last executing test programs:

4m33.74978391s ago: executing program 1 (id=464):
socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x40, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03000000000000001c0012800b00010062726964676500000c00028005001700"], 0x3c}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r4, 0x8949, &(0x7f0000000000))
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x9, 0x0, 0x0, @binary="38eac21a"}]}, 0x1c}}, 0x20000000)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x101442, 0x0)

4m33.695593261s ago: executing program 1 (id=469):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0xc8769723e875f523)
r3 = syz_usbip_server_init(0x3)
write$usbip_server(r3, &(0x7f0000000380)=ANY=[], 0xfffffffffffffd8e)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r7=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{0x1, <r8=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000540)}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x6, &(0x7f0000000700)=@raw=[@btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @alu={0x4, 0x1, 0x4, 0xb, 0x1, 0xfffffffffffffff4, 0xfffffffffffffff0}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @jmp={0x5, 0x1, 0x2, 0x2, 0x0, 0x4, 0x18}], &(0x7f00000000c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0xffffffff, 0x4, 0x45fb, 0xc}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[0xffffffffffffffff, r7, r8], &(0x7f0000000600)=[{0x1, 0x5, 0x5, 0x2}], 0x10, 0x7fffffff}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x18, 0x2, 0x6)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x1101000000000000, &(0x7f0000000500)=ANY=[], 0x48)
io_uring_enter(r4, 0x26c8, 0x0, 0x1, 0x0, 0x10)

4m33.695040227s ago: executing program 1 (id=470):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='nr0\x00', 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x0)
sendmmsg$inet(r0, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0)

4m33.694401963s ago: executing program 1 (id=472):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40080c0}, 0x80)

4m33.69360708s ago: executing program 1 (id=474):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff00000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r2, @ANYBLOB="08001b"], 0x34}}, 0x4004010)
r6 = socket(0x2, 0x3, 0x6)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendto$inet(r6, 0x0, 0x5b, 0x0, &(0x7f0000000600)={0x2, 0x0, @remote}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
recvmsg$unix(r6, &(0x7f0000000140)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000280)=""/199, 0xc7}], 0x1, &(0x7f0000000380)=[@cred={{0x18}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}, 0x40)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r7=>0x0})
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r8, &(0x7f0000000080)={0x1d, r7, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
sendmsg$can_j1939(r8, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
sendmsg$can_j1939(r8, &(0x7f00000003c0)={&(0x7f00000002c0)={0x1d, r7, 0x3, {0x1, 0xf0, 0x3}, 0x1}, 0x18, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x24004000}, 0x20008000)

4m32.075561587s ago: executing program 1 (id=483):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0xffffffffffffffff, 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x804)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x108b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540), 0x0, 0x20000001)
openat$nullb(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x300)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000000)=0x10003f, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
fsopen(&(0x7f0000000000)='udf\x00', 0x1)

4m32.075342874s ago: executing program 32 (id=483):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0xffffffffffffffff, 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x804)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x108b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540), 0x0, 0x20000001)
openat$nullb(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x300)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000000)=0x10003f, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
fsopen(&(0x7f0000000000)='udf\x00', 0x1)

48.336312515s ago: executing program 0 (id=1149):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x0, 0x0, '\x00', 0x49}, {0x1, 0x21, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x80}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x80, 0xff, 0x3, '\x00', 0x7}]}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="01002cbd7000fedbdf253000000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x800)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), 0xffffffffffffffff)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100"], 0x40)
sendmsg$NL80211_CMD_NEW_STATION(r6, 0x0, 0x40801)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x1000, 0x400007, 0x288}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000001a40)=ANY=[@ANYBLOB="641000001400020027bd7000fddbdf251600000014004b00fc0100000000000000000000000000010c00270000080000000000001400d300fc0100000000000000000000000000000c108a800800e200", @ANYRES32=r1, @ANYBLOB="f457cb0bb23eb693ed00a56ed2d8a859ebbe53c74b759bddd35f8eed6ddd6ab81a8e3c188edd28b77057791d0b47c132fa129e1875abdc2facc8ebe819f6f4b2ab254f526c8ff0fb5ffebf0d9ac93d52194097d4c549d70360ad58acb37c58a96ed486de40cc398c22efafb93de78fb4cc6efbe47ab89cb30c760324c1a988786445cbbf3e8218b3c4366f7443995cbb765a2d53bd780311fb4de1b5c42f1ec313276c715af09c2d6f7f6daf7727804f7134c94a76784c19b7f712c503340c9b753a10fa190a0d34b9fa14730174cc2da5f78229b05398f9e7d30141ffe7bd34c0cb5d115c94e4f0b8e9684b70465103d2909f5239a6aa0e3ce1e4b0f3dd21234fe60517f6db8710036879ad456c183d118e3746786622a061072b1ee7da6b5af074fdb2d747f96a203d8918bf23c881bcdef0de494d22295bd1ae4da494985bf8c66a127177e6420ecf570e754ec31adf6ee39a95833c3310e66e7aab1376ce25af7dd53f3328f1b89a1ec8fd8d598066222ecf61251b3ff8f784dcba6235f8d555271ec9b8394539988ab5cdcb54418c4e6cd212b017c5416451f960112559c5b341b2a10058fb2f36b1eb65748c17b58b5928236a8bde3f6fb71c686c8e1490e3a4fdee4af6290573d744cb09846a9a0fce4b23b630f853e0ad8413b4eba1afc0ad5147d805b74df3fb7bde51562d4adadd360cf6ea338d173818cd324a2334fe957b49d5d16268a71f96b9ad61cf0535593d46f096b7686efa55e62e719495feb017c3af3936d1e3fbe8cb3cb5b557be5f6444776a3a131989749b60b9214e4867ebb73b043e9ba5f81678ab0213b7d801e8e2da15801e731cad399044b771ab7a96d94b162a33b6554053546c628c7877c84adb10fc5046888ca56845730ea33bbdad8adc8b9771158f247b952f0a746e9ccaa6e7e60e2580a4abc27eff66dca0d86103ab77c30071ecc39d643f9a5c8807fc7904b9a987e36468bd1dfaec3c6999f45cf6adceee28f504f7215a838bc81fb58bfe02a0099898ed5482e8af66cf0dce3c69f42ec354f01e707061fcdd146bc94aea01042ea8bfaafd146955b64c3726a9245ab2fac6af3f4e81bc57fd490bf395ee89597a6d22cac548d6091530724854244fb27de2fbcab35b168b1727616a5ca9200ad324facf88717581b4d0bcf8296823247c65fabaed638cb2ed9aa091624a401f7f55ebf49acf52fabceff7c36aeb19e99821611a52cd5546a9f1f2fcfcec78315fd53c1abeae5cd7892a4e1043453039da5f47af6ee90252fe81850bcfb3385d45bfb924bcd68df57586df14b0e8f6b56534f6f26edc5d6e4a76365b9e36bc5d317b1dff396b89ef1731c83a246bbc54c84fe1f1c13e841d1a0ccabf109ceea552cbe35739f0f6b0aba991d8efd0389b2abe666442950f361b39e2bde601ab5880bcb50243ca35153e90b66c22451937b51a0e343614caf4aedf6fa1b28763ca6a172f1ccd63129ffcfa3756e9bff3fc31be392b4e2fe3e5d8615328784c78305f02f5b0b5550bd739696f397013f614054e034b26b5bb505eebdcb3e35cf63b5c94332c0510988b4868e47662c4b2e83f150e99556ad48753fa35e75a215387e3ed078f8be66254f6c0b4a23632bd5c2c47a078d074051b37ee6fc67a7e594ac34efaa86990374ab9ea39c10f0d4fde555c386527d08e65f65e69ba29310769d2136d8637264e08e9e0508172c86a73b271cf716c9bf80266e07ca44a21bc03dc54f54a37344c2759d8b9549c9c3360bae2f05eec69fb6a1e487438bfd5de5d1cce6928e241fcebd7f49be5695dc4abc96c8052668364929e458c2f70dcefa01b1a82cc513100075e48d3cb98605652f25f1b273d28e69d671bb0c354ec5ffc95caac8dae37df49b5e53090926c7b3b85502066201751e9eca533b924711725bdc5f900608f0b719c951286d83e0ff0020cd481aec26895d4545c7a64eb1e2d5561e0d4e22c74eab7c6428a0caad4d16adfb8baeba2727a7b582b104c563d9180261728e946f5baebf3e7982f9ea2d6afbd09e80cf54325e55a7b9c0b502dcf344150d23479ca4a54ee22d3a5421b9f8a332dbf538c6cf7f9dcdd4c6eeafac949ef8c8e1fc972822db5f0c0ea7b5a9663240463343a874ba9dee38808d5f9791f7407ad357a5e70f1fe5c2520b68b449112c1d80440b047620d4f391c25bbf527e66bb9bef0727cc4677fb19a2d30b7f0fd0c440ad54e1b132808e4688705a91ed6b7551733d89247f9f39f938d878abbfb2eee23bd6dfb8397a217913dc5fbf73a526430552c8f79a21155ff3da9cd3fcbf930142b84ba510b37c40e3c0879083128a2e4c06164900caa463a58e84feb8e8d2f04c6124c4b0beebad784da33d35f906d10f77aabe3ea929c23426b42e084723ddea59653a5c8a7cbf425d9fe6be2ea0ff8a4818b8ec9d0de60be386ce543dba53d09011e448ad57cf5f9caff8d92c3b9a6b5e063b8ae7f137f2c472611e9675d0225e4aa719c7c6b3e44c51ee55dcd6df46c844136e2a0f39658b34fd557d92e7ec3df55ce5ab8865627205d57ff98f8fe53489927b28fc10287996e67f758d755b7f2d85c400bc9d256310d0be548437957fda8f3cc7da4809ce7bf8c0f35a4be129ef7dabb31b37472eaa3592423103020a845ef1e7c0b7455e98f68778db9e895e8cbd406d18232eedec5e7c2974b611432e20224d7cf25648ffbd9245865cbcb5dc97f40cfff329a557d19981c3b66e310c7317c9b812752bf5f83f3c6b08461e1665117a4b60d3b672808da84d2cdea1633e9b84e80090315dc0a3f6498d1613a55dfea4435ca7feb8ecec517bed2b1f3b9e48715e227c9cb34de454daf5b18305cbbe4bfcb6abcbdc84d281251a3f7e0cf9e5835ab09e01a75dcef46d9633792699bb17eab43c427e791252a0ea8490e3444f02e5ec971c7aa9085bfeb846a4b427505fffdacfc50e25df48578a0c839208e4c00f5442ced94310f497c7d00a3a687d65586797a15073493bc6b1e1d828ff537e0526a00b67cb51afc2850e0670a523f589931304b1076d3314ba95a11ac3254b76cb062a6cfc3f306a221b02f460b0b0940562a0daed190797098a35da5c373e0628cba241078488740f9d4df935ed3932dbeec4eb79ad658f606b1f15a08626ca4f3b708a6f3020a99fe52a4683f207d5dbc127c1e0d32e2485933c5ca618a317e8db2ced71c5bf41b84e4fd3fc4d341ec6602fd9e946eb35da6d5c413474d80e30dd5ff9e4cbf66f0f63a4b8697452429d0e3df8558c6fe3e7de5c220336c90df697c310c2b6ccb6817a96753bf1a6d23589470553d543e65a165cd03f1f4197e29f32361ccc551889d8572aabd0ab73e390a4bd2f2ff7d3de90241d98927caecdf2cc9ea5f0ec23b2ffe7351e9adbd367a8a5d0e7c4e12fa7b997a8fbde2015b20cb9fb208ceab87039c336dec3e1d89c3e270b1b40b377ffa1e59231389af89dc3eea9abd07343882379b3860f52755d5775e7d349c59b760a119cfb1dbdf0882a77bb62f278f408bee7cc660dae59f93d27cef688b4e6cad3034a78c16efa2c14c0d56426698ad13b7fd450b31896318e330e86f39975bff94ab2fbb6054693f266281925b1f37bf883c152aec048e1f74fd0878d09233da0d6d343ee6c62e2ce6bfeac5bc5fd09fb73aa20b78a25a5f540affd2422b9d190b624cdad4fc94ed23c94f9b8a039a7ed1c289e8b1bf833be7bb708ade17f5807e541003f2b5c01f547f27c138d8e1747b6bdd8b07d30db006145b0f8a1c6b843d33b742170c87a84135ee943b399765c6dcef94bde0ae5871adfca78d464c4f3cbdc1b9ed3462b6b176a2c1fd88b57f9ec4e0fa68102804f1451e2d7a72535605c6916f404791558cf4149831c4a998c7ac6c0e0a741038cdb8f18a6073399b9d9aaf1a1747960139a13fe36e2e6f1ddd7640b2965746cccffadfe6bcd63051715cc1b9eb93161e3df3a930f679902fdf2809034e8d12568dddfc57ea5125e8b0e245789790f845271bf10a836a90857f75ac55bb438240a904cd1da704b90465829c2c3cf6300d2e2c275bc65eaf81174a271f1cc16396eac15dbe4ee7aa7042e50ad76894cc593a860830f0cf0e2fcb04ec56271b85a4ffd9d8eec07756c6379c9f491ce73c8ae2133fc7daf23415ec91f3d1af3b641b19977242d2a1dbfd33cacde4ad3b0aa27bd27ac2f816e4d1c2e77acc702c6e6d018369a13e3b71b7c0774d07c455ef55cedba52cf0b5a152c957b03f2d77c11cb29a7062aa2c3f4312566a4e0f6594dbd780c0c035e876d6ce0a87ee38a10b7871eb564b1aee288d760089ca61203384b669b7e61bf55967eca9bdb6e040698d7cbb284589aed93248aedae4e25610b9d1440d23e62bdd14657643205d3623cac117847d59ef18c1ba2602c3455d05cf4e004733b555187001aa8ecdb5a00f133e169b60f2225e442c47058874850089f86b54b9dd85a732ac5810f6dbf6b3415743fed9c323aa1c9d0043d21c55486b64e99f944d91170e01d9a717eb76469194e1e582f2770c4078386cc8ce442987e46832fc456c20acbfbcb27ea33177f15dec5c59d9ed966226d2ea6c81314bc2ed2845a27920afed239d0355dad206f66a29eb2f495b39df858199c84bb5200351a12eac9c4291061f02eb272ebdbd0589d4274e068237b39390c474229b57bcee13ac54d3d06dc65256faf2db8a2424c9d59731596e4b5e2e7d19fdfd7296f5829153590a3347a1deb4bce459f38fde72c3ce6e9720c67baf14915b67f3385d6b01faf3acc80cf537fbd8981a8b2ad4c92ee6040ae6a689cdc2637961ccbe4d06e74792da82513d6c364a541686db8d67f5c33f0a036d5715f1d0a787d33bdb5c494d824354a929924a55fe159f96f26f3107479807957c909d05e30e1c8474bebc3cace1a2f8248aa057888931db1349422780e4f0dc6291ca931b13708bb278661d4c28e81d61661229128806d64b9cc5160619cfe6e689c3e71f3d175ce809aaf0c5227e70267079534903afd0399bc3e3014e773fc5d0ede69963385f38d804962064ea53fa9a0d5c35a09008584058b4ea8f45872e3ea05dbf47cae0f2006f0288e7fac015b5debc4775bf8e4990f2f3fe864a775af74903cc49edcf675e328304560df695853602c9fc736caa48c24c15e1d55683f6c1c63ab84e0fe13e811501f9634e93338a7944baca5a3b082f2dd141b3b49aeb471b2cab2640add27418aa6ae818d3ce58122edeaa9efdf2e0c6a7715b15634f950d9a5c1b6ee5f2b765bd9cb17796271e6bbb831e2fc28b591d2fce3fe7256b9028cb0e89bad47f9efb05068b2289baa1c06f11c7b2e2f5773fe170d204ba62aae44568d1723a353b59649731dde7bf30dad39684a9f1caee2de33d2ebee95edc41218d2c37b5a2cdbf296e6e23ff81826c8acbda2abd25355d700efa4d79cd857ade66ec52f58186fa2e0b3f32abcc42f638914dc04b1beb9e4be321d946964fa608fc96c3dfeabe9f8f401850975ce370318a06f3593b86808a868ec08a2649aa2565532f5abdf41620e64e9ba9d9f1b4a1c5dd73d9b6d6b36e7045c27c114c8877b750c0dccc5c8938058854934ea82b74203b04b271a0e2b0ca3064c7e860b3792217080affedd4736f7e514d5f282d282586ef3813d9bb6fa3433a45598b98cd87426b36aad3ecf7b21f7c545bb5e43e52ea1722c942dd060974e3387b8b4947424da20f2c43f9833519fc9704b7a8fae5ffc3e26b3c83f26b2cae6e85c5080028000300000008004100", @ANYRES32=r0, @ANYBLOB="bfea98aab8cdcf5ea3cdc0ee077fdd2084437cd36aea3fcb5dd2a6e474da885b97827e4bb56dab70b372dfa5656d7dda4937b1fb6ba6cf7348b85e9a68315b785bce94fe37459950cf"], 0x1064}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004080)
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0xc, &(0x7f00000004c0)=0xa, 0x0, 0x4)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

48.1368279s ago: executing program 0 (id=1150):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x8c0, 0x80000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x40000)

47.116708826s ago: executing program 0 (id=1159):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x0, 0x0, '\x00', 0x49}, {0x1, 0x21, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x80}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x80, 0xff, 0x3, '\x00', 0x7}]}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="01002cbd7000fedbdf253000000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x800)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), 0xffffffffffffffff)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100"], 0x40)
sendmsg$NL80211_CMD_NEW_STATION(r6, 0x0, 0x40801)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x1000, 0x400007, 0x288}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000001a40)=ANY=[@ANYBLOB="641000001400020027bd7000fddbdf251600000014004b00fc0100000000000000000000000000010c00270000080000000000001400d300fc0100000000000000000000000000000c108a800800e200", @ANYRES32=r1, @ANYBLOB="f457cb0bb23eb693ed00a56ed2d8a859ebbe53c74b759bddd35f8eed6ddd6ab81a8e3c188edd28b77057791d0b47c132fa129e1875abdc2facc8ebe819f6f4b2ab254f526c8ff0fb5ffebf0d9ac93d52194097d4c549d70360ad58acb37c58a96ed486de40cc398c22efafb93de78fb4cc6efbe47ab89cb30c760324c1a988786445cbbf3e8218b3c4366f7443995cbb765a2d53bd780311fb4de1b5c42f1ec313276c715af09c2d6f7f6daf7727804f7134c94a76784c19b7f712c503340c9b753a10fa190a0d34b9fa14730174cc2da5f78229b05398f9e7d30141ffe7bd34c0cb5d115c94e4f0b8e9684b70465103d2909f5239a6aa0e3ce1e4b0f3dd21234fe60517f6db8710036879ad456c183d118e3746786622a061072b1ee7da6b5af074fdb2d747f96a203d8918bf23c881bcdef0de494d22295bd1ae4da494985bf8c66a127177e6420ecf570e754ec31adf6ee39a95833c3310e66e7aab1376ce25af7dd53f3328f1b89a1ec8fd8d598066222ecf61251b3ff8f784dcba6235f8d555271ec9b8394539988ab5cdcb54418c4e6cd212b017c5416451f960112559c5b341b2a10058fb2f36b1eb65748c17b58b5928236a8bde3f6fb71c686c8e1490e3a4fdee4af6290573d744cb09846a9a0fce4b23b630f853e0ad8413b4eba1afc0ad5147d805b74df3fb7bde51562d4adadd360cf6ea338d173818cd324a2334fe957b49d5d16268a71f96b9ad61cf0535593d46f096b7686efa55e62e719495feb017c3af3936d1e3fbe8cb3cb5b557be5f6444776a3a131989749b60b9214e4867ebb73b043e9ba5f81678ab0213b7d801e8e2da15801e731cad399044b771ab7a96d94b162a33b6554053546c628c7877c84adb10fc5046888ca56845730ea33bbdad8adc8b9771158f247b952f0a746e9ccaa6e7e60e2580a4abc27eff66dca0d86103ab77c30071ecc39d643f9a5c8807fc7904b9a987e36468bd1dfaec3c6999f45cf6adceee28f504f7215a838bc81fb58bfe02a0099898ed5482e8af66cf0dce3c69f42ec354f01e707061fcdd146bc94aea01042ea8bfaafd146955b64c3726a9245ab2fac6af3f4e81bc57fd490bf395ee89597a6d22cac548d6091530724854244fb27de2fbcab35b168b1727616a5ca9200ad324facf88717581b4d0bcf8296823247c65fabaed638cb2ed9aa091624a401f7f55ebf49acf52fabceff7c36aeb19e99821611a52cd5546a9f1f2fcfcec78315fd53c1abeae5cd7892a4e1043453039da5f47af6ee90252fe81850bcfb3385d45bfb924bcd68df57586df14b0e8f6b56534f6f26edc5d6e4a76365b9e36bc5d317b1dff396b89ef1731c83a246bbc54c84fe1f1c13e841d1a0ccabf109ceea552cbe35739f0f6b0aba991d8efd0389b2abe666442950f361b39e2bde601ab5880bcb50243ca35153e90b66c22451937b51a0e343614caf4aedf6fa1b28763ca6a172f1ccd63129ffcfa3756e9bff3fc31be392b4e2fe3e5d8615328784c78305f02f5b0b5550bd739696f397013f614054e034b26b5bb505eebdcb3e35cf63b5c94332c0510988b4868e47662c4b2e83f150e99556ad48753fa35e75a215387e3ed078f8be66254f6c0b4a23632bd5c2c47a078d074051b37ee6fc67a7e594ac34efaa86990374ab9ea39c10f0d4fde555c386527d08e65f65e69ba29310769d2136d8637264e08e9e0508172c86a73b271cf716c9bf80266e07ca44a21bc03dc54f54a37344c2759d8b9549c9c3360bae2f05eec69fb6a1e487438bfd5de5d1cce6928e241fcebd7f49be5695dc4abc96c8052668364929e458c2f70dcefa01b1a82cc513100075e48d3cb98605652f25f1b273d28e69d671bb0c354ec5ffc95caac8dae37df49b5e53090926c7b3b85502066201751e9eca533b924711725bdc5f900608f0b719c951286d83e0ff0020cd481aec26895d4545c7a64eb1e2d5561e0d4e22c74eab7c6428a0caad4d16adfb8baeba2727a7b582b104c563d9180261728e946f5baebf3e7982f9ea2d6afbd09e80cf54325e55a7b9c0b502dcf344150d23479ca4a54ee22d3a5421b9f8a332dbf538c6cf7f9dcdd4c6eeafac949ef8c8e1fc972822db5f0c0ea7b5a9663240463343a874ba9dee38808d5f9791f7407ad357a5e70f1fe5c2520b68b449112c1d80440b047620d4f391c25bbf527e66bb9bef0727cc4677fb19a2d30b7f0fd0c440ad54e1b132808e4688705a91ed6b7551733d89247f9f39f938d878abbfb2eee23bd6dfb8397a217913dc5fbf73a526430552c8f79a21155ff3da9cd3fcbf930142b84ba510b37c40e3c0879083128a2e4c06164900caa463a58e84feb8e8d2f04c6124c4b0beebad784da33d35f906d10f77aabe3ea929c23426b42e084723ddea59653a5c8a7cbf425d9fe6be2ea0ff8a4818b8ec9d0de60be386ce543dba53d09011e448ad57cf5f9caff8d92c3b9a6b5e063b8ae7f137f2c472611e9675d0225e4aa719c7c6b3e44c51ee55dcd6df46c844136e2a0f39658b34fd557d92e7ec3df55ce5ab8865627205d57ff98f8fe53489927b28fc10287996e67f758d755b7f2d85c400bc9d256310d0be548437957fda8f3cc7da4809ce7bf8c0f35a4be129ef7dabb31b37472eaa3592423103020a845ef1e7c0b7455e98f68778db9e895e8cbd406d18232eedec5e7c2974b611432e20224d7cf25648ffbd9245865cbcb5dc97f40cfff329a557d19981c3b66e310c7317c9b812752bf5f83f3c6b08461e1665117a4b60d3b672808da84d2cdea1633e9b84e80090315dc0a3f6498d1613a55dfea4435ca7feb8ecec517bed2b1f3b9e48715e227c9cb34de454daf5b18305cbbe4bfcb6abcbdc84d281251a3f7e0cf9e5835ab09e01a75dcef46d9633792699bb17eab43c427e791252a0ea8490e3444f02e5ec971c7aa9085bfeb846a4b427505fffdacfc50e25df48578a0c839208e4c00f5442ced94310f497c7d00a3a687d65586797a15073493bc6b1e1d828ff537e0526a00b67cb51afc2850e0670a523f589931304b1076d3314ba95a11ac3254b76cb062a6cfc3f306a221b02f460b0b0940562a0daed190797098a35da5c373e0628cba241078488740f9d4df935ed3932dbeec4eb79ad658f606b1f15a08626ca4f3b708a6f3020a99fe52a4683f207d5dbc127c1e0d32e2485933c5ca618a317e8db2ced71c5bf41b84e4fd3fc4d341ec6602fd9e946eb35da6d5c413474d80e30dd5ff9e4cbf66f0f63a4b8697452429d0e3df8558c6fe3e7de5c220336c90df697c310c2b6ccb6817a96753bf1a6d23589470553d543e65a165cd03f1f4197e29f32361ccc551889d8572aabd0ab73e390a4bd2f2ff7d3de90241d98927caecdf2cc9ea5f0ec23b2ffe7351e9adbd367a8a5d0e7c4e12fa7b997a8fbde2015b20cb9fb208ceab87039c336dec3e1d89c3e270b1b40b377ffa1e59231389af89dc3eea9abd07343882379b3860f52755d5775e7d349c59b760a119cfb1dbdf0882a77bb62f278f408bee7cc660dae59f93d27cef688b4e6cad3034a78c16efa2c14c0d56426698ad13b7fd450b31896318e330e86f39975bff94ab2fbb6054693f266281925b1f37bf883c152aec048e1f74fd0878d09233da0d6d343ee6c62e2ce6bfeac5bc5fd09fb73aa20b78a25a5f540affd2422b9d190b624cdad4fc94ed23c94f9b8a039a7ed1c289e8b1bf833be7bb708ade17f5807e541003f2b5c01f547f27c138d8e1747b6bdd8b07d30db006145b0f8a1c6b843d33b742170c87a84135ee943b399765c6dcef94bde0ae5871adfca78d464c4f3cbdc1b9ed3462b6b176a2c1fd88b57f9ec4e0fa68102804f1451e2d7a72535605c6916f404791558cf4149831c4a998c7ac6c0e0a741038cdb8f18a6073399b9d9aaf1a1747960139a13fe36e2e6f1ddd7640b2965746cccffadfe6bcd63051715cc1b9eb93161e3df3a930f679902fdf2809034e8d12568dddfc57ea5125e8b0e245789790f845271bf10a836a90857f75ac55bb438240a904cd1da704b90465829c2c3cf6300d2e2c275bc65eaf81174a271f1cc16396eac15dbe4ee7aa7042e50ad76894cc593a860830f0cf0e2fcb04ec56271b85a4ffd9d8eec07756c6379c9f491ce73c8ae2133fc7daf23415ec91f3d1af3b641b19977242d2a1dbfd33cacde4ad3b0aa27bd27ac2f816e4d1c2e77acc702c6e6d018369a13e3b71b7c0774d07c455ef55cedba52cf0b5a152c957b03f2d77c11cb29a7062aa2c3f4312566a4e0f6594dbd780c0c035e876d6ce0a87ee38a10b7871eb564b1aee288d760089ca61203384b669b7e61bf55967eca9bdb6e040698d7cbb284589aed93248aedae4e25610b9d1440d23e62bdd14657643205d3623cac117847d59ef18c1ba2602c3455d05cf4e004733b555187001aa8ecdb5a00f133e169b60f2225e442c47058874850089f86b54b9dd85a732ac5810f6dbf6b3415743fed9c323aa1c9d0043d21c55486b64e99f944d91170e01d9a717eb76469194e1e582f2770c4078386cc8ce442987e46832fc456c20acbfbcb27ea33177f15dec5c59d9ed966226d2ea6c81314bc2ed2845a27920afed239d0355dad206f66a29eb2f495b39df858199c84bb5200351a12eac9c4291061f02eb272ebdbd0589d4274e068237b39390c474229b57bcee13ac54d3d06dc65256faf2db8a2424c9d59731596e4b5e2e7d19fdfd7296f5829153590a3347a1deb4bce459f38fde72c3ce6e9720c67baf14915b67f3385d6b01faf3acc80cf537fbd8981a8b2ad4c92ee6040ae6a689cdc2637961ccbe4d06e74792da82513d6c364a541686db8d67f5c33f0a036d5715f1d0a787d33bdb5c494d824354a929924a55fe159f96f26f3107479807957c909d05e30e1c8474bebc3cace1a2f8248aa057888931db1349422780e4f0dc6291ca931b13708bb278661d4c28e81d61661229128806d64b9cc5160619cfe6e689c3e71f3d175ce809aaf0c5227e70267079534903afd0399bc3e3014e773fc5d0ede69963385f38d804962064ea53fa9a0d5c35a09008584058b4ea8f45872e3ea05dbf47cae0f2006f0288e7fac015b5debc4775bf8e4990f2f3fe864a775af74903cc49edcf675e328304560df695853602c9fc736caa48c24c15e1d55683f6c1c63ab84e0fe13e811501f9634e93338a7944baca5a3b082f2dd141b3b49aeb471b2cab2640add27418aa6ae818d3ce58122edeaa9efdf2e0c6a7715b15634f950d9a5c1b6ee5f2b765bd9cb17796271e6bbb831e2fc28b591d2fce3fe7256b9028cb0e89bad47f9efb05068b2289baa1c06f11c7b2e2f5773fe170d204ba62aae44568d1723a353b59649731dde7bf30dad39684a9f1caee2de33d2ebee95edc41218d2c37b5a2cdbf296e6e23ff81826c8acbda2abd25355d700efa4d79cd857ade66ec52f58186fa2e0b3f32abcc42f638914dc04b1beb9e4be321d946964fa608fc96c3dfeabe9f8f401850975ce370318a06f3593b86808a868ec08a2649aa2565532f5abdf41620e64e9ba9d9f1b4a1c5dd73d9b6d6b36e7045c27c114c8877b750c0dccc5c8938058854934ea82b74203b04b271a0e2b0ca3064c7e860b3792217080affedd4736f7e514d5f282d282586ef3813d9bb6fa3433a45598b98cd87426b36aad3ecf7b21f7c545bb5e43e52ea1722c942dd060974e3387b8b4947424da20f2c43f9833519fc9704b7a8fae5ffc3e26b3c83f26b2cae6e85c5080028000300000008004100", @ANYRES32=r0, @ANYBLOB="bfea98aab8cdcf5ea3cdc0ee077fdd2084437cd36aea3fcb5dd2a6e474da885b97827e4bb56dab70b372dfa5656d7dda4937b1fb6ba6cf7348b85e9a68315b785bce94fe37459950cf"], 0x1064}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004080)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x23457, 0x0, 0x0, 0x1})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0xc, &(0x7f00000004c0)=0xa, 0x0, 0x4)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)

46.756017445s ago: executing program 0 (id=1160):
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x81100}, 0xc, &(0x7f00000007c0)={&(0x7f0000002500)=ANY=[@ANYBLOB="fc030000", @ANYBLOB="1a301641e00ae4fa23ce3914cb8f999c8ea536797ea6c2537008892af5d5896373cc2a9c767eeff13dc4c25a5e1fc62caea8e9bfddc02d98ce3e8e7ecee753566e361266794b52e4aa253961e0bd7da2705c264fe53bbf45806bfde1765227f5ee391af13fde3a58a00cded6120af527d5fee8f05955af0b7e429193fbae8ed6faa2e997e8766bd421974a1264d39907a35f61ada20d47d54d60c40de77e0e5a4a8f9ce0c1b7ced97b8211473b4a", @ANYBLOB="000826bd7000fcdbdf251800000005000600010000003c00018008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468315f766c616e000000000000140002007866726d30000000000000000000000008000100", @ANYRES32, @ANYBLOB="0500050001000000f00102800800020004000000a80004006b3423c2257cb84c1da41a7571ec246a07fa435723eb6d9cf1afe3bd5ca3e78d9ed5426f94d01027414f19348817526ddf31dd99dd13b1bc21d953cae9232cd62d01649b3fd770305ca0f8c161e44d0f679ed203236f505e0ada39fd48164d85bf053fa8d5b3dad56b37f95206595cff0855d2965f3b84e968c73e41153583d9ddf189c53956a53da0fcd7ffd9d2dab3e3f7414893fba34a3e116a611ffef1f5e23b0e737d0004001348651df1a0646e8806c21824966650b182a54142f002dafa4164a8bee9b9485787442cc155fa87c0000ba50fa05bcb48cbbbefed0011890e0735b931b5419452520071e981c3c3152db6caaf99e19bb7f9f552753ee6e3d7d6f40d1e0c98359aca9d3d3abb48b4ff06c04dd2d4c1c2a5aed1bbfe42ee01f500000040000400fa1b6d1c860a5a7a9d4962bdb17cc2d281cab2fa97df13b81bff92f39f5da73fb2814adb56e5f658515410a52935e3bbf18b88c6b3eeaeff506366167c00050057081a5cd43f3672a104706d77616bda9a534c580bd2504b38d2c428ffe6b5fa1e30fa2f836e69aaca1914d53a7e5af8d4d12b8f68bb26864683561d0320b3de51127891197b7cb1adb734dce029ea057ed5c893b483b2dffcd08d458d582074bf8a036a83bc1f11a78a48d898f5f1072f616c4005000600000000000500060001000000050006000000000008000700f9ffffff8c01028008000200300000009a000400c333bffada308d30e89a63ef7a09aff5f1eff3dfe8dc9844f6f82eb128588474f8065f84b0e2e869ac221dec951caf279891bfe0f1716aa1ce9d410949fb512a7c14798c5d755287d566fd74ea1df5a843a78751835aca9c272ed5fbefa7fba981a506711497afc67aa062b1a5b9373cb0e9284c838149d83a80e4425cd15d85d304eaa1894531da761b59b81f3bf7078529aab6d4b40000e40003802c000180150002002f70726f632f74696d65725f6c6973740000000007802054379be1718300010069000000080001800400030014000180080001000600000004000300040003001400018004000300050002000000000004000300380001800a000200626f6e64300000000b0002002d48235c2e2100000800010005000000080001001a0000000400030008000100060000001800018006000200250000000b00020025217b2f2b5c0000340001800400030004000300040003000800010009000000150002002f70726f632f74696d65725f6c697374000000000400030000000000a1b7180783fdbe2dff55f25f68bb5bdee1b8af9cdb0c9c3619defa385811ade93829ae34af44006d9fe99e3a9a8a851db1874be38b51ca2270207f79509ce1318fadcaa1c3c9abe083685bf1f97f3173fe665b431bc6a8e0bff7f59a"], 0x3fc}, 0x1, 0x0, 0x0, 0x10}, 0x4000001)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@deltaction={0x1ac, 0x31, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}, @TCA_ACT_TAB={0x78, 0x1, [{0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8003}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x14, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @TCA_ACT_TAB={0x90, 0x1, [{0x10, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfff}}, {0x14, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10000}}, {0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffa}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x804}, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
unlink(0x0)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r6, &(0x7f0000000980)={0x2020}, 0x2020)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r7 = socket(0x2, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000003c0)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000340)=0xc)
preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000180)=""/82, 0x52}], 0x1, 0xd651, 0x72b)

45.721332461s ago: executing program 0 (id=1166):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r0)
r2 = socket$netlink(0x10, 0x3, 0x4)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000000, 0x2449, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @any, 0x0, 0x1, 0x9, 0xfffffffffffffffd, 0x0, 0x8, 0x1})
close_range(r2, 0xffffffffffffffff, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x4c, r1, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @loopback}, @NLBL_UNLABEL_A_SECCTX={0xf, 0x7, 'unconfined\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x4c}, 0x2, 0x34005}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x15, &(0x7f00000000c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x141}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)

45.6221627s ago: executing program 0 (id=1167):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x8c0, 0x80000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x40000)

45.510421092s ago: executing program 33 (id=1167):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000, 0x8c0, 0x80000000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x40000)

7.237194644s ago: executing program 4 (id=1410):
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xa0, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8e, 0x2, 0x1, 0x6, 0x0, 0xf5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x400}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x4e, 0x663, 0x8}, {0x6, 0x24, 0x1a, 0x3, 0x1a}, [@mdlm={0x15, 0x24, 0x12, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x3, 0x81, 0x3, 0x1, 0x7}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x7, 0x8, 0xd, 0x5, 0x7f}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xdc, 0x1, 0xf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x20, 0x3, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x2, 0x10}}}}}}}]}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x7)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x2)
read$FUSE(0xffffffffffffffff, &(0x7f00000007c0)={0x2020}, 0x2020)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
dup3(r5, r4, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0x4, 0x4, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

4.726307745s ago: executing program 3 (id=1417):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

4.666454491s ago: executing program 3 (id=1418):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x10000000000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x4}}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
creat(&(0x7f0000000100)='./file0/file0\x00', 0x10c)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000009c0)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x8, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x2404c000}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f0000000000)=0x66e7, 0x4)
r6 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$printer(r6, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r6)
r7 = socket$igmp(0x2, 0x3, 0x2)
close_range(r7, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x20009, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x2000bf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r8, 0xffffffffffffffff, 0x0)
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0, <r9=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734bc5862ef52983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1d7abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff14427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x9, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x0, 0xd, 0xffffffffffffffff, 0x102, 0xed3, 0x2, 0x5, 0xc000, 0xfffffffc, r9, 0x0, 0x7, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

4.140186991s ago: executing program 4 (id=1421):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0xc8769723e875f523)
write$usbip_server(0xffffffffffffffff, &(0x7f0000000380)=ANY=[], 0xfffffffffffffd8e)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x0, &(0x7f0000000700), &(0x7f00000000c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0xffffffff, 0x4, 0x45fb, 0xc}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0), 0x0, 0x10, 0x7fffffff}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x1101000000000000, &(0x7f0000000500)=ANY=[], 0x48)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x181a02, 0x74)
io_uring_enter(r3, 0x26c8, 0x0, 0x1, 0x0, 0x10)

4.047840882s ago: executing program 4 (id=1422):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001800010000000000fedbdf251d01060008000900", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000001800010000000000fedbdf251d01060008000900", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
gettid()

3.976232523s ago: executing program 4 (id=1423):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

3.018180015s ago: executing program 3 (id=1430):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000001c0)={0x0, 0x8}, 0x14)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x80, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x64, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x19}, @device_b, @device_a, @initial, {0xf, 0xfc4}}, 0xfff, @random=0x5, 0x1000, @val={0x0, 0x6, @default_ap_ssid}, @void, @val={0x3, 0x1, 0x9}, @void, @void, @val={0x5, 0x5, {0x2, 0xc9, 0x9, '-O'}}, @val={0x25, 0x3, {0x1, 0x68, 0x1}}, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @val={0x3c, 0x4, {0x0, 0x8, 0xa5, 0x5}}, @val={0x2d, 0x1a, {0x8, 0x2, 0x1, 0x0, {0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1}, 0x1, 0xc396, 0xa}}, @void, @void, @void}}]}, 0x80}, 0x1, 0x0, 0x0, 0x804}, 0x0)

2.776920216s ago: executing program 3 (id=1431):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0xc8769723e875f523)
write$usbip_server(0xffffffffffffffff, &(0x7f0000000380)=ANY=[], 0xfffffffffffffd8e)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x0, &(0x7f0000000700), &(0x7f00000000c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0xffffffff, 0x4, 0x45fb, 0xc}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000005c0), 0x0, 0x10, 0x7fffffff}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{0x0}], 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x1101000000000000, &(0x7f0000000500)=ANY=[], 0x48)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x181a02, 0x74)
io_uring_enter(r3, 0x26c8, 0x0, 0x1, 0x0, 0x10)

2.689096029s ago: executing program 3 (id=1432):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40800}, 0x4044000)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x5e23, @remote}}, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000180))
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
getrusage(0x0, 0x0)
r3 = dup(r2)
r4 = openat$ttyS3(0xffffff9c, &(0x7f00000004c0), 0x440000, 0x0)
ioctl$TIOCL_GETSHIFTSTATE(r4, 0x541c, &(0x7f00000003c0)={0x6, 0x7})
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = socket(0x1, 0x1, 0x0)
ioctl$sock_ifreq(r6, 0x89f2, &(0x7f0000000040)={'bond0\x00', @ifru_settings={0x6, 0x8, @sync=0x0}})
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
syz_io_uring_setup(0x7bc6, &(0x7f0000000280)={0x0, 0x1c2a, 0x20, 0x0, 0xfffffffc, 0x0, r3}, &(0x7f0000000100), &(0x7f00000001c0))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r3, 0x5101)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r7 = socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000080)={'veth0_vlan\x00', 0x200})
ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000005c0)={@null, 0x8005, 'lo\x00'})

2.341727711s ago: executing program 2 (id=1434):
r0 = socket(0x2b, 0x80801, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0x3, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40010)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket(0x2c, 0x4, 0x0)
getgroups(0x2, &(0x7f0000008840)=[0x0, <r2=>0x0])
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000008980)=<r3=>0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000013c0)="730275ba6132034a2eba069d8de465f20993d19bbcbd5631bf394469d8cf4f79ba43b93960f166a7de906373fe70d39824a7feedd98b48c8bebdad296922482f32b23b0f1fead914025370464e08c08a96bc25be972d272573353440e191fa9efc8ad065ef20807e61184e93051b2cbf04675fef3e109608d32e9c22a3d88b46d6189f756813727a85fc8b5c5e9156c2a097f7fb7dd213bb9603add25990943e872acefe90aa7f7486ba848fb1e31df9496bd2bc01e35994c4470d332ef38d980a1236036237e4f43f4b6e76644906a2494dc0f21b4434dcdf301f757a43aaf1b977b0016953a34ea212cc1839b7e63a5379bd77226d3c83757b708d8f019a0ca6a2765d6ab8bc0f4317e76f950eaad6f0decb036f7aec46d96b27a934a3854a89a3ef96946ec625d6bbaeed38b91ec03edecff95cdae9e1b6a3b4aaafd20dc29f5480ee00f7cfbe2b16f2983184f2f53606e6e7d781b98532842cf8185e477135fa7ac9ab109591dc2a496a5d8d1753bcde61ea0d917a63ea50eea617d97e9e1d987369375fe5819a3ef4edc0728866b50c61739908e70ea973cda3492601cbca07badf08155dca2e8133d918c5a19bf632d90fe1904bd80009cc3cab947c6914a43109ebea0f5e2409dcf11f734b82b72c72e5add29b19dd2b9e270d2f01752a88d45d4879481cfef67760a602a3bd0589c71cacfef998840e6c5c4ac6f61599caba2abfb574dd0a0ffcba4758028b68a5b8c35e695dfcbea3419f2fa65d221e66792025006e69e977b92452e8ebb7ef29b1b96c6dbbee2fa257b74271d3972ce04054cc5addf1ec976a369f13f85ebb82b446e706b94a1bf5bc79b2931b66f8abc1481adbcce83f3822b9dd7d51500507953686014154ca20942139ac07d2967518c1dc733859f34dc3ed16ea71a3451b854cf47f28a33f48685d1008a2bb18f11b805e731dea611aba1bac0ab19887efc6520d303bd0ff62c1146a13649e25c798c82f610fadf04f9dd257d85480d07394701a82f2e28dc02c7fc9aab9229a56a2daf81f4c20166988fdb964f2a10c228351305c35df1facc9d1f13a402be8d48857c72c727f52089d1d4068c040816c86bb0d1949382517432aadd4f10d9e9ea91afa435d9c472c19a5e93549a670df5995645adc4e9908ec3367fcdaa42ea02b1a0c10bb5e00fcba906f28ab2610ea5862c209dd536c5c24fa3739209f0031e01ffea415fd62036451885d6a0b44c4ae31c20621a65467e2565d62c7dbf4f49d2aa44c261710790eccdb586d45b0666e749cc555effca8f873c024ad11f8c6098643c33e53ba31e099e102fed8c1ffd9f30218f8506e8e12d27af37be79201b87162a2c117fb49cc1ea28266207c87b1a55aaac4f9fddff5b5abd676711943dccbcfff048c2182aeedf252106f2efcca3be3e02ef693e30cd224bb2fbca9c6018c678d2663605285e19793d6375ec1e369e8130473891f4548b2bcd1d4e4b27672a61d786d420109629df957a839118456ec955d3bc8e65427d4eaaa742e443ca20ead76db45106892350bbae02ef6bcd81906a8406c6d580557653e45f1cb14171737e6e76368176c533ac58845b8f43f885ba1d3a0a3a293f8e5808871bee4d33231700a1d0d8b353f481ab604a5ae0997603b56ba6731503daeef9a25f0bb3bce7ab7418767de9786b9826893ad0cf18cfc0e594976aa932cfd69f7838347f3cecf0038899148f04fcb4481ee28383f73a4f78c388f6b06cba954fd9695488d199303b847c1cc0ca01d79bc8d9e90d14bf7a343d58ae0bef6940d29604a7c28ae01ca90104effb8dcd653b7ac70180fbca25e26c62266eff5fb31fcfef68a13cbf7c0f5c226f19c20063da248792290f49800052e6f81d20d571bf2ffdbeb7d7639b673a450e40e8cc78cb696b2966cfe448d95870ee25acd7636a2b4b64d83048c86fb49098b996e17a5bfb278862231606f0cffa693c54145476427eed3ef82e5f8e800b9488bc9428bf167cb53492e0f7f09120940f33119ed48572fc0bb1a53be3c5274f8a179e9d500847e537e44accd239dac6215d0a659839974cc0a96a1f9715dadc832f19708aebb32b40afaef75559f6ce8a55217a639758b52dd8c9abc0806475b465e38ee0464050ae4536e8300603f358d304d2e71829725d3948a4b5d75b524c2c1f56dcf293a3e7f41a751391e232079ac58bde6b965e27bb17eba596f924109715b1cae83af9be4be90f0bed4b7db9d73977756e62545f290f8252188dc5c74251ec64aeec917cf5ea42f4a57b12308c9bc84357c983efef925a8ede70cf079eda3ad95639820369608ff0f1b8e513d553fec8a7229ea2d3fa9ceb20e080831be99ed8175ac45c085e020c1cf55e11d7673b6ba36a46e62f7a4eac51a7b9c76feecfa1c3e1307d9c1c3932aa9ab7a4f06b72fc6cb99966ab52b93318cb519b550952f9e3c8eb3546637759a140041c118711f7a6ca006e73b6afa93622ba127ee6dceabdf2495e93dc8f0766f389799f44dd214f51f40d95e0ab00a683ed7bb46b3b5c21e8f88b1d0a2e394d4204951bf2aecf152712d0c4e41e0dbca66136f44f0d9ab0ef1a55520a90bf2e8db990cb2c659b343cb3db578c2483880a1c37cbaed5305f576f691e9333cfaac689a5209324727956af2c6d028343f985669ffdf1d7430a695a7fba1584c6e104efbe5751f9fab8bedaceb2d57fdc1360c2b724393e2350494b9dfc53faffc2190db1688da8bec5c612abbfa3b53c512b3636ee5022a4d6ccc116da6843971d3fcd669ec358eaed38c970b6547bedc333544e867ac76e13f52bbc7cb253892d7207a5afa97f9578d0f7e363a5f1f75535d8c0a04a3628746bfea34f6bb730d9da31ed341dcb525da9fdfaf3dfb0443eb68d91182ca4e5792489d85852c2e4eb6ca54a762a0364f37ea9a1f53ca1441429d523ae8c7d8a823077b27fcc4968047b20c6687eb294f3761ce32f0dcb111394321f745a0cabdb84db09123fbc2a878b52ef4c9e95fd69c1a4a8b1b3591b1b0d02a5c4776017061d3ea336e22625263b8cf15579c042d96881159795bb1bc0151576d4191ce225b27d26a7c1e16d27812aa9e09bbeac85b49874ad8eb6137d97d0400344f2479b67430885f2985aa7635bb2d2a6938a7e5abcb0b924f72217dc475c40c99caf247f3c22e146457d96b85729a285437e80b2a7ffb7199d7469be05138f3e8186f04d3d003165b20eecb357b027eba5d982cb421e1d8e0808d8939191dbf3bf8f439e279a172d026aeee66b7e0c8b1901af129b352b0185dbb03cf80a53d923e72ddea3f0156c8642842835f6aac084244492aeeb791f657f9ace8dafad355960973cc4b0cfae053214ad1dc164518b5c0dcf8260f9cd3052ae74f7175a87eab7d6625cc1a2effc965d1fa22ea86346854e28fe039754ffe2cb9762814063148131f3bdd3102844e99979b5d0a339a4511ee99dc4b2cc45697733c8e648c5dc0e03e52da717d14e50ea074cf0e337c77bae4a83b01b194691e01e0349b4a9e99de3c8da66c63dfbe827079a9ebe4ac4556e0f3dff08612258ee696f8b62d0a893b7dc509453a2096f8d776f6da137fd575d02e8eca3f6a2032a22ea36105a807ca653d21c8651252548a5fa305534de9cb81d0eedee931ad5ae3324e1f8d3f93d06dacf17e78e8ab35db7d2a7a3c37e9cc825b217960763eb886ce8e630e0e8f8804335ee4720503f49ccabb1bd7897b71a8527c8807ff243e8924e25fe0947048087a7dac3bca22bcf53cf6d415dfcde268004420e542400b0324350ab25fdc8c5c5db6dcfd0bcf45dfc5dcafff30807f74ee6dce0eb49688ddb893a3abfe58fd5f9f2a0046ef6dce4ca231584deb335cfb88def5a60ec696decbd0178535edd88dcedba92413e7ccd6d1f68c374fcc30664ee620c8149bc0d3c8e7eb7cb2cfa17db25e5b0e9ce49ea19035027117d3e584050fe2309c576f75dc772a2a37f88be901b7eef3c51597675e5bceca3e4fed753148b418d734cf180023b09e1d3f31bf44fe0343410b18e056cd7773c4289ffaeca762184f2f47152db61e6354a6ee9f535f38d4806509ee02d10c1d6ca7bb3c261536c5f3938c2eb5e87a56d07eb45421f4ee582ead12a44104ab1171ae6171bccd2ec59986258c75e134665452abcda8029ae8496b828f628fe112f4a326b64a1548d254057b2eb9c0b0059639f34bbffa68af61d6e059baced9bb60be35f686aec6d44c1a551dbe17d9d6f9699981c7a30cf47074989000b5574bed8acf676e0850f82240a043fee5fcbd7f62eb6b447fe9a516ae325b31d21b86c1c4bd3a5afd8a1f653357db30f5c15f31f812375f768cf716aaf7e445eaaaa6a1f2dd34250269825de316779cf9a66d641d8c7a1c9eab93d65aa449c2eb085ce4731f249e34841568cff1afd80cfa82fd00a6640432e282af4706bd0c08c99d39ca771d2e1d9ea2f5b307389163d6b525360df95eee7a4917481eecd1ba3bc8409cff844300dd1f06889145f36092eaa5411b0e633b451770ce61a2b7f01e6b5021d407ef2162102702f2511dc59ef0a27ca859142f884ed649a146ead497398108e246c7480267d3a05f053c19af6d2ba8c7af7432ea91f6080f9114922db9a4dbd29ac5e7884f357c77bdc50b67b62879e62c1e4a055cc8671f6620aee52c3dffd7d9d9128e9e3b9e8bebeed47d19debf235c655a447a8d3380f90c8842ac938ef39b15541c9bbead89c2b45c6fe0937a80ac10ce277c692ab9e76d2930f5399484da603c66c02f962d6c31ae68ba2b85f1d282fa4221fa077182e4da7d1255e285ab73e7637eda1fbce33537320196c5b478d41c1163b88c1b6593602d150412ab3e411207527de7611e1081595908715b448346431e2a1f68e7126bd45613443c08b5c5539446b7e48f58d55372123ec1276727f6e37530f0f42229e30a975eb9ce6e4bf47be16377562e642a68b8355c043ab6a03014e645a109e82b201c8c1a837ca2f883181b95847349f8820b50a97a9c60d0d2bab70bda4da71d5b5a4e2f3041671d5a614495d826d0b47c65304b97d341c1ef741cf846bac790ddd813b5aa0b2c2e9094e2513e11e65f3b152d10ba3e22498d0f573e89780ca75d6a63e1eeb461c749bc0a6db8cd69e6b0582400c85a4ae17d6e62f25f3f4c342a7ee9c04bd00d19a75451e2a177a53aaf0a671ae42100de7a29d20301cde0ded3f373f9d97b3d9f6e47cf03b85e39cd9132918dc7dceda6ddac2230230918dd3dcc2795fa78085cacee1cce40f30dedd157b9a8413b984703db4d75f19722738c3d8a5bef4506caeb967d688258f8de0940a55717bde9940bc4ff504811692d6b04b8baa00418d6a7b8a62b39019bd3d062379a7dbfc2b9685279be4c7591b549a3e058989bff70f8d4ac0828a0ec97bfd802a84360cab5f4a3038a7facbe0a3584477713dfd5a89590d42135606935bb86a0c329ddf5be2598a47366d03e9f0317e7c8d5a2c7717e0987140495dfc2d0d6508f0038b9bd8fb1db708d67b39624b02ffdd9dbe8e81d1bfa4de033bc6613e9a24625a51487a6dbd44bef29ba52cd3dfd0230393e9b9c27b295b85e3dc0724e732009a7a2ba099900b771e18f2f0626b66ced0443add674da8f62d272d209c3befa18f4bb2956b35f9eb21b702043b4dc641b289e1722229830aa28c9230951f102300c56698277b2e2fce2860de31cece4992ac43c12f3251e60ca6bc235dc5ffc3de6483601c6208d3ea4d5f2e6159e4050421356002037091722c804c7876508bfbf92e2e628c4a12b5284f62f1e91d1178f544597571b5ab9e4d726c26be14bb1c98005bd7bd6752b1d8b8a5148a12440cbd579d6412e29e7b0c9c0aa54c0626436739a2c36146162abb23b1c1e0681d16756131fd347b4975e1b2ffb55fbc6d01b9dd85c3a144108a8c49a3e279e4d5151d4a51c892d135cd588f568fb4db8415283cbabf3663c0dc4069a2bd52f62d46a6eec771306b984dac740872a267fc738e6c01c386639ceae079c51f38309cb260e637ea89601165856202babcfc0861c071840f4259afe8a079d177d4bca7e6eacc5b0527b6a4136af184075a9b4c086d1a2e83424492879a7a98f5d7259754643f4251d9461814c92a74a9fbedf7be98a16324d9628a03995554151e3554dc58a7d79649146f923318d37d475a98e0023600a97a7636b2312422a7b258150c99f27be64a70f77c7f15cec89e31ee302853ecb50ff7a9e796512648aac58fd64a76b6fd93f3d024e4272131fc649e19c1d4ab7225dc761556851b443cc0ea5a6c43369315c4aa172de7f21dfeac82a4610fa3ec0fc94e39b748c0d50c3235b09c401d433086ad1ed87d6707c65309b8e28fe9d528393203870ecf0b627005aaf2003dc1786476d8b141a85f339a8afe0adb53f52f4852ad0ab245d28adfffac5b7a340f289def83b4b79eb8b9d55722129b55eb109ec4bd066b53ef6e197b80334a716c3c3861b9a4bb16c4d578b4e306f9aa884bc477df26cd55c2604da081a00ac38ca7e4051695d9fa733541461a42f0df52c468e29803115aa24b80ed3523d35532fb5082dd7e6471f8a7763689800a1eddef2e6b44dbad7728ac93461f659855f0359169c677d2d9ac9926c188f478d94337b6a8f86457190a5f0ddd936e1b5a2d27c17ac387c2bbc958f7dd826ab82ae3fa687682dfc2fc8c2032a9400bfe63b6ce9e444ad5c1fe1cdb22859cfa3f038e8946b158328a3f576fd3798f1a247d1e4071bf23c676c41eb7df81cf8887d3ef0588eef3125534124408afa8385ca3e6d65505bb3c6131fabe1ef527d906397a62e96a2fed5764f1bed72c0e00da0c8656a8ec71310ede06575a9cf9ec451df7cfc913422369ca4ef5722b15c94ed433e85d2a0d31297802be78bf60f3340a15e657ccb5907741cf3fdd3820e6ae05f709687c5d898718a53d87995a4f5256a7778dd81d58076a491e4eda9ac8c25be823f733246f40476306a451dec0c8cd3f52cf95031bcbf7f7d1ee031a30dc1f1267a758ec1147d46064f7fdefd96ec4c4a36e83abe7ba7a7e216df47784d69e6554e1e4f598ae8b9abe1e62d193e8b373ae6885da9bfc0a98d26b08c003a12ca772597ba58f63cc3bcc0dfd3b53c596a2fac68715b8d1bb00dfa239ee02bf1ae9a3bf901cdb147332ced6bd10b7ec38b3b0149eccf40d364e2cf3df8167f6596a011ff832ad546f2b44b8900e8deabf34cf98bc638ff00a40865d059f0a2a06866c4691c493dbc90dd9806025f11d44037c4b0a24bf770c02e2be150adb373332a3c5db816d2f200ba486ff4abc3c892695de2572b8ed6686ceb907dca4c0be82dfd9477cd87ecc3fc1d321e194635aa7bcabd659f1b512a7b0a725f1d99455751367e63add064f2d391808461b002ed38b5a4f5c0d6bea1fe1523d21b33ea1b025264bf20059a321e467f7847193b48d83c036b0930fc7383df43dc879f9e8f905183efdbd6598a3cfa3e40d38ecf4645e2b51d00ca86e1b49a9a16b56adf2be74658a0ed874ab03f8bd2494a62da315522a326fdfd79093657816b90f1b92f751f46f748ee21a0160b290c9c07b74e2a0c2783accecabdf0ece37aa230b090fa67ebc72ea541ec220181c9e16de091c0f5b39b429d7fe0d168938a88294f41a6871f64685e171ca21d7d5fe0104b1a62c1df5c8d8d210dee2c0850024c8c2efcf725f568186e3bdd15bb2f411b2b88e5bf32b6ae6a2bdc1b1fce8eb2078974304d6a9077369c7c12060181935e3aa4bcce01d76a22ed57f0a7148eee41107383c07a7c8d3261127a77abc8c7419d6294dfd4394096aa2c160cf02b056dd8be884b6e49600ea72cddc8fd30e9137393bb8aa1b4ac9b55d7a91d2ce14d9480f6c1ba7076317d108d31337897aca1b72962cf81161c952e2dc71fd24a97b449307f7371fdb0e5b625eb1c849baa1c29f416fd7df0b60998aec6c7972947aed12f74c2c67f79e891867ed0bf99b7fb9bdf3c62d8465549554ee7459f62f4d31b7bccbaf6814c89d0abcd3c399e084bb48b43f073efa43cc2faebdf1694df46a6eb2b61450a31d480d659772cf12ead3fd92787be5df569bd77a1ad6eabd2e184924c4fdb7bf36afa097521222da08647c038e1f0b588e8f7caa7f456af34079264e1198618aa5d23a7a05f9bc052b7d379d16518a50b649acefd0bf47514d22aca5f2857a1c02d5aa649482a09713a17538845b10d65b13823374f281bc92f6ac5c93aed4f85108d29692aa28d925082b8ab65af304df01f0ea2540594ca97bdb97cc68fa11bb6c74d7346981a64d2fc216c83de7b2dad583a052ef90b3b48abb94599ec58c71093d5a905076bb817f5161129dfc64900ca452018e67404962782269403c6cd9ffa95dab98feac5cf04719d6fe1f37fc69306034fa8ca90c17b29aa8ae7bcdec5dcd90514ebb29c9694d1f753e5f1d8fc9270c23df2cf22df3d3941134fec033656df7823775018b372458700ea1e19734acb7208acaa57f0c8ee4858455913a00499e8255337c08021f426c17614a5cc6b11d4a8b09e0cdfe6d071f65b80bd7aa077e4b83a3591405a0f8992df050bec0975c517d7dc11fbae47a1f2d52944012e4b2939d1bb7903d32693cb11577273687ed07db891cfa2c4057925e13c62af0299864d1cccd567f9519950ffcf38c5e3dd5964729d873c90856ddacc3f89d5da3602025ee31faedc6743e74e98f31de73df2d5e75500380db6d181a011445a8dfb7999af9316bbbf8951a7aa1f5cfccdc2b4ad04279f0eff84e40f6c92d936eb7f2387eb53e6b9b69126287a9ec57774a3a09d3e33616ec60893bed25fd96982104181d6a9cabdbe7a9c1a59a43658853d2518856b23342e3eff7d8237a8e91e1808aba6b4f50b7b0bdebc47e995d69aef78feba327e666b4d566bcba7e925a2c488019adf4c4bb80d582f5450ea7bf1412553630d1716d2a75f650dd26f06f67e97e745776358bce72991a75e113bccd63f80e806c20c68b4401ae3bbb5951b08de6c3e0b49a31b956b91caeda0fd7d00a47bc2309f00325879f0f2c0fd936c2c26836ee4d89f8f19ca1ee832f0c2f812862b1d28128973a5a13136d4a981465167946279a582f1b81b80b2ee016369304f7f2d7a2ad3753c4fe149c6d6234941094cc768f99c306b07c38a9a3f3270f0ad1c93269b9272fb2b138041af594c1da9a708f64a5685d73273841c5fa4afa32927f6db3ff23fe40e9fe0274431ed60f7b5024b3b28a5ccaee17001fd3bf02168b076367671352695c67826af72b09f0464b156c9123863a03b5da3a37b9664017ad0bcbe8a85fa20a71c5787405a69659da37cc0895b59a749842745bad1688743929c672b47043f6eeabbfe15d4b5fb93b8a886e4008e75b62f898720a6efb18e0b4aea2f748d8cc6118867407562b9dfb05470fa10bbea58f6fdad06093144fd607fdf86e6300ba0482c341f0d224b57e7972be6b00770b389a847110017ce2025321c69886adefdbc159d04fdef7d6b4c03e123240e8c4fb1818cba01a2a57bea4ea58a219d46d4021370196873f30cffb3d477fab6e279ac745e96973ff291fd092f570c5659d385c876ed9f283cd9ba0d96ff7b918cb9bf3d2411f4a20dfcdca2593aac89db1b734a38e8ba13a953035df02c025c4e10643e9d2316503d429712c4901bcc21739b370d268cd7e6d8249b797c0421147a4c53af0d7e8082eb08c7b0eec85bd629812c1064d2d9132df888a7e23725c18758809298054db4b6c6360ff23257fa415e18af2ae42ff14b6d5796a33cccbde017fb0458829bb51cecc76a43a16f21f82b6504a385a0198975c3d89c6d10c2b3ff596801f54ca3335ea9a3949af121546f3e3e621ade840d2b6fd537fff3fba9ea5d121b04a26a409ceb04137c9eff7e10ae15f8e72826135fc2ed34a3ebbc2e06f3d6682bee9e1135123c481d9ce7194d55f6a5e8fed4550aa38b211028d60bc1862ce01eefa76a53e5e00c3bcb73d57f96616d53fdefd465d53e89a5b44d66b6b27ca8d9682f3d799fef62282e6fcf511398e941bff84539e26849674d40a690fbdbbccab5ffddb4648db96112c0f5a290859d6d7535853644ef55bb763c472b7e6800863b8a89646ef9dd09cdeb3aad07f242380ab2650c8f494756d39257e40293468fe6aac1072be11b9d5d74d9379f3c5ec2e8385898ac51c69c48b9a51f711fd60b0ce4ab26dcef1fa1ad7ead6efd6f3db6f1e05bdbe48ea42310a850ddf75ee452cb6c8f58169e49c58bba0d32529e877dbd811b950de614cf67f7f57cbdb51e2a2b2686933f49d465af8c055b3a13e38b764685a861f8ed4f8e5070c29467f6bdb61ffa87260c148bef2693215f8b29cf9b5bf36e3508051ac81b24570b506210f879d9230a605f27eb88507a26cce51ccc752ff04e17ea190ba71b43b0aa2f293450f54f6839759fc121c56f07e87be5078fbaea4b64094bedcb7f32c6a2793f7a7111278f7e9cdf9792b09163662314308e8de7549bfc3957dd50794a2b0893754c4977d120641478472d8ef1281f1e76bfce5c81a8e53cb1d8c12de7adbade45d34120499b192172723ad230d6f2b01f3adc34cebf27446234d72d0196758a6aa7a692ead7c1fb1d5106698d2143144316d9e6eebadb16826bd20936ab212332da6ee3ff508784f160235a81603abf43b59b4a6bdbb7e428628b5ec33b08302ea9a42f4cf593de70e2bfae00f781d442c44b695c5e0c08879811f1337b90cb3adbf7df724985a419472bd26c03378b370cd99c113f044be41a8f43508ff8d3badeaa422d9634860024f4713956922efd895b98da894a9e76cce34c9be7066a8d71e29fcb579fd5bec34b169334f5762e4fd6e7651923502cfd48620e0c408c446d072dd6b7c32aa9262f6311346dc88bbb862ce01a87b2551ed72869adf3d51d537332ea3b0af8fda77a51b2851a2f13ca0985109e57905eba9db93a315d2d3aa99f4b2dabc8f4309ce2de2043cf7f3dcfb436db322d948e743608fcd3b12abe041e05c70a57388b5ca37245946d095b8b731b34c6edd03e9680957a576c47a3efdb773a8b7c6463d5d189ce01f2fa108a8589bef118a387c1c0b70de5494c40d21c6107a62397c295ca638fbbf94e4d557105c58719ed9c0ec4e8878b2d62b1bda018e5e6a5b3d8e975c957341b6e1a40860b3a1ae6c3d771e789d93014494df81182a5ef1539c409ee42d7c4b6a2c581e018a8d17168f0e21a5666f644eeef0873e147c5410fd97c786f2ff3280d01745d5644c1d0ced1c569df0d405da119810aee6556ba48d41a8ede11e593fa64d83ebe96f386f8c47dd940f42bc495a125f19903ac7dee220e4c01205d458dbcc890f3e629e420d180152c0a29d645cc874785564047a6dbbc0327311cf127e98c61a0adad4709114c898b1f0073b2dc9cabbcb74ee860427969b06c6d078b828023a93761cfdf993a02d21f438c5ca2b61c6f607fed36f58d2a4dd950fa8d631ab80b1be2bda503959e010eb1de2c28bc3870", 0x2000, &(0x7f0000008b00)={&(0x7f00000033c0)={0x50, 0x0, 0x9, {0x7, 0x2b, 0x0, 0x10400000, 0x83, 0x3dd, 0xd1, 0xa7, 0x0, 0x0, 0x2}}, &(0x7f0000000300)={0x18, 0x0, 0x7, {0xdddb}}, &(0x7f0000003440)={0x18, 0x0, 0xffffffffffffffff, {0xb}}, &(0x7f0000003480)={0x18, 0x0, 0x0, {0x3}}, &(0x7f00000034c0)={0x18, 0x0, 0x3, {0x9}}, &(0x7f0000003500)={0x28, 0x0, 0xa, {{0x7, 0x14, 0x0, r1}}}, &(0x7f0000003540)={0x60, 0x0, 0x0, {{0x9, 0x9, 0x1, 0x1, 0x2, 0x3, 0x4, 0x9}}}, &(0x7f00000035c0)={0x18, 0x0, 0xab01, {0x9}}, &(0x7f0000003600)={0x14, 0x0, 0x0, {'^*)\x00'}}, &(0x7f0000003640)={0x20, 0x0, 0xe7, {0x0, 0x11}}, &(0x7f00000037c0)={0x78, 0x0, 0xffffffffffffe19c, {0x81, 0x9, 0x0, {0x0, 0x8728, 0x6, 0x2, 0xeff, 0xa99, 0x4, 0xffffffff, 0x8, 0x6000, 0x9, 0x0, 0x0, 0xa, 0x43}}}, &(0x7f0000003940)={0x90, 0x0, 0x3ff, {0x3, 0x2, 0x0, 0xffff, 0x8, 0x1, {0x4, 0x5, 0x4, 0x8, 0x1, 0x3, 0x7, 0x3, 0xf638, 0x4000, 0x9e, 0x0, 0x0, 0x9, 0x80000000}}}, &(0x7f0000003a00)=ANY=[@ANYBLOB="10010000f5ffffff070000000000000005000000000000000000000000000000040000000c00000069666500000000000400000000000000060000000000000005000000480a0000265c212c3a00000005e8ffffff0000000400000000000000010000000300000000000000000000000100000000000000a10000000000000002000000070000007b21000000000000030000000000000004000000000000000400000002000000696665000000000005000000000000000500000000000000030000000400000073797a000000000000000000000000000600006665000000000005000000000000002000000000000000050000003400000021235e275b00"/272], &(0x7f0000008280)={0x5b0, 0x0, 0xe2, [{{0x6, 0x2, 0x101, 0xa5, 0xf65, 0x10001, {0x1, 0x5, 0x2, 0x3, 0xf, 0x57300730, 0x4, 0x2, 0x6, 0x8000, 0x8, 0x0, 0x0, 0xab, 0xff}}, {0x3, 0x3, 0x1, 0x4, '@'}}, {{0x1, 0x0, 0x7, 0x1, 0xf7a5, 0x101, {0x4, 0x0, 0x9, 0x40, 0x4, 0x3a, 0x2, 0x1, 0x800, 0xa000, 0x7ff, 0x0, 0x0, 0x394, 0x4}}, {0x1, 0x1, 0x0, 0x7}}, {{0x3, 0x1, 0x6, 0x2cf, 0x9, 0x0, {0x8000000000000000, 0x86, 0x1, 0xffffffffffffffff, 0xff, 0x0, 0x400, 0x7, 0x5, 0x2000, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0xd}}, {0x6, 0x5, 0x4, 0x0, '-{:\\'}}, {{0x3, 0x2, 0xbf, 0x7fffffffffffffff, 0x800, 0xff, {0x6, 0x6, 0x7, 0x3, 0x4, 0x100000001, 0xef, 0xe000, 0x0, 0x4000, 0x1, 0x0, 0x0, 0x3, 0x3b7b}}, {0x4, 0x4, 0x7, 0x4, 'broute\x00'}}, {{0x5, 0x3, 0x6, 0x1a2d13cd, 0x9, 0x10, {0x2, 0x2, 0x7, 0x6000000000000000, 0x8, 0x10, 0x9, 0x8a8a6813, 0x0, 0x8000, 0x9, 0x0, 0x0, 0x10000, 0x6}}, {0x4, 0xd00000, 0x8, 0x7, 'big_key\x00'}}, {{0x0, 0x1, 0x0, 0x2, 0x47e1, 0x0, {0x2, 0xe, 0x4000, 0x8041, 0x3a6, 0xffff, 0x5, 0x81, 0x7, 0xc000, 0x1, 0x0, 0x0, 0x4, 0x5}}, {0x3, 0x4, 0x3, 0x4, ':++'}}, {{0x6, 0x3, 0xb9, 0x6, 0x0, 0xfffffff8, {0x3, 0x6, 0x9, 0x5, 0x5e, 0x4, 0xe, 0x401, 0x7, 0x8000, 0x3, 0x0, 0x0, 0x83a, 0x1}}, {0x1, 0x79, 0x7, 0x2, 'broute\x00'}}, {{0x2, 0x1, 0x0, 0x100000001, 0x4, 0xe5e, {0x0, 0xa, 0x1, 0x8, 0x9, 0x7fff, 0xa0000000, 0x0, 0xfffffff5, 0x2000, 0x1, 0x0, 0xffffffffffffffff, 0x9, 0x7}}, {0x1, 0xc, 0xa, 0x6, '()$(-%-$.('}}, {{0x1, 0x3, 0x8, 0x750d, 0x3, 0x8, {0x0, 0x2, 0x4, 0x7f, 0xfffffffffffffff7, 0x1, 0x1, 0x200, 0xc2d, 0x6000, 0x300, 0x0, 0x0, 0x8, 0x7fffffff}}, {0x6, 0x9, 0x4, 0x2, 'ife\x00'}}]}, &(0x7f0000008880)={0xa0, 0xfffffffffffffffe, 0x3, {{0x5, 0x3, 0x7fff, 0x0, 0x8, 0x8001, {0x1, 0x4, 0x3, 0xf8, 0x1, 0x854, 0x5, 0xc0, 0x3ff, 0x8000, 0xfffffff8, 0x0, r2, 0x6, 0x200}}, {0x0, 0x3}}}, &(0x7f0000008940)={0x20, 0x0, 0xa9, {0xff, 0x8, 0x306, 0x7}}, &(0x7f00000089c0)={0x130, 0x0, 0x10, {0x3ff, 0xfffffffc, 0x0, '\x00', {0x4000, 0x1ff, 0x58b, 0x8, r3, 0xee01, 0xc000, '\x00', 0x7c4, 0x6815, 0xfff, 0x6, {0x44, 0x4}, {0xffff}, {0x1, 0x4}, {0x80000000, 0x7ff}, 0x9, 0xfffff800, 0x7f, 0xffffffd9}}}})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setrlimit(0xc, 0x0)
r6 = add_key(&(0x7f0000003680)='logon\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r6, &(0x7f00000003c0)=""/4096, 0x1000)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
connect$nfc_llcp(r0, &(0x7f0000000080)={0x27, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x7, "fe2757821f7cd1ee61c1d49b04d93d5db79f8efadbd7ff5ed511dc6ae6b9100adbc6d6e2b04f94f3751fcfc3090d9672f994873b7633ffd7c32827b0a74950", 0x19}, 0x58)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = syz_io_uring_setup(0xe43, 0x0, &(0x7f0000000340), &(0x7f0000000280))
r9 = eventfd2(0x5, 0x1)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r8, 0x7, &(0x7f0000000000)=r9, 0x1)
r10 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r10, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x1000000, 0x0, 0x0, 0x0, 0xfffff9, 0x800005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000080"]}, 0xe0)
r11 = dup(r7)
syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x3, 0x169, 0x0, r11}, &(0x7f0000000180), &(0x7f00000001c0))

2.140222366s ago: executing program 5 (id=1435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2], 0x24}}, 0x0)

1.924464205s ago: executing program 5 (id=1436):
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000980)={0x0, 0x0, 0x10100}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)
r3 = signalfd(r0, &(0x7f0000000040)={[0x2, 0x5]}, 0x8)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x24, 0x1402, 0x1, 0x70bd29, 0x25dfdc02, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x4008850)
ioctl$CDROMREADMODE1(r3, 0x530d, &(0x7f0000000a00)={0x8, 0x7, 0x2, 0x7f, 0x5, 0x9c})

1.922955725s ago: executing program 5 (id=1437):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x6e)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
io_setup(0x42, &(0x7f0000000100)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r2, &(0x7f0000000000)='e', 0x3f}])
sendmmsg$alg(r2, &(0x7f0000005e00)=[{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001640)="f5", 0x1}], 0x1, &(0x7f0000002940)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x10}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r7, 0x101, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r8 = socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota')
migrate_pages(r4, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e0407a)
r9 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r9, 0xc2c45512, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc)

1.532730049s ago: executing program 3 (id=1438):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @value=r0}, 0x28)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x44840)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xcb, &(0x7f0000000040), 0xc)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000001500)=ANY=[@ANYBLOB='0\x00\x00', @ANYRES16=r3, @ANYBLOB="010007bd7000fddbd72555000000080001006400000008000300", @ANYRES32=r5], 0x30}, 0x1, 0x0, 0x0, 0x40000a0}, 0x810)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x30, r6, 0x1, 0x50bd28, 0x25dfdbf8, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x4, 0x4a}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x20044040}, 0x24008004)
mknod$loop(0x0, 0x2000, 0x1)
syz_usb_connect(0x2, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100003f3fdc20221802324a130102030109021b0001000010000904"], 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
connect$pppoe(0xffffffffffffffff, &(0x7f00000002c0)={0x18, 0x0, {0x2, @random="853b1de5abb1", 'ip6gre0\x00'}}, 0x1e)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000000306010800000000000000000600000705000100070000000500010007000000050001000700000005000100070000000900020073797a3000000000050001000700000005000100070000000900020073797a30000000000900020073797a30000000000900020073797a31"], 0x74}, 0x1, 0x0, 0x0, 0x80c1}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @sched_cls=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r9, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffbf)

1.321739412s ago: executing program 2 (id=1439):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat$ptmx(0xffffff9c, &(0x7f0000000000), 0x48000, 0x0)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
setsockopt(r2, 0x3ff, 0x1, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000009, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.245441098s ago: executing program 2 (id=1440):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x3, 0x30}, &(0x7f0000000300)=0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @private2}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1})
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x4)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001400add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a04000800ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000400)=@gcm_256={{0x304}, "010f00a345ebf100", "07fb3ae1c630747eb92abad8dde3479e81dbe95a7ed06ab096c9eb09ccdb065c", '\x00', "7daeaaa1267276fa"}, 0x38)
syz_open_dev$media(&(0x7f0000000980), 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
socket(0x1e, 0x4, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
signalfd4(r5, &(0x7f0000000240)={[0xe, 0xfffffffb]}, 0x8, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000100), 0xa, 0x141321)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000080)={{0x3, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r6, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)={{0x3, 0x7}})

1.067332346s ago: executing program 2 (id=1441):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40800}, 0x4044000)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x5e23, @remote}}, 0x24)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000180))
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
getrusage(0x0, 0x0)
r3 = dup(r2)
r4 = openat$ttyS3(0xffffff9c, &(0x7f00000004c0), 0x440000, 0x0)
ioctl$TIOCL_GETSHIFTSTATE(r4, 0x541c, &(0x7f00000003c0)={0x6, 0x7})
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r6 = socket(0x1, 0x1, 0x0)
ioctl$sock_ifreq(r6, 0x89f2, &(0x7f0000000040)={'bond0\x00', @ifru_settings={0x6, 0x8, @sync=0x0}})
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
syz_io_uring_setup(0x7bc6, &(0x7f0000000280)={0x0, 0x1c2a, 0x20, 0x0, 0xfffffffc, 0x0, r3}, &(0x7f0000000100), &(0x7f00000001c0))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r3, 0x5101)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r7 = socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000080)={'veth0_vlan\x00', 0x200})
ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000005c0)={@null, 0x8005, 'lo\x00'})

995.436199ms ago: executing program 2 (id=1442):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b904021d080202000000fcfe02a1180015000600142603600e1208000f0000810401a80016040a00014003000000036010fab94dcf5c0460c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791823a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=@newsa={0x144, 0x10, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@private0, 0x0, 0x6c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_SET_MARK={0x8}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x430}]}, 0x144}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f0000000180)=0x7a, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(r4, &(0x7f0000000300)="0906c422e0243219ff7b440e76a1b51b82ba23599f81b52c9d4db4486cec105e4b9f0f859f8a43eef6352f1e46e3145089b6a22f618ca14e288029b613a329c422481c6b7aff6806bce699cea461ecf591d9018b2a1d84e389a8d3127fd35913fe69754435c2", 0xffffffffffffffbb, 0x40040011, 0x0, 0x0)

916.298861ms ago: executing program 5 (id=1443):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x1000000, 0x0, 0x0, 0x0, 0xfffff9, 0x800005c0], 0xff00, 0x0, &(0x7f00000005c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0xe0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x16)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r2)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r3, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x3}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2844}, 0x4048041)
r5 = socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa008100000086dd60f53a0400483a00fe800000000002000000000000000000000000000102009078000005006050835900000000fc010000000000000000000000000000ff0000000000000000000000000000003a01000000000000070800000000000080ff000000000000"], 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x3fe3aa0262d8c583, 0x1, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xef, 0x9, 0x0, 0x7fff, 0x2, 0x9, 0x9}}, {0x4}}]}]}, 0x58}}, 0x2000400c)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='ramfs\x00', 0x10, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, 0x0, 0x32600)
syz_emit_ethernet(0x2a, &(0x7f0000000140)={@local, @random="ce3500590a7f", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e23, 0x0, 0x8}}}}}, 0x0)
r8 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), r2)
sendmsg$WG_CMD_GET_DEVICE(r2, &(0x7f0000000500)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0xa004188}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x100, r8, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_PEERS={0x8c, 0x8, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x80}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x7, @dev={0xfe, 0x80, '\x00', 0x1a}, 0xffffffe2}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @remote}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "6ff82aeedddb9f99ef154e8b8cf3ba27cbf7c0affd6f78962c6f6e8367acae89"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}]}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x10001}]}, 0x100}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_emit_ethernet(0x32, &(0x7f0000001940)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x2, 0x0, 0x24, 0x0, 0xe000, 0x8b, 0x11, 0x0, @empty, @empty}, {0x24, 0x4e22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0xf}}}}}}}, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000040)={@multicast1, @rand_addr, <r9=>0x0}, &(0x7f0000000080)=0xc)
setsockopt$inet_mreqn(r5, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @loopback, r9}, 0xc)
recvmsg$can_j1939(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x2000)

887.855238ms ago: executing program 4 (id=1444):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
getsockopt$ax25_int(r4, 0x101, 0xa000000, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r5 = socket$igmp(0x2, 0x3, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota')
migrate_pages(r1, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e0407a)
r6 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc2c45512, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
mremap(&(0x7f0000fa4000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fa2000/0x1000)=nil)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89ff, &(0x7f0000000340)={'sit0\x00', @random="fbf29034b12d"})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000180)=0x4)

871.577423ms ago: executing program 5 (id=1445):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002380)="1b0000001a007f029e741683c28f7b331d00"/27, 0x1b}], 0x1}, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040), &(0x7f0000000080)=0x8)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000380)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25}, @val={@void}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x64, 0x0, 0x0, 0x29, 0x0, @empty=0xe0, @multicast1}, {0x0, 0x10, 0xc, 0x0, @gue={{0x1, 0x0, 0x3, 0xd, 0x100, @void}}}}}}}, 0x0)
r2 = fsmount(r1, 0x0, 0x82)
openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
write$binfmt_script(r2, &(0x7f0000000000)={'#! ', './file0', [{}, {}, {0x20, '[]\'!)\xb9'}, {0x20, '{\xe0*),/\b(n\xa1'}, {0x20, '-@-'}, {}], 0xa, "f7"}, 0x25)

716.370967ms ago: executing program 5 (id=1446):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = getpid()
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x200)
process_vm_readv(r0, &(0x7f0000000280)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000000140)=""/168, 0xa8}, {&(0x7f0000000040)=""/77, 0x4d}, {&(0x7f0000000200)=""/99, 0x63}], 0x4, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r2, r1, 0x2e, 0x4608, @void}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000500)={@cgroup=r1, 0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000340)={0x60, 0x2, &(0x7f00009cc000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x2, &(0x7f0000000400)=[{0x2, 0x6, 0x100}, {0x4, 0x6, 0x5}, {0x7fffffff, 0x8001, 0x6}, {0x7fffffffffffffff, 0x75, 0x1800000000}, {0x0, 0x8, 0x1000000}, {0xf61f, 0x8001, 0x6}, {0xffffffffffffffff, 0xc}, {0xffffffffffffffff, 0xc5, 0x8001}, {0x200, 0x8, 0x7}], 0x9, 0x3, 0x0, 0x4, 0x68, 0x14})
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
r3 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r4, &(0x7f0000001300)='7', 0x1)
syz_usb_disconnect(r3)

88.566392ms ago: executing program 2 (id=1447):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18) (async, rerun: 32)
syz_usbip_server_init(0x4) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1852b786e935dfec204b64fff3850000007d00b5252a1b00002a"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)=ANY=[@ANYRES8=r1], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xfffe, 0x0, @loopback}, 0x1c)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x2}, 0x6) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000200000095"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10) (async)
write(r3, &(0x7f0000000040)="09000000010001", 0x7)
r5 = syz_io_uring_setup(0x710f, &(0x7f0000000480)={0x0, 0x6fbe, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000640)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10) (async, rerun: 64)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async, rerun: 64)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r5, 0x22d2, 0x20, 0x0, 0x0, 0x0) (async)
r8 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r8, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x2, 0xfffffffd, 0x2}) (async)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9) (async)
r10 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r10, &(0x7f00000000c0)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f00000006c0)=""/83, 0x53, 0x0, 0x0, 0x0, 0x3, 0x10000000}}, 0x120) (async)
writev(r10, &(0x7f0000000780)=[{&(0x7f00000003c0)="0e000000", 0x4}, {&(0x7f00000006c0), 0x1000000}], 0x2) (async, rerun: 64)
ptrace$peeksig(0x4209, r9, &(0x7f0000000140)={0x0, 0x1000000}, 0x0) (rerun: 64)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)

0s ago: executing program 4 (id=1448):
ioperm(0x284, 0x7f, 0xe3)
socket$netlink(0x10, 0x3, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x7aad, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r6 = add_key$keyring(&(0x7f0000002900), &(0x7f0000002940)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f00000028c0)='asymmetric\x00', &(0x7f0000002980)=@keyring={'key_or_keyring:', r6})
keyctl$get_persistent(0x16, 0x0, r5)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r7, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
readv(r7, &(0x7f0000000100)=[{&(0x7f0000001180)=""/4085, 0xff5}], 0x1) (fail_nth: 1)

kernel console output (not intermixed with test programs):

  446.175507][T11131] netlink: 'syz.4.882': attribute type 10 has an invalid length.
[  446.212980][T11131] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  446.239313][T11131] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  446.241636][T11131] overlayfs: failed to set xattr on upper
[  446.244538][T11131] overlayfs: ...falling back to redirect_dir=nofollow.
[  446.246705][T11131] overlayfs: ...falling back to index=off.
[  446.248542][T11131] overlayfs: ...falling back to uuid=null.
[  446.262114][T11131] nfs4: Unknown parameter '��Z'š��"'
[  446.476356][T11142] netlink: 'syz.4.885': attribute type 1 has an invalid length.
[  446.491417][T11142] 8021q: adding VLAN 0 to HW filter on device bond1
[  446.532439][T11142] lo speed is unknown, defaulting to 1000
[  446.736524][ T6027] libceph: connect (1)[c::]:6789 error -101
[  446.738516][ T6027] libceph: mon0 (1)[c::]:6789 connect error
[  447.021607][T11159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.888'.
[  447.037434][ T6027] libceph: connect (1)[c::]:6789 error -101
[  447.039417][ T6027] libceph: mon0 (1)[c::]:6789 connect error
[  447.249259][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806a83e800: rx timeout, send abort
[  447.379092][T11171] mkiss: ax0: crc mode is auto.
[  447.481300][T11152] ceph: No mds server is up or the cluster is laggy
[  447.578617][T11177] syzkaller1: tun_chr_ioctl cmd 1074025672
[  447.581101][T11177] syzkaller1: ignored: set checksum disabled
[  447.752181][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806a83e800: abort rx timeout. Force session deactivation
[  448.154455][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  448.409452][T11186] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.898'.
[  448.451541][T11189] netlink: 240 bytes leftover after parsing attributes in process `syz.0.899'.
[  448.453478][T11181] netlink: 'syz.3.896': attribute type 4 has an invalid length.
[  448.564487][T11195] netlink: 8 bytes leftover after parsing attributes in process `syz.4.895'.
[  448.568000][T11195] netlink: 'syz.4.895': attribute type 5 has an invalid length.
[  448.570401][T11195] netlink: 20 bytes leftover after parsing attributes in process `syz.4.895'.
[  448.585241][T11195] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  448.587954][T11195] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  448.590611][T11195] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  448.593284][T11195] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  448.596363][T11195] geneve2: entered promiscuous mode
[  448.598084][T11195] geneve2: entered allmulticast mode
[  448.650629][T11200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.902'.
[  448.654392][T11200] openvswitch: netlink: Multiple metadata blocks provided
[  449.171847][T11221] kvm: Disabled LAPIC found during irq injection
[  449.197235][T11221] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  449.241247][T11223] netlink: 'syz.4.905': attribute type 1 has an invalid length.
[  449.270631][T11223] 8021q: adding VLAN 0 to HW filter on device bond3
[  449.275245][T11223] bond2: (slave bond3): making interface the new active one
[  449.277774][T11223] bond2: (slave bond3): Enslaving as an active interface with an up link
[  449.321668][T11223] bond2: (slave gretap1): Enslaving as a backup interface with an up link
[  449.692071][T11204] ceph: No mds server is up or the cluster is laggy
[  449.806920][   T40] audit: type=1800 audit(1750857594.295:249): pid=11256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.911" name="file0" dev="9p" ino=35913922 res=0 errno=0
[  449.886356][T11265] netlink: 132 bytes leftover after parsing attributes in process `syz.3.913'.
[  449.998378][T11273] FAULT_INJECTION: forcing a failure.
[  449.998378][T11273] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  450.002603][T11273] CPU: 1 UID: 0 PID: 11273 Comm: syz.0.914 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  450.002618][T11273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.002625][T11273] Call Trace:
[  450.002629][T11273]  <TASK>
[  450.002634][T11273]  dump_stack_lvl+0x16c/0x1f0
[  450.002672][T11273]  should_fail_ex+0x512/0x640
[  450.002694][T11273]  _copy_to_user+0x32/0xd0
[  450.002712][T11273]  simple_read_from_buffer+0xcb/0x170
[  450.002729][T11273]  proc_fail_nth_read+0x197/0x270
[  450.002743][T11273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  450.002757][T11273]  ? rw_verify_area+0xcf/0x680
[  450.002771][T11273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  450.002784][T11273]  vfs_read+0x1e4/0xc60
[  450.002799][T11273]  ? fdget_pos+0x2a2/0x370
[  450.002817][T11273]  ? __pfx_vfs_read+0x10/0x10
[  450.002831][T11273]  ? find_held_lock+0x2b/0x80
[  450.002846][T11273]  ? __fget_files+0x20e/0x3c0
[  450.002865][T11273]  ksys_read+0x12a/0x250
[  450.002880][T11273]  ? __pfx_ksys_read+0x10/0x10
[  450.002896][T11273]  ? rcu_is_watching+0x12/0xc0
[  450.002910][T11273]  __do_fast_syscall_32+0x7c/0x3a0
[  450.002928][T11273]  do_fast_syscall_32+0x32/0x80
[  450.002946][T11273]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  450.002959][T11273] RIP: 0023:0xf70ee579
[  450.002969][T11273] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  450.002980][T11273] RSP: 002b:00000000f50de590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  450.002991][T11273] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50de620
[  450.002997][T11273] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000
[  450.003003][T11273] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  450.003009][T11273] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  450.003019][T11273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  450.003032][T11273]  </TASK>
[  450.144554][T11280] netlink: 44 bytes leftover after parsing attributes in process `syz.3.918'.
[  450.773375][   T61] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  450.828258][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880518f4800: rx timeout, send abort
[  450.980936][   T61] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  450.985904][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  450.989885][   T61] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.993421][   T61] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  450.998609][   T61] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  451.001811][   T61] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  451.005130][   T61] usb 8-1: Manufacturer: syz
[  451.008066][   T61] usb 8-1: config 0 descriptor??
[  451.308941][T11305] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  451.311920][T11305] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  451.314883][T11305] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  451.330882][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880518f4800: abort rx timeout. Force session deactivation
[  451.435138][   T61] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  451.438093][   T61] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[  451.439228][T11304] overlayfs: conflicting lowerdir path
[  451.446470][   T61] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  451.525076][T11321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.930'.
[  451.921483][T11327] loop6: detected capacity change from 0 to 524287999
[  452.733669][   T61] usb 7-1: new full-speed USB device number 21 using dummy_hcd
[  452.829839][T11347] FAULT_INJECTION: forcing a failure.
[  452.829839][T11347] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  452.834391][T11347] CPU: 3 UID: 0 PID: 11347 Comm: syz.4.937 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  452.834407][T11347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  452.834414][T11347] Call Trace:
[  452.834419][T11347]  <TASK>
[  452.834423][T11347]  dump_stack_lvl+0x16c/0x1f0
[  452.834444][T11347]  should_fail_ex+0x512/0x640
[  452.834462][T11347]  should_fail_alloc_page+0xe7/0x130
[  452.834475][T11347]  prepare_alloc_pages+0x3c2/0x610
[  452.834491][T11347]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  452.834509][T11347]  ? __pfx_stack_trace_save+0x10/0x10
[  452.834522][T11347]  ? stack_depot_save_flags+0x28/0xa40
[  452.834539][T11347]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  452.834557][T11347]  ? kasan_save_stack+0x42/0x60
[  452.834572][T11347]  ? kasan_save_stack+0x33/0x60
[  452.834588][T11347]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  452.834604][T11347]  ? __pmd_alloc+0xbf/0x930
[  452.834615][T11347]  ? handle_mm_fault+0x589/0xd10
[  452.834629][T11347]  ? exc_page_fault+0x5c/0xb0
[  452.834643][T11347]  ? asm_exc_page_fault+0x26/0x30
[  452.834654][T11347]  ? _copy_from_user+0x93/0xd0
[  452.834670][T11347]  ? tty_ioctl+0xca0/0x1640
[  452.834685][T11347]  ? tty_compat_ioctl+0x24a/0x4d0
[  452.834701][T11347]  ? __ia32_compat_sys_ioctl+0x23f/0x370
[  452.834714][T11347]  ? __do_fast_syscall_32+0x7c/0x3a0
[  452.834736][T11347]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  452.834753][T11347]  ? policy_nodemask+0xea/0x4e0
[  452.834765][T11347]  alloc_pages_mpol+0x1fb/0x550
[  452.834776][T11347]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  452.834785][T11347]  ? css_rstat_updated+0x9d/0xd30
[  452.834800][T11347]  alloc_pages_noprof+0x131/0x390
[  452.834811][T11347]  pte_alloc_one+0x1c/0x3a0
[  452.834828][T11347]  __pte_alloc+0x6d/0x3c0
[  452.834838][T11347]  ? __pfx___pte_alloc+0x10/0x10
[  452.834849][T11347]  ? _raw_spin_unlock+0x28/0x50
[  452.834863][T11347]  ? __pmd_alloc+0x3fb/0x930
[  452.834876][T11347]  __handle_mm_fault+0x4358/0x5490
[  452.834894][T11347]  ? __pfx___handle_mm_fault+0x10/0x10
[  452.834908][T11347]  ? __pfx_mt_find+0x10/0x10
[  452.834926][T11347]  ? find_vma+0xbf/0x140
[  452.834937][T11347]  ? __pfx_find_vma+0x10/0x10
[  452.834949][T11347]  handle_mm_fault+0x589/0xd10
[  452.834964][T11347]  ? __pkru_allows_pkey+0x41/0xb0
[  452.834979][T11347]  do_user_addr_fault+0x7a6/0x1370
[  452.834995][T11347]  ? rcu_is_watching+0x12/0xc0
[  452.835008][T11347]  exc_page_fault+0x5c/0xb0
[  452.835028][T11347]  asm_exc_page_fault+0x26/0x30
[  452.835038][T11347] RIP: 0010:_copy_from_user+0x93/0xd0
[  452.835055][T11347] Code: c5 e2 fc 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 29 b1 48 fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 f5 c0
[  452.835066][T11347] RSP: 0018:ffffc90004f8fcc0 EFLAGS: 00050246
[  452.835075][T11347] RAX: 0000000000000001 RBX: 0000000080000100 RCX: 0000000000000008
[  452.835082][T11347] RDX: fffff520009f1fa9 RSI: 0000000080000100 RDI: ffffc90004f8fd40
[  452.835088][T11347] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520009f1fa8
[  452.835095][T11347] R10: ffffc90004f8fd47 R11: 0000000000000001 R12: 0000000000000000
[  452.835101][T11347] R13: ffffc90004f8fd40 R14: 0000000000005414 R15: 0000000100000003
[  452.835116][T11347]  tty_ioctl+0xca0/0x1640
[  452.835134][T11347]  ? __pfx_tty_ioctl+0x10/0x10
[  452.835157][T11347]  ? find_held_lock+0x2b/0x80
[  452.835167][T11347]  ? hook_file_ioctl_common+0x145/0x410
[  452.835182][T11347]  ? __fget_files+0x20e/0x3c0
[  452.835196][T11347]  ? fput+0x70/0xf0
[  452.835207][T11347]  tty_compat_ioctl+0x24a/0x4d0
[  452.835224][T11347]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  452.835241][T11347]  __ia32_compat_sys_ioctl+0x23f/0x370
[  452.835256][T11347]  __do_fast_syscall_32+0x7c/0x3a0
[  452.835274][T11347]  do_fast_syscall_32+0x32/0x80
[  452.835291][T11347]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.835305][T11347] RIP: 0023:0xf7fd3579
[  452.835313][T11347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  452.835323][T11347] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  452.835333][T11347] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005414
[  452.835339][T11347] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  452.835346][T11347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  452.835352][T11347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  452.835358][T11347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.835371][T11347]  </TASK>
[  452.885007][   T61] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  452.989683][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  452.992577][   T61] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  452.995518][   T61] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.999726][   T61] usb 7-1: config 0 descriptor??
[  453.007534][   T61] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  453.010014][   T61] dvb-usb: bulk message failed: -22 (3/0)
[  453.014709][   T61] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  453.018528][   T61] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  453.021202][   T61] usb 7-1: media controller created
[  453.024912][   T61] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  453.125636][   T61] dvb-usb: bulk message failed: -22 (6/0)
[  453.127745][   T61] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  453.135898][   T61] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input60
[  453.147745][   T61] dvb-usb: schedule remote query interval to 150 msecs.
[  453.150171][   T61] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  453.177844][   T24] usb 8-1: reset high-speed USB device number 14 using dummy_hcd
[  453.207662][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  453.217999][   T59] usb 7-1: USB disconnect, device number 21
[  453.247816][   T59] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  453.425358][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  453.466231][   T59] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  453.506817][T11360] netlink: 256 bytes leftover after parsing attributes in process `syz.2.940'.
[  453.706149][T11380] IPVS: length: 139 != 8
[  453.906872][T11397] can0: slcan on pty26.
[  454.126224][T11396] can0 (unregistered): slcan off pty26.
[  454.325870][ T5996] usb 8-1: USB disconnect, device number 14
[  454.447966][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804c58b400: rx timeout, send abort
[  454.950736][    C2] vcan0: j1939_tp_rxtimer: 0xffff88804c58b400: abort rx timeout. Force session deactivation
[  460.211627][T11435] sctp: [Deprecated]: syz.0.948 (pid 11435) Use of int in max_burst socket option deprecated.
[  460.211627][T11435] Use struct sctp_assoc_value instead
[  461.022404][T11442] input: syz1 as /devices/virtual/input/input62
[  461.134661][T11457] FAULT_INJECTION: forcing a failure.
[  461.134661][T11457] name failslab, interval 1, probability 0, space 0, times 0
[  461.138753][T11457] CPU: 2 UID: 0 PID: 11457 Comm: syz.4.957 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  461.138771][T11457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  461.138778][T11457] Call Trace:
[  461.138783][T11457]  <TASK>
[  461.138787][T11457]  dump_stack_lvl+0x16c/0x1f0
[  461.138807][T11457]  should_fail_ex+0x512/0x640
[  461.138823][T11457]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  461.138842][T11457]  should_failslab+0xc2/0x120
[  461.138866][T11457]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  461.138883][T11457]  ? mas_alloc_nodes+0x18b/0x8b0
[  461.138901][T11457]  mas_alloc_nodes+0x18b/0x8b0
[  461.138918][T11457]  mas_node_count_gfp+0x105/0x130
[  461.138935][T11457]  mas_preallocate+0x7e0/0xde0
[  461.138945][T11457]  ? __memcg_slab_post_alloc_hook+0x3e2/0x960
[  461.138960][T11457]  ? __pfx_mas_preallocate+0x10/0x10
[  461.138976][T11457]  ? anon_vma_name+0x75/0x100
[  461.138989][T11457]  __split_vma+0x34a/0x1070
[  461.139008][T11457]  ? __pfx___split_vma+0x10/0x10
[  461.139031][T11457]  vma_modify+0xee1/0x2030
[  461.139048][T11457]  ? _parse_integer_limit+0x17f/0x1d0
[  461.139063][T11457]  ? __pfx_vma_modify+0x10/0x10
[  461.139082][T11457]  vma_modify_flags+0x212/0x2d0
[  461.139098][T11457]  ? __pfx_vma_modify_flags+0x10/0x10
[  461.139120][T11457]  ? may_expand_vm+0xe8/0x430
[  461.139135][T11457]  mprotect_fixup+0x2b3/0xb10
[  461.139153][T11457]  ? __pfx_mprotect_fixup+0x10/0x10
[  461.139172][T11457]  do_mprotect_pkey+0x9ca/0xd50
[  461.139191][T11457]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  461.139207][T11457]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  461.139232][T11457]  ? __fget_files+0x20e/0x3c0
[  461.139252][T11457]  ? __pfx_ksys_write+0x10/0x10
[  461.139271][T11457]  __ia32_sys_mprotect+0x75/0xb0
[  461.139286][T11457]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  461.139304][T11457]  __do_fast_syscall_32+0x7c/0x3a0
[  461.139322][T11457]  do_fast_syscall_32+0x32/0x80
[  461.139339][T11457]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  461.139353][T11457] RIP: 0023:0xf7fd3579
[  461.139362][T11457] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  461.139373][T11457] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 000000000000007d
[  461.139383][T11457] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000800000
[  461.139390][T11457] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  461.139396][T11457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  461.139402][T11457] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  461.139408][T11457] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  461.139422][T11457]  </TASK>
[  461.238556][T11460] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  462.682272][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880134abc00: rx timeout, send abort
[  463.023383][ T6819] usb 9-1: new full-speed USB device number 10 using dummy_hcd
[  463.174999][ T6819] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  463.178218][ T6819] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  463.181572][ T6819] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  463.184944][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880134abc00: abort rx timeout. Force session deactivation
[  463.188865][ T6819] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  463.193651][ T6819] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  463.196461][ T6819] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  463.198948][ T6819] usb 9-1: Manufacturer: syz
[  463.204579][ T6819] usb 9-1: config 0 descriptor??
[  464.417863][T11513] binder_alloc: 11512: pid 11512 spamming oneway? 1 buffers allocated for a total size of 4096
[  464.422561][T11513] binder_alloc: 11512: pid 11512 spamming oneway? 2 buffers allocated for a total size of 5120
[  464.476695][T11517] netlink: 44 bytes leftover after parsing attributes in process `syz.0.972'.
[  465.908085][T11535] lo speed is unknown, defaulting to 1000
[  465.943541][ T6819] rc_core: IR keymap rc-hauppauge not found
[  465.945665][ T6819] Registered IR keymap rc-empty
[  465.947395][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  465.964226][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.070512][ T6819] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0
[  466.076233][ T6819] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input63
[  466.089698][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.104185][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.123431][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.144180][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.164062][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.187117][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.203487][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.223699][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.263854][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.294428][ T6819] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[  466.315744][ T6819] mceusb 9-1:0.0: Registered  with mce emulator interface version 1
[  466.318262][ T6819] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  466.333788][ T6819] usb 9-1: USB disconnect, device number 10
[  466.955520][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804dc7a400: rx timeout, send abort
[  467.115917][T11564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.982'.
[  467.458887][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804dc7a400: abort rx timeout. Force session deactivation
[  468.318147][T11578] hub 6-0:1.0: USB hub found
[  468.321876][T11578] hub 6-0:1.0: 1 port detected
[  468.376672][T11577] kernel read not supported for file / 
�7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 11577 comm: syz.0.986)
[  468.382638][   T40] audit: type=1800 audit(1750857612.865:250): pid=11577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.986" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=26569 res=0 errno=0
[  469.433118][T11594] netlink: 4 bytes leftover after parsing attributes in process `syz.0.991'.
[  469.437750][T11594] FAULT_INJECTION: forcing a failure.
[  469.437750][T11594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  469.441839][T11594] CPU: 2 UID: 0 PID: 11594 Comm: syz.0.991 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  469.441855][T11594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.441862][T11594] Call Trace:
[  469.441866][T11594]  <TASK>
[  469.441871][T11594]  dump_stack_lvl+0x16c/0x1f0
[  469.441908][T11594]  should_fail_ex+0x512/0x640
[  469.441931][T11594]  _copy_from_user+0x2e/0xd0
[  469.441949][T11594]  move_addr_to_kernel+0x65/0x170
[  469.441964][T11594]  __sys_connect+0xb1/0x160
[  469.441978][T11594]  ? __pfx___sys_connect+0x10/0x10
[  469.441991][T11594]  ? handle_mm_fault+0x220/0xd10
[  469.442011][T11594]  ? __pfx_ksys_write+0x10/0x10
[  469.442031][T11594]  __ia32_sys_connect+0x71/0xb0
[  469.442045][T11594]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  469.442062][T11594]  __do_fast_syscall_32+0x7c/0x3a0
[  469.442080][T11594]  do_fast_syscall_32+0x32/0x80
[  469.442097][T11594]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.442111][T11594] RIP: 0023:0xf70ee579
[  469.442120][T11594] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.442131][T11594] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a
[  469.442142][T11594] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  469.442148][T11594] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  469.442154][T11594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.442161][T11594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.442167][T11594] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.442180][T11594]  </TASK>
[  469.622690][T11598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.992'.
[  469.857640][   T40] audit: type=1804 audit(1750857614.345:251): pid=11619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.997" name="/newroot/125/file0/file0" dev="9p" ino=35913922 res=1 errno=0
[  470.845331][T11639] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.848726][T11639] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.906185][T11641] program syz.0.1002 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  470.919031][T11639] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  470.926248][T11639] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  470.977836][T11639] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.980721][T11639] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.985669][T11639] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  470.988382][T11639] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  471.017578][T11639] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0
[  471.020518][T11639] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0
[  471.023797][T11639] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0
[  471.026537][T11639] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0
[  471.503540][  T837] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[  471.655000][  T837] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  471.659094][  T837] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  471.664263][  T837] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  471.668239][  T837] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  471.671475][  T837] usb 9-1: Manufacturer: syz
[  471.676592][  T837] usb 9-1: config 0 descriptor??
[  471.886712][ T6819] usb 9-1: USB disconnect, device number 11
[  472.189956][T11665] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1011'.
[  472.578215][T11680] mmap: syz.2.1015 (11680) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  472.795750][T11690] kvm: Disabled LAPIC found during irq injection
[  472.801028][T11690] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  473.287092][T11700] raw_sendmsg: syz.3.1021 forgot to set AF_INET. Fix it!
[  473.290454][T11700] capability: warning: `syz.3.1021' uses 32-bit capabilities (legacy support in use)
[  473.458090][T11710] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  473.671490][T11722] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1029'.
[  473.790070][T11727] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1030'.
[  473.815999][T11727] FAULT_INJECTION: forcing a failure.
[  473.815999][T11727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.821529][T11727] CPU: 3 UID: 0 PID: 11727 Comm: syz.4.1030 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  473.821553][T11727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  473.821564][T11727] Call Trace:
[  473.821571][T11727]  <TASK>
[  473.821578][T11727]  dump_stack_lvl+0x16c/0x1f0
[  473.821610][T11727]  should_fail_ex+0x512/0x640
[  473.821638][T11727]  _copy_from_user+0x2e/0xd0
[  473.821666][T11727]  __ia32_compat_sys_socketcall+0x187/0x770
[  473.821687][T11727]  ? __fget_files+0x20e/0x3c0
[  473.821710][T11727]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[  473.821732][T11727]  ? fput+0x70/0xf0
[  473.821749][T11727]  ? ksys_write+0x1ac/0x250
[  473.821773][T11727]  ? __pfx_ksys_write+0x10/0x10
[  473.821799][T11727]  ? rcu_is_watching+0x12/0xc0
[  473.821821][T11727]  __do_fast_syscall_32+0x7c/0x3a0
[  473.821850][T11727]  do_fast_syscall_32+0x32/0x80
[  473.821876][T11727]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  473.821899][T11727] RIP: 0023:0xf7fd3579
[  473.821913][T11727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  473.821930][T11727] RSP: 002b:00000000f50f5430 EFLAGS: 00000293 ORIG_RAX: 0000000000000066
[  473.821946][T11727] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f50f5444
[  473.821957][T11727] RDX: 0000000000000000 RSI: 00000000f50f5560 RDI: 00000000f7463ff4
[  473.821968][T11727] RBP: 00000000f50f5560 R08: 0000000000000000 R09: 0000000000000000
[  473.821980][T11727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  473.821990][T11727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  473.822013][T11727]  </TASK>
[  473.999935][T11736] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1033'.
[  474.037904][T11734] kvm: Disabled LAPIC found during irq injection
[  474.045468][T11734] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  474.066048][T11739] overlay: Unknown parameter 'subj_type'
[  474.178459][   T40] audit: type=1326 audit(1750857618.665:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11738 comm="syz.0.1034" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  474.200497][   T40] audit: type=1326 audit(1750857618.685:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11744 comm="syz.4.1035" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fd3579 code=0x0
[  474.266127][T11747] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1028'.
[  475.471946][T11776] FAULT_INJECTION: forcing a failure.
[  475.471946][T11776] name failslab, interval 1, probability 0, space 0, times 0
[  475.477952][T11776] CPU: 3 UID: 0 PID: 11776 Comm: syz.4.1044 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  475.477979][T11776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  475.478005][T11776] Call Trace:
[  475.478013][T11776]  <TASK>
[  475.478020][T11776]  dump_stack_lvl+0x16c/0x1f0
[  475.478050][T11776]  should_fail_ex+0x512/0x640
[  475.478075][T11776]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  475.478104][T11776]  should_failslab+0xc2/0x120
[  475.478121][T11776]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  475.478147][T11776]  ? __alloc_skb+0x2b2/0x380
[  475.478173][T11776]  ? __bpf_trace_contention_end+0xc9/0x110
[  475.478199][T11776]  __alloc_skb+0x2b2/0x380
[  475.478223][T11776]  ? __pfx___alloc_skb+0x10/0x10
[  475.478245][T11776]  ? __pfx___mutex_trylock_common+0x10/0x10
[  475.478273][T11776]  ? rcu_is_watching+0x12/0xc0
[  475.478296][T11776]  netlink_dump+0x678/0xce0
[  475.478314][T11776]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  475.478331][T11776]  ? __netlink_dump_start+0x150/0x990
[  475.478350][T11776]  ? __pfx_netlink_dump+0x10/0x10
[  475.478366][T11776]  ? __pfx___mutex_lock+0x10/0x10
[  475.478413][T11776]  __netlink_dump_start+0x6d6/0x990
[  475.478435][T11776]  ? __pfx_tc_dump_tclass+0x10/0x10
[  475.478456][T11776]  rtnetlink_rcv_msg+0xb3e/0xe90
[  475.478483][T11776]  ? __pfx_tc_dump_tclass+0x10/0x10
[  475.478505][T11776]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  475.478532][T11776]  ? __pfx_rtnl_dumpit+0x10/0x10
[  475.478553][T11776]  ? __pfx_tc_dump_tclass+0x10/0x10
[  475.478576][T11776]  ? __lock_acquire+0x622/0x1c90
[  475.478605][T11776]  netlink_rcv_skb+0x158/0x420
[  475.478624][T11776]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  475.478652][T11776]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  475.478683][T11776]  ? netlink_deliver_tap+0x1ae/0xd30
[  475.478699][T11776]  ? is_vmalloc_addr+0x86/0xa0
[  475.478729][T11776]  netlink_unicast+0x53a/0x7f0
[  475.478752][T11776]  ? __pfx_netlink_unicast+0x10/0x10
[  475.478778][T11776]  netlink_sendmsg+0x8d1/0xdd0
[  475.478800][T11776]  ? __pfx_netlink_sendmsg+0x10/0x10
[  475.478825][T11776]  ? __import_iovec+0x1dd/0x650
[  475.478858][T11776]  ____sys_sendmsg+0xa98/0xc70
[  475.478880][T11776]  ? __pfx_____sys_sendmsg+0x10/0x10
[  475.478898][T11776]  ? get_compat_msghdr+0x11a/0x170
[  475.478937][T11776]  ___sys_sendmsg+0x134/0x1d0
[  475.478964][T11776]  ? __pfx____sys_sendmsg+0x10/0x10
[  475.479003][T11776]  ? find_held_lock+0x2b/0x80
[  475.479037][T11776]  __sys_sendmsg+0x16d/0x220
[  475.479063][T11776]  ? __pfx___sys_sendmsg+0x10/0x10
[  475.479100][T11776]  ? rcu_is_watching+0x12/0xc0
[  475.479121][T11776]  __do_fast_syscall_32+0x7c/0x3a0
[  475.479150][T11776]  do_fast_syscall_32+0x32/0x80
[  475.479176][T11776]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  475.479198][T11776] RIP: 0023:0xf7fd3579
[  475.479212][T11776] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  475.479229][T11776] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  475.479247][T11776] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000140
[  475.479258][T11776] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  475.479268][T11776] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  475.479278][T11776] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  475.479288][T11776] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  475.479312][T11776]  </TASK>
[  475.590472][    C3] vkms_vblank_simulate: vblank timer overrun
[  475.724968][T11784] Invalid source name
[  476.164146][  T837] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  476.558120][T11818] tipc: Started in network mode
[  476.559847][T11818] tipc: Node identity ac1414aa, cluster identity 4711
[  476.562590][T11818] tipc: Enabled bearer <udp:syz2>, priority 10
[  476.569412][T11818] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  476.792386][T11833] FAULT_INJECTION: forcing a failure.
[  476.792386][T11833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  476.797489][T11833] CPU: 1 UID: 0 PID: 11833 Comm: syz.4.1053 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  476.797514][T11833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  476.797525][T11833] Call Trace:
[  476.797530][T11833]  <TASK>
[  476.797536][T11833]  dump_stack_lvl+0x16c/0x1f0
[  476.797568][T11833]  should_fail_ex+0x512/0x640
[  476.797594][T11833]  _copy_from_iter+0x29f/0x16f0
[  476.797621][T11833]  ? __alloc_skb+0x200/0x380
[  476.797643][T11833]  ? __pfx__copy_from_iter+0x10/0x10
[  476.797670][T11833]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  476.797696][T11833]  netlink_sendmsg+0x829/0xdd0
[  476.797717][T11833]  ? __pfx_netlink_sendmsg+0x10/0x10
[  476.797737][T11833]  ? __import_iovec+0x1dd/0x650
[  476.797768][T11833]  ____sys_sendmsg+0xa98/0xc70
[  476.797789][T11833]  ? __pfx_____sys_sendmsg+0x10/0x10
[  476.797807][T11833]  ? get_compat_msghdr+0x11a/0x170
[  476.797843][T11833]  ___sys_sendmsg+0x134/0x1d0
[  476.797870][T11833]  ? __pfx____sys_sendmsg+0x10/0x10
[  476.797909][T11833]  ? find_held_lock+0x2b/0x80
[  476.797942][T11833]  __sys_sendmsg+0x16d/0x220
[  476.797968][T11833]  ? __pfx___sys_sendmsg+0x10/0x10
[  476.798026][T11833]  ? rcu_is_watching+0x12/0xc0
[  476.798050][T11833]  __do_fast_syscall_32+0x7c/0x3a0
[  476.798079][T11833]  do_fast_syscall_32+0x32/0x80
[  476.798112][T11833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  476.798132][T11833] RIP: 0023:0xf7fd3579
[  476.798144][T11833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  476.798160][T11833] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  476.798177][T11833] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  476.798188][T11833] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  476.798198][T11833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  476.798207][T11833] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  476.798215][T11833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  476.798232][T11833]  </TASK>
[  477.555179][    T9] tipc: Node number set to 2886997162
[  485.568920][T11860] overlay: Unknown parameter 'seclabel'
[  487.192361][T11890] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1066'.
[  487.204611][T11890] random: crng reseeded on system resumption
[  487.645512][T11904] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1069'.
[  488.135551][T11923] overlay: Unknown parameter 'subj_type'
[  488.163586][ T5996] usb 9-1: new low-speed USB device number 12 using dummy_hcd
[  488.255492][   T40] audit: type=1326 audit(1750857632.745:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11922 comm="syz.0.1076" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x0
[  488.293789][ T5996] usb 9-1: device descriptor read/64, error -71
[  488.470347][T11929] netlink: zone id is out of range
[  488.471973][T11929] netlink: zone id is out of range
[  488.474002][T11929] netlink: del zone limit has 4 unknown bytes
[  488.482786][ T5953] Bluetooth: hci1: unexpected event for opcode 0x2024
[  488.584747][ T5996] usb 9-1: new low-speed USB device number 13 using dummy_hcd
[  488.600618][T11931] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967295 (34359738360 ns) > initial count (3800 ns). Using initial count to start timer.
[  488.724272][ T5996] usb 9-1: device descriptor read/64, error -71
[  488.833772][ T5996] usb usb9-port1: attempt power cycle
[  488.888530][T11947] FAULT_INJECTION: forcing a failure.
[  488.888530][T11947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.892981][T11947] CPU: 3 UID: 0 PID: 11947 Comm: syz.2.1083 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  488.892997][T11947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.893004][T11947] Call Trace:
[  488.893008][T11947]  <TASK>
[  488.893012][T11947]  dump_stack_lvl+0x16c/0x1f0
[  488.893050][T11947]  should_fail_ex+0x512/0x640
[  488.893072][T11947]  _copy_to_user+0x32/0xd0
[  488.893091][T11947]  msr_read+0x14e/0x250
[  488.893103][T11947]  ? __pfx_msr_read+0x10/0x10
[  488.893113][T11947]  ? bpf_lsm_file_permission+0x9/0x10
[  488.893126][T11947]  ? security_file_permission+0x71/0x210
[  488.893142][T11947]  ? rw_verify_area+0xcf/0x680
[  488.893156][T11947]  ? __pfx_msr_read+0x10/0x10
[  488.893167][T11947]  vfs_read+0x1e4/0xc60
[  488.893185][T11947]  ? __pfx_vfs_read+0x10/0x10
[  488.893198][T11947]  ? find_held_lock+0x2b/0x80
[  488.893210][T11947]  ? __fget_files+0x204/0x3c0
[  488.893227][T11947]  ? __fget_files+0x20e/0x3c0
[  488.893240][T11947]  ? handle_mm_fault+0x220/0xd10
[  488.893259][T11947]  ksys_read+0x12a/0x250
[  488.893274][T11947]  ? __pfx_ksys_read+0x10/0x10
[  488.893301][T11947]  ? rcu_is_watching+0x12/0xc0
[  488.893316][T11947]  __do_fast_syscall_32+0x7c/0x3a0
[  488.893334][T11947]  do_fast_syscall_32+0x32/0x80
[  488.893351][T11947]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  488.893365][T11947] RIP: 0023:0xf704e579
[  488.893373][T11947] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  488.893384][T11947] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  488.893395][T11947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080019680
[  488.893401][T11947] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000
[  488.893407][T11947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  488.893413][T11947] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  488.893420][T11947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  488.893433][T11947]  </TASK>
[  488.962246][    C3] vkms_vblank_simulate: vblank timer overrun
[  489.018253][T11952] overlay: Unknown parameter 'subj_type'
[  489.133752][   T40] audit: type=1326 audit(1750857633.625:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11951 comm="syz.2.1085" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  489.193393][ T5996] usb 9-1: new low-speed USB device number 14 using dummy_hcd
[  489.208382][T11955] netlink: 'syz.0.1084': attribute type 1 has an invalid length.
[  489.210990][T11955] netlink: 'syz.0.1084': attribute type 2 has an invalid length.
[  489.213846][T11955] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1084'.
[  489.214003][ T5996] usb 9-1: device descriptor read/8, error -71
[  489.474995][ T5996] usb 9-1: new low-speed USB device number 15 using dummy_hcd
[  489.494011][ T5996] usb 9-1: device descriptor read/8, error -71
[  489.613651][ T5996] usb usb9-port1: unable to enumerate USB device
[  489.900829][T11965] FAULT_INJECTION: forcing a failure.
[  489.900829][T11965] name failslab, interval 1, probability 0, space 0, times 0
[  489.905032][T11965] CPU: 1 UID: 0 PID: 11965 Comm: syz.0.1088 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  489.905049][T11965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.905056][T11965] Call Trace:
[  489.905060][T11965]  <TASK>
[  489.905065][T11965]  dump_stack_lvl+0x16c/0x1f0
[  489.905084][T11965]  should_fail_ex+0x512/0x640
[  489.905103][T11965]  should_failslab+0xc2/0x120
[  489.905114][T11965]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  489.905132][T11965]  ? skb_clone+0x190/0x3f0
[  489.905150][T11965]  skb_clone+0x190/0x3f0
[  489.905167][T11965]  netlink_deliver_tap+0xabd/0xd30
[  489.905182][T11965]  netlink_unicast+0x5df/0x7f0
[  489.905195][T11965]  ? __pfx_netlink_unicast+0x10/0x10
[  489.905211][T11965]  netlink_sendmsg+0x8d1/0xdd0
[  489.905224][T11965]  ? __pfx_netlink_sendmsg+0x10/0x10
[  489.905237][T11965]  ? __import_iovec+0x1dd/0x650
[  489.905257][T11965]  ____sys_sendmsg+0xa98/0xc70
[  489.905271][T11965]  ? __pfx_____sys_sendmsg+0x10/0x10
[  489.905283][T11965]  ? get_compat_msghdr+0x11a/0x170
[  489.905306][T11965]  ___sys_sendmsg+0x134/0x1d0
[  489.905324][T11965]  ? __pfx____sys_sendmsg+0x10/0x10
[  489.905346][T11965]  ? find_held_lock+0x2b/0x80
[  489.905366][T11965]  __sys_sendmsg+0x16d/0x220
[  489.905382][T11965]  ? __pfx___sys_sendmsg+0x10/0x10
[  489.905404][T11965]  ? rcu_is_watching+0x12/0xc0
[  489.905417][T11965]  __do_fast_syscall_32+0x7c/0x3a0
[  489.905436][T11965]  do_fast_syscall_32+0x32/0x80
[  489.905452][T11965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.905466][T11965] RIP: 0023:0xf70ee579
[  489.905475][T11965] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  489.905486][T11965] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  489.905497][T11965] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000640
[  489.905504][T11965] RDX: 0000000020004804 RSI: 0000000000000000 RDI: 0000000000000000
[  489.905510][T11965] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  489.905516][T11965] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  489.905522][T11965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  489.905542][T11965]  </TASK>
[  489.905571][T11965] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1088'.
[  489.923034][T11961] netlink: 'syz.2.1087': attribute type 11 has an invalid length.
[  489.950123][T11967] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  489.953614][T11961] netlink: 448 bytes leftover after parsing attributes in process `syz.2.1087'.
[  489.954579][T11967] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  489.997161][T11967] vhci_hcd vhci_hcd.0: Device attached
[  490.002031][T11971] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(7)
[  490.004790][T11971] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  490.008237][T11971] vhci_hcd vhci_hcd.0: Device attached
[  490.017232][T11967] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(9)
[  490.020060][T11967] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  490.024011][T11967] vhci_hcd vhci_hcd.0: Device attached
[  490.027742][T11967] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  490.139912][T11977] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(17)
[  490.142111][T11977] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  490.145299][T11977] vhci_hcd vhci_hcd.0: Device attached
[  490.253389][ T6281] usb 37-1: new high-speed USB device number 6 using vhci_hcd
[  490.666590][T11989] block device autoloading is deprecated and will be removed.
[  490.715749][T11986] md2: using deprecated bitmap file support
[  490.717705][T11986] md2: error: bitmap file must be a regular file
[  490.720179][T11986] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1091'.
[  490.785623][T11978] vhci_hcd: connection closed
[  490.786417][T11974] vhci_hcd: connection closed
[  490.786496][T11972] vhci_hcd: connection closed
[  490.786929][T10399] vhci_hcd: stop threads
[  490.786941][T10399] vhci_hcd: release socket
[  490.787124][T10399] vhci_hcd: disconnect device
[  490.790156][T11968] vhci_hcd: connection reset by peer
[  490.791040][T10399] vhci_hcd: stop threads
[  490.798372][T10399] vhci_hcd: release socket
[  490.799844][T10399] vhci_hcd: disconnect device
[  490.801498][T10399] vhci_hcd: stop threads
[  490.802864][T10399] vhci_hcd: release socket
[  490.804613][T10399] vhci_hcd: disconnect device
[  490.807154][T10399] vhci_hcd: stop threads
[  490.808516][T10399] vhci_hcd: release socket
[  490.809958][T10399] vhci_hcd: disconnect device
[  491.442009][T12005] overlay: Unknown parameter 'subj_type'
[  491.584683][   T40] audit: type=1326 audit(1750857636.075:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12004 comm="syz.2.1095" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  492.382853][T12022] pim6reg: entered allmulticast mode
[  492.403082][T12022] pim6reg: left allmulticast mode
[  492.457948][T12024] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1100'.
[  492.555167][T12018] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1098'.
[  492.743609][ T5996] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  492.803427][T10604] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  492.894614][ T5996] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.899910][ T5996] usb 5-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  492.903230][ T5996] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.907973][ T5996] usb 5-1: Product: syz
[  492.909788][ T5996] usb 5-1: Manufacturer: syz
[  492.912000][ T5996] usb 5-1: SerialNumber: syz
[  492.916345][ T5996] usb 5-1: config 0 descriptor??
[  492.921114][ T5996] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  492.926910][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  492.944592][ T5996] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  492.948877][ T5996] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  492.954251][ T5996] usb 5-1: media controller created
[  492.958054][ T5996] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  492.967858][ T5996] dvb-usb: bulk message failed: -22 (6/0)
[  492.970199][ T5996] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  492.977597][ T5996] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input64
[  492.984072][ T5996] dvb-usb: schedule remote query interval to 150 msecs.
[  492.987006][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  493.003482][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  493.067022][T10604] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  493.071742][T10604] usb 8-1: config 0 has no interfaces?
[  493.075351][T10604] usb 8-1: config 0 has no interfaces?
[  493.078897][T10604] usb 8-1: config 0 has no interfaces?
[  493.082718][T10604] usb 8-1: config 0 has no interfaces?
[  493.086416][T10604] usb 8-1: config 0 has no interfaces?
[  493.090986][T10604] usb 8-1: config 0 has no interfaces?
[  493.096112][T10604] usb 8-1: config 0 has no interfaces?
[  493.100437][T10604] usb 8-1: config 0 has no interfaces?
[  493.106337][T10604] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  493.109340][T10604] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  493.112125][T10604] usb 8-1: Product: syz
[  493.113623][T10604] usb 8-1: Manufacturer: syz
[  493.115366][T10604] usb 8-1: SerialNumber: syz
[  493.137510][T10604] usb 8-1: config 0 descriptor??
[  493.143603][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  493.145978][ T5996] dvb-usb: error while querying for an remote control event.
[  493.304375][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  493.316004][ T5996] dvb-usb: error while querying for an remote control event.
[  493.360770][T12018] netlink: 348 bytes leftover after parsing attributes in process `syz.3.1098'.
[  493.365377][ T5996] usb 8-1: USB disconnect, device number 15
[  493.473594][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  493.477984][   T24] dvb-usb: error while querying for an remote control event.
[  493.633551][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  493.638452][ T5996] dvb-usb: error while querying for an remote control event.
[  493.856538][T12038] atomic_op ffff888024431998 conn xmit_atomic 0000000000000000
[  494.031890][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  494.048749][ T5996] dvb-usb: error while querying for an remote control event.
[  494.224292][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  494.226175][ T5996] dvb-usb: error while querying for an remote control event.
[  494.332784][T12046] pim6reg: entered allmulticast mode
[  494.336951][T12046] pim6reg: left allmulticast mode
[  494.383372][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  494.385224][ T5996] dvb-usb: error while querying for an remote control event.
[  494.394425][T12048] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1106'.
[  494.553384][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  494.556653][   T24] dvb-usb: error while querying for an remote control event.
[  494.653379][ T5996] usb 9-1: new full-speed USB device number 16 using dummy_hcd
[  494.717315][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  494.719187][   T24] dvb-usb: error while querying for an remote control event.
[  494.878005][ T5996] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  494.879513][T12051] pim6reg: entered allmulticast mode
[  494.882084][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  494.892875][   T24] dvb-usb: error while querying for an remote control event.
[  494.894964][T12051] pim6reg: left allmulticast mode
[  494.913890][ T5996] usb 9-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  494.916724][ T5996] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.919190][ T5996] usb 9-1: Product: syz
[  494.920524][ T5996] usb 9-1: Manufacturer: syz
[  494.921992][ T5996] usb 9-1: SerialNumber: syz
[  494.924937][ T5996] usb 9-1: config 0 descriptor??
[  494.929374][ T5996] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  494.946157][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  494.952517][T12052] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1107'.
[  494.964531][ T5996] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  494.967829][ T5996] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  494.971737][ T5996] usb 9-1: media controller created
[  494.974166][ T5996] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  494.978723][ T5996] dvb-usb: bulk message failed: -22 (6/0)
[  494.980926][ T5996] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  494.986049][ T5996] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input65
[  494.991441][ T5996] dvb-usb: schedule remote query interval to 150 msecs.
[  494.993922][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  495.013495][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  495.053454][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.055351][ T5996] dvb-usb: error while querying for an remote control event.
[  495.157354][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.159780][ T5996] dvb-usb: error while querying for an remote control event.
[  495.189034][T12054] overlay: Unknown parameter 'subj_type'
[  495.213578][ T6819] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[  495.223560][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.226116][ T5996] dvb-usb: error while querying for an remote control event.
[  495.303243][T12022] Set syz1 is full, maxelem 65536 reached
[  495.305461][   T40] audit: type=1326 audit(1750857639.795:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12053 comm="syz.3.1108" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  495.314966][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.317427][ T5996] dvb-usb: error while querying for an remote control event.
[  495.331944][T10604] usb 5-1: USB disconnect, device number 13
[  495.344097][T10604] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  495.373390][ T6281] vhci_hcd: vhci_device speed not set
[  495.376785][ T6819] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  495.383001][ T6819] usb 7-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  495.387508][ T6819] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.390172][ T6819] usb 7-1: Product: syz
[  495.391937][ T6819] usb 7-1: Manufacturer: syz
[  495.394035][ T6819] usb 7-1: SerialNumber: syz
[  495.405274][ T6819] usb 7-1: config 0 descriptor??
[  495.414626][ T6819] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  495.419728][ T6819] dvb-usb: bulk message failed: -22 (3/0)
[  495.435653][ T6819] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  495.439592][ T6819] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  495.445067][ T6819] usb 7-1: media controller created
[  495.448780][ T6819] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  495.455855][ T6819] dvb-usb: bulk message failed: -22 (6/0)
[  495.458627][ T6819] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  495.466963][ T6819] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input66
[  495.473202][ T6819] dvb-usb: schedule remote query interval to 150 msecs.
[  495.473399][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.476233][ T6819] dvb-usb: bulk message failed: -22 (3/0)
[  495.478802][ T5996] dvb-usb: error while querying for an remote control event.
[  495.493394][ T6819] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  495.633440][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  495.635275][ T1452] dvb-usb: error while querying for an remote control event.
[  495.653400][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  495.655429][ T5996] dvb-usb: error while querying for an remote control event.
[  495.757596][T12048] Set syz1 is full, maxelem 65536 reached
[  495.761720][ T1452] usb 7-1: USB disconnect, device number 22
[  495.765784][ T6027] usb 9-1: USB disconnect, device number 16
[  495.789800][ T1452] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  495.790119][ T6027] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  495.870860][T12062] FAULT_INJECTION: forcing a failure.
[  495.870860][T12062] name failslab, interval 1, probability 0, space 0, times 0
[  495.876329][T12062] CPU: 3 UID: 0 PID: 12062 Comm: syz.0.1109 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  495.876354][T12062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  495.876365][T12062] Call Trace:
[  495.876372][T12062]  <TASK>
[  495.876379][T12062]  dump_stack_lvl+0x16c/0x1f0
[  495.876411][T12062]  should_fail_ex+0x512/0x640
[  495.876437][T12062]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  495.876466][T12062]  should_failslab+0xc2/0x120
[  495.876484][T12062]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  495.876508][T12062]  ? consume_skb+0xcc/0x100
[  495.876526][T12062]  ? __alloc_skb+0x2b2/0x380
[  495.876554][T12062]  __alloc_skb+0x2b2/0x380
[  495.876577][T12062]  ? __pfx___alloc_skb+0x10/0x10
[  495.876611][T12062]  netlink_ack+0x15d/0xb80
[  495.876631][T12062]  ? __pfx___dev_queue_xmit+0x10/0x10
[  495.876659][T12062]  netlink_rcv_skb+0x332/0x420
[  495.876679][T12062]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  495.876703][T12062]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  495.876734][T12062]  ? ns_capable+0xd7/0x110
[  495.876756][T12062]  nfnetlink_rcv+0x1b3/0x430
[  495.876777][T12062]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  495.876798][T12062]  ? netlink_deliver_tap+0x1ae/0xd30
[  495.876821][T12062]  netlink_unicast+0x53a/0x7f0
[  495.876843][T12062]  ? __pfx_netlink_unicast+0x10/0x10
[  495.876868][T12062]  netlink_sendmsg+0x8d1/0xdd0
[  495.876898][T12062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  495.876920][T12062]  ? __import_iovec+0x1dd/0x650
[  495.876953][T12062]  ____sys_sendmsg+0xa98/0xc70
[  495.876977][T12062]  ? __pfx_____sys_sendmsg+0x10/0x10
[  495.876997][T12062]  ? get_compat_msghdr+0x11a/0x170
[  495.877037][T12062]  ___sys_sendmsg+0x134/0x1d0
[  495.877065][T12062]  ? __pfx____sys_sendmsg+0x10/0x10
[  495.877105][T12062]  ? find_held_lock+0x2b/0x80
[  495.877143][T12062]  __sys_sendmsg+0x16d/0x220
[  495.877170][T12062]  ? __pfx___sys_sendmsg+0x10/0x10
[  495.877209][T12062]  ? rcu_is_watching+0x12/0xc0
[  495.877231][T12062]  __do_fast_syscall_32+0x7c/0x3a0
[  495.877261][T12062]  do_fast_syscall_32+0x32/0x80
[  495.877288][T12062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  495.877311][T12062] RIP: 0023:0xf70ee579
[  495.877327][T12062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  495.877344][T12062] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  495.877362][T12062] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0
[  495.877374][T12062] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  495.877384][T12062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  495.877394][T12062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  495.877404][T12062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  495.877428][T12062]  </TASK>
[  496.094926][T12069] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1110'.
[  496.473700][T12098] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  496.489614][T12100] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  496.525833][T12102] random: crng reseeded on system resumption
[  496.670573][T12102] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  496.718021][T12106] pim6reg: entered allmulticast mode
[  496.720948][T12106] pim6reg: left allmulticast mode
[  496.766771][T12106] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1125'.
[  497.003392][ T6027] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  497.164968][ T6027] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  497.169971][ T6027] usb 5-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  497.173145][ T6027] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.175744][ T6027] usb 5-1: Product: syz
[  497.177442][ T6027] usb 5-1: Manufacturer: syz
[  497.179454][ T6027] usb 5-1: SerialNumber: syz
[  497.229987][ T6027] usb 5-1: config 0 descriptor??
[  497.246097][ T6027] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  497.250623][ T6027] dvb-usb: bulk message failed: -22 (3/0)
[  497.285497][ T6027] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  497.289522][ T6027] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  497.298015][ T6027] usb 5-1: media controller created
[  497.301710][ T6027] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  497.312766][ T6027] dvb-usb: bulk message failed: -22 (6/0)
[  497.315448][ T6027] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  497.331939][ T6027] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input67
[  497.339466][ T6027] dvb-usb: schedule remote query interval to 150 msecs.
[  497.342380][ T6027] dvb-usb: bulk message failed: -22 (3/0)
[  497.346873][T12110] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1127'.
[  497.373372][ T6027] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  497.463259][ T6281] usb 5-1: USB disconnect, device number 14
[  497.468826][ T5953] Bluetooth: hci2: unexpected event for opcode 0x0c14
[  497.481022][ T6281] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  497.541391][   T40] audit: type=1326 audit(1750857642.025:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.551049][   T40] audit: type=1326 audit(1750857642.025:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.559116][   T40] audit: type=1326 audit(1750857642.035:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.565906][   T40] audit: type=1326 audit(1750857642.035:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.572519][   T40] audit: type=1326 audit(1750857642.035:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.579761][   T40] audit: type=1326 audit(1750857642.035:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.586583][   T40] audit: type=1326 audit(1750857642.035:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.594108][   T40] audit: type=1326 audit(1750857642.035:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.600671][   T40] audit: type=1326 audit(1750857642.035:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12120 comm="syz.4.1130" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd3579 code=0x7ffc0000
[  497.704841][T12125] serio: Serial port ptm0
[  497.783186][T12121] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  497.785296][T12121] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  497.788957][T12121] vhci_hcd vhci_hcd.0: Device attached
[  497.796393][T12121] netdevsim netdevsim4: Direct firmware load for @ failed with error -2
[  497.799125][T12121] netdevsim netdevsim4: Falling back to sysfs fallback for: @
[  497.943180][T12136] overlayfs: failed to resolve 'posixacl': -2
[  498.043568][   T61] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[  498.383644][T12128] vhci_hcd: connection reset by peer
[  498.385616][T10399] vhci_hcd: stop threads
[  498.388355][T10399] vhci_hcd: release socket
[  498.391084][T10399] vhci_hcd: disconnect device
[  498.590147][T12149] lo speed is unknown, defaulting to 1000
[  498.873597][ T6027] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  499.033632][ T6027] usb 5-1: Using ep0 maxpacket: 16
[  499.037964][ T6027] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  499.041984][ T6027] usb 5-1: config 0 interface 0 has no altsetting 0
[  499.045215][ T6027] usb 5-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  499.048212][ T6027] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.081144][ T6027] usb 5-1: config 0 descriptor??
[  499.224576][T12158] kvm: Disabled LAPIC found during irq injection
[  499.229798][T12158] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  499.311542][ T6027] usbhid 5-1:0.0: can't add hid device: -71
[  499.314106][ T6027] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  499.328924][ T6027] usb 5-1: USB disconnect, device number 15
[  499.419365][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1140'.
[  499.438196][T12164] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1141'.
[  499.468055][T12162] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1140'.
[  499.706732][T12173] pim6reg: entered allmulticast mode
[  499.709708][T12173] pim6reg: left allmulticast mode
[  499.763034][T12174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1144'.
[  499.895580][T12176] serio: Serial port ptm0
[  500.015470][ T6027] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  500.175144][ T6027] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.180673][ T6027] usb 8-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  500.184617][ T6027] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.203371][ T6027] usb 8-1: Product: syz
[  500.205092][ T6027] usb 8-1: Manufacturer: syz
[  500.207021][ T6027] usb 8-1: SerialNumber: syz
[  500.211559][ T6027] usb 8-1: config 0 descriptor??
[  500.215794][ T6027] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  500.219316][ T6027] dvb-usb: bulk message failed: -22 (3/0)
[  500.239471][ T6027] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  500.243484][ T6027] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  500.247999][ T6027] usb 8-1: media controller created
[  500.250816][ T6027] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  500.256636][ T6027] dvb-usb: bulk message failed: -22 (6/0)
[  500.258899][ T6027] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  500.265213][ T6027] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input68
[  500.270823][ T6027] dvb-usb: schedule remote query interval to 150 msecs.
[  500.274308][ T6027] dvb-usb: bulk message failed: -22 (3/0)
[  500.293438][ T6027] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  500.324098][T12188] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1147'.
[  500.428909][ T6281] usb 8-1: USB disconnect, device number 16
[  500.431563][T12194] kvm: Disabled LAPIC found during irq injection
[  500.440147][T12194] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  500.441559][ T6281] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  500.907560][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  500.909622][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  501.087451][T12203] binder: 12202:12203 ioctl c0306201 80000080 returned -14
[  501.535414][T12220] kvm: Disabled LAPIC found during irq injection
[  501.539423][T12220] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  501.555007][ T6281] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  501.639272][T12222] kvm: Disabled LAPIC found during irq injection
[  501.645300][T12222] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685)
[  501.723422][ T6281] usb 7-1: Using ep0 maxpacket: 8
[  501.726539][ T6281] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  501.729248][ T6281] usb 7-1: config 179 has no interface number 0
[  501.731248][ T6281] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  501.734945][ T6281] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  501.738490][ T6281] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  501.742030][ T6281] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  501.745422][ T6281] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  501.749504][ T6281] usb 7-1: config 179 interface 65 has no altsetting 0
[  501.751687][ T6281] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  501.754727][ T6281] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.772032][ T6281] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input69
[  502.062476][T12227] pim6reg: entered allmulticast mode
[  502.067415][T12227] pim6reg: left allmulticast mode
[  502.363457][ T5996] usb 9-1: new full-speed USB device number 17 using dummy_hcd
[  502.506542][T12232] =======================================================
[  502.506542][T12232] WARNING: The mand mount option has been deprecated and
[  502.506542][T12232]          and is ignored by this kernel. Remove the mand
[  502.506542][T12232]          option from the mount to silence this warning.
[  502.506542][T12232] =======================================================
[  502.525661][ T5996] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  502.535568][ T5996] usb 9-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  502.539199][ T5996] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  502.542336][ T5996] usb 9-1: Product: syz
[  502.544597][ T5996] usb 9-1: Manufacturer: syz
[  502.546046][ T5996] usb 9-1: SerialNumber: syz
[  502.548646][ T5996] usb 9-1: config 0 descriptor??
[  502.556531][ T5996] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  502.559980][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  502.574877][ T5996] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  502.578339][ T5996] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  502.581951][ T5996] usb 9-1: media controller created
[  502.586685][ T5996] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  502.588236][T12236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1164'.
[  502.591285][ T5996] dvb-usb: bulk message failed: -22 (6/0)
[  502.592091][T12236] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1164'.
[  502.594181][ T5996] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  502.605049][ T5996] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input70
[  502.609906][ T5996] dvb-usb: schedule remote query interval to 150 msecs.
[  502.612212][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  502.633387][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  502.763759][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  502.765640][ T5996] dvb-usb: error while querying for an remote control event.
[  502.789517][   T40] kauditd_printk_skb: 31 callbacks suppressed
[  502.789528][   T40] audit: type=1326 audit(1750857647.275:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12239 comm="syz.3.1165" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  502.923392][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  502.925426][ T5996] dvb-usb: error while querying for an remote control event.
[  503.093510][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  503.095459][ T5996] dvb-usb: error while querying for an remote control event.
[  503.135765][   T61] vhci_hcd: vhci_device speed not set
[  503.161492][T10398] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.165130][T10398] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  503.272139][T10398] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.273356][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  503.277900][   T24] dvb-usb: error while querying for an remote control event.
[  503.279105][T10398] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  503.375656][T10398] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.388732][T10398] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  503.433351][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  503.435166][   T24] dvb-usb: error while querying for an remote control event.
[  503.499178][T10398] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.506955][T10398] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  503.520833][T12246] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  503.524581][T12246] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  503.528437][T12246] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  503.532397][T12246] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  503.536498][T12246] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  503.561484][T12245] lo speed is unknown, defaulting to 1000
[  503.595788][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  503.597631][   T24] dvb-usb: error while querying for an remote control event.
[  503.674463][T10398] bridge_slave_1: left allmulticast mode
[  503.676411][T10398] bridge_slave_1: left promiscuous mode
[  503.678385][T10398] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.683811][T10398] bridge_slave_0: left allmulticast mode
[  503.685811][T10398] bridge_slave_0: left promiscuous mode
[  503.688612][T10398] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.702770][T12227] Set syz1 is full, maxelem 65536 reached
[  503.719802][ T6027] usb 9-1: USB disconnect, device number 17
[  503.729393][ T6027] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  503.964453][T10398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  503.969725][T10398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  503.973180][T10398] bond0 (unregistering): Released all slaves
[  504.021753][T12245] chnl_net:caif_netlink_parms(): no params data found
[  504.084110][T10398] IPVS: stopping master sync thread 10639 ...
[  504.096579][ T5996] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  504.106963][T12245] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.109993][T12245] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.113041][T12245] bridge_slave_0: entered allmulticast mode
[  504.117536][T12245] bridge_slave_0: entered promiscuous mode
[  504.124141][T12245] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.127139][T12245] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.130151][T12245] bridge_slave_1: entered allmulticast mode
[  504.133995][T12245] bridge_slave_1: entered promiscuous mode
[  504.186673][T12245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  504.197270][T12245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  504.230119][T12245] team0: Port device team_slave_0 added
[  504.237831][T12245] team0: Port device team_slave_1 added
[  504.253193][    C1] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  504.256235][T10604] usb 7-1: USB disconnect, device number 23
[  504.263480][ T5996] usb 8-1: Using ep0 maxpacket: 32
[  504.266359][ T5996] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  504.268968][ T5996] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  504.269755][T10604] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  504.271733][ T5996] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  504.281059][ T5996] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  504.284190][ T5996] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  504.287491][ T5996] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  504.291538][ T5996] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  504.295725][ T5996] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.320849][ T5996] usb 8-1: config 0 descriptor??
[  504.353963][T12245] batman_adv: batadv0: Adding interface: batadv_slave_0
[  504.356155][T12245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  504.364488][T12245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  504.373691][T12245] batman_adv: batadv0: Adding interface: batadv_slave_1
[  504.376295][T12245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  504.386444][T12245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  504.410048][T12270] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  504.431969][T12245] hsr_slave_0: entered promiscuous mode
[  504.434341][T12245] hsr_slave_1: entered promiscuous mode
[  504.436474][T12245] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  504.438838][T12245] Cannot create hsr debugfs directory
[  504.531452][ T5996] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 17 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  504.541375][ T5996] usb 8-1: USB disconnect, device number 17
[  504.546504][ T5996] usblp0: removed
[  505.334418][ T6281] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  505.457260][T12245] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  505.467978][T12245] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  505.474995][T12245] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  505.492620][T12245] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  505.543413][ T6281] usb 8-1: Using ep0 maxpacket: 32
[  505.543626][T12246] Bluetooth: hci0: command tx timeout
[  505.548500][ T6281] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  505.557801][ T6281] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  505.560536][ T6281] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  505.572477][ T6281] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  505.576208][ T6281] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  505.582203][ T6281] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  505.591245][T12301] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  505.638852][T12245] 8021q: adding VLAN 0 to HW filter on device bond0
[  505.649570][T12245] 8021q: adding VLAN 0 to HW filter on device team0
[  505.667817][T10030] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.670052][T10030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  505.679536][T10400] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.681586][ T6281] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  505.681799][T10400] bridge0: port 2(bridge_slave_1) entered forwarding state
[  505.684872][ T6281] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.690860][ T6281] usb 8-1: config 0 descriptor??
[  505.885354][T12245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  505.914018][ T6281] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 18 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  506.073797][T12328] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1178'.
[  506.165883][T12332] pim6reg: entered allmulticast mode
[  506.169304][T12332] pim6reg: left allmulticast mode
[  506.318615][T12245] veth0_vlan: entered promiscuous mode
[  506.339939][T12245] veth1_vlan: entered promiscuous mode
[  506.405759][T12245] veth0_macvtap: entered promiscuous mode
[  506.409506][T12245] veth1_macvtap: entered promiscuous mode
[  506.447836][T12245] batman_adv: batadv0: Interface activated: batadv_slave_0
[  506.455074][T12245] batman_adv: batadv0: Interface activated: batadv_slave_1
[  506.458847][T12245] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  506.461528][T12245] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  506.464311][T12245] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  506.466998][T12245] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  506.503531][   T34] usb 9-1: new full-speed USB device number 18 using dummy_hcd
[  506.584969][T10030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.587436][T10030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.613097][T10401] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.620160][T10401] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.685608][   T34] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  506.718765][   T34] usb 9-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  506.722259][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.738083][   T34] usb 9-1: Product: syz
[  506.739748][   T34] usb 9-1: Manufacturer: syz
[  506.741581][   T34] usb 9-1: SerialNumber: syz
[  506.746106][   T34] usb 9-1: config 0 descriptor??
[  506.753374][   T34] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  506.757654][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  506.775471][   T34] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  506.779249][   T34] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  506.784393][   T34] usb 9-1: media controller created
[  506.787293][   T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  506.792361][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  506.795126][   T34] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  506.801327][   T34] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb9/9-1/input/input71
[  506.807710][   T34] dvb-usb: schedule remote query interval to 150 msecs.
[  506.810322][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  506.825027][   T34] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  506.963449][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  506.965727][   T34] dvb-usb: error while querying for an remote control event.
[  506.996622][T12356] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  507.016864][T12361] netlink: 'syz.5.1168': attribute type 1 has an invalid length.
[  507.019645][T12361] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1168'.
[  507.030377][   T34] usb 9-1: USB disconnect, device number 18
[  507.040561][T10398] hsr_slave_0: left promiscuous mode
[  507.045977][T10398] hsr_slave_1: left promiscuous mode
[  507.048414][T10398] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  507.051336][T10398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  507.258287][ T6281] usb 8-1: USB disconnect, device number 18
[  507.261801][ T6281] usblp0: removed
[  507.280070][T10398] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  507.281451][   T34] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  507.282450][T10398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  507.345831][T10398] veth1_macvtap: left promiscuous mode
[  507.347619][T10398] veth0_macvtap: left promiscuous mode
[  507.349442][T10398] veth1_vlan: left promiscuous mode
[  507.351090][T10398] veth0_vlan: left promiscuous mode
[  507.388524][ T5314] IPVS: starting estimator thread 0...
[  507.473974][T12378] IPVS: using max 44 ests per chain, 105600 per kthread
[  507.633547][T12246] Bluetooth: hci0: command tx timeout
[  507.856723][   T34] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  507.988036][T10398] team0 (unregistering): Port device team_slave_1 removed
[  508.033375][   T34] usb 9-1: Using ep0 maxpacket: 8
[  508.036544][   T34] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  508.039231][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  508.042810][   T34] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  508.046736][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  508.050245][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  508.054640][   T34] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  508.057265][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  508.060702][   T34] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  508.064543][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  508.068726][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  508.073569][   T34] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  508.075933][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  508.079475][   T34] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  508.083147][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  508.090814][   T34] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  508.096728][   T34] usb 9-1: string descriptor 0 read error: -22
[  508.098725][   T34] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  508.101524][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.105804][T10398] team0 (unregistering): Port device team_slave_0 removed
[  508.119576][   T34] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  508.323824][ T5996] usb 9-1: USB disconnect, device number 19
[  508.341574][T12384] capability: warning: `syz.3.1186' uses deprecated v2 capabilities in a way that may be insecure
[  508.691312][T12361] : entered promiscuous mode
[  508.830847][ T5996] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  508.963786][T12246] Bluetooth: hci2: connection err: -111
[  508.967408][T12402] 9pnet_fd: Insufficient options for proto=fd
[  508.980609][T12405] netlink: 'syz.5.1190': attribute type 4 has an invalid length.
[  508.985767][T12403] 9pnet_fd: Insufficient options for proto=fd
[  508.987789][T12405] netlink: 'syz.5.1190': attribute type 4 has an invalid length.
[  509.563019][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  509.703490][T12246] Bluetooth: hci0: command tx timeout
[  509.772009][   T40] audit: type=1804 audit(1750857654.235:299): pid=12418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1192" name="/newroot/309/bus/bus" dev="overlay" ino=1650 res=1 errno=0
[  510.054288][T12421] pim6reg: entered allmulticast mode
[  510.058404][T12421] pim6reg: left allmulticast mode
[  510.343393][   T34] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  510.514373][   T34] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  510.521093][   T34] usb 10-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  510.524097][   T34] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.526873][   T34] usb 10-1: Product: syz
[  510.528405][   T34] usb 10-1: Manufacturer: syz
[  510.530136][   T34] usb 10-1: SerialNumber: syz
[  510.539359][T12426] netlink: 'syz.4.1194': attribute type 1 has an invalid length.
[  510.540304][   T34] usb 10-1: config 0 descriptor??
[  510.546389][   T34] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  510.550349][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  510.568309][   T34] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  510.572445][   T34] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  510.584250][   T34] usb 10-1: media controller created
[  510.586882][   T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  510.626496][T12430] overlay: Unknown parameter 'subj_type'
[  510.632897][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  510.635330][   T34] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  510.640425][   T34] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb10/10-1/input/input72
[  510.645662][   T34] dvb-usb: schedule remote query interval to 150 msecs.
[  510.647843][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  510.663635][   T34] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  510.750301][   T40] audit: type=1326 audit(1750857655.235:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12429 comm="syz.3.1196" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  510.803428][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  510.805338][   T34] dvb-usb: error while querying for an remote control event.
[  510.963391][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  510.965384][ T1452] dvb-usb: error while querying for an remote control event.
[  511.133969][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.135796][ T1452] dvb-usb: error while querying for an remote control event.
[  511.293446][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.299898][ T1452] dvb-usb: error while querying for an remote control event.
[  511.453469][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.459531][ T1452] dvb-usb: error while querying for an remote control event.
[  511.565651][T12450] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1199'.
[  511.633421][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.635316][ T1452] dvb-usb: error while querying for an remote control event.
[  511.793749][T12246] Bluetooth: hci0: command tx timeout
[  511.809102][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.811509][ T1452] dvb-usb: error while querying for an remote control event.
[  511.939519][T12460] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1201'.
[  511.942594][T12460] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1201'.
[  511.947714][T12460] netlink: 'syz.2.1201': attribute type 3 has an invalid length.
[  511.957761][T12460] netlink: 'syz.2.1201': attribute type 2 has an invalid length.
[  511.960410][T12460] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1201'.
[  511.973403][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  511.975220][ T1452] dvb-usb: error while querying for an remote control event.
[  511.981199][T12462] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  512.143849][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  512.146876][ T1452] dvb-usb: error while querying for an remote control event.
[  512.270401][T12421] Set syz1 is full, maxelem 65536 reached
[  512.278880][ T5996] usb 10-1: USB disconnect, device number 2
[  512.295295][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  512.493208][T12469] bridge_slave_0: left allmulticast mode
[  512.495201][T12469] bridge_slave_0: left promiscuous mode
[  512.497449][T12469] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.504609][T12469] bridge_slave_1: left allmulticast mode
[  512.506587][T12469] bridge_slave_1: left promiscuous mode
[  512.508710][T12469] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.524088][T12469] bond0: (slave bond_slave_0): Releasing backup interface
[  512.540035][T12469] bond0: (slave bond_slave_1): Releasing backup interface
[  512.591353][T12469] team0: Port device team_slave_0 removed
[  512.599095][T12469] team0: Port device team_slave_1 removed
[  512.630223][T12472] netlink: 'syz.2.1204': attribute type 23 has an invalid length.
[  512.668056][T12466] program syz.4.1203 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  515.401351][T12517] syz.5.1213 (12517) used greatest stack depth: 20744 bytes left
[  515.933150][T12549] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1222'.
[  515.959584][T12549] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1222'.
[  516.860270][T12599] netlink: 'syz.2.1225': attribute type 10 has an invalid length.
[  517.166725][T12613] netlink: 'syz.3.1230': attribute type 4 has an invalid length.
[  517.206650][T12618] 9pnet_fd: Insufficient options for proto=fd
[  517.209256][T12618] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1231'.
[  517.627174][T12626] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1234'.
[  517.630422][T12626] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1234'.
[  517.634739][T12626] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1234'.
[  518.493445][  T837] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  518.622556][T12641] bad cache= option: none        : no
[  518.622556][T12641] blocksize    : 1
[  518.622556][T12641] min keysize  : 20
[  518.622556][T12641] max keysize  : 36
[  518.622556][T12641] ivsize       : 8
[  518.622556][T12641] chunksize    : 16
[  518.622556][T12641] walksize     : 16
[  518.622556][T12641] statesize    : 0
[  518.622556][T12641] 
[  518.622556][T12641] name         : cbc(des)
[  518.622556][T12641] driver       : cbc(ecb(des-generic))
[  518.622556][T12641] module       : kernel
[  518.622556][T12641] priority     : 100
[  518.622556][T12641] refcnt       : 1
[  518.622556][T12641] selftest     : passed
[  518.622556][T12641] internal     : no
[  518.622556][T12641] type         : lskcipher
[  518.622556][T12641] blocksize    : 8
[  518.622556][T12641] min keysize  : 8
[  518.622556][T12641] max keysize  : 8
[  518.622556][T12641] ivsize       : 8
[  518.622556][T12641] chunksize    : 8
[  518.622556][T12641] statesize    : 0
[  518.622556][T12641] 
[  518.622556][T12641] name         : ecb(des)
[  518.622556][T12641] driver       : ecb(des-generic)
[  518.622556][T12641] module       : kernel
[  518.622556][T12641] priority     : 100
[  518.622556][T12641] refcnt       : 1
[  518.622556][T12641] selftest     : passed
[  518.622556][T12641] internal     : no
[  518.622556][T12641] type         : lskcipher
[  518.622556][T12641] blocksize    : 8
[  518.622556][T12641] min keysize  : 8
[  518.622556][T12641] max keysize  : 8
[  518.622556][T12641] ivsize       : 0
[  518.622556][T12641] chunksize    : 8
[  518.622556][T12641] statesize    : 0
[  518.622556][T12641] 
[  518.622556][T12641] name         : lrw(serpent)
[  518.622556][T12641] driver       : lrw(ecb-serpent-avx2)
[  518.622556][T12641] module       : kernel
[  518.622556][T12641] priority     : 600
[  518.622556][T12641] refcnt       : 1
[  518.622556][T12641] selftest     : passed
[  518.622556][T12641] internal     : no
[  518.622556][T12641] type         : skcipher
[  518.622556][T12641] async        : no
[  518.622940][T12641] CIFS: VFS: bad cache= option: none        : no
[  518.622940][T12641] blocksize    : 1
[  518.622940][T12641] min keysize  : 20
[  518.622940][T12641] max keysize  : 36
[  518.622940][T12641] ivsize       : 8
[  518.622940][T12641] chunksize    : 16
[  518.622940][T12641] walksize     : 16
[  518.622940][T12641] statesize    : 0
[  518.622940][T12641] 
[  518.622940][T12641] name         : cbc(des)
[  518.622940][T12641] driver       : cbc(ecb(des-generic))
[  518.622940][T12641] module       : kernel
[  518.622940][T12641] priority     : 100
[  518.622940][T12641] refcnt       : 1
[  518.622940][T12641] selftest     : passed
[  518.622940][T12641] internal     : no
[  518.622940][T12641] type         : lskcipher
[  518.622940][T12641] blocksize    : 8
[  518.622940][T12641] min keysize  : 8
[  518.622940][T12641] max keysize  : 8
[  518.622940][T12641] ivsize       : 8
[  518.622940][T12641] chunksize    : 8
[  518.622940][T12641] statesize    : 0
[  518.622940][T12641] 
[  518.622940][T12641] name         : ecb(des)
[  518.622940][T12641] driver       : ecb(des-generic)
[  518.622940][T12641] module       : kernel
[  518.622940][T12641] priority     : 100
[  518.622940][T12641] refcnt       : 1
[  518.622940][T12641] selftest     : passed
[  518.622940][T12641] internal     : no
[  518.622940][T12641] type         : lskcipher
[  518.622940][T12641] blocksize    : 8
[  518.622940][T12641] min keysize  : 8
[  518.622940][T12641] max keysize  : 8
[  518.622940][T12641] ivsize       : 0
[  518.622940][T12641] chunksize    : 8
[  518.622940][T12641] statesize    : 0
[  518.622940][T12641] 
[  518.622940][T12641] name         : lrw(serpent)
[  518.622940][T12641] driver       : lrw(ecb-serpent-avx2)
[  518.622940][T12641] module       : kernel
[  518.622940][T12641] priority     : 600
[  518.622940][T12641] refcnt       : 1
[  518.622940][T12641] selftest     : passed
[  518.622940][T12641] internal     : no
[  518.622940][T12641] type         : skcipher
[  518.703468][  T837] usb 9-1: Using ep0 maxpacket: 8
[  518.765268][  T837] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  518.768307][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  518.772837][  T837] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  518.778207][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 48, changing to 9
[  518.782695][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  518.788678][  T837] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  518.791797][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  518.796474][  T837] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  518.801178][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 48, changing to 9
[  518.805809][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  518.811423][  T837] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  518.814638][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  518.819135][  T837] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  518.824519][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 48, changing to 9
[  518.829024][  T837] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  518.836359][  T837] usb 9-1: string descriptor 0 read error: -22
[  518.839038][  T837] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  518.842715][  T837] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.852516][  T837] adutux 9-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  519.843927][T12649] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  519.847101][T12649] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  519.855293][T12649] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  519.857266][T12649] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  519.864357][T12649] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  520.969105][T12700] /dev/nullb0: Can't open blockdev
[  521.065688][  T837] usb 9-1: USB disconnect, device number 20
[  521.114799][T12707] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  521.226825][T12703] evm: overlay not supported
[  521.608967][T12735] overlay: Unknown parameter 'subj_type'
[  521.631819][T12736] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1256'.
[  521.637470][T12736] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  521.730859][   T40] audit: type=1326 audit(1750857666.215:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12734 comm="syz.3.1257" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x0
[  521.793445][T12246] Bluetooth: hci1: command 0x0406 tx timeout
[  521.864348][T12246] Bluetooth: hci0: command 0x0405 tx timeout
[  521.864358][ T5953] Bluetooth: hci2: command 0x0406 tx timeout
[  522.213469][T12741] fuse: Bad value for 'fd'
[  522.238472][T12741] lo speed is unknown, defaulting to 1000
[  523.045557][T12771] o2cb: This node has not been configured.
[  523.047681][T12771] o2cb: Cluster check failed. Fix errors before retrying.
[  523.050029][T12771] (syz.4.1266,12771,1):user_dlm_register:674 ERROR: status = -22
[  523.052629][T12771] (syz.4.1266,12771,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  523.145775][T12775] 8021q: VLANs not supported on ip_vti0
[  523.194198][T12778] overlay: Unknown parameter 'subj_type'
[  523.316996][   T40] audit: type=1326 audit(1750857667.805:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12777 comm="syz.5.1269" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x0
[  523.746444][T12785] 9pnet_fd: Insufficient options for proto=fd
[  523.748979][T12785] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1270'.
[  523.943635][ T5953] Bluetooth: hci0: command 0x0405 tx timeout
[  524.113415][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1274'.
[  524.365940][   T40] audit: type=1326 audit(1750857668.855:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.374115][   T40] audit: type=1326 audit(1750857668.855:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.382362][   T40] audit: type=1326 audit(1750857668.855:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.391392][   T40] audit: type=1326 audit(1750857668.855:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.400987][   T40] audit: type=1326 audit(1750857668.855:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.409231][   T40] audit: type=1326 audit(1750857668.855:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.418579][   T40] audit: type=1326 audit(1750857668.855:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.427910][   T40] audit: type=1326 audit(1750857668.855:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12798 comm="syz.2.1276" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000
[  524.615814][T12807] 9pnet_fd: Insufficient options for proto=fd
[  524.624950][T12807] netlink: 'syz.3.1279': attribute type 4 has an invalid length.
[  524.642014][   T61] lo speed is unknown, defaulting to 1000
[  524.644256][   T61] sy�: Port: 1 Link DOWN
[  524.647630][T12807] netlink: 'syz.3.1279': attribute type 4 has an invalid length.
[  524.652244][ T6819] lo speed is unknown, defaulting to 1000
[  524.654397][ T6819] sy�: Port: 1 Link ACTIVE
[  524.699366][T12810] overlay: Unknown parameter 'subj_type'
[  525.649732][T12846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1287'.
[  526.023537][T12246] Bluetooth: hci0: command 0x0405 tx timeout
[  526.182769][T12246] Bluetooth: hci1: Malformed LE Event: 0x0d
[  526.238652][T12246] Bluetooth: hci0: unexpected event for opcode 0x2011
[  526.545912][T12878] netlink: 'syz.5.1297': attribute type 10 has an invalid length.
[  526.552924][T12878] 8021q: adding VLAN 0 to HW filter on device team0
[  526.557643][T12878] bond0: (slave team0): Enslaving as an active interface with an up link
[  526.657080][T12880] program syz.4.1298 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  527.438210][T12895] @: renamed from vlan0 (while UP)
[  528.709963][T12926] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1311'.
[  529.316993][T12945] pim6reg: entered allmulticast mode
[  529.320775][T12945] pim6reg: left allmulticast mode
[  529.715370][T12948] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1318'.
[  530.275207][T12246] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  530.279350][T12246] Bluetooth: hci0: Injecting HCI hardware error event
[  530.283664][ T5953] Bluetooth: hci0: hardware error 0x00
[  530.640885][T12961] veth0_to_bond: entered allmulticast mode
[  530.644439][T12960] FAULT_INJECTION: forcing a failure.
[  530.644439][T12960] name failslab, interval 1, probability 0, space 0, times 0
[  530.648508][T12960] CPU: 2 UID: 0 PID: 12960 Comm: syz.3.1323 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  530.648524][T12960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  530.648531][T12960] Call Trace:
[  530.648535][T12960]  <TASK>
[  530.648540][T12960]  dump_stack_lvl+0x16c/0x1f0
[  530.648565][T12960]  should_fail_ex+0x512/0x640
[  530.648582][T12960]  ? fs_reclaim_acquire+0xae/0x150
[  530.648596][T12960]  ? tomoyo_encode2+0x100/0x3e0
[  530.648611][T12960]  should_failslab+0xc2/0x120
[  530.648623][T12960]  __kmalloc_noprof+0xd2/0x510
[  530.648638][T12960]  ? d_absolute_path+0x136/0x1a0
[  530.648652][T12960]  tomoyo_encode2+0x100/0x3e0
[  530.648669][T12960]  tomoyo_encode+0x29/0x50
[  530.648682][T12960]  tomoyo_realpath_from_path+0x18f/0x6e0
[  530.648702][T12960]  tomoyo_path_number_perm+0x245/0x580
[  530.648714][T12960]  ? tomoyo_path_number_perm+0x237/0x580
[  530.648728][T12960]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  530.648742][T12960]  ? arch_stack_walk+0xa6/0x100
[  530.648772][T12960]  ? __kasan_slab_free+0x51/0x70
[  530.648789][T12960]  ? kmem_cache_free+0x2d1/0x4d0
[  530.648806][T12960]  ? from_kgid+0x8f/0xd0
[  530.648823][T12960]  ? __pfx_from_kgid+0x10/0x10
[  530.648843][T12960]  tomoyo_path_chown+0x14b/0x1b0
[  530.648860][T12960]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  530.648877][T12960]  ? from_vfsuid+0xea/0x140
[  530.648888][T12960]  ? __pfx_from_vfsuid+0x10/0x10
[  530.648900][T12960]  security_path_chown+0x12a/0x2e0
[  530.648914][T12960]  chown_common+0x3d3/0x680
[  530.648928][T12960]  ? __pfx_chown_common+0x10/0x10
[  530.648939][T12960]  ? find_held_lock+0x2b/0x80
[  530.648954][T12960]  ? mnt_get_write_access+0x20c/0x300
[  530.648969][T12960]  do_fchownat+0x1a7/0x200
[  530.648980][T12960]  ? __pfx_do_fchownat+0x10/0x10
[  530.648991][T12960]  ? __pfx_ksys_write+0x10/0x10
[  530.649009][T12960]  __ia32_sys_lchown16+0xe6/0x120
[  530.649023][T12960]  __do_fast_syscall_32+0x7c/0x3a0
[  530.649042][T12960]  do_fast_syscall_32+0x32/0x80
[  530.649059][T12960]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  530.649073][T12960] RIP: 0023:0xf704e579
[  530.649081][T12960] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  530.649092][T12960] RSP: 002b:00000000f503e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000010
[  530.649103][T12960] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 000000000000ee01
[  530.649110][T12960] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000000
[  530.649116][T12960] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  530.649122][T12960] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  530.649128][T12960] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  530.649142][T12960]  </TASK>
[  530.649154][T12960] ERROR: Out of memory at tomoyo_realpath_from_path.
[  530.773530][T12963] random: crng reseeded on system resumption
[  530.782294][T12963] Restarting kernel threads ...
[  530.785025][T12963] Done restarting kernel threads.
[  531.483770][T12945] Set syz1 is full, maxelem 65536 reached
[  532.229151][T12998] No control pipe specified
[  532.343416][ T5953] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  532.773573][T13017] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  533.032685][T13021] pim6reg: entered allmulticast mode
[  533.035624][T13021] pim6reg: left allmulticast mode
[  533.565752][T13025] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  533.652854][T13025] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  533.665149][T13036] IPVS: set_ctl: invalid protocol: 59 224.0.0.2:20001
[  533.669537][T13036] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1347'.
[  533.753531][T13041] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1349'.
[  533.765945][T13025] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  533.928376][T13025] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  534.242829][T13055] overlay: filesystem on ./bus not supported as upperdir
[  534.506469][T13025] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  534.514901][T13025] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  534.522611][T13025] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  534.530630][T13025] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  534.936017][ T1452] IPVS: starting estimator thread 0...
[  534.963975][T13076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1360'.
[  535.024426][T13072] IPVS: using max 44 ests per chain, 105600 per kthread
[  535.161965][T13066] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  535.172431][T13066] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  535.227894][T13074] lo speed is unknown, defaulting to 1000
[  535.326367][T13081] openvswitch: : Dropping previously announced user features
[  535.829999][T13089] syz.3.1357 (13089) used greatest stack depth: 19240 bytes left
[  536.249732][T13107] ipvlan0: entered promiscuous mode
[  536.251500][T13107] ipvlan0: entered allmulticast mode
[  536.253268][T13107] veth0_vlan: entered allmulticast mode
[  536.845604][T13120] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1369'.
[  537.037997][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  537.038009][   T40] audit: type=1326 audit(1750857681.525:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13123 comm="syz.5.1371" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x0
[  537.073834][ T5953] Bluetooth: hci1: command 0x0406 tx timeout
[  537.168104][T13133] afs: Unknown parameter ''
[  537.238653][ T5953] Bluetooth: hci2: command 0x0406 tx timeout
[  537.247048][T13139] [U] 
[  537.248130][T13139] [U] 
[  537.249029][T13139] [U] 
[  537.249952][T13139] [U] 
[  537.254118][T13139] [U] 
[  537.255356][T13139] [U] 
[  537.256521][T13139] [U] 
[  537.257682][T13139] [U] 
[  537.260201][T13139] [U] 
[  537.261402][T13139] [U] 
[  537.262587][T13139] [U] 
[  537.263790][T13139] [U] 
[  537.281561][T13134] [U] 
[  537.303094][T13143] wireguard0: entered promiscuous mode
[  537.305578][T13143] wireguard0: entered allmulticast mode
[  537.520376][T13157] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  537.579508][T13161] pim6reg: entered allmulticast mode
[  537.583839][T13161] pim6reg: left allmulticast mode
[  537.869851][T13168] pim6reg: entered allmulticast mode
[  537.881050][T13168] pim6reg: left allmulticast mode
[  537.947793][T13162] Cannot find del_set index 3 as target
[  538.075586][T13175] random: crng reseeded on system resumption
[  538.205772][ T5996] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  538.388329][ T5996] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  538.388421][T13184] IPVS: Error connecting to the multicast addr
[  538.394914][ T5996] usb 10-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  538.400633][ T5996] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.406090][ T5996] usb 10-1: Product: syz
[  538.407583][ T5996] usb 10-1: Manufacturer: syz
[  538.410032][ T5996] usb 10-1: SerialNumber: syz
[  538.417545][ T5996] usb 10-1: config 0 descriptor??
[  538.421865][ T5996] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  538.427900][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  538.479143][ T5996] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  538.483255][ T5996] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  538.501139][ T5996] usb 10-1: media controller created
[  538.506562][ T5996] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  538.526504][ T5996] dvb-usb: bulk message failed: -22 (6/0)
[  538.530661][ T5996] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  538.546386][ T5996] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb10/10-1/input/input76
[  538.552319][T13198] syz.4.1390 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  538.557364][ T5996] dvb-usb: schedule remote query interval to 150 msecs.
[  538.562089][T13194] can0: slcan on ttyS3.
[  538.565315][ T5996] dvb-usb: bulk message failed: -22 (3/0)
[  538.594002][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  538.670094][T13194] can0 (unregistered): slcan off ttyS3.
[  538.733496][ T5996] dvb-usb: bulk message failed: -22 (1/0)
[  538.735392][ T5996] dvb-usb: error while querying for an remote control event.
[  538.774567][T13212] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.1391'.
[  538.842398][ T5996] usb 10-1: USB disconnect, device number 3
[  538.922674][ T5996] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.
[  540.008959][T13239] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1396'.
[  540.223913][T13163] Set syz1 is full, maxelem 65536 reached
[  540.314124][ T5996] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  540.473448][ T5996] usb 10-1: Using ep0 maxpacket: 32
[  540.479275][ T5996] usb 10-1: New USB device found, idVendor=084f, idProduct=0001, bcdDevice=e0.b8
[  540.482054][ T5996] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.485055][ T5996] usb 10-1: Product: syz
[  540.486440][ T5996] usb 10-1: Manufacturer: syz
[  540.487929][ T5996] usb 10-1: SerialNumber: syz
[  540.490538][ T5996] usb 10-1: config 0 descriptor??
[  540.493459][ T5996] empeg 10-1:0.0: empeg converter detected
[  540.495539][ T5996] usb 10-1: active config #0 != 1 ??
[  541.243526][T10604] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  541.373436][T10604] usb 8-1: device descriptor read/64, error -71
[  541.713371][T10604] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  541.797589][T13276] netlink: 'syz.4.1410': attribute type 1 has an invalid length.
[  541.800078][T13276] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1410'.
[  541.853420][T10604] usb 8-1: device descriptor read/64, error -71
[  541.964618][T10604] usb usb8-port1: attempt power cycle
[  542.313393][T10604] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  542.334008][T10604] usb 8-1: device descriptor read/8, error -71
[  542.653452][T10604] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  542.684140][T10604] usb 8-1: device descriptor read/8, error -71
[  542.753461][T12246] Bluetooth: hci2: command 0x0406 tx timeout
[  542.803588][T10604] usb usb8-port1: unable to enumerate USB device
[  543.134360][    T9] usb 10-1: USB disconnect, device number 4
[  544.001976][T13296] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  544.374164][    T9] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  544.533383][    T9] usb 8-1: Using ep0 maxpacket: 8
[  544.536450][    T9] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  544.539314][    T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  544.542482][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  544.545718][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  544.549502][    T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  544.556792][    T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  544.562729][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.776176][    T9] usb 8-1: GET_CAPABILITIES returned 0
[  544.778076][    T9] usbtmc 8-1:16.0: can't read capabilities
[  544.979146][    T9] usb 8-1: USB disconnect, device number 23
[  544.993529][ T6281] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  545.273759][ T6281] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  545.277262][ T6281] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  545.280640][ T6281] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  545.284518][ T6281] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.297641][T13313] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  545.312459][ T6281] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  547.191874][T13363] Cannot find del_set index 3 as target
[  547.329933][T13366] pim6reg: entered allmulticast mode
[  547.353647][T13366] pim6reg: left allmulticast mode
[  547.703459][ T6819] usb 8-1: new full-speed USB device number 24 using dummy_hcd
[  547.793683][    T9] usb 9-1: USB disconnect, device number 21
[  547.874647][ T6819] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.881154][ T6819] usb 8-1: New USB device found, idVendor=1822, idProduct=3202, bcdDevice=13.4a
[  547.885253][ T6819] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.887839][ T6819] usb 8-1: Product: syz
[  547.889136][ T6819] usb 8-1: Manufacturer: syz
[  547.890603][ T6819] usb 8-1: SerialNumber: syz
[  547.892972][T13383] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1442'.
[  547.901707][ T6819] usb 8-1: config 0 descriptor??
[  547.907685][ T6819] dvb-usb: found a 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device' in warm state.
[  547.911063][ T6819] dvb-usb: bulk message failed: -22 (3/0)
[  547.931903][ T6819] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  547.936278][ T6819] dvbdev: DVB: registering new adapter (TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device)
[  547.940071][ T6819] usb 8-1: media controller created
[  547.942539][ T6819] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  547.960103][ T6819] dvb-usb: bulk message failed: -22 (6/0)
[  547.961948][ T6819] dvb-usb: no frontend was attached by 'TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device'
[  547.973473][ T6819] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input77
[  547.983452][ T6819] dvb-usb: schedule remote query interval to 150 msecs.
[  547.985649][ T6819] dvb-usb: bulk message failed: -22 (3/0)
[  548.003457][ T6819] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I / HAMA USB1.1 DVB-T device successfully initialized and connected.
[  548.088028][T13389] Cannot find del_set index 3 as target
[  548.143433][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  548.145600][ T6819] dvb-usb: error while querying for an remote control event.
[  548.315335][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  548.315393][  T837] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  548.322722][ T6819] dvb-usb: error while querying for an remote control event.
[  548.483371][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  548.485693][ T6819] dvb-usb: error while querying for an remote control event.
[  548.499635][  T837] usb 10-1: Using ep0 maxpacket: 32
[  548.526587][  T837] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[  548.529555][  T837] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  548.533875][  T837] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  548.537793][  T837] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  548.541513][  T837] usb 10-1: config 0 interface 0 has no altsetting 0
[  548.545908][  T837] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  548.548715][  T837] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  548.551158][  T837] usb 10-1: Product: syz
[  548.552456][  T837] usb 10-1: Manufacturer: syz
[  548.554195][  T837] usb 10-1: SerialNumber: syz
[  548.556989][  T837] usb 10-1: config 0 descriptor??
[  548.560851][  T837] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  548.564924][  T837] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  548.643580][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  548.645433][ T6819] dvb-usb: error while querying for an remote control event.
[  548.804521][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  548.807704][ T6819] dvb-usb: error while querying for an remote control event.
[  548.833894][ T6819] usb 10-1: USB disconnect, device number 5
[  548.833968][    C3] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[  548.844504][T13388] ldusb 10-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  548.850367][ T6819] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  548.895694][T13399] FAULT_INJECTION: forcing a failure.
[  548.895694][T13399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.896843][T13399] 
[  548.896850][T13399] ======================================================
[  548.896857][T13399] WARNING: possible circular locking dependency detected
[  548.896864][T13399] 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 Not tainted
[  548.896874][T13399] ------------------------------------------------------
[  548.896879][T13399] syz.4.1448/13399 is trying to acquire lock:
[  548.896888][T13399] ffffffff8e4d1d60 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  548.896938][T13399] 
[  548.896938][T13399] but task is already holding lock:
[  548.896944][T13399] ffff88802b43a418 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  548.896980][T13399] 
[  548.896980][T13399] which lock already depends on the new lock.
[  548.896980][T13399] 
[  548.896986][T13399] 
[  548.896986][T13399] the existing dependency chain (in reverse order) is:
[  548.896992][T13399] 
[  548.896992][T13399] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  548.897014][T13399]        _raw_spin_lock_nested+0x31/0x40
[  548.897035][T13399]        raw_spin_rq_lock_nested+0x29/0x130
[  548.897050][T13399]        task_rq_lock+0xcf/0x490
[  548.897065][T13399]        cgroup_move_task+0x81/0x2a0
[  548.897082][T13399]        css_set_move_task+0x288/0x5f0
[  548.897101][T13399]        cgroup_post_fork+0x201/0x9e0
[  548.897114][T13399]        copy_process+0x5cfc/0x76a0
[  548.897131][T13399]        kernel_clone+0xfc/0x960
[  548.897155][T13399]        user_mode_thread+0xc7/0x110
[  548.897174][T13399]        rest_init+0x23/0x2b0
[  548.897191][T13399]        start_kernel+0x3ee/0x4d0
[  548.897226][T13399]        x86_64_start_reservations+0x18/0x30
[  548.897246][T13399]        x86_64_start_kernel+0x130/0x190
[  548.897264][T13399]        common_startup_64+0x13e/0x148
[  548.897290][T13399] 
[  548.897290][T13399] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  548.897311][T13399]        _raw_spin_lock_irqsave+0x3a/0x60
[  548.897332][T13399]        try_to_wake_up+0xb2/0x1680
[  548.897346][T13399]        __wake_up_common+0x135/0x1f0
[  548.897366][T13399]        __wake_up+0x31/0x60
[  548.897382][T13399]        tty_port_default_wakeup+0x2a/0x40
[  548.897398][T13399]        serial8250_tx_chars+0x68e/0x860
[  548.897414][T13399]        serial8250_handle_irq+0x761/0xcb0
[  548.897431][T13399]        serial8250_default_handle_irq+0x9a/0x210
[  548.897447][T13399]        serial8250_interrupt+0x103/0x210
[  548.897465][T13399]        __handle_irq_event_percpu+0x229/0x7d0
[  548.897480][T13399]        handle_irq_event+0xab/0x1e0
[  548.897494][T13399]        handle_edge_irq+0x28e/0xab0
[  548.897518][T13399]        __common_interrupt+0xdf/0x250
[  548.897537][T13399]        common_interrupt+0xba/0xe0
[  548.897554][T13399]        asm_common_interrupt+0x26/0x40
[  548.897570][T13399]        pv_native_safe_halt+0xf/0x20
[  548.897591][T13399]        default_idle+0x13/0x20
[  548.897606][T13399]        default_idle_call+0x6d/0xb0
[  548.897620][T13399]        do_idle+0x391/0x510
[  548.897634][T13399]        cpu_startup_entry+0x4f/0x60
[  548.897650][T13399]        start_secondary+0x21d/0x2b0
[  548.897668][T13399]        common_startup_64+0x13e/0x148
[  548.897692][T13399] 
[  548.897692][T13399] -> #2 (&tty->write_wait){-...}-{3:3}:
[  548.897714][T13399]        _raw_spin_lock_irqsave+0x3a/0x60
[  548.897735][T13399]        __wake_up+0x1c/0x60
[  548.897751][T13399]        tty_port_default_wakeup+0x2a/0x40
[  548.897766][T13399]        serial8250_tx_chars+0x68e/0x860
[  548.897781][T13399]        serial8250_handle_irq+0x761/0xcb0
[  548.897798][T13399]        serial8250_default_handle_irq+0x9a/0x210
[  548.897815][T13399]        serial8250_interrupt+0x103/0x210
[  548.897832][T13399]        __handle_irq_event_percpu+0x229/0x7d0
[  548.897847][T13399]        handle_irq_event+0xab/0x1e0
[  548.897862][T13399]        handle_edge_irq+0x28e/0xab0
[  548.897885][T13399]        __common_interrupt+0xdf/0x250
[  548.897902][T13399]        common_interrupt+0xba/0xe0
[  548.897918][T13399]        asm_common_interrupt+0x26/0x40
[  548.897932][T13399]        pv_native_safe_halt+0xf/0x20
[  548.897952][T13399]        default_idle+0x13/0x20
[  548.897965][T13399]        default_idle_call+0x6d/0xb0
[  548.897980][T13399]        do_idle+0x391/0x510
[  548.897994][T13399]        cpu_startup_entry+0x4f/0x60
[  548.898009][T13399]        start_secondary+0x21d/0x2b0
[  548.898027][T13399]        common_startup_64+0x13e/0x148
[  548.898052][T13399] 
[  548.898052][T13399] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  548.898072][T13399]        _raw_spin_lock_irqsave+0x3a/0x60
[  548.898094][T13399]        serial8250_console_write+0x181/0x1890
[  548.898112][T13399]        console_flush_all+0x801/0xc60
[  548.898127][T13399]        console_unlock+0xd8/0x210
[  548.898147][T13399]        vprintk_emit+0x418/0x6d0
[  548.898162][T13399]        _printk+0xc7/0x100
[  548.898182][T13399]        register_console+0xc2d/0x11b0
[  548.898198][T13399]        univ8250_console_init+0x5f/0x90
[  548.898217][T13399]        console_init+0x14f/0x680
[  548.898237][T13399]        start_kernel+0x29f/0x4d0
[  548.898255][T13399]        x86_64_start_reservations+0x18/0x30
[  548.898274][T13399]        x86_64_start_kernel+0x130/0x190
[  548.898291][T13399]        common_startup_64+0x13e/0x148
[  548.898315][T13399] 
[  548.898315][T13399] -> #0 (console_owner){-.-.}-{0:0}:
[  548.898338][T13399]        __lock_acquire+0x126f/0x1c90
[  548.898358][T13399]        lock_acquire+0x179/0x350
[  548.898377][T13399]        console_lock_spinning_enable+0xb0/0xd0
[  548.898402][T13399]        console_flush_all+0x7aa/0xc60
[  548.898415][T13399]        console_unlock+0xd8/0x210
[  548.898429][T13399]        vprintk_emit+0x418/0x6d0
[  548.898443][T13399]        _printk+0xc7/0x100
[  548.898463][T13399]        should_fail_ex+0x4e7/0x640
[  548.898486][T13399]        strncpy_from_user+0x3b/0x2e0
[  548.898505][T13399]        strncpy_from_user_nofault+0x7f/0x180
[  548.898522][T13399]        bpf_bprintf_prepare+0xe6e/0x14a0
[  548.898539][T13399]        bpf_trace_printk+0xda/0x190
[  548.898558][T13399]        bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  548.898572][T13399]        bpf_trace_run2+0x230/0x590
[  548.898592][T13399]        __bpf_trace_contention_begin+0xc9/0x110
[  548.898614][T13399]        __traceiter_contention_begin+0x5d/0xa0
[  548.898634][T13399]        trace_contention_begin.constprop.0+0xde/0x160
[  548.898659][T13399]        __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  548.898683][T13399]        do_raw_spin_lock+0x20e/0x2b0
[  548.898706][T13399]        raw_spin_rq_lock_nested+0x7e/0x130
[  548.898722][T13399]        __schedule+0x301/0x5de0
[  548.898742][T13399]        schedule+0xe7/0x3a0
[  548.898764][T13399]        exit_to_user_mode_loop+0x67/0x110
[  548.898789][T13399]        __do_fast_syscall_32+0x2ac/0x3a0
[  548.898814][T13399]        do_fast_syscall_32+0x32/0x80
[  548.898838][T13399]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  548.898858][T13399] 
[  548.898858][T13399] other info that might help us debug this:
[  548.898858][T13399] 
[  548.898863][T13399] Chain exists of:
[  548.898863][T13399]   console_owner --> &p->pi_lock --> &rq->__lock
[  548.898863][T13399] 
[  548.898889][T13399]  Possible unsafe locking scenario:
[  548.898889][T13399] 
[  548.898917][T13399]        CPU0                    CPU1
[  548.898922][T13399]        ----                    ----
[  548.898927][T13399]   lock(&rq->__lock);
[  548.898938][T13399]                                lock(&p->pi_lock);
[  548.898949][T13399]                                lock(&rq->__lock);
[  548.898961][T13399]   lock(console_owner);
[  548.898972][T13399] 
[  548.898972][T13399]  *** DEADLOCK ***
[  548.898972][T13399] 
[  548.898976][T13399] 4 locks held by syz.4.1448/13399:
[  548.898987][T13399]  #0: ffff88802b43a418 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  548.899027][T13399]  #1: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1b6/0x590
[  548.899072][T13399]  #2: ffffffff8e5b21a0 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  548.899113][T13399]  #3: ffffffff8e5b2210 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  548.899158][T13399] 
[  548.899158][T13399] stack backtrace:
[  548.899167][T13399] CPU: 3 UID: 0 PID: 13399 Comm: syz.4.1448 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  548.899190][T13399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  548.899201][T13399] Call Trace:
[  548.899207][T13399]  <TASK>
[  548.899215][T13399]  dump_stack_lvl+0x116/0x1f0
[  548.899241][T13399]  print_circular_bug+0x275/0x350
[  548.899264][T13399]  check_noncircular+0x14c/0x170
[  548.899289][T13399]  __lock_acquire+0x126f/0x1c90
[  548.899315][T13399]  lock_acquire+0x179/0x350
[  548.899336][T13399]  ? console_lock_spinning_enable+0x9f/0xd0
[  548.899364][T13399]  ? console_lock_spinning_enable+0x88/0xd0
[  548.899393][T13399]  console_lock_spinning_enable+0xb0/0xd0
[  548.899420][T13399]  ? console_lock_spinning_enable+0x9f/0xd0
[  548.899446][T13399]  console_flush_all+0x7aa/0xc60
[  548.899466][T13399]  ? __pfx_console_flush_all+0x10/0x10
[  548.899486][T13399]  ? is_printk_cpu_sync_owner+0x32/0x40
[  548.899507][T13399]  console_unlock+0xd8/0x210
[  548.899522][T13399]  ? __pfx_console_unlock+0x10/0x10
[  548.899538][T13399]  ? do_raw_spin_unlock+0xe0/0x230
[  548.899562][T13399]  ? _printk+0xc7/0x100
[  548.899582][T13399]  ? __down_trylock_console_sem+0xb0/0x140
[  548.899607][T13399]  vprintk_emit+0x418/0x6d0
[  548.899625][T13399]  ? __pfx_vprintk_emit+0x10/0x10
[  548.899642][T13399]  ? __pfx_stack_trace_save+0x10/0x10
[  548.899662][T13399]  ? cmp_ex_search+0x8b/0xb0
[  548.899687][T13399]  _printk+0xc7/0x100
[  548.899707][T13399]  ? __pfx__printk+0x10/0x10
[  548.899730][T13399]  ? strncpy_from_user+0x1d5/0x2e0
[  548.899752][T13399]  ? __update_page_owner_handle+0x395/0x550
[  548.899779][T13399]  ? __pfx____ratelimit+0x10/0x10
[  548.899802][T13399]  ? __pfx_trace_clock_local+0x10/0x10
[  548.899829][T13399]  should_fail_ex+0x4e7/0x640
[  548.899854][T13399]  strncpy_from_user+0x3b/0x2e0
[  548.899877][T13399]  strncpy_from_user_nofault+0x7f/0x180
[  548.899894][T13399]  bpf_bprintf_prepare+0xe6e/0x14a0
[  548.899915][T13399]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  548.899936][T13399]  ? bpf_trace_run2+0x3db/0x590
[  548.899958][T13399]  bpf_trace_printk+0xda/0x190
[  548.899978][T13399]  ? __pfx_bpf_trace_printk+0x10/0x10
[  548.900001][T13399]  ? bpf_trace_run2+0x3db/0x590
[  548.900027][T13399]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  548.900041][T13399]  bpf_trace_run2+0x230/0x590
[  548.900064][T13399]  ? __pfx_bpf_trace_run2+0x10/0x10
[  548.900086][T13399]  ? __lock_acquire+0x622/0x1c90
[  548.900109][T13399]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  548.900131][T13399]  __bpf_trace_contention_begin+0xc9/0x110
[  548.900158][T13399]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  548.900181][T13399]  ? _kstrtoull+0x145/0x200
[  548.900199][T13399]  ? __pfx__kstrtoull+0x10/0x10
[  548.900221][T13399]  __traceiter_contention_begin+0x5d/0xa0
[  548.900242][T13399]  trace_contention_begin.constprop.0+0xde/0x160
[  548.900268][T13399]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  548.900295][T13399]  ? __lock_acquire+0xb8a/0x1c90
[  548.900316][T13399]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  548.900346][T13399]  do_raw_spin_lock+0x20e/0x2b0
[  548.900372][T13399]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  548.900395][T13399]  ? rcu_qs+0x2b/0xe0
[  548.900410][T13399]  ? rcu_note_context_switch+0x192/0x1e00
[  548.900439][T13399]  raw_spin_rq_lock_nested+0x7e/0x130
[  548.900457][T13399]  ? schedule+0xe7/0x3a0
[  548.900478][T13399]  ? schedule+0xe7/0x3a0
[  548.900498][T13399]  __schedule+0x301/0x5de0
[  548.900520][T13399]  ? ksys_write+0x190/0x250
[  548.900548][T13399]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  548.900575][T13399]  ? __pfx___schedule+0x10/0x10
[  548.900597][T13399]  ? __fget_files+0x20e/0x3c0
[  548.900619][T13399]  ? handle_mm_fault+0x220/0xd10
[  548.900643][T13399]  ? fput+0x70/0xf0
[  548.900660][T13399]  ? ksys_write+0x1ac/0x250
[  548.900684][T13399]  schedule+0xe7/0x3a0
[  548.900707][T13399]  exit_to_user_mode_loop+0x67/0x110
[  548.900734][T13399]  __do_fast_syscall_32+0x2ac/0x3a0
[  548.900760][T13399]  do_fast_syscall_32+0x32/0x80
[  548.900786][T13399]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  548.900809][T13399] RIP: 0023:0xf7fd3579
[  548.900822][T13399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  548.900840][T13399] RSP: 002b:00000000f50d5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  548.900856][T13399] RAX: 0000000000000001 RBX: 0000000000000007 RCX: 00000000f50d5610
[  548.900867][T13399] RDX: 0000000000000001 RSI: 00000000f7463ff4 RDI: 0000000000000000
[  548.900878][T13399] RBP: 00000000f7495010 R08: 0000000000000000 R09: 0000000000000000
[  548.900888][T13399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  548.900898][T13399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  548.900914][T13399]  </TASK>
[  549.321101][T13399] CPU: 3 UID: 0 PID: 13399 Comm: syz.4.1448 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  549.321118][T13399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  549.321125][T13399] Call Trace:
[  549.321130][T13399]  <TASK>
[  549.321134][T13399]  dump_stack_lvl+0x116/0x1f0
[  549.321158][T13399]  should_fail_ex+0x512/0x640
[  549.321175][T13399]  strncpy_from_user+0x3b/0x2e0
[  549.321190][T13399]  strncpy_from_user_nofault+0x7f/0x180
[  549.321202][T13399]  bpf_bprintf_prepare+0xe6e/0x14a0
[  549.321216][T13399]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  549.321229][T13399]  ? bpf_trace_run2+0x3db/0x590
[  549.321245][T13399]  bpf_trace_printk+0xda/0x190
[  549.321258][T13399]  ? __pfx_bpf_trace_printk+0x10/0x10
[  549.321272][T13399]  ? bpf_trace_run2+0x3db/0x590
[  549.321290][T13399]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  549.321299][T13399]  bpf_trace_run2+0x230/0x590
[  549.321314][T13399]  ? __pfx_bpf_trace_run2+0x10/0x10
[  549.321330][T13399]  ? __lock_acquire+0x622/0x1c90
[  549.321345][T13399]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  549.321360][T13399]  __bpf_trace_contention_begin+0xc9/0x110
[  549.321376][T13399]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  549.321391][T13399]  ? _kstrtoull+0x145/0x200
[  549.321403][T13399]  ? __pfx__kstrtoull+0x10/0x10
[  549.321416][T13399]  __traceiter_contention_begin+0x5d/0xa0
[  549.321432][T13399]  trace_contention_begin.constprop.0+0xde/0x160
[  549.321450][T13399]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  549.321469][T13399]  ? __lock_acquire+0xb8a/0x1c90
[  549.321483][T13399]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  549.321502][T13399]  do_raw_spin_lock+0x20e/0x2b0
[  549.321519][T13399]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  549.321535][T13399]  ? rcu_qs+0x2b/0xe0
[  549.321545][T13399]  ? rcu_note_context_switch+0x192/0x1e00
[  549.321564][T13399]  raw_spin_rq_lock_nested+0x7e/0x130
[  549.321576][T13399]  ? schedule+0xe7/0x3a0
[  549.321589][T13399]  ? schedule+0xe7/0x3a0
[  549.321603][T13399]  __schedule+0x301/0x5de0
[  549.321617][T13399]  ? ksys_write+0x190/0x250
[  549.321635][T13399]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  549.321652][T13399]  ? __pfx___schedule+0x10/0x10
[  549.321666][T13399]  ? __fget_files+0x20e/0x3c0
[  549.321680][T13399]  ? handle_mm_fault+0x220/0xd10
[  549.321695][T13399]  ? fput+0x70/0xf0
[  549.321705][T13399]  ? ksys_write+0x1ac/0x250
[  549.321721][T13399]  schedule+0xe7/0x3a0
[  549.321735][T13399]  exit_to_user_mode_loop+0x67/0x110
[  549.321753][T13399]  __do_fast_syscall_32+0x2ac/0x3a0
[  549.321771][T13399]  do_fast_syscall_32+0x32/0x80
[  549.321787][T13399]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  549.321801][T13399] RIP: 0023:0xf7fd3579
[  549.321810][T13399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  549.321822][T13399] RSP: 002b:00000000f50d5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  549.321833][T13399] RAX: 0000000000000001 RBX: 0000000000000007 RCX: 00000000f50d5610
[  549.321840][T13399] RDX: 0000000000000001 RSI: 00000000f7463ff4 RDI: 0000000000000000
[  549.321847][T13399] RBP: 00000000f7495010 R08: 0000000000000000 R09: 0000000000000000
[  549.321854][T13399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  549.321860][T13399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  549.321870][T13399]  </TASK>
[  549.431784][ T1452] dvb-usb: bulk message failed: -22 (1/0)
[  549.433697][ T1452] dvb-usb: error while querying for an remote control event.
[  549.603605][ T6819] dvb-usb: bulk message failed: -22 (1/0)
[  549.605985][ T6819] dvb-usb: error while querying for an remote control event.
[  549.723024][T13366] Set syz1 is full, maxelem 65536 reached
[  549.741791][T10604] usb 8-1: USB disconnect, device number 24
[  549.785266][T10604] dvb-usb: TwinhanDTV USB-Ter USB1.1 / Magic Box I successfully deinitialized and disconnected.

VM DIAGNOSIS:
13:21:33  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000014 RCX=ffffffff81be01d6 RDX=ffff88802020c880
RSI=ffffffff81be011a RDI=0000000000000004 RBP=0000000000000c1c RSP=ffffc90002f0f048
R8 =0000000000000004 R9 =0000000000000c1c R10=0000000000000ed8 R11=0000000000000000
R12=0000000000000ed8 R13=0000007fcf405b13 R14=ffffc90002f0f0f0 R15=ffff88801b88dc18
RIP=ffffffff81bb8a66 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097560000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000029038000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffc9000d43eb98 RCX=ffffffff914b2501 RDX=1ffff92001a87d9c
RSI=ffffffff82213a61 RDI=ffffc9000d43ec64 RBP=ffffc9000d43ece0 RSP=ffffc9000d43eb88
R8 =ffffffff914b25f6 R9 =0000000000000000 R10=ffffc9000d43eb98 R11=000000000001216c
R12=ffffffff81a708c0 R13=ffffc9000d43ec58 R14=0000000000000000 R15=ffff888023982440
RIP=ffffffff81a709ab RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097660000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000029038000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefefc00 Opmask01=0000000000000000 Opmask02=00000000ffff7fdf Opmask03=0000000001041000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558f263f8660
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558f263fdd50
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73001605121f0073 431e161e035c1810
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1c1f115c435d4316 10120300161e121d
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d30312f303162 73752f352e646368 5f796d6d75642f6d 726f6674616c702f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fda4cbf1b30 0048544150564544 0000000000000021 644100302e303a31
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 007766736c6d6172 2c4142312c433931 2c3739312c353931 2c3339312c323931
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c3139312c303931 2c4638312c453831 2c4238312c393831 2c3838312c353831
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c3438312c313831 2c3937312c373731 2c3437312c443631 2c4336312c363631
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c3336312c313631 2c3036312c30462c 46442c30442c4643 2c38412c37412c46
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000000 RBX=ffff88802b433228 RCX=0000000000000002 RDX=1ffff11005686645
RSI=ffffffff8c156520 RDI=ffffffff8df1ddb0 RBP=0000000000000002 RSP=ffffc9000e8af940
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=ffffffff9af2c680
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81a0e5fc RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097760000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000804bc000 CR3=000000006612d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000005b0 0000001400000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f7665642f01ffff ffffffffffffed08 0480033c000005c3 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9608000e88031008 000e800300040020 8408000e800201c7 0800080147e00030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265646e69622f73 667265646e69622f 2e01ffffffffffff ffffd9080e800320
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 808008000fffffff ff02010800060167 c220080006080020 0800060173960008
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006080022080006 016fcc0004000008 0004800201c70800 080148ce006d766b
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003028002088285 b98c080001000010 080606011ee80004 02b0030180801000
ZMM25=764426d7764426d7 764426d7764426d7 764426d7764426d7 764426d7764426d7 764426d7764426d7 764426d7764426d7 764426d7764426d7 764426d7764426d7
ZMM26=c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a c8b4ba1ac8b4ba1a
ZMM27=745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d 745fd14d745fd14d
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000 d80b0000d80b0000
info registers vcpu 3

CPU#3
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855820d5 RDI=ffffffff9b06ca00 RBP=ffffffff9b06c9c0 RSP=ffffc9002174f208
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000034 R14=ffffffff9b06c9c0 R15=ffffffff85582070
RIP=ffffffff855820ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097860000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000006612d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000