last executing test programs:

17m23.788407515s ago: executing program 0 (id=136):
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x4, 0x9)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r3, 0x400, 0x1)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r4, &(0x7f0000001440)=""/126, 0x7e, 0x41)
close(0x3)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x3850, &(0x7f0000000200)={0x0, 0x99db, 0x1000, 0x0, 0x1}, &(0x7f0000002000)=<r7=>0x0, &(0x7f00000002c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r6, 0x48e9, 0x0, 0x2, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
syz_open_dev$vivid(&(0x7f0000000080), 0x3, 0x2)
r9 = dup2(r2, r2)
r10 = socket(0x2b, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
futex(0x0, 0x5, 0x2, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x1)
r11 = socket(0x2b, 0x1, 0x1)
bind$inet6(r11, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast1, 0xb}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r10, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x0, 0x4}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r12=>r5, {0xee01, 0xee00}}, './file0\x00'})
sendmmsg$unix(r12, &(0x7f0000008380), 0x800000000000087, 0x4008890)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)

17m22.728694118s ago: executing program 0 (id=137):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x5f, 0x1)
ioctl$IOC_PR_REGISTER(r2, 0x401870c8, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x3, 0x12)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0x32, 0x0, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x20000000, 0x40800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000380)={r7, 0x0, 0x1ff, 0x0, 0x0, [], [0x9, 0x0, 0x0, 0x8], [0x3, 0x20000000, 0x100, 0xd], [0x1000010000000, 0x0, 0x7fffffffffffffff]})
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2f, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}, {{0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x100b}}}, 0x108)

17m20.744244275s ago: executing program 0 (id=143):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x40, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}]}, 0x40}}, 0x400c002)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000002b40), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x820}, 0x20004004)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4001)
setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f00000002c0)=0x3, 0x4)
keyctl$read(0x2, 0x0, 0x0, 0x0)
r6 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000a00))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000a80)={0x60, 0x0, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4c})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff1085000000ae00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x79, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(blake2b-256-generic)\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x14, 0x2, 0x3, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

17m20.570083379s ago: executing program 0 (id=145):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000000c0)=0x41)
pwritev(r0, &(0x7f0000000040), 0x0, 0x5, 0x0)

17m20.171482282s ago: executing program 0 (id=147):
r0 = syz_io_uring_setup(0x190, &(0x7f00000003c0)={0x0, 0xfad6, 0x0, 0x1004001, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000200000001"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x7, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0}, 0x0, 0x8, &(0x7f0000000300))
pipe2(&(0x7f0000000040), 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r4, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
io_uring_enter(r0, 0x133d, 0x3e000000, 0x8, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x1, {0x6, 0x6d4}, 0xf0}, 0x1)
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000000c0))
connect$pptp(r5, &(0x7f0000000080)={0x18, 0x2, {0x0, @remote}}, 0x1e)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
r6 = fsopen(&(0x7f0000000040)='fusectl\x00', 0x0)
fsmount(r6, 0x1, 0x8b)
fsconfig$FSCONFIG_SET_FLAG(r6, 0x5, &(0x7f00000020c0)='ro\x00', 0x0, 0x0)

17m19.726039037s ago: executing program 0 (id=148):
socket$packet(0x11, 0x2, 0x300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x3, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x2}}}, @TCA_RATE={0x6, 0x5, {0x4}}]}, 0x44}}, 0x4004090)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'dvmrp0\x00', 0xe43986f95b0e4309})
ioctl$TUNGETSNDBUF(r4, 0x400454dc, &(0x7f0000001700))
socketpair(0x11, 0x3, 0x80000001, &(0x7f0000000140))
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r6, &(0x7f0000000700)=ANY=[@ANYBLOB="1c0000f5000000000000000000000000000064ace26000442f01fe880000000000000000000000000001200100000000000000000000000000000c21880b00000002000008000c0086dd080000003e080022eb000000032248256102000000fffffffbf587051a0800655800000002535997f17d2cfa39b86689afe86121bd5ec116c1828489eb3a3ace2285865c2a85b2a22ba4b29ec7599b8f04c22c774cff2fa0fcf08d073c37d1ae70db4f02cb408f5f2b5a9ba8a0b7ea8b780be699205d9252e976d45ff384e9b9cdd2e3bf8533b1618fa30ee5cf8ec0ee6e184da246d0ffa04732bc061cdaf0e26e11394a925723025667b8fbeac9d200"/264], 0x7e)
write$cgroup_int(r5, &(0x7f0000000000)=0x2b00, 0x12)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800)

17m19.349149015s ago: executing program 32 (id=148):
socket$packet(0x11, 0x2, 0x300)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x3, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x3, 0x2}}}, @TCA_RATE={0x6, 0x5, {0x4}}]}, 0x44}}, 0x4004090)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'dvmrp0\x00', 0xe43986f95b0e4309})
ioctl$TUNGETSNDBUF(r4, 0x400454dc, &(0x7f0000001700))
socketpair(0x11, 0x3, 0x80000001, &(0x7f0000000140))
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r6, &(0x7f0000000700)=ANY=[@ANYBLOB="1c0000f5000000000000000000000000000064ace26000442f01fe880000000000000000000000000001200100000000000000000000000000000c21880b00000002000008000c0086dd080000003e080022eb000000032248256102000000fffffffbf587051a0800655800000002535997f17d2cfa39b86689afe86121bd5ec116c1828489eb3a3ace2285865c2a85b2a22ba4b29ec7599b8f04c22c774cff2fa0fcf08d073c37d1ae70db4f02cb408f5f2b5a9ba8a0b7ea8b780be699205d9252e976d45ff384e9b9cdd2e3bf8533b1618fa30ee5cf8ec0ee6e184da246d0ffa04732bc061cdaf0e26e11394a925723025667b8fbeac9d200"/264], 0x7e)
write$cgroup_int(r5, &(0x7f0000000000)=0x2b00, 0x12)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800)

16m3.958085333s ago: executing program 4 (id=367):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x40, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}]}, 0x40}}, 0x400c002)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000002b40), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x820}, 0x20004004)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x98, 0x0, 0x20, 0x70bd2d, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9}, {0x6}}, {@pci={{0x8}, {0x11}}, {0x8}, {0x6, 0x11, 0x24c2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6}}]}, 0x98}, 0x1, 0x0, 0x0, 0x4000}, 0x4001)
setsockopt$netlink_NETLINK_CAP_ACK(r2, 0x10e, 0xa, &(0x7f00000002c0)=0x3, 0x4)
keyctl$read(0x2, 0x0, 0x0, 0x0)
r6 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000a00))
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000a80)={0x60, 0x0, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4c})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(blake2b-256-generic)\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)={0x14, 0x2, 0x3, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

16m3.634591972s ago: executing program 4 (id=370):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x83, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8, 0x0, 0x8000]})
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='io_uring_task_add\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r7, 0x10e, 0xc, &(0x7f00000000c0)=0x8004, 0x4)
sendmsg$netlink(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000640)={0x1010, 0x56, 0x601, 0x0, 0x0, "", [@generic="1238c77b55343dc4c442d5fef8f39c407006da215bf4cb0f6c8ac321b00f8ebb7f1b367ea05b7c7b629b28c48c4f5b0449a27bae150588ded106eb23bf2099c68ce6cf741a8593d9f34f4b367135837dfb9ee5996c27e562e34e978f9217ddff5f9ebca55789a9427e2bdf3f857cf71b8f1a44fb8fe8d8aff1c51999d20e7b870333fddf030d8e846cb208d5606d72222e63d239cb343afbdb1c3da876f73c15d16f54908ebec06e6acd2e9cd0d125011c718230ffde5d362d077d700dd431292231c8dbea52587f195ad73c858ad995b10fe0bf5ceb2c06a6563ccdfe822ad8d0e2acb04c94f1f726bacb5d705075400d6f9cbfdaf4b7e5243d52c455743979904977b2acb7f56a44c96a49052184ad5741a64073043fcba61981fadb0bf8402e077ffcb81d3888de53d9850cf5e25af7aecbe370f7aa2928cae2d15f080334e437ad217d130862e203ce33262d0858040f7c09f6df588f64a2d33c6e695e9675e29a3f823b9fb762601729279e477c7ae5af5e4b5a79365774d314e97e6a0b4a4e2c4e2e1d9c559cec6aef84ed138134a6ba48c1cecd47d458b0a8a5df5cfcb9dea870eb5ae4ffa0f3b934691f8a0494c481a2cf0a3805fb041bede1fa97a80909e60a4eecf4dad29ee1f216b2303c65ccd5f03246a58619e02b46057560116182407c42ae84160246b4645c31b71c0abf0abe6872b458b000b535081765eab03100bf0efcf93f14c8bd08a699823738fa2a8b0573abefb4df5b5e9337c674931e7b3805e686056d9e8ee0bb3067f3cd866cf0a6d15eaa26ac3027ec49398fb358f8057b0a06e6e4d43b7294b6798044d6b55e429c2e7e5fd471030821601b90cb8bd13d33a41dd23aa1cb2f0baace9d5004f5334e4b0c412582c839b65ac698b06450bac7d6dbd27f3960644482b4adc5fd4154b7fb6e5c880f290f1eb39f68031bd4cd55a8c1971f8f21dd295c589b9e771498d1bdc74e37824b4c461fe9a35069d92b784db731da44a06ad81526c24d0475f2269be69feb37b401923a336f63acd9fdc0cb123821b58cb477978f7534bc0bb17da95f323fee2b5c9847888b5e50997c29e11e26df9d85062d19825b3361ff9d6c3326469138cbdcd8c3a56900d515dd5ef2c4498b1be0e96dcc788374ddd82431ec2c5caa6b8d62e60838d57a36b98498c88564f209a077618a47fe4f18d2f932f02b24379991e7ce300ac9bb88611637067347c91e76248ccfb85d370bffd67dfe4a3653347dd6284cd9d61c4cbd136bd6295f1bab8fbd1c1052746493d54865f1ffa6b4519968687967eb5ae67a555c19de712abc35571876b8afe40c11b425e40c636a5cfe8b3cbfd23b35ddfa5038891f286661aaea93c399cf53afb434a4afa52b04ef2d1fd4e35f75ee9b33938e7b37d209dbbca114146fda29ab6ea7cb08a06ae9c95b6b1074516d1da5a866967d4952eb74574ae69ddc4d0d011fa4b42edd2341cc7e7f9dd5228b413db0eb924605c428844f7d0c1428723ef1085c82e40ca575d22155497f2efac3f02086a848ef73100ec8bf190212f8e0389f2b39f178861a2711b8dd4b3b78fe0e27cff37105f4e13f402a6a056805f4468ed5c226bb53a328b1aeeb0062d7d87011e65c826ce8c533f0ad3e1b195f420df38e7215fdd58f4297d8f6abc3aa6c6a0fdf4e4bd5d3e227e64fe2e8bd3da1b9281683da79b2e32dc457b73407833bb64a445843b74605358b09350a5d23402b11489b44cb45aa2e9a61445a5c4933a36a7b0a80822465645472a28991247230efea8ffdd8c0e133eada55b47c73f5fe79c34f8ca0bffa0aa784c8690ff0e4323e79235dcb80d537c09e6ad0412cb6e72c97f26b5fb767e2365795c4986f90b730d68778e6f1fcdc86e1b840848c1e17eec828941d2e5b018699edd8f463b7cfa29d30087a2e613c6a6106a28e71487ab5c80d581757239f2e3fd15fa76edafeac930219b8962cac1b18ee0f6f69da0923ecc78770466f83111f7b6384d6b4b09443d389de16545296d6b677f19496fb918b57f77aefdf30baf9633ea913c23f6341d07a6f0c6c730fb480edb279c603cf601df62242d15a51512670913f8f3a8cc743a3790a7a830cb4550fe07a6ffd3e7c1ec4a3e6f139ebb67197cec0dd08ebcf6d09273775fecdbcec0975eb0aec864b036d6e027c178a03510d64618006b29fa85cf00a1bf895e3449ba444cddf827602438632e280215462039f95dc6a1cd147979764a795010b3bf43a870ac34abf52bf4aefccb87e9bf5271aae388cbfbad1c8ff06f8b66d970d3e4512095f35381a7a5a66a3b98651ffe2ef9b72681e6af7ea7b5924a21fcc15f4ebe9ac8ae93eda08dee01b7c2a282d1781ad5ae366a6d1d32ce51990d95b9ea95e47c7d5373c8bc2fcef251c11b0d8c96fd1cd3527cb7cd07e9416f1e997459eb7a821e90e57b3d56e514bac9e79bae8f2a7bf55d89287d849c56b83093c51894769afa021e94aaf8c3e3e6b314bd06f6e2287638cb0921b9a33298912e26135423b2aede83a1b42dd095e5b4eb0a5a94717a5330309267c205230406e423759919f18ca4b0ae25fa2f640a702cbeea1bee46fdf271dbacd8830607ce166aebe4dd23847e62752c9bcfcc9fc08a395cc19adb7faadd9bc2a7f2c22b793d34f729a0facb14f0f467187f9109f3b35011c2f2a4447d85996e6fb309d6457f121400fa5839fff10d656a2e33c5bfab590ad637ba0dc6071b6c0f9dbbda25de268b1a3a0c549ac8e3aee0288e7a029c633920d15176972674405f15e2b8f7d1852663bb74b82fe34239428a2344430bbf7ec0d91a6cd7d11706c6c9bfd67c48c882951cdb0e342a019f71fb8487da284a0d660fb1a43e3f47328c6e091d441e7c2c104041e19eee4a80d0b7a63e48275210b48047b8e2eb8b58a4e4a7c6d10ce9d58230e1a7493200048bff1ac819195b2c89920daa5918fad5b6a1d794d5c58dace1c2ee2ae5c46e25eb4796a4c3253fd7d7f2bdb24165331790031fa96b9f4ad0ab8249a3d46b1472a2cfb43adbae5e1b3d41b165f50f86b377ca3f2a68380d0a561fc09c6bddb9c1c18ddb0bfb8b9f4c1d5ec109f7147a76dbb4a783d6635a9cb346e3eeb9cb33001afc6933b3d530a835fdb2c85037d5639f4fa3f5438370579a516744ca28de19f6c9417b2e17dfa4202ae1f6aedf51f9eee4c44541046afe2d5b91c900c57194f4c8817278ff2a30ad7abb01689137446dd384921d8402efe1d27d151806eb67018ebfda2851ab13193d13a45e46bb426a1216b4d7bc713d8b36aee89e6e28e24dc9af61ae7cab690ffe263f3061af94a0d2b74b5bee31ff93248c1fb8edb3f3a9aa988aa982cc748f1a3916e5fef627c92de027c2f94883fb9aa18c35f32960e825f8d49475e9ef4215d579e476c2e687d5c3cb2f0f23f7252ece5626932580d2dbd4bf47171218e8ad1dc31e478a9244c79599226677842940e33f7c6c310646a844680e0fb02c379ec68ecc558ddaf2ed27d270f8cc6a5930c8d7c944aefde3305997a89395334a4e95e4da53873dcd00af86ea302bd0ae8864d1f7bc34bc2822aa83f09a1f4125d76967d01c218122a092a750af8a347aa9cf55ca4c30276cec4d972e80cd33b14359143b8c574a7ce447b7bbad781ece9df54387a0700dcc9d6669c0873b4216a59376c9b564efbbfd901bba76ff3085db0c6a5932012180356a816395eb97ff54c8ca4ef0204051b2b7eca925beecc4d0fbc7f5208fc6df6f6c285f150a0d1443439477c15bce458fecd9e17e5b7c1023cd2ebbe47b4ed5a29dece48a3bad8932c9177f1178ec22ba60aa74c4b403ebd6c7f3877c6d75e9eb6c58ce523e5f76d6f334a4bf73c1196651b00758d06bbe7132aae9d0d830aab7280380df0409ac0a96bdd74ff816b8125ab1dfa5adeb531aeb01b2942548cba81c9b12898c393f7f925be672331070cfa670f75b36d28809c61323031c4c8d8be4567c8147b0322d722f8dafbfdf6700d1911aaed857852898233d19a65e03ce5f65cf8b51a849a0949412d9aa6ee290d2a77e2b75589db87e943c4b4a69b83d70190ad4a7acab40ec64fb90766ef514c788157685dd7a7c69d0d13a6721df118cd03e5438d829d8855a0eb072f9e8f62433e4c0529533b33be1f290a39987f4f19b468cd75b6a4652fd906b791c119cedf9db1679cec21542820533051286cb451a3d4149431e14edbdf27d943693da133f4216e639ea28632927ce106bf7023ae625e138228183fb1721bcc750066e725702a4d639387a60bd510cd0daf29cd1a1d8e1ce969860ddf9594d266a1051313ef19a0db57a12bf0ec8277879b8b537b480b7776e615e888278b0de1f39a56e654f48eba0f0fb053b643cad930fc0a87a34afe222a61b0d6286c447736eb35549a5fb6c0020ae729c405795c2819d24d3419d6c9b3007104eb06dcc7d0a5ae4c0c8951922467a96b6b13bb7e34b42abf608d2aa4720c390a56d3884e40616d9488db672f7761f1c0cfa8ebe4f874f6fe4bb1012693ad739f59767805f872800bc1245cd6d3666a0bc3f918d09518c1e518fc6be79239aef8182358366c54ea7ee3fec3e0e2419ece2ee723463a5fff262445c13fa8d2dbcdaea739c65fbe3dc2c54716d58464eb2a70bacfbacf2945b56d14e426f6c0191dfded9e8f385633746669ce5aa6d50645575b6b300458caa0f913fe9849c7d4753ce4be881d01a753f0d611325dfa409726340e178c651b8ef44434287ab87b8dc8b5c5365b56a82782fd29b353d812cc006ac1d031b7b4e77d332349b7fb30a690e73680692281e1c2e787ff4a4f62a4341ccba4a08fea1514210554b5fb89a1456710b1ee41cd3b694e13a2f6fb8e6ddbf039698b2658ca8d3df5ebca80aa33ee694eda0e069f6de102078b011b96b7630d1c1389d07411b90c9e278ae12dbac4ca5f0821e190423d8159428e59d6bc0cbf9575278521ed64268c457e6a963fb93616c2d69ca23e73296e157bdb90fbf7b9e1d245afd8f12a93bdcc79ea94c431284c91d39e08e267d4b0d1484ae83a712d3fc7fbeca7d7497bfe003cf4b1e56d309fd56da58bbfc167779c3bcff967f21deb7ef841af0ab20459394b9cacb2b3f2a90e7e748a8cb941a7c7b021c4519e95c3745f2870c5b69fe7923961b8a761d2d063d545cba4001e0e7bebe2eb1c28086ed20cbc9ecaec3a5d6d1533d8892f42febf3ff6753e09a3db1464654f40e40f4041aef9c9708667713d04a7d2b6d920686f54c07bf32943fdf7f6b1aa6f3867c676f3e053d387b7ccba8b731f81bd40d4edb8371c809a0a9ec38f334c99cd7f4994bd4ca0f1cf6725cb4fc7632d8f950dd6d7951aaac8cb5603a66f2b65e7a51a0f36cc9beef0744f02c2ee7be9716fbfd944c5ba991587699032e4f657be49f9e1aa948421dfd2bc430bf643005dc963ac1be66b8bd60c5ce042dbc2e0cd9177d9346dccb00482a71f6f169da80f2be44a3c36037551c8d9de9e36c71d6d82ac7938c42af8a09e689e87c93ec13e3d25fcca929dd72e85f98d6840a70f03cd03d5bba0e5c4b8ffb75742c0572701e7908bd3b3108ea0fe6cbb6855cbfebd3e5a8b245a856a833ecc56cde0f317f6a9459b9756204c6eaf1ac4151774d2209af1992609a7f8264d8db4f226583b576ee82f9974c215bb0eb71709ed17549e89e4747da24d31a19f5f53bf19d59200de3137d68b880a40e30a1cc7de343f1ec8fe99fc2f5fa7e7beb7208451a319cf367f2915d63a7cf1f7ff501d59"]}, 0x1010}], 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r8 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r8, 0xc034564b, &(0x7f0000000100)={0x0, 0x59455247, 0x500, 0x3c0, 0x1, @discrete={0x7fff, 0xfff}})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4004004)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r0, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

16m2.201997787s ago: executing program 4 (id=373):
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x0, 0x84)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x7, @mcast2, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000140)="5945c2cfde736801d18898787e553cd6b04018a4ad721d122ee7ed04b3af87201d1d8335eebf33c3e0db1cb2feeeb68c3257e0413943a5f246f242fb2e41d3a28696183e1ad3fc3d4e78a727b36751f001123dc6e26890e22546fd010a0b91", 0x5f}, {&(0x7f0000000240)="81f991e1e5b5f0fdb5a0a759beffeb7fccc427668fdf71e59bf1a9afdfd944acc2c351a4bef5b8ca77607ef267d76053f43ef3c45d1addbc770ca0ca4bc0651be42364a10a5bf3793735d2d6", 0x4c}, {&(0x7f0000000040)="5a3318c2f89090654d1d", 0xa}, {&(0x7f00000000c0)="95ce2a7714139ca8b314277e8a106eda2d892f19bd01ee74a29b07b1ce5893cc", 0x20}, {&(0x7f00000003c0)="b008a422559efe4e4397a997142b608a4a670e72271751607412edb4cc3130ffe82ef512482211017a0ae6693745ecfc27d43a1faca2e083432de229ac399f1a25b19788e6ef9f1ea0e5217139316e3ab60e5fd05ce3a9da8121164301f99c7de2f77527e020b0a181bced3b455c1185d4f6291457799d64d3eba546c1ac6673e8", 0x81}], 0x5, &(0x7f0000000500)=[@dstaddrv6={0x1c, 0x84, 0x8, @local}, @dstaddrv6={0x1c, 0x84, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}], 0x38, 0x20000080}, 0x4040000)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000005c0)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10}, {0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0x7, 0x2, 0x8, 0x0, 0x0, 0x0, 0xfe, 0xfc}, {0x3000, 0x8000000, 0x0, 0x8, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, {0x10000, 0x1, 0xd, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x3c, 0x0, 0x13}, {0x10000, 0x3000, 0x0, 0x0, 0x0, 0x3, 0x2}, {0x0, 0x5000, 0xe, 0xfe}, {0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0x8f, 0x0, 0xa, 0x26, 0x4}, {0x80a0000}, {0xdddd1000, 0x8}, 0xddf8ffdb, 0x0, 0x0, 0x2b, 0x0, 0x3800, 0x0, [0x0, 0x0, 0x1]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = epoll_create1(0x80000)
epoll_wait(r4, &(0x7f0000000200)=[{}], 0x1, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e793763616368653d667363616368652c76657273696f6e3d3970323030302e75"])
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

16m1.715439134s ago: executing program 4 (id=375):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x3, 0xff)
getsockopt$inet6_opts(r1, 0x3a, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file1\x00')
socket$packet(0x11, 0x3, 0x300)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/80, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000002c0)={0x1, r4})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$9p_virtio(0x0, 0x0, &(0x7f0000000200), 0x1000012, 0x0)
chdir(0x0)

15m58.564600206s ago: executing program 4 (id=382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f00000003c0)="7993ff01190000e5ffa53b00008f", 0x0, 0x400, 0x503, 0xf000, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x4}, 0x50)

15m58.433255416s ago: executing program 4 (id=384):
r0 = openat$nmem0(0xffffff9c, &(0x7f0000000080), 0x1330c0, 0x0)
connect$phonet_pipe(r0, &(0x7f00000000c0)={0x23, 0x2, 0x4, 0x77}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0xa, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000100)="a1f872478e76a81b13ce", 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_setup(0x55fb, &(0x7f0000000180)={0x0, 0x2fb4, 0xc6, 0x6, 0xe2}, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x2d, 0x2, 0x0)
getrlimit(0x4, &(0x7f0000000200))
sendmsg$RDMA_NLDEV_CMD_DELLINK(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x100000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x20, 0x1411, 0x1, 0x70bd2d, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
move_pages(0x0, 0x8, &(0x7f0000000000)=[&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fee000/0x10000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff0000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0)

15m41.936012095s ago: executing program 33 (id=384):
r0 = openat$nmem0(0xffffff9c, &(0x7f0000000080), 0x1330c0, 0x0)
connect$phonet_pipe(r0, &(0x7f00000000c0)={0x23, 0x2, 0x4, 0x77}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0xa, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000100)="a1f872478e76a81b13ce", 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_setup(0x55fb, &(0x7f0000000180)={0x0, 0x2fb4, 0xc6, 0x6, 0xe2}, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x2d, 0x2, 0x0)
getrlimit(0x4, &(0x7f0000000200))
sendmsg$RDMA_NLDEV_CMD_DELLINK(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x100000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x20, 0x1411, 0x1, 0x70bd2d, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}]}, 0x20}, 0x1, 0x0, 0x0, 0x40880}, 0x24040800)
move_pages(0x0, 0x8, &(0x7f0000000000)=[&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fee000/0x10000)=nil, &(0x7f0000fef000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff0000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0)

10m52.203128088s ago: executing program 2 (id=1544):
r0 = socket(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000240)={0x84, 0x467b, 0x2, {0x1d, 0x1}, {0x52, 0x2}, @ramp={0x0, 0xffee, {0xe8, 0x405, 0x3df, 0x57c2}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x12d8)
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0xfffffffffffffde5, &(0x7f0000000140)={&(0x7f00000002c0)=@getchain={0x34, 0x66, 0x211, 0x709d28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0x1, 0x1}, {0x0, 0xe}}, [{0x4, 0xb, 0xcab7}, {0x8, 0xb, 0xfffffff7}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null, 0xf, 'dummy0\x00'})
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000008000000040000000600000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="17fa00000000090000000400000000001c110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x6, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x48)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x7, 0x12, r3, 0x6cf9e000)
r7 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
fcntl$addseals(r8, 0x409, 0xa)
syz_open_dev$audion(&(0x7f0000000080), 0x1, 0x100)
syz_emit_ethernet(0x72, &(0x7f00000002c0)={@broadcast, @empty, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0x38, 0x3a, 0x1, @empty, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x2, '\x00', {0x3, 0x6, "39afb8", 0xf648, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, [@srh={0x4, 0x0, 0x4, 0x0, 0x2, 0xd8, 0x9}]}}}}}}}, 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r7)

10m51.878296424s ago: executing program 2 (id=1546):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x1400, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x18}}}}}, 0x36)

10m51.649728077s ago: executing program 2 (id=1551):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15f4}]]}, 0x30}}, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r6, 0x0, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x41, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000100)={0x32, @broadcast, 0x4e22, 0x4, 'wrr\x00', 0x28, 0xffffff97, 0x7b}, 0x2c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
r7 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000000)=<r9=>0x0)
landlock_create_ruleset(&(0x7f00000000c0)={0x501b, 0x2, 0x1}, 0x18, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000780)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

10m50.738345322s ago: executing program 2 (id=1557):
r0 = epoll_create1(0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
sched_getaffinity(0x0, 0x8, &(0x7f0000000380))
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x9})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
socket$kcm(0x2c, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r3, &(0x7f0000019440)=[{&(0x7f0000000340)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed090f0000600000f3a1bc5603ca00000f7f89e3ff296aa1f6475322f000200000004a2471083ec6991778581acb6c0101ff00", 0x48}], 0x1)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')
socket$inet_udp(0x2, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x102)
syz_emit_ethernet(0x46, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb81000b0008065b0186dd06105fc1e70a91cfd2b700000000000000000000ffffac1e0001bbd8c32bba3808e990debbbbbbbbbbfc000000000000"], 0x0)

10m50.66844836s ago: executing program 2 (id=1558):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000440)=""/231, 0xe7)

10m50.367547361s ago: executing program 2 (id=1562):
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf32, 0x4, 0x3, 0x378, 0x3, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x1a, 0xf2, 0x10, 0xfffffffb, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x9, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x200, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10010, 0x0, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x201, 0x5, 0x0, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x6, 0x4, 0xffff, 0xe, 0x1000, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x4, 0x0, 0x3, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0xfff, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0x3, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x4, 0x7fff, 0x103, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x5, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x1, 0x4, 0x5, 0x3, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x1, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0xc, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x2, 0x7, 0x7, 0xc, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x2, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x4, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x47, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x2, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x8001, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x8, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x0, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x3, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x7, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x7, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x3d, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffc, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefe, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x4, 0x6330, 0x0, 0x6, 0xea, 0xbb2d, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0xb, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0x1, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x7ff, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x4, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)

10m50.165619397s ago: executing program 34 (id=1562):
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf32, 0x4, 0x3, 0x378, 0x3, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x1a, 0xf2, 0x10, 0xfffffffb, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x9, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x200, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10010, 0x0, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x201, 0x5, 0x0, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x6, 0x4, 0xffff, 0xe, 0x1000, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x4, 0x0, 0x3, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0xfff, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0x3, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x4, 0x7fff, 0x103, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x5, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x1, 0x4, 0x5, 0x3, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x1, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0xc, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x2, 0x7, 0x7, 0xc, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x2, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x4, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x47, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x2, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x8001, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x8, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x0, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x3, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x7, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x7, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x3d, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffc, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefe, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x4, 0x6330, 0x0, 0x6, 0xea, 0xbb2d, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0xb, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0x1, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x7ff, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x4, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)

6m58.456491602s ago: executing program 6 (id=2746):
r0 = openat$ttyprintk(0xffffff9c, &(0x7f0000000040), 0x40002, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4811)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=<r2=>0x0)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x21}, 0x40000)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x5c, r3, 0xc09, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan4\x00'}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0xaaaaaaaaaaaa0102}}, @NL802154_ATTR_EXTENDED_ADDR={0xc}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, {0x200}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x2)
syz_emit_ethernet(0x1b, &(0x7f0000000000)={@local, @dev, @void, {@llc_tr={0x11, {@snap={0x8708450680a43ac2, 0x0, '\x00', "f508a0", 0x90, "6eed29fb87"}}}}}, 0x0)

6m58.354592798s ago: executing program 6 (id=2747):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=<r0=>0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x10000)
r1 = fsopen(&(0x7f0000000300)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='iocharset', &(0x7f0000000040)='-/\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000838500000004000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x18)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)={0x18, 0x56, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x2, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x9066, 0x20, 0x3, 0xdf}, &(0x7f0000000540), &(0x7f0000000000))
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900027eb7a2ad14208b58000500010005000000050005000a0000000c00078008000b4000a3de2de702ed5d21d5bd000005050004000006000000000300686173683569702c6d61726b00000000"], 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x8800)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x11b, &(0x7f0000000500)=0x9, 0x0, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000100)={0x5})
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f00000001c0)=0x7)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0xfffffffc, 0x0, 'syz0\x00'}, 0x6, 0x20000000, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
readv(r7, &(0x7f0000000680)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)

6m57.580424955s ago: executing program 6 (id=2750):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2d, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xa, 0x18, 0x0, 0x0, @str='bond0\x00'}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

6m57.401018262s ago: executing program 6 (id=2752):
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xb000000}, 0x20040000)

6m57.004469058s ago: executing program 6 (id=2753):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x8000, &(0x7f0000006680))
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="b3", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
pwritev2(r3, 0x0, 0x0, 0x2, 0x1, 0x10)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x24002de8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r4, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, 0x0)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000080)=0x4, 0x4)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r6=>0xffffffffffffffff, 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r7 = pidfd_getfd(r6, r6, 0x0)
membarrier(0x2, 0x0)
ioctl$TIOCCONS(r7, 0x541d)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000040)={0x0, 0x0})

6m55.87927421s ago: executing program 6 (id=2754):
r0 = socket$inet6(0xa, 0x3, 0x4)
r1 = socket(0x2a, 0x80000, 0xfffffffe)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0xfffc, @broadcast}, 0x2}}, 0x2e)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x7e00, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x10000, 0x3, 0x1, 0x0, 0xffeffffffffffffc, 0x0, 0x5, 0xfffffffffffffff7}, {0x0, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@empty, 0x2, 0x6c}, 0x2, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe4)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x40000)
r6 = getpid()
sched_setaffinity(r6, 0x0, 0x0)
setpgid(0x0, r6)
syz_emit_ethernet(0xf8, &(0x7f00000003c0)=ANY=[@ANYRES64=r6, @ANYBLOB="9c413d0e5578156bc1905f174279ddd9bbc24c82bce973da073c2b09e7d15b74179da5f1ef677196dd4ea2f0cc8b575676e213b683d021008891cc8c1c0e58bbbffd981d4d43e8a324ac7ce7c3d3", @ANYRES32=r0, @ANYRES16=r0], 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000680)={0x208, 0x2d, 0x400, 0x70bd2c, 0x25dfdbfb, {0x9}, [@nested={0x14, 0x105, 0x0, 0x1, [@typed={0xc, 0x4c, 0x0, 0x0, @u64=0x100000001}, @nested={0x4, 0x12}]}, @generic="ed0fe08f34a2d4d80204f248e6c825fcce770ebabff9a4de305a8f9fcaffee43d1fe4f8a652a44b73885b02348c4e17ad198f4f7c7f37ba8dfb6eb03abf57bc58cc01cf8b1a1513db1c27f464a088eea1d11585c3aa5810372da8dad0cfa1b15584150f3a851a62a9cc0b7f0b54a3dc2fbe31744e9ffae2b2a69fde400b53925058d", @typed={0x8, 0xe0, 0x0, 0x0, @u32=0x8000}, @nested={0x10, 0x16, 0x0, 0x1, [@typed={0xc, 0xd4, 0x0, 0x0, @u64=0x8}]}, @typed={0x8, 0x13c, 0x0, 0x0, @u32=0xffffffff}, @generic="ddd2bbc8b17e682bc1241e93f34543280954c42ddc0209e948e7e26e4cad3eb052450eb2f1b8f60a3f80ca1e3ebd6a41d56f6359b4cc46a79344a75042c95625b102597bc722bbd2c73f7d0c06950106b3d3617dcb4107c0d457f3ddedddb0308870b080356e34eff486af", @generic, @typed={0x31, 0x60, 0x0, 0x0, @binary="6678c9e317d68231c918cc42fd3257cdb36bf287469e02053838c000093577492696362f6eccb8acf41350028b"}, @nested={0x9b, 0x1d, 0x0, 0x1, [@generic="7741ee64a42586506dfb44f590e318decfed6842e8653f7cbfba3837e1f20f7143cbe6f39c04ef46a77ae13726d4dd9156e7d35920b65c1a49e90cfb3924607d64be33b01361cb8cf0", @nested={0x4, 0x13c}, @typed={0x8, 0x4b, 0x0, 0x0, @fd=r1}, @generic="158b18c9d5947666e8ac393f009cb8b9ae618c9bad4bd997495a00e141b085b2699318c95a271e231aaee1752f003cc30a23d8ce3b11b0f68bd9be17b4acc664d0ea"]}, @generic]}, 0x208}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="090000000a00004000000003ff02"], 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

6m40.884126345s ago: executing program 35 (id=2754):
r0 = socket$inet6(0xa, 0x3, 0x4)
r1 = socket(0x2a, 0x80000, 0xfffffffe)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0xfffc, @broadcast}, 0x2}}, 0x2e)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x7e00, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x10000, 0x3, 0x1, 0x0, 0xffeffffffffffffc, 0x0, 0x5, 0xfffffffffffffff7}, {0x0, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@empty, 0x2, 0x6c}, 0x2, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe4)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x40000)
r6 = getpid()
sched_setaffinity(r6, 0x0, 0x0)
setpgid(0x0, r6)
syz_emit_ethernet(0xf8, &(0x7f00000003c0)=ANY=[@ANYRES64=r6, @ANYBLOB="9c413d0e5578156bc1905f174279ddd9bbc24c82bce973da073c2b09e7d15b74179da5f1ef677196dd4ea2f0cc8b575676e213b683d021008891cc8c1c0e58bbbffd981d4d43e8a324ac7ce7c3d3", @ANYRES32=r0, @ANYRES16=r0], 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000680)={0x208, 0x2d, 0x400, 0x70bd2c, 0x25dfdbfb, {0x9}, [@nested={0x14, 0x105, 0x0, 0x1, [@typed={0xc, 0x4c, 0x0, 0x0, @u64=0x100000001}, @nested={0x4, 0x12}]}, @generic="ed0fe08f34a2d4d80204f248e6c825fcce770ebabff9a4de305a8f9fcaffee43d1fe4f8a652a44b73885b02348c4e17ad198f4f7c7f37ba8dfb6eb03abf57bc58cc01cf8b1a1513db1c27f464a088eea1d11585c3aa5810372da8dad0cfa1b15584150f3a851a62a9cc0b7f0b54a3dc2fbe31744e9ffae2b2a69fde400b53925058d", @typed={0x8, 0xe0, 0x0, 0x0, @u32=0x8000}, @nested={0x10, 0x16, 0x0, 0x1, [@typed={0xc, 0xd4, 0x0, 0x0, @u64=0x8}]}, @typed={0x8, 0x13c, 0x0, 0x0, @u32=0xffffffff}, @generic="ddd2bbc8b17e682bc1241e93f34543280954c42ddc0209e948e7e26e4cad3eb052450eb2f1b8f60a3f80ca1e3ebd6a41d56f6359b4cc46a79344a75042c95625b102597bc722bbd2c73f7d0c06950106b3d3617dcb4107c0d457f3ddedddb0308870b080356e34eff486af", @generic, @typed={0x31, 0x60, 0x0, 0x0, @binary="6678c9e317d68231c918cc42fd3257cdb36bf287469e02053838c000093577492696362f6eccb8acf41350028b"}, @nested={0x9b, 0x1d, 0x0, 0x1, [@generic="7741ee64a42586506dfb44f590e318decfed6842e8653f7cbfba3837e1f20f7143cbe6f39c04ef46a77ae13726d4dd9156e7d35920b65c1a49e90cfb3924607d64be33b01361cb8cf0", @nested={0x4, 0x13c}, @typed={0x8, 0x4b, 0x0, 0x0, @fd=r1}, @generic="158b18c9d5947666e8ac393f009cb8b9ae618c9bad4bd997495a00e141b085b2699318c95a271e231aaee1752f003cc30a23d8ce3b11b0f68bd9be17b4acc664d0ea"]}, @generic]}, 0x208}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB="090000000a00004000000003ff02"], 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)

6m36.059613528s ago: executing program 3 (id=2819):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x404000, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xe}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, r0, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x2cea, &(0x7f0000000180)={0x0, 0x7a71, 0x40, 0x0, 0x385}, &(0x7f0000000080), &(0x7f0000000240))
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000040)=0x2, 0xffffffb4)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0xff1)
syz_emit_ethernet(0x0, 0x0, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_KEEPCAPS(0x59616d61, 0x1ffffffffffffff)
madvise(&(0x7f000018a000/0x2000)=nil, 0x2000, 0x12)
close(r1)
bpf$MAP_CREATE(0x0, 0x0, 0x1d)

6m32.979560952s ago: executing program 3 (id=2828):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2d, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xa, 0x18, 0x0, 0x0, @str='bond0\x00'}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

6m32.906204932s ago: executing program 3 (id=2829):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_TDLS_OPER(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x24, r1, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_IFINDEX={0x8, 0xb, r3}]}, 0x24}, 0x1, 0x0, 0x11}, 0x0)

6m32.719120908s ago: executing program 3 (id=2830):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0) (async, rerun: 64)
truncate(&(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', 0x7) (async, rerun: 64)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000d, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0}) (async)
getrandom(0x0, 0x0, 0x0) (async)
r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
mkdir(0x0, 0x8)
syz_clone(0x10eb22b000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) (async, rerun: 32)
socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 32)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r4, 0x8953, &(0x7f0000000300)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'}) (async)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) (async)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000340)={0x1, 0x0, 0x9433, 0x3b, 0x10, "3eccd8000000000000000010000000040100"}) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000810100"/20, @ANYRESDEC=r2, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000300)=@abs, 0x6e) (async, rerun: 32)
r7 = io_uring_setup(0x7e73, &(0x7f0000000180)={0x0, 0x5615, 0x1000, 0x3, 0x1d7, 0x0, r5}) (rerun: 32)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x7, &(0x7f0000000380), 0x1) (async)
r8 = openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_elf64(r8, &(0x7f0000000680)=ANY=[@ANYBLOB="7f454c4601020507000000000000000003003e00000000007a030000000000004000000000000000490300000000000000000000030038000100ff07060008000400000005000000ff0700000000000060000000000000003de40000000000000900000000000000da00000000000000acd700000000000070488985de82658ac28d1ab36c916a24dc03a26c75ec8bad8d2f51f87e2b263eb5b22e5cbca6ba62c17b9bf944369a1d2bb9b87c9057da10da6fca5cf63ccceab5c7a5e6e7443f4012241cf31250495ce9fc3d7cf28f6c9c4f7603958558c20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b403cefc9737d2c63989c621b7f8a9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ffffff00"/1239], 0x4d7)

6m32.416306852s ago: executing program 3 (id=2832):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) (async, rerun: 64)
r0 = socket$netlink(0x10, 0x3, 0xb) (rerun: 64)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0xc, 0x4) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280), 0x8602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0) (async, rerun: 64)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0xa2465) (rerun: 64)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000003b40)={0x73622a85, 0x1000, 0x2}) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000240)=[@increfs], 0x0, 0x0, 0x0}) (async, rerun: 64)
r5 = dup3(r4, r3, 0x0) (rerun: 64)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
setsockopt$IP_VS_SO_SET_ZERO(r5, 0x0, 0x48f, &(0x7f0000000000)={0x4, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e20, 0x3, 'sh\x00', 0x35, 0xa, 0x52}, 0x2c) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 32)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_FREE(r9, 0x3305)

6m32.186713493s ago: executing program 3 (id=2833):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_dev$sg(0x0, 0x5, 0x484ec1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
syz_open_procfs$pagemap(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev}, &(0x7f0000000280)=0xc)

6m16.745214268s ago: executing program 36 (id=2833):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_dev$sg(0x0, 0x5, 0x484ec1)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
syz_open_procfs$pagemap(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/rt_acct\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev}, &(0x7f0000000280)=0xc)

3.309891337s ago: executing program 5 (id=3842):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmmsg$unix(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000480)='Y', 0x1}, {&(0x7f0000000100)="d5", 0x1}], 0x2}}], 0x1, 0x0)

3.308822287s ago: executing program 5 (id=3844):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
io_setup(0x8, &(0x7f0000000600)=<r1=>0x0)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000000)="c3ba901fa570e8adacf83a7ced18f4d2e782941132c5d1670bbf6a527b772304cfb2c6ccb6b8f23c51581d79b5770808974b25de0cac7c6e0f9a990983f6e82c1468c783d4e38bbc6937eaa50bf70aec30ea2e33da6a212d48bfe0370aa5d9a66863a9300762e613b28bf9ddede6ef84ad52224242a78dd9fd50750f395a", 0x7e}])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r5 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r5, &(0x7f0000002940), 0x40000000000017d, 0x811)
syz_emit_ethernet(0x47, &(0x7f0000000280)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x39, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, {[@cipso={0x86, 0x8, 0x0, [{0x1, 0x2}]}]}}, "ee"}}}}}, 0x0)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$FBIOPUT_VSCREENINFO(r6, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {0xfffffffd}, {}, {}, {}, 0x2, 0x0, 0x0, 0x10, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
setsockopt(0xffffffffffffffff, 0x7, 0x81, &(0x7f0000000280)="1a000000", 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x40d4, &(0x7f0000000140)={0xa, 0x4e23, 0x4, @loopback, 0xffffffff}, 0x1c)

3.117604181s ago: executing program 7 (id=3845):
r0 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f00000000c0)={0x0, "08000000000000000000000000000000000000b582000000010000000100"})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000"], &(0x7f0000000440)=""/212, 0x26, 0xd4, 0x1, 0x2, 0x10000}, 0x28)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mq_open(&(0x7f0000000600)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdF\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1b\xf4\xce\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|9\x90\x8d\xf4r\xd9*\xd1\x83\n\x1a\xa8fa2\xd4:^\xd7a\x0f\x12}\a\x9d\xc9h\x02\xbe\xeb\x01\xd39LS\xefJ\xcc<\xc4\xc0\xb4A\xab{\x1b\x15<\x95\x02\xae\xfdT\x98\xf4\x85\a\x01@\x12\xe0<3\xb4\x97\xb6W\x84K\xd7\xc5\xf47\xed\xda4\xe2W\xb6r\xca\x1e\x90\xef\x13\xf1&~\x97n\x9f\x8eS\xa8R\xf6\x9d{9\x1bN\x81\x18~\xd7{', 0x42, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000ac0))
r3 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r3})
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x1, 0x0, 0x0, 0x0, 0x0})
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
io_submit(r4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2.430474583s ago: executing program 7 (id=3846):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0x980902, 0x5})
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='./file0/file0\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x5, 0xbfdffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x65, 0x183000, 0x12345})
openat$audio1(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)
syz_io_uring_complete(r5)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={<r8=>0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback, 0x52}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r7, 0x84, 0x0, &(0x7f0000000100)={r8, 0xfffffffd}, 0x10)
io_uring_enter(r4, 0x47f6, 0x40, 0x2, 0x0, 0x0)

1.853804348s ago: executing program 1 (id=3848):
r0 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x133d, 0x3e000000, 0x8, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000000000000000000000700000082"], 0x18}}], 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x3, 0x0, 0x0, @pid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x44000)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r4, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x2, @multicast2}}}, 0x88)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x1, {0x6, 0x6d4}, 0xf0}, 0x1)
r7 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r7, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f00000000c0))
connect$pptp(r7, &(0x7f0000000080)={0x18, 0x2, {0x0, @remote}}, 0x1e)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
r9 = fsopen(&(0x7f0000000040)='fusectl\x00', 0x0)
fsmount(r9, 0x1, 0x8b)
fsconfig$FSCONFIG_SET_FLAG(r9, 0x5, &(0x7f00000020c0)='ro\x00', 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r8, 0x40047438, &(0x7f0000000040)=0x1)
socket$netlink(0x10, 0x3, 0x15)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r8, 0xc0709411, 0x0)

1.790485809s ago: executing program 5 (id=3849):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000000)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f0000000200)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722", 0x44}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/69, 0x45}, {&(0x7f0000000840)=""/83, 0x53}], 0x2}, 0x2000)

1.790172318s ago: executing program 5 (id=3850):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800a8571a0000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018150000", @ANYRESOCT, @ANYRES16=0x0], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x49, 0x0, 0x0, 0x14, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x70bd2e, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20040094}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x44)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
finit_module(0xffffffffffffffff, 0x0, 0x3)
clock_adjtime(0x4, &(0x7f00000005c0)={0x6, 0x8, 0x0, 0x7, 0x3, 0x3, 0x9, 0x9, 0x6, 0x5, 0x101, 0x3, 0x7, 0x3, 0x3, 0x1, 0x3, 0x0, 0xde, 0x3, 0x0, 0x4, 0x0, 0x8, 0x3, 0xfd4})
close_range(r5, 0xffffffffffffffff, 0x200000000000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x48884}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000c000b40000000000000000208000440000000000900010073797a3000000000080003400000000a140000001100010000000000000000000000000a2d3a12e2c146def34bcf250b63db7b5015b879d19e580f33d3070465e894d9b334eff43a6ad7263b2e14c23854ee92060a1b9a4a9163f5232cfaaf30a9299813768d26cf723098ea6361543e5920d5c383445a2c3bac0138d921e2a9a67361d195b798486a8c01d56edee3cdb8d98a4864ecde6b5070c417adac07cbc5461f87e9c31446028d5696eb79fd5992831421dd5f6e70f2166f8be0c81384a6693b18ec8c91c52a2d9ea16147142273735362189abd8dcdddf71d3875422636d0b54f85e0063f471fe2f4caf514c4cffefd7201f093314d78478257d31bcdef3671387b77f097da584f4c41f697ffab3e62a3cbc3e912d4825c293450f40c93dd659b9073fcb7440d3b7b9d86000000"], 0x64}}, 0x0)

1.695736424s ago: executing program 1 (id=3851):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
r1 = socket$kcm(0x10, 0x2, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140)=r3, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c0", 0x1}], 0x1, 0x0, 0x0, 0xe000000}, 0x0)

1.59777084s ago: executing program 1 (id=3852):
socket$inet6(0xa, 0x3, 0x4)
socket(0x10, 0x80002, 0xfffffffe)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELCHAIN={0x1c, 0x5, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELSET={0x28, 0xb, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_POLICY={0x8}]}, @NFT_MSG_NEWSETELEM={0x2054, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1ff4, 0x3, 0x0, 0x1, [{0x1188, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0x10, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x6}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_SET_ELEM_EXPRESSIONS={0x10cc, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_ADDR_MAX={0x8, 0x4, 0x1, 0x0, 0x12}]}}}, {0x50, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_RT_KEY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RT_DREG={0x8}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x3}]}}}, {0x1c, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OBJREF_IMM_TYPE={0x8, 0x1, 0x1, 0x0, 0xa}]}}}, {0x10, 0x1, 0x0, 0x1, @queue={{0xa}, @void}}, {0x1020, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x1010, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x1004, 0x3, "1c47dafe63b8f1ea537b23ee40e0512e2fe01e8aa56c1c8fd986af5974534844cc009cec0349ff98821a7759b15cbf419f835845a9370b9756311bf7cf0719afb758dd1c5669cc8fbed0c3a3b4e2c161b9c04f0b2145c3e068398460ceb8255619a3d4cdf8c071a55737cba930f17a239b900c992b750c3e3a346b7e05324f516ebc817ade6772ef988d0bde69e6636d48132281ae1540ef0aa7d823da4d23522dcb5451d167ed760a5adc86cbe7aafe7ed60767a0c2fa9ebb11eb0cc70c9a1d21778d60a0eafc11cf98dd44afd442ac29b780855eaecc8cb95b806e8e0e3f0f9ab5aa1caeb4612f396224d837997baf0d74af00adfbf608b92b77cf1f161dd1ab18ec137ce392c1d79a6e94cc78f42f5a9eba8db6c5f95db10658d514c7706b330160e3ab7d0ef0ee9eead9ec2077d8042e87f478939a090c471e0c24d57a42973375ed1bbd24d18e08699c1ea00c3ef2ba0f2f93261209af85abb8171c779f5c9c215fe635f06107683c927ad3130ca968b0e5cd02462f6bf354d8655063bb490ebe2b625ca800b7c060587e62db2d6b9d1d375fb82e62fcc566aa4df37864496521e43c0705929c8662210b929050f44fb2dedf2b46273117d817a538177568666eebb066d9268b2994c4ee2e915db597da7fa594d8270cb40996885c30cdcf555f3e42ccce0ebb567ccc42d862296c0553f2a4abb3b7f0abdafab2895d9b7f374f969f23d12ec3445d989286eac0d8d161447e551d24caeba1219a469694cc617c9f535d6d4038b8811d1b6745bb3a826df024f5304bb13d5d390fe0dbadad6dc860806eac8fd4a3a0c42f949cf092ea546a17166481647de5ee0fc40e2986ccb872e784116585d274eb99684ba7807b26c7cc03c4cae7b6c2b1e5c318df0d4654b32ecc9ac949e34c05342591033fa25467636ef4fe31d3b72f5f9711928648ba73a02c48ed33bf691a8d0f5432259870422affe76dcc20e731d931e9a9f3c91daa9f51d09e5efcc008091f5bb30574009960bda4145af7a79af63e7f00193612b8e7178470b41893727cebca78e0f2d70d5382bcd8b5937a561a652a90f5c157245a9121be12cd32a5e25c87dc71869ef0589ac18d40ae5125a42da40c376632022e7b67ecbca82f51f6dcf2c04b4de6da4e20e9269cb826102c5b77df71e59f1ca4862469add61695d28a8fe8215c6d755b767665bb4c72bfdb4c6548087efdd04da9d73c1bd311b16703f468c7405a6e37e1e1c26cdda889b209d37fa8e05fd244dbf4b368d28fafd15d9c1c0d943bcd47c9d5a61067f071dbaf672936b48f7025874083079b6fd5d06bd5044d95784d9ab336f772de78803604aeb1ce47f857771a61eed608b36204ed3e9312a4aeeaace5803c91b3d426586ddba5c2c49f63f609bd5cd5ba5025fcd26beb9e376d7171167a80361ac3e165f55013dd01d614155915585f17b585e9aab61fe0a7a03650a0b852d6eae5d7defad1ef43df714f5632c04db6d5734053368a59a411e6d89707a273a1c63eb7ad26aac216aa8b29a61c2ea47d188569e88f85e4e5c4d743c7583e151588d1c81f30250f2071f30d982da53aaa18e40546c60c3e1a6ac27c266acda228bdf4abf7fd98c0c943e0aecca5211a7aeefbc4f1f8c50e0116d083c77526a5f0c60c9f8fac0a4a89d6f4bb3bf358a949b12c1f05789ff9138b1ea7868a09a400ec8a7f9ade945cd005075fd1ab19bbc9e7ca12e981ac2e2cf50ec55b3ce449a598ba98261ccd4bda6658ddb747afca1fdeb8094bea701a47172b02d1eb08ef2f8ceaafbd0e65f13458ab0d9eb903ad409f3450f0ba2776ac4e440014fdc6e17947488fb7d354aae9fe523f88203e174e96f3eef73aaed7644479d20dfb471b455e6f697ed337a490b6cacdef1b77568b3438bba3789e8ab4eeb8dfab62f5e438f76ea0cf131f7aa53ce832d4e81750e2482db324a70d9795be614ca75abae6e9fc3e8932ead343a54d6cf1f78d578a4a570eea88eabee30db01e2eceb5ccbed3a1fe271f68d836f3a1337509ebdfd47c075cdf291f952ca6f74b4f32b25914f6bc71076c6bc1a878115b6c505dc62477129ef1838f465c9c2a743f40b36e859872707d1cbd00550f8bc752a04fef4d1b35478cf6c239dbdf15349fa68ceebf32104f94b8b314a7ced787508a116e0f8b9f62ba1a9312b287aca545c0d4b0758cb8206b559e6bf6bda5a6bc1b75eb9dea2ca94c7df566674e97e9ff25085cd0ca23bc4c5bd2df709c03a76fdbcb571cd595836c3ceabed5dbfd283be36a9bad704e169eb0f38c7c8c8b02cd38c1bb54fbee7d584a85330022457339d28d3bed3bc7200caef6965076060eb87f67a771bb5c3c91c0bd4477558b2503f89901f850890fbc1132acd48e99d9c54afd5a49d6590ae6b7a44cbefbcae5facd4700f45c4dcf7b0f4f2eb59d9a04e47dd8ec042ddac1b7ce78aadc123a8d82d61e00eee16cbd96ef1b50109f7cd940e562cde97393366175e2cb026cdf0e8ec8c7f5e01427d4d639010cc3b1d3d16f93ff3638715e2f550c58ad2832ed7e0dda94b66ffc151efd98aeefe2b78f0c77f0da8f795d57cb09ed01cd97ebcc6a01f800be9135a4c5d0694a4040cda675a047d4d37cae832d0837cced2687c706795be4ba87a9c044417aa1dcf32d860bc6f4e618db4ca59f0659d86a38cad08c17caffa2349c447e342b9f2f1cfe7584fb5911a48a842fb617465ccefb95efd81bb4c682edcf2bc6bb64f761d42e1f58151f6ff08c2d8944b334b0bd61c2477885283fe1934145f9d9fad71ff2fae4fdbae3e598e33d8a00f3231de6c374ffe7ac3e38bed6006b64f4a2a1bc4f297f2c84102da94b46f0574580adff5ec1beaba8f6b120a18a72bb55ca4d18bea49f54187aa79b71e77006fdf6ce2db3bafd230321ec132cf4e2669cc1cd0125398e59cf6ba1b82e819b06a18cdf0a8b0d2bce4c2a5e5f28ebcdd4e7c7ee57dd23b31e0a50e84ddac67d31bc92a2251f5602451b2c3594058cfe17e6bb4b74bbfd0f18918acaf445260b7a5fd48d53639fd3cccc9ba45ca4946c11f4a5c4ce28dd718ca78cb69c8c614690fb2a92067eb4e774aa04b6e16fad417b12ea25cc6aff3c5fb4e70be35882529702a523cc3dd2565a3c80ba1d60db4328f5a7c02c49ecc515b146e394dd81bf9d445e2dd742376e1dcf471ed2d3aa5d96aeeaba6e5dca83b86614e6a979323dfc24b2e61812db4f83241e1126f9d456ac68782d828df79a83f5a550faf7fa945972fa170b1489899a22607a9cf7beb7ec164d2484cb4ebfe1a0db0ef14007b69934156ba91360c61030ee6b909a9a3f31f5bcdcf0aa08e76cb4aff847d3bc222f49c992f1c3bc3142e7d146c961019a546abd9f65d7f32771d91a636d0564bc53243f6873a6a97c1cf3254039f05b4508130dc3700bf2ab4bbca62b1eb9fb5f76fef6735cbaf4487285a74b48d2312716fa456ad3d4242988bb7ed73290f2db49b2ded74c543105b5ba98a1938c19c79312a38116fac4dd1d4e22989669067b4a81ce11f9f71a79dce0b1e918312100f4c9e38e49d6b7bc6976e1eba857026175dc0bb8b5034ca39e6c2d97d378a4f8f8611b13bb47313465a2940e9e54831909e118358e44d5701fab3587e43c3cf36d5349190906f886437d08f85dd982bfaa103334e8f8cb356c20d89ae4f2ab6bab3bd6d2bbd3938c4b215e97b6d78af285b1a3bc3bb169b48f6265d099d1467877f997e2519562114abc8e6db7b0d208984a39eb5220d4162b93c52e8f62e7ca5914f1408dad34034b8895de6fbb8c61e695f3184e7e37c1f8761b06530a87d0463ded4d507f6e1352c36df5250e5062e3a99d6b8a29d66a44b4f112ddbf8e0ac204fe53934a644a9740848ce7b9989426689ff7e5b5ce90aab8f37e3d2ad6176fef459d39d768a72169974e757977b2fb1e5bea0cfebe2c666e2dc35a56987e736002d822b43fab58857810f056cb3cfa9e84e7518d9d8c70e55cb16f7a98ab0eb0a1447f7b0aea22668eca6566fbda37cc81215b417515568a9cdbcc0837186e95caa191b27c849b80078213172fa88f5d22eee4962316b16a3285918b2d375afddf254a334beca935b360c793669fea7111a3f6da1efc34aa372a647568bf1ee66fbdb6a0e0b6b707a2b76e961881ff6e809b54ed74453439f4257809fbbd57a372e3c35765a375a86e62d9102cb61a0fd0de100db0b0fa2409365727a8a5cda04803427e5048435f175e17417ce22e016d71f93dc6803dbd81be7d42ffa1a7342b1002d761194c50e3123838894d166562a1572d1fda2cc9b5df21a7a08dac40892ebf302746e8e54560534d32e13152384e2c54baf565f0270b9c091d5f4f9d1f9be2156bbbdb927df21b76f5e22cdcc29b3c99f4e6cad34fa6fb8666efa31b5acbf712fede8c38764532cf69adf5794d7fa4de561af1c817dbfab80f2809ab70de3616ca88b94679d1da14a4371873336d6a1fa36b97dfbc979c0487d4f3348b1baaee61627a3ca39504e73413cf511a57b682d64cd790a187a91a02c3bcd5403b6fe77ac06792d1abfd03fc806ffb60ad942c0cf405db7808342088a4b0b1f12173721efb6c8891c0e7292f41f0068b9b2417947cdb098ea7c0ff0cd5f72042fa1f2e401109d39bf07a09a4e6369b4d7a8e39995a8f6856371cbf09d08a03b3b320c640719e9abedbed710a83374aab1457969b6bfbd9f7231fe157f4e62fa5cb98909e5135ea7d0fc5359d43c7ef940550b0a51574cf11bb1df28e64d27179fc72a44016506221c5207238610dfe0667c9b53f654db9fbd19cca4edd0df7516f33e489aea069d90831c5f509c68e93c26bd3a23a6e16f7e94b72bfb3e7b9b8b2e9740ac6d226a921fd97debea07455e65c1f04b8ec1717709d3bffa3a899f2ab0a320671ccdf12b49ed9c29220dfc425d192fe2b2a991862362a3a567e4e20aae0e019b629b83b409c9abf7215c155e8fc926f53a6a3b3f6364fe94e275fc4423c04ce4c837ec1fc3ed9800b4477bb96e89374754bfdf814fa75c6fc8aa97e10d1f4dd0e02feca3047497523e05ae1c3c0d1763b95a7d115029616d8247f4dee92a8dfdfcb13370f649cc386f653a19e085e11dc0fb6a8fa52c4d64577f2ff97ddb2c9f26558e14af4a73fa4ca3513d129917f6ddf0541436dc100e5a2962dc597f0fb274a92194e1eceab7f2f45457ec3edd9ef9ec87576114e2544a7e62975d7d78f7ecdec09135f4055eb8faa54f44cdd5bd59922cda5a8648682dafb3f4cf95bfe90f0635c494007e9f41cf5189789604df73ae4ba0c6dad01cc3d91bdfa3b9c1bb772a46af276db6152cab2bc8ac9844cb195e650d744236fb2a7a0dc00d65ef4ea904a38b7dd6b62b99f41b67ac41250a6dc24056a17409d3de184b22a7e6353db071da9f518f6f536f7ea56133ddee8e2ea7a07ff50cfed26d5d27c5536decde3c32768b83f32d806deb01a72062724bae859baf80f7172baa6384ec0cd49701bb0aba62204f7ab0ce0c46c8ed1760c595abc8ffe09fd77c9a87de834976a021d079ee02fb47845372f4eab845c335cf60042b6392f76c391aed411de0e623f0ed91cd83babaf92ec333ceb7a267cec034ddfa72605eda5285d09a6c7998cf4ab37bbe7ee17e0c59480e062080238c04b49eb34f9148ee4f7ec6d644c7b130eee6113ecebd262b7c85bd05329ceded789cd6a8db664368e490c8265a5ffd44a1ed73f084e6e23e20f26fc87391fda16e101a8bad6f3dc0e0a5392edc0adcb"}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}, {0x14, 0x1, 0x0, 0x1, @byteorder={{0xe}, @void}}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x70, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x3c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0xfb01b0583ed0f17f}, @NFTA_TPROXY_REG_PORT={0x8, 0x3, 0x1, 0x0, 0x3}]}}}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x76}]}, {0x400, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_SET_ELEM_USERDATA={0xb8, 0x6, 0x1, 0x0, "d3c82df06e525c2e299bcd44926f5d70dbcf5818f9d3b079fe55af18c6672bada6faf9fe5f0bde633a53c7bf0d133d32eb28395503adb7d789fe3af7a75eae84462b005d5da476d67dedf7ba211ef36177b1835aa9e440a5e4b0b2f5a5bc0b664980941e6b07445ef1faddddd12aff6c297720fac3be013ffb465046a7104fdaa0e520d8330122e012f6bb82a4172641a35ebc400829f8ebfcffc709c2e9a3c42b91d7dc90c2bdbf2efa0a6be21f401c1db769c7"}, @NFTA_SET_ELEM_KEY={0x218, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x64, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0xb7, 0x1, "cdf44ff6b6d632022e55f5604d949d69ca8b51bce84f10fa8b7863dcc98f1335adcce4da9b9aff6ca7ec61aa831dfc83db9ce37e289928103e7705e0a02893fc917889269c6d6f4bb95569b5f379570688c2d4bd9864b8a58b2fe924d2ee2bcea8070e02e1a3036ec4f762016bb096772c49cbb1998be6a232065fe06901396b23a919e9e52afd4b6ceebd926a779622d6197635b22eddca83ede4013ea4e158480c2dea04e5694bc9292492e659a2bf2ae402"}, @NFTA_DATA_VALUE={0x6d, 0x1, "b07d2c944402bf4de9388d21e51ac71db94678e0ddcc9a1d959d38d10d286619d7fa2fa5d7bd03f109fedf07c16a6383236a5498b90c3ce515e04335a4894453c548a1eefbc374b2b99d33c52eeeaa81e0f4fbd926736e7e1d5e0674f313603e407dff98a0af735cc7"}, @NFTA_DATA_VALUE={0x52, 0x1, "1acac7295fe0b913b6a3d6c30e6f632c5d163fbdd9acb9cac76e0c40ef03698028384bb5599e7d431458e0b4d443686849196048182dcd1fc696d611ef848df2fa8edda0fc5cec66c64f66bd8727"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_KEY_END={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0xfc, 0xb, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x3}]}}}, {0x48, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xb}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x4}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}]}}}, {0x60, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_FIB_FLAGS={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2c}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_FLAGS={0x8}, @NFTA_FIB_RESULT={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}]}}}, {0x20, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x13}]}}}, {0x14, 0x1, 0x0, 0x1, @notrack={{0xc}, @val={0x4, 0x2, 0x0, 0x1, ["", ""]}}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xe}]}, {0x40c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x58, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}]}, @NFTA_SET_ELEM_KEY_END={0x2c4, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x69, 0x1, "e1d681ccf345baea73f8d48021f167ab537aa241e1f0a087af4998146768ae48ce496d7b910bad0a6f28743df785d05913e3ba71d068966ac3899e6784d73b3e124e8c29f45ff04e5e1bca4e99e33287ca87e823483d0a6d3971bbb2f18d30eba5ccb09f33"}, @NFTA_DATA_VALUE={0xc7, 0x1, "bb4ab42db7162a465c5d9b449fc246fb27c47f471ba517486828900ce55560684c7cbf0a4f67dac0d3cfe3a16a7826f0cce0b01e5fd67f9596a1c910cd92a6f2194520f2a7d790293e5e2fda0749e7b2e100bad6633142ed42305634f1d844b32f808f2af8d8a05682b17d211d6e11eab703d55976a5c8ed18388a83f535abc594b79331a22a5b5bcd9a9625bd361d24e11172aac7233a68cc0b38d489de0d4b92f8e57774d39b1c793eb2adf4af0806d88ac2daabc38a0b460bc8f0a0d758003ec34c"}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x3c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x80, 0x1, "09855e18986d7e95acac02af0a9130db4f0a6898a8eeeafd197c9194c1eada2ac98c92e603f9f5f75baee01340e3cb4655df81b7da2ab17e776c5a067a0da3c1ffba67be0e7c3e55abeb0ec0b696a027cdc76efb46dd7e6ff1da6ca3491ede99086218c8d346c0df7aa4e87804bc11cc32c6e45d2ffaa9cc46a9e9bd"}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0x15, 0x1, "0a7cdedf23aea97ddf5c1a13dde8de06ba"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_SET_ELEM_EXPR={0xc, 0x7, 0x0, 0x1, @fwd={{0x8}, @void}}, @NFTA_SET_ELEM_USERDATA={0xcf, 0x6, 0x1, 0x0, "a340038e41e710a37864e962f438679ab49710e746147cb1acf5eefa220b064a1ff5f70b5234ea89122328fdf4a8b64e3807e7e9e1249530279710efebd728e3cd7985e91171357f42a3687e61848d1979cc5ec9e7452f03052a57e9aa6f0245d933d0139dbf9cfd392b8e65bc0442bbb8f31b84d8c57767b5c198d6e5d230349c6ef1784680494048233b02557f35a65f279ffcca2bfe95ebb35f309a743696ba5251cd6ba01a001fb4c69288c1f4194e9e50c405a848b09306c24578357e44906e36b289e0e1d6eaf5df"}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @bitwise={{0xc}, @void}}]}, {0x358, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPRESSIONS={0xb4, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0xc, 0x1, 0x0, 0x1, @fwd={{0x8}, @void}}, {0x64, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xe8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x33}, @NFTA_EXTHDR_OP={0x8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_EXTHDR_OP={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x3b}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xbe}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}]}}}, {0x20, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_MSS={0x6, 0x1, 0x1, 0x0, 0xc}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}, @NFTA_SET_ELEM_EXPR={0x40, 0x7, 0x0, 0x1, @fwd={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0x2}]}}}, @NFTA_SET_ELEM_DATA={0x2c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}]}, @NFTA_SET_ELEM_DATA={0x218, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VALUE={0xd7, 0x1, "1ee00155b3b9796d86a192279f3492f6f416573f8781373040408abc14e2b39772410e269f26dcdcc390386d9c496bcb2948fb9c9d37400bca1b207ec2526573a58030db21150798ad8cb00ecaa1459f7b07fd9b1ca525f5982e227efcb58bfc16b746eaf31eb3114f274078f42fde444393318a3c747af889d005f67f685cb5a2ecc1877c046b0457a2265e30bfa18f86d22814fb29144ece502a42573fefc0d3aa774f06f400f312110add9f25b99d3e04f39023f491d9f19922f7c83c51bc9dfd19c21e01a60b1bb6cc6f2d83de73b89225"}, @NFTA_DATA_VALUE={0x48, 0x1, "d0b064218bd5911ff05518fbfd40732bc2160c3aee8040977093e4a362b289b2292651dd019ac476cf149d259270393b1a97ff6471c344ef4a85244171b3cd4fc004db52"}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0x29, 0x1, "83bfe378175340357909dad3df10a908fd9ed0da287bb8455f3bb6e73c51f082baa3c6302f"}, @NFTA_DATA_VALUE={0x5d, 0x1, "44d595c6c212630502c66a4abd9e861bb295169c994f66af1f474e583717051e9e1fd4bc716de81d90239c196393009bd34ade2ef6d59c3bbe7769b707c66466711f5c93d8fe1f521eda903d1b0e76307dcbb8ef8f391ed0b7"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_SET_ELEM_EXPRESSIONS={0x1c, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}]}}}]}]}, {0x304, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_DATA={0x210, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x46, 0x1, "6e0318e3ac1f9c9996ceb72159cebcc98dd17297113423f63366c6416eb5793d9db10bd2fc721a493b7d033e7a7f027813b5113e57a071b810541d9b3813473c592c"}, @NFTA_DATA_VALUE={0xbd, 0x1, "df3584f5198e52318f4d64f1e515a6bbf023b8a11055182da14d15ee37482eda7b936b61e8558fca07df3038ed8eb9fbaf904c4f23617159cbffc40670e8d81afbb28e7679145ee32596b992b2b93e755c484d69cc55eda301355565bfaf8f20fa6db764140d937144df667c696b6b5094c48f7d6037702219085de0e310dc6923a9c001ef6edbaf05b650f3cdebb84e6c9e071e64c12a00e7793663392579a27a6ea1f00f1c8e4e42ce1a363e6ffabd17fdc2939e6421beb0"}, @NFTA_DATA_VALUE={0xee, 0x1, "eba7dd2a72ead92a85b526963da57a5b2ff1db9f67867a59915bacc2c8af0c3263695f29dc4ea8a3fa7e34219eb6a0d4cdd3eea7298f57819d3c898526db7c33e1f24b6eb49a9d840a804976f6177ef45d862ef688d16c4ad09ed269441c18b1512d6ad0b51852ebc6db412f0637cdbd7896a42279f799d96c823caa855fd1e791e5a9c36a4c21e77febbce693f7b05986fd5fa47e9317acb731bf3c47b8357922ed739c8d9f465fc876e146fe6ebd4d60fb22e86faa74484958813056fe230f3181c3692e9c548fc967ef9d24a3f574e26ce9140abe8df4f6619bcced8c1d51686db4ed5f567cc7499e"}, @NFTA_DATA_VALUE={0x11, 0x1, "96329e0aba54a21c2a218cac49"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0xf0, 0xb, 0x0, 0x1, [{0x70, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x60, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_DYNSET_EXPR={0x10, 0x7, 0x0, 0x1, {{0xb}, @void}}, @NFTA_DYNSET_FLAGS={0x8, 0x9, 0x1, 0x0, 0x1}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_DYNSET_TIMEOUT={0xc, 0x6, 0x1, 0x0, 0x3}]}}}, {0x34, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2c}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_REDIR_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}}}, {0x48, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xa}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSETELEM={0x278, 0xc, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x250, 0x3, 0x0, 0x1, [{0x24c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xfff}, @NFTA_SET_ELEM_DATA={0xe8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0xb4, 0x1, "1e918464d81987aba47844e2d0f9e60f8b0ebe9985cacb4d1feae79dc271f479964e75a8b9557e58b17b4355b7df9a029fde8a2153c5a109fff066b20a252a57b6e60e6ddace3a0db01dd4165a2dffce7e4f424492074b04152d6d15df7b699ea6c18cd30d18efcc490467863760ae778d9817aebfedbe65020dcf3979f3a4cbd4a2daca62e6b320ee80224e48bd00140b95aac5f2daccefc4c22aeb5aad9211306ce23ade0739c4cbe5646339a91b40"}]}, @NFTA_SET_ELEM_KEY_END={0x7c, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VALUE={0x1e, 0x1, "44256b1a3998c8d58916dd33439cd0a1072badaa2e152e7de1d0"}]}, @NFTA_SET_ELEM_EXPRESSIONS={0xc4, 0xb, 0x0, 0x1, [{0x5c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8, 0x7, 0x1, 0x0, 0x15}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x1e}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x65}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x92}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x94}]}}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}, {0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x38, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x11}]}}}]}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x1a0, 0x18, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x71ee53c8d5d69ed5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK={0x13c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'syz_tun\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0xcc, 0x3, 0x0, 0x1, [{0x14, 0x1, 'vcan0\x00'}, {0x14, 0x1, 'gretap0\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}, {0x14, 0x1, 'gretap0\x00'}, {0x14, 0x1, 'team_slave_0\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'bond0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x168, 0x3, 0xa, 0x5, 0x0, 0x0, {0x3, 0x0, 0xc}, [@NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xffffffffffffffff}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_CHAIN_USERDATA={0x103, 0xc, "6c5cb72aacc32543bb2cfdee8a80ef32603b28265211257227d30c1bfefb3d1ab6088a8a605e8dce5f8c725e177cf41e034ba4353b3d83f5d70361604788d53c7d9eb82de963dcf33eeef9d0a06a245202784bf9b4110ab4a39ec086fc9797606eb667ab78b126097bf13d177825af5fcdccfd37c40dcace01f4fc8b394a8a0cd4f8566e18e76fb897e7cfe6868d7a628a5a2ee78bb1923bc1d8d2e9d9a00913f5d1ad98ae4062fa9fb2052b73ba47bc74fafd830ce7ca8d2f66686fbf5fd3df9f46248a52ebf9aed5bfdaf03d9859747fe1a09f4855e8f401369cc25538629696a0cbabf87e57791eaf4522c092bfeab5cd9a1bc80c374ca3474bb493f004"}]}, @NFT_MSG_DELSETELEM={0x968, 0xe, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x954, 0x3, 0x0, 0x1, [{0x7e8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_KEY={0xc8, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VALUE={0x98, 0x1, "5b7091b65ee7f66e4df98789ac36aee8551b785dff2db8bb4669cfb1b0161b1d52e0dca1256f41042bf09e4eb94ddf5cb36e78938221e2652f5db0377b7db31d86925c80141359562465d42e3bfd9d543ef92727d05a6a95a7be91b084808d62ed6fb11b4a400dce75bfa4991e9f651b31f6abb558da1c6f29697bb6d01217523c2241e3352532ac6849c6f75054c237b75dbd21"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x10001}, @NFTA_SET_ELEM_KEY={0x1bc, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x5c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x8e, 0x1, "875871988f9fc4f406e018c1c7d39535fb2db65639144aa2f2f2870d497f726bae5db852ade393362e6589b71819d4382e3d2274329946ffdfecc9a47c41afe575521bad27e489abf6323b4fcbc90c50ee26754d5487aae45ef8600c0d672f1977cdfb8399ecd65a95de3805e346cec80da2c19706889dce7ee74777d1dc3f8ea58e1b2a9e66bb037fad"}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VALUE={0xb6, 0x1, "f2d04c089ff83578520bbc018d82817853315ab511b96c83b10f39d3a249d2dacb546f17eca2320329dccad574f329ac14c2cd9224046d32f211a8642d13f2c3be096e62b7abed5bb6e9c9c80922c2f5de67ed33a91e7da753feefe405b22d8d396ee64859e919d7e0a77928eec9bbfc9323a24dcc8c56d27a190bc75147b0c51ce578cf3aac60199301e96430ad9edad9ce7128669d80637696f244e96b138fe5d56a35fcab2fb23539ba2acf7f0d0c8d4d"}]}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x9}, @NFTA_SET_ELEM_KEY={0x250, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0xb, 0x1, "efb9c6ae7be4d9"}, @NFTA_DATA_VALUE={0x9a, 0x1, "f34c4d167f7823bddfe9e6643ef4ed284ba3c17a8e47f26e77de0dde4f86a18f15789207d09e9051bd7e303d3799de96ba31243228c0856d777d94ffe8410d5d65f4c631a9baf8df6eaa703f9eccb86000cf75b5538a22162a6bc94dfe2bb4e7c3988067580315402f07f7b5d65fd2476f35dbebfbbd87b4485fc2eb3515771868049e914bf2ed44bd048d0d7bf6cd8891db11fd6923"}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VALUE={0x13, 0x1, "bc227d65ee88861fcc4377b304c09b"}, @NFTA_DATA_VALUE={0x6f, 0x1, "ac446b57596ba9339ec7aba1a78edb769002659fce87328823cdc85aeec486ed244e141e54f3033bbfad0e1ef3670c53cb53384dcd739e167e0029c86cec9399e47aaf0d218544bd9b98f07930e6442bbd91a58d52a6f0e063a0955c67b8d481c1f05bde84e3f6f713dea5"}, @NFTA_DATA_VALUE={0xfd, 0x1, "eba422613eaaf6bb09076453ef95c67a1340acc28e3e4b7c90e6f6473fbd86133032dd0f045be1a54db59127cdccabdafd1c1b31a27af6a30ede10be7d8113c3df05cd306073cbe0c5502020339e27e5c32008fdd4099dfeaa464b870f85ce28273ea2947d801a33ab39e2aeaa1a02b1e1155b31ff8b7df77d4df70607c711a0f66f17c233303bdd61ee3cd0154024f8f6e9d77731d36aee8a63826dff659cd399771476d613fc318dacb053d41c15e4764abe88e75f122f9cf6b624a9c01910c69be1aaabc57e55ca755f66a42d2939432372fa2d8c3118676459750bc76d6755a316aba2e8bb538edddae54475290028c7a2388258251a1d"}]}, @NFTA_SET_ELEM_KEY_END={0x2e4, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xea, 0x1, "92ec4dcc1d87695e8a58e21fc845ac111a045871a0e2bdc98649585d6e5f8dc3420762085b7acd5b8533aaaf5fd3f3589e4c4e4f1d2cc36f76536e3bef76af2301410b48608c0e4df5175faa7d102a005920f8385842e5200875ab854bb8e63aa68e017d6c54b68a25db3d2f28f7b358e808a3315d17032fadd5cfea757996c28a02a1be268445addd6699580f2c4b02bef1b7f026c1b028062ab83c60fa8768c324c0aeab8ef18fe8f6322464758911dffa846372f384f18a328e1453051745dc02128ab3afd4d22187eaf6038461dff2767e07648798ddcc92b5af581066eaad324ccd91b3"}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x84, 0x1, "1307ffa3fbf8d5aab3a0b1f13c54ed259a487fafeee57a937c44f8155e97cdfb9219f854e9eda5b623e925104b4f9f7168aa4fdc013fbc95d4b5cfefbec5f87b7579f10a9264639bf647abef6e620507b8b3c9aef0e7ef3ed1fc59afcd0791ab393d80a5af9c3642c22ef129785edd5cab7689d27c4047e1e4c62e107c5d69f8"}, @NFTA_DATA_VALUE={0xf8, 0x1, "f6150114b71e5a62060a0792fa2d309d55a12e0b8de47029ae3717d159f98fd8aab6db993227e0651b47950f2d53dff6a158ad1ef08aab99308898bd1720d7311320a130d04a0d29e723d3945107152eaf835985d79e7c7624507d897e3918e9999b62ea7b73b04cc5d4afd26922767039a21ffe93176759ca0f40abe149ebbef4de5a70ca878276222723fcc35332d8d3baef29cab11a03f625a7f36e99ccb94b560841a6c7210eb0b48d7e66c472715704417ccb44d891fbb08c6d02c17ce4fd861c1d0d2c5d1e53bbbd7ddcfa660c31be2129f25a4e41555da5040119cc1dab5eb5256a949f43b6b4ac7a48c9063cab8438d9"}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}]}, {0x20, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x80}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @payload={{0xc}, @void}}]}, {0x148, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_USERDATA={0x9c, 0x6, 0x1, 0x0, "a621984bbc7ec6cc6523a2099862f4ae82b3f902cd19b57a08b2a10e8c14ebf2828e6a2c7f9b08ecc8bd6bbdead4717735ada4c726507086fe08176eb2b3437077c0b4bd73f8aeda9e60bf11d1e47c5a2f73a37cf8834552625d3b7ca92ff517e1992091b16f617c447275b86b2b56aa4c13bc9f5b2a619faeeb286f1fa0019ceea31a60bdf05c5ce533a6e33c4be039d99f66c3bd21d7f2"}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xfffffffffffffffe}, @NFTA_SET_ELEM_USERDATA={0x7a, 0x6, 0x1, 0x0, "3ac92c6c3e48cea5ce32b6acf2ce6d5deadaeb47faf18706a87002e754f91cba49307854afb91e90f50542f15aa2c8e6cbc0484c5ace12bcbe26137a867281a8b4a87feb95f8af42c021b45757e086856babea14695c948f59445ec1828b8f8de8528a559e7d09acdfe9bbc27b24b6c0b6bd57b58dba"}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x2fa8}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040855)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x7e00, 0x0)
setresuid(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2a0000000e06030000001396000000000000000005000100070000000900020073797a3200000000"], 0x28}, 0x1, 0x0, 0x0, 0x8}, 0xc000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x141, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x216280)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000100)=0xd)
r5 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)

1.46084436s ago: executing program 8 (id=3853):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x50, r1, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x2000000}}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x15}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}]}, 0x50}}, 0x40000) (fail_nth: 3)

1.423443649s ago: executing program 8 (id=3854):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f00000001c0))
r0 = io_uring_setup(0x14be, &(0x7f0000000040)={0x0, 0x3286, 0x2000c, 0x1, 0x209})
r1 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0xc0b45545, &(0x7f0000000040)=0x1000)
syz_io_uring_setup(0x79fe, &(0x7f00000000c0)={0x0, 0x8a75, 0x4000, 0x2, 0x3ba, 0x0, r0}, &(0x7f0000000140), &(0x7f0000000180))
ustat(0x5, &(0x7f0000000000))

1.411305229s ago: executing program 7 (id=3855):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1234}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, r0}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2, r2}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x3f00}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x3, 0x7, &(0x7f0000000a80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)

1.353701965s ago: executing program 8 (id=3856):
r0 = socket(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000240)={0x84, 0x467b, 0x2, {0x1d, 0x1}, {0x52, 0x2}, @ramp={0x0, 0xffee, {0xe8, 0x405, 0x3df, 0x57c2}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001080)=ANY=[@ANYBLOB="e0000000100001002dbd7000fcdbdf256563622861726334292d"], 0xe0}, 0x1, 0x0, 0x0, 0x24008805}, 0x80)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x12d8)
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0xfffffffffffffde5, &(0x7f0000000140)={&(0x7f00000002c0)=@getchain={0x34, 0x66, 0x211, 0x709d28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0x1, 0x1}, {0x0, 0xe}}, [{0x4, 0xb, 0xcab7}, {0x8, 0xb, 0xfffffff7}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null, 0xf, 'dummy0\x00'})
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000008000000040000000600000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="17fa0000000009000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x6, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r5, 0x1, 0x1}, 0x48)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x7, 0x12, r4, 0x6cf9e000)
r8 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
fcntl$addseals(r9, 0x409, 0xa)
syz_open_dev$audion(&(0x7f0000000080), 0x1, 0x100)
syz_emit_ethernet(0x72, &(0x7f00000002c0)={@broadcast, @empty, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0x38, 0x3a, 0x1, @empty, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x2, '\x00', {0x3, 0x6, "39afb8", 0xf648, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, [@srh={0x4, 0x0, 0x4, 0x0, 0x2, 0xd8, 0x9}]}}}}}}}, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r8)

1.300341507s ago: executing program 7 (id=3857):
set_mempolicy(0x4005, &(0x7f00000001c0)=0x7f, 0x8)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000600)='./binderfs2/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000280)={0x73622a85, 0x310b, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x9740c1, 0x0)
pipe2$watch_queue(&(0x7f0000000000), 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0x84, &(0x7f0000000100)={0x0, 0x3f7, 0x3, 0x0, 0x2, 0x7fff, 0x9, 0x7, {0x0, @in={{0x2, 0x4e23, @local}}, 0x4, 0x7, 0x4, 0x1, 0x5}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = memfd_secret(0x0)
r4 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10000, 0x3, 0x0, 0x0, r3}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000500)=<r6=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000800)=ANY=[@ANYRES8=r7, @ANYBLOB="8a9f66f6671778b8165dec1b711b6fac5b9a82da1f55fe932d07151c8fae4f7045ca60cae8bfedea3e922a0a48435e8e91553774e8b32a6f887f17730672ac2fb8c8e4cdc03f7062a4c44eb4885f7d279659242ae296377c2ee7f561312c9bad8ec4007c6de111f422bb6c", @ANYBLOB="54ca88999b02a13bd26eb7aa716e93fed13baf8492ab8b389c2b5ca5b36f6ed914b8748b28e690a07951511162643bcaa0fa1334b2e35c4725f228334527f8a902d0d058846461e647910ba1af8b4d90226496772a7b7ba0b1ebf10d528b954dbbc1fdbb1bd152197ad1621eddd412f5eaf92c07039f1de2b2f809e2fb0515e66c1fa9e94f1406f4bb62597f355e1cf86f142d3a9c534a821267595312d353572d2e9c631c41c70f3852cdf5bec1ae55"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x1800, &(0x7f0000000280)={0x100004, 0x8b, 0x100000, {r9}}, 0x20)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x3, 0x0, r3, 0x0, r0, 0x2, 0x0, 0x1fafd03b815e7a8f})
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000480)={@ptr={0x70742a85, 0x1, &(0x7f0000000380)=""/2, 0x2, 0x0, 0x8}, @flat=@weak_handle={0x77682a85, 0x1001, 0x10000002}, @fd={0x66642a85, 0x0, r8}}, &(0x7f00000003c0)={0x0, 0x28, 0x40}}}], 0x0, 0x0, 0x0})
r10 = dup3(r1, r3, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
write$cgroup_pressure(r3, &(0x7f0000000340)={'some', 0x20, 0x1b, 0x20, 0x3}, 0x2f)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000002c0)={0x8, 0x0, &(0x7f0000000180)=[@decrefs], 0x0, 0x0, 0x0})

1.140211314s ago: executing program 8 (id=3858):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000000)={'\x00', 0x7fff, 0xc86, 0x2, 0x3, 0x8, <r2=>0x0})
prlimit64(r2, 0xc, &(0x7f0000000340)={0x101, 0x100}, &(0x7f0000000380))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
inotify_add_watch(0xffffffffffffffff, 0x0, 0x20000002)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0x70)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x25dfdbfc, {0x60, 0x0, 0x0, r9, {0x0, 0x3}, {0x5, 0x2}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40000)
syz_create_resource$binfmt(0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x8040)

650.343418ms ago: executing program 5 (id=3859):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x74000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0)

649.180375ms ago: executing program 1 (id=3860):
r0 = socket$inet(0x2, 0x3, 0x5)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89e0, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x0, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x65, 0x0, 0x0, 0x2f, 0x0, @local, @private=0xa010100}}}})

648.865992ms ago: executing program 1 (id=3861):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
fremovexattr(r0, &(0x7f0000000180)=@random={'btrfs.', '\x00'})
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r3 = dup(r2)
read$FUSE(r3, &(0x7f0000003c40)={0x2020}, 0xffffff0a)
lseek(r3, 0x20000000001, 0x1)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000080)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x9, @loopback, 0x2}}, 0x0, 0x1, 0x477c8f14, 0x80000000, 0x7}, &(0x7f0000000140)=0x98)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000000240)={r4, @in={{0x2, 0x4e20, @remote}}}, 0x84)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, "1a88ef816c4b42ed", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "066580001e00"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x11a, 0x4, &(0x7f0000000000)=0x8000, 0x4)

648.335866ms ago: executing program 5 (id=3862):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0xfffffea0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x0, 0x20000000)
recvmmsg(r2, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f00000007c0)=""/32, 0x20}, {&(0x7f0000000840)=""/161, 0xa1}, {&(0x7f0000000900)=""/213, 0xd5}, {&(0x7f0000000a00)=""/245, 0xf5}, {&(0x7f0000000b00)=""/107, 0x6b}, {&(0x7f0000004640)=""/177, 0xb1}, {&(0x7f0000000c40)=""/131, 0x83}, {&(0x7f0000000d00)=""/210, 0xd2}, {&(0x7f0000000e00)=""/126, 0x7e}], 0x9}, 0x101}, {{&(0x7f0000000f00)=@hci, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000f80)=""/55, 0x37}, {&(0x7f0000000fc0)=""/95, 0x5f}, {&(0x7f0000001040)=""/114, 0x72}], 0x3, &(0x7f0000001100)=""/125, 0x7d}, 0xfffffff8}, {{&(0x7f0000001180)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000001200)=""/167, 0xa7}], 0x1, &(0x7f0000001300)=""/251, 0xfb}, 0x3}, {{&(0x7f0000001480)=@qipcrtr, 0x80, &(0x7f0000001900)=[{&(0x7f0000001500)=""/67, 0x43}, {&(0x7f0000001580)=""/104, 0x68}, {&(0x7f0000001600)=""/90, 0x5a}, {&(0x7f0000000b80)=""/113, 0x71}, {&(0x7f0000001700)=""/245, 0xf5}, {&(0x7f0000001800)=""/227, 0xe3}], 0x6, &(0x7f0000001940)=""/88, 0x58}, 0x9}, {{&(0x7f00000019c0)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000001a40)=""/25, 0x19}, {&(0x7f0000001400)=""/70, 0x46}, {&(0x7f0000001ac0)=""/216, 0xd8}, {&(0x7f0000001bc0)=""/4096, 0x1000}, {&(0x7f0000002bc0)=""/155, 0x9b}, {&(0x7f0000002c80)=""/190, 0xbe}, {&(0x7f0000002d40)=""/225, 0xe1}], 0x7, &(0x7f0000002e80)=""/194, 0xc2}, 0xa}, {{&(0x7f0000002f80)=@nl, 0x80, &(0x7f0000004480)=[{&(0x7f0000002e40)=""/37, 0x25}, {&(0x7f0000003040)=""/96, 0x60}, {&(0x7f00000030c0)=""/254, 0xfe}, {&(0x7f00000031c0)=""/4096, 0x1000}, {&(0x7f00000041c0)=""/254, 0xfe}, {&(0x7f00000042c0)=""/236, 0xec}, {&(0x7f00000043c0)=""/181, 0xb5}], 0x7, &(0x7f00000044c0)=""/139, 0x8b}, 0x6}], 0x6, 0x12000, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r3, 0x2283, &(0x7f0000000040)=0x37)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="4c0000002000010000000000003d62000a801400000700070700000014000200fc020000000000000000000000000001050016002c0000001400010020010000000000000000000000000001abdc125cf4811521484587a2f9c573e22b2fd472c95fa537abe60e11902811730e47fe0a3e59bbdbd71e533b9a65f76ca06db5b8ebf1676eda96aa0d6fc2f8cbc0c67cc020136f1d95d34d89d5ac64ebc3789388e0ff0bbf48e6cd4638b71072a99b0376a41c010a801c0f4a2dc3034269030029f47ac5bfe1b6de4995508c7b11bee8b940c7bd135194c6e44f4dc67d872d9790d795040241d529f61cb899955067b5f67268e8bba9a389a8e3f7f5c2de16079c817cd80767d13db4a9ae0ab5933de7917108a03ac0897b11"], 0x4c}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010003904000000000000000006000000", @ANYRESDEC=r0, @ANYRESDEC=r3], 0x3c}}, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r5, 0xc0403d11, 0x0)
r6 = socket$inet(0xa, 0x2, 0x84)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000397000/0x4000)=nil, 0x4000, 0xb, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$unix(0x1, 0x1, 0x0)
pipe(&(0x7f0000000800)={<r8=>0xffffffffffffffff})
r9 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r9, &(0x7f0000000280), 0x10)
sendmsg$can_bcm(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="0500000000000000", @ANYRES16=r5, @ANYRES64=0xea60, @ANYRES16=0x0, @ANYRES64=<r10=>0x0, @ANYBLOB="f70e43000060"], 0x48}}, 0x0)
sendmsg$can_bcm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=ANY=[@ANYRES8=r8, @ANYRESDEC, @ANYRES16=r4, @ANYRESHEX=r10, @ANYRESOCT=r6, @ANYBLOB="075cbb8ec2962bc9586b566f58063b8a5fd8f0973bb3af51ab34c19b9eee475572c3c1f02ddd95daad3456c36957ab5d67cd264e14f48bae1e6a63152023ca395afa6a3a1540629884b9cec223660272a3b6bec189ae87a64f4abd2bfadaeeb4a453871a6d638c02f96bdeb86a50086c412701e7b6e66c2cc88287edca147c9ae6775e5cc15dc7082885e81c37a03d497189785ff41c84fc53a18ef8f4867b75025038caa3edb61858008f6682032f6915cd0f2b33b1bdee9cde95746f134dc29848abaf91129cd90da9d78c19abaf902a"], 0x48}}, 0x8001)
ioctl$VIDIOC_TRY_FMT(r8, 0xc0cc5640, &(0x7f0000004700)={0x7, @sliced={0x800, [0x5, 0x6, 0xfff7, 0x4, 0x1144, 0x6, 0x0, 0x1000, 0x5, 0x7, 0x2, 0x2, 0x3ff, 0x8, 0x3, 0x1, 0x4, 0xc181, 0x87b, 0x3, 0x101, 0x3, 0x931, 0x6, 0x8, 0x9, 0x46c, 0x9, 0xa, 0x8d, 0x5, 0x3, 0x0, 0x2, 0x4, 0x58b, 0x4, 0x1, 0xffc, 0x2, 0x9, 0x5, 0x4, 0x4, 0x9, 0x6, 0x4, 0xb], 0x2}})
cachestat(r7, &(0x7f0000000040), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x8, 0x3, 0x2f4, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0x100}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@empty, [0x1fe, 0xff000000, 0xffffff00, 0xff], 0x4e21, 0x4e23, 0x4e22, 0x4e21, 0xd04, 0x7f, 0x0, 0x6, 0x8}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffffff], [0xffffff00], 'wg1\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x3, 0x0, 0x50}, 0x0, 0xfc, 0x12c, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'virt_wifi0\x00', {0x0, 0x0, 0x40004, 0x0, 0xffffffff, 0x7, 0x3ff, 0x98}, {0xfffffffffffffffe}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x350)
socket(0x2, 0x80805, 0x0)

420.456571ms ago: executing program 7 (id=3863):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="03062fbd7000fcdbdf250300000005000300000000000c00017545090000", @ANYRES32=r1], 0x28}}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

418.326594ms ago: executing program 1 (id=3864):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket(0x1d, 0x4, 0x6454)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xa005, 0x20, 0x0, 0x4}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pipe(0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0x5, 0x0, 0x0)
writev(r6, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e4220000001f0100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r6)
readv(r5, &(0x7f0000002a40)=[{&(0x7f00000007c0)=""/4096, 0x1000}], 0x1)
r7 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x550503)
r8 = socket$packet(0x11, 0x2, 0x300)
r9 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r10=>0x0})
setsockopt$CAN_RAW_FD_FRAMES(r9, 0x65, 0x5, 0x0, 0x0)
sendmsg$can_raw(r9, &(0x7f0000000340)={&(0x7f0000000080)={0x1d, r10}, 0x10, &(0x7f0000000000)={0x0}}, 0x1)
getsockopt$packet_buf(r8, 0x107, 0x6, 0x0, &(0x7f00000000c0))
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r7, 0xc01864cd, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000180)=""/24, 0xfffffff8, 0x0, 0x1f, 0xb4, &(0x7f00000001c0)="1e47d408fd73c8483987d1f03590afde798e2b2ec8ed9d252d15d34c4a783b", &(0x7f0000000380)="0904728a1a0918744da34f26fc5f312fb4709ef763b0d6586e06854eccee28d477856a24572dffb60dee925e8f7f2780692cea37e6370d762ca8f2047320fc9d302e40dc0e296b37385e22824bb865a61a69331a381c18cf9854b303e4c6adc7a7b78c5e9a16b5f7f8548adfc3bd9ab04b4d55150b9645b928313ef73bc110a258906f85ff343e08141e8b015f65896e940dcd3da16d31b7032e57a5266ed19db91996bbd09c5d1b088af95ecb95babf716f9e54", 0x1, 0x0, 0x1}, 0x4c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x1b, 0x0, @fd, 0x3, 0x0, 0xcce, 0x2, 0x1})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000300)=@in6={0xa, 0x4e24, 0x3, @local, 0x5}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x800c0c0}, 0x240400c0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), 0x0)

418.02198ms ago: executing program 7 (id=3865):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xc4bc, 0x10100, 0x0, 0xbe}, &(0x7f0000002000)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r3, 0x48eb, 0x1158, 0x2, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x10004, &(0x7f0000000280)={<r6=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
capset(&(0x7f0000000500)={0x19980330}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x3})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x24, r9, 0x1, 0x50bd26, 0x25dfdbf8, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r8}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x20044040}, 0x24008004)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r11, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010007bd7000fddbdf2555000000080001006400000008000300", @ANYRES32=r12], 0x24}, 0x1, 0x0, 0x0, 0x40000a0}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
r13 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r13)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r14 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r14, &(0x7f0000000140)='fdinfo\x00')
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000380)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @mcast1, 0x3}, r6, 0x7}}, 0x48)

207.331184ms ago: executing program 8 (id=3866):
r0 = socket(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000240)={0x84, 0x467b, 0x2, {0x1d, 0x1}, {0x52, 0x2}, @ramp={0x0, 0xffee, {0xe8, 0x405, 0x3df, 0x57c2}}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001080)=ANY=[@ANYBLOB="e0000000100001002dbd7000fcdbdf256563622861726334292d"], 0xe0}, 0x1, 0x0, 0x0, 0x24008805}, 0x80)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x12d8)
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0xfffffffffffffde5, &(0x7f0000000140)={&(0x7f00000002c0)=@getchain={0x34, 0x66, 0x211, 0x709d28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0x1, 0x1}, {0x0, 0xe}}, [{0x4, 0xb, 0xcab7}, {0x8, 0xb, 0xfffffff7}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000000300)={@null, 0xf, 'dummy0\x00'})
r4 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000008000000040000000600000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="17fa0000000009000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000000700000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x6, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r5, 0x1, 0x1}, 0x48)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x7, 0x12, r4, 0x6cf9e000)
r8 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
fcntl$addseals(r9, 0x409, 0xa)
syz_open_dev$audion(&(0x7f0000000080), 0x1, 0x100)
syz_emit_ethernet(0x72, &(0x7f00000002c0)={@broadcast, @empty, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0x38, 0x3a, 0x1, @empty, @local, {[], @time_exceed={0x3, 0x0, 0x0, 0x2, '\x00', {0x3, 0x6, "39afb8", 0xf648, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0x1}, [@srh={0x4, 0x0, 0x4, 0x0, 0x2, 0xd8, 0x9}]}}}}}}}, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r8)

0s ago: executing program 8 (id=3867):
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x80}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x200, 0x70bd28}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x4000001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x58, &(0x7f0000000340)}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x3c}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SET_CPUID(0x1e, r0, 0x0, 0x1012)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r3, 0x8949, &(0x7f0000000000))
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0xfffffffffffffde9, &(0x7f0000001ac0)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000002d00010026bd7000fcdbdf2504002600"/32], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
r6 = socket$inet6(0xa, 0x4, 0xfffffffc)
setsockopt$inet6_udp_int(r6, 0x11, 0x66, &(0x7f0000000100)=0xc6, 0x4)
setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)

kernel console output (not intermixed with test programs):

 vkms_vblank_simulate: vblank timer overrun
[  916.145232][   T52] usb 52-1: SetAddress Request (2) to port 0
[  916.149213][   T52] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd
[  916.310617][    C0] vkms_vblank_simulate: vblank timer overrun
[  916.466602][    C0] vkms_vblank_simulate: vblank timer overrun
[  916.534578][    C0] vkms_vblank_simulate: vblank timer overrun
[  916.584649][    C0] vkms_vblank_simulate: vblank timer overrun
[  916.746540][    C0] vkms_vblank_simulate: vblank timer overrun
[  917.017303][T17714] netlink: 'syz.1.3009': attribute type 11 has an invalid length.
[  917.191902][    C0] vkms_vblank_simulate: vblank timer overrun
[  917.215645][T17711] lo speed is unknown, defaulting to 1000
[  917.235736][    C0] vkms_vblank_simulate: vblank timer overrun
[  917.318547][    C0] vkms_vblank_simulate: vblank timer overrun
[  917.374580][    C0] vkms_vblank_simulate: vblank timer overrun
[  917.610502][T17702] vhci_hcd: connection reset by peer
[  917.616974][ T1148] vhci_hcd: stop threads
[  917.620304][ T1148] vhci_hcd: release socket
[  917.623866][ T1148] vhci_hcd: disconnect device
[  918.108315][    C0] vkms_vblank_simulate: vblank timer overrun
[  918.432428][T17737] binder: BINDER_SET_CONTEXT_MGR already set
[  918.435647][T17737] binder: 17736:17737 ioctl 4018620d 80004a80 returned -16
[  918.441327][T17737] binder: BINDER_SET_CONTEXT_MGR already set
[  918.457997][T17737] binder: 17736:17737 ioctl 4018620d 80000100 returned -16
[  919.238637][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.261142][T17753] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  919.378609][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.454550][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.486549][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.706645][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.754535][    C0] vkms_vblank_simulate: vblank timer overrun
[  919.847467][T17762] lo speed is unknown, defaulting to 1000
[  920.072164][T17769] netlink: 'syz.5.3022': attribute type 11 has an invalid length.
[  920.090662][T17774] team0: No ports can be present during mode change
[  920.100101][T17774] vlan0: entered promiscuous mode
[  920.111725][T17774] team0: Port device vlan0 added
[  920.213479][T17774] tipc: Started in network mode
[  920.238762][T17774] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  920.242158][T17774] tipc: Enabled bearer <eth:team0>, priority 10
[  921.234337][ T7224] tipc: Node number set to 11578026
[  921.538456][   T52] usb 52-1: device descriptor read/8, error -110
[  922.214709][   T52] usb usb52-port1: attempt power cycle
[  922.355007][T17783] TCP: TCP_TX_DELAY enabled
[  922.742697][ T7219] usb 13-1: new high-speed USB device number 3 using dummy_hcd
[  922.824969][   T52] usb usb52-port1: unable to enumerate USB device
[  922.908451][ T7219] usb 13-1: Using ep0 maxpacket: 8
[  922.928858][ T7219] usb 13-1: config 0 has no interfaces?
[  922.931403][ T7219] usb 13-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  922.938130][ T7219] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.957976][ T7219] usb 13-1: config 0 descriptor??
[  923.217002][ T7224] usb 13-1: USB disconnect, device number 3
[  923.217602][T17801] FAULT_INJECTION: forcing a failure.
[  923.217602][T17801] name failslab, interval 1, probability 0, space 0, times 0
[  923.245428][T17801] CPU: 0 UID: 0 PID: 17801 Comm: syz.5.3034 Not tainted syzkaller #0 PREEMPT(full) 
[  923.245457][T17801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  923.245470][T17801] Call Trace:
[  923.245477][T17801]  <TASK>
[  923.245486][T17801]  dump_stack_lvl+0x16c/0x1f0
[  923.245521][T17801]  should_fail_ex+0x512/0x640
[  923.245550][T17801]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  923.245573][T17801]  should_failslab+0xc2/0x120
[  923.245595][T17801]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  923.245617][T17801]  ? __kernfs_new_node+0xd2/0x8e0
[  923.245644][T17801]  __kernfs_new_node+0xd2/0x8e0
[  923.245669][T17801]  ? __pfx___kernfs_new_node+0x10/0x10
[  923.245698][T17801]  ? find_held_lock+0x2b/0x80
[  923.245718][T17801]  ? kernfs_root+0xee/0x2a0
[  923.245746][T17801]  kernfs_new_node+0x13c/0x1e0
[  923.245777][T17801]  __kernfs_create_file+0x53/0x350
[  923.245799][T17801]  sysfs_add_file_mode_ns+0x207/0x3c0
[  923.245846][T17801]  internal_create_group+0x578/0xf30
[  923.245875][T17801]  ? __pfx_internal_create_group+0x10/0x10
[  923.245903][T17801]  ? kernfs_create_link+0x1bd/0x240
[  923.245924][T17801]  internal_create_groups+0x9d/0x150
[  923.245951][T17801]  device_add+0x6d1/0x1aa0
[  923.245974][T17801]  ? __pfx_device_add+0x10/0x10
[  923.245993][T17801]  ? lockdep_init_map_type+0x5c/0x280
[  923.246019][T17801]  ? __init_waitqueue_head+0xca/0x150
[  923.246053][T17801]  netdev_register_kobject+0x1a9/0x3d0
[  923.246077][T17801]  register_netdevice+0x13dc/0x2270
[  923.246110][T17801]  ? __pfx_register_netdevice+0x10/0x10
[  923.246129][T17801]  ? dev_addr_mod+0x316/0x540
[  923.246156][T17801]  __tun_chr_ioctl+0x1ed9/0x48b0
[  923.246176][T17801]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  923.246210][T17801]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  923.246234][T17801]  ? hook_file_ioctl_common+0x145/0x410
[  923.246264][T17801]  ? __fget_files+0x20e/0x3c0
[  923.246292][T17801]  ? __pfx_tun_chr_compat_ioctl+0x10/0x10
[  923.246311][T17801]  __ia32_compat_sys_ioctl+0x242/0x370
[  923.246343][T17801]  __do_fast_syscall_32+0x7c/0x300
[  923.246372][T17801]  do_fast_syscall_32+0x32/0x80
[  923.246388][T17801]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  923.246437][T17801] RIP: 0023:0xf705e579
[  923.246451][T17801] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  923.246469][T17801] RSP: 002b:00000000f544e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  923.246502][T17801] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400454ca
[  923.246515][T17801] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  923.246525][T17801] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  923.246538][T17801] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  923.246550][T17801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  923.246572][T17801]  </TASK>
[  925.836404][T17832] lo speed is unknown, defaulting to 1000
[  926.236081][T17832] netlink: 'syz.8.3042': attribute type 11 has an invalid length.
[  927.133439][   T41] kauditd_printk_skb: 27 callbacks suppressed
[  927.133458][   T41] audit: type=1804 audit(926.465:1919): pid=17852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3046" name="/newroot/24/file0/file0" dev="9p" ino=71827949 res=1 errno=0
[  927.198509][   T41] audit: type=1804 audit(926.515:1920): pid=17850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3046" name="/newroot/24/file0/file0" dev="9p" ino=71827949 res=1 errno=0
[  930.167933][   T41] audit: type=1800 audit(929.475:1921): pid=17867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.3050" name="bus" dev="ramfs" ino=106553 res=0 errno=0
[  931.760995][T17885] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3057'.
[  931.891107][T17888] lo speed is unknown, defaulting to 1000
[  931.987021][T17892] netlink: 'syz.7.3056': attribute type 11 has an invalid length.
[  934.708142][T17909] block nbd1: Attempted send on invalid socket
[  934.711505][T17909] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  934.714626][T17909] vxfs: unable to read disk superblock at 1
[  934.718345][T17909] block nbd1: Attempted send on invalid socket
[  934.721877][T17909] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  934.725205][T17909] vxfs: unable to read disk superblock at 8
[  934.727243][T17909] vxfs: can't find superblock.
[  934.822745][T17909] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  936.661491][T17940] lo speed is unknown, defaulting to 1000
[  936.826356][T17946] netlink: 'syz.5.3069': attribute type 11 has an invalid length.
[  937.686226][T17960] loop6: detected capacity change from 0 to 524287999
[  937.714104][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.718520][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.746658][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.750165][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.784178][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.798031][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.814472][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.821524][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  937.898631][T17960] ldm_validate_partition_table(): Disk read failed.
[  937.987337][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  938.086088][T17960] Buffer I/O error on dev loop6, logical block 0, async page read
[  938.100142][T17960] Dev loop6: unable to read RDB block 0
[  938.408677][T17960]  loop6: unable to read partition table
[  938.412828][T17960] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  938.447916][T17963] ldm_validate_partition_table(): Disk read failed.
[  938.490367][    C1] vkms_vblank_simulate: vblank timer overrun
[  938.540652][T17963] Dev loop6: unable to read RDB block 0
[  938.574644][T17963]  loop6: unable to read partition table
[  938.581505][T17963] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  938.713255][ T6003] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  939.266315][T17975] FAULT_INJECTION: forcing a failure.
[  939.266315][T17975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  939.281480][T17975] CPU: 0 UID: 0 PID: 17975 Comm: syz.8.3079 Not tainted syzkaller #0 PREEMPT(full) 
[  939.281506][T17975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  939.281517][T17975] Call Trace:
[  939.281524][T17975]  <TASK>
[  939.281531][T17975]  dump_stack_lvl+0x16c/0x1f0
[  939.281565][T17975]  should_fail_ex+0x512/0x640
[  939.281596][T17975]  _copy_to_user+0x32/0xd0
[  939.281619][T17975]  simple_read_from_buffer+0xcb/0x170
[  939.281640][T17975]  proc_fail_nth_read+0x197/0x240
[  939.281661][T17975]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  939.281690][T17975]  ? rw_verify_area+0xcf/0x6c0
[  939.281709][T17975]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  939.281730][T17975]  vfs_read+0x1e4/0xcf0
[  939.281755][T17975]  ? __pfx_vfs_read+0x10/0x10
[  939.281773][T17975]  ? find_held_lock+0x2b/0x80
[  939.281800][T17975]  ? __fget_files+0x20e/0x3c0
[  939.281827][T17975]  ksys_read+0x12a/0x250
[  939.281847][T17975]  ? __pfx_ksys_read+0x10/0x10
[  939.281870][T17975]  ? rcu_is_watching+0x12/0xc0
[  939.281893][T17975]  __do_fast_syscall_32+0x7c/0x300
[  939.281923][T17975]  do_fast_syscall_32+0x32/0x80
[  939.281940][T17975]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  939.281962][T17975] RIP: 0023:0xf7ff5579
[  939.281977][T17975] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  939.281993][T17975] RSP: 002b:00000000f54f6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  939.282010][T17975] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 00000000f54f6620
[  939.282022][T17975] RDX: 000000000000000f RSI: 00000000f7484ff4 RDI: 0000000000000000
[  939.282032][T17975] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  939.282042][T17975] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  939.282052][T17975] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  939.282169][T17975]  </TASK>
[  939.335547][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.496182][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.656367][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.778408][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.853962][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.886750][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.942409][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.983041][    C1] vkms_vblank_simulate: vblank timer overrun
[  940.466733][T17987] lo speed is unknown, defaulting to 1000
[  940.579094][T17993] netlink: 'syz.7.3082': attribute type 11 has an invalid length.
[  942.103299][T17997] netlink: 'syz.1.3083': attribute type 6 has an invalid length.
[  942.214384][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.310410][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.343410][T18000] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  942.346044][T18000] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  942.358090][T18000] vhci_hcd vhci_hcd.0: Device attached
[  942.418369][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.490335][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.518575][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.571556][    C1] vkms_vblank_simulate: vblank timer overrun
[  942.674961][ T7228] usb 48-1: SetAddress Request (16) to port 0
[  942.679578][ T7228] usb 48-1: new SuperSpeed USB device number 16 using vhci_hcd
[  942.802376][    C1] vkms_vblank_simulate: vblank timer overrun
[  943.015751][T18003] vhci_hcd: connection reset by peer
[  943.020332][ T9932] vhci_hcd: stop threads
[  943.024072][ T9932] vhci_hcd: release socket
[  943.028629][ T9932] vhci_hcd: disconnect device
[  947.233722][T18040] lo speed is unknown, defaulting to 1000
[  947.485555][T18042] netlink: 'syz.7.3094': attribute type 11 has an invalid length.
[  947.744610][ T7228] usb 48-1: device descriptor read/8, error -110
[  948.593544][ T7228] usb usb48-port1: attempt power cycle
[  948.637404][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  948.910592][T18064] FAULT_INJECTION: forcing a failure.
[  948.910592][T18064] name failslab, interval 1, probability 0, space 0, times 0
[  948.949029][T18064] CPU: 1 UID: 0 PID: 18064 Comm: syz.8.3101 Not tainted syzkaller #0 PREEMPT(full) 
[  948.949056][T18064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  948.949067][T18064] Call Trace:
[  948.949074][T18064]  <TASK>
[  948.949082][T18064]  dump_stack_lvl+0x16c/0x1f0
[  948.949113][T18064]  should_fail_ex+0x512/0x640
[  948.949139][T18064]  ? fs_reclaim_acquire+0xae/0x150
[  948.949167][T18064]  ? tomoyo_encode2+0x100/0x3e0
[  948.949208][T18064]  should_failslab+0xc2/0x120
[  948.949231][T18064]  __kmalloc_noprof+0xd2/0x510
[  948.949251][T18064]  ? d_absolute_path+0x136/0x1a0
[  948.949278][T18064]  tomoyo_encode2+0x100/0x3e0
[  948.949303][T18064]  tomoyo_encode+0x29/0x50
[  948.949325][T18064]  tomoyo_realpath_from_path+0x18f/0x6e0
[  948.949354][T18064]  tomoyo_path_number_perm+0x245/0x580
[  948.949373][T18064]  ? tomoyo_path_number_perm+0x237/0x580
[  948.949397][T18064]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  948.949443][T18064]  ? find_held_lock+0x2b/0x80
[  948.949460][T18064]  ? hook_file_ioctl_common+0x145/0x410
[  948.949489][T18064]  ? __fget_files+0x20e/0x3c0
[  948.949512][T18064]  security_file_ioctl_compat+0x9b/0x240
[  948.949558][T18064]  __ia32_compat_sys_ioctl+0xc3/0x370
[  948.949587][T18064]  __do_fast_syscall_32+0x7c/0x300
[  948.949621][T18064]  do_fast_syscall_32+0x32/0x80
[  948.949638][T18064]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  948.949659][T18064] RIP: 0023:0xf7ff5579
[  948.949673][T18064] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  948.949690][T18064] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  948.949707][T18064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000541c
[  948.949719][T18064] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  948.949729][T18064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  948.949739][T18064] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  948.949749][T18064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  948.949772][T18064]  </TASK>
[  948.949993][T18064] ERROR: Out of memory at tomoyo_realpath_from_path.
[  949.197710][T18053] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  949.203170][T18053] UDF-fs: Scanning with blocksize 2048 failed
[  949.209751][T18053] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  949.214035][T18053] UDF-fs: Scanning with blocksize 4096 failed
[  949.228926][ T7228] usb usb48-port1: unable to enumerate USB device
[  950.314013][T18093] netlink: 'syz.5.3108': attribute type 11 has an invalid length.
[  950.327545][T18089] lo speed is unknown, defaulting to 1000
[  950.711630][T10244] Bluetooth: hci3: command 0x0406 tx timeout
[  950.903484][T18099] netlink: 124 bytes leftover after parsing attributes in process `syz.1.3109'.
[  950.918611][T18099] mac80211_hwsim hwsim31 wlan1: entered promiscuous mode
[  952.525012][T18109] openvswitch: netlink: ufid size 132 bytes exceeds the range (1, 16)
[  952.544715][T18109] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  953.603852][T18122] lo speed is unknown, defaulting to 1000
[  953.745551][T18128] netlink: 'syz.7.3119': attribute type 11 has an invalid length.
[  955.979234][T18153] netlink: 'syz.5.3117': attribute type 6 has an invalid length.
[  956.441155][   T52] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  956.630161][   T52] usb 13-1: Using ep0 maxpacket: 8
[  956.683554][   T52] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  956.689491][   T52] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  956.698100][   T52] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  956.706758][   T52] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  956.750955][   T52] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  956.755645][   T52] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  957.764792][ T7228] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  957.819599][T18170] lo speed is unknown, defaulting to 1000
[  957.952463][ T7228] usb 10-1: Using ep0 maxpacket: 16
[  957.956399][T18175] netlink: 'syz.1.3129': attribute type 11 has an invalid length.
[  957.970394][ T7228] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  957.977876][ T7228] usb 10-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  958.001630][ T7228] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  958.007143][ T7228] usb 10-1: Product: syz
[  958.010163][ T7228] usb 10-1: Manufacturer: syz
[  958.013363][ T7228] usb 10-1: SerialNumber: syz
[  958.033357][T18177] syz.7.3130 (18177): /proc/18177/oom_adj is deprecated, please use /proc/18177/oom_score_adj instead.
[  958.046792][ T7228] usb 10-1: config 0 descriptor??
[  958.073659][ T7228] hub 10-1:0.0: bad descriptor, ignoring hub
[  958.118403][ T7228] hub 10-1:0.0: probe with driver hub failed with error -5
[  958.123665][T18181] netlink: 'syz.7.3130': attribute type 1 has an invalid length.
[  958.127160][T18181] netlink: 224 bytes leftover after parsing attributes in process `syz.7.3130'.
[  958.134402][ T7228] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  959.002341][   T52] usb 13-1: usb_control_msg returned -71
[  959.004520][   T52] usbtmc 13-1:16.0: can't read capabilities
[  959.033652][   T52] usb 13-1: USB disconnect, device number 4
[  960.189972][T18197] FAULT_INJECTION: forcing a failure.
[  960.189972][T18197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  960.202148][T18197] CPU: 0 UID: 60929 PID: 18197 Comm: syz.1.3132 Not tainted syzkaller #0 PREEMPT(full) 
[  960.202173][T18197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  960.202184][T18197] Call Trace:
[  960.202192][T18197]  <TASK>
[  960.202200][T18197]  dump_stack_lvl+0x16c/0x1f0
[  960.202231][T18197]  should_fail_ex+0x512/0x640
[  960.202272][T18197]  _copy_from_user+0x2e/0xd0
[  960.202295][T18197]  generic_map_update_batch+0x3e9/0x610
[  960.202327][T18197]  ? __pfx_generic_map_update_batch+0x10/0x10
[  960.202354][T18197]  ? __pfx_generic_map_update_batch+0x10/0x10
[  960.202377][T18197]  bpf_map_do_batch+0x5b1/0x680
[  960.202399][T18197]  __sys_bpf+0x4cf9/0x4de0
[  960.202427][T18197]  ? __pfx___sys_bpf+0x10/0x10
[  960.202452][T18197]  ? ksys_write+0x190/0x250
[  960.202474][T18197]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  960.202517][T18197]  ? fput+0x9b/0xd0
[  960.202537][T18197]  ? ksys_write+0x1ac/0x250
[  960.202555][T18197]  ? __pfx_ksys_write+0x10/0x10
[  960.202578][T18197]  __ia32_sys_bpf+0x76/0xe0
[  960.202595][T18197]  __do_fast_syscall_32+0x7c/0x300
[  960.202622][T18197]  do_fast_syscall_32+0x32/0x80
[  960.202636][T18197]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  960.202655][T18197] RIP: 0023:0xf70ae579
[  960.202668][T18197] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  960.202683][T18197] RSP: 002b:00000000f545c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  960.202700][T18197] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000900
[  960.202711][T18197] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  960.202721][T18197] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  960.202731][T18197] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  960.202741][T18197] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  960.202763][T18197]  </TASK>
[  960.675905][T12319] usb 10-1: USB disconnect, device number 21
[  960.803871][T18200] fuse: Unknown parameter 'rRØôì(#Þhû'
[  962.855021][T18219] lo speed is unknown, defaulting to 1000
[  963.078548][T18218] netlink: 'syz.8.3139': attribute type 11 has an invalid length.
[  964.226956][ T7219] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  964.430345][ T7219] usb 10-1: Using ep0 maxpacket: 16
[  964.436189][ T7219] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  964.465753][ T7219] usb 10-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  964.480609][ T7219] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.492217][ T7219] usb 10-1: Product: syz
[  964.496454][ T7219] usb 10-1: Manufacturer: syz
[  964.501544][ T7219] usb 10-1: SerialNumber: syz
[  964.513014][ T7219] usb 10-1: config 0 descriptor??
[  964.540591][ T7219] hub 10-1:0.0: bad descriptor, ignoring hub
[  964.545508][ T7219] hub 10-1:0.0: probe with driver hub failed with error -5
[  964.565183][ T7219] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  965.664582][ T6112] usb 10-1: USB disconnect, device number 22
[  968.008091][T18255] netlink: 'syz.5.3147': attribute type 10 has an invalid length.
[  968.368536][T18264] lo speed is unknown, defaulting to 1000
[  968.457245][T18272] netlink: 'syz.5.3150': attribute type 11 has an invalid length.
[  968.757480][T17507] usb 13-1: new high-speed USB device number 5 using dummy_hcd
[  968.934529][T17507] usb 13-1: Using ep0 maxpacket: 16
[  968.941875][T17507] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  969.043139][T17507] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  969.048063][T17507] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  969.065807][T17507] usb 13-1: Product: syz
[  969.068804][T17507] usb 13-1: Manufacturer: syz
[  969.080522][T17507] usb 13-1: SerialNumber: syz
[  969.097691][T17507] usb 13-1: config 0 descriptor??
[  969.127125][T18279] netlink: 124 bytes leftover after parsing attributes in process `syz.5.3154'.
[  969.130936][T17507] hub 13-1:0.0: bad descriptor, ignoring hub
[  969.162968][T17507] hub 13-1:0.0: probe with driver hub failed with error -5
[  969.168029][T17507] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  971.496866][T17772] usb 13-1: USB disconnect, device number 5
[  971.650178][T18297] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  972.896292][T18305] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3161'.
[  972.949001][T18305] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  973.008574][T18316] lo speed is unknown, defaulting to 1000
[  973.173037][T18322] netlink: 'syz.1.3163': attribute type 11 has an invalid length.
[  976.201049][ T7228] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  976.319323][T10244] Bluetooth: hci0: command 0x0406 tx timeout
[  976.361242][ T7228] usb 13-1: Using ep0 maxpacket: 16
[  976.374767][ T7228] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  976.393598][ T7228] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  976.410158][ T7228] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  976.413792][ T7228] usb 13-1: Product: syz
[  976.423698][ T7228] usb 13-1: Manufacturer: syz
[  976.425472][ T7228] usb 13-1: SerialNumber: syz
[  976.454629][ T7228] usb 13-1: config 0 descriptor??
[  976.458944][ T7228] hub 13-1:0.0: bad descriptor, ignoring hub
[  976.462575][ T7228] hub 13-1:0.0: probe with driver hub failed with error -5
[  976.504869][ T7228] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  976.728668][T18354] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3170'.
[  976.734096][T18354] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3170'.
[  976.774069][T18354] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3170'.
[  977.371303][ T7228] hid_parser_main: 5 callbacks suppressed
[  977.371326][ T7228] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0
[  977.387414][ T7228] hid-generic 0000:0000:0000.0057: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  977.760199][   T41] audit: type=1326 audit(977.098:1922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.793050][T18363] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3173'.
[  977.801836][   T41] audit: type=1326 audit(977.118:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.843970][   T41] audit: type=1326 audit(977.118:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.860160][   T41] audit: type=1326 audit(977.138:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.889734][   T41] audit: type=1326 audit(977.138:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.917240][   T41] audit: type=1326 audit(977.138:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.950257][   T41] audit: type=1326 audit(977.138:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.979636][   T41] audit: type=1326 audit(977.138:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  977.994970][   T41] audit: type=1326 audit(977.138:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  978.017400][   T41] audit: type=1326 audit(977.138:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18361 comm="syz.7.3173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  978.297128][T18365] lo speed is unknown, defaulting to 1000
[  978.450234][T18365] netlink: 'syz.1.3174': attribute type 11 has an invalid length.
[  978.730029][    C0] vkms_vblank_simulate: vblank timer overrun
[  978.925342][T12319] usb 13-1: USB disconnect, device number 6
[  978.976343][    C0] vkms_vblank_simulate: vblank timer overrun
[  979.640574][T18392] netlink: 392 bytes leftover after parsing attributes in process `syz.1.3178'.
[  980.554082][    C0] vkms_vblank_simulate: vblank timer overrun
[  980.626034][    C0] vkms_vblank_simulate: vblank timer overrun
[  981.306229][    C0] vkms_vblank_simulate: vblank timer overrun
[  981.394667][    C0] vkms_vblank_simulate: vblank timer overrun
[  981.758014][    C0] vkms_vblank_simulate: vblank timer overrun
[  982.076694][   T52] hid-generic 0000:0000:0000.0058: unknown main item tag 0x0
[  982.097014][   T52] hid-generic 0000:0000:0000.0058: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  982.513076][T18417] lo speed is unknown, defaulting to 1000
[  982.622425][T18423] netlink: 'syz.7.3186': attribute type 11 has an invalid length.
[  982.826119][   T52] usb 13-1: new high-speed USB device number 7 using dummy_hcd
[  982.998788][   T52] usb 13-1: Using ep0 maxpacket: 16
[  983.080694][   T52] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  983.256039][   T52] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  983.265122][   T52] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  983.277330][   T52] usb 13-1: Product: syz
[  983.279572][   T52] usb 13-1: Manufacturer: syz
[  983.304219][   T52] usb 13-1: SerialNumber: syz
[  983.371543][   T52] usb 13-1: config 0 descriptor??
[  983.381486][   T52] hub 13-1:0.0: bad descriptor, ignoring hub
[  983.454531][   T52] hub 13-1:0.0: probe with driver hub failed with error -5
[  983.459378][   T52] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  983.579261][    C0] vkms_vblank_simulate: vblank timer overrun
[  983.897954][    C0] vkms_vblank_simulate: vblank timer overrun
[  985.581388][T12359] usb 13-1: USB disconnect, device number 7
[  985.664066][T18436] FAULT_INJECTION: forcing a failure.
[  985.664066][T18436] name failslab, interval 1, probability 0, space 0, times 0
[  985.673605][T18436] CPU: 0 UID: 0 PID: 18436 Comm: syz.8.3189 Not tainted syzkaller #0 PREEMPT(full) 
[  985.673633][T18436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  985.673645][T18436] Call Trace:
[  985.673653][T18436]  <TASK>
[  985.673662][T18436]  dump_stack_lvl+0x16c/0x1f0
[  985.673694][T18436]  should_fail_ex+0x512/0x640
[  985.673720][T18436]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  985.673746][T18436]  should_failslab+0xc2/0x120
[  985.673769][T18436]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  985.673793][T18436]  ? kvasprintf_const+0x66/0x1a0
[  985.673846][T18436]  kvasprintf+0xbc/0x160
[  985.673866][T18436]  ? __pfx_kvasprintf+0x10/0x10
[  985.673891][T18436]  ? mark_held_locks+0x49/0x80
[  985.673919][T18436]  kvasprintf_const+0x66/0x1a0
[  985.673938][T18436]  kobject_set_name_vargs+0x5a/0x140
[  985.673955][T18436]  kobject_init_and_add+0xe7/0x190
[  985.673972][T18436]  ? __pfx_kobject_init_and_add+0x10/0x10
[  985.673989][T18436]  ? dev_ioctl+0x290/0x1060
[  985.674013][T18436]  ? do_fast_syscall_32+0x32/0x80
[  985.674026][T18436]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  985.674053][T18436]  ? linkwatch_fire_event+0x20c/0x270
[  985.674071][T18436]  ? netif_carrier_off+0xa3/0xc0
[  985.674092][T18436]  ? veth_set_channels+0x34a/0xc70
[  985.674118][T18436]  netdev_queue_update_kobjects+0x32d/0x720
[  985.674145][T18436]  netif_set_real_num_tx_queues+0x151/0x870
[  985.674171][T18436]  veth_set_channels+0x481/0xc70
[  985.674204][T18436]  ethtool_set_channels+0x438/0x5b0
[  985.674225][T18436]  ? __pfx_ethtool_set_channels+0x10/0x10
[  985.674251][T18436]  ? aa_get_newest_label+0xd2/0x250
[  985.674274][T18436]  ? bpf_lsm_capable+0x9/0x10
[  985.674290][T18436]  ? security_capable+0x7e/0x260
[  985.674312][T18436]  dev_ethtool+0x300e/0x5bc0
[  985.674331][T18436]  ? stack_depot_save_flags+0x29/0x9c0
[  985.674357][T18436]  ? __lock_acquire+0xb97/0x1ce0
[  985.674379][T18436]  ? check_zone_write_pointer+0x335/0xb50
[  985.674404][T18436]  ? __pfx_dev_ethtool+0x10/0x10
[  985.674422][T18436]  ? __do_fast_syscall_32+0x7c/0x300
[  985.674448][T18436]  ? do_fast_syscall_32+0x32/0x80
[  985.674462][T18436]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  985.674515][T18436]  ? kasan_quarantine_put+0x10a/0x240
[  985.674534][T18436]  ? lockdep_hardirqs_on+0x7c/0x110
[  985.674560][T18436]  ? find_held_lock+0x2b/0x80
[  985.674581][T18436]  ? __lock_acquire+0x62e/0x1ce0
[  985.674615][T18436]  ? find_held_lock+0x2b/0x80
[  985.674631][T18436]  ? dev_load+0x8e/0x240
[  985.674657][T18436]  dev_ioctl+0x290/0x1060
[  985.674682][T18436]  compat_sock_ioctl+0x42e/0x730
[  985.674706][T18436]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  985.674723][T18436]  ? hook_file_ioctl_common+0x145/0x410
[  985.674751][T18436]  ? __fget_files+0x20e/0x3c0
[  985.674779][T18436]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  985.674798][T18436]  __ia32_compat_sys_ioctl+0x242/0x370
[  985.674827][T18436]  __do_fast_syscall_32+0x7c/0x300
[  985.674853][T18436]  do_fast_syscall_32+0x32/0x80
[  985.674869][T18436]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  985.674889][T18436] RIP: 0023:0xf7ff5579
[  985.674904][T18436] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  985.674922][T18436] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  985.674941][T18436] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008946
[  985.674951][T18436] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[  985.674962][T18436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  985.674974][T18436] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  985.674984][T18436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  985.675008][T18436]  </TASK>
[  985.675017][T18436] kobject: can not set name properly!
[  986.563098][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.615727][    C0] vkms_vblank_simulate: vblank timer overrun
[  986.757970][    C0] vkms_vblank_simulate: vblank timer overrun
[  987.077956][    C0] vkms_vblank_simulate: vblank timer overrun
[  987.086403][T18451] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3194'.
[  989.529333][T12359] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  989.710486][T12359] usb 12-1: Using ep0 maxpacket: 16
[  989.832311][T12359] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  989.936218][T12359] usb 12-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  989.947100][T12359] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  989.952873][T12359] usb 12-1: Product: syz
[  989.959030][T12359] usb 12-1: Manufacturer: syz
[  989.972246][T12359] usb 12-1: SerialNumber: syz
[  989.983847][T12359] usb 12-1: config 0 descriptor??
[  990.007181][T12359] hub 12-1:0.0: bad descriptor, ignoring hub
[  990.024936][T12359] hub 12-1:0.0: probe with driver hub failed with error -5
[  990.082770][T12359] usb 12-1: Quirk or no altset; falling back to MIDI 1.0
[  991.334374][ T7219] usb 12-1: USB disconnect, device number 3
[  991.558648][T18491] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  992.041047][   T30] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  992.219460][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  992.232097][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  992.261668][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  992.320198][   T30] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  992.345370][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  992.369099][   T30] usb 6-1: config 0 descriptor??
[  993.126607][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.188466][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.238306][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.244346][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.248067][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.300628][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.304544][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.308984][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.322699][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.402929][   T30] plantronics 0003:047F:FFFF.0059: unknown main item tag 0x0
[  993.911621][   T30] plantronics 0003:047F:FFFF.0059: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  994.507755][   T30] usb 6-1: USB disconnect, device number 40
[  995.184423][T18521] random: crng reseeded on system resumption
[  995.207516][T18521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3211'.
[  995.218024][T18521] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3211'.
[  995.255735][ T7228] libceph: connect (1)[c::]:6789 error -101
[  995.258343][ T7228] libceph: mon0 (1)[c::]:6789 connect error
[  995.610877][ T7219] libceph: connect (1)[c::]:6789 error -101
[  995.646133][ T7219] libceph: mon0 (1)[c::]:6789 connect error
[  995.770041][   T52] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  995.942004][   T52] usb 10-1: Using ep0 maxpacket: 16
[  995.951859][   T52] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  995.962028][   T52] usb 10-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  995.970512][   T52] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  995.978170][   T52] usb 10-1: Product: syz
[  995.983830][   T52] usb 10-1: Manufacturer: syz
[  995.986891][   T52] usb 10-1: SerialNumber: syz
[  995.996473][   T52] usb 10-1: config 0 descriptor??
[  995.997256][T18529] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3213'.
[  996.008404][   T52] hub 10-1:0.0: bad descriptor, ignoring hub
[  996.017305][   T52] hub 10-1:0.0: probe with driver hub failed with error -5
[  996.039017][   T52] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  996.052838][T18521] ceph: No mds server is up or the cluster is laggy
[  998.576217][T12319] usb 10-1: USB disconnect, device number 23
[ 1000.407335][T18569] openvswitch: netlink: IP tunnel dst address not specified
[ 1000.569069][T18573] FAULT_INJECTION: forcing a failure.
[ 1000.569069][T18573] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.586953][T18573] CPU: 1 UID: 0 PID: 18573 Comm: syz.7.3223 Not tainted syzkaller #0 PREEMPT(full) 
[ 1000.586980][T18573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1000.586992][T18573] Call Trace:
[ 1000.587001][T18573]  <TASK>
[ 1000.587010][T18573]  dump_stack_lvl+0x16c/0x1f0
[ 1000.587044][T18573]  should_fail_ex+0x512/0x640
[ 1000.587072][T18573]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1000.587097][T18573]  should_failslab+0xc2/0x120
[ 1000.587130][T18573]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1000.587152][T18573]  ? __kernfs_new_node+0xd2/0x8e0
[ 1000.587180][T18573]  __kernfs_new_node+0xd2/0x8e0
[ 1000.587206][T18573]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1000.587236][T18573]  ? find_held_lock+0x2b/0x80
[ 1000.587256][T18573]  ? kernfs_root+0xee/0x2a0
[ 1000.587277][T18573]  kernfs_new_node+0x13c/0x1e0
[ 1000.587304][T18573]  __kernfs_create_file+0x53/0x350
[ 1000.587324][T18573]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1000.587353][T18573]  internal_create_group+0x578/0xf30
[ 1000.587383][T18573]  ? __pfx_internal_create_group+0x10/0x10
[ 1000.587410][T18573]  ? kernfs_create_link+0x1bd/0x240
[ 1000.587433][T18573]  internal_create_groups+0x9d/0x150
[ 1000.587458][T18573]  device_add+0x6d1/0x1aa0
[ 1000.587487][T18573]  ? __pfx_device_add+0x10/0x10
[ 1000.587508][T18573]  ? lockdep_init_map_type+0x5c/0x280
[ 1000.587528][T18573]  ? __init_waitqueue_head+0xca/0x150
[ 1000.587554][T18573]  netdev_register_kobject+0x1a9/0x3d0
[ 1000.587576][T18573]  register_netdevice+0x13dc/0x2270
[ 1000.587595][T18573]  ? __pfx_register_netdevice+0x10/0x10
[ 1000.587614][T18573]  macvlan_common_newlink+0x10e7/0x1a20
[ 1000.587637][T18573]  ? __pfx_macvlan_common_newlink+0x10/0x10
[ 1000.587656][T18573]  ? rtnl_create_link+0xa4a/0xf90
[ 1000.587682][T18573]  ? __pfx_macvlan_newlink+0x10/0x10
[ 1000.587699][T18573]  rtnl_newlink+0xc45/0x2000
[ 1000.587721][T18573]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1000.587740][T18573]  ? kfree_skbmem+0x1a4/0x1f0
[ 1000.587771][T18573]  ? rcu_is_watching+0x12/0xc0
[ 1000.587800][T18573]  ? find_held_lock+0x2b/0x80
[ 1000.587816][T18573]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1000.587830][T18573]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1000.587844][T18573]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1000.587861][T18573]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1000.587879][T18573]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1000.587903][T18573]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1000.587928][T18573]  ? ref_tracker_free+0x37c/0x830
[ 1000.587949][T18573]  netlink_rcv_skb+0x158/0x420
[ 1000.587976][T18573]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1000.587996][T18573]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1000.588031][T18573]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1000.588061][T18573]  netlink_unicast+0x5a7/0x870
[ 1000.588093][T18573]  ? __pfx_netlink_unicast+0x10/0x10
[ 1000.588129][T18573]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1000.588163][T18573]  netlink_sendmsg+0x8d1/0xdd0
[ 1000.588194][T18573]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1000.588225][T18573]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1000.588252][T18573]  ____sys_sendmsg+0xa98/0xc70
[ 1000.588276][T18573]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1000.588296][T18573]  ? get_compat_msghdr+0x11a/0x170
[ 1000.588335][T18573]  ___sys_sendmsg+0x134/0x1d0
[ 1000.588363][T18573]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1000.588400][T18573]  ? find_held_lock+0x2b/0x80
[ 1000.588428][T18573]  __sys_sendmsg+0x16d/0x220
[ 1000.588452][T18573]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1000.588488][T18573]  ? rcu_is_watching+0x12/0xc0
[ 1000.588505][T18573]  __do_fast_syscall_32+0x7c/0x300
[ 1000.588535][T18573]  do_fast_syscall_32+0x32/0x80
[ 1000.588551][T18573]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1000.588572][T18573] RIP: 0023:0xf70ee579
[ 1000.588587][T18573] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1000.588604][T18573] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1000.588621][T18573] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000240
[ 1000.588631][T18573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1000.588642][T18573] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1000.588651][T18573] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1000.588661][T18573] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1000.588686][T18573]  </TASK>
[ 1002.932489][T18612] FAULT_INJECTION: forcing a failure.
[ 1002.932489][T18612] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.989120][T18612] CPU: 2 UID: 0 PID: 18612 Comm: syz.5.3235 Not tainted syzkaller #0 PREEMPT(full) 
[ 1002.989147][T18612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1002.989158][T18612] Call Trace:
[ 1002.989164][T18612]  <TASK>
[ 1002.989172][T18612]  dump_stack_lvl+0x16c/0x1f0
[ 1002.989201][T18612]  should_fail_ex+0x512/0x640
[ 1002.989226][T18612]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1002.989251][T18612]  should_failslab+0xc2/0x120
[ 1002.989273][T18612]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1002.989304][T18612]  ? __alloc_skb+0x2b2/0x380
[ 1002.989333][T18612]  __alloc_skb+0x2b2/0x380
[ 1002.989356][T18612]  ? __pfx___alloc_skb+0x10/0x10
[ 1002.989383][T18612]  ? __pfx___might_resched+0x10/0x10
[ 1002.989412][T18612]  netlink_alloc_large_skb+0x69/0x130
[ 1002.989468][T18612]  netlink_sendmsg+0x6a1/0xdd0
[ 1002.989503][T18612]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1002.989533][T18612]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1002.989559][T18612]  ____sys_sendmsg+0xa98/0xc70
[ 1002.989582][T18612]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1002.989603][T18612]  ? get_compat_msghdr+0x11a/0x170
[ 1002.989638][T18612]  ___sys_sendmsg+0x134/0x1d0
[ 1002.989691][T18612]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1002.989732][T18612]  ? find_held_lock+0x2b/0x80
[ 1002.989769][T18612]  __sys_sendmsg+0x16d/0x220
[ 1002.989799][T18612]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1002.989840][T18612]  ? rcu_is_watching+0x12/0xc0
[ 1002.989864][T18612]  __do_fast_syscall_32+0x7c/0x300
[ 1002.989898][T18612]  do_fast_syscall_32+0x32/0x80
[ 1002.989916][T18612]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1002.989941][T18612] RIP: 0023:0xf705e579
[ 1002.989956][T18612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1002.989976][T18612] RSP: 002b:00000000f544e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1002.989995][T18612] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[ 1002.990008][T18612] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1002.990019][T18612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1002.990029][T18612] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1002.990040][T18612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1002.990067][T18612]  </TASK>
[ 1003.147588][T18610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1003.571032][T18621] No source specified
[ 1003.586196][T18621] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3236'.
[ 1003.736670][T18624] binder: 18623:18624 ioctl c0306201 80000040 returned -22
[ 1004.732755][T18639] tipc: Started in network mode
[ 1004.773973][T18639] tipc: Node identity , cluster identity 4711
[ 1004.785993][T18639] tipc: Failed to obtain node identity
[ 1004.802256][T18639] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[ 1005.275520][T18648] lo speed is unknown, defaulting to 1000
[ 1005.315158][T18654] netlink: 'syz.1.3247': attribute type 11 has an invalid length.
[ 1005.417816][T18659] loop6: detected capacity change from 0 to 524287999
[ 1006.629891][T12319] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1006.810167][T12319] usb 10-1: Using ep0 maxpacket: 8
[ 1006.819705][T12319] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[ 1006.823897][T12319] usb 10-1: config 179 has no interface number 0
[ 1006.826693][T12319] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1006.844018][T12319] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1006.854001][T12319] usb 10-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1006.872825][T12319] usb 10-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1006.885148][T12319] usb 10-1: config 179 interface 65 has no altsetting 0
[ 1006.895778][T12319] usb 10-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1006.912232][T12319] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.950431][T12319] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:179.65/input/input61
[ 1007.022089][ T5371] input input61: unable to receive magic message: -110
[ 1007.047770][ T5371] input input61: unable to receive magic message: -32
[ 1007.061931][ T5371] input input61: unable to receive magic message: -32
[ 1007.119746][ T5371] input input61: unable to receive magic message: -32
[ 1008.062702][T18679] tipc: Started in network mode
[ 1008.089248][T18679] tipc: Node identity b636f9862252, cluster identity 4711
[ 1008.156776][T18679] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1008.403834][T18676] tipc: Disabling bearer <eth:syzkaller0>
[ 1009.482780][T13114] usb 10-1: USB disconnect, device number 24
[ 1009.485276][    C3] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1009.754073][T18706] lo speed is unknown, defaulting to 1000
[ 1010.424637][T18704] netlink: 'syz.5.3262': attribute type 11 has an invalid length.
[ 1011.999288][T17772] usb 10-1: new full-speed USB device number 25 using dummy_hcd
[ 1012.167619][T17772] usb 10-1: config 0 has no interfaces?
[ 1012.170992][T17772] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1012.183346][T17772] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.188690][T17772] usb 10-1: config 0 descriptor??
[ 1014.849992][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1014.887657][ T7228] usb 10-1: USB disconnect, device number 25
[ 1015.233685][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1015.285754][T18753] lo speed is unknown, defaulting to 1000
[ 1015.391357][T18758] netlink: 'syz.5.3273': attribute type 11 has an invalid length.
[ 1016.611767][T18774] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3277'.
[ 1016.647051][T18777] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.3278'.
[ 1016.653668][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1017.164836][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1017.689342][T17772] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1018.033614][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1018.433621][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1018.573624][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1018.602150][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1018.689599][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1018.866770][T18811] lo speed is unknown, defaulting to 1000
[ 1018.872458][T18809] netlink: 'syz.5.3283': attribute type 11 has an invalid length.
[ 1019.289568][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1019.565590][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1023.573310][T18903] netlink: 10 bytes leftover after parsing attributes in process `syz.1.3303'.
[ 1024.298847][T13114] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[ 1024.401728][ T7228] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[ 1024.454199][T13114] usb 13-1: Using ep0 maxpacket: 16
[ 1024.457574][T13114] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1024.481397][T13114] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1024.486496][T13114] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1024.499329][T13114] usb 13-1: Product: syz
[ 1024.501437][T13114] usb 13-1: Manufacturer: syz
[ 1024.510028][T13114] usb 13-1: SerialNumber: syz
[ 1024.513309][T13114] usb 13-1: config 0 descriptor??
[ 1024.517253][T13114] hub 13-1:0.0: bad descriptor, ignoring hub
[ 1024.530483][T13114] hub 13-1:0.0: probe with driver hub failed with error -5
[ 1024.545130][T13114] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[ 1024.547961][T18913] "syz.5.3304" (18913) uses obsolete ecb(arc4) skcipher
[ 1024.578677][ T7228] usb 6-1: Using ep0 maxpacket: 16
[ 1024.595485][ T7228] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1024.614398][ T7228] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1024.619055][ T7228] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1024.624477][ T7228] usb 6-1: Product: syz
[ 1024.627269][ T7228] usb 6-1: Manufacturer: syz
[ 1024.630309][ T7228] usb 6-1: SerialNumber: syz
[ 1024.674275][ T7228] usb 6-1: config 0 descriptor??
[ 1024.680119][ T7228] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1024.682475][ T7228] hub 6-1:0.0: probe with driver hub failed with error -5
[ 1024.692710][ T7228] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1026.317857][T18924] fuse: Unknown parameter 'gr'
[ 1027.302830][T13114] usb 13-1: USB disconnect, device number 8
[ 1027.340764][ T7219] usb 6-1: USB disconnect, device number 41
[ 1028.421887][T18952] netlink: 'syz.8.3314': attribute type 21 has an invalid length.
[ 1028.425014][T18952] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3314'.
[ 1028.739329][T18958] FAULT_INJECTION: forcing a failure.
[ 1028.739329][T18958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1028.751964][T18958] CPU: 1 UID: 0 PID: 18958 Comm: syz.5.3316 Not tainted syzkaller #0 PREEMPT(full) 
[ 1028.751993][T18958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1028.752005][T18958] Call Trace:
[ 1028.752014][T18958]  <TASK>
[ 1028.752023][T18958]  dump_stack_lvl+0x16c/0x1f0
[ 1028.752058][T18958]  should_fail_ex+0x512/0x640
[ 1028.752090][T18958]  _copy_from_user+0x2e/0xd0
[ 1028.752118][T18958]  v4l2_compat_get_array_args+0x55c/0x760
[ 1028.752148][T18958]  ? rcu_is_watching+0x12/0xc0
[ 1028.752170][T18958]  ? __pfx_v4l2_compat_get_array_args+0x10/0x10
[ 1028.752194][T18958]  ? rcu_is_watching+0x12/0xc0
[ 1028.752212][T18958]  ? trace_kmalloc+0x2b/0xd0
[ 1028.752236][T18958]  ? __kvmalloc_node_noprof.cold+0x60/0x65
[ 1028.752264][T18958]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1028.752288][T18958]  ? video_usercopy+0x9c3/0x1440
[ 1028.752321][T18958]  video_usercopy+0xc2d/0x1440
[ 1028.752350][T18958]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1028.752377][T18958]  ? __pfx_video_usercopy+0x10/0x10
[ 1028.752414][T18958]  ? hook_file_ioctl_common+0x145/0x410
[ 1028.752446][T18958]  v4l2_ioctl+0x1ba/0x250
[ 1028.752474][T18958]  v4l2_compat_ioctl32+0x214/0x2c0
[ 1028.752498][T18958]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[ 1028.752524][T18958]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1028.752556][T18958]  __do_fast_syscall_32+0x7c/0x300
[ 1028.752587][T18958]  do_fast_syscall_32+0x32/0x80
[ 1028.752605][T18958]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1028.752627][T18958] RIP: 0023:0xf705e579
[ 1028.752643][T18958] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1028.752661][T18958] RSP: 002b:00000000f540c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1028.752681][T18958] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0185647
[ 1028.752693][T18958] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1028.752705][T18958] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1028.752715][T18958] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1028.752725][T18958] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1028.752749][T18958]  </TASK>
[ 1029.092383][T18960] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3318'.
[ 1029.101587][T18960] bridge_slave_1: left allmulticast mode
[ 1029.103952][T18960] bridge_slave_1: left promiscuous mode
[ 1029.125908][T18960] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1029.212470][T18960] bridge_slave_0: left allmulticast mode
[ 1029.215180][T18960] bridge_slave_0: left promiscuous mode
[ 1029.218218][T18960] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1030.068746][T18970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3320'.
[ 1030.388979][T18981] vivid-000: =================  START STATUS  =================
[ 1030.393685][T18981] vivid-000: Test Pattern: 75% Colorbar
[ 1030.396941][T18981] vivid-000: Fill Percentage of Frame: 100
[ 1030.400084][T18981] vivid-000: Horizontal Movement: Move Right
[ 1030.402842][T18981] vivid-000: Vertical Movement: No Movement
[ 1030.522469][T18981] vivid-000: OSD Text Mode: All
[ 1030.538473][T18984] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1030.539153][T18981] vivid-000: Show Border: false
[ 1030.742252][T18981] vivid-000: Show Square: false
[ 1030.750744][T18981] vivid-000: Sensor Flipped Horizontally: false
[ 1030.756661][T18981] vivid-000: Sensor Flipped Vertically: false
[ 1030.768205][T18981] vivid-000: Insert SAV Code in Image: false
[ 1030.771286][T18981] vivid-000: Insert EAV Code in Image: false
[ 1030.780419][T18981] vivid-000: Insert Video Guard Band: false
[ 1030.787036][T18981] vivid-000: Reduced Framerate: false
[ 1030.796158][T18981] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1030.863564][T18990] tipc: Can't bind to reserved service type 0
[ 1030.873791][T18981] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1030.910680][T18981] vivid-000: Enable Capture Cropping: true
[ 1030.916840][T18981] vivid-000: Enable Capture Composing: true
[ 1030.937492][T18981] vivid-000: Enable Capture Scaler: true
[ 1030.967777][T18981] vivid-000: Timestamp Source: End of Frame
[ 1030.985485][T18981] vivid-000: Colorspace: Rec. 709
[ 1030.987480][T18981] vivid-000: Transfer Function: Default
[ 1031.000826][T18981] vivid-000: Y'CbCr Encoding: Default
[ 1031.010231][T18981] vivid-000: HSV Encoding: Hue 0-179
[ 1031.012907][T18981] vivid-000: Quantization: Default
[ 1031.022320][T18981] vivid-000: Apply Alpha To Red Only: false
[ 1031.063730][T18981] vivid-000: Standard Aspect Ratio: 4x3
[ 1031.066038][T18981] vivid-000: DV Timings Signal Mode: Current DV Timings
[ 1031.075360][T18981] vivid-000: DV Timings: 4096x2160p60 inactive
[ 1031.080340][T18981] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1031.083891][T18981] vivid-000: Maximum EDID Blocks: 2
[ 1031.085323][T18981] vivid-000: Limited RGB Range (16-235): true
[ 1031.088756][T18981] vivid-000: Rx RGB Quantization Range: Automatic
[ 1031.097744][T18981] vivid-000: Power Present: 0x00000001
[ 1031.101801][T18981] tpg source WxH: 1280x720 (R'G'B)
[ 1031.104842][T18981] tpg field: 1
[ 1031.106518][T18981] tpg crop: (0,0)/1280x720
[ 1031.114397][T18981] tpg compose: (0,0)/1280x720
[ 1031.121295][T18981] tpg colorspace: 3
[ 1031.123701][T18981] tpg transfer function: 0/0
[ 1031.127575][T18981] tpg quantization: 0/0
[ 1031.130664][T18981] tpg RGB range: 0/1
[ 1031.161549][T18981] vivid-000: ==================  END STATUS  ==================
[ 1031.217146][T18998] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3330'.
[ 1037.720283][T19080] overlayfs: failed to resolve './bus/file0': -2
[ 1040.423675][T19091] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[ 1041.206348][T19120] lo speed is unknown, defaulting to 1000
[ 1041.653653][T19122] netlink: 'syz.1.3355': attribute type 11 has an invalid length.
[ 1042.365479][   T30] usb 13-1: new high-speed USB device number 9 using dummy_hcd
[ 1042.501408][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1042.581598][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1042.628157][   T30] usb 13-1: Using ep0 maxpacket: 16
[ 1042.658944][   T30] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1042.672227][   T30] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1042.675900][   T30] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1042.679133][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1042.686620][   T30] usb 13-1: Product: syz
[ 1042.686644][   T30] usb 13-1: Manufacturer: syz
[ 1042.686659][   T30] usb 13-1: SerialNumber: syz
[ 1042.689403][   T30] usb 13-1: config 0 descriptor??
[ 1042.700418][   T30] hub 13-1:0.0: bad descriptor, ignoring hub
[ 1042.779834][   T30] hub 13-1:0.0: probe with driver hub failed with error -5
[ 1042.784779][   T30] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[ 1042.865047][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1043.137463][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1043.329508][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1043.364490][T19147] 9pnet_fd: Insufficient options for proto=fd
[ 1043.797799][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1043.845545][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1044.068323][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1044.129142][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1044.613591][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1044.673561][T19154] vivid-000: =================  START STATUS  =================
[ 1044.706928][T19154] vivid-000: Test Pattern: 75% Colorbar
[ 1044.726358][T19154] vivid-000: Fill Percentage of Frame: 100
[ 1044.733689][T19154] vivid-000: Horizontal Movement: Move Right
[ 1044.736403][T19154] vivid-000: Vertical Movement: No Movement
[ 1044.740901][T19154] vivid-000: OSD Text Mode: All
[ 1044.752291][T19154] vivid-000: Show Border: false
[ 1044.754434][T19154] vivid-000: Show Square: false
[ 1044.756569][T19154] vivid-000: Sensor Flipped Horizontally: false
[ 1044.783853][T19154] vivid-000: Sensor Flipped Vertically: false
[ 1044.786412][T19154] vivid-000: Insert SAV Code in Image: false
[ 1044.789163][T19154] vivid-000: Insert EAV Code in Image: false
[ 1044.791583][T19154] vivid-000: Insert Video Guard Band: false
[ 1044.817970][T19154] vivid-000: Reduced Framerate: false
[ 1044.820892][T19154] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[ 1044.825144][T19154] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[ 1044.842130][T19154] vivid-000: Enable Capture Cropping: true
[ 1044.845860][T19154] vivid-000: Enable Capture Composing: true
[ 1044.854204][T19154] vivid-000: Enable Capture Scaler: true
[ 1044.966913][T19154] vivid-000: Timestamp Source: End of Frame
[ 1045.030564][T19154] vivid-000: Colorspace: Rec. 709
[ 1045.045508][T19154] vivid-000: Transfer Function: Default
[ 1045.068249][T19154] vivid-000: Y'CbCr Encoding: Default
[ 1045.080563][T19154] vivid-000: HSV Encoding: Hue 0-179
[ 1045.085837][T19154] vivid-000: Quantization: Default
[ 1045.102953][T19154] vivid-000: Apply Alpha To Red Only: false
[ 1045.149364][T19154] vivid-000: Standard Aspect Ratio: 4x3
[ 1045.152118][T19154] vivid-000: DV Timings Signal Mode: Current DV Timings
[ 1045.155659][T19154] vivid-000: DV Timings: 4096x2160p60 inactive
[ 1045.158764][T19154] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[ 1045.162686][T19154] vivid-000: Maximum EDID Blocks: 2
[ 1045.165379][T19154] vivid-000: Limited RGB Range (16-235): true
[ 1045.168086][T19154] vivid-000: Rx RGB Quantization Range: Automatic
[ 1045.184298][T19154] vivid-000: Power Present: 0x00000001
[ 1045.224963][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1045.267461][T19154] tpg source WxH: 1280x720 (R'G'B)
[ 1045.275381][T19154] tpg field: 1
[ 1045.292810][T19154] tpg crop: (0,0)/1280x720
[ 1045.304647][T19154] tpg compose: (0,0)/1280x720
[ 1045.324768][T19154] tpg colorspace: 3
[ 1045.349827][T19154] tpg transfer function: 0/0
[ 1045.351771][T19154] tpg quantization: 0/0
[ 1045.353430][T19154] tpg RGB range: 0/1
[ 1045.354978][T19154] vivid-000: ==================  END STATUS  ==================
[ 1045.392385][T13114] usb 13-1: USB disconnect, device number 9
[ 1045.465377][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1045.665389][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1045.911345][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1045.997408][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1046.074292][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.095495][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.102035][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.106926][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.122212][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.125561][T19166] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1046.871650][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1046.910624][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1047.045396][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1047.263162][T19171] lo speed is unknown, defaulting to 1000
[ 1047.350024][T19179] netlink: 'syz.8.3369': attribute type 11 has an invalid length.
[ 1048.171653][T19186] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3370'.
[ 1049.872251][T19197] lo speed is unknown, defaulting to 1000
[ 1050.407368][T19198] block nbd8: Attempted send on invalid socket
[ 1050.410066][T19198] I/O error, dev nbd8, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1050.414581][T19198] vxfs: unable to read disk superblock at 1
[ 1050.418152][T19198] block nbd8: Attempted send on invalid socket
[ 1050.431960][T19198] I/O error, dev nbd8, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1050.436115][T19198] vxfs: unable to read disk superblock at 8
[ 1050.438417][T19198] vxfs: can't find superblock.
[ 1050.536470][T19198] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1050.674217][T19197] netlink: 'syz.7.3373': attribute type 11 has an invalid length.
[ 1051.469011][T19220] lo speed is unknown, defaulting to 1000
[ 1051.602471][T19224] netlink: 'syz.1.3379': attribute type 11 has an invalid length.
[ 1052.437828][T19235] "syz.8.3375" (19235) uses obsolete ecb(arc4) skcipher
[ 1057.663557][T19245] fuse: Unknown parameter 'rRØôì(#Þhû'
[ 1059.697518][T19259] lo speed is unknown, defaulting to 1000
[ 1059.724113][T19264] netlink: 'syz.5.3387': attribute type 11 has an invalid length.
[ 1065.008321][T19304] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3398'.
[ 1066.516369][T19314] bridge_slave_0: left allmulticast mode
[ 1066.593122][T19314] bridge_slave_0: left promiscuous mode
[ 1066.677689][T19314] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1066.808411][T19314] bridge_slave_1: left allmulticast mode
[ 1066.877238][T19314] bridge_slave_1: left promiscuous mode
[ 1066.905465][T19314] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1067.359520][T19314] bond0: (slave bond_slave_0): Releasing backup interface
[ 1067.491368][T19314] bond0: (slave bond_slave_1): Releasing backup interface
[ 1067.580190][T19314] team0: Port device team_slave_0 removed
[ 1067.627980][T19314] team0: Port device team_slave_1 removed
[ 1067.652517][T19314] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1067.670538][T19314] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1067.765990][T19314] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1067.774406][T19314] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1067.879399][ T7223] lo speed is unknown, defaulting to 1000
[ 1067.982436][T19316] team0: Mode changed to "activebackup"
[ 1069.164181][T19336] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3405'.
[ 1078.378705][T19365] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3414'.
[ 1079.075508][  T840] usb 13-1: new high-speed USB device number 10 using dummy_hcd
[ 1079.459141][  T840] usb 13-1: Using ep0 maxpacket: 8
[ 1083.448500][  T840] usb 13-1: unable to read config index 0 descriptor/start: -71
[ 1083.452974][  T840] usb 13-1: can't read configurations, error -71
[ 1084.897039][  T840] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[ 1085.138048][  T840] usb 12-1: Using ep0 maxpacket: 16
[ 1085.154441][  T840] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1085.270723][  T840] usb 12-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1085.275180][  T840] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1085.341248][  T840] usb 12-1: Product: syz
[ 1085.343338][  T840] usb 12-1: Manufacturer: syz
[ 1085.348612][  T840] usb 12-1: SerialNumber: syz
[ 1085.353190][  T840] usb 12-1: config 0 descriptor??
[ 1085.359400][  T840] hub 12-1:0.0: bad descriptor, ignoring hub
[ 1085.379871][  T840] hub 12-1:0.0: probe with driver hub failed with error -5
[ 1085.386330][  T840] usb 12-1: Quirk or no altset; falling back to MIDI 1.0
[ 1086.264040][T19426] lo speed is unknown, defaulting to 1000
[ 1087.314990][   T41] kauditd_printk_skb: 21 callbacks suppressed
[ 1087.315010][   T41] audit: type=1326 audit(1086.644:1953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.395648][   T41] audit: type=1326 audit(1086.644:1954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.427577][   T41] audit: type=1326 audit(1086.644:1955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=461 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.505383][   T41] audit: type=1326 audit(1086.644:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.561975][T19444] No source specified
[ 1087.568396][   T41] audit: type=1326 audit(1086.644:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.589016][   T41] audit: type=1326 audit(1086.644:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.627620][   T41] audit: type=1326 audit(1086.644:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.686206][T19445] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3435'.
[ 1087.701441][   T41] audit: type=1326 audit(1086.644:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.773106][   T41] audit: type=1326 audit(1086.644:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1087.819768][   T41] audit: type=1326 audit(1086.644:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19437 comm="syz.5.3434" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1088.528413][T13114] usb 12-1: USB disconnect, device number 4
[ 1088.620178][T19449] tmpfs: Unknown parameter 'hash'
[ 1091.099866][   T30] Process accounting resumed
[ 1091.372635][T19478] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3444'.
[ 1091.380694][T19478] 8021q: VLANs not supported on ip6_vti0
[ 1092.817993][ T7224] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[ 1093.034911][ T7224] usb 12-1: Using ep0 maxpacket: 32
[ 1093.049315][ T7224] usb 12-1: config 0 has an invalid interface number: 184 but max is 0
[ 1093.107117][ T7224] usb 12-1: config 0 has no interface number 0
[ 1093.110531][ T7224] usb 12-1: config 0 interface 184 has no altsetting 0
[ 1093.376338][T19513] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1093.376338][T19513]    program syz.8.3452 not setting count and/or reply_len properly
[ 1094.400434][ T7224] usb 12-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1094.453159][ T7224] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1094.474385][ T7224] usb 12-1: Product: syz
[ 1094.480716][ T7224] usb 12-1: Manufacturer: syz
[ 1094.496481][ T7224] usb 12-1: SerialNumber: syz
[ 1094.620376][ T7224] usb 12-1: config 0 descriptor??
[ 1095.052783][T19529] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3455'.
[ 1096.087496][ T7224] smsc75xx v1.0.0
[ 1096.090181][ T7224] smsc75xx 12-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[ 1096.101408][ T7224] smsc75xx 12-1:0.184: probe with driver smsc75xx failed with error -22
[ 1096.107048][ T7224] usb 12-1: USB disconnect, device number 5
[ 1096.492182][T19536] lo speed is unknown, defaulting to 1000
[ 1096.588745][T19544] netlink: 'syz.7.3458': attribute type 11 has an invalid length.
[ 1097.511820][T19557] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(6)
[ 1097.515060][T19557] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1097.692676][T19557] vhci_hcd vhci_hcd.0: Device attached
[ 1098.049581][T19570] netlink: 'syz.7.3463': attribute type 10 has an invalid length.
[ 1098.064695][T19568] netlink: 'syz.7.3463': attribute type 10 has an invalid length.
[ 1098.073209][T19568] dummy0: left promiscuous mode
[ 1098.085254][   T30] usb 54-1: SetAddress Request (2) to port 0
[ 1098.088670][   T30] usb 54-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1098.093812][T19568] dummy0: left allmulticast mode
[ 1098.146176][T19568] dummy0: entered promiscuous mode
[ 1098.261761][T19568] dummy0: entered allmulticast mode
[ 1098.306716][T19568] team0: Port device dummy0 added
[ 1098.530830][T19558] vhci_hcd: connection reset by peer
[ 1098.539069][T18294] vhci_hcd: stop threads
[ 1098.576280][T18294] vhci_hcd: release socket
[ 1098.595191][T18294] vhci_hcd: disconnect device
[ 1098.875274][T17507] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[ 1100.034116][T17507] usb 12-1: Using ep0 maxpacket: 16
[ 1100.038674][T17507] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1100.047698][T17507] usb 12-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1100.122886][T17507] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1100.136508][T17507] usb 12-1: Product: syz
[ 1100.139172][T17507] usb 12-1: Manufacturer: syz
[ 1100.141788][T17507] usb 12-1: SerialNumber: syz
[ 1100.147181][T17507] usb 12-1: config 0 descriptor??
[ 1100.167378][T17507] hub 12-1:0.0: bad descriptor, ignoring hub
[ 1100.171526][T17507] hub 12-1:0.0: probe with driver hub failed with error -5
[ 1100.184872][T17507] usb 12-1: Quirk or no altset; falling back to MIDI 1.0
[ 1101.084907][T19597] block nbd8: Attempted send on invalid socket
[ 1101.089938][T19597] I/O error, dev nbd8, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1101.111683][T19597] vxfs: unable to read disk superblock at 1
[ 1101.114588][T19597] block nbd8: Attempted send on invalid socket
[ 1101.119001][T19597] I/O error, dev nbd8, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1101.149051][T19597] vxfs: unable to read disk superblock at 8
[ 1101.151664][T19597] vxfs: can't find superblock.
[ 1101.722914][ T7224] usb 12-1: USB disconnect, device number 6
[ 1102.414542][T19608] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3474'.
[ 1102.417812][T19608] netlink: 3 bytes leftover after parsing attributes in process `syz.7.3474'.
[ 1102.447469][T19608] batadv1: entered allmulticast mode
[ 1102.479088][T19608] input: syz1 as /devices/virtual/input/input62
[ 1102.578811][T19617] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1103.174136][   T30] usb 54-1: device descriptor read/8, error -110
[ 1103.303200][T19627] /dev/nullb0: Can't open blockdev
[ 1103.459777][T19628] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1103.467020][T19628] syzkaller0: entered promiscuous mode
[ 1103.470851][T19628] syzkaller0: entered allmulticast mode
[ 1103.850195][   T30] usb usb54-port1: attempt power cycle
[ 1103.861012][T19619] tipc: Resetting bearer <eth:syzkaller0>
[ 1104.018663][T19619] tipc: Disabling bearer <eth:syzkaller0>
[ 1104.552178][   T30] usb usb54-port1: unable to enumerate USB device
[ 1104.706036][T19639] : entered promiscuous mode
[ 1104.800676][T19639] lo speed is unknown, defaulting to 1000
[ 1107.904029][T19662] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[ 1107.919666][T19662] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1107.953659][T19662] vhci_hcd vhci_hcd.0: Device attached
[ 1108.233869][T13114] usb 52-1: SetAddress Request (6) to port 0
[ 1108.237682][T13114] usb 52-1: new SuperSpeed USB device number 6 using vhci_hcd
[ 1108.252164][T19672] FAULT_INJECTION: forcing a failure.
[ 1108.252164][T19672] name failslab, interval 1, probability 0, space 0, times 0
[ 1108.294575][   T41] kauditd_printk_skb: 1 callbacks suppressed
[ 1108.294591][   T41] audit: type=1800 audit(1107.615:1964): pid=19662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.3486" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[ 1108.298370][T19672] CPU: 2 UID: 0 PID: 19672 Comm: syz.8.3489 Not tainted syzkaller #0 PREEMPT(full) 
[ 1108.298395][T19672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1108.298409][T19672] Call Trace:
[ 1108.298416][T19672]  <TASK>
[ 1108.298424][T19672]  dump_stack_lvl+0x16c/0x1f0
[ 1108.298458][T19672]  should_fail_ex+0x512/0x640
[ 1108.298492][T19672]  should_failslab+0xc2/0x120
[ 1108.298516][T19672]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1108.298540][T19672]  ? skb_clone+0x190/0x3f0
[ 1108.298572][T19672]  skb_clone+0x190/0x3f0
[ 1108.298600][T19672]  netlink_deliver_tap+0xabd/0xd30
[ 1108.298635][T19672]  netlink_unicast+0x64c/0x870
[ 1108.298665][T19672]  ? __pfx_netlink_unicast+0x10/0x10
[ 1108.298693][T19672]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1108.298729][T19672]  netlink_sendmsg+0x8d1/0xdd0
[ 1108.298759][T19672]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1108.298787][T19672]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1108.298813][T19672]  ____sys_sendmsg+0xa98/0xc70
[ 1108.298838][T19672]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1108.298859][T19672]  ? get_compat_msghdr+0x11a/0x170
[ 1108.298897][T19672]  ___sys_sendmsg+0x134/0x1d0
[ 1108.298925][T19672]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1108.298964][T19672]  ? find_held_lock+0x2b/0x80
[ 1108.299001][T19672]  __sys_sendmsg+0x16d/0x220
[ 1108.299027][T19672]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1108.299065][T19672]  ? rcu_is_watching+0x12/0xc0
[ 1108.299087][T19672]  __do_fast_syscall_32+0x7c/0x300
[ 1108.299118][T19672]  do_fast_syscall_32+0x32/0x80
[ 1108.299134][T19672]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1108.299156][T19672] RIP: 0023:0xf7ff5579
[ 1108.299176][T19672] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1108.299192][T19672] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1108.299211][T19672] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[ 1108.299227][T19672] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1108.299237][T19672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1108.299247][T19672] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1108.299259][T19672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1108.299284][T19672]  </TASK>
[ 1108.771811][T19665] vhci_hcd: connection reset by peer
[ 1108.792872][  T470] vhci_hcd: stop threads
[ 1108.813364][  T470] vhci_hcd: release socket
[ 1108.815952][  T470] vhci_hcd: disconnect device
[ 1109.172369][T19681] /dev/nullb0: Can't open blockdev
[ 1109.375210][T19683] tipc: Started in network mode
[ 1109.397175][T19683] tipc: Node identity 1a402418d612, cluster identity 4711
[ 1109.415850][T19683] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1109.459804][T19682] syzkaller0: entered promiscuous mode
[ 1109.463363][T19682] syzkaller0: entered allmulticast mode
[ 1109.690250][T19678] tipc: Resetting bearer <eth:syzkaller0>
[ 1109.893420][T19678] tipc: Disabling bearer <eth:syzkaller0>
[ 1110.780548][T19689] program syz.5.3494 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1110.814045][T19691] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[ 1110.883977][T19693] FAULT_INJECTION: forcing a failure.
[ 1110.883977][T19693] name failslab, interval 1, probability 0, space 0, times 0
[ 1110.909899][T19693] CPU: 3 UID: 0 PID: 19693 Comm: syz.5.3496 Not tainted syzkaller #0 PREEMPT(full) 
[ 1110.909926][T19693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1110.909937][T19693] Call Trace:
[ 1110.909944][T19693]  <TASK>
[ 1110.909952][T19693]  dump_stack_lvl+0x16c/0x1f0
[ 1110.909987][T19693]  should_fail_ex+0x512/0x640
[ 1110.910013][T19693]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1110.910037][T19693]  should_failslab+0xc2/0x120
[ 1110.910060][T19693]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1110.910095][T19693]  ? __alloc_skb+0x2b2/0x380
[ 1110.910152][T19693]  __alloc_skb+0x2b2/0x380
[ 1110.910178][T19693]  ? __pfx___alloc_skb+0x10/0x10
[ 1110.910201][T19693]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1110.910231][T19693]  netlink_ack+0x15d/0xb80
[ 1110.910269][T19693]  netlink_rcv_skb+0x332/0x420
[ 1110.910298][T19693]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1110.910318][T19693]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1110.910355][T19693]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1110.910384][T19693]  netlink_unicast+0x5a7/0x870
[ 1110.910411][T19693]  ? __pfx_netlink_unicast+0x10/0x10
[ 1110.910434][T19693]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1110.910464][T19693]  netlink_sendmsg+0x8d1/0xdd0
[ 1110.910492][T19693]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1110.910518][T19693]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1110.910540][T19693]  ____sys_sendmsg+0xa98/0xc70
[ 1110.910560][T19693]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1110.910577][T19693]  ? get_compat_msghdr+0x11a/0x170
[ 1110.910610][T19693]  ___sys_sendmsg+0x134/0x1d0
[ 1110.910636][T19693]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1110.910672][T19693]  ? find_held_lock+0x2b/0x80
[ 1110.910707][T19693]  __sys_sendmsg+0x16d/0x220
[ 1110.910732][T19693]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1110.910768][T19693]  ? rcu_is_watching+0x12/0xc0
[ 1110.910789][T19693]  __do_fast_syscall_32+0x7c/0x300
[ 1110.910819][T19693]  do_fast_syscall_32+0x32/0x80
[ 1110.910834][T19693]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1110.910855][T19693] RIP: 0023:0xf705e579
[ 1110.910873][T19693] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1110.910890][T19693] RSP: 002b:00000000f544e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1110.910909][T19693] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080004380
[ 1110.910920][T19693] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1110.910930][T19693] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1110.910940][T19693] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1110.910949][T19693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1110.910972][T19693]  </TASK>
[ 1111.336127][T19697] usb usb4: usbfs: process 19697 (syz.5.3497) did not claim interface 0 before use
[ 1111.401353][T19700] syzkaller1: entered promiscuous mode
[ 1111.418804][T19700] syzkaller1: entered allmulticast mode
[ 1111.513221][   T41] audit: type=1800 audit(1110.856:1965): pid=19703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3497" name="bus" dev="overlay" ino=761 res=0 errno=0
[ 1111.988819][ T6003] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[ 1112.003554][ T7219] usb 13-1: new high-speed USB device number 12 using dummy_hcd
[ 1112.221957][ T7219] usb 13-1: Using ep0 maxpacket: 16
[ 1112.235349][ T7219] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1112.241882][ T7219] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1112.247559][ T7219] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1112.252814][ T7219] usb 13-1: Product: syz
[ 1112.254534][ T7219] usb 13-1: Manufacturer: syz
[ 1112.256291][ T7219] usb 13-1: SerialNumber: syz
[ 1112.260010][ T7219] usb 13-1: config 0 descriptor??
[ 1112.264477][ T7219] hub 13-1:0.0: bad descriptor, ignoring hub
[ 1112.268302][ T7219] hub 13-1:0.0: probe with driver hub failed with error -5
[ 1112.274511][ T7219] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[ 1113.333645][T13114] usb 52-1: device descriptor read/8, error -110
[ 1113.921652][T13114] usb usb52-port1: attempt power cycle
[ 1114.844659][T13114] usb usb52-port1: unable to enumerate USB device
[ 1114.859582][  T840] usb 13-1: USB disconnect, device number 12
[ 1116.343879][T19761] lo speed is unknown, defaulting to 1000
[ 1116.357370][T19762] lo speed is unknown, defaulting to 1000
[ 1116.535187][T19753] Bluetooth: MGMT ver 1.23
[ 1116.653470][T19765] netlink: 'syz.1.3514': attribute type 11 has an invalid length.
[ 1117.486877][T19785] FAULT_INJECTION: forcing a failure.
[ 1117.486877][T19785] name failslab, interval 1, probability 0, space 0, times 0
[ 1117.496099][T19785] CPU: 1 UID: 0 PID: 19785 Comm: syz.7.3517 Not tainted syzkaller #0 PREEMPT(full) 
[ 1117.496126][T19785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1117.496138][T19785] Call Trace:
[ 1117.496146][T19785]  <TASK>
[ 1117.496154][T19785]  dump_stack_lvl+0x16c/0x1f0
[ 1117.496188][T19785]  should_fail_ex+0x512/0x640
[ 1117.496221][T19785]  ? __kmalloc_noprof+0xbf/0x510
[ 1117.496245][T19785]  ? copy_splice_read+0x1a8/0xc20
[ 1117.496262][T19785]  should_failslab+0xc2/0x120
[ 1117.496286][T19785]  __kmalloc_noprof+0xd2/0x510
[ 1117.496312][T19785]  copy_splice_read+0x1a8/0xc20
[ 1117.496332][T19785]  ? ovl_splice_write+0x3c5/0x6c0
[ 1117.496357][T19785]  ? __pfx_copy_splice_read+0x10/0x10
[ 1117.496374][T19785]  ? __pfx_ovl_splice_write+0x10/0x10
[ 1117.496398][T19785]  ? __pfx_ovl_file_end_write+0x10/0x10
[ 1117.496423][T19785]  ? find_held_lock+0x2b/0x80
[ 1117.496446][T19785]  ? __pfx_ovl_splice_read+0x10/0x10
[ 1117.496468][T19785]  do_splice_read+0x2bd/0x370
[ 1117.496490][T19785]  splice_direct_to_actor+0x2a1/0xa30
[ 1117.496512][T19785]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1117.496538][T19785]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1117.496557][T19785]  ? get_pid_task+0xfc/0x250
[ 1117.496614][T19785]  do_splice_direct+0x174/0x240
[ 1117.496635][T19785]  ? __pfx_do_splice_direct+0x10/0x10
[ 1117.496655][T19785]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1117.496679][T19785]  ? rw_verify_area+0xcf/0x6c0
[ 1117.496702][T19785]  do_sendfile+0xb06/0xe50
[ 1117.496728][T19785]  ? __pfx_do_sendfile+0x10/0x10
[ 1117.496749][T19785]  ? __might_fault+0xe3/0x190
[ 1117.496770][T19785]  ? __might_fault+0x13b/0x190
[ 1117.496799][T19785]  __ia32_compat_sys_sendfile+0x162/0x220
[ 1117.496827][T19785]  ? __pfx___ia32_compat_sys_sendfile+0x10/0x10
[ 1117.496857][T19785]  ? rcu_is_watching+0x12/0xc0
[ 1117.496882][T19785]  __do_fast_syscall_32+0x7c/0x300
[ 1117.496914][T19785]  do_fast_syscall_32+0x32/0x80
[ 1117.496933][T19785]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1117.496952][T19785] RIP: 0023:0xf70ee579
[ 1117.496965][T19785] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1117.496981][T19785] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb
[ 1117.496998][T19785] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000003
[ 1117.497008][T19785] RDX: 0000000080000080 RSI: 0000000000007f03 RDI: 0000000000000000
[ 1117.497018][T19785] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1117.497027][T19785] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1117.497037][T19785] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1117.497059][T19785]  </TASK>
[ 1117.497698][   T41] audit: type=1800 audit(1116.816:1966): pid=19785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3517" name="bus" dev="overlay" ino=868 res=0 errno=0
[ 1118.312132][   T41] audit: type=1800 audit(1117.656:1967): pid=19792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3519" name="bus" dev="overlay" ino=1559 res=0 errno=0
[ 1120.552938][T19808] netlink: 'syz.1.3522': attribute type 11 has an invalid length.
[ 1120.590451][T19805] lo speed is unknown, defaulting to 1000
[ 1121.859709][T19830] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[ 1126.045964][T19883] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3541'.
[ 1128.171089][T19894] binder: 19877:19894 unknown command 4294967295
[ 1128.496395][T19894] binder: 19877:19894 ioctl c0306201 80000080 returned -22
[ 1128.904062][T19896] PID 19896 killed due to inadequate hugepage pool
[ 1129.117777][T19908] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3546'.
[ 1129.378750][T19914] input: syz1 as /devices/virtual/input/input63
[ 1129.869903][T19918] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[ 1129.872432][T19918] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1129.878141][T19918] vhci_hcd vhci_hcd.0: Device attached
[ 1130.172836][ T7218] usb 48-1: SetAddress Request (20) to port 0
[ 1130.176540][ T7218] usb 48-1: new SuperSpeed USB device number 20 using vhci_hcd
[ 1130.408750][   T41] audit: type=1800 audit(1129.687:1968): pid=19918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3545" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1133.331551][T19937] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(10)
[ 1133.335677][T19937] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1133.378456][T19937] vhci_hcd vhci_hcd.0: Device attached
[ 1133.553884][T19919] vhci_hcd: connection reset by peer
[ 1133.559883][ T1176] vhci_hcd: stop threads
[ 1133.562392][ T1176] vhci_hcd: release socket
[ 1133.564993][ T1176] vhci_hcd: disconnect device
[ 1133.600672][T19938] vhci_hcd: connection closed
[ 1133.601037][  T470] vhci_hcd: stop threads
[ 1133.619164][  T470] vhci_hcd: release socket
[ 1133.621285][  T470] vhci_hcd: disconnect device
[ 1133.781138][   T41] audit: type=1800 audit(1133.077:1969): pid=19945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.3555" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1134.148354][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1134.325917][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1134.676537][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1135.180638][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1135.252202][ T7218] usb 48-1: device descriptor read/8, error -110
[ 1136.012562][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1136.575326][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1136.612583][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1136.902069][ T7218] usb usb48-port1: attempt power cycle
[ 1137.036613][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1137.164617][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1137.292523][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1137.496362][ T7218] usb usb48-port1: unable to enumerate USB device
[ 1137.668598][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1138.106899][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1138.392526][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1138.776602][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1138.892481][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1139.028549][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1139.127086][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1139.202613][ T6112] usb 13-1: new high-speed USB device number 13 using dummy_hcd
[ 1139.408472][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1139.432175][ T6112] usb 13-1: Using ep0 maxpacket: 16
[ 1139.467148][ T6112] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[ 1139.794159][ T6112] usb 13-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 1139.799294][ T6112] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1139.804554][ T6112] usb 13-1: Product: syz
[ 1139.807026][ T6112] usb 13-1: Manufacturer: syz
[ 1139.810036][ T6112] usb 13-1: SerialNumber: syz
[ 1139.852062][ T6112] usb 13-1: config 0 descriptor??
[ 1139.857921][ T6112] hub 13-1:0.0: bad descriptor, ignoring hub
[ 1139.867082][ T6112] hub 13-1:0.0: probe with driver hub failed with error -5
[ 1139.883185][ T6112] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[ 1140.036827][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1140.108478][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1140.132056][T19972] Bluetooth: hci2: command 0x0406 tx timeout
[ 1140.378978][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1140.456589][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1140.859815][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1141.048193][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1141.191631][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1141.296512][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1141.482252][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1141.575193][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1142.429157][ T7224] usb 13-1: USB disconnect, device number 13
[ 1142.928686][T20012] input: syz1 as /devices/virtual/input/input65
[ 1143.419374][T20019] mac80211_hwsim hwsim38 wlan0: entered promiscuous mode
[ 1145.964575][T20040] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3582'.
[ 1146.088239][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1147.074657][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1147.820488][T20054] tmpfs: Bad value for 'size'
[ 1147.846630][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1147.888664][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1147.925485][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1147.934298][T20057] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1147.953475][T20057] overlayfs: missing 'lowerdir'
[ 1148.268852][T20066] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3588'.
[ 1148.513703][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1148.668267][T20066] netlink: 'syz.1.3588': attribute type 5 has an invalid length.
[ 1148.722581][T20066] random: crng reseeded on system resumption
[ 1149.091652][T17507] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1149.631432][T17507] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1149.637517][T17507] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1149.652930][T17507] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1149.665971][T17507] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1149.683319][T20075] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1149.688185][T17507] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1149.790170][T20090] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1149.948459][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1150.183286][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1150.206737][T13114] usb 13-1: new high-speed USB device number 14 using dummy_hcd
[ 1150.447337][T13114] usb 13-1: too many configurations: 92, using maximum allowed: 8
[ 1150.495608][T20089] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3595'.
[ 1150.497044][T13114] usb 13-1: unable to read config index 0 descriptor/start: -61
[ 1150.507061][T13114] usb 13-1: can't read configurations, error -61
[ 1150.618179][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1150.629627][T17507] usb 6-1: USB disconnect, device number 42
[ 1150.701588][T13114] usb 13-1: new high-speed USB device number 15 using dummy_hcd
[ 1150.872307][T13114] usb 13-1: too many configurations: 92, using maximum allowed: 8
[ 1150.886532][T13114] usb 13-1: unable to read config index 0 descriptor/start: -61
[ 1150.894481][T13114] usb 13-1: can't read configurations, error -61
[ 1150.899563][T13114] usb usb13-port1: attempt power cycle
[ 1151.052425][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.161655][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.212066][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.311438][T13114] usb 13-1: new high-speed USB device number 16 using dummy_hcd
[ 1151.348573][T13114] usb 13-1: too many configurations: 92, using maximum allowed: 8
[ 1151.355217][T13114] usb 13-1: unable to read config index 0 descriptor/start: -61
[ 1151.358839][T13114] usb 13-1: can't read configurations, error -61
[ 1151.431233][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.464411][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.483508][T13114] usb 13-1: new high-speed USB device number 17 using dummy_hcd
[ 1151.516413][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1151.527087][T13114] usb 13-1: too many configurations: 92, using maximum allowed: 8
[ 1151.594461][T13114] usb 13-1: unable to read config index 0 descriptor/start: -61
[ 1151.597513][T13114] usb 13-1: can't read configurations, error -61
[ 1151.604204][T13114] usb usb13-port1: unable to enumerate USB device
[ 1151.844468][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1152.355869][    C2] vkms_vblank_simulate: vblank timer overrun
[ 1154.152412][T20146] netlink: 'syz.5.3609': attribute type 23 has an invalid length.
[ 1154.923608][T20159] tmpfs: Unknown parameter 'hash'
[ 1155.758929][T20170] netlink: 156 bytes leftover after parsing attributes in process `syz.8.3617'.
[ 1156.187789][T20175] netlink: 'syz.8.3618': attribute type 2 has an invalid length.
[ 1157.102460][T20187] No source specified
[ 1157.104437][T20187] netlink: 'syz.8.3618': attribute type 1 has an invalid length.
[ 1157.181148][T20185] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[ 1157.183780][T20185] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1157.214745][T20185] vhci_hcd vhci_hcd.0: Device attached
[ 1157.589398][ T7224] usb 47-1: new low-speed USB device number 4 using vhci_hcd
[ 1157.962112][T20189] vhci_hcd: connection reset by peer
[ 1157.984813][T18294] vhci_hcd: stop threads
[ 1157.986696][T18294] vhci_hcd: release socket
[ 1158.102916][T18294] vhci_hcd: disconnect device
[ 1158.709682][T20193] mac80211_hwsim hwsim30 wlan0: entered promiscuous mode
[ 1158.906299][T20204] loop6: detected capacity change from 0 to 524287999
[ 1161.490758][   T10] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1161.670698][   T10] usb 10-1: Using ep0 maxpacket: 16
[ 1161.676211][   T10] usb 10-1: config 0 has no interfaces?
[ 1161.695548][   T10] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1161.701064][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.726304][   T10] usb 10-1: Product: syz
[ 1161.754667][   T10] usb 10-1: Manufacturer: syz
[ 1161.768157][   T10] usb 10-1: SerialNumber: syz
[ 1161.789031][   T10] usb 10-1: config 0 descriptor??
[ 1161.798259][   T10] usb 10-1: can't set config #0, error -71
[ 1161.803384][   T10] usb 10-1: USB disconnect, device number 26
[ 1162.680951][ T7224] vhci_hcd: vhci_device speed not set
[ 1167.116723][T17772] IPVS: starting estimator thread 0...
[ 1167.221139][T20241] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1168.068768][T20248] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1168.647638][T20264] binder: 20242:20264 ioctl 40186f40 0 returned -22
[ 1169.214663][T20277] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3645'.
[ 1169.862100][T20289] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3641'.
[ 1169.888783][T20289] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3641'.
[ 1170.021207][T20289] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3641'.
[ 1170.024920][T20289] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3641'.
[ 1170.126675][T20289] Process accounting resumed
[ 1170.372372][T20286] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3647'.
[ 1170.376340][T20286] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3647'.
[ 1170.432740][T20294] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3647'.
[ 1170.702010][T20286] Process accounting resumed
[ 1170.933224][T20306] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1170.938426][T20306] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1172.239911][T20332] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3658'.
[ 1173.150280][T20339] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1173.242950][T20341] netlink: 'syz.1.3659': attribute type 1 has an invalid length.
[ 1173.674541][T20345] wireguard0: entered promiscuous mode
[ 1173.677710][T20345] wireguard0: entered allmulticast mode
[ 1174.380777][T20357] input: syz0 as /devices/virtual/input/input66
[ 1174.589697][T20355] FAULT_INJECTION: forcing a failure.
[ 1174.589697][T20355] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1174.615280][T20355] CPU: 3 UID: 0 PID: 20355 Comm: syz.1.3664 Not tainted syzkaller #0 PREEMPT(full) 
[ 1174.615305][T20355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1174.615315][T20355] Call Trace:
[ 1174.615322][T20355]  <TASK>
[ 1174.615329][T20355]  dump_stack_lvl+0x16c/0x1f0
[ 1174.615360][T20355]  should_fail_ex+0x512/0x640
[ 1174.615389][T20355]  should_fail_alloc_page+0xe7/0x130
[ 1174.615410][T20355]  prepare_alloc_pages+0x3c2/0x610
[ 1174.615449][T20355]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1174.615478][T20355]  ? __lock_acquire+0x62e/0x1ce0
[ 1174.615501][T20355]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1174.615520][T20355]  ? css_rstat_updated+0x1c2/0x510
[ 1174.615548][T20355]  ? filemap_get_entry+0x1a7/0x3b0
[ 1174.615599][T20355]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1174.615624][T20355]  ? policy_nodemask+0xea/0x4e0
[ 1174.615647][T20355]  alloc_pages_mpol+0x1fb/0x550
[ 1174.615669][T20355]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1174.615690][T20355]  ? _raw_spin_unlock+0x28/0x50
[ 1174.615710][T20355]  ? swap_entry_swapped+0x122/0x190
[ 1174.615730][T20355]  ? __pfx_swap_entry_swapped+0x10/0x10
[ 1174.615753][T20355]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1174.615778][T20355]  __read_swap_cache_async+0x3b6/0x5a0
[ 1174.615800][T20355]  ? __pfx___read_swap_cache_async+0x10/0x10
[ 1174.615819][T20355]  ? __pfx_get_swap_device+0x10/0x10
[ 1174.615839][T20355]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1174.615867][T20355]  read_swap_cache_async+0xdc/0x1e0
[ 1174.615886][T20355]  ? __pfx_read_swap_cache_async+0x10/0x10
[ 1174.615903][T20355]  ? find_held_lock+0x2b/0x80
[ 1174.615918][T20355]  ? find_held_lock+0x2b/0x80
[ 1174.615934][T20355]  ? swapin_walk_pmd_entry+0x25f/0x5c0
[ 1174.615960][T20355]  swapin_walk_pmd_entry+0x283/0x5c0
[ 1174.615986][T20355]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[ 1174.616014][T20355]  ? find_held_lock+0x2b/0x80
[ 1174.616030][T20355]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[ 1174.616083][T20355]  walk_pgd_range+0xc05/0x1f50
[ 1174.616123][T20355]  ? __pfx_walk_pgd_range+0x10/0x10
[ 1174.616145][T20355]  ? get_page_from_freelist+0x132b/0x38e0
[ 1174.616169][T20355]  __walk_page_range+0x163/0x820
[ 1174.616201][T20355]  walk_page_range_vma+0x2c7/0xa20
[ 1174.616224][T20355]  ? __pfx_walk_page_range_vma+0x10/0x10
[ 1174.616257][T20355]  madvise_vma_behavior+0x19cf/0x2d60
[ 1174.616283][T20355]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1174.616309][T20355]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1174.616334][T20355]  ? __pfx_mas_prev+0x10/0x10
[ 1174.616363][T20355]  ? find_vma_prev+0xda/0x160
[ 1174.616386][T20355]  ? __pfx_find_vma_prev+0x10/0x10
[ 1174.616415][T20355]  ? __lock_acquire+0x62e/0x1ce0
[ 1174.616449][T20355]  madvise_walk_vmas+0x31f/0x9c0
[ 1174.616477][T20355]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1174.616507][T20355]  madvise_do_behavior+0x1e2/0x530
[ 1174.616531][T20355]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1174.616554][T20355]  ? down_read+0x13d/0x480
[ 1174.616581][T20355]  do_madvise+0x176/0x240
[ 1174.616602][T20355]  ? __pfx_do_madvise+0x10/0x10
[ 1174.616622][T20355]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1174.616653][T20355]  ? __fget_files+0x20e/0x3c0
[ 1174.616681][T20355]  ? __pfx_ksys_write+0x10/0x10
[ 1174.616704][T20355]  __ia32_sys_madvise+0xa7/0x110
[ 1174.616728][T20355]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1174.616752][T20355]  __do_fast_syscall_32+0x7c/0x300
[ 1174.616778][T20355]  do_fast_syscall_32+0x32/0x80
[ 1174.616794][T20355]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1174.616813][T20355] RIP: 0023:0xf70ae579
[ 1174.616828][T20355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1174.616843][T20355] RSP: 002b:00000000f549e55c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[ 1174.616859][T20355] RAX: ffffffffffffffda RBX: 00000000800ec000 RCX: 0000000000800000
[ 1174.616869][T20355] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[ 1174.616877][T20355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1174.616885][T20355] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1174.616893][T20355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1174.616913][T20355]  </TASK>
[ 1176.844797][T20387] netlink: 32 bytes leftover after parsing attributes in process `syz.7.3672'.
[ 1177.337044][T20393] program syz.1.3675 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1178.795883][T20415] tipc: Enabled bearer <eth:gre0>, priority 17
[ 1179.194067][T20423] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3683'.
[ 1179.198108][T20423] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3683'.
[ 1179.296623][  T470] bridge_slave_1: left allmulticast mode
[ 1179.300918][  T470] bridge_slave_1: left promiscuous mode
[ 1179.303817][  T470] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1179.427500][  T470] bridge_slave_0: left allmulticast mode
[ 1179.435642][  T470] bridge_slave_0: left promiscuous mode
[ 1179.457210][  T470] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1179.760327][ T7224] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1179.823422][T17772] tipc: Node number set to 2489645446
[ 1180.118877][ T7224] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1180.144052][ T7224] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1180.186646][ T7224] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1180.201570][ T7224] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1180.245799][ T7224] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.285022][ T7224] usb 10-1: config 0 descriptor??
[ 1180.763363][ T7224] hid_parser_main: 1 callbacks suppressed
[ 1180.763382][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.769187][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.778779][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.791823][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.794967][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.812846][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.816107][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.824144][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.840916][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.844704][ T7224] plantronics 0003:047F:FFFF.005A: unknown main item tag 0x0
[ 1180.925098][ T7224] plantronics 0003:047F:FFFF.005A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1181.031570][  T840] usb 10-1: USB disconnect, device number 27
[ 1181.056469][  T470] batman_adv: batadv0: Removing interface: vxlan0
[ 1181.740794][  T470] bond0 (unregistering): (slave .): Releasing backup interface
[ 1181.757941][  T470] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1181.770957][  T470] bond0 (unregistering): (slave veth0_to_hsr): Releasing backup interface
[ 1181.796739][  T470] bond0 (unregistering): Released all slaves
[ 1181.824837][  T470] bond1 (unregistering): Released all slaves
[ 1182.200482][  T470] bond2 (unregistering): Released all slaves
[ 1182.667838][  T470] bond3 (unregistering): Released all slaves
[ 1182.790843][  T470] : left promiscuous mode
[ 1182.937531][   T41] audit: type=1326 audit(1182.270:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20438 comm="syz.1.3686" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ae579 code=0x0
[ 1183.950596][T20450] lo speed is unknown, defaulting to 1000
[ 1184.013422][T20456] netlink: 'syz.5.3690': attribute type 11 has an invalid length.
[ 1184.976617][T20475] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[ 1185.022136][T20475] Error validating options; rc = [-22]
[ 1186.169558][  T840] usb 13-1: new high-speed USB device number 18 using dummy_hcd
[ 1186.179366][  T470] hsr_slave_0: left promiscuous mode
[ 1186.182637][  T470] hsr_slave_1: left promiscuous mode
[ 1186.185904][  T470] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1186.204920][  T470] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1186.248802][  T470] batman_adv: batadv0: Removing interface: dummy0
[ 1186.397895][  T840] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1186.443792][  T840] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1186.465044][  T840] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1186.489485][  T840] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1186.495866][  T840] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.537584][  T840] usb 13-1: config 0 descriptor??
[ 1186.670834][T20485] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3699'.
[ 1186.979467][  T840] hid_parser_main: 5 callbacks suppressed
[ 1186.979485][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1186.987562][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.047333][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.116911][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.158462][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.209324][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.212636][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.216103][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.294280][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.329448][  T840] plantronics 0003:047F:FFFF.005B: unknown main item tag 0x0
[ 1187.384005][  T840] plantronics 0003:047F:FFFF.005B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[ 1187.511545][  T840] usb 13-1: USB disconnect, device number 18
[ 1190.370812][T10244] Bluetooth: hci2: command 0x0406 tx timeout
[ 1194.580560][T20514] netlink: 'syz.1.3703': attribute type 11 has an invalid length.
[ 1194.642753][T20505] lo speed is unknown, defaulting to 1000
[ 1194.923906][   T41] audit: type=1326 audit(1194.250:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20530 comm="syz.5.3711" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0
[ 1195.946403][  T470] IPVS: stop unused estimator thread 0...
[ 1197.262164][T20546] lo speed is unknown, defaulting to 1000
[ 1197.284391][T20557] v: renamed from ip6_vti0 (while UP)
[ 1197.417093][T20552] lo speed is unknown, defaulting to 1000
[ 1198.075885][T20565] netlink: 'syz.8.3719': attribute type 1 has an invalid length.
[ 1198.167285][T20557] geneve2: entered allmulticast mode
[ 1198.214868][T20564] lo speed is unknown, defaulting to 1000
[ 1198.417185][T20565] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1200.179405][T20582] lo speed is unknown, defaulting to 1000
[ 1200.314629][T20587] netlink: 'syz.5.3723': attribute type 11 has an invalid length.
[ 1201.676003][T20599] vlan2: entered promiscuous mode
[ 1201.692564][T20599] macvtap0: entered promiscuous mode
[ 1204.420631][T20628] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3736'.
[ 1204.425936][T20628] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3736'.
[ 1204.507545][T20629] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1205.043870][T20636] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3739'.
[ 1205.561808][T20643] block nbd5: NBD_DISCONNECT
[ 1205.569297][T20643] block nbd5: Send disconnect failed -107
[ 1206.433379][T20652] /dev/nullb0: Can't open blockdev
[ 1207.661439][   T41] audit: type=1800 audit(1207.011:1972): pid=20662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.3746" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[ 1208.319007][T20639] block nbd5: Disconnected due to user request.
[ 1208.345408][T20639] block nbd5: shutting down sockets
[ 1208.640060][T20677] kAFS: No cell specified
[ 1208.673446][T20676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3750'.
[ 1208.731812][T20679] netlink: 'syz.5.3749': attribute type 6 has an invalid length.
[ 1209.373176][T20686] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[ 1209.375487][T20686] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1209.389656][T20686] vhci_hcd vhci_hcd.0: Device attached
[ 1209.584226][T20681] Device name cannot be null; rc = [-22]
[ 1209.706468][T17507] usb 51-1: new low-speed USB device number 2 using vhci_hcd
[ 1210.207879][T20687] vhci_hcd: connection reset by peer
[ 1210.272759][  T470] vhci_hcd: stop threads
[ 1210.275109][  T470] vhci_hcd: release socket
[ 1210.277100][  T470] vhci_hcd: disconnect device
[ 1210.484511][   T41] audit: type=1800 audit(1209.811:1973): pid=20697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3755" name="file0" dev="overlay" ino=1174 res=0 errno=0
[ 1210.660227][T20699] fuse: Bad value for 'fd'
[ 1211.302340][T20707] netlink: 'syz.5.3758': attribute type 10 has an invalid length.
[ 1211.717447][T20720] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1213.462926][T20751] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3771'.
[ 1214.715520][T20771] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3773'.
[ 1214.719493][T20771] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3773'.
[ 1214.755133][T20771] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3773'.
[ 1214.849890][T17507] vhci_hcd: vhci_device speed not set
[ 1215.003842][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1215.666813][T20784] block nbd5: Attempted send on invalid socket
[ 1215.677837][T20784] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1215.683689][T20784] ADFS-fs (nbd5): error: unable to read block 3, try 0
[ 1216.131766][ T7220] hid_parser_main: 5 callbacks suppressed
[ 1216.131787][ T7220] hid-generic 0000:0000:0000.005C: unknown main item tag 0x0
[ 1216.139653][ T7220] hid-generic 0000:0000:0000.005C: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1217.010290][T20805] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(9)
[ 1217.012309][T20805] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1217.016804][T20805] vhci_hcd vhci_hcd.0: Device attached
[ 1217.096271][T20810] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1217.484274][T20806] vhci_hcd: connection closed
[ 1217.484872][ T1176] vhci_hcd: stop threads
[ 1217.494943][ T1176] vhci_hcd: release socket
[ 1217.497821][ T1176] vhci_hcd: disconnect device
[ 1217.537914][ T7218] usb 54-1: enqueue for inactive port 0
[ 1218.079082][ T7218] usb usb54-port1: attempt power cycle
[ 1218.337417][ T7220] usb 12-1: new high-speed USB device number 7 using dummy_hcd
[ 1218.497481][ T7220] usb 12-1: Using ep0 maxpacket: 32
[ 1218.501727][ T7220] usb 12-1: config 0 has an invalid interface number: 12 but max is 0
[ 1218.505034][ T7220] usb 12-1: config 0 has no interface number 0
[ 1218.533877][ T7220] usb 12-1: config 0 interface 12 has no altsetting 0
[ 1218.542048][ T7220] usb 12-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1218.566772][ T7220] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1218.577690][ T7220] usb 12-1: Product: syz
[ 1218.579051][ T7220] usb 12-1: Manufacturer: syz
[ 1218.580548][ T7220] usb 12-1: SerialNumber: syz
[ 1218.583895][ T7220] usb 12-1: config 0 descriptor??
[ 1218.839030][ T7218] usb usb54-port1: unable to enumerate USB device
[ 1218.995122][ T7220] f81534 12-1:0.12: f81534_get_register: reg: 1003 failed: -71
[ 1219.000504][ T7220] f81534 12-1:0.12: f81534_find_config_idx: read failed: -71
[ 1219.007519][ T7220] f81534 12-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1219.009890][ T7220] f81534 12-1:0.12: probe with driver f81534 failed with error -71
[ 1219.018052][ T7220] usb 12-1: USB disconnect, device number 7
[ 1219.293582][T20847] lo speed is unknown, defaulting to 1000
[ 1219.391623][T20847] netlink: 'syz.5.3802': attribute type 11 has an invalid length.
[ 1220.013013][T20861] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3805'.
[ 1220.015831][T20861] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3805'.
[ 1220.018982][T20861] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3805'.
[ 1220.021817][T20861] netlink: 'syz.5.3805': attribute type 5 has an invalid length.
[ 1220.277344][ T7228] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[ 1220.428762][ T7228] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1220.432288][ T7228] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1220.435473][ T7228] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1220.438748][ T7228] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.443143][T20863] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1220.447452][ T7228] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1220.673885][T20875] comedi comedi0: comedi_config --init_data is deprecated
[ 1220.792250][   T30] usb 6-1: USB disconnect, device number 43
[ 1221.128201][T20880] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3811'.
[ 1221.211940][T20887] lo speed is unknown, defaulting to 1000
[ 1221.326030][T20892] netlink: 'syz.1.3813': attribute type 11 has an invalid length.
[ 1221.491964][T20900] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3816'.
[ 1221.497388][T20901] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3816'.
[ 1222.639285][T20945] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3827'.
[ 1222.744458][T20948] lo speed is unknown, defaulting to 1000
[ 1222.853331][T20948] netlink: 'syz.7.3828': attribute type 11 has an invalid length.
[ 1223.364251][T20963] netlink: 'syz.7.3830': attribute type 10 has an invalid length.
[ 1223.367051][T20963] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3830'.
[ 1223.397506][ T7218] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[ 1223.581727][T20974] netlink: 'syz.8.3834': attribute type 4 has an invalid length.
[ 1223.598282][T20974] netlink: 'syz.8.3834': attribute type 4 has an invalid length.
[ 1223.680275][ T7218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1223.684875][ T7218] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1223.693395][ T7218] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1223.704775][ T7218] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1223.708806][ T7218] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1223.716404][ T7218] usb 6-1: config 0 descriptor??
[ 1223.904917][T20982] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -4
[ 1223.908717][T20982] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -4
[ 1223.911859][T20982] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[ 1223.987422][ T7228] usb 13-1: new high-speed USB device number 19 using dummy_hcd
[ 1224.147116][ T7228] usb 13-1: device descriptor read/64, error -71
[ 1224.427104][ T7228] usb 13-1: new high-speed USB device number 20 using dummy_hcd
[ 1224.506109][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.509101][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.511464][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.513811][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.516167][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.518941][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.521302][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.523637][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.525968][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.528985][ T7218] plantronics 0003:047F:FFFF.005D: unknown main item tag 0x0
[ 1224.557128][ T7228] usb 13-1: device descriptor read/64, error -71
[ 1224.566531][ T7218] plantronics 0003:047F:FFFF.005D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1224.667431][ T7228] usb usb13-port1: attempt power cycle
[ 1224.700988][T20990] lo speed is unknown, defaulting to 1000
[ 1224.781194][T20990] netlink: 'syz.5.3838': attribute type 11 has an invalid length.
[ 1225.007453][ T7228] usb 13-1: new high-speed USB device number 21 using dummy_hcd
[ 1225.027530][ T7228] usb 13-1: device descriptor read/8, error -71
[ 1225.299376][ T7228] usb 13-1: new high-speed USB device number 22 using dummy_hcd
[ 1225.320272][ T7228] usb 13-1: device descriptor read/8, error -71
[ 1225.437266][ T7228] usb usb13-port1: unable to enumerate USB device
[ 1225.837077][ T6112] usb 6-1: reset high-speed USB device number 44 using dummy_hcd
[ 1225.956308][T21021] lo speed is unknown, defaulting to 1000
[ 1226.076983][T21021] netlink: 'syz.1.3847': attribute type 11 has an invalid length.
[ 1226.432314][T21030] netlink: 'syz.1.3848': attribute type 4 has an invalid length.
[ 1226.442819][ T7224] lo speed is unknown, defaulting to 1000
[ 1226.444699][ T7224] syz0: Port: 1 Link DOWN
[ 1226.456569][T21030] netlink: 'syz.1.3848': attribute type 4 has an invalid length.
[ 1226.462782][ T7228] lo speed is unknown, defaulting to 1000
[ 1226.465040][ T7228] syz0: Port: 1 Link ACTIVE
[ 1226.708806][  T840] usb 6-1: USB disconnect, device number 44
[ 1226.887695][T21051] lo speed is unknown, defaulting to 1000
[ 1226.933340][T21055] binder: 21053:21055 ioctl c0306201 80000080 returned -14
[ 1226.995978][T21060] netlink: 'syz.8.3856': attribute type 11 has an invalid length.
[ 1227.609691][T21072] loop6: detected capacity change from 0 to 524287999
[ 1227.679439][T21076] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3862'.
[ 1227.761517][T21055] binder: 21053:21055 ioctl c0306201 80000040 returned -14
[ 1227.918419][T21087] ucma_write: process 922 (syz.7.3865) changed security contexts after opening file descriptor, this is not allowed.
[ 1228.093894][T21094] lo speed is unknown, defaulting to 1000
[ 1228.173216][T21094] netlink: 'syz.8.3866': attribute type 11 has an invalid length.
[ 1228.629744][T21107] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3867'.
[ 1228.690711][ T1176] ref_tracker: reference already released.
[ 1228.694018][ T1176] ref_tracker: allocated in:
[ 1228.695995][ T1176]  netdev_watchdog_up+0x183/0x200
[ 1228.698107][ T1176]  netif_carrier_on+0xfb/0x120
[ 1228.700128][ T1176]  e1000_watchdog+0xd13/0x1520
[ 1228.702118][ T1176]  process_one_work+0x9cf/0x1b70
[ 1228.704176][ T1176]  worker_thread+0x6c8/0xf10
[ 1228.706099][ T1176]  kthread+0x3c5/0x780
[ 1228.707296][T17772] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1228.707798][ T1176]  ret_from_fork+0x56d/0x730
[ 1228.712271][ T1176]  ret_from_fork_asm+0x1a/0x30
[ 1228.714102][ T1176] ref_tracker: freed in:
[ 1228.715435][ T1176]  dev_deactivate_many+0x28d/0xd50
[ 1228.717051][ T1176]  dev_deactivate+0xf8/0x1c0
[ 1228.718520][ T1176]  linkwatch_do_dev+0x11e/0x160
[ 1228.720208][ T1176]  __linkwatch_run_queue+0x2a7/0x8a0
[ 1228.721872][ T1176]  linkwatch_event+0x8f/0xc0
[ 1228.723325][ T1176]  process_one_work+0x9cf/0x1b70
[ 1228.724906][ T1176]  worker_thread+0x6c8/0xf10
[ 1228.726308][ T1176]  kthread+0x3c5/0x780
[ 1228.727610][ T1176]  ret_from_fork+0x56d/0x730
[ 1228.729070][ T1176]  ret_from_fork_asm+0x1a/0x30
[ 1228.730848][ T1176] ------------[ cut here ]------------
[ 1228.733105][ T1176] WARNING: CPU: 0 PID: 1176 at lib/ref_tracker.c:323 ref_tracker_free+0x61a/0x830
[ 1228.735882][ T1176] Modules linked in:
[ 1228.738563][ T1176] CPU: 0 UID: 0 PID: 1176 Comm: kworker/u32:9 Not tainted syzkaller #0 PREEMPT(full) 
[ 1228.743490][ T1176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1228.747926][ T1176] Workqueue: events_unbound linkwatch_event
[ 1228.750361][ T1176] RIP: 0010:ref_tracker_free+0x61a/0x830
[ 1228.752683][ T1176] Code: 00 44 8b 73 18 31 ff 44 89 f6 e8 b1 45 a6 fc 45 85 f6 0f 85 a6 00 00 00 e8 63 4a a6 fc 48 8b 34 24 48 89 ef e8 a7 83 7f 06 90 <0f> 0b 90 bb ea ff ff ff e9 50 fd ff ff e8 44 4a a6 fc 4c 8d 6d 44
[ 1228.760493][ T1176] RSP: 0018:ffffc9000676f8a8 EFLAGS: 00010202
[ 1228.762976][ T1176] RAX: 0000000000000201 RBX: ffff88806dbcdd40 RCX: 0000000000000000
[ 1228.766212][ T1176] RDX: 0000000000000202 RSI: ffffffff8de4f4d1 RDI: 0000000000000001
[ 1228.769545][ T1176] RBP: ffff888027ad8610 R08: 0000000000000001 R09: 0000000000000001
[ 1228.772035][ T1176] R10: ffffffff90aba997 R11: 0000000000000000 R12: 1ffff92000cedf17
[ 1228.774451][ T1176] R13: ffffc9000676f8d8 R14: 0000000006ee070d R15: ffff88806dbcdd58
[ 1228.776923][ T1176] FS:  0000000000000000(0000) GS:ffff8880974ba000(0000) knlGS:0000000000000000
[ 1228.780050][ T1176] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1228.782630][ T1176] CR2: 00000000f54deba8 CR3: 0000000071333000 CR4: 0000000000352ef0
[ 1228.785079][ T1176] Call Trace:
[ 1228.786133][ T1176]  <TASK>
[ 1228.787388][ T1176]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1228.789621][ T1176]  ? dev_deactivate_many+0x28d/0xd50
[ 1228.791831][ T1176]  ? dev_deactivate+0xf8/0x1c0
[ 1228.793840][ T1176]  ? linkwatch_do_dev+0x11e/0x160
[ 1228.795949][ T1176]  ? __linkwatch_run_queue+0x2a7/0x8a0
[ 1228.798253][ T1176]  ? linkwatch_event+0x8f/0xc0
[ 1228.800229][ T1176]  ? process_one_work+0x9cf/0x1b70
[ 1228.802141][ T1176]  ? worker_thread+0x6c8/0xf10
[ 1228.803962][ T1176]  ? kthread+0x3c5/0x780
[ 1228.805759][ T1176]  ? ret_from_fork+0x56d/0x730
[ 1228.807850][ T1176]  ? ret_from_fork_asm+0x1a/0x30
[ 1228.809946][ T1176]  ? netif_freeze_queues+0x17d/0x1e0
[ 1228.812150][ T1176]  dev_deactivate_many+0x28d/0xd50
[ 1228.814266][ T1176]  ? __pfx_dev_deactivate_many+0x10/0x10
[ 1228.816587][ T1176]  ? ref_tracker_free+0x291/0x830
[ 1228.818674][ T1176]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1228.820853][ T1176]  dev_deactivate+0xf8/0x1c0
[ 1228.822737][ T1176]  ? __pfx_dev_deactivate+0x10/0x10
[ 1228.824831][ T1176]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1228.827349][ T1176]  linkwatch_do_dev+0x11e/0x160
[ 1228.829386][ T1176]  __linkwatch_run_queue+0x2a7/0x8a0
[ 1228.831596][ T1176]  ? __pfx___linkwatch_run_queue+0x10/0x10
[ 1228.834015][ T1176]  linkwatch_event+0x8f/0xc0
[ 1228.835885][ T1176]  ? __pfx_linkwatch_event+0x10/0x10
[ 1228.838158][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1228.839795][ T1176]  process_one_work+0x9cf/0x1b70
[ 1228.841347][ T1176]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1228.843018][ T1176]  ? __pfx_process_one_work+0x10/0x10
[ 1228.844696][ T1176]  ? assign_work+0x1a0/0x250
[ 1228.846151][ T1176]  worker_thread+0x6c8/0xf10
[ 1228.847679][ T1176]  ? __pfx_worker_thread+0x10/0x10
[ 1228.849488][ T1176]  kthread+0x3c5/0x780
[ 1228.851092][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.853075][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1228.854654][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.856116][ T1176]  ret_from_fork+0x56d/0x730
[ 1228.857654][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.859139][ T1176]  ret_from_fork_asm+0x1a/0x30
[ 1228.860641][ T1176]  </TASK>
[ 1228.861615][ T1176] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1228.864471][ T1176] CPU: 0 UID: 0 PID: 1176 Comm: kworker/u32:9 Not tainted syzkaller #0 PREEMPT(full) 
[ 1228.867416][ T1176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1228.870739][ T1176] Workqueue: events_unbound linkwatch_event
[ 1228.872571][ T1176] Call Trace:
[ 1228.873618][ T1176]  <TASK>
[ 1228.874549][ T1176]  dump_stack_lvl+0x3d/0x1f0
[ 1228.876007][ T1176]  vpanic+0x6e8/0x7a0
[ 1228.877268][ T1176]  ? __pfx_vpanic+0x10/0x10
[ 1228.878721][ T1176]  ? ref_tracker_free+0x61a/0x830
[ 1228.880832][ T1176]  panic+0xca/0xd0
[ 1228.882363][ T1176]  ? __pfx_panic+0x10/0x10
[ 1228.883771][ T1176]  ? check_panic_on_warn+0x1f/0xb0
[ 1228.885362][ T1176]  check_panic_on_warn+0xab/0xb0
[ 1228.886902][ T1176]  __warn+0xf6/0x3c0
[ 1228.888405][ T1176]  ? ref_tracker_free+0x61a/0x830
[ 1228.890497][ T1176]  report_bug+0x3c3/0x580
[ 1228.892325][ T1176]  ? ref_tracker_free+0x61a/0x830
[ 1228.894351][ T1176]  handle_bug+0x184/0x210
[ 1228.895686][ T1176]  exc_invalid_op+0x17/0x50
[ 1228.897082][ T1176]  asm_exc_invalid_op+0x1a/0x20
[ 1228.898593][ T1176] RIP: 0010:ref_tracker_free+0x61a/0x830
[ 1228.900392][ T1176] Code: 00 44 8b 73 18 31 ff 44 89 f6 e8 b1 45 a6 fc 45 85 f6 0f 85 a6 00 00 00 e8 63 4a a6 fc 48 8b 34 24 48 89 ef e8 a7 83 7f 06 90 <0f> 0b 90 bb ea ff ff ff e9 50 fd ff ff e8 44 4a a6 fc 4c 8d 6d 44
[ 1228.906504][ T1176] RSP: 0018:ffffc9000676f8a8 EFLAGS: 00010202
[ 1228.908865][ T1176] RAX: 0000000000000201 RBX: ffff88806dbcdd40 RCX: 0000000000000000
[ 1228.912084][ T1176] RDX: 0000000000000202 RSI: ffffffff8de4f4d1 RDI: 0000000000000001
[ 1228.915250][ T1176] RBP: ffff888027ad8610 R08: 0000000000000001 R09: 0000000000000001
[ 1228.918507][ T1176] R10: ffffffff90aba997 R11: 0000000000000000 R12: 1ffff92000cedf17
[ 1228.921750][ T1176] R13: ffffc9000676f8d8 R14: 0000000006ee070d R15: ffff88806dbcdd58
[ 1228.924979][ T1176]  ? ref_tracker_free+0x619/0x830
[ 1228.927087][ T1176]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1228.929300][ T1176]  ? dev_deactivate_many+0x28d/0xd50
[ 1228.931483][ T1176]  ? dev_deactivate+0xf8/0x1c0
[ 1228.933455][ T1176]  ? linkwatch_do_dev+0x11e/0x160
[ 1228.935511][ T1176]  ? __linkwatch_run_queue+0x2a7/0x8a0
[ 1228.937772][ T1176]  ? linkwatch_event+0x8f/0xc0
[ 1228.939746][ T1176]  ? process_one_work+0x9cf/0x1b70
[ 1228.941828][ T1176]  ? worker_thread+0x6c8/0xf10
[ 1228.943595][ T1176]  ? kthread+0x3c5/0x780
[ 1228.944917][ T1176]  ? ret_from_fork+0x56d/0x730
[ 1228.946405][ T1176]  ? ret_from_fork_asm+0x1a/0x30
[ 1228.947975][ T1176]  ? netif_freeze_queues+0x17d/0x1e0
[ 1228.949852][ T1176]  dev_deactivate_many+0x28d/0xd50
[ 1228.951913][ T1176]  ? __pfx_dev_deactivate_many+0x10/0x10
[ 1228.954108][ T1176]  ? ref_tracker_free+0x291/0x830
[ 1228.956089][ T1176]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1228.957776][ T1176]  dev_deactivate+0xf8/0x1c0
[ 1228.959408][ T1176]  ? __pfx_dev_deactivate+0x10/0x10
[ 1228.961615][ T1176]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1228.963643][ T1176]  linkwatch_do_dev+0x11e/0x160
[ 1228.965168][ T1176]  __linkwatch_run_queue+0x2a7/0x8a0
[ 1228.966797][ T1176]  ? __pfx___linkwatch_run_queue+0x10/0x10
[ 1228.968630][ T1176]  linkwatch_event+0x8f/0xc0
[ 1228.970092][ T1176]  ? __pfx_linkwatch_event+0x10/0x10
[ 1228.971734][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1228.973223][ T1176]  process_one_work+0x9cf/0x1b70
[ 1228.974748][ T1176]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1228.976415][ T1176]  ? __pfx_process_one_work+0x10/0x10
[ 1228.978116][ T1176]  ? assign_work+0x1a0/0x250
[ 1228.979909][ T1176]  worker_thread+0x6c8/0xf10
[ 1228.981860][ T1176]  ? __pfx_worker_thread+0x10/0x10
[ 1228.983478][ T1176]  kthread+0x3c5/0x780
[ 1228.984756][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.986206][ T1176]  ? rcu_is_watching+0x12/0xc0
[ 1228.987754][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.989231][ T1176]  ret_from_fork+0x56d/0x730
[ 1228.990675][ T1176]  ? __pfx_kthread+0x10/0x10
[ 1228.992124][ T1176]  ret_from_fork_asm+0x1a/0x30
[ 1228.993605][ T1176]  </TASK>
[ 1228.995239][ T1176] Kernel Offset: disabled
[ 1228.996580][ T1176] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:20:47  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc000000000d RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff8561dd50 RDI=ffffffff9b102740 RBP=ffffffff9b102700 RSP=ffffc9000676f218
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=ffffffff9b102750 R14=ffffffff9b102700 R15=ffffffff9b1029c0
RIP=ffffffff8561dd77 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974ba000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54deba8 CR3=0000000071333000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffea0001e16f00 RCX=ffffffff81f61046 RDX=ffff888023734880
RSI=0000000000000000 RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc9000610f3e8
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff888051bdf2a8 R13=0000000000000000 R14=ffffc9000610f6e8 R15=0000000000000015
RIP=ffffffff81bb03a2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975ba000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031c04ffc CR3=0000000071333000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff888024d48a28 RCX=ffffffff9407df20 RDX=0000000000000000
RSI=ffffffff8de29fdd RDI=ffffffff8c163700 RBP=0000000000000000 RSP=ffffc9000404f938
R8 =fd5e075b39ab4034 R9 =0000000000000001 R10=0000000000000004 R11=0000000000000000
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b91a2b8 RFL=00000092 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976ba000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008009e000 CR3=000000006b430000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000001 Opmask02=0000000000000060 Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffce3312b7b 00007ffce3312b7b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffce3313080 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffce3313080 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6c6120746f6e20 7369207369687420 2c726f7470697263 73656420656c6900
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6666612074656420 7363207363627420 2672657470637263 7365642065666300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74746120676e6973 7261702072657466 61207265766f7466 656c207365747962
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e6465776f6c6c61 20746f6e20736920 73696874202c726f 7470697263736564
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20656c696620676e 696e65706f207265 7466612073747865 746e6f6320797469
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7275636573206465 676e616863202935 3638332e372e7a79 7328203232392073
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7365636f7270203a 65746972775f616d 6375205d37383031 32545b5d39313438
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000af1f33 RBX=0000000000000003 RCX=ffffffff8b919b29 RDX=0000000000000000
RSI=ffffffff8de4f4d1 RDI=ffffffff8c163700 RBP=ffffed1003bde000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801def0000 R14=ffffffff90aba990 R15=0000000000000000
RIP=ffffffff8b91866f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977ba000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008009f000 CR3=000000006b430000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000