[@ANYBLOB="1808000000000000000000000010000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000300000bca900000000000035090100000000009500500000000006b702000000000000739af0ff00000000b5090200a3b00000b4aaf0fff10000002f8900000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018220000000000000000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf98e4189dd2b4db05176f7a2902260000000000003608fffff3ffffff85000000078cbf00b700"/73], &(0x7f0000000980)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000f80)=@newtaction={0x88c, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x4, 0x6, 0xeb, 0x7fffffff, 0x6, 0x0, 0x0, 0x8000, 0x10001, 0x10b, 0x9, 0x9ec, 0x200, 0x1, 0xffff, 0x6, 0x4, 0x9, 0x6, 0x70000000, 0x5, 0x37, 0x7fff, 0xfc8, 0x4, 0x8000, 0x9, 0x6b4, 0x4000000, 0xd2c, 0x8, 0x0, 0x1ff, 0x62, 0x0, 0x3, 0x100, 0x0, 0x9d, 0x10001, 0xffffffff, 0x5e1e, 0xaa9, 0xd33c000, 0xffffffff, 0xffffffcf, 0x9, 0x5, 0x8, 0x4, 0x0, 0x1, 0xc9cf, 0x6f, 0x4, 0x5, 0x3, 0x7, 0x7, 0xffffffff, 0x3, 0x4, 0x80000001, 0x4, 0xfffffffc, 0x3, 0x8, 0x401, 0x7, 0x8, 0x8, 0x8001, 0x401, 0xc693, 0x1, 0x2, 0x80000000, 0xe, 0x0, 0x247, 0x7, 0x200, 0x0, 0x8, 0x8e, 0x7, 0x20000000, 0x10001, 0x40, 0x4, 0x0, 0xe68, 0x1, 0x8000001, 0x1, 0x0, 0xffff, 0x8, 0x6, 0xa8, 0x9, 0x633, 0x5, 0x4, 0x2, 0x7, 0x1ff, 0x2, 0x1, 0x8, 0x2, 0xfffff109, 0x7fff, 0x8, 0x5, 0x48d, 0x9, 0x2, 0x1, 0x9, 0xfffffffe, 0x9, 0x3, 0x80000000, 0x2, 0x3, 0x7f, 0x6, 0x0, 0x5, 0x8, 0x4, 0x0, 0x4, 0xfffffffe, 0x3, 0x7fff, 0x2, 0x2, 0x8, 0x200, 0x2, 0xd1e, 0x6, 0x80000000, 0xd, 0xacc1, 0xb, 0x2, 0x6, 0x9, 0x1, 0x0, 0x7, 0x800, 0x80000000, 0x6, 0x3, 0x7fffffff, 0xfffffffd, 0x9, 0x9, 0x200, 0xc, 0xfff, 0x2, 0x8, 0x9, 0x7, 0xb, 0x7, 0x0, 0x5, 0x7ff, 0x5, 0x8, 0x4, 0x5, 0x4, 0x4, 0x5, 0x4, 0x3, 0x6, 0xbc59, 0x3, 0xd53, 0x3ff, 0x1, 0x1, 0x1000, 0x0, 0x5, 0x8001, 0x8, 0x4, 0x4, 0x4, 0x0, 0x401, 0x7f, 0x574, 0x0, 0x1ff, 0x51343c33, 0x1ff, 0x3, 0x6, 0x401, 0x5, 0xffffffc0, 0x1, 0x1, 0x7ff, 0x2c09, 0x8, 0x0, 0x8, 0x1, 0x2, 0x4, 0x3, 0x401, 0x2, 0x7, 0xfffffffa, 0x2, 0xff, 0xfff, 0x0, 0x2, 0x1000, 0x80, 0x5, 0x2, 0xb6c, 0x0, 0x7, 0x5, 0x2, 0xccd9, 0x6, 0x8, 0x0, 0x160e, 0xfffffffb, 0x4d2e, 0x8001, 0x2, 0xfffffffd, 0x1, 0x9, 0xe845, 0x7, 0x5, 0x2]}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0xa71f, 0x3, 0x8, 0x8001, 0xe, 0x9, 0x7, 0x2, 0x7af, 0xfffffff4, 0x5, 0x1ff, 0x8, 0xda, 0x8, 0x7, 0xaeb43200, 0x0, 0x6, 0x0, 0x2, 0x8, 0x9, 0xffffffff, 0x916, 0x8000, 0x6, 0x9, 0x5, 0x0, 0x3, 0x4d74, 0x7, 0x6, 0x7, 0x7fffffff, 0x9, 0x9, 0x9, 0xfffffffc, 0x8, 0x80000001, 0x7, 0xffffff7b, 0x5, 0x81, 0x2, 0xffffffff, 0x9, 0x0, 0x3, 0x1000, 0x4, 0x0, 0x8, 0x8, 0xd, 0x4, 0xc, 0x4, 0x101, 0x1ff, 0xc, 0x0, 0x6, 0x2, 0x4, 0x3ff, 0x80000001, 0x401, 0x9, 0x0, 0x7fff, 0x7, 0xec, 0x3ff, 0x8, 0xf, 0x3, 0xb, 0x4, 0x5, 0x2, 0x7, 0x1, 0x10, 0x9, 0x6, 0x0, 0x27, 0x1002, 0x2, 0xffffffff, 0x0, 0x6, 0x9, 0x9e4a, 0xf, 0x26, 0x68a4, 0x6, 0x401, 0x10001, 0x4, 0x3cd, 0x1000, 0x3, 0x2, 0xe, 0x0, 0x7fda, 0x40000, 0xb299, 0x7, 0x14000000, 0x4c8, 0x5, 0x3, 0xea, 0x1, 0x5, 0x3, 0x3, 0x7, 0xb8, 0x8f, 0x4, 0x3, 0x4, 0x3, 0xc2, 0xfffeffff, 0x2, 0x2, 0x8, 0x5, 0xfed, 0x2, 0x10001, 0x4aa, 0x6, 0x9, 0x2, 0x10000000, 0x7, 0xffffff0a, 0x3, 0x7, 0x8001, 0xce, 0x30, 0x4, 0x0, 0x0, 0x1000, 0x1, 0x10, 0x1, 0x10001, 0x689, 0x0, 0x9, 0x7, 0x8, 0xb, 0x9, 0xe2cf, 0x2, 0xa, 0xff, 0x1, 0x4, 0x4, 0x1ff, 0xffff542b, 0x0, 0x1, 0x8, 0xc394, 0xffffffff, 0x4d6, 0x8000, 0x5, 0xdbdb, 0x9, 0x9, 0x7fffffff, 0x2, 0x3, 0xdd, 0x4, 0x4, 0x9, 0x1, 0x1, 0x7, 0xd4, 0x7, 0x6, 0x7fffffff, 0x4, 0x4, 0x9, 0xb9, 0x5, 0x2, 0x4, 0xfff, 0x0, 0x1285, 0xbdf, 0x5558, 0xfffffff7, 0x4, 0x5, 0x9, 0xfcca, 0x20004000, 0x80000001, 0x5, 0x1, 0x9, 0x8, 0x9, 0x0, 0xf1b3, 0x4af2, 0x101, 0x4, 0x1, 0x96, 0x8001, 0xc6, 0xa321, 0x1, 0x59115142, 0x400, 0x2, 0x3, 0xfff, 0x1, 0x7, 0x5, 0xff, 0x5, 0x5, 0x7, 0x8, 0x5, 0xa2af, 0x6, 0x1, 0x0, 0x6, 0x800]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0xffffffffffffffff, 0x30a7, 0x2, 0x2, {0x2, 0x0, 0x4, 0x5, 0x1, 0x7}, {0x3, 0x0, 0x6, 0x1, 0x5201, 0x7}, 0x80000001, 0x2, 0x2}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88c}}, 0x20000000)

54.489283ms ago: executing program 4 (id=1578):
syz_open_dev$usbfs(&(0x7f00000000c0), 0x1, 0x92082)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x4, &(0x7f0000001a00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@alu={0x7, 0x0, 0x9, 0x0, 0x0, 0x1}]}, &(0x7f0000001a40)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c100000000100224e0000", 0x58}], 0x1)
r5 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r5, &(0x7f0000000980)={0x2020}, 0x2020)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000800010001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'macvlan0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$inet6(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000440)="c4b8db26d3f810dcf3337439142025ea3d0be134aa4881372a22a2c1ee92ebf39904c6983ddda87efe0e09eeae4b7f8479c1fc1902864cd410725b1086a9f85ec465d0471d396e326afeb54e9a6880df27639d81aa3c221f6db2622c252a1e0c1b1ad8b00dcb5ef538472588e2bcdc6e84a76c41be495f50d3fb4c7d2409086d72e6164dc7c96bb3ea4d6f5aae199932869efd47cac57330979f", 0x9a}, {&(0x7f00000029c0)="199179a0f8fd00cb6ebeb52eba00e4802b530cef9e2aca5800faab0962efccaa61808c44be8f6b1cb7b1d397e133cb678e30c9458af61a166d0f47c41743655fb1ed7bfa355fcffa9f0feb9c17adabe0714d919304b7020d97e9b9ad5601db4c3901bc134ad1706d3a5e69eb28a0115811f67642a7193e378362d15998def7407f67700fd91577ec51f8bde7639929cbfe6a6a790092754274f353038596ac3fce09ba9540ca8bd22d9d85d2f088175e9f9bf6884191d99b6960eaf7de70499271d33b4e57bfecd864871da9a8f3238115e5aa5c7f773f7d327ac4b06320058ba4c8631ad8ef4a6b7a8353c389834ab679879ac3bf5b0f5a8820a592ef83ad6dd0f33446f051589fadb324d4c3464e187b77d2a4c0b16371e7696b7959963b7ba6342c49be8b0dd488e6fb6ff5235883c0aeaba23f1f090376b9ed24791c97d297f5521212b8472c4c4ea60269b3e21bea4a705c882ca831a4e4a235c22d3c7d4f6a4adb6a81e74c9cd7134e8962f9a0e80bb967717e69caa75bf6d9e8d20885b92fb658ec05419c0189d9cbefca46cc240ef5d782b516ae9e624c689d361b3019918030e36645c0b7ddbb38b3495703522b23533802e08441f18b3c4be15368503960af636864d1ab45541d6b178569b85c11472f8b6a355a9cb1404b6ae2b56c097eaf2318b41d26b079d2b952ce500a29412517f1f2d0b74e93c61f9a09f4aed84cff94077949c8ba8aa4473d1e15eeaf1b98e371fb94c2cc21d637f06c78368892ec7c70be2fcfdca2b29ee179f75815b8d4b5004a5734d9baf6bc7248628b2e2192b88ce6d36e29a33a94d3cbb16cc97bf11059820ca07ce5452687ddfcac64ea685989f716f059125d36a6ad68d15c59e80635dae84648e0763d550c5a21744f77f6dd9b217b7bf2d70db33997b68374404e071caeac484ef00e5529f7ba9f082b3651b0b5bd89fe631649178d7dab2485e8e673dda9718b11398f9590050f3e6e25a8701be2abddb3dc5c39645ec77c07c8a29fe8347d9fecfc635704d1296bea5ca777bc2d178315d97536e01fd7827f41995b28117ab3ff6866929c5ac5be82efa2c3206e3c21844f36f8a98fa5618d906da2e2aab2b2691491d08fe92afe7258d04a601cdf76c9ca5a72825ee0e51263bcedf0a9948d05d3a36d1ec0bc3090c3ff6bc4db889c447a0728c2ea26f1e1eec8e66ef314bc92bd41419ba5a0106c4268f92fc0c451a98c759f58737f08aa19bcfade805bd26cf47121549cfda61874130963cf41b7d69a95d8cc09cd178e9600e111da69a06cf4a486d18c099586f9963368fd524ab7a4f17014422afc9157de82549a60bec09053c667f7c8878e07d0320fb4bdc0147333307e9cbe76b0ec8e731877d985c685e5e2f293151f690d093ea0710d488fb6422f7c12c700ee9f7255161f797f214cf5a54f72a00866e587591205ccb26749c069e5c77e18f784d0270512f9796d65a29f49e3f054c4f6f53f4e28fed01d8099fb88ebfa712efec205a4fcce20c134ad0fdf8bdc8f092a18d914a123664657a2f4784702e14882b6d023136e4fbcdf84fbd79b362686e86712ae297eb804d0db57304bc038f4dd3efdbbfce19b8899f8eed5e1056c851ad7ebcabb220e714d6d697a6a55d25c18bf6a3e3c89387449e3f864fa2b5fd01a7dd44f3b7ea3343fbf56f29a08fba6df7ca2d4e5e398713f81ed1d792c92551a4ff573aeadbef4663ebb97c450b18dc3e1b878589533fd69808d51f3eb366d8e87b0ef9369b0927abf7c997508556e7029b8eae8c0fe57e4df3ae91b1bf237404f28129f1ddd956a638223fb9626f04c5864028490deecf6df516ff406ec3da0f5ec09b1efad55c99e07fe1060f81c6795dd73cbc8eacc81d89eccb257e5ced5767f32bc80e3f9376a8e2fb60e5cd1a28540ea8e5522cfacea3e4f3d0684d1eb46d63e5f34f39ef3d72e8b7dfcc4b7f48b49bc61dbe7cc95a06b405a493291c4289e1a9b72ab66e20c7a4cb6c617d04108c8955e4827e115bb8b29369be5955b848345c6d9ceb37b72a5e28aec0c4d9801ecc763f7116175815bfb93ab743e0ed9ab6299368c24e6dfda609c81d7ac12152d75ce8119b266889358956a6925a0cd4587ba0f6cce93424c971e0a7acd6e6f998b5834d5a537009009a30b8e4e04a491b53d3377a24854f47c1417ad4a16c3a4c2735ede6ee831ca7aeb82252dc07e6819c044a4521f265dee2e6ab7d8cc130d63e236b5333bac919b1330c90525a5364f801457a10fb054b094b34685412a8c9eac3ca22feedcba00d0be744158fb9846b640bc6c9016cf06cd55fd09a2124ce838d9a258419221127bd1c1baac33d972bb31f968669129573bcb783153c9cc9be8bb34df14f2eb062946d041e81a1d69b9c58f7f830a33d22b18e3674c2ca796b41595ad3876494018b073f5b4aab015461cfce13cccb1a7bbcb9f527c0c94a84435bf261dd5b4bb660907f284fee0e998ddf36720cf02fead67c681e40b0b8110f384b5b18ba647c27eda954a42bfd409fc6815658df32b119eb16ecaa7787798d5a4b72336716da9a76dc7990c36536f315344ada4c88eca9c0fe90f78f7c0aff4420ed2ad7850da64d845607c03a1cd93c930f2b74507a3689e3a2edd901f0f7f6c3b81499a70cc86ea86d5693d2cbc8ad10d927100b697f6aec09abcfe1cd7952cb24be185c30db9939dff8f1bfdd7e52e6bf74890327273ed28508aa7a53aa6fe7a40045ddbaf21994da7d3fb881bccb46b4aa221a115861772c72905abbedc943b69c25970d9b0eaceae226b07cba8b488856601c63ddc686780fe6711f12ee89282a80d0bf0ee5c637a1b262f1bef9ba13298216b827dd948fa4c943f31c0bf0822acf8399a93fd22066851d25bdea6ff27576d3133cfcb7396370a23cb1b5dde96c08886d686ddc047760912ae25fa8b96fd960eef80537fddc68205d588e4b9cd41fd5df833c2afb75400b2d01bc2d5501e44965b543146b5f9085bd6a339003083c0e81231b7a3dfc093ce528721b58f75c6af8879d001497a2bb08a9af8ba3e5debeb38bd246f3f03d6be617ce74cd9a9cfb42ec4925fb10cf3fe348d18691888e4a3623c7813ce86da28ba91470d2b95b5f18ef5a6da773472a8c4befba34805a3f16089c7706e5f6fbcec7a48245239c927c6d6b98ce0fa0aa4e06d00f61aa6797d98fe96149b5a702243ea964f23abff49d6681fb02d47b60feb4fcfaf931e9f4bb152bfc26317b64d04c13f4212567f24517efb494faeff05e8f08cde76719886e2a6c4801e474d503fc8fd9aab4768445275d959cddb1f4e476d4c18604bb9fc17f672d77dbdaf1ae2c8ef0488d040aac5bfb5a7bbc2d611a554d07461f765071435ea7c8874cd11573eb89e8e24afd287c49f824a58382ba4f73e45eb01e36f56f541690d80ce9be1dedfa65f07ebb68847a633e837c385b2a38ab9f951faa918060af3dcb4aec092febd0b215e90870c0177a7f15fa6e9a726cdc856c6058278797b7c44b5602e3296cb8e1448bb3ae80f4a622d6c7c4751192d9406d8fcd6e05a73b81cfcf8e2890fd9f83fabd8ebf08626e79e4300aac84164d7548187ae6a70b6c78429d0d2dba0bb1a52b5bfb4d1c9c587eb68c3742998fda9056cc758d43b4ca96bbab5caad9c7911457838d5624a0e457e85593e7e285a7f42b8525833afd95374f30b3a3de20e7fb182b63c7af13f6c2411fce1daa1d112b08109da3dc2e1bc100c9531f04c54f7ccce2999d6e0a881b49297992db51c4f5f16aa86596485e7f9546ae6519f83d543820fd3efa9741e309085a323c598ace85c65e4ea4bf75e88e8e994a17578dbd83de855fe4a4cbfece4108464cbfeee8fe247a2b9c4a45668842df971c9dc5d3e1d758efc497ac5f66f66ebc82b5109ec0034f4f80c7e8a65032bddc33865063dd68c2a9b73b924c50ffb2c6fa279f181234f3b286999f46d796bba3b0f4e906d0a7316a4114b2efcf6d19490d643041ff5a7203e993933e65b24afef72bd4fe2ce938e2e8dc82da3755f9638ae9294b7bef5d0d3f95faaa0eea79c2815777d2b420229c15360069b2b03f78a0c92a29d50ce688f3ab3a284da5e00a21ae4e3682fa55a59380b306a0f117d227c2bca6964540b409a60c6c801e3d6612a4fc796c75bfcfc32be52c218a2b1539db8e320fd7f26c96181f1dce0aa676c13ca207c29072aa3a0f3b2215ff98fe971e9d9d33e44fc8be8c6d534baf667c31d698c123eb4ce675946eeafa0b0d2f0b00ec75e228ccb833db28845c40a48caa7d2b110d7b6bd3b9f4066c12989dd804df15e58387fa430a66696d974d08d2a2dad9a5011aa5c3ca0118a53146213e108d8a556738ceb8f208d8fe35c25032b5b65584cdb308f2f88fb66a062a275c91c06c327dfa574e8a246e42a9b58e8a511a7d13f8faae656fae0feeda09970de8dedccfeb2f16d9a781ae42f6bfdde974527e5575d049f3154c19f0a484e88999fc4ea4f30877996a5e277eb1fd9bf199c8d7042a13ab7564ee0de4c213f62ffbcaa9180e9208eacd5863346ce52df94611c6966d739f91708cea503d9c285093d267ba2860445ec845c03beb691eadb3d69b5a8fcd71bdd33697a68cc54231cdf6cc8a3bcc40d33ec403f4219860171748551496df57c74f75ce318ca682e0e6254ba0d76bca00933fdc94faabd2a52f929ca9c408d7eee7d66537ae9f93559291b3c7c97b46320e0f7790e810dd4dcbd6517c2cb0189350ae584ff4948ed2f7d65515981cf299bad126169cb3f66ae2e234499b40941e7a2c70cf426c8c78b1e0328f48fcbd350f0ee4e77585bd4802d1d5ad672c9957ee6a617db00008db5db4946dbfe7d42396b87a7fa2ef83dfb57efa6b9e3beb6075ed385ed4ab5116eac30442f38710eb0b5f880cdf4bd68787739d5d48213e1e10cdc215e49c5dcec2704b9b9343fc834cbaa537f62da659fed218faa47e15d7df8b5c612d033b3660708d21afd0817b53dfa327c4ca3b64e6ca7038fffb9c140f13f0358e5cbd99f2958a64fc994bfddf5e939c3c332d442d883d0e315a06040fce51e284939a69b3cd2fc08e13c1967b5539a0d7151bc52c2b62d7b31651bbd67cfa619be53fe84ea85c4394f9684c7e7932b480a911295012e75290f3f0bc8dc14d38af2a8c0b3a08d7b7c19593ae74e38a080c5b3f3f538b953399feb0773617a4262da6b3cdd59d274cd635d58b50c75897400042ce81a3496220c8eaccb34d1270a9da4c15a011a17865e57a6584e43fe2145325b23157e70d4d91fc80890b3e52066649cf565433888c5f0ad59fcf10b8d5b285d22130c5b17bed4701cf56ab59bcdeb740563d771bf32c17702606fa0e6eb904d4ff3774a7455b45f65951b4653bbaea272f8fd28edaf8d6597c72485d1aac45f3bbc92be7d88c3acc8ac9aed1286483b1268532557e75a8de59cffa4d4b93315e305f27bf9dffc194cd030bb6662956e9cbf8b5aea403f9808fda711c0a0c0c4720a3ccf322fcb0b7c24cbabf6b0399f75e9bb3cece6af483ec5a5647e471cfbb9dd6a2abb0a9847b84ea1b38979fa0d1c107536eaed030ce76ada89c370ae47fa4370953fceed92639b9075d3bcee33a94d6c8d17f135295ade963bf34a0352ef7d46b4cb8fa03e481f5a3724e90dbd7a273d72ff9fad6fb8f7df2b3e7c3be4c913bf1aaa515b6e930013cc0c8de8dd396b5ae85a94010ddba49d65e4940be6cbf40a90547de8c9d5d6e65cea9cfdfef98038a783e56365", 0x1000}, {&(0x7f0000000500)="e93a11232619abcdd1ab01916f7173e982cf9787b1", 0x15}, {&(0x7f0000000540)="4cf2bc50f77773001a4fecebe82934f7fe6d3844d8859a631175086d991cebd80c7901f7b2574703ac070918e3da44c31b59a401808a4700fff68b795fedcab08b98c6eea901655d8f6e28857b78f8ba9f518c46f04424e3cdadb8edb8388cd9720bf824fffd0be8af24da364cd0d33ef0675009c073", 0x76}, {&(0x7f00000005c0)="47176e33327f07aae5d653b47af6c7d88065cf8434d7c3969c57fcfd066fb1202e9b0ab7f37df8c3ce24ca878d80bfdbfcd8dd02f6337b7712eba720d0333a4105a9b9183d9b878d7e08aa117a098a87cd11b9d1f86d017cf4e841cc42adcca803885565e8e60c90efab23411819d507a11df7211477f00d80a2ae6cf6c843364f9fad198c5ce456979baeeb6b627f76def7f5a9c5949b8d0ac72d6dede2289ce73a60f04b00a5b6302faf4738f43b49fd0555bc8d94364c612e605d48738e5768b6ac8adcd86cb0cbe6099847afcdd2a9bbebb51c80892d145b73b6569c527015b76497e4cb1d1287ab192b8d43c9b786e1cdd1", 0xf4}, {&(0x7f00000006c0)="d352081270d02e", 0x7}, {&(0x7f0000000740)="ba48d30b5b2d2930a7e911bd1ac8d19408", 0x11}], 0x7, &(0x7f00000039c0)=[@rthdrdstopts={{0xa4, 0x29, 0x37, {0xc, 0x11, '\x00', [@generic={0x40, 0x6e, "f014af7c4c9f3bc2abd330674b97c4945da7b3ce666c82d52e334855f6e5fa136b6a666515f78e8babbcfeb1b3f1b35cae31c75c6b9b0dac0a7f5d44bb44631f65fa196e29129baad8e8bff206db45e22f9ad7208fea6b617250f9f1afdb724852eaf0ad2d116664d5f482b38a84"}, @hao={0xc9, 0x10, @private2}, @ra={0x5, 0x2, 0x5}, @enc_lim={0x4, 0x1, 0x7}]}}}, @dontfrag={{0x10, 0x29, 0x3e, 0x7}}, @flowinfo={{0x10, 0x29, 0xb, 0x8}}, @rthdr={{0xa4, 0x29, 0x39, {0x7, 0x12, 0x2, 0x4, 0x0, [@mcast2, @mcast2, @loopback, @mcast1, @private1, @empty, @mcast2, @local, @private0={0xfc, 0x0, '\x00', 0x1}]}}}], 0x168}, 0x40000)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="8400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000100005800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r8, @ANYBLOB="08000a00fb"], 0x84}}, 0x20008040)
mount(&(0x7f0000000140)=@sg0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='ubifs\x00', 0x2208004, 0x0)

54.358285ms ago: executing program 6 (id=1579):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x101180, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x0, 0x25dfdbfd, {}, [{0x90, 0x1, [@m_ct={0x44, 0x102, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x48, 0x1, 0x4, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x7}, @NFULA_CFG_FLAGS={0x6}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x4}, @NFULA_CFG_MODE={0xa, 0x2, {0x2348, 0x2}}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0xe1}, @NFULA_CFG_CMD={0x5, 0x1, 0x3}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000)
syz_usbip_server_init(0x6)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r6, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000180)="b9ff0307686fa2f99dbf89396268", 0x0, 0x4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
setsockopt$packet_drop_memb(r5, 0x107, 0x2, &(0x7f0000000580)={0x0, 0x1, 0x6, @random="08dd33878075"}, 0x10)
landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000071000040000000000680"])
capset(&(0x7f00000004c0)={0x20080522}, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r0, 0xc0040d07, &(0x7f0000000040)=0x121)

0s ago: executing program 1 (id=1580):
fanotify_init(0x10, 0x1000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x7, 0xd, 0x5, 0x1, 0x6}, 0x0)
sendmsg$unix(r0, 0x0, 0x4000880)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6, 0x0, r2}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
execve(&(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000780))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$CDROMREADAUDIO(r8, 0x2284, &(0x7f0000000180)={@lba=0x101, 0x1, 0x0, 0x0})
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000480)=@arm64={0x67, 0x1, 0x1a, '\x00', 0x3ff})
ioctl$KVM_GET_SREGS(r9, 0x8138ae83, &(0x7f0000000ac0))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x47f6, 0x0, 0x4, 0x0, 0x0)

kernel console output (not intermixed with test programs):

T53] usb 48-1: SetAddress Request (2) to port 0
[  314.717965][   T53] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  315.142899][ T9470] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.275840][ T9451] vhci_hcd: connection reset by peer
[  315.277937][   T12] vhci_hcd: stop threads
[  315.279609][   T12] vhci_hcd: release socket
[  315.281435][   T12] vhci_hcd: disconnect device
[  316.640731][ T9488] overlayfs: conflicting lowerdir path
[  316.973776][ T9508] netlink: 72 bytes leftover after parsing attributes in process `syz.5.942'.
[  316.985353][ T9505] overlayfs: failed to clone upperpath
[  317.082575][ T9511] IPVS: Error connecting to the multicast addr
[  317.212502][ T9515] binder: 9514:9515 unknown command 4294967282
[  317.215973][ T9515] binder: 9514:9515 ioctl c0306201 80001040 returned -22
[  318.644389][ T9531] netlink: 12 bytes leftover after parsing attributes in process `syz.5.950'.
[  318.647242][ T9531] netlink: 32 bytes leftover after parsing attributes in process `syz.5.950'.
[  319.450710][ T9544] netlink: 12 bytes leftover after parsing attributes in process `syz.4.952'.
[  319.454599][ T9544] netlink: 32 bytes leftover after parsing attributes in process `syz.4.952'.
[  320.474511][   T53] usb 48-1: device descriptor read/8, error -110
[  320.794743][   T24] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  320.954272][   T24] usb 9-1: Using ep0 maxpacket: 32
[  320.958390][   T24] usb 9-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  320.962246][   T24] usb 9-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  320.974338][   T24] usb 9-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  320.979182][   T24] usb 9-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  320.990999][   T24] usb 9-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  320.994815][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.997916][   T24] usb 9-1: Product: syz
[  320.999472][   T53] usb usb48-port1: attempt power cycle
[  320.999646][   T24] usb 9-1: Manufacturer: syz
[  321.000161][   T24] usb 9-1: SerialNumber: syz
[  321.005912][ T9563] fuse: Unknown parameter '}'
[  321.012388][    C2] imon 9-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  321.061457][ T9564] IPVS: Error connecting to the multicast addr
[  321.135405][   T24] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/input/input15
[  321.148302][ T9563] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  321.152012][ T9563] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  321.165126][ T9563] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  321.177462][ T9563] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  321.180612][ T9563] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  321.188078][ T9563] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  321.198924][ T9563] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  321.202157][ T9563] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  321.211341][ T9563] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  321.234235][   T24] imon 9-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  321.237094][   T24]  (id 0x00)
[  321.395113][   T24] rc_core: IR keymap rc-imon-pad not found
[  321.397193][   T24] Registered IR keymap rc-empty
[  321.399342][   T24] imon 9-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  321.403083][   T24] imon 9-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  321.424847][   T24] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/rc/rc0
[  321.430533][   T24] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:155.0/rc/rc0/input16
[  321.440338][   T24] imon 9-1:155.0: iMON device (15c2:ffdc, intf0) on usb<9:2> initialized
[  321.588324][   T53] usb usb48-port1: unable to enumerate USB device
[  321.615799][ T9553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  321.623492][ T9553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  321.704297][ T9573] netlink: 12 bytes leftover after parsing attributes in process `syz.6.961'.
[  321.708164][ T9573] netlink: 32 bytes leftover after parsing attributes in process `syz.6.961'.
[  321.735484][   T10] usb 9-1: USB disconnect, device number 2
[  321.828413][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  322.022474][ T9578] tipc: Started in network mode
[  322.024689][ T9578] tipc: Node identity 96b5ab3796b2, cluster identity 4711
[  322.027771][ T9578] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.031499][ T9578] syzkaller0: entered promiscuous mode
[  322.033283][ T9578] syzkaller0: entered allmulticast mode
[  322.049829][ T9578] tipc: Resetting bearer <eth:syzkaller0>
[  322.055377][ T9577] tipc: Resetting bearer <eth:syzkaller0>
[  322.062576][ T9577] tipc: Disabling bearer <eth:syzkaller0>
[  322.167728][ T9588] vivid-000: disconnect
[  322.177564][ T9587] vivid-000: reconnect
[  322.580751][ T9600] IPVS: Error connecting to the multicast addr
[  322.623137][ T9605] 
: renamed from bridge_slave_0 (while UP)
[  322.697941][ T9607] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  322.699997][ T9607] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  322.702565][ T9607] vhci_hcd vhci_hcd.0: Device attached
[  322.727242][ T9607] 9pnet_fd: Insufficient options for proto=fd
[  322.954652][   T24] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  323.144243][ T5297] Bluetooth: hci3: command 0x0c1a tx timeout
[  323.276898][ T5297] Bluetooth: hci1: command 0x0c1a tx timeout
[  323.279409][ T5297] Bluetooth: hci4: command 0x0405 tx timeout
[  323.471004][ T9608] vhci_hcd: connection reset by peer
[  323.722209][   T76] vhci_hcd: stop threads
[  323.724615][   T76] vhci_hcd: release socket
[  323.727018][   T76] vhci_hcd: disconnect device
[  324.210072][ T9618] netlink: 16 bytes leftover after parsing attributes in process `syz.6.971'.
[  324.639517][ T9631] netlink: 12 bytes leftover after parsing attributes in process `syz.6.977'.
[  325.034746][   T34] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  325.186577][   T34] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[  325.190123][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  325.196251][   T34] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  325.200037][   T34] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  325.203316][   T34] usb 9-1: Manufacturer: syz
[  325.209678][   T34] usb 9-1: config 0 descriptor??
[  325.224217][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout
[  325.274628][   T34] rc_core: IR keymap rc-hauppauge not found
[  325.277222][   T34] Registered IR keymap rc-empty
[  325.281231][   T34] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0
[  325.288512][   T34] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input17
[  325.304313][ T5297] Bluetooth: hci1: command 0x0c1a tx timeout
[  325.308045][ T5952] Bluetooth: hci4: command 0x0405 tx timeout
[  325.448615][ T5972] usb 9-1: USB disconnect, device number 3
[  325.578630][ T9640] overlayfs: conflicting lowerdir path
[  327.014522][ T9656] netlink: 'syz.5.981': attribute type 2 has an invalid length.
[  327.020986][ T9656] ip6erspan0: entered allmulticast mode
[  327.314204][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout
[  327.394354][ T5952] Bluetooth: hci4: command 0x0405 tx timeout
[  327.396992][ T5297] Bluetooth: hci1: command 0x0c1a tx timeout
[  328.104505][   T24] vhci_hcd: vhci_device speed not set
[  328.708691][ T9679] overlayfs: conflicting lowerdir path
[  329.194243][ T5972] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  329.356105][ T5972] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  329.359612][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.364980][ T5972] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  329.368840][ T5972] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  329.372069][ T5972] usb 10-1: Manufacturer: syz
[  329.374222][   T24] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  329.380304][ T5972] usb 10-1: config 0 descriptor??
[  329.484718][ T5972] rc_core: IR keymap rc-hauppauge not found
[  329.487294][ T5972] Registered IR keymap rc-empty
[  329.490484][ T5972] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  329.496040][ T5972] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input18
[  329.547702][   T24] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[  329.550382][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.555273][   T24] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  329.558816][   T24] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  329.561982][   T24] usb 9-1: Manufacturer: syz
[  329.570661][   T24] usb 9-1: config 0 descriptor??
[  329.610643][   T10] usb 10-1: USB disconnect, device number 2
[  329.674145][   T24] rc_core: IR keymap rc-hauppauge not found
[  329.676543][   T24] Registered IR keymap rc-empty
[  329.678701][   T24] rc rc1: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc1
[  329.682591][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc1/input19
[  329.793373][   T24] usb 9-1: USB disconnect, device number 4
[  330.434193][ T5972] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  330.459304][ T9716] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  330.461436][ T9716] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  330.464290][ T9716] vhci_hcd vhci_hcd.0: Device attached
[  330.614737][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.619394][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.628985][ T5972] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  330.634459][ T5972] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  330.638271][ T5972] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.680146][ T5972] usb 10-1: config 0 descriptor??
[  330.707809][   T24] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[  330.924384][ T9724] overlayfs: failed to clone upperpath
[  331.283122][ T9717] vhci_hcd: connection reset by peer
[  331.396061][ T5972] usbhid 10-1:0.0: can't add hid device: -71
[  331.423949][ T5972] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  331.445908][ T8667] vhci_hcd: stop threads
[  331.456074][ T8667] vhci_hcd: release socket
[  331.482189][ T8667] vhci_hcd: disconnect device
[  331.513052][ T5972] usb 10-1: USB disconnect, device number 3
[  332.243834][ T9744] IPVS: Error connecting to the multicast addr
[  332.414279][ T5972] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  332.576350][ T5972] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  332.579728][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.600784][ T5972] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  332.606842][ T5972] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  332.609925][ T5972] usb 10-1: Manufacturer: syz
[  332.613717][ T5972] usb 10-1: config 0 descriptor??
[  332.664236][ T5972] rc_core: IR keymap rc-hauppauge not found
[  332.666954][ T5972] Registered IR keymap rc-empty
[  332.670111][ T5972] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  332.676103][ T5972] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input20
[  332.841579][ T5972] usb 10-1: USB disconnect, device number 4
[  333.166955][ T9753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1007'.
[  333.173953][ T9753] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.176192][ T9753] bridge0: port 1(
) entered disabled state
[  333.358749][ T9756] loop6: detected capacity change from 0 to 524287999
[  333.365157][ T9245] buffer_io_error: 45 callbacks suppressed
[  333.365171][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.371025][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.374588][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.378053][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.381501][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.385123][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.388639][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.392089][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.396279][ T9245] ldm_validate_partition_table(): Disk read failed.
[  333.398747][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.401781][ T9245] Buffer I/O error on dev loop6, logical block 0, async page read
[  333.406528][ T9245] Dev loop6: unable to read RDB block 0
[  333.409066][ T9245]  loop6: unable to read partition table
[  333.412699][ T9756] ldm_validate_partition_table(): Disk read failed.
[  333.416610][ T9756] Dev loop6: unable to read RDB block 0
[  333.458935][ T9756]  loop6: unable to read partition table
[  333.461023][ T9756] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  333.465164][ T9245] ldm_validate_partition_table(): Disk read failed.
[  333.468039][ T9245] Dev loop6: unable to read RDB block 0
[  333.470120][ T9245]  loop6: unable to read partition table
[  334.253087][ T9769] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  334.255355][ T9769] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  334.264150][ T9769] vhci_hcd vhci_hcd.0: Device attached
[  334.777849][ T9775] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1012'.
[  334.780863][ T9775] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1012'.
[  335.504272][ T7135] usb 10-1: new low-speed USB device number 5 using dummy_hcd
[  335.600962][ T9770] vhci_hcd: connection closed
[  335.601172][   T76] vhci_hcd: stop threads
[  335.604513][   T76] vhci_hcd: release socket
[  335.609717][   T76] vhci_hcd: disconnect device
[  335.675829][ T7135] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  335.678396][ T7135] usb 10-1: config 0 has no interface number 0
[  335.684352][ T7135] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  335.687972][ T7135] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  335.691495][ T7135] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  335.694745][ T7135] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.700853][ T7135] usb 10-1: config 0 descriptor??
[  335.703771][ T9777] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  335.711234][ T7135] iowarrior 10-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  335.854782][   T24] vhci_hcd: vhci_device speed not set
[  335.918230][ T7135] usb 10-1: USB disconnect, device number 5
[  336.714741][  T842] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  336.757040][ T9796] IPVS: Error connecting to the multicast addr
[  336.866820][  T842] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  336.870435][  T842] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.876295][  T842] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  336.880060][  T842] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  336.883508][  T842] usb 10-1: Manufacturer: syz
[  336.888391][  T842] usb 10-1: config 0 descriptor??
[  336.924925][   T34] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  336.944834][  T842] rc_core: IR keymap rc-hauppauge not found
[  336.947306][  T842] Registered IR keymap rc-empty
[  336.952079][  T842] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  336.958570][  T842] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input21
[  337.077027][   T34] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.081576][   T34] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.086159][   T34] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  337.091516][   T34] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  337.096039][   T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.101142][   T24] usb 10-1: USB disconnect, device number 6
[  337.109268][   T34] usb 11-1: config 0 descriptor??
[  337.376130][  T979] usb usb46-port1: attempt power cycle
[  337.525344][   T34] plantronics 0003:047F:FFFF.0009: reserved main item tag 0xd
[  337.528291][   T34] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  337.531192][   T34] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  337.533855][   T34] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  337.537460][   T34] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  337.546817][   T34] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  337.553620][   T34] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  337.704564][ T9807] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1021'.
[  337.708651][ T9807] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1021'.
[  337.765380][ T9809] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1022'.
[  337.774722][ T9809] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.946549][ T6026] usb 11-1: USB disconnect, device number 4
[  338.024761][  T979] usb usb46-port1: unable to enumerate USB device
[  338.094232][   T53] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  338.305508][   T53] usb 10-1: Using ep0 maxpacket: 8
[  338.313616][   T53] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.322059][   T53] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  338.325253][   T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  338.331549][   T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  338.337460][   T53] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  338.341066][   T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.377903][   T53] hub 10-1:1.0: bad descriptor, ignoring hub
[  338.380469][   T53] hub 10-1:1.0: probe with driver hub failed with error -5
[  338.389013][   T53] cdc_wdm 10-1:1.0: skipping garbage
[  338.390951][   T53] cdc_wdm 10-1:1.0: skipping garbage
[  338.397017][   T53] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  338.399177][   T53] cdc_wdm 10-1:1.0: Unknown control protocol
[  338.461460][ T9820] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1025'.
[  338.676699][ T9822] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1026'.
[  339.358575][ T9812] usb 10-1: reset high-speed USB device number 7 using dummy_hcd
[  339.623382][ T9837] IPVS: Error connecting to the multicast addr
[  340.637812][ T9856] input: syz1 as /devices/virtual/input/input22
[  340.856341][ T6026] usb 10-1: USB disconnect, device number 7
[  340.910372][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1039'.
[  340.920698][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  340.920712][   T40] audit: type=1326 audit(1762475256.651:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  340.953018][   T40] audit: type=1326 audit(1762475256.651:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  340.965621][   T40] audit: type=1326 audit(1762475256.661:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  340.974706][   T40] audit: type=1326 audit(1762475256.661:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  340.983301][   T40] audit: type=1326 audit(1762475256.671:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  340.992602][   T40] audit: type=1326 audit(1762475256.671:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=250 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  341.001533][   T40] audit: type=1326 audit(1762475256.671:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  341.011314][   T40] audit: type=1326 audit(1762475256.671:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  341.020168][   T40] audit: type=1326 audit(1762475256.671:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  341.029004][   T40] audit: type=1326 audit(1762475256.671:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9861 comm="syz.5.1039" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  341.174265][ T5972] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  341.242084][ T9866] overlayfs: conflicting lowerdir path
[  341.341119][ T5972] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[  341.343999][ T5972] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.355176][ T5972] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  341.358336][ T5972] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  341.361054][ T5972] usb 9-1: Manufacturer: syz
[  341.368407][ T5972] usb 9-1: config 0 descriptor??
[  341.424429][ T5972] rc_core: IR keymap rc-hauppauge not found
[  341.427051][ T5972] Registered IR keymap rc-empty
[  341.430052][ T5972] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0
[  341.438953][ T5972] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input23
[  341.534261][   T53] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  341.632499][  T842] usb 9-1: USB disconnect, device number 5
[  341.686998][   T53] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  341.704460][   T53] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.709214][   T53] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  341.720045][   T53] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  341.722945][   T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.726662][   T53] usb 10-1: config 0 descriptor??
[  342.115906][ T9888] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1045'.
[  342.119122][ T9888] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1045'.
[  342.489254][ T9897] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1048'.
[  342.971121][ T9901] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  343.224885][   T34] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  343.341463][ T9908] macsec0: entered promiscuous mode
[  343.343983][ T9908] macsec0: entered allmulticast mode
[  343.347501][ T9908] veth1_macvtap: entered allmulticast mode
[  343.352730][ T9909] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1050'.
[  343.394777][   T34] usb 11-1: Using ep0 maxpacket: 8
[  343.402029][   T34] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  343.409610][   T34] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  343.413900][   T34] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  343.425486][   T34] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  343.429857][   T34] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  343.432796][   T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.644242][   T34] usb 11-1: GET_CAPABILITIES returned 0
[  343.654778][   T34] usbtmc 11-1:16.0: can't read capabilities
[  343.898698][ T9901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.902600][ T9901] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.910865][   T10] usb 11-1: USB disconnect, device number 5
[  344.322923][   T53] usbhid 10-1:0.0: can't add hid device: -71
[  344.330866][   T53] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  344.339538][   T53] usb 10-1: USB disconnect, device number 8
[  344.463773][ T9927] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1057'.
[  344.467930][ T9927] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1057'.
[  344.649061][ T9929] netlink: 'syz.6.1060': attribute type 8 has an invalid length.
[  344.754224][   T53] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  344.839016][ T9934] random: crng reseeded on system resumption
[  344.917254][   T53] usb 10-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  344.921782][   T53] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  344.928132][   T53] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  344.932544][   T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.941895][   T53] usb 10-1: config 0 descriptor??
[  344.949556][   T53] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[  345.092986][ T9938] kvm: pic: single mode not supported
[  345.093124][ T9938] kvm: pic: level sensitive irq not supported
[  345.097772][ T9938] kvm: pic: non byte read
[  345.105367][ T9938] kvm: pic: non byte read
[  345.108279][ T9938] kvm: pic: single mode not supported
[  345.108293][ T9938] kvm: pic: level sensitive irq not supported
[  345.110941][ T9938] kvm: pic: non byte read
[  345.117018][ T9938] kvm: pic: non byte read
[  345.136260][ T9938] kvm: pic: non byte read
[  345.147044][ T9938] kvm: pic: non byte read
[  345.151884][ T9938] kvm: pic: non byte read
[  345.155997][ T9938] kvm: pic: level sensitive irq not supported
[  345.156736][ T9938] kvm: pic: non byte read
[  345.163353][ T9938] kvm: pic: level sensitive irq not supported
[  345.164061][ T9938] kvm: pic: non byte read
[  346.365981][ T9964] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  346.369151][ T9964] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.375759][ T9964] vhci_hcd vhci_hcd.0: Device attached
[  346.684271][   T53] usb 46-1: SetAddress Request (10) to port 0
[  346.686410][ T9962] overlayfs: failed to clone upperpath
[  346.686921][   T53] usb 46-1: new SuperSpeed USB device number 10 using vhci_hcd
[  346.838906][ T9970] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  346.843275][ T9970] block device autoloading is deprecated and will be removed.
[  347.046026][ T9965] vhci_hcd: connection reset by peer
[  347.048590][ T1142] vhci_hcd: stop threads
[  347.050048][ T1142] vhci_hcd: release socket
[  347.051632][ T1142] vhci_hcd: disconnect device
[  347.174172][   T10] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  347.287598][ T9980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1073'.
[  347.291569][ T9980] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1073'.
[  347.314190][   T10] usb 11-1: device descriptor read/64, error -71
[  347.390034][    T9] usb 10-1: USB disconnect, device number 9
[  347.551465][ T9983] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1075'.
[  347.574255][   T10] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  347.714270][   T10] usb 11-1: device descriptor read/64, error -71
[  347.854558][   T10] usb usb11-port1: attempt power cycle
[  348.214164][   T10] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  348.235676][   T10] usb 11-1: device descriptor read/8, error -71
[  348.514298][   T10] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  348.550160][T10001] overlayfs: failed to clone upperpath
[  348.554301][   T10] usb 11-1: device descriptor read/8, error -71
[  348.675234][   T10] usb usb11-port1: unable to enumerate USB device
[  348.865373][T10005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1081'.
[  349.852119][T10023] random: crng reseeded on system resumption
[  349.915760][T10014] syzkaller0: entered promiscuous mode
[  349.918309][T10014] syzkaller0: entered allmulticast mode
[  350.577247][ T7135] usb 11-1: new high-speed USB device number 10 using dummy_hcd
[  350.714281][ T7135] usb 11-1: device descriptor read/64, error -71
[  350.966280][ T7135] usb 11-1: new high-speed USB device number 11 using dummy_hcd
[  350.966297][T10030] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1087'.
[  351.124251][ T7135] usb 11-1: device descriptor read/64, error -71
[  351.236013][ T7135] usb usb11-port1: attempt power cycle
[  351.605314][ T7135] usb 11-1: new high-speed USB device number 12 using dummy_hcd
[  351.636109][ T7135] usb 11-1: device descriptor read/8, error -71
[  351.785747][   T53] usb 46-1: device descriptor read/8, error -110
[  351.886594][ T7135] usb 11-1: new high-speed USB device number 13 using dummy_hcd
[  351.935092][ T7135] usb 11-1: device descriptor read/8, error -71
[  352.046939][ T7135] usb usb11-port1: unable to enumerate USB device
[  352.182649][   T53] usb usb46-port1: attempt power cycle
[  352.642552][T10042] netlink: 'syz.1.1091': attribute type 4 has an invalid length.
[  352.646138][T10051] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1093'.
[  352.650535][T10051] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.805038][   T53] usb usb46-port1: unable to enumerate USB device
[  352.920004][T10059] input: syz1 as /devices/virtual/input/input24
[  353.070241][T10065] 9pnet_fd: Insufficient options for proto=fd
[  353.628884][T10071] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1099'.
[  353.930852][T10084] ceph: No mds server is up or the cluster is laggy
[  354.140993][  T979] libceph: connect (1)[c::]:6789 error -101
[  354.158979][  T979] libceph: mon0 (1)[c::]:6789 connect error
[  354.674742][   T34] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  354.826614][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.831229][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  354.835986][   T34] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  354.841373][   T34] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  354.846510][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.852656][   T34] usb 9-1: config 0 descriptor??
[  355.267869][   T34] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  355.273705][   T34] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  355.477517][    T9] usb 9-1: USB disconnect, device number 6
[  355.496261][T10105] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1108'.
[  355.499154][T10105] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1108'.
[  355.635473][T10107] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1109'.
[  355.638497][T10107] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1109'.
[  356.335143][T10111] kvm: user requested TSC rate below hardware speed
[  356.343110][T10115] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1111'.
[  356.345322][T10111] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  356.579720][T10118] team0: No ports can be present during mode change
[  356.582939][T10118] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1112'.
[  358.614164][T10153] fuse: Unknown parameter 'fN'
[  358.714597][T10148] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  358.717348][T10148] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  358.721903][T10148] vhci_hcd vhci_hcd.0: Device attached
[  359.040615][T10152] vhci_hcd: connection closed
[  359.054477][   T53] usb 46-1: SetAddress Request (14) to port 0
[  359.059173][   T53] usb 46-1: new SuperSpeed USB device number 14 using vhci_hcd
[  359.074327][T10154] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  359.145086][   T76] vhci_hcd: stop threads
[  359.146894][   T76] vhci_hcd: release socket
[  359.148977][   T76] vhci_hcd: disconnect device
[  359.634344][T10159] SET target dimension over the limit!
[  360.773599][T10175] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1125'.
[  360.982652][T10181] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1127'.
[  362.614423][T10212] IPVS: Error connecting to the multicast addr
[  362.786882][T10208] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1137'.
[  364.104206][   T53] usb 46-1: device descriptor read/8, error -110
[  364.516386][   T53] usb usb46-port1: attempt power cycle
[  364.612202][T10240] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1143'.
[  364.953668][T10245] lo speed is unknown, defaulting to 1000
[  364.958452][T10245] lo speed is unknown, defaulting to 1000
[  364.961129][T10245] lo speed is unknown, defaulting to 1000
[  364.965144][T10245] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  364.971275][T10245] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  364.989831][T10245] lo speed is unknown, defaulting to 1000
[  364.992537][T10245] lo speed is unknown, defaulting to 1000
[  364.997324][T10245] lo speed is unknown, defaulting to 1000
[  364.999946][T10245] lo speed is unknown, defaulting to 1000
[  365.002473][T10245] lo speed is unknown, defaulting to 1000
[  365.084942][   T53] usb usb46-port1: unable to enumerate USB device
[  365.116861][T10248] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1146'.
[  365.121330][T10248] SET target dimension over the limit!
[  365.816104][T10258] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1149'.
[  365.819909][T10258] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1149'.
[  366.060795][T10255] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1148'.
[  366.079345][T10261] 9pnet_fd: Insufficient options for proto=fd
[  366.184194][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  366.184207][   T40] audit: type=1326 audit(1762475281.911:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.205531][T10267] netlink: 'syz.1.1152': attribute type 8 has an invalid length.
[  366.207951][   T40] audit: type=1326 audit(1762475281.931:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.216292][   T40] audit: type=1326 audit(1762475281.931:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.223239][   T40] audit: type=1326 audit(1762475281.931:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.257279][   T40] audit: type=1326 audit(1762475281.931:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.266791][   T40] audit: type=1326 audit(1762475281.931:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.275910][   T40] audit: type=1326 audit(1762475281.941:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.310909][   T40] audit: type=1326 audit(1762475281.941:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.321403][   T40] audit: type=1326 audit(1762475281.941:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.334958][   T40] audit: type=1326 audit(1762475281.941:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10266 comm="syz.1.1152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000
[  366.734173][ T7135] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  366.874304][ T7135] usb 10-1: device descriptor read/64, error -71
[  367.124222][ T7135] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  367.254199][ T7135] usb 10-1: device descriptor read/64, error -71
[  367.375182][ T7135] usb usb10-port1: attempt power cycle
[  368.064203][ T7135] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  368.095081][ T7135] usb 10-1: device descriptor read/8, error -71
[  368.334221][ T7135] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  368.354857][ T7135] usb 10-1: device descriptor read/8, error -71
[  368.468346][ T7135] usb usb10-port1: unable to enumerate USB device
[  368.506703][T10298] netlink: 'syz.4.1162': attribute type 8 has an invalid length.
[  368.599999][T10302] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  368.753722][T10303] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1163'.
[  368.854715][   T34] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  369.004575][   T34] usb 9-1: Using ep0 maxpacket: 8
[  369.008301][   T34] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  369.012081][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  369.015711][   T34] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  369.019215][   T34] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  369.023490][   T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  369.026991][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.037731][T10305] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  369.233705][   T34] usb 9-1: GET_CAPABILITIES returned 0
[  369.235552][   T34] usbtmc 9-1:16.0: can't read capabilities
[  369.294648][   T59] usb 11-1: new high-speed USB device number 14 using dummy_hcd
[  369.438705][   T34] usb 9-1: USB disconnect, device number 7
[  369.465578][   T59] usb 11-1: Using ep0 maxpacket: 8
[  369.485430][   T59] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  369.488424][   T59] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  369.491414][   T59] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  369.504162][   T59] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  369.508136][   T59] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  369.510926][   T59] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.617019][T10315] lo speed is unknown, defaulting to 1000
[  369.675626][T10318] lo speed is unknown, defaulting to 1000
[  369.735759][   T59] usb 11-1: GET_CAPABILITIES returned 0
[  369.737646][   T59] usbtmc 11-1:16.0: can't read capabilities
[  369.942624][   T59] usb 11-1: USB disconnect, device number 14
[  370.257544][T10335] overlay: ./file0 is not a directory
[  371.018598][ T7135] usb 11-1: new low-speed USB device number 15 using dummy_hcd
[  371.188029][ T7135] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[  371.190686][ T7135] usb 11-1: config 0 has no interface number 0
[  371.193253][ T7135] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  371.198978][ T7135] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  371.203500][ T7135] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  371.208859][ T7135] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  371.213030][ T7135] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  371.218979][ T7135] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  371.223682][ T7135] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  371.228402][ T7135] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.233079][ T7135] usb 11-1: config 0 descriptor??
[  371.236146][T10344] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  371.238590][T10344] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  371.244583][ T7135] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  371.452551][T10344] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1179'.
[  371.532545][T10360] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1183'.
[  372.961536][   T40] kauditd_printk_skb: 30 callbacks suppressed
[  372.961548][   T40] audit: type=1326 audit(1762475288.691:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.5.1195" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70cd579 code=0x0
[  373.016947][T10393] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  373.078730][T10394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1194'.
[  373.806880][ T6026] usb 11-1: USB disconnect, device number 15
[  373.810733][ T6026] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[  373.840256][T10408] input: syz1 as /devices/virtual/input/input26
[  374.114161][ T7135] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  374.276754][ T7135] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.280243][ T7135] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.283458][ T7135] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  374.288240][ T7135] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  374.291317][ T7135] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.298271][ T7135] usb 9-1: config 0 descriptor??
[  374.354145][ T6026] usb 11-1: new high-speed USB device number 16 using dummy_hcd
[  374.524813][ T6026] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.529140][ T6026] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.532290][ T6026] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  374.536716][ T6026] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  374.539637][ T6026] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.543392][ T6026] usb 11-1: config 0 descriptor??
[  374.605824][T10428] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1209'.
[  374.713159][ T7135] plantronics 0003:047F:FFFF.000B: reserved main item tag 0xd
[  374.716421][ T7135] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x0
[  374.726050][ T7135] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  374.768655][T10435] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  374.975918][   T53] usb 9-1: USB disconnect, device number 8
[  375.386626][ T6026] usbhid 11-1:0.0: can't add hid device: -71
[  375.389301][ T6026] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  375.401006][ T6026] usb 11-1: USB disconnect, device number 16
[  375.439623][T10444] overlayfs: failed to clone upperpath
[  375.740584][T10457] IPVS: Error connecting to the multicast addr
[  376.771465][T10483] lo speed is unknown, defaulting to 1000
[  376.836620][T10485] overlayfs: conflicting lowerdir path
[  377.299029][T10494] random: crng reseeded on system resumption
[  377.785699][   T40] audit: type=1326 audit(1762475293.521:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.797665][   T40] audit: type=1326 audit(1762475293.521:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.803995][T10504] netlink: 'syz.4.1234': attribute type 8 has an invalid length.
[  377.804046][   T40] audit: type=1326 audit(1762475293.521:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.804639][   T40] audit: type=1326 audit(1762475293.521:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.823015][   T40] audit: type=1326 audit(1762475293.521:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.831116][   T40] audit: type=1326 audit(1762475293.521:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.839219][   T40] audit: type=1326 audit(1762475293.521:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.847296][   T40] audit: type=1326 audit(1762475293.531:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  377.856959][   T40] audit: type=1326 audit(1762475293.531:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10503 comm="syz.4.1234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7579 code=0x7ffc0000
[  378.036850][T10515] bridge_slave_1: left allmulticast mode
[  378.038828][T10515] bridge_slave_1: left promiscuous mode
[  378.042814][T10515] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.058315][T10515] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.330220][T10519] IPVS: Error connecting to the multicast addr
[  379.397175][T10531] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1241'.
[  379.694625][ T6026] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  379.855612][ T6026] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.859188][ T6026] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.862165][ T6026] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  379.866826][ T6026] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  379.869952][ T6026] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.874003][ T6026] usb 9-1: config 0 descriptor??
[  380.288274][T10546] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  380.288431][   T59] IPVS: starting estimator thread 0...
[  380.384442][T10548] IPVS: using max 27 ests per chain, 64800 per kthread
[  380.389091][T10550] netlink: 240 bytes leftover after parsing attributes in process `syz.5.1247'.
[  380.499286][ T6026] usbhid 9-1:0.0: can't add hid device: -71
[  380.504880][ T6026] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  380.511368][ T6026] usb 9-1: USB disconnect, device number 9
[  381.670054][T10568] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  382.194239][   T60] usb 11-1: new high-speed USB device number 17 using dummy_hcd
[  382.367684][   T60] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.372344][   T60] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  382.376757][   T60] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  382.384784][   T59] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  382.384805][   T60] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  382.391130][   T60] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.396759][   T60] usb 11-1: config 0 descriptor??
[  382.536216][   T59] usb 9-1: config 0 has no interfaces?
[  382.541084][   T59] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  382.545603][   T59] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  382.548742][   T59] usb 9-1: Manufacturer: syz
[  382.553148][   T59] usb 9-1: config 0 descriptor??
[  382.738628][T10608] IPVS: set_ctl: invalid protocol: 60 224.0.0.1:21
[  382.761981][ T7135] usb 9-1: USB disconnect, device number 10
[  383.016640][   T60] usbhid 11-1:0.0: can't add hid device: -71
[  383.024264][   T60] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  383.029874][   T60] usb 11-1: USB disconnect, device number 17
[  383.228247][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  383.414512][T10619] trusted_key: encrypted_key: master key parameter 'defcult' is invalid
[  383.424385][T10619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1272'.
[  383.653298][T10623] input: syz1 as /devices/virtual/input/input27
[  384.234526][T10632] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  384.505498][T10634] netlink: 'syz.6.1278': attribute type 8 has an invalid length.
[  384.741894][T10643] lo speed is unknown, defaulting to 1000
[  384.778098][T10648] syzkaller1: entered promiscuous mode
[  384.779886][T10648] syzkaller1: entered allmulticast mode
[  384.877715][T10643] overlayfs: conflicting lowerdir path
[  384.922376][T10654] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1285'.
[  384.974780][   T24] usb 11-1: new low-speed USB device number 18 using dummy_hcd
[  385.051632][T10658] ubi: mtd0 is already attached to ubi31
[  385.114349][   T24] usb 11-1: device descriptor read/64, error -71
[  385.207975][T10663] fuse: Unknown parameter 'mask'
[  385.364251][   T24] usb 11-1: new low-speed USB device number 19 using dummy_hcd
[  385.494320][   T24] usb 11-1: device descriptor read/64, error -71
[  385.605440][   T24] usb usb11-port1: attempt power cycle
[  385.954266][   T24] usb 11-1: new low-speed USB device number 20 using dummy_hcd
[  385.985001][   T24] usb 11-1: device descriptor read/8, error -71
[  386.023656][T10672] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1289'.
[  386.027742][T10672] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1289'.
[  386.165692][T10674] lo speed is unknown, defaulting to 1000
[  386.254288][   T24] usb 11-1: new low-speed USB device number 21 using dummy_hcd
[  386.437426][T10679] overlayfs: failed to clone upperpath
[  386.792796][T10683] lo speed is unknown, defaulting to 1000
[  386.836750][   T24] usb 11-1: device descriptor read/8, error -71
[  386.945197][   T24] usb usb11-port1: unable to enumerate USB device
[  386.948727][T10693] pimreg: entered allmulticast mode
[  387.109729][T10676] syz.4.1291 (10676) used greatest stack depth: 18072 bytes left
[  387.352737][T10683] overlayfs: failed to clone upperpath
[  387.835015][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.837883][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.840717][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.843174][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.847020][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.849366][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.851706][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.853998][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.858276][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.860638][  T979] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  387.868569][  T979] hid-generic 0000:0000:0000.000C: hidraw1: <UNKNOWN> HID v0.00 Device [Á“ƽZÄæwÇý[baÿ–é|\rnÀ)A¼#6”oÒ¯ô?•ða Iü¸äãs„Ö5hVõ3ñ®(;éò
[  387.868569][  T979] ãÑ�ƒPÔ$zÉ·‡X$©·à˜w[SÖì–ÀRìÑeÑzx—ÞuñS r»œÏláì[µ5l'˜ZCz2ñ] on ü’týDKÍí˜Y縣Ϫòž¿¹,ÇËúÒU›¾O�á‰èpŽ“‚{"iÌxúAý[Ëew·ßäÃ’}ÂZXª„A
[  388.076239][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802393e000: rx timeout, send abort
[  388.134674][T10710] fido_id[10710]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  388.576879][    C0] vcan0: j1939_tp_rxtimer: 0xffff888012eb6400: rx timeout, send abort
[  388.579734][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802393e000: abort rx timeout. Force session deactivation
[  388.684908][ T6026] IPVS: starting estimator thread 0...
[  388.687470][T10729] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  388.794250][T10735] IPVS: using max 43 ests per chain, 103200 per kthread
[  388.947626][T10741] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1304'.
[  388.950837][T10741] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1304'.
[  389.079484][    C0] vcan0: j1939_tp_rxtimer: 0xffff888012eb6400: abort rx timeout. Force session deactivation
[  389.676146][T10747] IPVS: Error connecting to the multicast addr
[  389.695590][T10746] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1314'.
[  390.176281][T10750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1314'.
[  390.179194][T10750] bridge_slave_1: left allmulticast mode
[  390.183479][T10750] bridge_slave_1: left promiscuous mode
[  390.206230][T10750] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.258867][T10750] 
: left allmulticast mode
[  390.260991][T10750] 
: left promiscuous mode
[  390.263226][T10750] bridge0: port 1(
) entered disabled state
[  390.438691][T10777] netlink: 'syz.1.1322': attribute type 21 has an invalid length.
[  390.442261][T10777] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1322'.
[  390.470978][T10777] netlink: 'syz.1.1322': attribute type 5 has an invalid length.
[  390.473711][T10777] netlink: 'syz.1.1322': attribute type 6 has an invalid length.
[  390.477231][T10777] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1322'.
[  390.944817][T10792] lo speed is unknown, defaulting to 1000
[  391.102322][T10809] FAULT_INJECTION: forcing a failure.
[  391.102322][T10809] name failslab, interval 1, probability 0, space 0, times 0
[  391.107249][T10809] CPU: 3 UID: 0 PID: 10809 Comm: syz.6.1327 Not tainted syzkaller #0 PREEMPT(full) 
[  391.107264][T10809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  391.107270][T10809] Call Trace:
[  391.107274][T10809]  <TASK>
[  391.107278][T10809]  dump_stack_lvl+0x16c/0x1f0
[  391.107296][T10809]  should_fail_ex+0x512/0x640
[  391.107315][T10809]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  391.107334][T10809]  should_failslab+0xc2/0x120
[  391.107355][T10809]  kmem_cache_alloc_node_noprof+0x78/0x770
[  391.107370][T10809]  ? __alloc_skb+0x2b2/0x380
[  391.107390][T10809]  ? __alloc_skb+0x2b2/0x380
[  391.107405][T10809]  ? __pfx_netlink_insert+0x10/0x10
[  391.107415][T10809]  __alloc_skb+0x2b2/0x380
[  391.107430][T10809]  ? __pfx___alloc_skb+0x10/0x10
[  391.107446][T10809]  ? netlink_autobind.isra.0+0x158/0x370
[  391.107460][T10809]  netlink_alloc_large_skb+0x69/0x140
[  391.107472][T10809]  netlink_sendmsg+0x698/0xdd0
[  391.107488][T10809]  ? __pfx_netlink_sendmsg+0x10/0x10
[  391.107507][T10809]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  391.107533][T10809]  ____sys_sendmsg+0xa98/0xc70
[  391.107556][T10809]  ? __pfx_____sys_sendmsg+0x10/0x10
[  391.107571][T10809]  ? get_compat_msghdr+0x11a/0x170
[  391.107593][T10809]  ___sys_sendmsg+0x134/0x1d0
[  391.107604][T10809]  ? __pfx____sys_sendmsg+0x10/0x10
[  391.107620][T10809]  ? find_held_lock+0x2b/0x80
[  391.107640][T10809]  __sys_sendmsg+0x16d/0x220
[  391.107654][T10809]  ? __pfx___sys_sendmsg+0x10/0x10
[  391.107679][T10809]  ? rcu_is_watching+0x12/0xc0
[  391.107699][T10809]  __do_fast_syscall_32+0x7c/0x300
[  391.107720][T10809]  do_fast_syscall_32+0x32/0x80
[  391.107740][T10809]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  391.107758][T10809] RIP: 0023:0xf706d579
[  391.107771][T10809] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  391.107786][T10809] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  391.107801][T10809] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  391.107811][T10809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  391.107819][T10809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  391.107828][T10809] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  391.107837][T10809] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  391.107859][T10809]  </TASK>
[  391.882407][T10820] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1329'.
[  392.193183][   T46] Bluetooth: hci2: Frame reassembly failed (-84)
[  393.254737][T10848] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1338'.
[  393.257592][T10848] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1338'.
[  393.710850][T10852] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1339'.
[  393.713792][T10852] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1339'.
[  394.264192][ T5952] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  394.264356][ T5297] Bluetooth: hci2: command 0x1003 tx timeout
[  394.415505][   T53] usb 11-1: new high-speed USB device number 22 using dummy_hcd
[  394.554233][ T6045] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  394.575767][   T53] usb 11-1: config index 0 descriptor too short (expected 23569, got 27)
[  394.578895][   T53] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  394.582656][   T53] usb 11-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  394.588334][   T53] usb 11-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  394.591565][   T53] usb 11-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  394.594602][   T53] usb 11-1: Manufacturer: syz
[  394.598261][   T53] usb 11-1: config 0 descriptor??
[  394.604983][   T53] igorplugusb 11-1:0.0: incorrect number of endpoints
[  394.715842][ T6045] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  394.719323][ T6045] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  394.723365][ T6045] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  394.729431][ T6045] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  394.733039][ T6045] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  394.736501][ T6045] usb 10-1: Manufacturer: syz
[  394.741325][ T6045] usb 10-1: config 0 descriptor??
[  394.746570][ T6045] igorplugusb 10-1:0.0: incorrect number of endpoints
[  394.824667][   T24] usb 11-1: USB disconnect, device number 22
[  394.957517][   T34] usb 10-1: USB disconnect, device number 14
[  395.227014][T10876] lo speed is unknown, defaulting to 1000
[  395.668332][T10886] IPVS: Error connecting to the multicast addr
[  396.230415][T10902] trusted_key: encrypted_key: keyword 'n‘u¼9efault' not recognized
[  396.386963][T10910] input: syz1 as /devices/virtual/input/input28
[  396.544920][   T34] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  396.710781][   T34] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  396.719480][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.732245][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.744854][   T34] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  396.757688][   T34] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  396.763376][   T34] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  396.777788][   T34] usb 10-1: Manufacturer: syz
[  396.828349][   T34] usb 10-1: config 0 descriptor??
[  397.766950][T10907] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1356'.
[  398.164253][   T53] usb 11-1: new high-speed USB device number 23 using dummy_hcd
[  398.333724][   T53] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.338886][   T53] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  398.342897][   T53] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  398.353035][   T53] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  398.357759][   T53] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.363068][   T53] usb 11-1: config 0 descriptor??
[  398.393858][T10929] FAULT_INJECTION: forcing a failure.
[  398.393858][T10929] name failslab, interval 1, probability 0, space 0, times 0
[  398.399125][T10929] CPU: 0 UID: 0 PID: 10929 Comm: syz.4.1364 Not tainted syzkaller #0 PREEMPT(full) 
[  398.399148][T10929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  398.399158][T10929] Call Trace:
[  398.399165][T10929]  <TASK>
[  398.399172][T10929]  dump_stack_lvl+0x16c/0x1f0
[  398.399197][T10929]  should_fail_ex+0x512/0x640
[  398.399222][T10929]  ? fs_reclaim_acquire+0xae/0x150
[  398.399248][T10929]  should_failslab+0xc2/0x120
[  398.399271][T10929]  __kmalloc_noprof+0xdd/0x880
[  398.399297][T10929]  ? tomoyo_encode2+0x100/0x3e0
[  398.399321][T10929]  ? tomoyo_encode2+0x100/0x3e0
[  398.399339][T10929]  tomoyo_encode2+0x100/0x3e0
[  398.399361][T10929]  tomoyo_encode+0x29/0x50
[  398.399379][T10929]  tomoyo_realpath_from_path+0x18f/0x6e0
[  398.399407][T10929]  tomoyo_path_number_perm+0x245/0x580
[  398.399433][T10929]  ? tomoyo_path_number_perm+0x237/0x580
[  398.399462][T10929]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  398.399516][T10929]  ? find_held_lock+0x2b/0x80
[  398.399534][T10929]  ? hook_file_ioctl_common+0x145/0x410
[  398.399558][T10929]  ? __fget_files+0x20e/0x3c0
[  398.399580][T10929]  security_file_ioctl_compat+0x9b/0x240
[  398.399599][T10929]  __ia32_compat_sys_ioctl+0xc3/0x370
[  398.399628][T10929]  __do_fast_syscall_32+0x7c/0x300
[  398.399653][T10929]  do_fast_syscall_32+0x32/0x80
[  398.399674][T10929]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  398.399695][T10929] RIP: 0023:0xf7fa7579
[  398.399709][T10929] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  398.399724][T10929] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  398.399741][T10929] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004004550c
[  398.399751][T10929] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  398.399761][T10929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  398.399771][T10929] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  398.399780][T10929] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  398.399805][T10929]  </TASK>
[  398.399822][T10929] ERROR: Out of memory at tomoyo_realpath_from_path.
[  398.582399][T10931] FAULT_INJECTION: forcing a failure.
[  398.582399][T10931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.586664][T10931] CPU: 0 UID: 0 PID: 10931 Comm: syz.4.1365 Not tainted syzkaller #0 PREEMPT(full) 
[  398.586679][T10931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  398.586685][T10931] Call Trace:
[  398.586689][T10931]  <TASK>
[  398.586693][T10931]  dump_stack_lvl+0x16c/0x1f0
[  398.586709][T10931]  should_fail_ex+0x512/0x640
[  398.586727][T10931]  _copy_from_iter+0x29f/0x1720
[  398.586747][T10931]  ? __pfx__copy_from_iter+0x10/0x10
[  398.586763][T10931]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  398.586783][T10931]  copy_page_from_iter+0xde/0x180
[  398.586800][T10931]  tun_build_skb.constprop.0+0x2e8/0x1510
[  398.586816][T10931]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  398.586830][T10931]  ? __lock_acquire+0x622/0x1c90
[  398.586853][T10931]  tun_get_user+0x149c/0x3cc0
[  398.586869][T10931]  ? __pfx_tun_get_user+0x10/0x10
[  398.586880][T10931]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  398.586894][T10931]  ? find_held_lock+0x2b/0x80
[  398.586905][T10931]  ? tun_get+0x191/0x370
[  398.586917][T10931]  tun_chr_write_iter+0xdc/0x210
[  398.586928][T10931]  vfs_write+0x7d3/0x11d0
[  398.586940][T10931]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  398.586952][T10931]  ? __pfx_vfs_write+0x10/0x10
[  398.586962][T10931]  ? find_held_lock+0x2b/0x80
[  398.586980][T10931]  ksys_write+0x12a/0x250
[  398.586990][T10931]  ? __pfx_ksys_write+0x10/0x10
[  398.587002][T10931]  ? rcu_is_watching+0x12/0xc0
[  398.587015][T10931]  __do_fast_syscall_32+0x7c/0x300
[  398.587035][T10931]  do_fast_syscall_32+0x32/0x80
[  398.587048][T10931]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  398.587061][T10931] RIP: 0023:0xf7fa7579
[  398.587069][T10931] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  398.587079][T10931] RSP: 002b:00000000f5496520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  398.587089][T10931] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080001800
[  398.587096][T10931] RDX: 000000000000002a RSI: 00000000f7436ff4 RDI: 0000000000000000
[  398.587102][T10931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  398.587107][T10931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  398.587113][T10931] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  398.587126][T10931]  </TASK>
[  398.678811][   T34] usbhid 10-1:0.0: can't add hid device: -71
[  398.680821][   T34] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  398.691777][   T34] usb 10-1: USB disconnect, device number 15
[  398.987965][T10936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1363'.
[  398.991904][T10936] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1363'.
[  399.057374][   T53] hid_parser_main: 6 callbacks suppressed
[  399.057387][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.063627][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.067886][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.070285][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.073979][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.076516][   T53] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  399.081488][   T53] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  399.087545][   T53] usb 11-1: USB disconnect, device number 23
[  399.137628][T10938] fido_id[10938]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb11/report_descriptor': No such file or directory
[  399.490616][T10951] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1370'.
[  399.583264][T10956] syzkaller0: entered promiscuous mode
[  399.587225][T10956] syzkaller0: entered allmulticast mode
[  399.609335][T10956] FAULT_INJECTION: forcing a failure.
[  399.609335][T10956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.613506][T10956] CPU: 3 UID: 0 PID: 10956 Comm: syz.6.1373 Not tainted syzkaller #0 PREEMPT(full) 
[  399.613521][T10956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  399.613528][T10956] Call Trace:
[  399.613532][T10956]  <TASK>
[  399.613536][T10956]  dump_stack_lvl+0x16c/0x1f0
[  399.613552][T10956]  should_fail_ex+0x512/0x640
[  399.613570][T10956]  _copy_from_user+0x2e/0xd0
[  399.613587][T10956]  move_addr_to_kernel+0x65/0x170
[  399.613602][T10956]  __get_compat_msghdr+0x3f1/0x4d0
[  399.613621][T10956]  get_compat_msghdr+0xd2/0x170
[  399.613637][T10956]  ? __pfx_get_compat_msghdr+0x10/0x10
[  399.613658][T10956]  ___sys_sendmsg+0x1ae/0x1d0
[  399.613669][T10956]  ? __pfx____sys_sendmsg+0x10/0x10
[  399.613685][T10956]  ? find_held_lock+0x2b/0x80
[  399.613704][T10956]  __sys_sendmsg+0x16d/0x220
[  399.613715][T10956]  ? __pfx___sys_sendmsg+0x10/0x10
[  399.613730][T10956]  ? rcu_is_watching+0x12/0xc0
[  399.613743][T10956]  __do_fast_syscall_32+0x7c/0x300
[  399.613758][T10956]  do_fast_syscall_32+0x32/0x80
[  399.613771][T10956]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  399.613784][T10956] RIP: 0023:0xf706d579
[  399.613794][T10956] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  399.613804][T10956] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  399.613814][T10956] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  399.613820][T10956] RDX: 0000000000040084 RSI: 0000000000000000 RDI: 0000000000000000
[  399.613826][T10956] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  399.613831][T10956] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  399.613837][T10956] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  399.613850][T10956]  </TASK>
[  399.796248][T10961] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  399.946700][T10963] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1372'.
[  399.949930][T10963] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1372'.
[  400.034341][   T24] usb 11-1: new high-speed USB device number 24 using dummy_hcd
[  400.122912][T10964] IPVS: Error connecting to the multicast addr
[  400.204259][   T24] usb 11-1: Using ep0 maxpacket: 8
[  400.208199][   T24] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  400.212439][   T24] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  400.216832][   T24] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  400.220984][   T24] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  400.226806][   T24] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  400.230651][   T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.458610][   T24] usb 11-1: GET_CAPABILITIES returned 0
[  400.461025][   T24] usbtmc 11-1:16.0: can't read capabilities
[  400.480140][T10978] 9pnet_fd: Insufficient options for proto=fd
[  400.550295][T10981] can0: slcan on ptm0.
[  400.617901][T10980] can0 (unregistered): slcan off ptm0.
[  400.673972][   T24] usb 11-1: USB disconnect, device number 24
[  401.327213][T11016] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1386'.
[  401.421672][T11007] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  401.424390][T11007] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  401.427418][T11007] vhci_hcd vhci_hcd.0: Device attached
[  401.674335][   T34] usb 49-1: new low-speed USB device number 2 using vhci_hcd
[  402.093282][T11019] vhci_hcd: connection reset by peer
[  402.101362][ T8667] vhci_hcd: stop threads
[  402.103325][ T8667] vhci_hcd: release socket
[  402.107111][ T8667] vhci_hcd: disconnect device
[  402.399815][T10998] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1383'.
[  402.492388][T11024] IPVS: Error connecting to the multicast addr
[  402.895979][T11031] fuse: Unknown parameter 'f4'
[  403.064517][T11026] can0: slcan on ttyS3.
[  403.387430][T11025] can0 (unregistered): slcan off ttyS3.
[  403.597286][T11042] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1393'.
[  404.037124][T11069] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[  404.043207][T11069] veth1_macvtap: left allmulticast mode
[  404.100589][T11073] 8021q: VLANs not supported on ipvlan1
[  404.344064][T11082] syz_tun: entered allmulticast mode
[  404.367260][T11082] syz_tun: left allmulticast mode
[  404.420504][T11083] IPVS: Error connecting to the multicast addr
[  405.023701][T11101] FAULT_INJECTION: forcing a failure.
[  405.023701][T11101] name failslab, interval 1, probability 0, space 0, times 0
[  405.029840][T11101] CPU: 3 UID: 0 PID: 11101 Comm: syz.6.1411 Not tainted syzkaller #0 PREEMPT(full) 
[  405.029863][T11101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.029873][T11101] Call Trace:
[  405.029880][T11101]  <TASK>
[  405.029887][T11101]  dump_stack_lvl+0x16c/0x1f0
[  405.029914][T11101]  should_fail_ex+0x512/0x640
[  405.029940][T11101]  ? __kmalloc_noprof+0xca/0x880
[  405.029969][T11101]  should_failslab+0xc2/0x120
[  405.029993][T11101]  __kmalloc_noprof+0xdd/0x880
[  405.030041][T11101]  ? io_cache_alloc_new+0x45/0xf0
[  405.030069][T11101]  ? io_cache_alloc_new+0x45/0xf0
[  405.030092][T11101]  io_cache_alloc_new+0x45/0xf0
[  405.030117][T11101]  __io_prep_rw+0x21d/0x1090
[  405.030135][T11101]  ? find_held_lock+0x2b/0x80
[  405.030154][T11101]  ? __pfx___io_prep_rw+0x10/0x10
[  405.030169][T11101]  ? __io_alloc_req_refill+0x18f/0x5e0
[  405.030192][T11101]  ? __io_alloc_req_refill+0x33a/0x5e0
[  405.030213][T11101]  io_prep_rw+0x76/0x2c0
[  405.030231][T11101]  ? __pfx_io_prep_rw+0x10/0x10
[  405.030262][T11101]  io_prep_writev+0x23/0xa0
[  405.030281][T11101]  io_submit_sqes+0x855/0x2710
[  405.030319][T11101]  __do_sys_io_uring_enter+0xd69/0x1630
[  405.030346][T11101]  ? __fget_files+0x20e/0x3c0
[  405.030365][T11101]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  405.030390][T11101]  ? fput+0x9b/0xd0
[  405.030414][T11101]  ? ksys_write+0x1ac/0x250
[  405.030432][T11101]  ? __pfx_ksys_write+0x10/0x10
[  405.030455][T11101]  ? rcu_is_watching+0x12/0xc0
[  405.030479][T11101]  __do_fast_syscall_32+0x7c/0x300
[  405.030505][T11101]  do_fast_syscall_32+0x32/0x80
[  405.030528][T11101]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.030549][T11101] RIP: 0023:0xf706d579
[  405.030564][T11101] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.030581][T11101] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  405.030598][T11101] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000000047ba
[  405.030609][T11101] RDX: 0000000000003e80 RSI: 0000000000000000 RDI: 0000000000000000
[  405.030619][T11101] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.030630][T11101] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.030638][T11101] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.030665][T11101]  </TASK>
[  405.066650][T11092] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1408'.
[  405.200117][T11106] 9pnet_virtio: no channels available for device syz
[  405.339476][T11111] netlink: 'syz.1.1415': attribute type 23 has an invalid length.
[  405.491979][T11119] trusted_key: syz.1.1417 sent an empty control message without MSG_MORE.
[  405.550214][ T6026] hid (null): unknown global tag 0xc
[  405.555639][ T6026] hid-generic 0000:0004:0000.000E: unknown global tag 0xc
[  405.558026][ T6026] hid-generic 0000:0004:0000.000E: item 0 1 1 12 parsing failed
[  405.560978][ T6026] hid-generic 0000:0004:0000.000E: probe with driver hid-generic failed with error -22
[  405.566462][T11123] mmap: syz.4.1421 (11123) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  405.573205][T11123] FAULT_INJECTION: forcing a failure.
[  405.573205][T11123] name failslab, interval 1, probability 0, space 0, times 0
[  405.577598][T11123] CPU: 3 UID: 0 PID: 11123 Comm: syz.4.1421 Not tainted syzkaller #0 PREEMPT(full) 
[  405.577624][T11123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  405.577630][T11123] Call Trace:
[  405.577634][T11123]  <TASK>
[  405.577638][T11123]  dump_stack_lvl+0x16c/0x1f0
[  405.577656][T11123]  should_fail_ex+0x512/0x640
[  405.577671][T11123]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  405.577684][T11123]  should_failslab+0xc2/0x120
[  405.577698][T11123]  kmem_cache_alloc_node_noprof+0x78/0x770
[  405.577709][T11123]  ? __alloc_skb+0x2b2/0x380
[  405.577728][T11123]  ? __alloc_skb+0x2b2/0x380
[  405.577742][T11123]  ? __pfx_netlink_insert+0x10/0x10
[  405.577752][T11123]  __alloc_skb+0x2b2/0x380
[  405.577768][T11123]  ? __pfx___alloc_skb+0x10/0x10
[  405.577784][T11123]  ? netlink_autobind.isra.0+0x158/0x370
[  405.577799][T11123]  netlink_alloc_large_skb+0x69/0x140
[  405.577811][T11123]  netlink_sendmsg+0x698/0xdd0
[  405.577824][T11123]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.577837][T11123]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  405.577855][T11123]  ____sys_sendmsg+0xa98/0xc70
[  405.577870][T11123]  ? __pfx_____sys_sendmsg+0x10/0x10
[  405.577882][T11123]  ? get_compat_msghdr+0x11a/0x170
[  405.577904][T11123]  ___sys_sendmsg+0x134/0x1d0
[  405.577916][T11123]  ? __pfx____sys_sendmsg+0x10/0x10
[  405.577933][T11123]  ? find_held_lock+0x2b/0x80
[  405.577955][T11123]  __sys_sendmsg+0x16d/0x220
[  405.577966][T11123]  ? __pfx___sys_sendmsg+0x10/0x10
[  405.577982][T11123]  ? rcu_is_watching+0x12/0xc0
[  405.577995][T11123]  __do_fast_syscall_32+0x7c/0x300
[  405.578034][T11123]  do_fast_syscall_32+0x32/0x80
[  405.578053][T11123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  405.578072][T11123] RIP: 0023:0xf7fa7579
[  405.578086][T11123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  405.578103][T11123] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  405.578118][T11123] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000400
[  405.578130][T11123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  405.578140][T11123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  405.578149][T11123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  405.578160][T11123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  405.578182][T11123]  </TASK>
[  405.595497][T11127] lo speed is unknown, defaulting to 1000
[  406.217066][T11147] FAULT_INJECTION: forcing a failure.
[  406.217066][T11147] name failslab, interval 1, probability 0, space 0, times 0
[  406.222796][T11147] CPU: 3 UID: 0 PID: 11147 Comm: syz.6.1428 Not tainted syzkaller #0 PREEMPT(full) 
[  406.222820][T11147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  406.222831][T11147] Call Trace:
[  406.222838][T11147]  <TASK>
[  406.222845][T11147]  dump_stack_lvl+0x116/0x1f0
[  406.222870][T11147]  should_fail_ex+0x512/0x640
[  406.222906][T11147]  should_failslab+0xc2/0x120
[  406.222929][T11147]  kmem_cache_alloc_noprof+0x75/0x6e0
[  406.222948][T11147]  ? __send_signal_locked+0x159/0x12c0
[  406.222982][T11147]  ? __send_signal_locked+0x159/0x12c0
[  406.223007][T11147]  __send_signal_locked+0x159/0x12c0
[  406.223042][T11147]  send_sig+0xd7/0x170
[  406.223062][T11147]  ? __pfx_send_sig+0x10/0x10
[  406.223082][T11147]  ? __pfx_woken_wake_function+0x10/0x10
[  406.223110][T11147]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  406.223132][T11147]  sk_stream_error+0xb8/0x120
[  406.223159][T11147]  tcp_sendmsg_locked+0xea7/0x42e0
[  406.223193][T11147]  ? __lock_acquire+0xb8a/0x1c90
[  406.223227][T11147]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  406.223253][T11147]  ? do_raw_spin_lock+0x12c/0x2b0
[  406.223280][T11147]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  406.223314][T11147]  ? __local_bh_enable_ip+0xa4/0x120
[  406.223338][T11147]  tcp_sendmsg+0x2e/0x50
[  406.223359][T11147]  ? __pfx_tcp_sendmsg+0x10/0x10
[  406.223381][T11147]  inet6_sendmsg+0xb9/0x140
[  406.223403][T11147]  ____sys_sendmsg+0x705/0xc70
[  406.223428][T11147]  ? __pfx_____sys_sendmsg+0x10/0x10
[  406.223448][T11147]  ? get_compat_msghdr+0x11a/0x170
[  406.223481][T11147]  ? __pfx__kstrtoull+0x10/0x10
[  406.223507][T11147]  ___sys_sendmsg+0x134/0x1d0
[  406.223527][T11147]  ? __pfx____sys_sendmsg+0x10/0x10
[  406.223540][T11147]  ? __lock_acquire+0x622/0x1c90
[  406.223601][T11147]  __sys_sendmmsg+0x2f9/0x420
[  406.223622][T11147]  ? __pfx___sys_sendmmsg+0x10/0x10
[  406.223649][T11147]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  406.223683][T11147]  ? fput+0x9b/0xd0
[  406.223706][T11147]  ? ksys_write+0x1ac/0x250
[  406.223723][T11147]  ? __pfx_ksys_write+0x10/0x10
[  406.223747][T11147]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  406.223764][T11147]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  406.223790][T11147]  __do_fast_syscall_32+0x7c/0x300
[  406.223814][T11147]  do_fast_syscall_32+0x32/0x80
[  406.223835][T11147]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  406.223855][T11147] RIP: 0023:0xf706d579
[  406.223869][T11147] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  406.223885][T11147] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  406.223906][T11147] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000080003c00
[  406.223916][T11147] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  406.223925][T11147] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  406.223935][T11147] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  406.223944][T11147] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  406.223969][T11147]  </TASK>
[  406.627012][T11154] syzkaller1: entered promiscuous mode
[  406.628767][T11154] syzkaller1: entered allmulticast mode
[  406.651081][T11156] syzkaller1: entered promiscuous mode
[  406.652782][T11156] syzkaller1: entered allmulticast mode
[  406.656578][T11156] FAULT_INJECTION: forcing a failure.
[  406.656578][T11156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.660509][T11156] CPU: 0 UID: 0 PID: 11156 Comm: syz.5.1432 Not tainted syzkaller #0 PREEMPT(full) 
[  406.660523][T11156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  406.660530][T11156] Call Trace:
[  406.660534][T11156]  <TASK>
[  406.660538][T11156]  dump_stack_lvl+0x16c/0x1f0
[  406.660555][T11156]  should_fail_ex+0x512/0x640
[  406.660574][T11156]  _copy_from_iter+0x29f/0x1720
[  406.660592][T11156]  ? __lock_acquire+0x622/0x1c90
[  406.660607][T11156]  ? __pfx__copy_from_iter+0x10/0x10
[  406.660623][T11156]  ? _parse_integer_limit+0x17f/0x1d0
[  406.660641][T11156]  tun_get_user+0x3c7/0x3cc0
[  406.660658][T11156]  ? __pfx_tun_get_user+0x10/0x10
[  406.660670][T11156]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  406.660683][T11156]  ? find_held_lock+0x2b/0x80
[  406.660694][T11156]  ? tun_get+0x191/0x370
[  406.660707][T11156]  tun_chr_write_iter+0xdc/0x210
[  406.660719][T11156]  vfs_write+0x7d3/0x11d0
[  406.660731][T11156]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  406.660743][T11156]  ? __pfx_vfs_write+0x10/0x10
[  406.660753][T11156]  ? find_held_lock+0x2b/0x80
[  406.660771][T11156]  ksys_write+0x12a/0x250
[  406.660781][T11156]  ? __pfx_ksys_write+0x10/0x10
[  406.660794][T11156]  ? rcu_is_watching+0x12/0xc0
[  406.660806][T11156]  __do_fast_syscall_32+0x7c/0x300
[  406.660822][T11156]  do_fast_syscall_32+0x32/0x80
[  406.660835][T11156]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  406.660848][T11156] RIP: 0023:0xf70cd579
[  406.660856][T11156] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  406.660866][T11156] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  406.660876][T11156] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040
[  406.660883][T11156] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000
[  406.660889][T11156] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  406.660894][T11156] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  406.660900][T11156] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  406.660917][T11156]  </TASK>
[  406.825630][   T34] vhci_hcd: vhci_device speed not set
[  406.916490][T11161] tipc: Started in network mode
[  406.921834][T11161] tipc: Node identity 4, cluster identity 4711
[  406.952281][T11161] tipc: Node number set to 4
[  407.028182][T11170] input: syz1 as /devices/virtual/input/input29
[  407.222288][T11167] lo speed is unknown, defaulting to 1000
[  407.377827][T11174] lo speed is unknown, defaulting to 1000
[  407.438883][T11177] overlayfs: conflicting lowerdir path
[  407.756649][T11182] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1439'.
[  407.759811][T11182] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1439'.
[  408.586768][T11198] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1442'.
[  408.589553][T11198] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1442'.
[  408.608442][T11207] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1444'.
[  408.841995][T11211] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  408.844608][T11211] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  408.848360][T11211] vhci_hcd vhci_hcd.0: Device attached
[  409.152680][T11221] lo speed is unknown, defaulting to 1000
[  409.203701][T11223] overlayfs: failed to clone upperpath
[  409.224313][ T6045] usb 48-1: SetAddress Request (6) to port 0
[  409.231573][ T6045] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  410.105780][T11234] IPVS: Error connecting to the multicast addr
[  410.547225][T11242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1453'.
[  410.550509][T11242] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1453'.
[  411.104209][   T53] usb 11-1: new high-speed USB device number 25 using dummy_hcd
[  411.305342][   T53] usb 11-1: config index 0 descriptor too short (expected 23569, got 27)
[  411.308615][   T53] usb 11-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  411.313448][   T53] usb 11-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  411.316804][   T53] usb 11-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  411.319272][   T53] usb 11-1: Manufacturer: syz
[  411.322213][   T53] usb 11-1: config 0 descriptor??
[  411.325630][   T53] igorplugusb 11-1:0.0: incorrect number of endpoints
[  411.527406][    T9] usb 11-1: USB disconnect, device number 25
[  411.737185][T11212] vhci_hcd: connection reset by peer
[  411.739079][   T76] vhci_hcd: stop threads
[  411.740436][   T76] vhci_hcd: release socket
[  411.741887][   T76] vhci_hcd: disconnect device
[  411.944581][   T53] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  412.098275][   T53] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  412.101977][   T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.104803][   T53] usb 9-1: Product: syz
[  412.106742][   T53] usb 9-1: Manufacturer: syz
[  412.108608][   T53] usb 9-1: SerialNumber: syz
[  412.114873][   T53] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  412.140073][  T979] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  412.348125][    T9] usb 9-1: USB disconnect, device number 11
[  412.405908][T11268] lo speed is unknown, defaulting to 1000
[  412.518739][T11268] overlayfs: failed to clone upperpath
[  412.850451][T11287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1466'.
[  413.054790][   T34] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  413.224453][  T979] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  413.233324][  T979] ath9k_htc: Failed to initialize the device
[  413.238239][    T9] usb 9-1: ath9k_htc: USB layer deinitialized
[  413.396774][   T34] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  413.400546][   T34] usb 10-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  413.407658][   T34] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  413.411475][   T34] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  413.424750][   T34] usb 10-1: Manufacturer: syz
[  413.429004][   T34] usb 10-1: config 0 descriptor??
[  413.434845][   T34] igorplugusb 10-1:0.0: incorrect number of endpoints
[  413.516277][T11294] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  413.637302][    T9] usb 10-1: USB disconnect, device number 16
[  413.705702][T11295] block device autoloading is deprecated and will be removed.
[  413.718336][T11305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1473'.
[  413.764881][   T34] usb 11-1: new high-speed USB device number 26 using dummy_hcd
[  413.914694][   T34] usb 11-1: Using ep0 maxpacket: 8
[  413.919040][   T34] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  413.922573][   T34] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  413.926352][   T34] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  413.929382][   T34] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  413.933370][   T34] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  413.937246][   T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.159289][   T34] usb 11-1: GET_CAPABILITIES returned 0
[  414.161159][   T34] usbtmc 11-1:16.0: can't read capabilities
[  414.269208][T11319] lo speed is unknown, defaulting to 1000
[  414.354320][ T6045] usb 48-1: device descriptor read/8, error -110
[  414.376755][T11319] overlayfs: conflicting lowerdir path
[  414.384638][   T24] usb 11-1: USB disconnect, device number 26
[  414.747136][T11328] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1477'.
[  414.925143][T11329] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1477'.
[  415.086186][ T6045] usb usb48-port1: attempt power cycle
[  415.217262][T11336] IPVS: Error connecting to the multicast addr
[  415.732088][ T6045] usb usb48-port1: unable to enumerate USB device
[  415.920608][T11351] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1485'.
[  416.117099][T11362] kvm: vcpu 32: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  417.581263][T11383] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  417.692908][T11394] IPVS: Error connecting to the multicast addr
[  417.767903][T11396] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1500'.
[  417.771748][T11396] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1500'.
[  418.138797][T11405] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  418.366768][T11401] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  418.377182][T11401] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  418.505484][ T7134] lo speed is unknown, defaulting to 1000
[  418.508433][ T7134] syz2: Port: 1 Link DOWN
[  418.508723][ T8667] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  418.515583][ T8667] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  418.519813][ T8667] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  418.523829][ T8667] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  418.738814][T11420] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  419.051096][T11426] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1507'.
[  419.056479][T11426] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1507'.
[  419.126533][T11428] futex_wake_op: syz.1.1508 tries to shift op by 32; fix this program
[  419.285342][T11429] netlink: 'syz.1.1508': attribute type 4 has an invalid length.
[  419.936727][T11444] IPVS: Error connecting to the multicast addr
[  420.834760][  T842] usb 11-1: new high-speed USB device number 27 using dummy_hcd
[  420.996389][  T842] usb 11-1: config index 0 descriptor too short (expected 23569, got 27)
[  421.003056][  T842] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.012145][  T842] usb 11-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  421.017374][  T842] usb 11-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  421.022615][  T842] usb 11-1: Manufacturer: syz
[  421.039706][  T842] usb 11-1: config 0 descriptor??
[  421.204709][  T842] rc_core: IR keymap rc-hauppauge not found
[  421.207128][  T842] Registered IR keymap rc-empty
[  421.210204][  T842] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0
[  421.216842][  T842] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/rc/rc0/input30
[  421.255267][   T60] usb 11-1: USB disconnect, device number 27
[  421.859280][T11478] bridge0: entered promiscuous mode
[  421.861496][T11478] bridge0: entered allmulticast mode
[  421.865835][T11478] team0: Port device bridge0 added
[  421.934345][    T9] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  421.970649][T11486] FAULT_INJECTION: forcing a failure.
[  421.970649][T11486] name failslab, interval 1, probability 0, space 0, times 0
[  421.976891][T11486] CPU: 3 UID: 0 PID: 11486 Comm: syz.4.1526 Not tainted syzkaller #0 PREEMPT(full) 
[  421.976911][T11486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  421.976920][T11486] Call Trace:
[  421.976926][T11486]  <TASK>
[  421.976932][T11486]  dump_stack_lvl+0x16c/0x1f0
[  421.976954][T11486]  should_fail_ex+0x512/0x640
[  421.976976][T11486]  ? fs_reclaim_acquire+0xae/0x150
[  421.976997][T11486]  should_failslab+0xc2/0x120
[  421.977017][T11486]  __kmalloc_noprof+0xdd/0x880
[  421.977040][T11486]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  421.977062][T11486]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  421.977078][T11486]  tomoyo_realpath_from_path+0xc2/0x6e0
[  421.977097][T11486]  ? tomoyo_profile+0x47/0x60
[  421.977119][T11486]  tomoyo_path_number_perm+0x245/0x580
[  421.977140][T11486]  ? tomoyo_path_number_perm+0x237/0x580
[  421.977164][T11486]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  421.977211][T11486]  ? find_held_lock+0x2b/0x80
[  421.977227][T11486]  ? hook_file_ioctl_common+0x145/0x410
[  421.977247][T11486]  ? __fget_files+0x20e/0x3c0
[  421.977266][T11486]  security_file_ioctl_compat+0x9b/0x240
[  421.977283][T11486]  __ia32_compat_sys_ioctl+0xc3/0x370
[  421.977308][T11486]  __do_fast_syscall_32+0x7c/0x300
[  421.977330][T11486]  do_fast_syscall_32+0x32/0x80
[  421.977348][T11486]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  421.977366][T11486] RIP: 0023:0xf7fa7579
[  421.977379][T11486] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  421.977393][T11486] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  421.977407][T11486] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b3a
[  421.977416][T11486] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  421.977424][T11486] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  421.977433][T11486] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  421.977441][T11486] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  421.977462][T11486]  </TASK>
[  421.977469][T11486] ERROR: Out of memory at tomoyo_realpath_from_path.
[  422.114195][    T9] usb 10-1: Using ep0 maxpacket: 16
[  422.118148][    T9] usb 10-1: config index 0 descriptor too short (expected 65, got 36)
[  422.121336][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  422.133313][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  422.146310][    T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  422.151457][    T9] usb 10-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  422.157880][T11489] FAULT_INJECTION: forcing a failure.
[  422.157880][T11489] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  422.160888][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.163732][T11489] CPU: 2 UID: 0 PID: 11489 Comm: syz.6.1527 Not tainted syzkaller #0 PREEMPT(full) 
[  422.163754][T11489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.163764][T11489] Call Trace:
[  422.163771][T11489]  <TASK>
[  422.163778][T11489]  dump_stack_lvl+0x16c/0x1f0
[  422.163808][T11489]  should_fail_ex+0x512/0x640
[  422.163838][T11489]  should_fail_alloc_page+0xe7/0x130
[  422.163863][T11489]  prepare_alloc_pages+0x3c2/0x610
[  422.163890][T11489]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  422.163914][T11489]  ? rcu_is_watching+0x12/0xc0
[  422.163934][T11489]  ? trace_mm_page_alloc+0x11f/0x1a0
[  422.163957][T11489]  ? __alloc_frozen_pages_noprof+0x292/0x2470
[  422.163976][T11489]  ? stack_trace_save+0x8e/0xc0
[  422.163997][T11489]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  422.164017][T11489]  ? __lock_acquire+0x622/0x1c90
[  422.164045][T11489]  ? kmem_cache_alloc_node_noprof+0x28a/0x770
[  422.164063][T11489]  ? __get_vm_area_node+0x1ca/0x330
[  422.164101][T11489]  ? __vmalloc_node_noprof+0xad/0xf0
[  422.164127][T11489]  ? copy_process+0x2c77/0x76a0
[  422.164146][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.164168][T11489]  ? kvm_mmu_post_init_vm+0x1b7/0x380
[  422.164185][T11489]  ? kvm_arch_vcpu_ioctl_run+0x66/0x1970
[  422.164202][T11489]  ? kvm_vcpu_ioctl+0x5eb/0x1690
[  422.164222][T11489]  ? kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  422.164256][T11489]  alloc_pages_bulk_noprof+0x71c/0x1410
[  422.164272][T11489]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  422.164302][T11489]  ? policy_nodemask+0xea/0x4e0
[  422.164329][T11489]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  422.164348][T11489]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  422.164386][T11489]  kasan_populate_vmalloc+0x112/0x2d0
[  422.164404][T11489]  ? alloc_vmap_area+0x8b5/0x29e0
[  422.164431][T11489]  alloc_vmap_area+0x960/0x29e0
[  422.164466][T11489]  ? __pfx_alloc_vmap_area+0x10/0x10
[  422.164497][T11489]  __get_vm_area_node+0x1ca/0x330
[  422.164540][T11489]  __vmalloc_node_range_noprof+0x271/0x1480
[  422.164565][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.164595][T11489]  ? find_held_lock+0x2b/0x80
[  422.164612][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.164643][T11489]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  422.164673][T11489]  ? rcu_is_watching+0x12/0xc0
[  422.164693][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.164715][T11489]  __vmalloc_node_noprof+0xad/0xf0
[  422.164739][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.164766][T11489]  copy_process+0x2c77/0x76a0
[  422.164798][T11489]  ? __pfx_copy_process+0x10/0x10
[  422.164823][T11489]  ? lockdep_init_map_type+0x5c/0x280
[  422.164848][T11489]  ? lockdep_init_map_type+0x5c/0x280
[  422.164871][T11489]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  422.164895][T11489]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  422.164916][T11489]  vhost_task_create+0x1d2/0x370
[  422.164940][T11489]  ? __pfx_vhost_task_create+0x10/0x10
[  422.164973][T11489]  ? __pfx_vhost_task_fn+0x10/0x10
[  422.165010][T11489]  kvm_mmu_post_init_vm+0x1b7/0x380
[  422.165030][T11489]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[  422.165048][T11489]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  422.165076][T11489]  kvm_vcpu_ioctl+0x5eb/0x1690
[  422.165102][T11489]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  422.165131][T11489]  ? tomoyo_path_number_perm+0x18d/0x580
[  422.165163][T11489]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  422.165200][T11489]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  422.165230][T11489]  ? do_vfs_ioctl+0x128/0x14f0
[  422.165256][T11489]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  422.165294][T11489]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  422.165320][T11489]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  422.165345][T11489]  ? __fget_files+0x20e/0x3c0
[  422.165368][T11489]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  422.165394][T11489]  __ia32_compat_sys_ioctl+0x242/0x370
[  422.165423][T11489]  __do_fast_syscall_32+0x7c/0x300
[  422.165448][T11489]  do_fast_syscall_32+0x32/0x80
[  422.165470][T11489]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.165490][T11489] RIP: 0023:0xf706d579
[  422.165505][T11489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.165521][T11489] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  422.165537][T11489] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  422.165548][T11489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  422.165558][T11489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.165567][T11489] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.165576][T11489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.165603][T11489]  </TASK>
[  422.166708][T11489] syz.6.1527: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  422.181774][    T9] usb 10-1: config 0 descriptor??
[  422.183273][T11489] ,cpuset=
[  422.192316][    T9] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input31
[  422.195352][T11489] /,mems_allowed=0-1
[  422.350594][T11489] CPU: 3 UID: 0 PID: 11489 Comm: syz.6.1527 Not tainted syzkaller #0 PREEMPT(full) 
[  422.350609][T11489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.350615][T11489] Call Trace:
[  422.350619][T11489]  <TASK>
[  422.350623][T11489]  dump_stack_lvl+0x16c/0x1f0
[  422.350639][T11489]  warn_alloc+0x248/0x3a0
[  422.350651][T11489]  ? __pfx_warn_alloc+0x10/0x10
[  422.350667][T11489]  ? __get_vm_area_node+0x208/0x330
[  422.350683][T11489]  __vmalloc_node_range_noprof+0xaf5/0x1480
[  422.350702][T11489]  ? find_held_lock+0x2b/0x80
[  422.350713][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.350732][T11489]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  422.350750][T11489]  ? rcu_is_watching+0x12/0xc0
[  422.350762][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.350776][T11489]  __vmalloc_node_noprof+0xad/0xf0
[  422.350790][T11489]  ? vhost_task_create+0x1d2/0x370
[  422.350806][T11489]  copy_process+0x2c77/0x76a0
[  422.350830][T11489]  ? __pfx_copy_process+0x10/0x10
[  422.350845][T11489]  ? lockdep_init_map_type+0x5c/0x280
[  422.350861][T11489]  ? lockdep_init_map_type+0x5c/0x280
[  422.350876][T11489]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  422.350891][T11489]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  422.350904][T11489]  vhost_task_create+0x1d2/0x370
[  422.350918][T11489]  ? __pfx_vhost_task_create+0x10/0x10
[  422.350938][T11489]  ? __pfx_vhost_task_fn+0x10/0x10
[  422.350959][T11489]  kvm_mmu_post_init_vm+0x1b7/0x380
[  422.350971][T11489]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[  422.350982][T11489]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  422.350999][T11489]  kvm_vcpu_ioctl+0x5eb/0x1690
[  422.351015][T11489]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  422.351030][T11489]  ? tomoyo_path_number_perm+0x18d/0x580
[  422.351048][T11489]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  422.351070][T11489]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  422.351088][T11489]  ? do_vfs_ioctl+0x128/0x14f0
[  422.351104][T11489]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  422.351125][T11489]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  422.351140][T11489]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  422.351155][T11489]  ? __fget_files+0x20e/0x3c0
[  422.351168][T11489]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  422.351183][T11489]  __ia32_compat_sys_ioctl+0x242/0x370
[  422.351200][T11489]  __do_fast_syscall_32+0x7c/0x300
[  422.351215][T11489]  do_fast_syscall_32+0x32/0x80
[  422.351228][T11489]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.351241][T11489] RIP: 0023:0xf706d579
[  422.351250][T11489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.351260][T11489] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  422.351270][T11489] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  422.351276][T11489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  422.351282][T11489] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.351287][T11489] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.351293][T11489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.351306][T11489]  </TASK>
[  422.351310][T11489] Mem-Info:
[  422.364609][T11493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1528'.
[  422.459275][T11489] active_anon:2664 inactive_anon:567 isolated_anon:0
[  422.459275][T11489]  active_file:14253 inactive_file:5036 isolated_file:148
[  422.459275][T11489]  unevictable:18105 dirty:486 writeback:0
[  422.459275][T11489]  slab_reclaimable:6673 slab_unreclaimable:59684
[  422.459275][T11489]  mapped:24415 shmem:1778 pagetables:1993
[  422.459275][T11489]  sec_pagetables:329 bounce:0
[  422.459275][T11489]  kernel_misc_reclaimable:0
[  422.459275][T11489]  free:41612 free_pcp:17193 free_cma:0
[  422.473200][T11489] Node 0 active_anon:344kB inactive_anon:136kB active_file:128kB inactive_file:152kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2672kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8176kB pagetables:1748kB sec_pagetables:1156kB all_unreclaimable? yes Balloon:0kB
[  422.483365][T11489] Node 1 active_anon:10312kB inactive_anon:2132kB active_file:57484kB inactive_file:19992kB unevictable:68884kB isolated(anon):0kB isolated(file):92kB mapped:94988kB dirty:1940kB writeback:0kB shmem:3576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6448kB pagetables:6224kB sec_pagetables:160kB all_unreclaimable? no Balloon:0kB
[  422.497084][T11489] Node 0 DMA free:2096kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:4kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:4kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:524kB local_pcp:100kB free_cma:0kB
[  422.498695][   T60] usb 10-1: USB disconnect, device number 17
[  422.510419][ T5332] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  422.514796][ T5332] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  422.517486][T11489] lowmem_reserve[]: 0 294 294 294 294
[  422.519332][T11489] Node 0 DMA32 free:31548kB boost:16384kB min:29832kB low:33192kB high:36552kB reserved_highatomic:0KB free_highatomic:0KB active_anon:328kB inactive_anon:132kB active_file:124kB inactive_file:148kB unevictable:3536kB writepending:0kB zspages:1096kB present:1032196kB managed:301152kB mlocked:0kB bounce:0kB free_pcp:7408kB local_pcp:1088kB free_cma:0kB
[  422.530158][ T5332] pxrc 10-1:0.0: pxrc_open - usb_submit_urb failed, error: -19
[  422.530304][T11489] lowmem_reserve[]: 0 0 0 0 0
[  422.534831][T11489] Node 1 DMA32 free:134816kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:10216kB inactive_anon:2132kB active_file:57436kB inactive_file:19992kB unevictable:68884kB writepending:1940kB zspages:12764kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:58296kB local_pcp:13528kB free_cma:0kB
[  422.546570][T11489] lowmem_reserve[]: 0 0 0 0 0
[  422.548211][T11489] Node 0 DMA: 42*4kB (UM) 27*8kB (UM) 13*16kB (UM) 1*32kB (M) 3*64kB (UM) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2096kB
[  422.553563][T11489] Node 0 DMA32: 609*4kB (UE) 255*8kB (UE) 126*16kB (UM) 235*32kB (UM) 100*64kB (UM) 33*128kB (UM) 15*256kB (UM) 6*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 31548kB
[  422.559501][T11489] Node 1 DMA32: 744*4kB (UME) 1041*8kB (UME) 491*16kB (UME) 201*32kB (UME) 207*64kB (UM) 132*128kB (UM) 76*256kB (UM) 40*512kB (UM) 27*1024kB (ME) 5*2048kB (UM) 0*4096kB = 133560kB
[  422.565683][T11489] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  422.568656][T11489] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  422.571598][T11489] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  422.575230][T11489] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  422.578290][T11489] 38809 total pagecache pages
[  422.579776][T11489] 1262 pages in swap cache
[  422.581182][T11489] Free swap  = 17488kB
[  422.582495][T11489] Total swap = 124996kB
[  422.583820][T11489] 524155 pages RAM
[  422.585641][T11489] 0 pages HighMem/MovableOnly
[  422.587691][T11489] 207972 pages reserved
[  422.589459][T11489] 0 pages cma reserved
[  422.823082][T11503] FAULT_INJECTION: forcing a failure.
[  422.823082][T11503] name failslab, interval 1, probability 0, space 0, times 0
[  422.827740][T11503] CPU: 2 UID: 0 PID: 11503 Comm: syz.6.1531 Not tainted syzkaller #0 PREEMPT(full) 
[  422.827764][T11503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.827776][T11503] Call Trace:
[  422.827782][T11503]  <TASK>
[  422.827789][T11503]  dump_stack_lvl+0x16c/0x1f0
[  422.827817][T11503]  should_fail_ex+0x512/0x640
[  422.827850][T11503]  should_failslab+0xc2/0x120
[  422.827874][T11503]  kmem_cache_alloc_node_noprof+0x78/0x770
[  422.827894][T11503]  ? __lock_acquire+0x622/0x1c90
[  422.827917][T11503]  ? __alloc_skb+0x2b2/0x380
[  422.827953][T11503]  ? __alloc_skb+0x2b2/0x380
[  422.827978][T11503]  __alloc_skb+0x2b2/0x380
[  422.828006][T11503]  ? __pfx___alloc_skb+0x10/0x10
[  422.828048][T11503]  __netdev_alloc_skb+0x213/0x920
[  422.828071][T11503]  ieee80211_mgmt_tx+0xbba/0x2470
[  422.828112][T11503]  cfg80211_mlme_mgmt_tx+0x7ef/0x1690
[  422.828155][T11503]  nl80211_tx_mgmt+0x86d/0xdd0
[  422.828176][T11503]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  422.828194][T11503]  ? __pfx_netdev_run_todo+0x10/0x10
[  422.828240][T11503]  ? nl80211_pre_doit+0x1b0/0xb10
[  422.828265][T11503]  genl_family_rcv_msg_doit+0x209/0x2f0
[  422.828289][T11503]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  422.828322][T11503]  ? bpf_lsm_capable+0x9/0x10
[  422.828343][T11503]  ? security_capable+0x7e/0x260
[  422.828368][T11503]  ? ns_capable+0xd7/0x110
[  422.828390][T11503]  genl_rcv_msg+0x55c/0x800
[  422.828415][T11503]  ? __pfx_genl_rcv_msg+0x10/0x10
[  422.828437][T11503]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  422.828453][T11503]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  422.828467][T11503]  ? __pfx_nl80211_post_doit+0x10/0x10
[  422.828504][T11503]  netlink_rcv_skb+0x158/0x420
[  422.828522][T11503]  ? __pfx_genl_rcv_msg+0x10/0x10
[  422.828544][T11503]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  422.828577][T11503]  ? netlink_deliver_tap+0x1ae/0xd30
[  422.828601][T11503]  genl_rcv+0x28/0x40
[  422.828619][T11503]  netlink_unicast+0x5aa/0x870
[  422.828643][T11503]  ? __pfx_netlink_unicast+0x10/0x10
[  422.828675][T11503]  netlink_sendmsg+0x8c8/0xdd0
[  422.828699][T11503]  ? __pfx_netlink_sendmsg+0x10/0x10
[  422.828722][T11503]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  422.828753][T11503]  ____sys_sendmsg+0xa98/0xc70
[  422.828779][T11503]  ? __pfx_____sys_sendmsg+0x10/0x10
[  422.828800][T11503]  ? get_compat_msghdr+0x11a/0x170
[  422.828842][T11503]  ___sys_sendmsg+0x134/0x1d0
[  422.828862][T11503]  ? __pfx____sys_sendmsg+0x10/0x10
[  422.828896][T11503]  ? find_held_lock+0x2b/0x80
[  422.828934][T11503]  __sys_sendmsg+0x16d/0x220
[  422.828953][T11503]  ? __pfx___sys_sendmsg+0x10/0x10
[  422.828982][T11503]  ? rcu_is_watching+0x12/0xc0
[  422.829003][T11503]  __do_fast_syscall_32+0x7c/0x300
[  422.829027][T11503]  do_fast_syscall_32+0x32/0x80
[  422.829047][T11503]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.829066][T11503] RIP: 0023:0xf706d579
[  422.829080][T11503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.829096][T11503] RSP: 002b:00000000f545d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  422.829117][T11503] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  422.829128][T11503] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  422.829138][T11503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.829148][T11503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.829158][T11503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.829184][T11503]  </TASK>
[  423.023305][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  423.023320][   T40] audit: type=1326 audit(1762475567.748:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.038738][   T40] audit: type=1326 audit(1762475567.768:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.048251][   T40] audit: type=1326 audit(1762475567.768:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.057654][   T40] audit: type=1326 audit(1762475567.768:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.064819][T11506] netlink: 'syz.6.1532': attribute type 8 has an invalid length.
[  423.066726][   T40] audit: type=1326 audit(1762475567.768:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.073715][T11507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1530'.
[  423.078064][   T40] audit: type=1326 audit(1762475567.768:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.090008][   T40] audit: type=1326 audit(1762475567.768:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.098859][   T40] audit: type=1326 audit(1762475567.768:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.108780][   T40] audit: type=1326 audit(1762475567.768:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.115969][   T40] audit: type=1326 audit(1762475567.768:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11505 comm="syz.6.1532" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf706d579 code=0x7ffc0000
[  423.304299][    T9] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  423.585885][    T9] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  423.588545][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  423.595000][    T9] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  423.599321][    T9] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  423.603853][    T9] usb 10-1: Manufacturer: syz
[  423.610773][    T9] usb 10-1: config 0 descriptor??
[  423.684240][    T9] rc_core: IR keymap rc-hauppauge not found
[  423.688491][    T9] Registered IR keymap rc-empty
[  423.696332][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  423.701535][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input32
[  423.826212][  T842] usb 10-1: USB disconnect, device number 18
[  424.371691][T11537] netlink: 'syz.5.1542': attribute type 8 has an invalid length.
[  424.439428][T11541] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1544'.
[  424.867164][T11542] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1543'.
[  425.828276][T11554] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1548'.
[  426.369192][T11567] netlink: 'syz.6.1551': attribute type 8 has an invalid length.
[  427.184513][  T842] usb 11-1: new high-speed USB device number 28 using dummy_hcd
[  427.325785][T11602] input: syz1 as /devices/virtual/input/input33
[  427.336409][  T842] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  427.340070][  T842] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  427.343559][  T842] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  427.347067][  T842] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  427.351294][  T842] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  427.362169][T11603] IPVS: Error connecting to the multicast addr
[  427.381625][  T842] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.392890][  T842] usb 11-1: config 0 descriptor??
[  427.418008][T11590] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1557'.
[  427.907420][T11609] netlink: 'syz.1.1561': attribute type 8 has an invalid length.
[  428.314849][T11628] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1565'.
[  428.317701][T11628] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1565'.
[  428.354482][T11631] syz.4.1568 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  428.376429][   T40] kauditd_printk_skb: 71 callbacks suppressed
[  428.376444][   T40] audit: type=1326 audit(1762475573.108:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.388891][   T40] audit: type=1326 audit(1762475573.108:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.398456][   T40] audit: type=1326 audit(1762475573.108:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.409160][ T7135] e1000 0000:00:06.0 eth0: Reset adapter
[  428.411231][   T40] audit: type=1326 audit(1762475573.108:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.421196][   T40] audit: type=1326 audit(1762475573.108:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.431217][   T40] audit: type=1326 audit(1762475573.108:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.442797][   T40] audit: type=1326 audit(1762475573.108:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.453265][   T40] audit: type=1326 audit(1762475573.108:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.462643][   T40] audit: type=1326 audit(1762475573.108:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.484834][   T40] audit: type=1326 audit(1762475573.108:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11632 comm="syz.5.1570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd579 code=0x7ffc0000
[  428.525619][T11631] syz_tun: entered allmulticast mode
[  428.538701][T11633] netlink: 'syz.5.1570': attribute type 8 has an invalid length.
[  428.542643][T11624] syz_tun: left allmulticast mode
[  428.604330][T11640] input: syz1 as /devices/virtual/input/input34
[  428.960246][T11653] IPVS: Error connecting to the multicast addr
[  429.849874][  T842] usbhid 11-1:0.0: can't add hid device: -71
[  429.852009][  T842] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  429.857012][  T842] usb 11-1: USB disconnect, device number 28
[  430.595041][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  442.426789][T11690] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1576'.
[  442.558171][T11693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1578'.
[  442.592314][T11693] macvlan2: entered allmulticast mode
[  442.594819][T11693] veth1_vlan: entered allmulticast mode
[  442.685782][T11693] veth1_vlan: left allmulticast mode
[  442.814225][ T1142] ==================================================================
[  442.817041][ T1142] BUG: KASAN: slab-use-after-free in __linkwatch_run_queue+0x772/0x8a0
[  442.819481][ T1142] Read of size 1 at addr ffff88802726acc9 by task kworker/u32:6/1142
[  442.822692][ T1142] 
[  442.824496][ T1142] CPU: 0 UID: 0 PID: 1142 Comm: kworker/u32:6 Not tainted syzkaller #0 PREEMPT(full) 
[  442.824518][ T1142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  442.824530][ T1142] Workqueue: events_unbound linkwatch_event
[  442.824554][ T1142] Call Trace:
[  442.824560][ T1142]  <TASK>
[  442.824567][ T1142]  dump_stack_lvl+0x116/0x1f0
[  442.824589][ T1142]  print_report+0xcd/0x630
[  442.824609][ T1142]  ? __virt_addr_valid+0x81/0x610
[  442.824631][ T1142]  ? __phys_addr+0xe8/0x180
[  442.824649][ T1142]  ? __linkwatch_run_queue+0x772/0x8a0
[  442.824673][ T1142]  kasan_report+0xe0/0x110
[  442.824686][ T1142]  ? __linkwatch_run_queue+0x772/0x8a0
[  442.824701][ T1142]  __linkwatch_run_queue+0x772/0x8a0
[  442.824715][ T1142]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  442.824731][ T1142]  linkwatch_event+0x8f/0xc0
[  442.824744][ T1142]  ? __pfx_linkwatch_event+0x10/0x10
[  442.824757][ T1142]  ? rcu_is_watching+0x12/0xc0
[  442.824768][ T1142]  process_one_work+0x9cf/0x1b70
[  442.824787][ T1142]  ? __pfx_process_one_work+0x10/0x10
[  442.824804][ T1142]  ? assign_work+0x1a0/0x250
[  442.824819][ T1142]  worker_thread+0x6c8/0xf10
[  442.824837][ T1142]  ? __pfx_worker_thread+0x10/0x10
[  442.824853][ T1142]  kthread+0x3c5/0x780
[  442.824867][ T1142]  ? __pfx_kthread+0x10/0x10
[  442.824882][ T1142]  ? rcu_is_watching+0x12/0xc0
[  442.824892][ T1142]  ? __pfx_kthread+0x10/0x10
[  442.824907][ T1142]  ret_from_fork+0x675/0x7d0
[  442.824923][ T1142]  ? __pfx_kthread+0x10/0x10
[  442.824937][ T1142]  ret_from_fork_asm+0x1a/0x30
[  442.824955][ T1142]  </TASK>
[  442.824959][ T1142] 
[  442.883480][ T1142] Allocated by task 11693:
[  442.885283][ T1142]  kasan_save_stack+0x33/0x60
[  442.886886][ T1142]  kasan_save_track+0x14/0x30
[  442.888485][ T1142]  __kasan_kmalloc+0xaa/0xb0
[  442.890120][ T1142]  __kvmalloc_node_noprof+0x3a3/0x9c0
[  442.892036][ T1142]  alloc_netdev_mqs+0xd7/0x1550
[  442.893797][ T1142]  rtnl_create_link+0xc08/0xf90
[  442.895527][ T1142]  rtnl_newlink+0xb69/0x2000
[  442.897222][ T1142]  rtnetlink_rcv_msg+0x95e/0xe90
[  442.899197][ T1142]  netlink_rcv_skb+0x158/0x420
[  442.900977][ T1142]  netlink_unicast+0x5aa/0x870
[  442.902742][ T1142]  netlink_sendmsg+0x8c8/0xdd0
[  442.904600][ T1142]  ____sys_sendmsg+0xa98/0xc70
[  442.906484][ T1142]  ___sys_sendmsg+0x134/0x1d0
[  442.908465][ T1142]  __sys_sendmsg+0x16d/0x220
[  442.910319][ T1142]  __do_fast_syscall_32+0x7c/0x300
[  442.912162][ T1142]  do_fast_syscall_32+0x32/0x80
[  442.913893][ T1142]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  442.916125][ T1142] 
[  442.916994][ T1142] Freed by task 11693:
[  442.918569][ T1142]  kasan_save_stack+0x33/0x60
[  442.920444][ T1142]  kasan_save_track+0x14/0x30
[  442.922303][ T1142]  __kasan_save_free_info+0x3b/0x60
[  442.924188][ T1142]  __kasan_slab_free+0x5f/0x80
[  442.925733][ T1142]  kfree+0x2b8/0x6d0
[  442.926970][ T1142]  device_release+0xa4/0x240
[  442.928565][ T1142]  kobject_put+0x1e7/0x5a0
[  442.930059][ T1142]  netdev_run_todo+0x7e9/0x1320
[  442.931674][ T1142]  rtnl_newlink+0xe2a/0x2000
[  442.933346][ T1142]  rtnetlink_rcv_msg+0x95e/0xe90
[  442.935060][ T1142]  netlink_rcv_skb+0x158/0x420
[  442.936639][ T1142]  netlink_unicast+0x5aa/0x870
[  442.938203][ T1142]  netlink_sendmsg+0x8c8/0xdd0
[  442.939746][ T1142]  ____sys_sendmsg+0xa98/0xc70
[  442.941244][ T1142]  ___sys_sendmsg+0x134/0x1d0
[  442.942746][ T1142]  __sys_sendmsg+0x16d/0x220
[  442.944542][ T1142]  __do_fast_syscall_32+0x7c/0x300
[  442.946692][ T1142]  do_fast_syscall_32+0x32/0x80
[  442.948740][ T1142]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  442.951370][ T1142] 
[  442.952387][ T1142] The buggy address belongs to the object at ffff88802726a000
[  442.952387][ T1142]  which belongs to the cache kmalloc-cg-4k of size 4096
[  442.957444][ T1142] The buggy address is located 3273 bytes inside of
[  442.957444][ T1142]  freed 4096-byte region [ffff88802726a000, ffff88802726b000)
[  442.962476][ T1142] 
[  442.963509][ T1142] The buggy address belongs to the physical page:
[  442.966068][ T1142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27268
[  442.969274][ T1142] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  442.972603][ T1142] memcg:ffff8880235b9581
[  442.974243][ T1142] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  442.976977][ T1142] page_type: f5(slab)
[  442.978544][ T1142] raw: 00fff00000000040 ffff88801b44c280 dead000000000100 dead000000000122
[  442.982014][ T1142] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff8880235b9581
[  442.985458][ T1142] head: 00fff00000000040 ffff88801b44c280 dead000000000100 dead000000000122
[  442.988542][ T1142] head: 0000000000000000 0000000000040004 00000000f5000000 ffff8880235b9581
[  442.991486][ T1142] head: 00fff00000000003 ffffea00009c9a01 00000000ffffffff 00000000ffffffff
[  442.994150][ T1142] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  442.996847][ T1142] page dumped because: kasan: bad access detected
[  442.998843][ T1142] page_owner tracks the page as allocated
[  443.000613][ T1142] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5360, tgid 5360 (udevd), ts 28598816927, free_ts 28593862873
[  443.006904][ T1142]  post_alloc_hook+0x1c0/0x230
[  443.008415][ T1142]  get_page_from_freelist+0x10a3/0x3a30
[  443.010135][ T1142]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  443.011933][ T1142]  alloc_pages_mpol+0x1fb/0x550
[  443.013454][ T1142]  new_slab+0x24a/0x360
[  443.014794][ T1142]  ___slab_alloc+0xdae/0x1a60
[  443.016274][ T1142]  __slab_alloc.constprop.0+0x63/0x110
[  443.017995][ T1142]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  443.019670][ T1142]  seq_read_iter+0x830/0x12d0
[  443.021153][ T1142]  proc_reg_read_iter+0x11b/0x310
[  443.022751][ T1142]  vfs_read+0x8bf/0xcf0
[  443.024064][ T1142]  ksys_read+0x12a/0x250
[  443.025395][ T1142]  do_syscall_64+0xcd/0xfa0
[  443.026837][ T1142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.028677][ T1142] page last free pid 5365 tgid 5365 stack trace:
[  443.030645][ T1142]  __free_frozen_pages+0x7df/0x1160
[  443.032273][ T1142]  qlist_free_all+0x4d/0x120
[  443.033734][ T1142]  kasan_quarantine_reduce+0x195/0x1e0
[  443.035449][ T1142]  __kasan_slab_alloc+0x69/0x90
[  443.036975][ T1142]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  443.038825][ T1142]  __alloc_skb+0x2b2/0x380
[  443.040227][ T1142]  netlink_alloc_large_skb+0x69/0x140
[  443.041907][ T1142]  netlink_sendmsg+0x698/0xdd0
[  443.043414][ T1142]  ____sys_sendmsg+0xa98/0xc70
[  443.044935][ T1142]  ___sys_sendmsg+0x134/0x1d0
[  443.046413][ T1142]  __sys_sendmsg+0x16d/0x220
[  443.047859][ T1142]  do_syscall_64+0xcd/0xfa0
[  443.049277][ T1142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.051128][ T1142] 
[  443.051892][ T1142] Memory state around the buggy address:
[  443.053577][ T1142]  ffff88802726ab80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.055966][ T1142]  ffff88802726ac00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.058389][ T1142] >ffff88802726ac80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.060781][ T1142]                                               ^
[  443.062716][ T1142]  ffff88802726ad00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.065108][ T1142]  ffff88802726ad80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  443.067442][ T1142] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  443.126368][ T1142] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  443.128793][ T1142] CPU: 0 UID: 0 PID: 1142 Comm: kworker/u32:6 Not tainted syzkaller #0 PREEMPT(full) 
[  443.131575][ T1142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  443.134733][ T1142] Workqueue: events_unbound linkwatch_event
[  443.136483][ T1142] Call Trace:
[  443.137484][ T1142]  <TASK>
[  443.138394][ T1142]  dump_stack_lvl+0x3d/0x1f0
[  443.139830][ T1142]  vpanic+0x640/0x6f0
[  443.141055][ T1142]  panic+0xca/0xd0
[  443.142220][ T1142]  ? __pfx_panic+0x10/0x10
[  443.143589][ T1142]  ? __linkwatch_run_queue+0x772/0x8a0
[  443.145273][ T1142]  ? preempt_schedule_common+0x44/0xc0
[  443.146948][ T1142]  ? preempt_schedule_thunk+0x16/0x30
[  443.148571][ T1142]  ? check_panic_on_warn+0x1f/0xb0
[  443.150121][ T1142]  check_panic_on_warn+0xab/0xb0
[  443.151677][ T1142]  end_report+0x107/0x170
[  443.153033][ T1142]  kasan_report+0xee/0x110
[  443.154452][ T1142]  ? __linkwatch_run_queue+0x772/0x8a0
[  443.156155][ T1142]  __linkwatch_run_queue+0x772/0x8a0
[  443.157821][ T1142]  ? __pfx___linkwatch_run_queue+0x10/0x10
[  443.159648][ T1142]  linkwatch_event+0x8f/0xc0
[  443.161109][ T1142]  ? __pfx_linkwatch_event+0x10/0x10
[  443.162728][ T1142]  ? rcu_is_watching+0x12/0xc0
[  443.164190][ T1142]  process_one_work+0x9cf/0x1b70
[  443.165749][ T1142]  ? __pfx_process_one_work+0x10/0x10
[  443.167400][ T1142]  ? assign_work+0x1a0/0x250
[  443.168822][ T1142]  worker_thread+0x6c8/0xf10
[  443.170284][ T1142]  ? __pfx_worker_thread+0x10/0x10
[  443.171861][ T1142]  kthread+0x3c5/0x780
[  443.173096][ T1142]  ? __pfx_kthread+0x10/0x10
[  443.174624][ T1142]  ? rcu_is_watching+0x12/0xc0
[  443.176062][ T1142]  ? __pfx_kthread+0x10/0x10
[  443.177459][ T1142]  ret_from_fork+0x675/0x7d0
[  443.178899][ T1142]  ? __pfx_kthread+0x10/0x10
[  443.180286][ T1142]  ret_from_fork_asm+0x1a/0x30
[  443.181748][ T1142]  </TASK>
[  443.183348][ T1142] Kernel Offset: disabled
[  443.184672][ T1142] Rebooting in 86400 seconds..

VM DIAGNOSIS:
00:29:18  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85267f35 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc90006ae75b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3237323038386552
R12=0000000000000000 R13=000000000000006b R14=ffffffff9adc5da0 R15=ffffffff85267ed0
RIP=ffffffff85267f5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809780d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080285000 CR3=000000004b448000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=00000e94 EBX=ffffffff ECX=84a0aeca EDX=00008334
ESI=f7465080 EDI=f689d008 EBP=f7f95610 ESP=ffc78b10
EIP=f70de8d9 EFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 56bd4440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 0004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73b46bc CR3=000000004b448000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffffffff9ab0da88 RCX=ffffc9000047fd2c RDX=0000000000000001
RSI=ffffffff8da02ac4 RDI=ffffffff8bf075c0 RBP=ffffffff90827234 RSP=ffffc9000047fd20
R8 =09660ff7f9043d6f R9 =0000000000000001 R10=0000000000000000 R11=0000000000000001
R12=ffffffff81ad6745 R13=0000000000000002 R14=ffff88801dad4900 R15=0000000000000002
RIP=ffffffff81985fa0 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000803c3000 CR3=000000005b6fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000001cf RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000000005
RSI=0000000000000001 RDI=ffff88802777d458 RBP=ffff88802777c900 RSP=ffffc900037f7698
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000028 R11=0000000000000001
R12=ffff88802777d430 R13=ffff88802777d458 R14=0000000000000000 R15=0000000000000001
RIP=ffffffff819842d6 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097b0d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080463000 CR3=000000005b6fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000