last executing test programs:

1m21.074823373s ago: executing program 1 (id=516):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1e, 0x1, 0x0, 0x0, {0x2}, [@NDA_DST_MAC={0xa, 0x1, @random="a1742a0ec923"}]}, 0x28}}, 0x0)
r3 = socket(0x1d, 0x2, 0x6)
getsockname$packet(r3, 0x0, &(0x7f0000000380))
r4 = dup(r1)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r6, &(0x7f0000000140), 0x4924b68, 0x0)
r7 = dup(r5)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x28011, r4, 0x0)
madvise(&(0x7f000025c000/0x6000)=nil, 0x6000, 0x9)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r8 = openat$ttynull(0xffffff9c, &(0x7f0000000100), 0x100, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0xc0c4}, 0x10)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x8}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}}, 0x0)
ioctl$TIOCGSID(r8, 0x5429, &(0x7f0000000040)=<r10=>0x0)
r11 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r11, 0x8983, &(0x7f0000000240))
syz_open_dev$sndmidi(&(0x7f00000002c0), 0x5, 0x0)
capget(&(0x7f0000000080)={0x20080522, r10}, &(0x7f00000000c0)={0x9, 0x6b, 0x7fffffff, 0x1, 0xe, 0x2840})

1m20.652869339s ago: executing program 1 (id=519):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x206, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x50, 0x2, 0x1, "b43d70dde5dbbbe40f00f401bbe6c9000000c67f00", 0x30324c4a})
r1 = open(&(0x7f0000000780)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r1, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000040)='4', 0xf4240}], 0xb, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448dd, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsopen(&(0x7f0000000300)='bfs\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xf0, 0xb, 0x0, &(0x7f00000002c0)="00001a000000002ac7b04b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfd}, 0x4c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r8)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r9)
sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x44, r10, 0x1, 0x4000000, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x1c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0xc, 0x5, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}]}]}, 0x44}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)

1m19.556281738s ago: executing program 1 (id=527):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$vicodec0(0xffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc0185648, &(0x7f0000000080)={0x980000, 0x1, 0x0, 0xffffffffffffffff, 0xe7, &(0x7f00000000c0)={0x98f909, 0xffffffed, '\x00', @p_u16=&(0x7f00000010c0)=0xa5b}})

1m19.463114864s ago: executing program 1 (id=528):
mkdir(&(0x7f0000000040)='./file0\x00', 0x1e0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
modify_ldt$write(0x1, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x2000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000640)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000680)='./file7\x00', 0x0)

1m19.148656202s ago: executing program 1 (id=530):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newlink={0x34, 0x10, 0x801, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, 0x8028}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x5b4efbb362ec214f}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)={0x3})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=ANY=[], 0x18}}, 0x20000000)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000500)="b8010000000f01c10f22a10f20e035800000000f22e066ba610066b80a0066ef66b832000f00d0b8010000000f01c166ba4300b0beee0f793c1e2e643e2e3e650f79288fc878c15b0e3f", 0x4a}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m18.929582697s ago: executing program 1 (id=538):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, 0x0, 0x0, 0x20008000)

1m18.863534622s ago: executing program 32 (id=538):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, 0x0, 0x0, 0x20008000)

1m16.652524192s ago: executing program 3 (id=555):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="050000007f000000f00e000080000000000009", @ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32], 0x50)
socket$kcm(0x10, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000340)={0x1d, r5, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x4, &(0x7f0000000180)=0x1, 0x4)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000900)=@newtfilter={0xbf4, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0x2}, {0x2, 0x1}, {0xfff2, 0xd}}, [@filter_kind_options=@f_matchall={{0xd}, {0xbb8, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0x8}}, @TCA_MATCHALL_ACT={0xa64, 0x2, [@m_police={0x8f4, 0x19, 0x0, 0x0, {{0xb}, {0x890, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8, 0x5, 0x6}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}, @TCA_POLICE_RATE64={0xc, 0x8, 0x80000001}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0xc}, @TCA_POLICE_RESULT={0x8, 0x5, 0x80000001}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3ff}, @TCA_POLICE_RATE={0x404, 0x2, [0xa, 0x7, 0x9d, 0x0, 0x1, 0x6, 0xfffffff9, 0x9, 0x7, 0x6, 0x10001, 0xc6, 0x6, 0x853, 0x7, 0x6, 0x7, 0x8, 0x462a62d5, 0x7, 0x9, 0x1000, 0x7, 0x3, 0x8, 0x5, 0x7, 0x101, 0x8, 0x81, 0x7, 0x10, 0x2, 0x9, 0x0, 0xffffffc0, 0x10000, 0x1, 0x70000, 0xfa, 0x1, 0x8, 0x8, 0x7, 0x9, 0x4, 0xfffffff9, 0x1, 0xc, 0xa6, 0x7, 0x0, 0x101, 0x7, 0x2, 0x6, 0x4, 0x7, 0x3, 0x3, 0xf01, 0x9, 0x2, 0x4, 0xcf9, 0xfffffffb, 0x3, 0x80000000, 0x10000, 0x8, 0x4, 0x9, 0xee, 0xf44, 0x0, 0x4, 0x1, 0x7d92, 0x4, 0xb54, 0xa0000, 0x1, 0x6, 0x7, 0x100, 0x5, 0x6, 0x6, 0x10001, 0xecdd, 0x9, 0x400, 0x6, 0x3, 0x8, 0xed5d, 0x5, 0x7, 0x1, 0x4, 0x959f, 0x6, 0x8, 0x3938, 0x9, 0xa6c1, 0x93, 0x2, 0xfd21, 0x8, 0x8, 0x0, 0x9, 0x8, 0x3, 0xb, 0xa, 0x6, 0xede3, 0x3, 0x1, 0x3, 0xc7, 0x5, 0x101, 0x40, 0x2, 0xffffffff, 0x0, 0x9, 0x2, 0x5, 0xf80000, 0x30f, 0x3, 0x7, 0x5, 0x1, 0x67d, 0x9094, 0x80000001, 0x2, 0x2, 0x8, 0x90, 0x0, 0x1, 0x3, 0x5, 0x3, 0x8, 0x597, 0xffffff04, 0x8, 0x3ff, 0x1, 0x7fff, 0x7, 0x1, 0x10001, 0x8001, 0x8, 0x5, 0x4, 0xf, 0xfffffff8, 0x9ad, 0x100, 0x1, 0x62, 0x4, 0x4, 0x3, 0x3ff, 0x6, 0x1, 0x5, 0x1000, 0x6, 0x8000, 0x4, 0x5, 0x2, 0x1, 0x9, 0x3ff, 0xc975, 0xf31, 0x5, 0x9515, 0xfffffff8, 0xe26, 0x2, 0x8, 0x6, 0x4, 0x8, 0x8, 0x4, 0x200, 0x4, 0xac, 0x2, 0x6, 0xffffffff, 0x1000, 0x8, 0x10, 0x1f7, 0xffffff80, 0x1, 0x81, 0x7fff, 0x8, 0xffff0288, 0x536, 0x7, 0x7, 0x3, 0xd4, 0x7, 0x100, 0x0, 0xc39, 0x5, 0xfffffffa, 0x8, 0x5, 0x2, 0x0, 0xfffffffd, 0x7f, 0xfffffffa, 0x38f, 0xfa2, 0x134b, 0x2, 0xa56, 0x1, 0x3, 0x0, 0x81, 0x30a, 0x1, 0x5, 0x6, 0x1, 0x99, 0x2000, 0x6, 0x121, 0xa, 0xff, 0x4, 0x7ff, 0x4]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x1}], [@TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RATE64={0xc, 0x8, 0x6}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0xffff7fff, 0x6c1, 0x27, 0x8, 0x8, 0x0, 0x7, 0x9, 0x7, 0x0, 0xa44, 0x1, 0x1, 0x10001, 0x8001, 0x100, 0x1000, 0x6, 0x0, 0x2, 0x7fffffff, 0x7ff, 0x4, 0xffffffff, 0x5, 0x2b6, 0x9, 0xc, 0x80006, 0x9, 0x40, 0x8, 0x0, 0x41331768, 0x81, 0xa70, 0xd5, 0x4, 0x0, 0x2, 0x2, 0x1, 0x1ebb15e0, 0x3, 0xf, 0x9, 0x8, 0x6, 0x6, 0x4, 0x6, 0x7, 0x9, 0x1000, 0xa58e, 0x8000, 0xb35, 0x80, 0x9, 0x80000001, 0x3, 0x2, 0xb, 0x5, 0xc883, 0x3ff, 0x1000, 0xffffff7f, 0x6, 0x0, 0x0, 0x8dac, 0x3, 0x8, 0x6, 0x800, 0x7ff, 0x1, 0x9244, 0x20ac, 0x100, 0x2, 0x4, 0x101, 0xfffffffc, 0x4, 0x8000, 0x3, 0xd5, 0x800, 0x3, 0x4, 0x1, 0x5, 0x2000, 0x1000, 0x6, 0x3, 0x7, 0x6, 0x5, 0xffff66c4, 0x0, 0xed, 0x80000000, 0x9, 0x5, 0x0, 0xa, 0x5, 0x5, 0x5, 0xfffffc65, 0x8, 0x1ff, 0x9a, 0x7, 0x0, 0x100, 0x8001, 0x200, 0x0, 0x0, 0x9, 0x98, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x7, 0x4, 0x401, 0xaa, 0x7, 0x22, 0x7f, 0x3a619444, 0x3, 0x9d59, 0x8001, 0x9, 0xffff, 0x18f8, 0x8, 0x4, 0x40, 0x4, 0x6b418000, 0x3, 0x5, 0x0, 0x7, 0x80000000, 0x80000001, 0x5, 0x8001, 0x7ff, 0x6, 0x2, 0x5, 0xffffffff, 0xfffffffa, 0x1, 0x7f, 0x516b, 0x7, 0xfffffff7, 0x8, 0x0, 0x867, 0x7, 0x9, 0x9, 0x8, 0x8, 0x4, 0x3, 0x9, 0x6, 0x8001, 0x73c, 0x9, 0x8, 0x8, 0x5, 0x8, 0x7, 0xffffffff, 0x8c, 0xff, 0x1ff, 0x1ff, 0x8, 0x100, 0x0, 0x4d, 0x4, 0x4, 0x9, 0x0, 0x5, 0x8, 0x3, 0x8000, 0x2, 0x0, 0x0, 0x6, 0x10, 0x3, 0x2, 0x10000, 0xffffffff, 0x6, 0x9, 0x7fffffff, 0x0, 0x6, 0x0, 0xa4, 0xffffffff, 0x8bcc, 0x8, 0xffff, 0x8, 0x7fff, 0xf897, 0x2, 0x81, 0x7, 0x7fffffff, 0x1, 0xc52, 0xfffffff2, 0x5, 0x4d, 0x3, 0x8, 0x0, 0xb, 0xffffffff, 0x2, 0x6, 0x4, 0x7, 0x8000, 0x1, 0xffff7df0, 0x4, 0x10000, 0x4, 0x8, 0xc]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xb}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}]]}, {0x3a, 0x6, "41c16f40f7e1e9bd35503a44afb89f76b99a6dafc5b57575bfae1fcb4fbcfb4f152b351cbc8ed55eb2d1a68065b75e2b2a4862e72301"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_vlan={0xc0, 0x2, 0x0, 0x0, {{0x9}, {0x48, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x7ff, 0x10, 0x6, 0x3, 0x100}, 0x3}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x3f2}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x3}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0x50, 0x6, "0d8f43602472d59864ad4eb198c38eddfad3275a057c91486203b6d4f08431bff34d58c100f93bf521f62f73f6455f3eb2163870e56698012d9eda30a7b78078e909ddadea28406256104d2c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_sample={0xac, 0x7, 0x0, 0x0, {{0xb}, {0x4}, {0x7e, 0x6, "2cc259ccf4610087688014f9b99d768e1d799f4b658bb3afa9e62e6fadb5d85eb33a5a477c42587d197ac4e3a73e345b0399328e90f54a6d07b3ed26a29073045a083d2a925bf693ea34b96a26fe8000c97cd9abfd15b7bd3ef4d076b7dd271a87111d34020f718667f3ee941ddc65440e892064d90784bb583a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}, @TCA_MATCHALL_ACT={0x140, 0x2, [@m_tunnel_key={0x13c, 0x20, 0x0, 0x0, {{0xf}, {0x14, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e22}]}, {0xfc, 0x6, "2310c9b8919f69c6426e63fd74521cb9e8d1a740b928b4d75680ef56461c5713475897df086c1712a38c53a064b06f2519559524187ccd7d9c2dd1193a9c42ace421b80ea84e3f1416bdc3af3d3bcdc590c1e8dd9bdd630176f8a193e5946e606723cb23b84ba03545571f6195e98ecc654658d8c14a1b65c349b10425567b6a01c1268358457b4bd92d61d10d12095c2a17645a73197309e1723ffc165de077409c9f0a5206b66b82ba14c2e2d68a17d61cc15d25c020f6889b4fce70f918482117a4b3603f82633a4266f38cbdab0c84a31d3269043b327de2c8c2d7463045cc0194979d25b1d9f1bb45c0e1f66d522c39f232c3fb812e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0x3}}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0xbf4}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x40840)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0xfffe, 0x7fffffff, @local, 0x9}, 0x1c)
sendmsg(0xffffffffffffffff, 0x0, 0xd)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)

1m15.549148674s ago: executing program 3 (id=557):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002480)=@newtfilter={0xa68, 0x28, 0x200, 0x70bd2b, 0x4, {0x0, 0x0, 0x0, r3, {0xe}, {0x6}, {0xfff1, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x1}}, @filter_kind_options=@f_flower={{0xb}, {0x50, 0x2, [@TCA_FLOWER_KEY_ARP_THA={0xa}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK={0x5}, @TCA_FLOWER_KEY_TCP_FLAGS={0x6}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0x0, 0xff, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ICMPV4_TYPE={0x5, 0x33, 0x2}, @TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0x0, 0x0, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}]}}, @TCA_CHAIN={0x8, 0xb, 0xffff8000}, @TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @TCA_RATE={0x6, 0x5, {0x6, 0x40}}, @filter_kind_options=@f_cgroup={{0xb}, {0x9ac, 0x2, [@TCA_CGROUP_EMATCHES={0x4dc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x88, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x3, 0x2, 0x4}, {0x4, 0xa, 0x0, "a8c8c425804df24c5bf4"}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x8}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x0, 0x1}}}}, @TCF_EM_IPT={0x3c, 0x1, 0x0, 0x0, {{0x9, 0x9, 0x8000}, [@TCA_EM_IPT_MATCH_DATA={0x2f, 0x5, "11a9c3627b33693c5d4955fbac4f47d45c136b768cc70670f4b7cc887532ddfd2a9c4832f253377d6981e0"}]}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x401, 0x1, 0x6c}, {0x2, 0x9, 0x9, 0x1, 0xc, 0x0, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0x1bc, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x38, 0x3, 0x0, 0x0, {{0x8000, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xf}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xcc, 0x2, 0x7}, {0xf, 0x3, 0x1, "c53646"}}}, @TCF_EM_CONTAINER={0x94, 0x3, 0x0, 0x0, {{0xa, 0x0, 0x9}, "4df6f634484d59066c1cc791a1a537af7f62a2b7c7671bc565a62bb74bfc7bc9d524bd867bb11e99b691063631c2e1b2bea60982bb5756285c53d0ceade6493b8f0305e6eee30e95dc15db210ecd1a087e943dc633f72ff7458c7ad162a18f11f5f94be82f4d4695ac2360bc4c563cd4e005d7591f68e68da8940ebbab7b3f12f0cbbf6d1dd069"}}, @TCF_EM_META={0xbc, 0x1, 0x0, 0x0, {{0x81}, [@TCA_EM_META_RVALUE={0x1e, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="ac697de8fead449a50eb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xc, 0x2, 0x2}, {0x3, 0xfa}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_VAR="05d3e38ba9702e106b", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x10, 0x0, 0x3}, {0x9, 0x7}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x2}, {0x9, 0x2}}}, @TCA_EM_META_LVALUE={0x37, 0x2, [@TCF_META_TYPE_VAR="a8bc98b9199c04ae", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="8cdd34547cf8b6c429", @TCF_META_TYPE_VAR="1de73a0fcc", @TCF_META_TYPE_VAR="036a4343c90a", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="df9d9aa24452d3bd", @TCF_META_TYPE_VAR="38f63ce1c186fc"]}]}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x9, 0x3, 0x8}, {0x80, 0x7, 0xffffffff, 0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x278, 0x2, 0x0, 0x1, [@TCF_EM_META={0x4c, 0x3, 0x0, 0x0, {{0x5, 0x4, 0x1928}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x6, 0xdf, 0x2}, {0x0, 0x3, 0x2}}}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="d923", @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x1e, 0x2, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="cf061aac0b652529", @TCF_META_TYPE_VAR="1958"]}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x2, 0x3, 0x9}, {0xeaf7, 0x7400, 0x7, 0xffffffff}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x7, 0x2, 0xff85}, {0x0, 0x5, 0x0, "abc1035c58"}}}, @TCF_EM_IPT={0x1ac, 0x2, 0x0, 0x0, {{0x2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0xdd, 0x5, "6ef8ca88c18b936ce9bbc88fc712fca987693405bc31e05b55a18c656201ef584dfe861a27b54722668f5c98126b2f6da019469ceac31f9bc36c468393e4f83205b1c7c9fef4c738141298741dabc408d685f4372007108c86a7f207cc953c35b460716b7179b438cdd7e3002955da14b7da1e0ff68e2b4e5c62fd094465eea678bff70e769a8edf790410f957ce68a50328d6b38fc3a56683be451e2df295c392f3340d8dc8c0c90edda60b577b96c7d95d6a5b006c06db10a5809b32a4725ca3708c4a69dcde98d9d1ef2f9c9d2cf2a32d4dfb557918de6e"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x5}, @TCA_EM_IPT_MATCH_DATA={0x8b, 0x5, "e1986d0bb4cfb86ebfec333252691f45abdc6492b5165177279cdd457a6be450466eba294baeb95b86e68a1e3a51ae8088ce8291c804bea5d7b91d776b29b91999fd35a4d21690c2fc568f5173d5e1ecdb1f2daa4d68b3cfcaf837b122932ff6f34fd29b946b26a9e76609271a89e1f793c9623f55c25922fd0de01a5b35e73d52b17b6f090279"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}]}}, @TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x4, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xa00, 0x2, 0x9}, {0x6, 0x4, 0x0, "ad7fcffd"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}]}, @TCA_CGROUP_EMATCHES={0x4cc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x84, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0x3}, {0xa, 0x1, 0x9, 0xeb}}}, @TCF_EM_CONTAINER={0x50, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x1ff}, "5b4dbdee12b425bea73338a35bece705880c855a31f28274c87c8d3dc2c2bf73ae269cdfaf186163a668d031519a0ee44c693c4c3556c8a257b1b16ffc94fa42107d0aa3"}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xe, 0x2, 0x8000}, {0x6b3b, 0x3, 0x2, "133f7d"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x9}, {0x4, 0x1, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x208, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x100, 0x8, 0x8}, {0x0, 0x5, 0x2}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0x3ff}, {0x8, 0x0, 0x7, 0x4, 0xc, 0x2, 0x2}}}, @TCF_EM_CONTAINER={0xa0, 0x3, 0x0, 0x0, {{0x4, 0x0, 0x171}, "ccf20bcfc61ecc60fd886b8d73ff24fb291607d985e02a13372e3d06ce10f3ac0581dc139ebd454a97d10b66bef89e1ca64eefb5bab13bc225faa586395bbeefdc4a50d964b945b5f9149344feb84bbeb24e8f28c6150cc83b284c665a3f7dd24bbf6260b4212368e5b07467b7afea9ceb96ad829c472879112ff3c46ddc63084f38847d1d84ef9bd20ea9abd03f4014676209"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x0, 0x7, 0x1}, {{0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x34, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x401}, "bf70ef435131d426f798949465848b0f3570937af9b2ed6522ff2823d63eda127e65b8fe6d"}}, @TCF_EM_META={0x78, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x32, 0x2, [@TCF_META_TYPE_VAR="29edd399", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="94cd2631a6c4b9", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="3eaf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="3d4ae92b7b14bd4972"]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x1, 0x1}, {0xd, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0xb, 0x1}, {0x7, 0x2, 0x1}}}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="6ac8", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_IPT={0x30, 0x2, 0x0, 0x0, {{0x8001, 0x9, 0x6}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPT={0x20, 0x3, 0x0, 0x0, {{0x1915, 0x9, 0xfc41}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x515}, {0xffffffffffffffff, 0x4, 0x3}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x8}, {0x5, 0xd0c, 0xfffffff7, 0x412fa7df}}}]}, @TCA_EMATCH_TREE_LIST={0x144, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x2, 0x7, 0xfff7}, {{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x8c, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x8}, "bb85341d0b52fc2059741bf64f398e72eb1de3d74c7d38ca14a76251a341379d9d670e86e44c4c70b6a9fae7ecd0e6f20a58f4d976312207ab90293bdf8cb70c0c935d5074375f2f854b3b9297e620ff8efd7834a5c777751362206d5814a7f62191ed98f0fe363c81d5f60b098c2efa05c4a89cf715a648937705be583b"}}, @TCF_EM_META={0xa0, 0x1, 0x0, 0x0, {{0xfff0, 0x4, 0xb27}, [@TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="c2d09d", @TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_RVALUE={0xe, 0x3, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="023a04", @TCF_META_TYPE_VAR="cc6dda", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="490252b7b701d6"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xc3}, {0x28, 0xac}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff, 0x1}, {0x4, 0x8}}}, @TCA_EM_META_LVALUE={0x2a, 0x2, [@TCF_META_TYPE_VAR="b0cb0a", @TCF_META_TYPE_VAR="7f51b022b4a315194e0f", @TCF_META_TYPE_VAR="309b", @TCF_META_TYPE_VAR="3ed9a96e452e5ff2", @TCF_META_TYPE_VAR="ad679f", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_VAR="e61e", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="e3284da522"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0xc, 0x2}, {0x3, 0x4, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0xbc, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x100, 0x7, 0xffff}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x7ff, 0x3, 0x101}, {0x5, 0xffffffff, 0x10001, 0x6}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xe4, 0x8, 0x3}, {0x0, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x7f, 0x8, 0x6}, {0x4, 0x6, 0x3}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xd, 0x1, 0x4}, {0xf, 0xfffffffd, 0x1, 0x6, 0xa, 0x1, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1ff, 0x3, 0x1}, {0x5, 0x3, 0x9, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8, 0x1, 0x81}, {0x3, 0x9, 0x7, 0x1, 0x5, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x8, 0x3, 0x10f}, {0x5, 0x30d, 0x8}}}]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0xa68}, 0x1, 0x0, 0x0, 0x898}, 0x44)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000002340)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mount(&(0x7f0000000080)=@sr0, &(0x7f0000000180)='./cgroup\x00', &(0x7f00000001c0)='btrfs\x00', 0xa00001, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe4)
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
chown(&(0x7f0000000000)='./cgroup\x00', r9, r10)

1m13.95042244s ago: executing program 3 (id=560):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000f40)=""/4089, 0x1a, 0xff9, 0xa, 0x7ff, 0x0, @void, @value}, 0x28)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x3a, 0x20000000)
keyctl$KEYCTL_MOVE(0xc, 0x0, 0xfffffffffffffffe, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000500)=ANY=[@ANYBLOB="0100000000000000030000000500000000000000000500000800000000ffffffffffffff"])
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000140)=0x2998, 0x4)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0x2279, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r5, 0x80044d10, &(0x7f0000000000))
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000000c0)=0x40f4, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xc}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1m13.761867649s ago: executing program 3 (id=563):
mkdir(&(0x7f0000000040)='./file0\x00', 0x1e0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
modify_ldt$write(0x1, &(0x7f0000000140)={0x7, 0xffffffffffffffff, 0x2000, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000640)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000680)='./file7\x00', 0x0)

1m13.574892894s ago: executing program 3 (id=564):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) (async)
listen(r0, 0x1ff) (async)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x80)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000100)={0xfe, 0x4, 0xa, 0x0})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000001380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001340)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELRULE={0x124, 0x8, 0xa, 0x3, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_RULE_USERDATA={0x67, 0x7, 0x1, 0x0, "4d8e68827e21c69ae2a50956ae5593712ed909cf42ace9dd7d3a76698bb6c95cb609bf952bfc57e37b2b8b7b5cc4f4d3bcd84200b8142de1e14f8f1e3f908425bd4ac2971c43a600c1929662becf5f018348ff9bc14198ffb68014b3eacfd3cd3121fd"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x8e, 0x7, 0x1, 0x0, "28045d198c177590641a92be2eb11d6ceac095a1838b361fe0c37f8a67d9542b2e954117520726d2f56fe6ab8bd2abac028c4a813dd5f1dcae05db22895a36597ac3e3f692f764c3d3993ccf1537fae8520ee392f328534b1e594a209f83d24d3b12c9427455b1e22a276cb6678405d3ef10c11793d65bb9852a9dbbe6b25d753be3fc3ad1fe348e5f25"}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_POLICY={0x8}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x5}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0xfffffffffffffff8}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x4}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0xf1f}]}, @NFT_MSG_NEWFLOWTABLE={0x188, 0x16, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_FLOWTABLE_HOOK={0x174, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'erspan0\x00'}, {0x14, 0x1, 'virt_wifi0\x00'}, {0x14, 0x1, 'bridge_slave_1\x00'}, {0x14, 0x1, 'veth0_to_team\x00'}, {0x14, 0x1, 'nicvf0\x00'}, {0x14, 0x1, 'vcan0\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'rose0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_virt_wifi\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}, {0x14, 0x1, 'lo\x00'}, {0x14, 0x1, 'team0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ipvlan0\x00'}]}]}]}, @NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}}, @NFT_MSG_NEWSETELEM={0x454, 0xc, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x424, 0x3, 0x0, 0x1, [{0x17c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0xb8, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x28, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x7ff}, @NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0xfffffc01}]}}}, {0x5c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x41}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x11}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0xa}]}}}]}, @NFTA_SET_ELEM_USERDATA={0xbe, 0x6, 0x1, 0x0, "718a5d115930f4fa95f79a05162844e65a4f6070043cecaa37e7402efc39132d19d7b7d116429ee9d8ccccb791b92b7781da07de1a094943594740f36f03063af5276bff0ab654e90b1a0e9cc0480cc6ade1d1d39341e6b1424a8aaa03892d44172b43da01d5995327080d171869de517412b7f6a1e21f300a6639b8d9c1a5089f063e87d909bbc6881bc8b45eb546f69739bd13889369dada920c2def61a264ea6fa2a54486710adff69365a0b2dedda840e76a2273d0e12025"}]}, {0x2a4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x140, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x33, 0x1, "b48f5d243a3aa4b8667933c6579eb92b4d2ecdb4fb7bce204dfa59fa1d394eb7e934d34903e81005a8f0f2ed77bea0"}, @NFTA_DATA_VALUE={0x6d, 0x1, "c42c0942efa4005746e80825d0858408a9a8382e0f3221feaee47ed5b9a4d5a3daf058421b1c0390f4a7cc4b1bbc2e3dc36e91262cbaa9c995066d3194faa2e1d5ec31dbd86eacd7ec2df696667ae20b5ce4adb761e6e915b1336fa9c8f8db11551d2718f44dc9bae0"}, @NFTA_DATA_VALUE={0x4d, 0x1, "74ce4e4af779293d9584eca02c294aedbd183db4c72ffe1cd3467c0145d47998126925d7e7b73ba428a1cddf82e3abd18ff267db428844987fc3e770933f0fd3b26b32c7c26524bf9d"}, @NFTA_DATA_VALUE={0x46, 0x1, "9b547719546b0ae2406c8da65642651da37048826a2f49c12392ffdfacded05e7a2ce9efabed7658893fdd247fec8d4da92260cafa95649d8c9893f153a7467ed932"}]}, @NFTA_SET_ELEM_DATA={0x148, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x9b, 0x1, "1132d912b5f2e7c3f87eaadb223581e623804d897795e6336c6b33d362f62476ed3e156a59f51a9d2cf255107b318a61dc59e48f672c4665a729f8310a8e406ce61ecc7fb327679cfb7e474d529df9812e3c0fc9e160ddef7c28ec44fa6ee1286a3ebf93e1287e610d7343ae39be1d16a799632a78710761771151e10eabc68b8904f517a44ed2692b480905faed50c6449e1bba8c816d"}, @NFTA_DATA_VALUE={0xa8, 0x1, "325721c88efdb96d4f3b73a2f06a166c1205ce21d5899a7eb5f5600bd991689a9f5ec828bdee50b26de0f8a5df1d9a370d70c5874ccc575c490a2772ce4f00ab6c089b7366eb262f8b9f36a184b0169cc7718e59c61f5ad612c26c5f7fd44031dc1a625e873c123ed2d8b942ff853ac5b15f33793258c015c4544e35bf8f6b1c0364367681a487c41c4e4cac9f328a711b2172a4baf210e52816689785ec724acae87396"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0xa}, @NFT_OBJECT_TUNNEL=@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}}, @NFT_MSG_NEWRULE={0x8dc, 0x6, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x89c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, {0xfc, 0x1, 0x0, 0x1, @match={{0xa}, @val={0xec, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x9, 0x1, 'icmp\x00'}, @NFTA_MATCH_NAME={0xc, 0x1, 'pkttype\x00'}, @NFTA_MATCH_INFO={0xbd, 0x3, "24f7960e674a0b1ffe69cc00edd9351626ec863f8af173aaac69f021a728a3fbf0e0b40fb59a00e5dec08120f1deae7378a1784b8b7e1e377b199666e1bee61d2fd9843704cd699ad2c609d984d2833e71c960b2b049a0229189582643c42540f1c86c08a19996d6c808972e8397f7e3226afcb04306d4fcd171b3c73cc305297167969b0e00f2641570b022abcd351185063b1e90ba1489d50e53dc8934a9f5a65c534286811b29a7282ba42929367ba1d31521c99f9e3d38"}, @NFTA_MATCH_REV={0x8}, @NFTA_MATCH_REV={0x8}]}}}, {0x1c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}, {0x54, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x3b}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x17}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0xe}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x10}, @NFTA_MASQ_REG_PROTO_MAX={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x5}]}}}, {0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}, {0x30, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_RT_KEY={0x8}, @NFTA_RT_KEY={0x8}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xb}]}}}, {0x690, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x680, 0x2, 0x0, 0x1, [@NFTA_INNER_EXPR={0x2e4, 0x5, 0x0, 0x1, @immediate={{0xe}, @val={0x2d0, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0xe4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xdd, 0x1, "db3f6b7d79d9e9b9a198a4384c974a43260154fda66aa5aabdf4c80389f995e8075f966ff00631a04585bdeea0d81764ff6ba7ff24a2456ff754701e06c4160822473a30ffb81aac277b81240afbc6e354fceb21005f5a97632e9e50f2e31c540dc21db84e69af3e7f40d46d7ddf19c94f247e73a0bcaab9458e3aebab314c36bf78df79ea9be7e4139a1ec217a614d4ddd2e28f533a2a94b1aef04cfa83d6848ce83042a871f98b4df42050459d64f8556de488a8431b748ad85f51b21a4e18e45ac51f11796f1fd2a02c0eeecb90d443aeb331059d4fc65f"}]}, @NFTA_IMMEDIATE_DATA={0x12c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc7, 0x1, "f2a84edfa3f44a70dcf25f6ff1124501b7ef0569133fa414d0e71d3a88b020ce2ad144c8abad26615d1f528ea2e4d69a0111d0ccdb0c94557b526c471598b51b39696fce1b258b631189ebfafd7810b91abe3b43254bc1db7f5beda13a0dbe8488584c3a1653a7b3a487e040b04b72df5a28ee954dfb91a3eea99a041b0255a9277893dd444446f32be8da96c2664a8c65013cea32856d17d43ef60df91d59cb1ef8420e7fef45bdecc21e4f90bfcd0cf41724cf2b9286c9d53ae29d3565c7423ba0b3"}, @NFTA_DATA_VALUE={0x5e, 0x1, "3a2d2ad0c4761cc7701d977f2f08ce06464c9a90c6df1300a76e32995d8c711a4102d966de961e6d01ab1815b1d1a76342824b46a3dd6063d35aa4de0a93a1ee19911a873868ccccc5d14c69e5d39dc9b649638779ceafe61553"}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_IMMEDIATE_DATA={0xb4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xae, 0x1, "e658f04c8440c0b3f7953b53f8c85b6a7f2b782544677271a99f83fbdd8a9453feaf58e5a9383525ac2c3a455fb186876b5f5896511469e2f3cba3101231f56e0f2e6f5c61bc7f1cc8ebb843e2902ef233dd3b39edc1056ffffc13cd2350d10c47cfecc1d0e2f659d53b9296a18170ef740eefeca3f679a01c7d6d64683a63ef0d4b8102cb4096cbf0ccc50fc34c4badb791c49c1d36992186c8a296371795f263dad5768e3aeded7cc4"}]}]}}}, @NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x1e}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x38}, @NFTA_INNER_EXPR={0x388, 0x5, 0x0, 0x1, @immediate={{0xe}, @val={0x374, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_IMMEDIATE_DATA={0x40, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x3a, 0x1, "193a2eaf9fd16c0276f20289dec9a07619e83d560469d4a72beb0b6d86a46db9d5248120c8ef74e5fd328b19586163447e40ba06b17b"}]}, @NFTA_IMMEDIATE_DATA={0x20c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xdf, 0x1, "a2b7559b4b7a26631c40ae72f12b9b3c4776d1dac489b11e9de8d9bddf1ccf6d4dc2eb04a055b6c9fc8910bd9cc247af30a780025abb8b3966839c3e765c6f5859d8bbce5b0612f0f9cedac7cd31cbf369dd8ddd033725a5d6ba9f7e8e0aa3b1d362437c8c09aa4af5b4a41147dd51a53a5fa03939efcaad4135737c5bdbe58fc3af0d51a03879e1c6c261e123456b72c4a52e09b917da587811b9dfa4069235fbc1b608811f534d97df2412513afd4a2330144cc4e56b6ed14ef4bb1f3bc0b1c852ef6ee179d441815b5dd04e49583d5f87c83f65b07f021d6135"}, @NFTA_DATA_VALUE={0x5f, 0x1, "eb17bde3fff3142d9623823876141c17a6cc676cccd548d18d30f862f4043397d2d58ee9e4000261191f4367537b8d91eb1bdc1519290d787031ef9758f88a7a6784e061defb4c6c51ec1a68c675c0bad203acb798ebf21df5516c"}, @NFTA_DATA_VALUE={0x79, 0x1, "0ef274035a0f34430e3092740cc83e0211f1f307334d355980614f3990238abbf1f6bff603c8b6e8eb95ed9d39120e351ec29854f4638ed744d3037bbb8cdf2820a6a938ebde7a64864588a3abd250949204aa76730b786844d1d097535b5e689ba7aad69548bde04c1dcfb1521338c6024dd371ec"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x38, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}]}, @NFTA_IMMEDIATE_DATA={0x10c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xa, 0x1, "eb8f9ffd6fd6"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x76, 0x1, "e1c8d16beeb50809e657d9d79088219b9a41db9af3209c961e7e374db3cf6d9a2e7bdb268a27aaa0a3e20ec58e0f564faf80939d5c6b1a6b508de4cc718cea75d8995b95b57f7115a0b08fa6cbb1bd0b86d5f939be184f1ef1ec9f95e1954b2aeb335f2b7b623472516116a2fda2f8fc04ab"}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}]}}}, {0xc, 0x1, 0x0, 0x1, @osf={{0x8}, @void}}, {0x18, 0x1, 0x0, 0x1, @log={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6, 0x1, 0x1, 0x0, 0x7}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @payload={{0xc}, @void}}]}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x1094}, 0x1, 0x0, 0x0, 0x24000000}, 0x8004) (async)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a0000000000000000020000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a"], 0x18c0}}, 0x0) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002500)={&(0x7f00000013c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000024c0)={&(0x7f0000001400)={0x1098, 0x32, 0x20, 0x70bd25, 0x25dfdbff, {0xf}, [@typed={0x4, 0xe7}, @generic="bd44a6956f473471afc13b07bcfd56f53e099cc65ab47f4a93c0157829e10695e2983154eef14c776185715b943edbe24be14aba11d470ed089e8e2e422e24d989167353cabe0d641065626dd83953a588e0b86d62ebe2b3ceebbcfb473323b33471b688ac842d6c4f9df24f79fbae9f766fe571b8fde6b1dd76ddc4fa57", @generic="0813d72354a23cd41e92a30bc4ff3091755da8925aa872772c393b610ccf91cd17c72b953b1d10df5996a07949928a6d56854ad35212bc65fed2e047f9d1a6bd65bca04430f7692bff9868f02aaf74666675b4f5601fca4d41a0222689baca06b237e510b964713c663ec2ab0cf1ff9e60155ac92d322f2cc1bfa0f4ccc68eed22c07233f1db2b97b187da87cd79491f6026b55bfd568bc15e42cfa5196970608f968192cb4069c06b5a710edf6177aa8348c1fbb9a30983e85a6b9552572b013ccee950f269bc18f4d2ed59bd90594bdb788af6c760056114106ed0c644100cf6bb0b9d74ed7f3e8b23a742e612f22ea07412e786ac9fcf75136e9307522d5b593ce7de2a4af85fe398653f9bf4200e6e4b8c5de4b9354eae64c84c39d9d470969377baafd538d00ad9c5b43eabf88a75782f895038a7ca68d0457ba8d3e91383e312707b64c6b2e8917b5a12caccb48c248795fdef7fd3777c800cc27cc91ade009b387c0945a5197f25a2172683e4b3307c0b9b0a08100a321d50f9fa9a1bd4de90b6d934cf6edf02cde2fb8cbc7354ce6ea2e39ab0cbcab1d744983da2f6201d270887dee16fa3f9de3f588ffe9844505555f695c5dfb1aa79ad0574dc342c75e56c094aca864841331186aa5b6e3d230cf50ef0ecc81755143ff93c4d9df270e7d12a390fc79c1ccc6c26bb8319a9bc15bf1cbf813f54044d88487cf58b60f5620434fe0e2441d1a7ad6fea9d0ea6134ebb4e185397ed12db9464747e3782c1164a6a49c99ab11b3c029fde62b52904f5629d62a3248c0620f8d7f2e06a40fd25b4b6bc8845bdb84a412a484a59f9f59c0f572c413c90ac8cd2422849d4c76447db3739c39d661a87450cf20d3f778693f6e0ef8072de54e13172a9f39bacdfc6b728abe961a7aaac67e38467f1a01fb1e3c89599ce40c049c7b4a1492230f5139f994cc5af6432a201f30da3086cd5138727512c230fc51f67fa2295b1d02a600eba68d22c1d7355859f04123d4a863f129e39778c46e935ffd814987e2eb056fed039889d4ff1dde2b9435baec3a8cce528b5fa6e096bc1e6d5971b12b02a4fe100867fec99c5132deabf2678d321f01ca73d81f67fac66fa059aecdadc8f6341250a304769db6c9825bdc059af0cb7ddab70aadeab20eb0246afea587035a16a501ca12f483448070bca2180de53e5ab61568cfd582b4b529358a4a395e0d4c75a508c24d5f5eb27c76237b72053c12c946d8871022e66c11fe063a4d2ef4142cb19c08b4ba30820dd6b336813dc6916f0cf755232ed26543bcc98ebd5b3902c478e48825fbb1a5c918055d547b78a108e18203c2ce43f657ebd278109080d90916df645a33568378d7d0749e14c35fb19c279dc5e3bc34f803a20e71bda3c18466da7568e13cb318b9588ed4c9d523a988104524f2735751f5b3a7ccbebb053c40a259d67e7ab1a75d3306063067f4677c6663097127218a1c6f452eeb98dfa6772c4ca37b2beeda5600829fde984713111d2479d7e1b65d5735bb3ca97dee217bb3746fa788c12bdcac9931585f5be29d15cf53495bd918300558176415719aa6f7acdce00d8ba3c31664ab7e39b23dfade87a37b08a509b4599b979369e2b755e07398d3e30069f81968da8c851dfa56f3d4d926c9ce012bed57366389020d27814320a7c2e519c852591e171c2e85888cbd82eeb8e5c84db551d3a8e93c24a52b68657b42a4c578cfc9f089dfeee8011e0d5998467dae08118b328a8045ea6032421870ba3a7d4e72cc106ccbd05aee03ce816d8da7fd2d5b8b9e25f3cec865e306885f2292983c264a652df73d8a5f02d3563874fa53d0b84008ac31439af49f284a4ed98121db3033ed92ecc2c33deff0ab36db296013ddf37d954e755aab9af21397a60d5a831211f5b967c0798112941b2bc5e61a9d9dd7abe6567f545a8bdf6ba47c3a750aa7929a3665dff562b65f97935fbdd55280c43da1a24c02d10f55155a349af0d5c9f48c63114499c203cb35a794077b68ada06c24a32a1fb469e8582db74a8aa333fb4c74be4f2765f766d5e55cec2a94029bb72b5391d39e4ada0ce1a1256bfbc927571fbbb282fd3c4b8b5be75492dbb31ce8e49dfca07409d2c79a2a4444514e92c8f91bef42e1c55560eae5fde736cd2027496f80493f6639ca431346c0028abff716c70cb04a79a5d4dc557a7e6aa436eaf5f6f04469c36d06acbbedd234454664dbfbe2efc292651bf683d194c3d9a1e191646129adb358e1e7e9e3e2b8a2a2bd42b8f7fd6af0cfe496ff07f31e3aded0a0ce94111bdaf90295dd7d335da3a40803eacdebcabd955082d5f646d45fd68e23160c5721bf69dac3822a03e5e510a2c5e8c56d2005893d071081e22691069e0a5132b04d467372be68bfe41801eef8cb7085b72583bd21b3f6cf7a800b5b5f61e648e61f02c446d37100bf4108ae09f0ed818ca215fe450586aae9c59760bac10273186370d52f7e6c515cbc348d997df298539448e2f981582b7031b87506420b1916d424e5fd33cfffc6499feb474377f518d5fce9187328eb9475546e58d042ebb1ebb2df2117811af34e2494b0bad4def152671cf55d1a69f5e3bf77c0f511e6531204aad5c630f110079ffa1ead61bf5f3d6c44c66f9fe7114e3430d8b111715de071891f072997341968affcc7ee48f313ef21317780314debadac40395775b28ae307d42a13f7c187184d696ae5d94a37126a90b5fce24de1e952b5e14b437108122910d3046b14f43896bff5cacac3d2e1519f4894735d81ffadc55f3ad4e04304ef51adee6bda2222a581c541dbbbac7eaa67a69156534005465fbc4cf0629c072b4879a07780b3ba23d3cc159c351c3ea67cb385d7b9fa5c90b23c98024cbd8ca100a0cbd2dea43d04f9b481228f0e3b0adb5a2ffa93c8d547069ad54b8363b009cac9a894d75dacab7e0492d5e8ee274e3b086c13e6a65b1d795ea775530b252ea72f916ecb34867870ecd464c818777595bbc42827dd37b7337e3dbafeb5672687d9b65ff99bfe2b47afcdc1cbc7864665647197f1e8504395f3c822a2b670f5dded656265833212784c2c374854e00efe580ba8cbab38f9dedddc1f870d8ff4428a99efaae094a6a56ed948be61c806b01feb07795fd309478e99dbd6aedbf3e77cb5d7c0f125f7b1a01d169fade855723794354029f8a0c897c198fd7b06597de9c0954c3860a81c4871aa1078153432590b829e21ba582e250ed5e98b9fb154d57379ffcbe9555c22c25f37d07abe64f7604662e9ff8c66d00d774191c281ee4c5aef3bac76ef47f42c61fd9951f51f5174925a6ebe677c7087ab3959b346bc9759b8d02b33f48b7be70b19abfe2eb00f5b019073b98cca7c05eb38fd0e74a965bb8a61c7c87f0abb634690ebae8fa9b0b55ad54e0a570b9a9b7fad8ea6b75de68f64e6267d00fe7ad2c98509c37642e8475b56150af3079a228f595d0fc5d53f491bb06b9547a7408d2b5ce3424653d261bb2def216d57b6e037292feae71dd9a71f20d1ffdfd125c78cffc5d00d6b77ae03c37ead76310925dfa182a5bc8f862f65bc5867620bbe711bc00fd5970f7adc1e77259b1699578be2b23291361736c42086d6b87a5df8ffc2a8dadd2ef9e958c0fbef79beb49707a2a24cbfdc5c43634a68858f7141a8bbc913c03c3a287f92be2f30f2c69b84e48efdf4c49a7ebfc8f55614928223821cbcc777f0200a327f13b33ccbe621238e33b8964d0ecf8bd239b5cd88a3415b9e84f973f7d9ced9505f53471edf19dff6f6ba40f5794952459ca871f9786bae60745dd4ccd1bfca0a761b4143f65fa5e035d4aa386aa5d447029fec9d7befdbfeea97d0c29581995770f8f812d8c5d4fb7bd0c419da201a326b572c1a690d2588ac0ebf66505b9f7198f7712585d3a9487a4370bbadfad0da0386f58115b25d407e249181a4148b3efb00f542463fd7ddf81950041821a95a86ff0bcc308572a03a447a495145f23e4d8059dffff8e7d4d67184cec49bbfb129c221e72b6ec1ad97408aa22203f088a364612658191341b9442a19ba13f914def69fe90f0f1d3f04f70338f6f38a325717006cb0b732680648572955057dbc6edf9c821818f372b6042344b2063fc24513a559ef834ec2d016cbf5e61629b88c0bda3656c33631e4800c3604cacdf4a00b66d965f8e34999ce112b89791972da914f35cf7246a109d1c2d8e869f0e5e786496957e7e5c737d7a6457bfb4d23b938b1772d84392b8c677f43c38ad56507a9518325f3a895263ab566c436db0467cf74821400a662cd8406f6fe86323c302891e888afe4dca9cb245756d36da6ff56a63ce986ccf32aeb6ba657fa83548876107923f765b9c95a3f61573aed115f2f7039b115b074c49c41823a3c49b384986f98183494915f29f64721b83356450bdbc332068a3f01c919c11924f0078bf481a672669affe1479849403dc7bac93ddf7acaa9a70500d11576233e5e3ea85e494b46af10961502b3ffa0f5697a3aca9326ab983f17e69052f62e55b8e7e7bcfea0c1dbb7b52fe944a6b4b483b34ac49de90cf815a01111ce4125cbe82d26075d2566f2f07a69902ec198644c2a9bb51efcbaa3867ab0abdf7014455b9c7700479080fd7b2fd5cd5ce89d15d0721d8992d9eec4541cf30b0797268e31511fa9037ad1b9f0dc3777bc719cd2dd44cc1cc60dd864aedf747a9db9e8f02aee9fe7797f02ce7248d3ff0535c6722cfeabb4808976497011c878c09fbce6bc8618d045060d5a5e3ab84557ef7d0b164d4a7a19855a758502b5e0ab9a5bbce72e673a4e11f309d4825861cd31e2b28f770697c0c23be506d5446b80e98f426c053b131dcf73b27e8d76859fea11e2ff7800da4574ba085ca7e6afa4e603918e1cee9bf0eb3fbed9e85c00ba0d0a176a87de77a60dafdf1abcbc33224b9a4ef6eada4b314ea04f501be8684b1346a378470cc299753e5a65b67e8ce4d0c7d836914e410efe70097666818c91b5963dfdd7a84136ae53c72f6fbfd20361b35b0a807d746308c2d21dfdeb142691003ff11be26eded2ed286afabe0a40a4eb8db8b4db05861df5be2bd6b71ab009b52613e417516e96f33bfa0ea05332c8c0abe73497fd37b68d1eee964c7def84c697fb14558d525906b3cd2bbecf3c4675bf374675dc52a2253f422eddda48026dc953e6850d7737a8b00d0f6db418252c761707ed2700f4b991aed02f83ccd8247c53cb24bb4cced534274319c817ca265ba6740060725da94ea9bbd1ece6d69e36e7c318ca5f22f1c9fdebb175c1c3320a1ef68c602e18644adefc04447c627951f9b018a9c5fbf8474460fd0dee7e5194e220a5461dd0245ef08ab9328c85d63152615bd167aa96af116d06e472b01b4f25d59496e2087a0b8c5f490478c816371e45451b6d7000e8822f1fa9555c5ce86d27134f9435d5ed92c48adcdbe90937b85469e9f230c17c28ec72869ad45f10b28ae46ee1ff947e6bcfdc0d4bdfde911df4be3ac7268ad13be1a14415061307e90acd69083412f79004936b40c9195303f3633bea2b06c40ec6a96b9420f288a7f3cdfe8c7a061af8d0fe62f9de975964b2bc7da0874e29a36748f01389ced0f26c9b69b14a29336eef8861b794d53ca8e0fe19e5ccc33e415f9c7d77428385555efd66dc523cd64c465d7ea7a485b171258e5d225a0d7b101367853e0bb4e56734c3267939ae66c4caf69ce80051510ce2faeabac7d88106e72a5e288017544e310d5ccca7696"]}, 0x1098}, 0x1, 0x0, 0x0, 0x40804}, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={<r3=>0x0, 0x2, 0x5, 0x4, 0x5, 0xa}, &(0x7f00000001c0)=0x14)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000200)={r3, 0xfd19}, 0x8)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10) (async)
r4 = socket$unix(0x1, 0x5, 0x0)
getsockname$unix(r4, &(0x7f0000000140)=@abs, &(0x7f0000000040)=0x6e)

1m13.190660301s ago: executing program 3 (id=566):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002480)=@newtfilter={0xa68, 0x28, 0x200, 0x70bd2b, 0x4, {0x0, 0x0, 0x0, r3, {0xe}, {0x6}, {0xfff1, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x1}}, @filter_kind_options=@f_flower={{0xb}, {0x50, 0x2, [@TCA_FLOWER_KEY_ARP_THA={0xa}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK={0x5}, @TCA_FLOWER_KEY_TCP_FLAGS={0x6}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0x0, 0xff, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ICMPV4_TYPE={0x5, 0x33, 0x2}, @TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0x0, 0x0, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}]}}, @TCA_CHAIN={0x8, 0xb, 0xffff8000}, @TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @TCA_RATE={0x6, 0x5, {0x6, 0x40}}, @filter_kind_options=@f_cgroup={{0xb}, {0x9ac, 0x2, [@TCA_CGROUP_EMATCHES={0x4dc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x88, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x3, 0x2, 0x4}, {0x4, 0xa, 0x0, "a8c8c425804df24c5bf4"}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x8}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x0, 0x1}}}}, @TCF_EM_IPT={0x3c, 0x1, 0x0, 0x0, {{0x9, 0x9, 0x8000}, [@TCA_EM_IPT_MATCH_DATA={0x2f, 0x5, "11a9c3627b33693c5d4955fbac4f47d45c136b768cc70670f4b7cc887532ddfd2a9c4832f253377d6981e0"}]}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x401, 0x1, 0x6c}, {0x2, 0x9, 0x9, 0x1, 0xc, 0x0, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0x1bc, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x38, 0x3, 0x0, 0x0, {{0x8000, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xf}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xcc, 0x2, 0x7}, {0xf, 0x3, 0x1, "c53646"}}}, @TCF_EM_CONTAINER={0x94, 0x3, 0x0, 0x0, {{0xa, 0x0, 0x9}, "4df6f634484d59066c1cc791a1a537af7f62a2b7c7671bc565a62bb74bfc7bc9d524bd867bb11e99b691063631c2e1b2bea60982bb5756285c53d0ceade6493b8f0305e6eee30e95dc15db210ecd1a087e943dc633f72ff7458c7ad162a18f11f5f94be82f4d4695ac2360bc4c563cd4e005d7591f68e68da8940ebbab7b3f12f0cbbf6d1dd069"}}, @TCF_EM_META={0xbc, 0x1, 0x0, 0x0, {{0x81}, [@TCA_EM_META_RVALUE={0x1e, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="ac697de8fead449a50eb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xc, 0x2, 0x2}, {0x3, 0xfa}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_VAR="05d3e38ba9702e106b", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x10, 0x0, 0x3}, {0x9, 0x7}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x2}, {0x9, 0x2}}}, @TCA_EM_META_LVALUE={0x37, 0x2, [@TCF_META_TYPE_VAR="a8bc98b9199c04ae", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="8cdd34547cf8b6c429", @TCF_META_TYPE_VAR="1de73a0fcc", @TCF_META_TYPE_VAR="036a4343c90a", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="df9d9aa24452d3bd", @TCF_META_TYPE_VAR="38f63ce1c186fc"]}]}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x9, 0x3, 0x8}, {0x80, 0x7, 0xffffffff, 0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x278, 0x2, 0x0, 0x1, [@TCF_EM_META={0x4c, 0x3, 0x0, 0x0, {{0x5, 0x4, 0x1928}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x6, 0xdf, 0x2}, {0x0, 0x3, 0x2}}}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="d923", @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x1e, 0x2, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="cf061aac0b652529", @TCF_META_TYPE_VAR="1958"]}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x2, 0x3, 0x9}, {0xeaf7, 0x7400, 0x7, 0xffffffff}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x7, 0x2, 0xff85}, {0x0, 0x5, 0x0, "abc1035c58"}}}, @TCF_EM_IPT={0x1ac, 0x2, 0x0, 0x0, {{0x2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0xdd, 0x5, "6ef8ca88c18b936ce9bbc88fc712fca987693405bc31e05b55a18c656201ef584dfe861a27b54722668f5c98126b2f6da019469ceac31f9bc36c468393e4f83205b1c7c9fef4c738141298741dabc408d685f4372007108c86a7f207cc953c35b460716b7179b438cdd7e3002955da14b7da1e0ff68e2b4e5c62fd094465eea678bff70e769a8edf790410f957ce68a50328d6b38fc3a56683be451e2df295c392f3340d8dc8c0c90edda60b577b96c7d95d6a5b006c06db10a5809b32a4725ca3708c4a69dcde98d9d1ef2f9c9d2cf2a32d4dfb557918de6e"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x5}, @TCA_EM_IPT_MATCH_DATA={0x8b, 0x5, "e1986d0bb4cfb86ebfec333252691f45abdc6492b5165177279cdd457a6be450466eba294baeb95b86e68a1e3a51ae8088ce8291c804bea5d7b91d776b29b91999fd35a4d21690c2fc568f5173d5e1ecdb1f2daa4d68b3cfcaf837b122932ff6f34fd29b946b26a9e76609271a89e1f793c9623f55c25922fd0de01a5b35e73d52b17b6f090279"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}]}}, @TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x4, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xa00, 0x2, 0x9}, {0x6, 0x4, 0x0, "ad7fcffd"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}]}, @TCA_CGROUP_EMATCHES={0x4cc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x84, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0x3}, {0xa, 0x1, 0x9, 0xeb}}}, @TCF_EM_CONTAINER={0x50, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x1ff}, "5b4dbdee12b425bea73338a35bece705880c855a31f28274c87c8d3dc2c2bf73ae269cdfaf186163a668d031519a0ee44c693c4c3556c8a257b1b16ffc94fa42107d0aa3"}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xe, 0x2, 0x8000}, {0x6b3b, 0x3, 0x2, "133f7d"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x9}, {0x4, 0x1, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x208, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x100, 0x8, 0x8}, {0x0, 0x5, 0x2}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0x3ff}, {0x8, 0x0, 0x7, 0x4, 0xc, 0x2, 0x2}}}, @TCF_EM_CONTAINER={0xa0, 0x3, 0x0, 0x0, {{0x4, 0x0, 0x171}, "ccf20bcfc61ecc60fd886b8d73ff24fb291607d985e02a13372e3d06ce10f3ac0581dc139ebd454a97d10b66bef89e1ca64eefb5bab13bc225faa586395bbeefdc4a50d964b945b5f9149344feb84bbeb24e8f28c6150cc83b284c665a3f7dd24bbf6260b4212368e5b07467b7afea9ceb96ad829c472879112ff3c46ddc63084f38847d1d84ef9bd20ea9abd03f4014676209"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x0, 0x7, 0x1}, {{0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x34, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x401}, "bf70ef435131d426f798949465848b0f3570937af9b2ed6522ff2823d63eda127e65b8fe6d"}}, @TCF_EM_META={0x78, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x32, 0x2, [@TCF_META_TYPE_VAR="29edd399", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="94cd2631a6c4b9", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="3eaf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="3d4ae92b7b14bd4972"]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x1, 0x1}, {0xd, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0xb, 0x1}, {0x7, 0x2, 0x1}}}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="6ac8", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_IPT={0x30, 0x2, 0x0, 0x0, {{0x8001, 0x9, 0x6}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPT={0x20, 0x3, 0x0, 0x0, {{0x1915, 0x9, 0xfc41}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x515}, {0xffffffffffffffff, 0x4, 0x3}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x8}, {0x5, 0xd0c, 0xfffffff7, 0x412fa7df}}}]}, @TCA_EMATCH_TREE_LIST={0x144, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x2, 0x7, 0xfff7}, {{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x8c, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x8}, "bb85341d0b52fc2059741bf64f398e72eb1de3d74c7d38ca14a76251a341379d9d670e86e44c4c70b6a9fae7ecd0e6f20a58f4d976312207ab90293bdf8cb70c0c935d5074375f2f854b3b9297e620ff8efd7834a5c777751362206d5814a7f62191ed98f0fe363c81d5f60b098c2efa05c4a89cf715a648937705be583b"}}, @TCF_EM_META={0xa0, 0x1, 0x0, 0x0, {{0xfff0, 0x4, 0xb27}, [@TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="c2d09d", @TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_RVALUE={0x10, 0x3, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="023a041345", @TCF_META_TYPE_VAR="cc6dda", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="490252b7b701d6"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xc3}, {0x28, 0xac}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff, 0x1}, {0x4, 0x8}}}, @TCA_EM_META_LVALUE={0x2a, 0x2, [@TCF_META_TYPE_VAR="b0cb0a", @TCF_META_TYPE_VAR="7f51b022b4a315194e0f", @TCF_META_TYPE_VAR="309b", @TCF_META_TYPE_VAR="3ed9a96e452e5ff2", @TCF_META_TYPE_VAR="ad679f", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_VAR="e61e", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="e3284da522"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0xc, 0x2}, {0x3, 0x4, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0xbc, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x100, 0x7, 0xffff}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x7ff, 0x3, 0x101}, {0x5, 0xffffffff, 0x10001, 0x6}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xe4, 0x8, 0x3}, {0x0, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x7f, 0x8, 0x6}, {0x4, 0x6, 0x3}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xd, 0x1, 0x4}, {0xf, 0xfffffffd, 0x1, 0x6, 0xa, 0x1, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1ff, 0x3, 0x1}, {0x5, 0x3, 0x9, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8, 0x1, 0x81}, {0x3, 0x9, 0x7, 0x1, 0x5, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x8, 0x3, 0x10f}, {0x5, 0x30d, 0x8}}}]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0xa68}, 0x1, 0x0, 0x0, 0x898}, 0x44)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000002340)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mount(&(0x7f0000000080)=@sr0, &(0x7f0000000180)='./cgroup\x00', &(0x7f00000001c0)='btrfs\x00', 0xa00001, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe4)
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
chown(&(0x7f0000000000)='./cgroup\x00', r9, r10)

1m13.127283575s ago: executing program 33 (id=566):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002480)=@newtfilter={0xa68, 0x28, 0x200, 0x70bd2b, 0x4, {0x0, 0x0, 0x0, r3, {0xe}, {0x6}, {0xfff1, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x1}}, @filter_kind_options=@f_flower={{0xb}, {0x50, 0x2, [@TCA_FLOWER_KEY_ARP_THA={0xa}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK={0x5}, @TCA_FLOWER_KEY_TCP_FLAGS={0x6}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0x0, 0xff, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ICMPV4_TYPE={0x5, 0x33, 0x2}, @TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0x0, 0x0, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}]}}, @TCA_CHAIN={0x8, 0xb, 0xffff8000}, @TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @TCA_RATE={0x6, 0x5, {0x6, 0x40}}, @filter_kind_options=@f_cgroup={{0xb}, {0x9ac, 0x2, [@TCA_CGROUP_EMATCHES={0x4dc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x88, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x3, 0x2, 0x4}, {0x4, 0xa, 0x0, "a8c8c425804df24c5bf4"}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x8}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x0, 0x1}}}}, @TCF_EM_IPT={0x3c, 0x1, 0x0, 0x0, {{0x9, 0x9, 0x8000}, [@TCA_EM_IPT_MATCH_DATA={0x2f, 0x5, "11a9c3627b33693c5d4955fbac4f47d45c136b768cc70670f4b7cc887532ddfd2a9c4832f253377d6981e0"}]}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x401, 0x1, 0x6c}, {0x2, 0x9, 0x9, 0x1, 0xc, 0x0, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0x1bc, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x38, 0x3, 0x0, 0x0, {{0x8000, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xf}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xcc, 0x2, 0x7}, {0xf, 0x3, 0x1, "c53646"}}}, @TCF_EM_CONTAINER={0x94, 0x3, 0x0, 0x0, {{0xa, 0x0, 0x9}, "4df6f634484d59066c1cc791a1a537af7f62a2b7c7671bc565a62bb74bfc7bc9d524bd867bb11e99b691063631c2e1b2bea60982bb5756285c53d0ceade6493b8f0305e6eee30e95dc15db210ecd1a087e943dc633f72ff7458c7ad162a18f11f5f94be82f4d4695ac2360bc4c563cd4e005d7591f68e68da8940ebbab7b3f12f0cbbf6d1dd069"}}, @TCF_EM_META={0xbc, 0x1, 0x0, 0x0, {{0x81}, [@TCA_EM_META_RVALUE={0x1e, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="ac697de8fead449a50eb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xc, 0x2, 0x2}, {0x3, 0xfa}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_VAR="05d3e38ba9702e106b", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x10, 0x0, 0x3}, {0x9, 0x7}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x2}, {0x9, 0x2}}}, @TCA_EM_META_LVALUE={0x37, 0x2, [@TCF_META_TYPE_VAR="a8bc98b9199c04ae", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="8cdd34547cf8b6c429", @TCF_META_TYPE_VAR="1de73a0fcc", @TCF_META_TYPE_VAR="036a4343c90a", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="df9d9aa24452d3bd", @TCF_META_TYPE_VAR="38f63ce1c186fc"]}]}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x9, 0x3, 0x8}, {0x80, 0x7, 0xffffffff, 0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x278, 0x2, 0x0, 0x1, [@TCF_EM_META={0x4c, 0x3, 0x0, 0x0, {{0x5, 0x4, 0x1928}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x6, 0xdf, 0x2}, {0x0, 0x3, 0x2}}}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="d923", @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x1e, 0x2, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="cf061aac0b652529", @TCF_META_TYPE_VAR="1958"]}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x2, 0x3, 0x9}, {0xeaf7, 0x7400, 0x7, 0xffffffff}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x7, 0x2, 0xff85}, {0x0, 0x5, 0x0, "abc1035c58"}}}, @TCF_EM_IPT={0x1ac, 0x2, 0x0, 0x0, {{0x2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0xdd, 0x5, "6ef8ca88c18b936ce9bbc88fc712fca987693405bc31e05b55a18c656201ef584dfe861a27b54722668f5c98126b2f6da019469ceac31f9bc36c468393e4f83205b1c7c9fef4c738141298741dabc408d685f4372007108c86a7f207cc953c35b460716b7179b438cdd7e3002955da14b7da1e0ff68e2b4e5c62fd094465eea678bff70e769a8edf790410f957ce68a50328d6b38fc3a56683be451e2df295c392f3340d8dc8c0c90edda60b577b96c7d95d6a5b006c06db10a5809b32a4725ca3708c4a69dcde98d9d1ef2f9c9d2cf2a32d4dfb557918de6e"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x5}, @TCA_EM_IPT_MATCH_DATA={0x8b, 0x5, "e1986d0bb4cfb86ebfec333252691f45abdc6492b5165177279cdd457a6be450466eba294baeb95b86e68a1e3a51ae8088ce8291c804bea5d7b91d776b29b91999fd35a4d21690c2fc568f5173d5e1ecdb1f2daa4d68b3cfcaf837b122932ff6f34fd29b946b26a9e76609271a89e1f793c9623f55c25922fd0de01a5b35e73d52b17b6f090279"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}]}}, @TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x4, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xa00, 0x2, 0x9}, {0x6, 0x4, 0x0, "ad7fcffd"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}]}, @TCA_CGROUP_EMATCHES={0x4cc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x84, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0x3}, {0xa, 0x1, 0x9, 0xeb}}}, @TCF_EM_CONTAINER={0x50, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x1ff}, "5b4dbdee12b425bea73338a35bece705880c855a31f28274c87c8d3dc2c2bf73ae269cdfaf186163a668d031519a0ee44c693c4c3556c8a257b1b16ffc94fa42107d0aa3"}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xe, 0x2, 0x8000}, {0x6b3b, 0x3, 0x2, "133f7d"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x9}, {0x4, 0x1, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x208, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x100, 0x8, 0x8}, {0x0, 0x5, 0x2}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0x3ff}, {0x8, 0x0, 0x7, 0x4, 0xc, 0x2, 0x2}}}, @TCF_EM_CONTAINER={0xa0, 0x3, 0x0, 0x0, {{0x4, 0x0, 0x171}, "ccf20bcfc61ecc60fd886b8d73ff24fb291607d985e02a13372e3d06ce10f3ac0581dc139ebd454a97d10b66bef89e1ca64eefb5bab13bc225faa586395bbeefdc4a50d964b945b5f9149344feb84bbeb24e8f28c6150cc83b284c665a3f7dd24bbf6260b4212368e5b07467b7afea9ceb96ad829c472879112ff3c46ddc63084f38847d1d84ef9bd20ea9abd03f4014676209"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x0, 0x7, 0x1}, {{0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x34, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x401}, "bf70ef435131d426f798949465848b0f3570937af9b2ed6522ff2823d63eda127e65b8fe6d"}}, @TCF_EM_META={0x78, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x32, 0x2, [@TCF_META_TYPE_VAR="29edd399", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="94cd2631a6c4b9", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="3eaf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="3d4ae92b7b14bd4972"]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x1, 0x1}, {0xd, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0xb, 0x1}, {0x7, 0x2, 0x1}}}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="6ac8", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_IPT={0x30, 0x2, 0x0, 0x0, {{0x8001, 0x9, 0x6}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPT={0x20, 0x3, 0x0, 0x0, {{0x1915, 0x9, 0xfc41}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x515}, {0xffffffffffffffff, 0x4, 0x3}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x8}, {0x5, 0xd0c, 0xfffffff7, 0x412fa7df}}}]}, @TCA_EMATCH_TREE_LIST={0x144, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x2, 0x7, 0xfff7}, {{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x8c, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x8}, "bb85341d0b52fc2059741bf64f398e72eb1de3d74c7d38ca14a76251a341379d9d670e86e44c4c70b6a9fae7ecd0e6f20a58f4d976312207ab90293bdf8cb70c0c935d5074375f2f854b3b9297e620ff8efd7834a5c777751362206d5814a7f62191ed98f0fe363c81d5f60b098c2efa05c4a89cf715a648937705be583b"}}, @TCF_EM_META={0xa0, 0x1, 0x0, 0x0, {{0xfff0, 0x4, 0xb27}, [@TCA_EM_META_LVALUE={0xc, 0x2, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="c2d09d", @TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_RVALUE={0x10, 0x3, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="023a041345", @TCF_META_TYPE_VAR="cc6dda", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="490252b7b701d6"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xc3}, {0x28, 0xac}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff, 0x1}, {0x4, 0x8}}}, @TCA_EM_META_LVALUE={0x2a, 0x2, [@TCF_META_TYPE_VAR="b0cb0a", @TCF_META_TYPE_VAR="7f51b022b4a315194e0f", @TCF_META_TYPE_VAR="309b", @TCF_META_TYPE_VAR="3ed9a96e452e5ff2", @TCF_META_TYPE_VAR="ad679f", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_VAR="e61e", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="e3284da522"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0xc, 0x2}, {0x3, 0x4, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0xbc, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x100, 0x7, 0xffff}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x7ff, 0x3, 0x101}, {0x5, 0xffffffff, 0x10001, 0x6}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xe4, 0x8, 0x3}, {0x0, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x7f, 0x8, 0x6}, {0x4, 0x6, 0x3}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xd, 0x1, 0x4}, {0xf, 0xfffffffd, 0x1, 0x6, 0xa, 0x1, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1ff, 0x3, 0x1}, {0x5, 0x3, 0x9, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8, 0x1, 0x81}, {0x3, 0x9, 0x7, 0x1, 0x5, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x8, 0x3, 0x10f}, {0x5, 0x30d, 0x8}}}]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0xa68}, 0x1, 0x0, 0x0, 0x898}, 0x44)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000002340)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mount(&(0x7f0000000080)=@sr0, &(0x7f0000000180)='./cgroup\x00', &(0x7f00000001c0)='btrfs\x00', 0xa00001, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe4)
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
chown(&(0x7f0000000000)='./cgroup\x00', r9, r10)

3.4518799s ago: executing program 5 (id=1129):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="3663ff3ac7333d1d", 0x8}, {&(0x7f0000000280)="e02584eeb69ae6b342", 0x9}], 0x2}], 0x1, 0x2004001)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x3f, 0x0, r1, &(0x7f0000000340), 0x41}])

3.311884424s ago: executing program 5 (id=1130):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket(0x8, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x97, 0xb206, &(0x7f0000006680))
mq_unlink(0x0)
munlock(&(0x7f0000359000/0x3000)=nil, 0x3000)
r1 = shmget(0x3, 0x2000, 0x4, &(0x7f0000359000/0x2000)=nil)
shmctl$IPC_RMID(r1, 0x0)
r2 = syz_open_dev$dri(0x0, 0x1ff, 0x8000)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
tee(r3, r3, 0x81, 0x9)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mq_open(&(0x7f0000000440)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xceq\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7f3ab2c2})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000000)={0x0, 0xfffffe26, 0x80800})
socket$kcm(0x29, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40016006, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4fed0)
shmctl$IPC_RMID(r1, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000"], 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r4, 0x8b2c, &(0x7f0000000040))
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

2.289242012s ago: executing program 2 (id=1139):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendto$inet6(r6, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd74)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002480)=@newtfilter={0xa54, 0x28, 0x200, 0x70bd2b, 0x4, {0x0, 0x0, 0x0, r3, {0xe}, {0x6}, {0xfff1, 0x3d}}, [@TCA_RATE={0x6, 0x5, {0x1}}, @filter_kind_options=@f_flower={{0xb}, {0x50, 0x2, [@TCA_FLOWER_KEY_ARP_THA={0xa}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK={0x5}, @TCA_FLOWER_KEY_TCP_FLAGS={0x6}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ETH_SRC_MASK={0xa, 0x7, [0x0, 0xff, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ICMPV4_TYPE={0x5, 0x33, 0x2}, @TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0x0, 0x0, 0x0, 0x0, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}]}}, @TCA_CHAIN={0x8, 0xb, 0xffff8000}, @TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @TCA_RATE={0x6, 0x5, {0x6, 0x40}}, @filter_kind_options=@f_cgroup={{0xb}, {0x998, 0x2, [@TCA_CGROUP_EMATCHES={0x4dc, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x88, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x3, 0x2, 0x4}, {0x4, 0xa, 0x0, "a8c8c425804df24c5bf4"}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x8}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x0, 0x1}}}}, @TCF_EM_IPT={0x3c, 0x1, 0x0, 0x0, {{0x9, 0x9, 0x8000}, [@TCA_EM_IPT_MATCH_DATA={0x2f, 0x5, "11a9c3627b33693c5d4955fbac4f47d45c136b768cc70670f4b7cc887532ddfd2a9c4832f253377d6981e0"}]}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x401, 0x1, 0x6c}, {0x2, 0x9, 0x9, 0x1, 0xc, 0x0, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_LIST={0x1bc, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x38, 0x3, 0x0, 0x0, {{0x8000, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xf}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xcc, 0x2, 0x7}, {0xf, 0x3, 0x1, "c53646"}}}, @TCF_EM_CONTAINER={0x94, 0x3, 0x0, 0x0, {{0xa, 0x0, 0x9}, "4df6f634484d59066c1cc791a1a537af7f62a2b7c7671bc565a62bb74bfc7bc9d524bd867bb11e99b691063631c2e1b2bea60982bb5756285c53d0ceade6493b8f0305e6eee30e95dc15db210ecd1a087e943dc633f72ff7458c7ad162a18f11f5f94be82f4d4695ac2360bc4c563cd4e005d7591f68e68da8940ebbab7b3f12f0cbbf6d1dd069"}}, @TCF_EM_META={0xbc, 0x1, 0x0, 0x0, {{0x81}, [@TCA_EM_META_RVALUE={0x1e, 0x3, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="ac697de8fead449a50eb"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xc, 0x2, 0x2}, {0x3, 0xfa}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x1]}, @TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_VAR="05d3e38ba9702e106b", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x10, 0x0, 0x3}, {0x9, 0x7}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x2}, {0x9, 0x2}}}, @TCA_EM_META_LVALUE={0x37, 0x2, [@TCF_META_TYPE_VAR="a8bc98b9199c04ae", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="8cdd34547cf8b6c429", @TCF_META_TYPE_VAR="1de73a0fcc", @TCF_META_TYPE_VAR="036a4343c90a", @TCF_META_TYPE_INT, @TCF_META_TYPE_VAR="df9d9aa24452d3bd", @TCF_META_TYPE_VAR="38f63ce1c186fc"]}]}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x9, 0x3, 0x8}, {0x80, 0x7, 0xffffffff, 0x9}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_LIST={0x278, 0x2, 0x0, 0x1, [@TCF_EM_META={0x4c, 0x3, 0x0, 0x0, {{0x5, 0x4, 0x1928}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x6, 0xdf, 0x2}, {0x0, 0x3, 0x2}}}, @TCA_EM_META_RVALUE={0x12, 0x3, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="d923", @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_LVALUE={0x1e, 0x2, [@TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="cf061aac0b652529", @TCF_META_TYPE_VAR="1958"]}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x2, 0x3, 0x9}, {0xeaf7, 0x7400, 0x7, 0xffffffff}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x7, 0x2, 0xff85}, {0x0, 0x5, 0x0, "abc1035c58"}}}, @TCF_EM_IPT={0x1ac, 0x2, 0x0, 0x0, {{0x2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0xdd, 0x5, "6ef8ca88c18b936ce9bbc88fc712fca987693405bc31e05b55a18c656201ef584dfe861a27b54722668f5c98126b2f6da019469ceac31f9bc36c468393e4f83205b1c7c9fef4c738141298741dabc408d685f4372007108c86a7f207cc953c35b460716b7179b438cdd7e3002955da14b7da1e0ff68e2b4e5c62fd094465eea678bff70e769a8edf790410f957ce68a50328d6b38fc3a56683be451e2df295c392f3340d8dc8c0c90edda60b577b96c7d95d6a5b006c06db10a5809b32a4725ca3708c4a69dcde98d9d1ef2f9c9d2cf2a32d4dfb557918de6e"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x5}, @TCA_EM_IPT_MATCH_DATA={0x8b, 0x5, "e1986d0bb4cfb86ebfec333252691f45abdc6492b5165177279cdd457a6be450466eba294baeb95b86e68a1e3a51ae8088ce8291c804bea5d7b91d776b29b91999fd35a4d21690c2fc568f5173d5e1ecdb1f2daa4d68b3cfcaf837b122932ff6f34fd29b946b26a9e76609271a89e1f793c9623f55c25922fd0de01a5b35e73d52b17b6f090279"}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}]}}, @TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x4, 0x9, 0x8}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}]}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xa00, 0x2, 0x9}, {0x6, 0x4, 0x0, "ad7fcffd"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}]}, @TCA_CGROUP_EMATCHES={0x4b8, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x84, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xfff7, 0x3, 0x3}, {0xa, 0x1, 0x9, 0xeb}}}, @TCF_EM_CONTAINER={0x50, 0x1, 0x0, 0x0, {{0x0, 0x0, 0x1ff}, "5b4dbdee12b425bea73338a35bece705880c855a31f28274c87c8d3dc2c2bf73ae269cdfaf186163a668d031519a0ee44c693c4c3556c8a257b1b16ffc94fa42107d0aa3"}}, @TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0xe, 0x2, 0x8000}, {0x6b3b, 0x3, 0x2, "133f7d"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x9}, {0x4, 0x1, 0x1}}}]}, @TCA_EMATCH_TREE_LIST={0x208, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x100, 0x8, 0x8}, {0x0, 0x5, 0x2}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xf, 0x1, 0x3ff}, {0x8, 0x0, 0x7, 0x4, 0xc, 0x2, 0x2}}}, @TCF_EM_CONTAINER={0xa0, 0x3, 0x0, 0x0, {{0x4, 0x0, 0x171}, "ccf20bcfc61ecc60fd886b8d73ff24fb291607d985e02a13372e3d06ce10f3ac0581dc139ebd454a97d10b66bef89e1ca64eefb5bab13bc225faa586395bbeefdc4a50d964b945b5f9149344feb84bbeb24e8f28c6150cc83b284c665a3f7dd24bbf6260b4212368e5b07467b7afea9ceb96ad829c472879112ff3c46ddc63084f38847d1d84ef9bd20ea9abd03f4014676209"}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x0, 0x7, 0x1}, {{0x0, 0x1}, {0x4, 0x0, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x34, 0x1, 0x0, 0x0, {{0x6, 0x0, 0x401}, "bf70ef435131d426f798949465848b0f3570937af9b2ed6522ff2823d63eda127e65b8fe6d"}}, @TCF_EM_META={0x78, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x32, 0x2, [@TCF_META_TYPE_VAR="29edd399", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="94cd2631a6c4b9", @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="3eaf", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="3d4ae92b7b14bd4972"]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x1, 0x1}, {0xd, 0x9}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8001, 0xb, 0x1}, {0x7, 0x2, 0x1}}}, @TCA_EM_META_RVALUE={0x16, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="6ac8", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x6]}]}}, @TCF_EM_IPT={0x30, 0x2, 0x0, 0x0, {{0x8001, 0x9, 0x6}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x7}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x7}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPT={0x20, 0x3, 0x0, 0x0, {{0x1915, 0x9, 0xfc41}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x9, 0x8, 0x515}, {0xffffffffffffffff, 0x4, 0x3}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x8}, {0x5, 0xd0c, 0xfffffff7, 0x412fa7df}}}]}, @TCA_EMATCH_TREE_LIST={0x130, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x2, 0x7, 0xfff7}, {{0x0, 0x0, 0x0, 0x1}, {0x2, 0x0, 0x1}}}}, @TCF_EM_CONTAINER={0x8c, 0x2, 0x0, 0x0, {{0x4, 0x0, 0x8}, "bb85341d0b52fc2059741bf64f398e72eb1de3d74c7d38ca14a76251a341379d9d670e86e44c4c70b6a9fae7ecd0e6f20a58f4d976312207ab90293bdf8cb70c0c935d5074375f2f854b3b9297e620ff8efd7834a5c777751362206d5814a7f62191ed98f0fe363c81d5f60b098c2efa05c4a89cf715a648937705be583b"}}, @TCF_EM_META={0x8c, 0x1, 0x0, 0x0, {{0xfff0, 0x4, 0xb27}, [@TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="cc6dda", @TCF_META_TYPE_INT=0x8]}, @TCA_EM_META_RVALUE={0xb, 0x3, [@TCF_META_TYPE_VAR="490252b7b701d6"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xc3}, {0x28, 0xac}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff, 0x1}, {0x4, 0x8}}}, @TCA_EM_META_LVALUE={0x2a, 0x2, [@TCF_META_TYPE_VAR="b0cb0a", @TCF_META_TYPE_VAR="7f51b022b4a315194e0f", @TCF_META_TYPE_VAR="309b", @TCF_META_TYPE_VAR="3ed9a96e452e5ff2", @TCF_META_TYPE_VAR="ad679f", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR]}, @TCA_EM_META_RVALUE={0xf, 0x3, [@TCF_META_TYPE_VAR="e61e", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="e3284da522"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0xc, 0x2}, {0x3, 0x4, 0x1}}}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0xbc, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x100, 0x7, 0xffff}, {{0x0, 0x1, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x7ff, 0x3, 0x101}, {0x5, 0xffffffff, 0x10001, 0x6}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0xe4, 0x8, 0x3}, {0x0, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x7f, 0x8, 0x6}, {0x4, 0x6, 0x3}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xd, 0x1, 0x4}, {0xf, 0xfffffffd, 0x1, 0x6, 0xa, 0x1, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1ff, 0x3, 0x1}, {0x5, 0x3, 0x9, 0x1}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x8, 0x1, 0x81}, {0x3, 0x9, 0x7, 0x1, 0x5, 0x2}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x8, 0x3, 0x10f}, {0x5, 0x30d, 0x8}}}]}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0xa54}, 0x1, 0x0, 0x0, 0x898}, 0x44)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000002340)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r7}, 0x18)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c)
mount(&(0x7f0000000080)=@sr0, &(0x7f0000000180)='./cgroup\x00', &(0x7f00000001c0)='btrfs\x00', 0xa00001, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000040)=0xe4)
read$FUSE(0xffffffffffffffff, &(0x7f0000000300)={0x2020, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
chown(&(0x7f0000000000)='./cgroup\x00', r9, r10)

1.981977153s ago: executing program 4 (id=1141):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0xa9b, 0x4)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r3, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=virtio,cache=fscache,access=', @ANYRESDEC=0xee01])
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000240)={0x0, 0x0, 0x3f, 0x0, 0x5})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x6a259000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1.937872777s ago: executing program 4 (id=1142):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f00000001c0)={@val, @void, @eth={@empty, @dev, @val={@void, {0x8100, 0x4, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x32, 0x0, @rand_addr=0x64010102, @multicast2}, {0x4e23, 0x0, 0x8}}}}}}, 0x32)
io_uring_enter(r2, 0x70a, 0x41e3, 0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r6, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r6, &(0x7f0000000140), 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='configfs\x00', 0x4000, 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
getdents64(r7, &(0x7f0000000300)=""/154, 0x9a)

1.500316722s ago: executing program 4 (id=1143):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0xa9b, 0x4)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r3, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c) (fail_nth: 2)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=virtio,cache=fscache,access=', @ANYRESDEC=0xee01])
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000240)={0x0, 0x0, 0x3f, 0x0, 0x5})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x6a259000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1.429376122s ago: executing program 4 (id=1144):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000002880), 0x4)
splice(r0, 0x0, r2, 0x0, 0x4, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xc}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1.404457756s ago: executing program 4 (id=1145):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r4, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r4, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000004000850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000180)={&(0x7f0000000040)=[{0x9, 0x2000, 0x1, &(0x7f0000000100)="03"}], 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

1.359487219s ago: executing program 2 (id=1146):
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r0 = getpid()
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
timer_create(0x1, &(0x7f0000000080)={0x0, 0xd, 0x4, @tid=r0}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000080), 0x6e, 0x8440)
r2 = syz_io_uring_setup(0x7dce, &(0x7f0000000600)={0x0, 0x0, 0x1000, 0x2, 0x22c2}, &(0x7f0000000540), &(0x7f00000002c0)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4007, @fd_index=0x1, 0x0, 0x0})
ioctl$FIOCLEX(r1, 0x5451)
io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r5 = openat$apparmor_thread_current(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$isdn_base(0x22, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
unshare(0x22020600)
fcntl$lock(r5, 0x7, &(0x7f0000000280)={0x1, 0x0, 0xca62, 0x7, r0})
pwrite64(r5, 0x0, 0x0, 0x81)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r6, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="3800000c000701020000000000000000030000000cc4488b1c1f024000000000000002800900010073797a30000000000c000640ffffffff"], 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$inet(0x2, 0x2, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4011}, 0x0)
getsockname$packet(r7, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r8, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e000000180002800400120008000100", @ANYRES32=r8, @ANYBLOB], 0x4c}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e000000010000040000fff60700f2ffb29c75ab6f12b871921317db16286f100000395bcd440825f5b4f9f25c4fa599a4ae004ce1478ffa46c63593f9bedca47dacff80b84e71200e9d2b8a3a194bc6eb34aa6da97f412e55c8aeff83e85122fbfa6cd69f2e00a335999f3c11710edc5c28c294e94e2d30d1092d5a565eb70700a8f716efc5269c84447cd8711b877b735c3ba5f5a56d41989b52b1507d93c1821891b97ab9bdc1e2ccb746051bc65d7c5138f9c1e3edce", @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="060000000400"/24, @ANYRES32, @ANYBLOB], 0x50)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x40)

1.358115363s ago: executing program 0 (id=1147):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x4, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1001, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x5, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x40000)
ioctl$NBD_SET_SOCK(r4, 0xab00, 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000)

1.302216537s ago: executing program 2 (id=1148):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0900000004000000060000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000080)=0x2)

1.302059967s ago: executing program 2 (id=1149):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000006010040"])

812.598696ms ago: executing program 2 (id=1150):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r1, &(0x7f0000002b80)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001440)=[{&(0x7f0000000040)='@', 0x1}], 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="14000000840000000700000020000000000000001c"], 0x30}], 0x1, 0x40)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0})
add_key(&(0x7f0000000080)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
sched_setscheduler(0x0, 0x2, 0x0)
read$msr(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='hugetlbfs\x00', 0x0, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$alg(r7, &(0x7f0000008dc0)={0x0, 0x0, &(0x7f0000008cc0)=[{&(0x7f0000008a40)="7c72bf03f7d9c0fd0826786ffcfb99e55c1272594d5be5c7f1de9562bbf652", 0x1f}, {&(0x7f0000008c80)="9d", 0x7fffefe1}], 0x2}, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594011d24fc60", 0x14}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
writev(r0, &(0x7f0000000200), 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r9, 0x0, 0x20000800)
recvmmsg(r9, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000003780)}, 0xffffffff}, {{0x0, 0x0, &(0x7f0000003bc0)}, 0xfffffffc}], 0x2, 0x40000121, 0x0)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r5, 0xc0684113, &(0x7f00000001c0)={0x1, 0x7f, 0x562, 0xa, 0x6, 0x6f, 0x4, 0xfffffffb, 0xd, 0x5, 0x6, 0x4})

565.017609ms ago: executing program 2 (id=1151):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f00000001c0)={@val, @void, @eth={@empty, @dev, @val={@void, {0x8100, 0x4, 0x0, 0x1}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x32, 0x0, @rand_addr=0x64010102, @multicast2}, {0x4e23, 0x0, 0x8}}}}}}, 0x32)
io_uring_enter(r2, 0x70a, 0x41e3, 0x0, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r6, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvmmsg(r6, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='configfs\x00', 0x4000, 0x0)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
getdents64(r7, &(0x7f0000000300)=""/154, 0x9a)

409.754408ms ago: executing program 0 (id=1152):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r2, &(0x7f0000000280), &(0x7f0000000380)=@v2={0x2000000, [{0x6, 0x10}, {0xffffff89, 0x100004}]}, 0x14, 0x3) (async)
r3 = socket$kcm(0x2, 0x5, 0x84) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) (async)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 64)
r4 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000527000/0x4000)=nil, 0x4000, 0x1000001, 0x100010, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}) (rerun: 64)
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r6, &(0x7f0000002d40)=[{{&(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000980)="1d19ead3d9c345347c2a47d2d7937cf2df04835a78af602c2b540ab7c3c69f4e90c08ee47da627c392062242f16f09f7d1c39ad1ae6161d9b92504bb3f3a800816dbd508ff9b665ecad657e8bdacf018dda5721fa3d9992991a85a7f0b544b414cc94bcd5d6bf3e6dbf8cc1f8d19057a7540620fefd0508c5c15dfd033c4abd029d1bfa93ce29e0f0f5c972de3031063fb40250b467a83171d83507b073109080fb8c288d74847cadabd463265d9d9eb1a1001ea430ff450370afd23e2", 0xbd}, {&(0x7f0000000100)="1a", 0x1}, {&(0x7f0000000d00)="ff4db2ce3099c38235a448f9d939bfb80ce60403be715cbe8b2833f1e619839bff4cf3c856140c166e66a1ee9d2e81a9bb660f35df9667473154549f7170ef1406b6c6d6c4f6ac16a666db7ebf482475b1fa05aa1015325fb1547a9ab182eb2774aace6da2e7982a9e881eb983c47e35223fa5a3611cc7bf39f0e553e6914f7c3d1ef8641cf11aa037b01dad4cea78e76472ed64df28cf6aaede45aae0f23aaa299c5e37cb7b64c53758260bd2f27190eb58a9ecf800f8217e2084d50ec37bb7b13530d586becd11f15ef6bd0848538fc026b27194880b0b7cfd7e19f498d8f56c048cc0", 0xe4}, {&(0x7f0000000a40)="e9ab4c94d5be92e6764eb0c77bd25232af0730d03feeabe6a4db9f5324f7ce89156035af2fdaddab1cd3249df81e1c0afc8cc176855e1db0c0f474d4ef5e133c7ea5b840502b49b5c2705c2fad0132cb75a5efb7803b6c683bbc4987ae0434d3f528906e04638dc8fac2a8cb058d", 0x6e}], 0x4, &(0x7f0000002340)=ANY=[@ANYBLOB="140000000100000001000000", @ANYRESOCT=r3, @ANYRES32=r6, @ANYBLOB="1800000001000000020000003f0745506400ec8a6ecebde9e69a5e19def6173e8893cea75e40895b2babd27005314d30e263167ba5888a569046b3fc901703d1606abde601f15f5e0493db455dae314f1f587d5de6b53c39557548d1274a733fc15a482365ae4053872071ef97eeeda34289d997e5522051aa91493e8744e7b5e6e819885b06a7b2ab8a3fd5", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x2c, 0x10}}, {{&(0x7f0000000e80)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000f00)="84eb4ec4afe3e9293bc248c0fd2404d78569a6dd67214e1775df63fc40fb94c081409d0e512bddbf4135b4d204ab01786391c1160ed3c41bdd1edfff76c4b3b252292aff828edb9e185d988d586467f9f114a50e22a71b7977363fe85d4a148512e905a19522de3fe76e4651be27bcb32d08b809c8dc1cfd4e7bb77a4329c2060dae226a047d84c4e482d70a3e79", 0x8e}], 0x1, 0x0, 0x0, 0x400c800}}, {{&(0x7f0000000fc0)=@abs={0xa4c4a86db09ab9d2, 0x0, 0x4e21}, 0x6e, &(0x7f0000002240)=[{&(0x7f0000001040)="711cc9065a91a3f724a03a349c8613d4ad92656aa68e4d4286d427126b4311a9b3f4d3638e60d80a580ab4acc017dff9b3e060592ed86a089bac1d653c33a8da825129032e5fe22f4651d232cad5597e9f38b161d01252520dfd7a9bed5d8e38ef5252a0ac6a3e747001bff11bbc3b7f8a72c3dff8a19fe5e993ee7a039881226a9314ca8e8833f316922db656d1a3b7bee61eb2c203d91b6c74b9f693a4f5415ebd5be0a35d52839a1249eeeb63d7559c93c16244a86ad716c0a9f8c7864e8557237a23ec35fedc743f1127", 0xcc}, {&(0x7f0000001140)="95d51485ebbe1293e7ff0bdd11caffc4b467150441f7bdb2abeeee727784328df5cced7624aeea9bb176bcdbd71bacffbf4490dedd790fa1d38f42b1dbad392db988fd2d74dca86e03c621ae8aa897190e643ad45ab66df05b333a2d0df31ba19635aace3d2563216393f0a939e8b83296a29bbd319dbb356a0b8ff327f7054a6f03ca8aa7a1819e54608d35f884962d34a95d7b887dc4602e98a44d3fd08b9ec93cbdee78c89a5aad04b49869555c87826d01cd0db16dbf63e13a76e5ee66950aa21f6f7f89514c201797a7f1b02b52145efba9aa6bcd574ad4fbf8a4455854", 0xe0}, {&(0x7f0000001240)="f81e28635b77887198b395c9caf8a4b409a1c540e8666bd642ea96d6d879621764b0d7bf39aadeeda2a2e95cb8b359f0f1a4cabd88579ab15d063cc9825390052d62d984161713e8e0871c925435104564ad649647e6c5fccfc5ddbc41219d83774c23cacec890436fb993b70209d5854ba82b56eb97c5cd2f5dac139c9693291e5631c1ab69fab2a0469b92cfe9818383410b377bc8051811ec712eabbef143090076f1ab7bbdf2e16f2197d1bb8bcdd1e4384479c3f59bc1d27f976bdac70ec82217ca06e703bfb6b882e13451be0f207dd9a1a4b2b7b960588134553b63cd5afbe51b755b10ff9fb2189640185bcb239ddf6c809271eac971c709a9f24c105c7abdbd2064484e96e602d390442b7d28a48866d8cc784863b36fd048556b689301436426d2f95951468217f8420c76e1f2390bb3503d0ca3f9738c14769a78a3b4a8a4d8f5cb53a8f1ab310be010ebe5d1c02c08b1295cd7cbebf3e8f1c9d1a7a955ce6e5ea76ff4964c2c41984418a7648222a74208a16ab663734cd81d5b7109babe3eeaa2a3dff95c71c703ac986a1614e46c9a586d2a247929879bd6f8a8312ca7e9f285e1f02c9970eeef4fd020820f18c53bbe6ecd8ea94e505ab9b841ae8da7473fe5a325696998a6d0159b687f8f07253a2230cda9d4247869fb8c4d46e0fb0437a261f24811b3cbf8d620fff8b71b8580ea042697b7620543e2e572c41f7ec1e11fa6e24e08f43e5250c898d93e1decb809968d6771a09dcd0219f5f13ee314dd8011b1b80ff753b6573875446f02c8070d6f3e3fac18219a627cf66b44852bcae7e4fd5324c6a1727144230f82ffeeacf0c4f8ed490009366808090d341ca49023c1106c94b5ec8da6d2736dea3e34d935e9598a6d24a6a4afa9c97e23bccc862faa4453131b27a6c90fff3bc74216d89c00aa1bc3dec45709d9fb449b2bfb7f8339f546b7ce5f97e13ba50cc8748eafee54a6cee9da928b73c61d434ddee1557e2d286146ab5826e004616c05783e0d0d1400d27c052f3afa34f29a403b7120edc277693ca30df9ed7fce597d5cc30a50b34e6477bd72bd3be02176ea63964373cb73482e891e9111b4caab099942b67de17861e674cf056118eab0a44505ef78c04f1048a6f15bdd2396cf92e395cb96e06932ec6532b684b2345b60e55ed806ac2256d5ec307c668519d6d7c5189cb4b156c55dceb8ed82cdbee0cca26437fb87aafac1da4435b390ad92740de81cd88675803cdd0b58f539d3b6d210112e32862fdba16667b21b909b0289d60c0992d3a3b8e02792c21f6cc4a7df9f37e12c44f1564dcfbfd443eeabbc71a4dc25dc5b04e03a9fbf286989e4fbdb36d2351ee3ebf3fa2b72d7a41a2aa066f521e9f7e8e38cd592847681510e1b2b4362e1b1ec0e5d444409dbd2654b077eacd6ca8e17e6f092c43fe3f296b1fa01674e48eb40e0e7d565acc18d5c62318fb09e54b2415a1c977ee4d74a5262575251d92759a34ae2fa8c45e4a1ca977ab8ca7f2720456a2334c010ede82b6977ca971a372c89297be6b75d09d784aaec76e66548dc2d44d9b9db301362d84a395499a6384396ff5fb99c2109b51ba7fdfeb95a6dce88ee1c9a5fa8464ea981eb7588eb692d8a3e85778f9362916b7e42b99a181e9e71c6dcf4c200c92e12fce087b4a0f3ee9027c87e819a0306427b46a7ce4c28a525323a56560627dd4dfcdfd8153400e6ecc79896272c66faddf6cf390f10071f776e5817a0cf22806d994e5c327b51943b3cf7a8fc394d86818dd65e411cfee15b07d23b089c12b5cda9e6337a2c5903835e9ebef15b211f97a2796e8f163d9d920ecac167f12088aba0af0f70051c82dba2a0c8efa5c4dcabbf67d0915ee63c5a75c7e729c63f199364d7b529ea6de997aea6c741bafe6cb684e7d38da16aeb7aeea038587499e9f8fb954f0d2ad9134f767263d76d41c72d8453d2964f2319bbf8e5d488a18221a0cb4c4204a8d22d1d9936c28cbb8569e57814ce0a54814a97bd2aeaaa461714c6c6df2717721fcbc0c79cc8253f664e48e8d3a5a05155a445558596376f1dd1c52348e80b0647af501ff4159a8cbab88adf71edc1320d865b6c0476a27f22a0ce94c9e04a3e438e4f530fbf7e53eab31c6f2324683c0d2538f31d1f3abe58ba4a296c7695234943d2b154a1fbdddf0160891b8a109f09b40863983d7e1ac5aa04927eb040c43420888508f5343f953bb24b06a4315afd05666778324c662616ebc7eaab32720fd24bb7b90bf10599a4649be3848bf47884d087416a0625ac941db1854e22d68dabcc62c306e51a02f54b298a45ed62dc1a6d6c0df148afb7942a84d7a4acbea9c7649ef272196d434cb81a8416c22bc8189840cdf7d37aa3b0d25c43ace942810b7312a3e248b41d9bbfb23dc58d604f4c0f9a8077f938a23f99823d6c4bd894eca4a40e21b740253979c221014379d4d09d6cba53bde0da633a7655fad82a5f98c4e1e4940905108d1e114d63f869dcb4542b48d2bf4782fdaffcf7d8c55c2a9e4c00729fb93dc59a3690d03bc2bdc86e750d07aba822bb2dfe406231bf1086f57ca1f9bf6ae414a3a1d3cc8ec148e4ac8fe19ca9c456bf03d500a7392082ee39425d0f756b9aeca8a3c1252cc731546bd91df3c2a804ba664e4ace5db1e5f8fbe26f4533c628444437972015645f741fba96232bf706a2ad96fb39fb4b0ae5b7bd0d34fd960d8b63539154680392fb033c2b861c385886d7b190cfad0130155fc63e080fb2d1e65a35b92fd14d542dfcf9144bfc57e19d169654014bef67739fc381fd58e53bffcfc4ec55d4bc6ff250e4897897c33a61c505c50526aa16a7f169d42e460e424abfdc4e44604f5a74f755efcb8fda211ad654fe3865d618349c7cf0f46d122696cbe583a198291b0170f3d196a90fd70f8abe7e78db410a6d188d6a22a23762db450c702d2363cd96e26280179b3e8d84e2376ab317cc04d633009ea01bfdaf0adb73f82510752ea7262c607c4a34c35436d11037ba4f1075261c2ebfeea087051af069d5defdba9a005f7badc44d8cd248d7b54861da9980fca4c28b576a8d4154f89ca06a5548104b1f36408164bd23762a3e3d87db136446bbf6377721d2fcea7294145ba279b4e6e708a90f355e65040cba0851a7dafffa5ebc1b301659d7e93f2199efadcc82e10bd17346079dcf29549b910192653657eed7fc910406861ae089dbc851732e3f3237cc01c1b2f31c1b20fa2ea2d165e80af9d21443f8bdd98992c3c6c526654436fd68eda5b5662f4d23f0ed70be07a51502f34dea3510884de080bc5516da0b8448bde08312c515bb626a064dc2655bc3471520a04f1ba3f385ceac80a8b82b5e487160637facb9d86ad0eb6da0ccf4269eff3688f95e8ac6a14cf978187eeb3424d967115bb5045b529a94ee83b016a1583a17a8622f741ca44309a9be460fde416c50ae2a9017559fd5c0ec448153a92fabac1b5065c6374f6a04b92f7e3e63afb9df7bdb384a3540f2c6419a7597552d3b6f377aa39c9b2cd06db11bf9b99082e81237b8066ee5781ce4f9928340ee40cf0953930023bba90495948d69738274f335ea8add38abaf37dcf867d3f57d3a477ed3a80d28d64bf14882d0cd5efd55f529f6e00f542e8addb32e39c528c634554e29a5842b1ca3f7ac5d630eec2f8e99b6884cfa154d52062ad2fc0744dfb38fcc23cdd1a26400c2ba60c2baba4a8ed6f042ba266fa12ceba5c5b545341c53b58487f94b923c7a02fa066e10bfc6bd480f0d97831c093f7d8d03e6300c5557c711c9eda0c1748976fd6185651397b8f479a52d4467dfd0bb100d80f246ae7f5c6900b806030f7bb04bee946aaeb32579df6f708736d76e0ab9152f569b6d229e596781f629b40a1fef80db9bd51203f189fc0ac27b52e48daa0732189e7c1cda529f790dfe0a85e3722d0adea2762fc133c676092b61f831dfa8f9d3256abaec1407e7754fcdc00bd956ad4ebafe274a7ddd39ac19e3df9d992382ca2c1b18860c82ceca4e75c8798b7fb01ad1f9397a5debf9cfd9c6aea58a1294bafdc32b209dbc0e66da9e291b589d013b3a7cacb5507e16eaedc25f2f658bc6aac4b41da319e9ff94af0265f3b0cb2af97b3284415a39ee2999b52d6873b80e1425c1b90b32441d1fd1fd89fbd2a4def1b55412374a238f025c24df8fc4c0c7e0285aadd994c8c0d038ecae7d3cb8c6ab518e20e0bfe9ad72de6edf671debba88914db35c01d8cefb4ed8236883d1941a8ac04789afb41c85517c4e9f0e7330f23d2e4d1b99eb2b7edf1f96ed36684d41f7dfe96d887c2f90639ee046d0b6ae5d87d121dbdd842b3d417bccfdeb0e263837d4239a67f04032aa90bf864c74cc45a4e73a9781f780d64845b34c4eb51d3c5bae032abdc4893cafc792ad731e02f00911c842cdf0ec1c8a82cb4339187c083d72b7610a289a47128ad50614bf70f7b975c32a89f88c3ec038b3a7b2365924a719aa4699faf853c239df1821ea9152c0b087d26a00bd19463cacd9c5d7c7fa44b35b6f937e3f336d2403b4cecfac22d169e3df5a17f531675de799f0867a822bb7319d1b4fee307265d75342f2fefbc7a443a467b9343faf5871d96e8cfc7a4e4f95c269995ceb048d56b16c6a02a06fe18758539d55defadbf24c0193d8438af522c6c0c630935eafdba6fab75a93f0773b526d4182339fde4e2b3464215d10ad4b004b4d0b6214b08685121a65c2a559727d01e9e769e6b4b0af07280fa257a7d8c3938bbafb282cd35d5380cdbbb9788955c936d2874635ab04da7dfca56739d2fb0944f9177e83b4aaeb32eba172f75ecc68f19de914d295af5dc10d2bf5e0bf4107c2a4a5229fd54ccb34018540c0a0b6c867c547c98bb36b97d204624bf92ae4be64cf97e0f5e137ec5a91c5bd70d4f92ca2e51ad1963f5b52d00ae69e7d1f335d7001e2f4c68c4c24b6313f36485a4b861ae39d32d758881f6cec792d4ce59edd56e3cdf5dcc0e5927ca1223c085ac80687b92ee88e8928554a5bb8f58218d17be29fb103d96bb60dc873019e37cfb78e8097697f0c2c175fc062ab221057fb3c1ab361a17f466c17efedb3aac3094dd91a48593a37180957a734ef82ece322311e6e39e53554be23371a4dd0a5c272afbf0a991bbe190ac6a0c2c59ba2e511d2f9c63526277b7bbb89da83778814af8034813b934a819fb9126b23769692c6bca823487ad459e2232907b2122f7741388898edebd5ec2401e8715d3443ea5e7b51a3740f5b3826899ac30e73143cf8d5aa815919ab381b4f6862cf3775d1de21c6e9f7a4a79d531bc3c7c45c62a8a82ceaafc21ba86e3e837ddbd958e08ef4457e6ea6d712ef7a72b0beac29b41f4f9f9b6f2a09a2b686bc5976e6d69777ee4745ba2752ec4358f7016d2d22d96173e97114060eea735b3d874a9eb8cfd5ea067db009ce575f6e0a5dbb2a4f66b4bfb5705a63b91359b4f9146a3c02408572e636054de791e985735a48a4d0094437bf87fd6814d8825551fb7ba542f26b8239e0526849f66414c12134b23cd7f55353552c66147553b0e0dce6eb30c2895ffd8b9796eb19d093b91ed4107de81394afa3110afc2b84600a33cc5e59ebf30bccf383c019be3340a5cfa42bd5bd99b4944dd9eaa9ba5f13a485402a474510453ccfc2ffddce56244e3a09d5c7954139d0bfb0feca3a56fa1529eebda41ba3af6ad090d162f1f5397384031b99f996575b0ac537318a7d874d77120aa55499ddb36e32501feb", 0x1000}], 0x3, &(0x7f0000002280)=ANY=[@ANYBLOB="240000000100000001000000", @ANYRES32=r3, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r3, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="100000000100000001000000", @ANYRES32=r0, @ANYRESDEC, @ANYRES32=0x0, @ANYRES8, @ANYRES32=0x0, @ANYRES16=r3, @ANYRES32=r4, @ANYRES32=0x0, @ANYRESDEC=r0, @ANYBLOB="180000000100000002000000", @ANYRES32=r4, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="140000000100000001000000", @ANYRES32=r2, @ANYRES32=r6], 0xa8, 0x80}}, {{&(0x7f0000002500)=@file={0x0, './file0/../file0\x00'}, 0x6e, &(0x7f0000002a40)=[{&(0x7f0000002580)="904fd2403c288b03d57ba9650a733a1b93b5717b4255aeb9fbdd01fcc63bc52b543f7a33923686859098b09e811cf9dbf1673727df2216756a172d32fef7757d187f8a0d29b051c73dcff0f7e54f0ef782540ffb2efa50c487c3fc23956768aa7284a11f9b6454280f529e3b34b472f691008444dbe8894636ecf011112d3196cf76704fcf7d6ea79a5ba6668cba2a205ea11d5b6aaea7577d5599467c33d5ddae3b8999b53d3b3eca054e890e968ad092cfe0947833c86a8f08b03b94f626217f76b1c44714d387e92fca0c52a6f1a07e6607f7c13d70ebe6", 0xd9}, {&(0x7f0000002680)="d2ece48d7096601c47ba680e5fafd383790f09602e122f7e9526841935ff75921134f63ecc", 0x25}, {&(0x7f00000026c0)="28525a4ca0c0b5e8351643b13468a0e68edace3adcbcc9c05e8281a5025de7d78f0a3d24d5cd812667a2e9380e5d40f9b9caa62c42abd5bc385f366ca8dcccc8dd8e2c8d8f1f5216a31018fa046978f6dee157", 0x53}, {&(0x7f0000002740)="83c579f53a8fc302b2964fb70b34d4de0aa45ef341752946c2d9b4d9053b565cc622be270aff31d7acc6fcb2fe239bad01e0d8c9237cf5a6fcab34edfe1afb5f7ac487c3c72391658daf19a5122ea97637c01b020cff7318ad751b0ab5a7f5aba8a7ac5027b5429b21e73ac6ee1e26a7d23c0766775517e13fcf2fc4b9d63ef1ed62edb432e726e74718c47e48a3fe0896db788b0dc385b616f40ae13df9a2b88cc8159e47afcb676ffe7c05071d725d5a10ea9c20433a454ed614932a23bdce557d949bdd3b129dd434a928492180", 0xcf}, {&(0x7f0000002840)="f2b7cae3e1c6faca54ac6c79b8c63da1f9bd815bbd1eb7446456e1a04994e1fb03786479af9dff57da26317c642675bd1642e9a9e42d7064358e39b310cd44357df5ecfe710612d5dbd0e023", 0x4c}, {&(0x7f00000028c0)="a379550f3a5e95d306fb483fb703fb6768ff8ce91327693ac8e000d84e473cfc80b4255c85b53ceaec57601395bb4978a160bba9696a9af2a599cc2783ad7f84143748da7033c5f993e7dc5c1e47b9b6c7dffdcfc40d240b16b8e46939fd47cc87310e4d9e6b5432e5577a1d18d491894342b1c66bd6c6f9974e120e4d69bbff0e50cb31451f07fef0429b5fa06eda7eabfbe732447097252299ef0610bd9fb9eb0996eae71a145388daa723863c5ca11995967119", 0xb5}, {&(0x7f0000002980)="5af0c13ed7453a7941e24185bdbbcb288b49b7b1021db06ded9d4c6be86f17a0be26f230f9b631f73ef027a93573d13d190eaad35af31d11eabd3890eda3c1e93a259410bb59132a2c0c0d00292246d494fc4273c95b2cf3f59c331fb667a041a9c234a77524abd83431dc1a15a0b7888ddf8310f0494ba575779207b47a700c6db2d0564d247e4c2b38b073b49e3f79fc49f8bf69f8d6c547edeb22dfab8921", 0xa0}], 0x7, &(0x7f0000000e00)=ANY=[@ANYBLOB="340000000100000001000000", @ANYRES32=r3, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="1805000000000000004f361ebf000000f0ffffff01000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x4c, 0xc085}}], 0x4, 0x0) (async)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 64)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000002400)={[{0x4, 0x5, 0x7, 0x4, 0x3, 0x2, 0x6, 0xb2, 0x2, 0x9, 0x3, 0x81, 0x5}, {0x6a2, 0x50, 0x6e, 0xed, 0x8, 0xf5, 0x4, 0x89, 0xf6, 0x3, 0x2a, 0x4d, 0x6}, {0x2040000, 0x4, 0x3, 0x6, 0x4a, 0xbc, 0x1, 0x5, 0x0, 0x6, 0x4, 0xf, 0x2}], 0x5}) (async, rerun: 64)
recvmmsg(r5, &(0x7f00000000c0), 0x0, 0x102, 0x0) (async)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x9, 0x6b0f03)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f00000000c0)='dctcp-reno\x00', 0xb)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000640)={'team0\x00', <r9=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r2, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680), ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x1, 0x6, &(0x7f00000006c0)=[0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x72, &(0x7f0000000740)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000780), &(0x7f00000003c0), 0x8, 0x21, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14010000", @ANYRES16=0x0, @ANYBLOB="000127bd7000fedbdf25110000003400018008000300020000001400020076657468315f746f5f626f6e6400000014000200626f6e6430000000000000000000000014000180080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="44000180080003000000000014000200766c616e30000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="1400020074756e6c3000000000000000000000002c000180140002006970366772657461703000000000000014000200627269646765300000000000000000002c00018014000200766972745f7769666930000000000000140002006e657464657673696d300000000000001c00018008000100", @ANYRES32=r9, @ANYBLOB="08000100008ce541a5fc06ec109bb47e8a84282710706ca1d2944db72ae08a10ee21710ff3dbe4b0308450dd76ff08f7118a31a8787215326de6012b0a8bdd204165db990818df7de61dbfa2e7a419311f0d76bc4320e6c5571a3534bea606c2fe7c9d89c19df7fe7649efc08ce16b6f97024238f59b7c70e22d43d39d125c72", @ANYRES32=r10, @ANYBLOB="0800030000000000"], 0x114}, 0x1, 0x0, 0x0, 0x20004044}, 0x20000001)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYRES16=r6, @ANYRES16=r3, @ANYRESHEX=r4], 0x5c}, 0x1, 0x0, 0x0, 0x400c004}, 0x81) (async)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x4001, 0x0, @empty, 0xd}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x50) (async)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

380.589898ms ago: executing program 4 (id=1153):
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='h', 0x1, 0x0, 0x0, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000001fc0)=[{}], 0x1, 0x0, 0x0, 0x2, 0x0, 0x2})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = syz_usbip_server_init(0x2)
ioctl$SOUND_PCM_READ_RATE(0xffffffffffffffff, 0x80045002, &(0x7f0000000000))
read$FUSE(r1, &(0x7f0000003b80)={0x2020}, 0x2020)
munlockall()
fsopen(&(0x7f00000003c0)='hpfs\x00', 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000779000/0x1000)=nil, 0x1000, 0xf)

281.97853ms ago: executing program 5 (id=1154):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000002880), 0x4)
splice(r0, 0x0, r2, 0x0, 0x4, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0xc}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

220.764207ms ago: executing program 5 (id=1155):
r0 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x119002, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x4, {0x9, 0x1001, 0xffff, 0x9}})
lsetxattr$security_ima(&(0x7f0000000080)='.\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x3, 0x2, 0x3, 0x1}, 0x9, 0x3)

220.504975ms ago: executing program 5 (id=1156):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x6, &(0x7f0000006680))
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000006010040"])

132.161807ms ago: executing program 0 (id=1157):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x60, 0x10, 0x44b, 0x70bd2c, 0x25dfdbfc, {0x7a, 0x0, 0x0, 0x0, 0x1000, 0x9020}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x30, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x63}, @IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_HASH_MAX={0x8, 0x1b, 0xf4b}, @IFLA_BR_NF_CALL_IP6TABLES={0x5, 0x25, 0x1}, @IFLA_BR_NF_CALL_IPTABLES={0x5}]}}}]}, 0x60}}, 0x0)

52.253943ms ago: executing program 0 (id=1158):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x44}}, 0x0)

46.329161ms ago: executing program 5 (id=1159):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000000140)=0x8)
r3 = accept4(r1, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/3, 0x3}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
ioctl$TCFLSH(r0, 0x5608, 0x0)

46.089901ms ago: executing program 0 (id=1160):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0xa, 0x2000, 0x0, @mcast1}, 0x0, {[0x692]}}, 0x5c)

0s ago: executing program 0 (id=1161):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x7600, 0xfeff) (fail_nth: 9)

kernel console output (not intermixed with test programs):

face
[  164.636510][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.640859][   T58] bond0 (unregistering): Released all slaves
[  164.650498][ T8352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.653695][ T8352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.665050][ T8352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.752949][ T8419] vhci_hcd: connection closed
[  164.756054][   T46] vhci_hcd: stop threads
[  164.759669][   T46] vhci_hcd: release socket
[  164.763717][   T46] vhci_hcd: disconnect device
[  164.810412][ T5295] Bluetooth: hci0: command tx timeout
[  164.844009][ T8352] hsr_slave_0: entered promiscuous mode
[  164.846305][ T8352] hsr_slave_1: entered promiscuous mode
[  164.995393][ T8437] netlink: 12 bytes leftover after parsing attributes in process `syz.2.580'.
[  165.090095][   T58] hsr_slave_0: left promiscuous mode
[  165.092272][   T58] hsr_slave_1: left promiscuous mode
[  165.094446][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.097711][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.102981][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.128188][   T58] veth1_macvtap: left promiscuous mode
[  165.131532][   T58] veth0_macvtap: left promiscuous mode
[  165.133874][   T58] veth1_vlan: left promiscuous mode
[  165.136040][   T58] veth0_vlan: left promiscuous mode
[  165.280217][   T65] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  165.431866][   T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  165.436593][   T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.442129][   T65] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  165.446040][   T65] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.462104][   T65] usb 7-1: config 0 descriptor??
[  165.604829][ T8459] ptrace attach of "/syz-executor exec"[8212] was attempted by "/syz-executor exec"[8459]
[  165.707979][   T65] usbhid 7-1:0.0: can't add hid device: -71
[  165.710117][   T65] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  165.713932][   T65] usb 7-1: USB disconnect, device number 12
[  166.052647][ T8463] overlayfs: overlapping lowerdir path
[  166.329857][ T5295] Bluetooth: hci2: command tx timeout
[  166.552155][ T8482] random: crng reseeded on system resumption
[  166.605523][ T8352] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  166.611919][ T8352] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  166.617099][ T8352] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  166.618256][ T8485] input: syz0 as /devices/virtual/input/input9
[  166.638758][ T8485] netlink: 'syz.0.590': attribute type 1 has an invalid length.
[  166.681729][ T8485] bond1: entered promiscuous mode
[  166.683771][ T8485] 8021q: adding VLAN 0 to HW filter on device bond1
[  166.686934][ T8352] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  166.717146][ T8485] netlink: 8 bytes leftover after parsing attributes in process `syz.0.590'.
[  166.810921][ T8352] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.876569][ T8352] 8021q: adding VLAN 0 to HW filter on device team0
[  166.896667][ T1204] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.899017][ T1204] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.914441][ T1204] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.916771][ T1204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.109313][ T8352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.255307][ T8352] veth0_vlan: entered promiscuous mode
[  167.262157][ T8352] veth1_vlan: entered promiscuous mode
[  167.288164][ T8352] veth0_macvtap: entered promiscuous mode
[  167.311459][ T8352] veth1_macvtap: entered promiscuous mode
[  167.323617][ T8352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.329032][ T8352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.336921][ T8352] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.339903][ T8352] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.342982][ T8352] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.345795][ T8352] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.398885][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.403223][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.415806][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.418454][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.601972][   T34] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  167.644250][ T8553] netlink: 12 bytes leftover after parsing attributes in process `syz.5.596'.
[  167.754324][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  167.758975][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.764254][   T34] usb 9-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  167.773832][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.792410][   T34] usb 9-1: config 0 descriptor??
[  167.998656][   T34] usbhid 9-1:0.0: can't add hid device: -71
[  168.000748][   T34] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  168.007910][   T34] usb 9-1: USB disconnect, device number 2
[  168.325421][ T8579] overlayfs: overlapping lowerdir path
[  168.399859][ T5295] Bluetooth: hci2: command tx timeout
[  169.189180][ T8603] input: syz0 as /devices/virtual/input/input10
[  169.318681][ T8607] netlink: 4800 bytes leftover after parsing attributes in process `syz.0.605'.
[  169.801131][ T5983] vhci_hcd: vhci_device speed not set
[  169.934594][ T8636] ptrace attach of "/syz-executor exec"[8352] was attempted by "/syz-executor exec"[8636]
[  170.086211][ T8638] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  170.490770][ T5295] Bluetooth: hci1: command tx timeout
[  170.490784][ T5946] Bluetooth: hci2: command tx timeout
[  170.501866][ T8669] netlink: 12 bytes leftover after parsing attributes in process `syz.2.619'.
[  170.504908][ T8669] netlink: 'syz.2.619': attribute type 1 has an invalid length.
[  170.507870][ T8669] netlink: 28 bytes leftover after parsing attributes in process `syz.2.619'.
[  171.131764][ T8685] FAULT_INJECTION: forcing a failure.
[  171.131764][ T8685] name failslab, interval 1, probability 0, space 0, times 0
[  171.135846][ T8685] CPU: 3 UID: 0 PID: 8685 Comm: syz.2.624 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  171.135860][ T8685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.135867][ T8685] Call Trace:
[  171.135871][ T8685]  <TASK>
[  171.135875][ T8685]  dump_stack_lvl+0x16c/0x1f0
[  171.135894][ T8685]  should_fail_ex+0x512/0x640
[  171.135910][ T8685]  ? __kvmalloc_node_noprof+0x122/0x600
[  171.135924][ T8685]  should_failslab+0xc2/0x120
[  171.135938][ T8685]  __kvmalloc_node_noprof+0x135/0x600
[  171.135950][ T8685]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  171.135961][ T8685]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  171.135978][ T8685]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  171.135988][ T8685]  __kvm_mmu_topup_memory_cache+0x450/0x600
[  171.136002][ T8685]  mmu_topup_memory_caches+0x25/0x170
[  171.136018][ T8685]  kvm_mmu_load+0xd9/0x22a0
[  171.136034][ T8685]  ? kvm_apic_has_interrupt+0xb5/0x190
[  171.136046][ T8685]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  171.136060][ T8685]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  171.136073][ T8685]  ? __pfx_kvm_mmu_load+0x10/0x10
[  171.136088][ T8685]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  171.136099][ T8685]  ? kvm_check_and_inject_events+0x71c/0x1310
[  171.136118][ T8685]  ? vmx_get_nmi_mask+0x70/0x1c0
[  171.136131][ T8685]  vcpu_run+0x3446/0x5390
[  171.136146][ T8685]  ? __lock_acquire+0xaa4/0x1ba0
[  171.136164][ T8685]  ? __pfx_vcpu_run+0x10/0x10
[  171.136180][ T8685]  ? fpu_swap_kvm_fpstate+0x235/0x4a0
[  171.136193][ T8685]  ? __local_bh_enable_ip+0xa4/0x120
[  171.136208][ T8685]  ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  171.136222][ T8685]  kvm_arch_vcpu_ioctl_run+0x51e/0x18c0
[  171.136241][ T8685]  kvm_vcpu_ioctl+0x5e9/0x1680
[  171.136258][ T8685]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  171.136273][ T8685]  ? tomoyo_path_number_perm+0x18d/0x580
[  171.136288][ T8685]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.136301][ T8685]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.136317][ T8685]  ? do_vfs_ioctl+0x512/0x1990
[  171.136331][ T8685]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  171.136357][ T8685]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  171.136373][ T8685]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  171.136388][ T8685]  ? __fget_files+0x20e/0x3c0
[  171.136397][ T8685]  ? __fput_deferred+0x370/0x370
[  171.136412][ T8685]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  171.136428][ T8685]  __ia32_compat_sys_ioctl+0x24f/0x360
[  171.136445][ T8685]  __do_fast_syscall_32+0x73/0x120
[  171.136462][ T8685]  do_fast_syscall_32+0x32/0x80
[  171.136478][ T8685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.136491][ T8685] RIP: 0023:0xf704e579
[  171.136499][ T8685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  171.136509][ T8685] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  171.136519][ T8685] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  171.136526][ T8685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  171.136531][ T8685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  171.136537][ T8685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  171.136543][ T8685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.136556][ T8685]  </TASK>
[  171.194832][ T8688] overlayfs: overlapping lowerdir path
[  171.195638][    C3] vkms_vblank_simulate: vblank timer overrun
[  171.249032][    C3] vkms_vblank_simulate: vblank timer overrun
[  171.250989][    C3] hrtimer: interrupt took 111278768 ns
[  171.351045][    C3] vkms_vblank_simulate: vblank timer overrun
[  171.538716][ T8699] overlayfs: overlapping lowerdir path
[  171.877342][ T8717] FAULT_INJECTION: forcing a failure.
[  171.877342][ T8717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.883889][ T8717] CPU: 1 UID: 0 PID: 8717 Comm: syz.0.636 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  171.883922][ T8717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.883935][ T8717] Call Trace:
[  171.883940][ T8717]  <TASK>
[  171.883962][ T8717]  dump_stack_lvl+0x16c/0x1f0
[  171.883992][ T8717]  should_fail_ex+0x512/0x640
[  171.884020][ T8717]  _copy_to_user+0x32/0xd0
[  171.884037][ T8717]  bpf_test_finish.isra.0+0x50c/0x690
[  171.884061][ T8717]  ? find_held_lock+0x2b/0x80
[  171.884078][ T8717]  ? __might_fault+0xe3/0x190
[  171.884099][ T8717]  ? __might_fault+0xe3/0x190
[  171.884120][ T8717]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  171.884148][ T8717]  ? _copy_from_user+0x59/0xd0
[  171.884179][ T8717]  bpf_prog_test_run_xdp+0xa0d/0x1540
[  171.884210][ T8717]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  171.884234][ T8717]  ? __might_fault+0xe0/0x190
[  171.884258][ T8717]  ? fput+0x70/0xf0
[  171.884279][ T8717]  ? __bpf_prog_get+0xa0/0x290
[  171.884298][ T8717]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  171.884320][ T8717]  __sys_bpf+0x1485/0x4d80
[  171.884345][ T8717]  ? __pfx___sys_bpf+0x10/0x10
[  171.884371][ T8717]  ? ksys_write+0x190/0x240
[  171.884389][ T8717]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  171.884429][ T8717]  ? fput+0x70/0xf0
[  171.884450][ T8717]  ? ksys_write+0x1b9/0x240
[  171.884466][ T8717]  ? __pfx_ksys_write+0x10/0x10
[  171.884488][ T8717]  __ia32_sys_bpf+0x76/0xe0
[  171.884515][ T8717]  __do_fast_syscall_32+0x73/0x120
[  171.884544][ T8717]  do_fast_syscall_32+0x32/0x80
[  171.884568][ T8717]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  171.884586][ T8717] RIP: 0023:0xf7f96579
[  171.884601][ T8717] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  171.884618][ T8717] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  171.884637][ T8717] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[  171.884648][ T8717] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  171.884657][ T8717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  171.884668][ T8717] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  171.884678][ T8717] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  171.884699][ T8717]  </TASK>
[  172.020868][ T6001] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  172.031138][ T8726] evm: overlay not supported
[  172.181157][ T6001] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  172.184852][ T6001] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  172.188402][ T6001] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  172.192022][ T6001] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  172.196167][ T6001] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  172.199118][ T6001] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.203518][ T6001] usb 10-1: config 0 descriptor??
[  172.205927][ T8703] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  172.338391][ T8750] overlayfs: failed to resolve './file1': -2
[  172.417533][   T64] IPVS: starting estimator thread 0...
[  172.426450][ T8763] netlink: 36 bytes leftover after parsing attributes in process `syz.2.648'.
[  172.459375][ T8765] x_tables: duplicate underflow at hook 1
[  172.482546][ T8766] netlink: 'syz.0.647': attribute type 7 has an invalid length.
[  172.509915][ T8761] IPVS: using max 42 ests per chain, 100800 per kthread
[  172.522998][ T8768] syz.2.650: vmalloc error: size 8192, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  172.531383][ T8768] CPU: 1 UID: 0 PID: 8768 Comm: syz.2.650 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  172.531407][ T8768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  172.531419][ T8768] Call Trace:
[  172.531425][ T8768]  <TASK>
[  172.531432][ T8768]  dump_stack_lvl+0x16c/0x1f0
[  172.531475][ T8768]  warn_alloc+0x248/0x3a0
[  172.531499][ T8768]  ? __pfx_warn_alloc+0x10/0x10
[  172.531520][ T8768]  ? alloc_pages_mpol+0x25a/0x550
[  172.531543][ T8768]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  172.531575][ T8768]  __vmalloc_node_range_noprof+0x12d2/0x1540
[  172.531612][ T8768]  ? xt_compat_init_offsets+0xe6/0x1f0
[  172.531639][ T8768]  ? __kasan_kmalloc+0xaa/0xb0
[  172.531658][ T8768]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  172.531682][ T8768]  ? ip_setsockopt+0xcb/0xf0
[  172.531706][ T8768]  ? do_sock_setsockopt+0x224/0x470
[  172.531727][ T8768]  ? __sys_setsockopt+0x120/0x1a0
[  172.531747][ T8768]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  172.531772][ T8768]  ? xt_compat_init_offsets+0xe6/0x1f0
[  172.531795][ T8768]  vmalloc_noprof+0x6b/0x90
[  172.531811][ T8768]  ? xt_compat_init_offsets+0xe6/0x1f0
[  172.531829][ T8768]  xt_compat_init_offsets+0xe6/0x1f0
[  172.531851][ T8768]  translate_compat_table+0x1fe/0x1830
[  172.531889][ T8768]  ? __might_fault+0xe3/0x190
[  172.531912][ T8768]  ? __pfx_translate_compat_table+0x10/0x10
[  172.531958][ T8768]  compat_do_replace+0x255/0x3c0
[  172.531985][ T8768]  ? __pfx_compat_do_replace+0x10/0x10
[  172.532010][ T8768]  ? __pfx_aa_get_newest_label+0x10/0x10
[  172.532033][ T8768]  ? rcu_is_watching+0x12/0xc0
[  172.532056][ T8768]  ? bpf_lsm_capable+0x9/0x10
[  172.532071][ T8768]  ? security_capable+0x7e/0x260
[  172.532094][ T8768]  do_ipt_set_ctl+0x55d/0xa60
[  172.532117][ T8768]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  172.532136][ T8768]  ? find_held_lock+0x2b/0x80
[  172.532155][ T8768]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  172.532179][ T8768]  ? lockdep_hardirqs_on+0x7c/0x110
[  172.532204][ T8768]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  172.532234][ T8768]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  172.532263][ T8768]  ? nf_sockopt_find.constprop.0+0x222/0x290
[  172.532288][ T8768]  nf_setsockopt+0x8a/0xf0
[  172.532311][ T8768]  ip_setsockopt+0xcb/0xf0
[  172.532334][ T8768]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  172.532355][ T8768]  do_sock_setsockopt+0x224/0x470
[  172.532378][ T8768]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  172.532425][ T8768]  __sys_setsockopt+0x120/0x1a0
[  172.532447][ T8768]  __ia32_sys_setsockopt+0xbc/0x160
[  172.532463][ T8768]  ? lockdep_hardirqs_on+0x7c/0x110
[  172.532485][ T8768]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  172.532511][ T8768]  __do_fast_syscall_32+0x73/0x120
[  172.532539][ T8768]  do_fast_syscall_32+0x32/0x80
[  172.532563][ T8768]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  172.532582][ T8768] RIP: 0023:0xf704e579
[  172.532595][ T8768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  172.532612][ T8768] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  172.532629][ T8768] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000000
[  172.532639][ T8768] RDX: 0000000000000040 RSI: 0000000080000400 RDI: 0000000000000310
[  172.532650][ T8768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  172.532659][ T8768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  172.532669][ T8768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  172.532694][ T8768]  </TASK>
[  172.532753][ T8768] Mem-Info:
[  172.559979][ T5946] Bluetooth: hci2: command tx timeout
[  172.560995][ T8768] active_anon:8549 inactive_anon:0 isolated_anon:0
[  172.560995][ T8768]  active_file:11781 inactive_file:39892 isolated_file:0
[  172.560995][ T8768]  unevictable:1768 dirty:444 writeback:0
[  172.560995][ T8768]  slab_reclaimable:10605 slab_unreclaimable:56109
[  172.560995][ T8768]  mapped:26556 shmem:3805 pagetables:1019
[  172.560995][ T8768]  sec_pagetables:304 bounce:0
[  172.560995][ T8768]  kernel_misc_reclaimable:0
[  172.560995][ T8768]  free:46254 free_pcp:1505 free_cma:0
[  172.679799][ T8768] Node 0 active_anon:2840kB inactive_anon:0kB active_file:392kB inactive_file:15268kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7712kB dirty:124kB writeback:0kB shmem:3796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9040kB pagetables:752kB sec_pagetables:1128kB all_unreclaimable? yes Balloon:0kB
[  172.682066][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.693404][ T8768] Node 1 active_anon:31356kB inactive_anon:0kB active_file:46732kB inactive_file:144300kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98512kB dirty:1652kB writeback:0kB shmem:11424kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3708kB pagetables:3324kB sec_pagetables:88kB all_unreclaimable? no Balloon:0kB
[  172.695433][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.707138][ T8768] Node 0 DMA free:3264kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:136kB local_pcp:20kB free_cma:0kB
[  172.714104][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.719623][ T8768] lowmem_reserve[]: 0 293 293 293 293
[  172.722945][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.724980][ T8768] Node 0 DMA32 free:24580kB boost:6144kB min:19592kB low:22952kB high:26312kB reserved_highatomic:4096KB active_anon:2840kB inactive_anon:0kB active_file:392kB inactive_file:15268kB unevictable:3536kB writepending:124kB present:1032196kB managed:300196kB mlocked:0kB bounce:0kB free_pcp:1732kB local_pcp:152kB free_cma:0kB
[  172.728999][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.737260][ T8768] lowmem_reserve[]:
[  172.740646][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.740701][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.742185][ T8768]  0
[  172.744640][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.747134][ T8768]  0 0 0 0
[  172.747154][ T8768] Node 1 DMA32 free:156324kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:31344kB inactive_anon:0kB active_file:46732kB inactive_file:144300kB unevictable:3536kB writepending:1652kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:4128kB local_pcp:980kB free_cma:0kB
[  172.748095][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.750873][ T8768] lowmem_reserve[]:
[  172.751803][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.761700][ T8768]  0 0 0 0 0
[  172.761723][ T8768] Node 0 DMA: 54*4kB (UE) 21*8kB (UE) 18*16kB (UE) 13*32kB (U) 6*64kB (UE) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 3264kB
[  172.761828][ T8768] Node 0 DMA32: 293*4kB (UMEH) 172*8kB (UMH) 59*16kB (UMEH) 141*32kB (UMH) 73*64kB (UMEH) 23*128kB (UMEH) 13*256kB (UMH) 9*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 24580kB
[  172.761916][ T8768] Node 1 DMA32: 193*4kB (UME) 483*8kB (UM) 177*16kB (UM) 230*32kB (UM) 267*64kB (UME) 47*128kB (UM) 14*256kB (UM) 10*512kB (UME) 15*1024kB (UM) 10*2048kB (UME) 18*4096kB (UM) = 156204kB
[  172.762006][ T8768] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.762015][ T8768] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  172.762023][ T8768] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  172.762031][ T8768] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  172.762039][ T8768] 55474 total pagecache pages
[  172.762043][ T8768] 0 pages in swap cache
[  172.762047][ T8768] Free swap  = 124996kB
[  172.762051][ T8768] Total swap = 124996kB
[  172.762056][ T8768] 524155 pages RAM
[  172.762060][ T8768] 0 pages HighMem/MovableOnly
[  172.762064][ T8768] 208195 pages reserved
[  172.762067][ T8768] 0 pages cma reserved
[  172.811431][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.813885][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.816358][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.818813][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.821888][ T6001] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  172.825012][ T6001] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  172.838737][ T6001] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  173.086674][ T8788] overlayfs: overlapping lowerdir path
[  173.190026][ T8796] input: syz0 as /devices/virtual/input/input11
[  173.932864][ T8711] usb 10-1: string descriptor 0 read error: -2
[  173.937899][ T8702] delete_channel: no stack
[  174.090149][ T1019] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  174.260336][ T1019] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  174.265624][ T1019] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.269397][ T1019] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  174.273819][ T1019] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.332850][ T1019] usb 7-1: config 0 descriptor??
[  174.604866][ T1019] usbhid 7-1:0.0: can't add hid device: -71
[  174.608389][ T1019] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  174.706876][ T5983] usb 10-1: USB disconnect, device number 2
[  174.737567][ T1019] usb 7-1: USB disconnect, device number 13
[  174.828469][ T8861] lo speed is unknown, defaulting to 1000
[  174.830199][ T8861] lo speed is unknown, defaulting to 1000
[  174.832715][ T8861] lo speed is unknown, defaulting to 1000
[  175.063887][ T8861] infiniband s
z1: set active
[  175.063913][ T8861] infiniband s
z1: added lo
[  175.086653][  T834] lo speed is unknown, defaulting to 1000
[  175.094488][ T8861] RDS/IB: s
z1: added
[  175.094525][ T8861] smc: adding ib device s
z1 with port count 1
[  175.094535][ T8861] smc:    ib device s
z1 port 1 has pnetid 
[  175.095363][ T8861] lo speed is unknown, defaulting to 1000
[  175.175604][ T8861] lo speed is unknown, defaulting to 1000
[  175.241650][ T6001] lo speed is unknown, defaulting to 1000
[  175.260696][ T8861] lo speed is unknown, defaulting to 1000
[  175.344234][ T8861] lo speed is unknown, defaulting to 1000
[  175.372192][ T5983] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  175.463475][ T8885] netlink: 12 bytes leftover after parsing attributes in process `syz.4.669'.
[  175.547774][ T5983] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  175.553048][ T5983] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  175.557595][ T5983] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  175.563456][ T5983] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.571619][ T8856] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  175.581554][ T5983] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  175.744832][ T8888] overlayfs: overlapping lowerdir path
[  176.002707][ T7286] usb 10-1: USB disconnect, device number 3
[  176.285971][ T8898] netlink: 12 bytes leftover after parsing attributes in process `syz.2.671'.
[  176.665918][ T8913] input: syz0 as /devices/virtual/input/input12
[  176.919775][   T34] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  177.071148][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  177.075002][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.078232][   T34] usb 9-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  177.082489][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.086371][   T34] usb 9-1: config 0 descriptor??
[  177.252512][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  177.252524][   T40] audit: type=1326 audit(1747560733.198:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.261662][   T40] audit: type=1326 audit(1747560733.198:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.268642][   T40] audit: type=1326 audit(1747560733.208:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.278133][   T40] audit: type=1326 audit(1747560733.208:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.288156][   T40] audit: type=1326 audit(1747560733.208:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.293216][   T34] usbhid 9-1:0.0: can't add hid device: -71
[  177.296225][   T40] audit: type=1326 audit(1747560733.208:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=438 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.299225][   T34] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  177.307070][   T40] audit: type=1326 audit(1747560733.208:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.310780][   T34] usb 9-1: USB disconnect, device number 3
[  177.317246][   T40] audit: type=1326 audit(1747560733.208:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.330139][   T40] audit: type=1326 audit(1747560733.208:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.337595][   T40] audit: type=1326 audit(1747560733.208:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8919 comm="syz.2.678" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf704e579 code=0x7ffc0000
[  177.610115][ T6001] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  177.760173][ T6001] usb 5-1: Using ep0 maxpacket: 16
[  177.764444][ T6001] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.768920][ T6001] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  177.772872][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.780604][ T6001] usb 5-1: config 0 descriptor??
[  177.855770][ T8937] overlayfs: overlapping lowerdir path
[  178.022964][ T6001] usbhid 5-1:0.0: can't add hid device: -71
[  178.027536][ T6001] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  178.036398][ T6001] usb 5-1: USB disconnect, device number 12
[  178.722944][ T8952] overlayfs: overlapping lowerdir path
[  178.886273][ T7546] libceph: connect (1)[c::]:6789 error -101
[  178.889321][ T7546] libceph: mon0 (1)[c::]:6789 connect error
[  179.140420][ T8972] Cannot find del_set index 3 as target
[  179.150218][ T5983] libceph: connect (1)[c::]:6789 error -101
[  179.152338][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  179.296169][ T8983] random: crng reseeded on system resumption
[  179.334770][ T8983] bridge9: entered promiscuous mode
[  179.623031][ T8993] netlink: 'syz.5.691': attribute type 7 has an invalid length.
[  179.659988][ T5983] libceph: connect (1)[c::]:6789 error -101
[  179.662047][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  179.672627][ T8965] ceph: No mds server is up or the cluster is laggy
[  179.842059][ T9017] overlayfs: overlapping lowerdir path
[  179.904027][ T9023] overlayfs: overlapping lowerdir path
[  180.079774][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  180.079943][ T5949] Bluetooth: hci4: command 0x1003 tx timeout
[  180.480100][ T5946] Bluetooth: hci3: command 0x0406 tx timeout
[  180.481502][ T5949] Bluetooth: hci1: command 0x0406 tx timeout
[  181.286058][ T9072] overlayfs: overlapping lowerdir path
[  181.514109][ T9084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.701'.
[  181.746686][ T9097] overlayfs: overlapping lowerdir path
[  182.210016][ T7286] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  182.296994][ T9121] netlink: 4 bytes leftover after parsing attributes in process `syz.4.714'.
[  182.372433][ T7286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  182.376212][ T7286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.379480][ T7286] usb 10-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  182.382693][ T7286] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.386857][ T7286] usb 10-1: config 0 descriptor??
[  182.395403][ T9129] Bluetooth: MGMT ver 1.23
[  182.422313][ T9129] netlink: 12 bytes leftover after parsing attributes in process `syz.4.716'.
[  182.430658][ T9131] overlayfs: overlapping lowerdir path
[  182.513969][ T9135] overlayfs: overlapping lowerdir path
[  182.617377][ T7286] usbhid 10-1:0.0: can't add hid device: -71
[  182.619869][ T7286] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  182.627657][ T7286] usb 10-1: USB disconnect, device number 4
[  182.711834][ T9143] netlink: 8 bytes leftover after parsing attributes in process `syz.4.719'.
[  183.157045][ T9157] netlink: 4 bytes leftover after parsing attributes in process `syz.2.722'.
[  183.160954][ T9159] netlink: 4 bytes leftover after parsing attributes in process `syz.5.723'.
[  183.654759][ T9179] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.727'.
[  183.658854][ T9178] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.727'.
[  183.997220][ T9186] overlayfs: overlapping lowerdir path
[  184.343958][ T9197] netlink: 4 bytes leftover after parsing attributes in process `syz.5.732'.
[  184.356615][ T9191] overlayfs: overlapping lowerdir path
[  184.427428][ T9203] netlink: 72 bytes leftover after parsing attributes in process `syz.4.734'.
[  185.295626][   T40] kauditd_printk_skb: 27 callbacks suppressed
[  185.295644][   T40] audit: type=1326 audit(1747560741.238:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.4.735" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7fc00000
[  185.410350][ T9231] overlayfs: overlapping lowerdir path
[  185.943330][ T9245] overlayfs: overlapping lowerdir path
[  186.562175][ T9268] __nla_validate_parse: 5 callbacks suppressed
[  186.562186][ T9268] netlink: 24 bytes leftover after parsing attributes in process `syz.5.755'.
[  186.629861][ T7286] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  186.781242][ T7286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  186.784802][ T7286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.788004][ T7286] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  186.791203][ T7286] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.795287][ T7286] usb 7-1: config 0 descriptor??
[  186.841274][ T9273] bridge0: port 3(vlan2) entered blocking state
[  186.843673][ T9273] bridge0: port 3(vlan2) entered disabled state
[  186.845867][ T9273] vlan2: entered allmulticast mode
[  186.847602][ T9273] bridge0: entered allmulticast mode
[  186.851065][ T9273] vlan2: left allmulticast mode
[  186.852728][ T9273] bridge0: left allmulticast mode
[  187.008884][ T7286] usbhid 7-1:0.0: can't add hid device: -71
[  187.011056][ T7286] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  187.014679][ T7286] usb 7-1: USB disconnect, device number 14
[  187.242225][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.758'.
[  187.583439][ T9292] loop4: detected capacity change from 0 to 7
[  187.590219][ T6054] Dev loop4: unable to read RDB block 7
[  187.592210][ T6054]  loop4: unable to read partition table
[  187.594312][ T6054] loop4: partition table beyond EOD, truncated
[  187.602982][ T9292] Dev loop4: unable to read RDB block 7
[  187.604835][ T9292]  loop4: unable to read partition table
[  187.606767][ T9292] loop4: partition table beyond EOD, truncated
[  187.609294][ T9292] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  187.629295][ T9296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.763'.
[  187.722588][ T9300] netlink: 12 bytes leftover after parsing attributes in process `syz.2.764'.
[  188.572394][ T9330] binder: 9316:9330 ioctl 4018620d 0 returned -22
[  188.853221][ T9336] fuseblk: Bad value for 'fd'
[  188.895335][   T40] audit: type=1326 audit(1747560744.838:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9328 comm="syz.4.773" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x0
[  189.017527][ T9338] binder: 9335:9338 ioctl 40046205 0 returned -22
[  189.536263][ T9350] xt_hashlimit: overflow, try lower: 17592186044416/6
[  189.765773][   T65] libceph: connect (1)[c::]:6789 error -101
[  189.767840][   T65] libceph: mon0 (1)[c::]:6789 connect error
[  189.950306][  T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  189.979842][ T6001] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  190.030027][  T834] libceph: connect (1)[c::]:6789 error -101
[  190.032110][  T834] libceph: mon0 (1)[c::]:6789 connect error
[  190.129804][ T6001] usb 10-1: Using ep0 maxpacket: 16
[  190.134290][ T6001] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.140211][ T6001] usb 10-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59
[  190.143175][ T6001] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.145791][ T6001] usb 10-1: Product: syz
[  190.147232][ T6001] usb 10-1: Manufacturer: syz
[  190.149572][ T6001] usb 10-1: SerialNumber: syz
[  190.157167][ T6001] usb 10-1: config 0 descriptor??
[  190.174029][ T6001] peak_usb 10-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -22
[  190.176546][ T6001] peak_usb 10-1:0.0: unable to read PCAN-USB serial number (err -22)
[  190.250675][ T6001] peak_usb 10-1:0.0: probe with driver peak_usb failed with error -22
[  190.372044][   T40] audit: type=1326 audit(1747560746.318:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9373 comm="syz.0.786" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f96579 code=0x0
[  190.462435][ T9375] fuse: Unknown parameter 'W°ÖFp_id'
[  190.542080][ T6001] libceph: connect (1)[c::]:6789 error -101
[  190.544820][ T6001] libceph: mon0 (1)[c::]:6789 connect error
[  190.584663][ T9363] ceph: No mds server is up or the cluster is laggy
[  190.862892][ T9385] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  191.249622][ T9395] bridge0: port 1(vlan2) entered blocking state
[  191.252072][ T9395] bridge0: port 1(vlan2) entered disabled state
[  191.254212][ T9395] vlan2: entered allmulticast mode
[  191.255913][ T9395] bridge0: entered allmulticast mode
[  191.258786][ T9395] vlan2: left allmulticast mode
[  191.260495][ T9395] bridge0: left allmulticast mode
[  191.391073][ T9402] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.793'.
[  191.394445][ T9397] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.793'.
[  192.394112][ T9432] block device autoloading is deprecated and will be removed.
[  192.601589][  T834] usb 10-1: USB disconnect, device number 5
[  193.045299][ T9443] fuseblk: Bad value for 'fd'
[  193.077847][ T9446] ptrace attach of "/syz-executor exec"[5944] was attempted by "/syz-executor exec"[9446]
[  193.082954][ T9447] netlink: 'syz.4.805': attribute type 39 has an invalid length.
[  193.141757][ T9448] xt_time: invalid argument - start or stop time greater than 23:59:59
[  193.150575][   T40] audit: type=1326 audit(1747560749.098:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9436 comm="syz.5.803" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x0
[  193.432349][ T9453] overlayfs: statfs failed on './file1'
[  193.474676][ T9459] FAULT_INJECTION: forcing a failure.
[  193.474676][ T9459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.478847][ T9459] CPU: 3 UID: 0 PID: 9459 Comm: syz.4.809 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  193.478862][ T9459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.478868][ T9459] Call Trace:
[  193.478872][ T9459]  <TASK>
[  193.478876][ T9459]  dump_stack_lvl+0x16c/0x1f0
[  193.478896][ T9459]  should_fail_ex+0x512/0x640
[  193.478915][ T9459]  _copy_from_user+0x2e/0xd0
[  193.478933][ T9459]  get_compat_msghdr+0xa7/0x170
[  193.478947][ T9459]  ? __pfx_get_compat_msghdr+0x10/0x10
[  193.478963][ T9459]  ___sys_sendmsg+0x1ae/0x1d0
[  193.478978][ T9459]  ? __pfx____sys_sendmsg+0x10/0x10
[  193.479006][ T9459]  __sys_sendmsg+0x16d/0x220
[  193.479018][ T9459]  ? __pfx___sys_sendmsg+0x10/0x10
[  193.479037][ T9459]  ? rcu_is_watching+0x12/0xc0
[  193.479049][ T9459]  __do_fast_syscall_32+0x73/0x120
[  193.479066][ T9459]  do_fast_syscall_32+0x32/0x80
[  193.479084][ T9459]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.479097][ T9459] RIP: 0023:0xf708e579
[  193.479105][ T9459] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.479116][ T9459] RSP: 002b:00000000f505d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  193.479125][ T9459] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000680
[  193.479132][ T9459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  193.479138][ T9459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.479143][ T9459] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.479149][ T9459] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.479161][ T9459]  </TASK>
[  193.534904][ T9458] Cache volume key already in use (9p,syz,)
[  193.772065][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  193.776256][ T9469] FAULT_INJECTION: forcing a failure.
[  193.776256][ T9469] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  193.780747][ T9469] CPU: 0 UID: 0 PID: 9469 Comm: syz.0.813 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  193.780762][ T9469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.780769][ T9469] Call Trace:
[  193.780773][ T9469]  <TASK>
[  193.780777][ T9469]  dump_stack_lvl+0x16c/0x1f0
[  193.780797][ T9469]  should_fail_ex+0x512/0x640
[  193.780816][ T9469]  should_fail_alloc_page+0xe7/0x130
[  193.780832][ T9469]  prepare_alloc_pages+0x3c2/0x610
[  193.780848][ T9469]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.780862][ T9469]  ? __kernel_text_address+0xd/0x40
[  193.780874][ T9469]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  193.780889][ T9469]  ? __lock_acquire+0x5ca/0x1ba0
[  193.780904][ T9469]  ? stack_trace_save+0x8e/0xc0
[  193.780915][ T9469]  ? __pfx_stack_trace_save+0x10/0x10
[  193.780926][ T9469]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  193.780939][ T9469]  ? __lock_acquire+0x5ca/0x1ba0
[  193.780955][ T9469]  ? __bfs+0x148/0x290
[  193.780969][ T9469]  ? check_irq_usage+0x188/0x920
[  193.780980][ T9469]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  193.780996][ T9469]  ? policy_nodemask+0xea/0x4e0
[  193.781019][ T9469]  alloc_pages_mpol+0x1fb/0x550
[  193.781032][ T9469]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  193.781049][ T9469]  alloc_pages_noprof+0x131/0x390
[  193.781062][ T9469]  pte_alloc_one+0x19/0x380
[  193.781076][ T9469]  do_pte_missing+0x1c0b/0x3fb0
[  193.781089][ T9469]  ? find_held_lock+0x2b/0x80
[  193.781101][ T9469]  __handle_mm_fault+0x103d/0x2a40
[  193.781116][ T9469]  ? __pfx___handle_mm_fault+0x10/0x10
[  193.781139][ T9469]  handle_mm_fault+0x3fe/0xad0
[  193.781153][ T9469]  __get_user_pages+0x771/0x36f0
[  193.781174][ T9469]  ? __pfx___get_user_pages+0x10/0x10
[  193.781196][ T9469]  get_user_pages_remote+0x258/0xb20
[  193.781216][ T9469]  ? __pfx_get_user_pages_remote+0x10/0x10
[  193.781232][ T9469]  ? mtree_range_walk+0x718/0xc00
[  193.781248][ T9469]  ? find_held_lock+0x2b/0x80
[  193.781261][ T9469]  uprobe_write_opcode+0x11b/0x1a80
[  193.781279][ T9469]  ? __pfx_mt_find+0x10/0x10
[  193.781289][ T9469]  ? __pfx_uprobe_write_opcode+0x10/0x10
[  193.781306][ T9469]  ? __pfx___might_resched+0x10/0x10
[  193.781320][ T9469]  install_breakpoint.isra.0+0x5f2/0x870
[  193.781336][ T9469]  ? find_vma+0xbf/0x140
[  193.781350][ T9469]  ? __pfx_find_vma+0x10/0x10
[  193.781364][ T9469]  ? kfree+0x2b6/0x4d0
[  193.781376][ T9469]  register_for_each_vma+0xa39/0xdf0
[  193.781397][ T9469]  uprobe_register+0x81a/0xb60
[  193.781434][ T9469]  bpf_uprobe_multi_link_attach+0x8ea/0x1070
[  193.781456][ T9469]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  193.781471][ T9469]  ? __fget_files+0x20e/0x3c0
[  193.781484][ T9469]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  193.781501][ T9469]  __sys_bpf+0x3fb6/0x4d80
[  193.781518][ T9469]  ? __pfx___sys_bpf+0x10/0x10
[  193.781533][ T9469]  ? ksys_write+0x190/0x240
[  193.781546][ T9469]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  193.781570][ T9469]  ? fput+0x70/0xf0
[  193.781582][ T9469]  ? ksys_write+0x1b9/0x240
[  193.781592][ T9469]  ? __pfx_ksys_write+0x10/0x10
[  193.781601][ T9469]  ? rcu_is_watching+0x12/0xc0
[  193.781618][ T9469]  __ia32_sys_bpf+0x76/0xe0
[  193.781634][ T9469]  __do_fast_syscall_32+0x73/0x120
[  193.781651][ T9469]  do_fast_syscall_32+0x32/0x80
[  193.781667][ T9469]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  193.781680][ T9469] RIP: 0023:0xf7f96579
[  193.781689][ T9469] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  193.781699][ T9469] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  193.781710][ T9469] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000800005c0
[  193.781716][ T9469] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  193.781722][ T9469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  193.781727][ T9469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  193.781733][ T9469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  193.781746][ T9469]  </TASK>
[  194.287617][ T6001] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  194.424705][ T9492] overlayfs: failed to resolve './file0': -2
[  194.441267][ T6001] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  194.445436][ T6001] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.448702][ T6001] usb 9-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  194.454291][ T6001] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.458814][ T6001] usb 9-1: config 0 descriptor??
[  194.626491][ T9496] netlink: 4 bytes leftover after parsing attributes in process `syz.5.818'.
[  194.665771][ T6001] usbhid 9-1:0.0: can't add hid device: -71
[  194.667827][ T6001] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  194.673959][ T6001] usb 9-1: USB disconnect, device number 4
[  194.700823][ T9499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.819'.
[  194.858770][ T9510] FAULT_INJECTION: forcing a failure.
[  194.858770][ T9510] name failslab, interval 1, probability 0, space 0, times 0
[  194.863399][ T9510] CPU: 0 UID: 0 PID: 9510 Comm: syz.2.822 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  194.863415][ T9510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.863421][ T9510] Call Trace:
[  194.863425][ T9510]  <TASK>
[  194.863429][ T9510]  dump_stack_lvl+0x16c/0x1f0
[  194.863449][ T9510]  should_fail_ex+0x512/0x640
[  194.863465][ T9510]  ? __kmalloc_noprof+0xbf/0x510
[  194.863478][ T9510]  ? alloc_pipe_info+0x1ec/0x590
[  194.863488][ T9510]  should_failslab+0xc2/0x120
[  194.863502][ T9510]  __kmalloc_noprof+0xd2/0x510
[  194.863516][ T9510]  alloc_pipe_info+0x1ec/0x590
[  194.863528][ T9510]  splice_direct_to_actor+0x77d/0xa30
[  194.863545][ T9510]  ? __pfx_direct_splice_actor+0x10/0x10
[  194.863562][ T9510]  ? __pfx_aa_file_perm+0x10/0x10
[  194.863584][ T9510]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  194.863599][ T9510]  ? get_pid_task+0xfc/0x250
[  194.863617][ T9510]  do_splice_direct+0x174/0x240
[  194.863632][ T9510]  ? __pfx_do_splice_direct+0x10/0x10
[  194.863648][ T9510]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  194.863664][ T9510]  ? bpf_lsm_file_permission+0x9/0x10
[  194.863674][ T9510]  ? security_file_permission+0x71/0x210
[  194.863689][ T9510]  ? rw_verify_area+0xcf/0x680
[  194.863706][ T9510]  do_sendfile+0xafd/0xe50
[  194.863717][ T9510]  ? __pfx_do_sendfile+0x10/0x10
[  194.863727][ T9510]  ? __might_fault+0xe3/0x190
[  194.863738][ T9510]  ? __might_fault+0x13b/0x190
[  194.863753][ T9510]  __ia32_compat_sys_sendfile+0x162/0x220
[  194.863767][ T9510]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[  194.863781][ T9510]  ? rcu_is_watching+0x12/0xc0
[  194.863793][ T9510]  __do_fast_syscall_32+0x73/0x120
[  194.863811][ T9510]  do_fast_syscall_32+0x32/0x80
[  194.863829][ T9510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  194.863842][ T9510] RIP: 0023:0xf704e579
[  194.863850][ T9510] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  194.863860][ T9510] RSP: 002b:00000000f501d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[  194.863870][ T9510] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004
[  194.863876][ T9510] RDX: 0000000080000100 RSI: 0000000000010001 RDI: 0000000000000000
[  194.863883][ T9510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  194.863888][ T9510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  194.863894][ T9510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  194.863907][ T9510]  </TASK>
[  195.079839][ T7546] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  195.110916][ T9522] overlayfs: overlapping lowerdir path
[  195.261265][ T7546] usb 10-1: Using ep0 maxpacket: 8
[  195.265289][ T7546] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  195.269146][ T7546] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  195.272999][ T7546] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  195.276368][ T7546] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  195.282231][ T7546] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  195.285512][ T7546] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.339402][ T9528] overlayfs: overlapping lowerdir path
[  195.484164][ T9532] netlink: 'syz.0.826': attribute type 5 has an invalid length.
[  195.493356][ T7546] usb 10-1: GET_CAPABILITIES returned 0
[  195.495242][ T7546] usbtmc 10-1:16.0: can't read capabilities
[  195.520863][ T9534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.827'.
[  195.716980][ T9544] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[  195.716980][ T9544]    program syz.4.830 not setting count and/or reply_len properly
[  195.733412][   T64] usb 10-1: USB disconnect, device number 6
[  195.806796][ T9546] FAULT_INJECTION: forcing a failure.
[  195.806796][ T9546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.811445][ T9546] CPU: 2 UID: 0 PID: 9546 Comm: syz.5.831 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  195.811469][ T9546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.811479][ T9546] Call Trace:
[  195.811515][ T9546]  <TASK>
[  195.811522][ T9546]  dump_stack_lvl+0x16c/0x1f0
[  195.811611][ T9546]  should_fail_ex+0x512/0x640
[  195.811657][ T9546]  _copy_to_user+0x32/0xd0
[  195.811668][ T9546]  bpf_test_finish.isra.0+0x50c/0x690
[  195.811682][ T9546]  ? find_held_lock+0x2b/0x80
[  195.811693][ T9546]  ? __might_fault+0xe3/0x190
[  195.811705][ T9546]  ? __might_fault+0xe3/0x190
[  195.811717][ T9546]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  195.811732][ T9546]  ? _copy_from_user+0x59/0xd0
[  195.811750][ T9546]  bpf_prog_test_run_xdp+0xa0d/0x1540
[  195.811769][ T9546]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  195.811783][ T9546]  ? __might_fault+0xe0/0x190
[  195.811797][ T9546]  ? fput+0x70/0xf0
[  195.811809][ T9546]  ? __bpf_prog_get+0xa0/0x290
[  195.811822][ T9546]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  195.811835][ T9546]  __sys_bpf+0x1485/0x4d80
[  195.811851][ T9546]  ? __pfx___sys_bpf+0x10/0x10
[  195.811866][ T9546]  ? ksys_write+0x190/0x240
[  195.811883][ T9546]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  195.811907][ T9546]  ? fput+0x70/0xf0
[  195.811919][ T9546]  ? ksys_write+0x1b9/0x240
[  195.811929][ T9546]  ? __pfx_ksys_write+0x10/0x10
[  195.811941][ T9546]  __ia32_sys_bpf+0x76/0xe0
[  195.811957][ T9546]  __do_fast_syscall_32+0x73/0x120
[  195.811974][ T9546]  do_fast_syscall_32+0x32/0x80
[  195.811990][ T9546]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  195.812003][ T9546] RIP: 0023:0xf7ff8579
[  195.812012][ T9546] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  195.812022][ T9546] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  195.812032][ T9546] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[  195.812039][ T9546] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  195.812045][ T9546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  195.812050][ T9546] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  195.812056][ T9546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  195.812068][ T9546]  </TASK>
[  195.899042][    C2] hpet: Lost 4 RTC interrupts
[  196.132057][ T9552] netlink: 3 bytes leftover after parsing attributes in process `syz.4.830'.
[  196.150399][ T9552] batadv1: entered allmulticast mode
[  196.201996][ T9556] input: syz1 as /devices/virtual/input/input13
[  196.234069][ T9556] netlink: 12 bytes leftover after parsing attributes in process `syz.4.830'.
[  196.264281][ T9561] netlink: 4 bytes leftover after parsing attributes in process `syz.2.836'.
[  196.401054][ T9565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.837'.
[  196.627438][ T9575] No buffer was provided with the request
[  196.632485][ T9575] input input14: cannot allocate more than FF_MAX_EFFECTS effects
[  196.639897][ T9576] xt_hashlimit: invalid rate
[  196.737230][ T9581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.841'.
[  196.740864][ T9581] bridge_slave_1: left allmulticast mode
[  196.742898][ T9581] bridge_slave_1: left promiscuous mode
[  196.747372][ T9581] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.752360][ T9581] bridge_slave_0: left allmulticast mode
[  196.754315][ T9581] bridge_slave_0: left promiscuous mode
[  196.756500][ T9581] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.215147][ T9595] netlink: 'syz.2.846': attribute type 1 has an invalid length.
[  197.219997][   T64] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  197.237366][ T9595] bond4: entered promiscuous mode
[  197.239314][ T9595] 8021q: adding VLAN 0 to HW filter on device bond4
[  197.266814][ T9595] bond4: (slave veth5): making interface the new active one
[  197.269303][ T9595] veth5: entered promiscuous mode
[  197.271491][ T9595] bond4: (slave veth5): Enslaving as an active interface with an up link
[  197.372713][   T64] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  197.384236][   T64] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  197.395464][   T64] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  197.407545][   T64] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  197.420829][   T64] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  197.437355][   T64] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  197.441204][   T64] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  197.444521][   T64] usb 9-1: Product: syz
[  197.446098][   T64] usb 9-1: Manufacturer: syz
[  197.454483][   T64] cdc_wdm 9-1:1.0: skipping garbage
[  197.457456][   T64] cdc_wdm 9-1:1.0: skipping garbage
[  197.463152][   T64] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  197.466066][   T64] cdc_wdm 9-1:1.0: Unknown control protocol
[  197.663860][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.841436][  T834] libceph: connect (1)[c::]:6789 error -101
[  197.846150][  T834] libceph: mon0 (1)[c::]:6789 connect error
[  197.916856][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  197.919102][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.921632][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  197.923901][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.926234][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  197.928401][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.931140][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  197.933300][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.935543][    C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  197.937703][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  197.939710][    C2] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  197.942953][   T64] usb 9-1: USB disconnect, device number 5
[  198.143673][  T834] libceph: connect (1)[c::]:6789 error -101
[  198.146504][  T834] libceph: mon0 (1)[c::]:6789 connect error
[  198.178014][ T9606] ceph: No mds server is up or the cluster is laggy
[  198.686401][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.854'.
[  198.853612][ T9634] ip6tnl1: entered promiscuous mode
[  198.855668][ T9634] ip6tnl1: entered allmulticast mode
[  198.862454][ T9634] team0: Device ip6tnl1 is of different type
[  198.901860][ T9633] syz.2.855: attempt to access beyond end of device
[  198.901860][ T9633] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  198.906862][ T9633] XFS (nbd2): SB validate failed with error -5.
[  199.208544][ T9649] netlink: 'syz.0.859': attribute type 1 has an invalid length.
[  199.211238][ T9649] netlink: 'syz.0.859': attribute type 4 has an invalid length.
[  199.213811][ T9649] netlink: 32 bytes leftover after parsing attributes in process `syz.0.859'.
[  199.217962][ T9649] mac80211_hwsim hwsim8 
: renamed from wlan1
[  199.341717][ T9656] loop7: detected capacity change from 0 to 6
[  199.417443][ T9656] Dev loop7: unable to read RDB block 6
[  199.419369][ T9656]  loop7: unable to read partition table
[  199.421593][ T9656] loop7: partition table beyond EOD, truncated
[  199.428569][ T9656] loop_reread_partitions: partition scan of loop7 (îÝ·ÂU@™:ÖB$Œ{
WÎÉ´å) failed (rc=-5)
[  199.669450][ T9665] overlayfs: overlapping lowerdir path
[  200.041003][ T9675] FAULT_INJECTION: forcing a failure.
[  200.041003][ T9675] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.041025][ T9675] CPU: 1 UID: 0 PID: 9675 Comm: syz.4.865 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  200.041039][ T9675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  200.041045][ T9675] Call Trace:
[  200.041049][ T9675]  <TASK>
[  200.041054][ T9675]  dump_stack_lvl+0x16c/0x1f0
[  200.041086][ T9675]  should_fail_ex+0x512/0x640
[  200.041105][ T9675]  _copy_from_user+0x2e/0xd0
[  200.041122][ T9675]  get_compat_msghdr+0xa7/0x170
[  200.041136][ T9675]  ? __pfx_get_compat_msghdr+0x10/0x10
[  200.041153][ T9675]  ___sys_sendmsg+0x1ae/0x1d0
[  200.041168][ T9675]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.041187][ T9675]  ? find_held_lock+0x2b/0x80
[  200.041207][ T9675]  __sys_sendmmsg+0x2f9/0x420
[  200.041222][ T9675]  ? __pfx___sys_sendmmsg+0x10/0x10
[  200.041252][ T9675]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  200.041265][ T9675]  do_int80_emulation+0x104/0x200
[  200.041283][ T9675]  asm_int80_emulation+0x1a/0x20
[  200.041293][ T9675] RIP: 0023:0xf708e579
[  200.041301][ T9675] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  200.041311][ T9675] RSP: 002b:00000000f505d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  200.041321][ T9675] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000300
[  200.041327][ T9675] RDX: 0000000000000001 RSI: 0000000000040000 RDI: 0000000000000000
[  200.041333][ T9675] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  200.041339][ T9675] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  200.041345][ T9675] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  200.041376][ T9675]  </TASK>
[  200.072576][ T9680] 9pnet_fd: Insufficient options for proto=fd
[  200.079958][ T5956] Bluetooth: hci4: command 0x1003 tx timeout
[  200.080371][ T5295] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  200.479406][ T9694] netlink: 'syz.4.871': attribute type 11 has an invalid length.
[  200.479434][ T9694] netlink: 'syz.4.871': attribute type 11 has an invalid length.
[  200.479441][ T9694] netlink: 224 bytes leftover after parsing attributes in process `syz.4.871'.
[  200.533956][ T9697] netlink: 12 bytes leftover after parsing attributes in process `syz.5.870'.
[  200.591975][ T9699] overlayfs: overlapping lowerdir path
[  201.175083][ T9712] netlink: 3056 bytes leftover after parsing attributes in process `syz.2.875'.
[  201.715013][ T9725] overlayfs: overlapping lowerdir path
[  201.728970][ T9722] program syz.5.879 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.753781][ T9730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.881'.
[  202.149852][   T34] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  202.309778][   T34] usb 9-1: Using ep0 maxpacket: 32
[  202.313420][   T34] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  202.318959][   T34] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  202.322424][   T34] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  202.325379][   T34] usb 9-1: Product: syz
[  202.327145][   T34] usb 9-1: Manufacturer: syz
[  202.328974][   T34] usb 9-1: SerialNumber: syz
[  202.333907][   T34] usb 9-1: config 0 descriptor??
[  202.336768][ T9730] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  202.340951][   T34] hub 9-1:0.0: bad descriptor, ignoring hub
[  202.343106][   T34] hub 9-1:0.0: probe with driver hub failed with error -5
[  202.385722][ T9745] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.391589][ T9745] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.628099][ T9752] pim6reg: entered allmulticast mode
[  202.634801][ T9752] pim6reg: left allmulticast mode
[  202.650101][   T64] usb 9-1: USB disconnect, device number 6
[  202.866293][ T9760] overlayfs: overlapping lowerdir path
[  202.883957][ T9761] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  202.896910][ T9761] kvm: pic: level sensitive irq not supported
[  202.897789][ T9761] kvm: pic: non byte read
[  202.940413][   T40] audit: type=1326 audit(1747560758.888:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9768 comm="syz.5.891" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8579 code=0x0
[  203.450125][   T34] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  203.613906][   T34] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  203.616653][   T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.620683][   T34] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  203.623737][   T34] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  203.626356][   T34] usb 5-1: Manufacturer: syz
[  203.629168][   T34] usb 5-1: config 0 descriptor??
[  203.679765][   T34] rc_core: IR keymap rc-hauppauge not found
[  203.681732][   T34] Registered IR keymap rc-empty
[  203.684135][   T34] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  203.688302][   T34] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input15
[  203.839623][  T833] usb 5-1: USB disconnect, device number 13
[  204.092831][ T9814] trusted_key: encrypted_key: key user:syz not found
[  204.097107][ T9814] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input16
[  204.106351][ T9816] netlink: 96 bytes leftover after parsing attributes in process `syz.2.903'.
[  204.110077][ T9816] netlink: 96 bytes leftover after parsing attributes in process `syz.2.903'.
[  204.114284][ T9816] lo speed is unknown, defaulting to 1000
[  204.116359][ T9816] lo speed is unknown, defaulting to 1000
[  204.118647][ T9816] lo speed is unknown, defaulting to 1000
[  204.130711][ T9816] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  204.157207][ T9816] lo speed is unknown, defaulting to 1000
[  204.161244][ T9816] lo speed is unknown, defaulting to 1000
[  204.164436][ T9816] lo speed is unknown, defaulting to 1000
[  204.167024][ T9816] lo speed is unknown, defaulting to 1000
[  204.207165][ T9822] FAULT_INJECTION: forcing a failure.
[  204.207165][ T9822] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  204.212139][ T9822] CPU: 0 UID: 0 PID: 9822 Comm: syz.2.906 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  204.212153][ T9822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.212160][ T9822] Call Trace:
[  204.212163][ T9822]  <TASK>
[  204.212167][ T9822]  dump_stack_lvl+0x16c/0x1f0
[  204.212187][ T9822]  should_fail_ex+0x512/0x640
[  204.212205][ T9822]  should_fail_alloc_page+0xe7/0x130
[  204.212220][ T9822]  prepare_alloc_pages+0x3c2/0x610
[  204.212236][ T9822]  ? rcu_is_watching+0x12/0xc0
[  204.212248][ T9822]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  204.212263][ T9822]  ? do_raw_spin_lock+0x12c/0x2b0
[  204.212303][ T9822]  ? find_held_lock+0x2b/0x80
[  204.212316][ T9822]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  204.212329][ T9822]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  204.212343][ T9822]  ? stack_depot_save_flags+0x3e6/0xa50
[  204.212362][ T9822]  ? kasan_save_stack+0x42/0x60
[  204.212375][ T9822]  ? __lock_acquire+0xaa4/0x1ba0
[  204.212387][ T9822]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  204.212402][ T9822]  ? policy_nodemask+0xea/0x4e0
[  204.212417][ T9822]  alloc_pages_mpol+0x1fb/0x550
[  204.212430][ T9822]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  204.212442][ T9822]  ? __page_table_check_ptes_set+0x1ae/0x420
[  204.212456][ T9822]  ? find_held_lock+0x2b/0x80
[  204.212468][ T9822]  alloc_pages_noprof+0x131/0x390
[  204.212481][ T9822]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  204.212491][ T9822]  get_free_pages_noprof+0xc/0x40
[  204.212504][ T9822]  kasan_populate_vmalloc_pte+0x2d/0x160
[  204.212517][ T9822]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  204.212527][ T9822]  __apply_to_page_range+0x61a/0xd60
[  204.212545][ T9822]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  204.212558][ T9822]  ? __pfx___apply_to_page_range+0x10/0x10
[  204.212575][ T9822]  ? alloc_vmap_area+0x872/0x2970
[  204.212593][ T9822]  alloc_vmap_area+0x919/0x2970
[  204.212613][ T9822]  ? __pfx_alloc_vmap_area+0x10/0x10
[  204.212632][ T9822]  __get_vm_area_node+0x1ca/0x330
[  204.212650][ T9822]  __vmalloc_node_range_noprof+0x277/0x1540
[  204.212667][ T9822]  ? sock_hash_alloc+0x336/0x510
[  204.212685][ T9822]  ? sock_hash_alloc+0x336/0x510
[  204.212702][ T9822]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  204.212719][ T9822]  ? rcu_is_watching+0x12/0xc0
[  204.212729][ T9822]  ? trace_kmalloc+0x2b/0xd0
[  204.212742][ T9822]  ? __kmalloc_node_noprof+0x23b/0x500
[  204.212753][ T9822]  ? trace_cap_capable+0x18d/0x200
[  204.212772][ T9822]  ? sock_hash_alloc+0x336/0x510
[  204.212786][ T9822]  __bpf_map_area_alloc+0xeb/0x190
[  204.212802][ T9822]  ? sock_hash_alloc+0x336/0x510
[  204.212816][ T9822]  sock_hash_alloc+0x336/0x510
[  204.212831][ T9822]  map_create+0x592/0x1db0
[  204.212850][ T9822]  ? __pfx_map_create+0x10/0x10
[  204.212862][ T9822]  ? __might_fault+0xe3/0x190
[  204.212873][ T9822]  ? __might_fault+0xe3/0x190
[  204.212884][ T9822]  ? __might_fault+0x13b/0x190
[  204.212901][ T9822]  __sys_bpf+0x47cc/0x4d80
[  204.212917][ T9822]  ? __pfx___sys_bpf+0x10/0x10
[  204.212933][ T9822]  ? ksys_write+0x190/0x240
[  204.212945][ T9822]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  204.212969][ T9822]  ? fput+0x70/0xf0
[  204.212981][ T9822]  ? ksys_write+0x1b9/0x240
[  204.212990][ T9822]  ? __pfx_ksys_write+0x10/0x10
[  204.213003][ T9822]  __ia32_sys_bpf+0x76/0xe0
[  204.213019][ T9822]  __do_fast_syscall_32+0x73/0x120
[  204.213036][ T9822]  do_fast_syscall_32+0x32/0x80
[  204.213051][ T9822]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.213065][ T9822] RIP: 0023:0xf704e579
[  204.213073][ T9822] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.213083][ T9822] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  204.213093][ T9822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000600
[  204.213099][ T9822] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  204.213106][ T9822] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.213111][ T9822] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.213117][ T9822] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.213130][ T9822]  </TASK>
[  204.236474][ T9823] overlayfs: overlapping lowerdir path
[  204.593480][ T9830] bridge0: port 3(netdevsim0) entered blocking state
[  204.596073][ T9830] bridge0: port 3(netdevsim0) entered disabled state
[  204.598831][ T9830] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  204.607267][ T9830] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  204.612949][ T9830] bridge0: port 3(netdevsim0) entered blocking state
[  204.615810][ T9830] bridge0: port 3(netdevsim0) entered forwarding state
[  204.702652][ T9832] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.895450][ T9846] FAULT_INJECTION: forcing a failure.
[  204.895450][ T9846] name failslab, interval 1, probability 0, space 0, times 0
[  204.901524][ T9846] CPU: 1 UID: 0 PID: 9846 Comm: syz.5.915 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  204.901562][ T9846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  204.901573][ T9846] Call Trace:
[  204.901579][ T9846]  <TASK>
[  204.901588][ T9846]  dump_stack_lvl+0x16c/0x1f0
[  204.901618][ T9846]  should_fail_ex+0x512/0x640
[  204.901643][ T9846]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  204.901667][ T9846]  should_failslab+0xc2/0x120
[  204.901689][ T9846]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  204.901709][ T9846]  ? kvm_sched_clock_read+0x11/0x20
[  204.901732][ T9846]  ? sched_clock+0x38/0x60
[  204.901760][ T9846]  ? fcntl_setlease+0xc6/0x5a0
[  204.901788][ T9846]  fcntl_setlease+0xc6/0x5a0
[  204.901811][ T9846]  ? __pfx_fcntl_setlease+0x10/0x10
[  204.901836][ T9846]  ? find_held_lock+0x2b/0x80
[  204.901862][ T9846]  do_fcntl+0x75a/0x1590
[  204.901885][ T9846]  ? __pfx_do_fcntl+0x10/0x10
[  204.901912][ T9846]  ? tomoyo_file_fcntl+0x6c/0xc0
[  204.901935][ T9846]  do_compat_fcntl64+0x370/0x700
[  204.901957][ T9846]  ? __pfx_do_compat_fcntl64+0x10/0x10
[  204.901982][ T9846]  ? fput+0x70/0xf0
[  204.902003][ T9846]  ? ksys_write+0x1b9/0x240
[  204.902024][ T9846]  ? rcu_is_watching+0x12/0xc0
[  204.902044][ T9846]  __do_fast_syscall_32+0x73/0x120
[  204.902073][ T9846]  do_fast_syscall_32+0x32/0x80
[  204.902099][ T9846]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  204.902121][ T9846] RIP: 0023:0xf7ff8579
[  204.902135][ T9846] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  204.902153][ T9846] RSP: 002b:00000000f50f555c EFLAGS: 00000296 ORIG_RAX: 0000000000000037
[  204.902170][ T9846] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000000400
[  204.902182][ T9846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  204.902192][ T9846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  204.902202][ T9846] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  204.902212][ T9846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  204.902236][ T9846]  </TASK>
[  205.109820][  T833] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  205.293439][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  205.299973][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.306286][  T833] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  205.309875][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.327458][  T833] usb 7-1: config 0 descriptor??
[  205.502802][ T9855] netlink: 'syz.5.918': attribute type 1 has an invalid length.
[  205.534406][  T833] usbhid 7-1:0.0: can't add hid device: -71
[  205.541100][  T833] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  205.545096][  T833] usb 7-1: USB disconnect, device number 15
[  205.607733][ T9857] veth3: entered promiscuous mode
[  205.680976][ T9861] siw: device registration error -23
[  205.826477][ T9862] ip6tnl1: entered promiscuous mode
[  205.828371][ T9862] ip6tnl1: entered allmulticast mode
[  205.831879][ T9862] team0: Device ip6tnl1 is of different type
[  206.012760][ T9858] syz.0.917: attempt to access beyond end of device
[  206.012760][ T9858] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0
[  206.017110][ T9858] XFS (nbd0): SB validate failed with error -5.
[  206.935901][ T9904] netlink: 16 bytes leftover after parsing attributes in process `syz.5.929'.
[  207.336014][ T9923] FAULT_INJECTION: forcing a failure.
[  207.336014][ T9923] name failslab, interval 1, probability 0, space 0, times 0
[  207.340279][ T9923] CPU: 3 UID: 0 PID: 9923 Comm: syz.2.932 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  207.340294][ T9923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  207.340300][ T9923] Call Trace:
[  207.340304][ T9923]  <TASK>
[  207.340309][ T9923]  dump_stack_lvl+0x16c/0x1f0
[  207.340328][ T9923]  should_fail_ex+0x512/0x640
[  207.340344][ T9923]  ? fs_reclaim_acquire+0xae/0x150
[  207.340361][ T9923]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  207.340376][ T9923]  should_failslab+0xc2/0x120
[  207.340390][ T9923]  __kmalloc_noprof+0xd2/0x510
[  207.340405][ T9923]  tomoyo_realpath_from_path+0xc2/0x6e0
[  207.340424][ T9923]  tomoyo_check_open_permission+0x2ab/0x3c0
[  207.340439][ T9923]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  207.340466][ T9923]  ? do_raw_spin_lock+0x12c/0x2b0
[  207.340486][ T9923]  tomoyo_file_open+0x6b/0x90
[  207.340497][ T9923]  security_file_open+0x84/0x1e0
[  207.340512][ T9923]  do_dentry_open+0x596/0x1c10
[  207.340528][ T9923]  vfs_open+0x82/0x3f0
[  207.340547][ T9923]  path_openat+0x1e5e/0x2d40
[  207.340564][ T9923]  ? __pfx_path_openat+0x10/0x10
[  207.340577][ T9923]  do_filp_open+0x20b/0x470
[  207.340588][ T9923]  ? __pfx_do_filp_open+0x10/0x10
[  207.340608][ T9923]  ? alloc_fd+0x471/0x7d0
[  207.340628][ T9923]  do_sys_openat2+0x11b/0x1d0
[  207.340642][ T9923]  ? __pfx_do_sys_openat2+0x10/0x10
[  207.340661][ T9923]  __ia32_compat_sys_openat+0x16d/0x210
[  207.340677][ T9923]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  207.340695][ T9923]  ? rcu_is_watching+0x12/0xc0
[  207.340707][ T9923]  __do_fast_syscall_32+0x73/0x120
[  207.340724][ T9923]  do_fast_syscall_32+0x32/0x80
[  207.340740][ T9923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  207.340753][ T9923] RIP: 0023:0xf704e579
[  207.340762][ T9923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  207.340772][ T9923] RSP: 002b:00000000f503c460 EFLAGS: 00000293 ORIG_RAX: 0000000000000127
[  207.340782][ T9923] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f7236528
[  207.340788][ T9923] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f73b2ff4
[  207.340794][ T9923] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  207.340800][ T9923] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  207.340806][ T9923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  207.340819][ T9923]  </TASK>
[  207.340823][ T9923] ERROR: Out of memory at tomoyo_realpath_from_path.
[  207.481503][ T9925] lo speed is unknown, defaulting to 1000
[  207.510489][ T9927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.934'.
[  207.662027][  T833] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  207.674926][ T9925] lo speed is unknown, defaulting to 1000
[  207.902875][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  207.908684][  T833] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.912034][  T833] usb 7-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  207.915347][  T833] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.921343][  T833] usb 7-1: config 0 descriptor??
[  208.078685][ T9944] ip6tnl1: entered promiscuous mode
[  208.079020][ T9945] trusted_key: encrypted_key: key user:syz not found
[  208.081702][ T9944] ip6tnl1: entered allmulticast mode
[  208.089000][ T9944] team0: Device ip6tnl1 is of different type
[  208.090349][   T64] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  208.151292][  T833] usbhid 7-1:0.0: can't add hid device: -71
[  208.153478][  T833] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  208.159653][  T833] usb 7-1: USB disconnect, device number 16
[  208.163684][ T9946] syz.4.936: attempt to access beyond end of device
[  208.163684][ T9946] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  208.170206][ T9946] XFS (nbd4): SB validate failed with error -5.
[  208.302034][   T64] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  208.307040][   T64] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.310507][   T64] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  208.314187][   T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.318872][   T64] usb 5-1: config 0 descriptor??
[  208.484075][ T9954] overlayfs: overlapping lowerdir path
[  208.526310][   T64] usbhid 5-1:0.0: can't add hid device: -71
[  208.528340][   T64] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  208.533517][   T64] usb 5-1: USB disconnect, device number 14
[  208.687221][   T40] audit: type=1326 audit(1747560764.628:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.704191][   T40] audit: type=1326 audit(1747560764.628:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.712230][   T40] audit: type=1326 audit(1747560764.628:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.719294][   T40] audit: type=1326 audit(1747560764.628:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.726665][   T40] audit: type=1326 audit(1747560764.628:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.733521][   T40] audit: type=1326 audit(1747560764.628:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.741064][   T40] audit: type=1326 audit(1747560764.628:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.748000][   T40] audit: type=1326 audit(1747560764.628:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.754976][   T40] audit: type=1326 audit(1747560764.628:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  208.761899][   T40] audit: type=1326 audit(1747560764.628:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9957 comm="syz.2.939" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf704e579 code=0x7ffc0000
[  209.168082][ T9968] overlayfs: overlapping lowerdir path
[  209.559857][  T833] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  209.563282][ T9973] FAULT_INJECTION: forcing a failure.
[  209.563282][ T9973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.567917][ T9973] CPU: 2 UID: 0 PID: 9973 Comm: syz.4.953 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  209.567939][ T9973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.567949][ T9973] Call Trace:
[  209.567955][ T9973]  <TASK>
[  209.567961][ T9973]  dump_stack_lvl+0x16c/0x1f0
[  209.567988][ T9973]  should_fail_ex+0x512/0x640
[  209.568013][ T9973]  copy_fpstate_to_sigframe+0x878/0xb10
[  209.568043][ T9973]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  209.568072][ T9973]  ? collect_signal+0x263/0x540
[  209.568100][ T9973]  get_sigframe+0x4a8/0x9c0
[  209.568125][ T9973]  ? __pfx_get_sigframe+0x10/0x10
[  209.568145][ T9973]  ? rcu_is_watching+0x12/0xc0
[  209.568160][ T9973]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.568179][ T9973]  ? siginfo_layout+0x177/0x290
[  209.568199][ T9973]  ia32_setup_frame+0xe2/0xa50
[  209.568220][ T9973]  ? __pfx_ia32_setup_frame+0x10/0x10
[  209.568234][ T9973]  ? find_held_lock+0x2b/0x80
[  209.568251][ T9973]  ? bpf_trace_run2+0x265/0x590
[  209.568274][ T9973]  arch_do_signal_or_restart+0x59e/0x7a0
[  209.568298][ T9973]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  209.568340][ T9973]  ? syscall_exit_to_user_mode_prepare+0x203/0x290
[  209.568372][ T9973]  syscall_exit_to_user_mode+0x150/0x2a0
[  209.568397][ T9973]  __do_fast_syscall_32+0x80/0x120
[  209.568422][ T9973]  do_fast_syscall_32+0x32/0x80
[  209.568444][ T9973]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.568464][ T9973] RIP: 0023:0xf708e579
[  209.568491][ T9973] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.568505][ T9973] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  209.568522][ T9973] RAX: fffffffffffffff2 RBX: 0000000000000007 RCX: 00000000800013c0
[  209.568538][ T9973] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000006
[  209.568549][ T9973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  209.568558][ T9973] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  209.568568][ T9973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.568589][ T9973]  </TASK>
[  209.705409][ T9984] FAULT_INJECTION: forcing a failure.
[  209.705409][ T9984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.710359][ T9984] CPU: 1 UID: 0 PID: 9984 Comm: syz.5.947 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  209.710374][ T9984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.710380][ T9984] Call Trace:
[  209.710384][ T9984]  <TASK>
[  209.710388][ T9984]  dump_stack_lvl+0x16c/0x1f0
[  209.710408][ T9984]  should_fail_ex+0x512/0x640
[  209.710427][ T9984]  _copy_to_user+0x32/0xd0
[  209.710438][ T9984]  simple_read_from_buffer+0xcb/0x170
[  209.710455][ T9984]  proc_fail_nth_read+0x197/0x270
[  209.710472][ T9984]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.710487][ T9984]  ? rw_verify_area+0xcf/0x680
[  209.710509][ T9984]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  209.710524][ T9984]  vfs_read+0x1e1/0xc70
[  209.710536][ T9984]  ? __pfx___mutex_lock+0x10/0x10
[  209.710552][ T9984]  ? __pfx_vfs_read+0x10/0x10
[  209.710565][ T9984]  ? __fget_files+0x20e/0x3c0
[  209.710579][ T9984]  ksys_read+0x12a/0x240
[  209.710589][ T9984]  ? __pfx_ksys_read+0x10/0x10
[  209.710601][ T9984]  ? rcu_is_watching+0x12/0xc0
[  209.710613][ T9984]  __do_fast_syscall_32+0x73/0x120
[  209.710630][ T9984]  do_fast_syscall_32+0x32/0x80
[  209.710646][ T9984]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  209.710658][ T9984] RIP: 0023:0xf7ff8579
[  209.710667][ T9984] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  209.710677][ T9984] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  209.710687][ T9984] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5116620
[  209.710694][ T9984] RDX: 000000000000000f RSI: 00000000f7482ff4 RDI: 0000000000000000
[  209.710700][ T9984] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  209.710706][ T9984] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  209.710712][ T9984] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  209.710725][ T9984]  </TASK>
[  209.734401][  T833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  209.798091][  T833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.801537][  T833] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  209.804975][  T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.808652][  T833] usb 5-1: config 0 descriptor??
[  209.974434][T10006] bridge0: port 3(netdevsim0) entered blocking state
[  209.977896][T10006] bridge0: port 3(netdevsim0) entered disabled state
[  209.980643][T10006] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  209.987221][T10006] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  209.993121][T10006] bridge0: port 3(netdevsim0) entered blocking state
[  209.995518][T10006] bridge0: port 3(netdevsim0) entered forwarding state
[  210.009005][T10006] netlink: 56 bytes leftover after parsing attributes in process `syz.5.955'.
[  210.023418][  T833] usbhid 5-1:0.0: can't add hid device: -71
[  210.025514][  T833] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  210.048449][  T833] usb 5-1: USB disconnect, device number 15
[  210.264637][T10012] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  210.778787][T10021] netlink: 12 bytes leftover after parsing attributes in process `syz.0.960'.
[  210.951495][T10025] sp0: Synchronizing with TNC
[  210.954394][T10025] 9pnet: Unknown protocol version 9p20\++}
[  211.088088][T10031] netlink: 60 bytes leftover after parsing attributes in process `syz.2.963'.
[  211.092124][T10031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.963'.
[  211.095977][T10031] netlink: 60 bytes leftover after parsing attributes in process `syz.2.963'.
[  211.176843][T10040] netlink: 20 bytes leftover after parsing attributes in process `syz.5.962'.
[  211.240353][T10045] netlink: 12 bytes leftover after parsing attributes in process `syz.4.964'.
[  211.369371][T10051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.966'.
[  211.381402][T10051] vlan2: entered allmulticast mode
[  211.383181][T10051] dummy0: entered allmulticast mode
[  211.937795][T10024] [U] è
[  212.167723][T10077] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  212.451702][T10088] overlayfs: overlapping lowerdir path
[  213.301206][T10112] tracefs: Unknown parameter '0x00000000000000040x0000000000000000'
[  213.746103][T10131] __nla_validate_parse: 1 callbacks suppressed
[  213.746114][T10131] netlink: 12 bytes leftover after parsing attributes in process `syz.2.980'.
[  213.751544][T10129] sp0: Synchronizing with TNC
[  213.754896][T10129] 9pnet: Unknown protocol version 9p20\++ÿÿ
[  213.955095][T10134] overlayfs: failed to resolve './file1': -2
[  213.979842][  T833] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  214.149797][  T833] usb 10-1: Using ep0 maxpacket: 8
[  214.152977][  T833] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  214.156200][  T833] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  214.159401][  T833] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  214.163215][  T833] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  214.167421][  T833] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  214.170556][  T833] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.385394][  T833] usb 10-1: GET_CAPABILITIES returned 0
[  214.387864][  T833] usbtmc 10-1:16.0: can't read capabilities
[  214.502214][T10139] netlink: 12 bytes leftover after parsing attributes in process `syz.0.983'.
[  214.572252][T10128] [U] è
[  214.586003][T10143] misc userio: Invalid payload size
[  214.588202][   T34] usb 10-1: USB disconnect, device number 7
[  216.086613][T10187] netlink: 52 bytes leftover after parsing attributes in process `syz.2.991'.
[  216.442674][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  216.442685][   T40] audit: type=1800 audit(1747560772.388:402): pid=10200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.995" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  216.455138][T10200] netlink: 12 bytes leftover after parsing attributes in process `syz.4.995'.
[  216.564985][   T40] audit: type=1326 audit(1747560772.508:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  216.573126][   T40] audit: type=1326 audit(1747560772.508:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f965a7 code=0x7ffc0000
[  216.580362][   T40] audit: type=1326 audit(1747560772.508:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  216.587503][   T40] audit: type=1326 audit(1747560772.508:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f965a7 code=0x7ffc0000
[  216.594687][   T40] audit: type=1326 audit(1747560772.508:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  216.601579][   T40] audit: type=1326 audit(1747560772.508:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f965a7 code=0x7ffc0000
[  216.608460][   T40] audit: type=1326 audit(1747560772.508:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  216.615365][   T40] audit: type=1326 audit(1747560772.508:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f965a7 code=0x7ffc0000
[  216.622488][   T40] audit: type=1326 audit(1747560772.508:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.0.996" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f96579 code=0x7ffc0000
[  216.803070][T10211] FAULT_INJECTION: forcing a failure.
[  216.803070][T10211] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  216.807571][T10211] CPU: 3 UID: 0 PID: 10211 Comm: syz.5.999 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  216.807587][T10211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.807597][T10211] Call Trace:
[  216.807602][T10211]  <TASK>
[  216.807608][T10211]  dump_stack_lvl+0x16c/0x1f0
[  216.807627][T10211]  should_fail_ex+0x512/0x640
[  216.807646][T10211]  should_fail_alloc_page+0xe7/0x130
[  216.807661][T10211]  prepare_alloc_pages+0x3c2/0x610
[  216.807680][T10211]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  216.807693][T10211]  ? __lock_acquire+0x5ca/0x1ba0
[  216.807713][T10211]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  216.807728][T10211]  ? veth_get_stats64+0x3e1/0x6b0
[  216.807746][T10211]  ? veth_get_stats64+0x3eb/0x6b0
[  216.807761][T10211]  ? __pfx_veth_get_stats64+0x10/0x10
[  216.807777][T10211]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  216.807793][T10211]  ? policy_nodemask+0xea/0x4e0
[  216.807807][T10211]  alloc_pages_mpol+0x1fb/0x550
[  216.807821][T10211]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  216.807834][T10211]  ? __lock_acquire+0x5ca/0x1ba0
[  216.807850][T10211]  folio_alloc_mpol_noprof+0x36/0x2f0
[  216.807866][T10211]  vma_alloc_folio_noprof+0xed/0x1e0
[  216.807880][T10211]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  216.807899][T10211]  do_pte_missing+0x223d/0x3fb0
[  216.807916][T10211]  __handle_mm_fault+0x103d/0x2a40
[  216.807932][T10211]  ? __pfx___handle_mm_fault+0x10/0x10
[  216.807951][T10211]  ? find_vma+0xbf/0x140
[  216.807965][T10211]  ? __pfx_find_vma+0x10/0x10
[  216.807981][T10211]  handle_mm_fault+0x3fe/0xad0
[  216.807994][T10211]  do_user_addr_fault+0x7a6/0x1370
[  216.808008][T10211]  ? rcu_is_watching+0x12/0xc0
[  216.808020][T10211]  exc_page_fault+0x5c/0xc0
[  216.808035][T10211]  asm_exc_page_fault+0x26/0x30
[  216.808046][T10211] RIP: 0010:_copy_to_iter+0x507/0x15a0
[  216.808068][T10211] Code: cf 3a ee fc 48 8b 4c 24 18 48 8b 44 24 28 89 ee 4c 8d 3c 01 4c 89 ff e8 07 c9 52 fd 0f 01 cb 48 89 e9 48 8b 7c 24 20 4c 89 fe <f3> a4 0f 1f 00 0f 01 ca 48 89 e8 48 29 eb 48 29 c8 48 01 44 24 28
[  216.808080][T10211] RSP: 0018:ffffc900036179b8 EFLAGS: 00050246
[  216.808089][T10211] RAX: 0000000000000001 RBX: 0000000000000fdd RCX: 000000000000011d
[  216.808095][T10211] RDX: ffffed100d5bb9fc RSI: ffff88806addcec0 RDI: 0000000080001000
[  216.808101][T10211] RBP: 0000000000000fdd R08: 0000000000000000 R09: ffffed100d5bb9fb
[  216.808107][T10211] R10: ffff88806addcfdc R11: 0000000000000000 R12: ffffc90003617bc0
[  216.808113][T10211] R13: 0000000000000000 R14: ffffc90003617bc8 R15: ffff88806addc000
[  216.808128][T10211]  ? _copy_to_iter+0x4f9/0x15a0
[  216.808141][T10211]  ? __pfx__copy_to_iter+0x10/0x10
[  216.808153][T10211]  ? find_held_lock+0x2b/0x80
[  216.808163][T10211]  ? dev_seq_stop+0x31/0xb0
[  216.808178][T10211]  seq_read_iter+0xcf8/0x12c0
[  216.808201][T10211]  seq_read+0x39e/0x4e0
[  216.808216][T10211]  ? __pfx_seq_read+0x10/0x10
[  216.808234][T10211]  ? get_pid_task+0xfc/0x250
[  216.808255][T10211]  ? __pfx_seq_read+0x10/0x10
[  216.808269][T10211]  proc_reg_read+0x240/0x330
[  216.808281][T10211]  ? __pfx_proc_reg_read+0x10/0x10
[  216.808292][T10211]  vfs_read+0x1e1/0xc70
[  216.808305][T10211]  ? __pfx___mutex_lock+0x10/0x10
[  216.808321][T10211]  ? __pfx_vfs_read+0x10/0x10
[  216.808335][T10211]  ? __fget_files+0x20e/0x3c0
[  216.808349][T10211]  ksys_read+0x12a/0x240
[  216.808359][T10211]  ? __pfx_ksys_read+0x10/0x10
[  216.808368][T10211]  ? rcu_is_watching+0x12/0xc0
[  216.808379][T10211]  ? rcu_is_watching+0x12/0xc0
[  216.808391][T10211]  __do_fast_syscall_32+0x73/0x120
[  216.808408][T10211]  do_fast_syscall_32+0x32/0x80
[  216.808424][T10211]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.808436][T10211] RIP: 0023:0xf7ff8579
[  216.808445][T10211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.808454][T10211] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  216.808463][T10211] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  216.808469][T10211] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  216.808475][T10211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.808480][T10211] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.808486][T10211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.808505][T10211]  </TASK>
[  217.022814][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1004'.
[  217.026411][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1004'.
[  217.030128][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1004'.
[  217.403790][T10237] usb usb1: usbfs: process 10237 (syz.0.1002) did not claim interface 6 before use
[  217.611933][T10249] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1010'.
[  217.832367][T10250] could not allocate digest TFM handle cbcmac-aes-neon
[  218.323833][T10261] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1012'.
[  218.808438][T10266] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1014'.
[  218.906181][T10269] tipc: Started in network mode
[  218.908418][T10269] tipc: Node identity , cluster identity 4711
[  218.910891][T10269] tipc: Failed to set node id, please configure manually
[  218.913276][T10269] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  219.104930][T10274] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1017'.
[  219.121452][T10274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1017'.
[  219.204533][T10282] futex_wake_op: syz.4.1021 tries to shift op by 144; fix this program
[  219.291316][T10294] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1023'.
[  219.893725][T10306] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1025'.
[  220.373189][T10320] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1029'.
[  220.492628][T10324] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1030'.
[  221.258031][T10341] overlayfs: overlapping lowerdir path
[  221.399889][ T9272] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[  221.561298][ T9272] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  221.565966][ T9272] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.570570][ T9272] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  221.574444][ T9272] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.582336][ T9272] usb 7-1: config 0 descriptor??
[  221.799307][ T9272] usbhid 7-1:0.0: can't add hid device: -71
[  221.801625][ T9272] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  221.806708][ T9272] usb 7-1: USB disconnect, device number 17
[  222.143467][T10355] lo speed is unknown, defaulting to 1000
[  222.215628][T10363] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1039'.
[  222.254267][T10355] lo speed is unknown, defaulting to 1000
[  222.652715][T10379] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1045'.
[  222.757308][T10382] overlayfs: overlapping lowerdir path
[  223.435777][T10405] nftables ruleset with unbound set
[  223.499474][   T40] kauditd_printk_skb: 280 callbacks suppressed
[  223.499486][   T40] audit: type=1326 audit(1747560779.438:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.508652][   T40] audit: type=1326 audit(1747560779.448:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.515749][   T40] audit: type=1326 audit(1747560779.448:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.524010][   T40] audit: type=1326 audit(1747560779.448:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.531316][   T40] audit: type=1326 audit(1747560779.448:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.539462][   T40] audit: type=1326 audit(1747560779.448:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.547586][   T40] audit: type=1326 audit(1747560779.448:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.554520][   T40] audit: type=1326 audit(1747560779.448:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.561689][   T40] audit: type=1326 audit(1747560779.448:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=63 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.568427][   T40] audit: type=1326 audit(1747560779.448:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10408 comm="syz.2.1054" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  223.609770][  T833] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  223.637628][T10412] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1055'.
[  223.759777][  T833] usb 5-1: Using ep0 maxpacket: 8
[  223.765548][  T833] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  223.768161][  T833] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  223.775122][  T833] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  223.778216][  T833] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  223.781644][  T833] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  223.785813][  T833] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  223.789067][  T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.200350][ T5982] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  224.331984][T10437] overlayfs: overlapping lowerdir path
[  224.719267][T10445] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1060'.
[  225.201374][  T833] usb 5-1: usb_control_msg returned -71
[  225.203326][  T833] usbtmc 5-1:16.0: can't read capabilities
[  225.209615][  T833] usb 5-1: USB disconnect, device number 16
[  225.929078][T10487] binder: 10482:10487 ioctl 80045400 80000040 returned -22
[  225.959131][T10490] overlayfs: overlapping lowerdir path
[  226.166515][T10483] netlink: 'syz.2.1073': attribute type 5 has an invalid length.
[  226.169185][T10484] netlink: 'syz.2.1073': attribute type 5 has an invalid length.
[  226.344107][T10500] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1075'.
[  226.709768][ T5983] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  226.717433][T10511] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1081'.
[  226.829531][T10512] lo speed is unknown, defaulting to 1000
[  226.859855][ T5983] usb 9-1: Using ep0 maxpacket: 16
[  226.863732][ T5983] usb 9-1: too many configurations: 17, using maximum allowed: 8
[  226.868324][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.875525][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.882481][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.887024][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.896208][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.902007][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.908852][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.915465][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.922406][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.926869][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.932814][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.936168][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.941245][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.941905][T10512] lo speed is unknown, defaulting to 1000
[  226.944541][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.945783][ T5983] usb 9-1: config 0 has an invalid descriptor of length 12, skipping remainder of the config
[  226.954368][ T5983] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.958519][ T5983] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  226.961741][ T5983] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.966999][ T5983] usb 9-1: config 0 descriptor??
[  226.971316][ T5983] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[  227.276196][T10506] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1079'.
[  227.284952][T10524] wg1: entered promiscuous mode
[  227.287302][T10524] wg1: entered allmulticast mode
[  227.299677][ T5982] usb 9-1: USB disconnect, device number 7
[  227.429866][T10531] befs: (nullb0): No write support. Marking filesystem read-only
[  227.433812][T10531] befs: (nullb0): invalid magic header
[  227.775950][T10550] befs: (loop1): No write support. Marking filesystem read-only
[  227.786855][T10550] syz.0.1090: attempt to access beyond end of device
[  227.786855][T10550] loop1: rw=0, sector=0, nr_sectors = 2 limit=0
[  227.792909][T10550] befs: (loop1): unable to read superblock
[  227.889928][ T7286] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  228.041776][ T7286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  228.045460][ T7286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.048753][ T7286] usb 7-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  228.051991][ T7286] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.056202][ T7286] usb 7-1: config 0 descriptor??
[  228.263046][ T7286] usbhid 7-1:0.0: can't add hid device: -71
[  228.265201][ T7286] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  228.268907][ T7286] usb 7-1: USB disconnect, device number 18
[  228.299400][T10564] overlayfs: overlapping lowerdir path
[  228.601520][T10571] overlayfs: overlapping lowerdir path
[  228.601574][T10575] tipc: Started in network mode
[  228.605912][T10575] tipc: Node identity 4, cluster identity 4711
[  228.608131][T10575] tipc: Node number set to 4
[  228.617241][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1096'.
[  228.802824][T10582] netlink: 'syz.2.1097': attribute type 1 has an invalid length.
[  228.823909][T10582] netlink: 'syz.2.1097': attribute type 1 has an invalid length.
[  228.919282][T10593] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1101'.
[  228.920831][  T833] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  228.958617][T10593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1101'.
[  229.071805][  T833] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  229.079150][  T833] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  229.085584][  T833] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  229.090551][  T833] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  229.095300][  T833] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  229.101528][  T833] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  229.104484][  T833] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  229.107076][  T833] usb 5-1: Product: syz
[  229.108468][  T833] usb 5-1: Manufacturer: syz
[  229.114504][  T833] cdc_wdm 5-1:1.0: skipping garbage
[  229.116768][  T833] cdc_wdm 5-1:1.0: skipping garbage
[  229.119570][  T833] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  229.122076][  T833] cdc_wdm 5-1:1.0: Unknown control protocol
[  229.339809][ T7286] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  229.512898][ T7286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  229.517786][ T7286] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.523559][ T7286] usb 10-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  229.526551][ T7286] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.538173][ T7286] usb 10-1: config 0 descriptor??
[  229.576283][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -EPIPE
[  229.640612][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  229.640868][  T833] usb 5-1: USB disconnect, device number 17
[  229.642844][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  229.646882][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  229.701979][T10619] FAULT_INJECTION: forcing a failure.
[  229.701979][T10619] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  229.706684][T10619] CPU: 1 UID: 0 PID: 10619 Comm: syz.4.1108 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  229.706701][T10619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.706708][T10619] Call Trace:
[  229.706712][T10619]  <TASK>
[  229.706718][T10619]  dump_stack_lvl+0x16c/0x1f0
[  229.706737][T10619]  should_fail_ex+0x512/0x640
[  229.706756][T10619]  should_fail_alloc_page+0xe7/0x130
[  229.706772][T10619]  prepare_alloc_pages+0x3c2/0x610
[  229.706789][T10619]  ? rcu_is_watching+0x12/0xc0
[  229.706801][T10619]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  229.706814][T10619]  ? kasan_save_stack+0x33/0x60
[  229.706824][T10619]  ? kasan_save_track+0x14/0x30
[  229.706834][T10619]  ? __kasan_slab_alloc+0x89/0x90
[  229.706845][T10619]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  229.706856][T10619]  ? ptlock_alloc+0x1f/0x70
[  229.706866][T10619]  ? pte_alloc_one+0x6d/0x380
[  229.706877][T10619]  ? __pte_alloc+0x6d/0x3c0
[  229.706890][T10619]  ? do_pte_missing+0x2925/0x3fb0
[  229.706899][T10619]  ? __handle_mm_fault+0x103d/0x2a40
[  229.706908][T10619]  ? handle_mm_fault+0x3fe/0xad0
[  229.706917][T10619]  ? __get_user_pages+0x771/0x36f0
[  229.706932][T10619]  ? __gup_longterm_locked+0x20d/0x1850
[  229.706951][T10619]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  229.706965][T10619]  ? look_up_lock_class+0x59/0x150
[  229.706982][T10619]  ? __lock_acquire+0x5ca/0x1ba0
[  229.706997][T10619]  ? __lock_acquire+0x5ca/0x1ba0
[  229.707010][T10619]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  229.707026][T10619]  ? policy_nodemask+0xea/0x4e0
[  229.707041][T10619]  alloc_pages_mpol+0x1fb/0x550
[  229.707054][T10619]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  229.707067][T10619]  ? __lock_acquire+0x5ca/0x1ba0
[  229.707083][T10619]  folio_alloc_mpol_noprof+0x36/0x2f0
[  229.707099][T10619]  vma_alloc_folio_noprof+0xed/0x1e0
[  229.707114][T10619]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  229.707133][T10619]  do_pte_missing+0x223d/0x3fb0
[  229.707148][T10619]  __handle_mm_fault+0x103d/0x2a40
[  229.707163][T10619]  ? __pfx___handle_mm_fault+0x10/0x10
[  229.707173][T10619]  ? __pte_offset_map_lock+0x155/0x2f0
[  229.707188][T10619]  ? find_held_lock+0x2b/0x80
[  229.707198][T10619]  ? find_held_lock+0x2b/0x80
[  229.707228][T10619]  handle_mm_fault+0x3fe/0xad0
[  229.707244][T10619]  __get_user_pages+0x771/0x36f0
[  229.707265][T10619]  ? __pfx___get_user_pages+0x10/0x10
[  229.707282][T10619]  ? __pfx_down_read_killable+0x10/0x10
[  229.707291][T10619]  ? arch_stack_walk+0xa6/0x100
[  229.707308][T10619]  __gup_longterm_locked+0x20d/0x1850
[  229.707329][T10619]  ? __pfx___gup_longterm_locked+0x10/0x10
[  229.707347][T10619]  ? find_held_lock+0x2b/0x80
[  229.707357][T10619]  ? sanity_check_pinned_pages+0x23/0x11e0
[  229.707376][T10619]  gup_fast_fallback+0x183d/0x2650
[  229.707398][T10619]  ? __pfx_gup_fast_fallback+0x10/0x10
[  229.707421][T10619]  pin_user_pages_fast+0xa7/0xf0
[  229.707431][T10619]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  229.707440][T10619]  ? __kmalloc_noprof+0x242/0x510
[  229.707455][T10619]  rds_info_getsockopt+0x39f/0x4f0
[  229.707468][T10619]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  229.707478][T10619]  ? find_held_lock+0x2b/0x80
[  229.707488][T10619]  ? __might_fault+0x13b/0x190
[  229.707504][T10619]  rds_getsockopt+0x173/0x2d0
[  229.707517][T10619]  ? __pfx_rds_getsockopt+0x10/0x10
[  229.707533][T10619]  do_sock_getsockopt+0x3fc/0x800
[  229.707551][T10619]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  229.707565][T10619]  ? __fget_files+0x204/0x3c0
[  229.707582][T10619]  __sys_getsockopt+0x123/0x1a0
[  229.707597][T10619]  __ia32_sys_getsockopt+0xbc/0x160
[  229.707609][T10619]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.707623][T10619]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  229.707641][T10619]  __do_fast_syscall_32+0x73/0x120
[  229.707659][T10619]  do_fast_syscall_32+0x32/0x80
[  229.707675][T10619]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  229.707688][T10619] RIP: 0023:0xf708e579
[  229.707697][T10619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  229.707707][T10619] RSP: 002b:00000000f507e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  229.707717][T10619] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  229.707724][T10619] RDX: 000000000000271c RSI: 0000000080c35fff RDI: 0000000080000000
[  229.707730][T10619] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  229.707736][T10619] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.707741][T10619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  229.707755][T10619]  </TASK>
[  229.762379][ T7286] usbhid 10-1:0.0: can't add hid device: -71
[  229.864893][ T7286] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  229.869104][ T7286] usb 10-1: USB disconnect, device number 8
[  230.032377][T10628] overlayfs: overlapping lowerdir path
[  230.033337][T10627] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1111'.
[  230.228330][T10639] gfs2: gfs2 mount does not exist
[  230.975344][T10664] usb usb1: check_ctrlrecip: process 10664 (syz.4.1120) requesting ep 01 but needs 81
[  230.978836][T10664] usb usb1: usbfs: process 10664 (syz.4.1120) did not claim interface 0 before use
[  231.157409][T10662] nftables ruleset with unbound chain
[  231.314433][T10676] netlink: 3080 bytes leftover after parsing attributes in process `syz.4.1122'.
[  231.557441][T10685] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20001
[  231.826105][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  231.826120][   T40] audit: type=1326 audit(1747560787.768:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10698 comm="syz.5.1130" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8579 code=0x0
[  231.898221][T10705] fuse: Bad value for 'user_id'
[  231.900087][T10705] fuse: Bad value for 'user_id'
[  232.141266][ T9272] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  232.146791][T10710] overlayfs: overlapping lowerdir path
[  232.299891][ T9272] usb 10-1: Using ep0 maxpacket: 16
[  232.303121][ T9272] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.306433][ T9272] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  232.311297][ T9272] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  232.314253][ T9272] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.321140][ T9272] usb 10-1: config 0 descriptor??
[  232.326386][ T9272] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[  232.966032][T10737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1139'.
[  233.093938][T10726] [U] .ú
[  233.207595][T10740] overlayfs: statfs failed on './file1'
[  233.614350][T10748] FAULT_INJECTION: forcing a failure.
[  233.614350][T10748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.618773][T10748] CPU: 1 UID: 0 PID: 10748 Comm: syz.4.1143 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  233.618787][T10748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  233.618793][T10748] Call Trace:
[  233.618798][T10748]  <TASK>
[  233.618802][T10748]  dump_stack_lvl+0x16c/0x1f0
[  233.618821][T10748]  should_fail_ex+0x512/0x640
[  233.618840][T10748]  _copy_to_user+0x32/0xd0
[  233.618851][T10748]  simple_read_from_buffer+0xcb/0x170
[  233.618869][T10748]  proc_fail_nth_read+0x197/0x270
[  233.618884][T10748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.618900][T10748]  ? rw_verify_area+0xcf/0x680
[  233.618915][T10748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.618930][T10748]  vfs_read+0x1e1/0xc70
[  233.618942][T10748]  ? __pfx___mutex_lock+0x10/0x10
[  233.618971][T10748]  ? __pfx_vfs_read+0x10/0x10
[  233.618985][T10748]  ? __fget_files+0x20e/0x3c0
[  233.618999][T10748]  ksys_read+0x12a/0x240
[  233.619009][T10748]  ? __pfx_ksys_read+0x10/0x10
[  233.619020][T10748]  ? rcu_is_watching+0x12/0xc0
[  233.619033][T10748]  __do_fast_syscall_32+0x73/0x120
[  233.619050][T10748]  do_fast_syscall_32+0x32/0x80
[  233.619066][T10748]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  233.619079][T10748] RIP: 0023:0xf708e579
[  233.619087][T10748] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  233.619098][T10748] RSP: 002b:00000000f507e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  233.619108][T10748] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f507e620
[  233.619115][T10748] RDX: 000000000000000f RSI: 00000000f73f2ff4 RDI: 0000000000000000
[  233.619120][T10748] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  233.619126][T10748] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  233.619132][T10748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  233.619145][T10748]  </TASK>
[  233.749329][T10752] usb 2-1: USB disconnect, device number 2
[  233.810376][T10754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1146'.
[  233.992904][T10764] hub 2-0:1.0: USB hub found
[  233.995888][T10764] hub 2-0:1.0: 6 ports detected
[  234.339783][   T29] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  234.524049][   T29] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  234.527320][   T29] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  234.530296][   T29] usb 2-1: Product: QEMU USB Tablet
[  234.532585][   T29] usb 2-1: Manufacturer: QEMU
[  234.534276][   T29] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  234.559153][   T29] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0004/input/input18
[  234.636439][   T29] hid-generic 0003:0627:0001.0004: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  234.841213][   T29] usb 10-1: USB disconnect, device number 9
[  235.000609][T10785] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  235.002753][T10785] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  235.005639][T10785] vhci_hcd vhci_hcd.0: Device attached
[  235.034663][T10791] bridge15: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  235.172036][T10799] FAULT_INJECTION: forcing a failure.
[  235.172036][T10799] name failslab, interval 1, probability 0, space 0, times 0
[  235.176408][T10799] CPU: 0 UID: 0 PID: 10799 Comm: syz.0.1161 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  235.176423][T10799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.176429][T10799] Call Trace:
[  235.176434][T10799]  <TASK>
[  235.176438][T10799]  dump_stack_lvl+0x16c/0x1f0
[  235.176459][T10799]  should_fail_ex+0x512/0x640
[  235.176477][T10799]  should_failslab+0xc2/0x120
[  235.176491][T10799]  __kmalloc_cache_noprof+0x6a/0x3e0
[  235.176501][T10799]  ? do_raw_spin_lock+0x12c/0x2b0
[  235.176517][T10799]  ? find_held_lock+0x2b/0x80
[  235.176526][T10799]  ? async_schedule_node_domain+0x54/0x120
[  235.176541][T10799]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  235.176553][T10799]  async_schedule_node_domain+0x54/0x120
[  235.176566][T10799]  dev_cache_fw_image+0x38e/0x490
[  235.176584][T10799]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  235.176603][T10799]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  235.176620][T10799]  dpm_for_each_dev+0x5a/0xb0
[  235.176635][T10799]  fw_pm_notify+0x81/0x150
[  235.176650][T10799]  notifier_call_chain+0xbc/0x410
[  235.176661][T10799]  ? __pfx_fw_pm_notify+0x10/0x10
[  235.176679][T10799]  blocking_notifier_call_chain_robust+0xc8/0x160
[  235.176694][T10799]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  235.176709][T10799]  ? do_raw_spin_unlock+0x172/0x230
[  235.176727][T10799]  pm_notifier_call_chain_robust+0x27/0x60
[  235.176741][T10799]  snapshot_open+0x189/0x2b0
[  235.176753][T10799]  ? __pfx_snapshot_open+0x10/0x10
[  235.176766][T10799]  misc_open+0x35d/0x420
[  235.176776][T10799]  ? __pfx_misc_open+0x10/0x10
[  235.176786][T10799]  chrdev_open+0x234/0x6a0
[  235.176797][T10799]  ? __pfx_apparmor_file_open+0x10/0x10
[  235.176812][T10799]  ? __pfx_chrdev_open+0x10/0x10
[  235.176824][T10799]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  235.176843][T10799]  do_dentry_open+0x744/0x1c10
[  235.176855][T10799]  ? __pfx_chrdev_open+0x10/0x10
[  235.176869][T10799]  vfs_open+0x82/0x3f0
[  235.176885][T10799]  path_openat+0x1e5e/0x2d40
[  235.176902][T10799]  ? __pfx_path_openat+0x10/0x10
[  235.176916][T10799]  do_filp_open+0x20b/0x470
[  235.176927][T10799]  ? __pfx_do_filp_open+0x10/0x10
[  235.176948][T10799]  ? alloc_fd+0x471/0x7d0
[  235.176969][T10799]  do_sys_openat2+0x11b/0x1d0
[  235.176983][T10799]  ? __pfx_do_sys_openat2+0x10/0x10
[  235.176998][T10799]  ? __fget_files+0x20e/0x3c0
[  235.177011][T10799]  __ia32_compat_sys_openat+0x16d/0x210
[  235.177026][T10799]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  235.177065][T10799]  ? ksys_write+0x1b9/0x240
[  235.177084][T10799]  ? rcu_is_watching+0x12/0xc0
[  235.177100][T10799]  __do_fast_syscall_32+0x73/0x120
[  235.177118][T10799]  do_fast_syscall_32+0x32/0x80
[  235.177134][T10799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.177147][T10799] RIP: 0023:0xf7f96579
[  235.177156][T10799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.177167][T10799] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  235.177177][T10799] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  235.177183][T10799] RDX: 0000000000007600 RSI: 000000000000feff RDI: 0000000000000000
[  235.177189][T10799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.177195][T10799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.177200][T10799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.177214][T10799]  </TASK>
[  235.294121][T10799] 
[  235.295213][T10799] ============================================
[  235.296298][ T7546] vhci_hcd: vhci_device speed not set
[  235.297283][T10799] WARNING: possible recursive locking detected
[  235.297291][T10799] 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 Not tainted
[  235.305181][T10799] --------------------------------------------
[  235.307533][T10799] syz.0.1161/10799 is trying to acquire lock:
[  235.309585][T10799] ffffffff8f2f5988 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640
[  235.312200][T10799] 
[  235.312200][T10799] but task is already holding lock:
[  235.314632][T10799] ffffffff8f2f5988 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  235.317413][T10799] 
[  235.317413][T10799] other info that might help us debug this:
[  235.320067][T10799]  Possible unsafe locking scenario:
[  235.320067][T10799] 
[  235.322421][T10799]        CPU0
[  235.323526][T10799]        ----
[  235.324647][T10799]   lock(fw_lock);
[  235.325915][T10799]   lock(fw_lock);
[  235.327224][T10799] 
[  235.327224][T10799]  *** DEADLOCK ***
[  235.327224][T10799] 
[  235.329911][T10799]  May be due to missing lock nesting notation
[  235.329911][T10799] 
[  235.332591][T10799] 5 locks held by syz.0.1161/10799:
[  235.334424][T10799]  #0: ffffffff8f0e6088 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420
[  235.337197][T10799]  #1: ffffffff8e283c48 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0
[  235.340505][T10799]  #2: ffffffff8e2c3790 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160
[  235.344285][T10799]  #3: ffffffff8f2f5988 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150
[  235.347135][T10799]  #4: ffffffff8f2f05a8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0
[  235.350185][T10799] 
[  235.350185][T10799] stack backtrace:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  235.352267][T10799] CPU: 1 UID: 0 PID: 10799 Comm: syz.0.1161 Not tainted 6.15.0-rc6-syzkaller-00346-g5723cc3450bc #0 PREEMPT(full) 
[  235.352282][T10799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  235.352288][T10799] Call Trace:
[  235.352293][T10799]  <TASK>
[  235.352299][T10799]  dump_stack_lvl+0x116/0x1f0
[  235.352317][T10799]  print_deadlock_bug+0x1e9/0x240
[  235.352331][T10799]  __lock_acquire+0xff7/0x1ba0
[  235.352345][T10799]  ? __kasan_slab_free+0x51/0x70
[  235.352358][T10799]  lock_acquire+0x179/0x350
[  235.352371][T10799]  ? assign_fw+0x4e/0x640
[  235.352381][T10799]  ? __pfx___might_resched+0x10/0x10
[  235.352392][T10799]  ? do_sys_openat2+0x11b/0x1d0
[  235.352405][T10799]  ? __ia32_compat_sys_openat+0x16d/0x210
[  235.352420][T10799]  ? __do_fast_syscall_32+0x73/0x120
[  235.352436][T10799]  __mutex_lock+0x199/0xb90
[  235.352451][T10799]  ? assign_fw+0x4e/0x640
[  235.352460][T10799]  ? assign_fw+0x4e/0x640
[  235.352468][T10799]  ? __pfx___mutex_lock+0x10/0x10
[  235.352485][T10799]  ? kasan_quarantine_put+0x10a/0x240
[  235.352496][T10799]  ? lockdep_hardirqs_on+0x7c/0x110
[  235.352511][T10799]  ? assign_fw+0x4e/0x640
[  235.352519][T10799]  assign_fw+0x4e/0x640
[  235.352527][T10799]  ? _request_firmware+0x957/0x1470
[  235.352536][T10799]  _request_firmware+0x988/0x1470
[  235.352548][T10799]  ? __pfx__request_firmware+0x10/0x10
[  235.352557][T10799]  ? dump_stack_lvl+0x185/0x1f0
[  235.352571][T10799]  ? lockdep_hardirqs_on+0x7c/0x110
[  235.352586][T10799]  __async_dev_cache_fw_image+0xb1/0x340
[  235.352596][T10799]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  235.352607][T10799]  ? mark_held_locks+0x49/0x80
[  235.352619][T10799]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  235.352634][T10799]  ? __pfx___async_dev_cache_fw_image+0x10/0x10
[  235.352644][T10799]  async_schedule_node_domain+0xd4/0x120
[  235.352657][T10799]  dev_cache_fw_image+0x38e/0x490
[  235.352673][T10799]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  235.352689][T10799]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  235.352705][T10799]  dpm_for_each_dev+0x5a/0xb0
[  235.352719][T10799]  fw_pm_notify+0x81/0x150
[  235.352733][T10799]  notifier_call_chain+0xbc/0x410
[  235.352746][T10799]  ? __pfx_fw_pm_notify+0x10/0x10
[  235.352761][T10799]  blocking_notifier_call_chain_robust+0xc8/0x160
[  235.352775][T10799]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  235.352789][T10799]  ? do_raw_spin_unlock+0x172/0x230
[  235.352805][T10799]  pm_notifier_call_chain_robust+0x27/0x60
[  235.352819][T10799]  snapshot_open+0x189/0x2b0
[  235.352830][T10799]  ? __pfx_snapshot_open+0x10/0x10
[  235.352842][T10799]  misc_open+0x35d/0x420
[  235.352852][T10799]  ? __pfx_misc_open+0x10/0x10
[  235.352861][T10799]  chrdev_open+0x234/0x6a0
[  235.352871][T10799]  ? __pfx_apparmor_file_open+0x10/0x10
[  235.352885][T10799]  ? __pfx_chrdev_open+0x10/0x10
[  235.352896][T10799]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  235.352913][T10799]  do_dentry_open+0x744/0x1c10
[  235.352924][T10799]  ? __pfx_chrdev_open+0x10/0x10
[  235.352936][T10799]  vfs_open+0x82/0x3f0
[  235.352949][T10799]  path_openat+0x1e5e/0x2d40
[  235.352961][T10799]  ? __pfx_path_openat+0x10/0x10
[  235.352972][T10799]  do_filp_open+0x20b/0x470
[  235.352981][T10799]  ? __pfx_do_filp_open+0x10/0x10
[  235.352995][T10799]  ? alloc_fd+0x471/0x7d0
[  235.353011][T10799]  do_sys_openat2+0x11b/0x1d0
[  235.353025][T10799]  ? __pfx_do_sys_openat2+0x10/0x10
[  235.353057][T10799]  ? __fget_files+0x20e/0x3c0
[  235.353067][T10799]  __ia32_compat_sys_openat+0x16d/0x210
[  235.353082][T10799]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  235.353096][T10799]  ? ksys_write+0x1b9/0x240
[  235.353107][T10799]  ? rcu_is_watching+0x12/0xc0
[  235.353117][T10799]  __do_fast_syscall_32+0x73/0x120
[  235.353133][T10799]  do_fast_syscall_32+0x32/0x80
[  235.353148][T10799]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  235.353161][T10799] RIP: 0023:0xf7f96579
[  235.353170][T10799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  235.353180][T10799] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  235.353190][T10799] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0
[  235.353196][T10799] RDX: 0000000000007600 RSI: 000000000000feff RDI: 0000000000000000
[  235.353202][T10799] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  235.353208][T10799] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  235.353214][T10799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  235.353227][T10799]  </TASK>
[  235.499209][ T7546] usb 45-1: new full-speed USB device number 3 using vhci_hcd
[  235.503714][T10788] vhci_hcd: connection closed
[  235.503853][ T1107] vhci_hcd: stop threads
[  235.506973][ T1107] vhci_hcd: release socket
[  235.508521][ T1107] vhci_hcd: disconnect device
[  240.631750][ T7546] vhci_hcd: vhci_device speed not set

VM DIAGNOSIS:
09:33:11  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b33f880 RCX=ffffffff81aea149 RDX=ffff888025442440
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900067d7930
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff9ad84818
R12=ffffed1005667f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180
RIP=ffffffff81baa992 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f50b5fac CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d800000000 0000000300000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000e000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854c5bf5 RDI=ffffffff9ade4c80 RBP=ffffffff9ade4c40 RSP=ffffc900075cecf8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36
R12=0000000000000000 R13=0000000000000063 R14=ffffffff9ade4c40 R15=ffffffff854c5b90
RIP=ffffffff854c5c1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880978e7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de0fffc CR3=0000000022cf1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000003 RBX=ffff8880408b9a98 RCX=ffffffff822acd61 RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc90004fcf060
R8 =0000000000000000 R9 =ffffed1008117353 R10=ffff8880408b9a9b R11=0000000000007c2b
R12=ffff8880408b9a50 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81baab18 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979e7000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5113330 CR3=000000002339c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000080000 RBX=ffff88802b3414a0 RCX=ffffc9000d4e1000 RDX=0000000000080000
RSI=ffffffff81aea123 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000687eda0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed1005668295 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b53b180
RIP=ffffffff81aea125 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097ae7000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002de14ffc CR3=00000000257b5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000