last executing test programs:

6m39.188051118s ago: executing program 0 (id=2593):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000380)={0x50, r2, 0x1, 0x70bd27, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x24, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '/dev/vbi#\x00'}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x50}}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

6m38.804172029s ago: executing program 0 (id=2595):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000002c0)='adfs\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r3 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'ip6gre0\x00', 0x0})
ioctl$HIDIOCGRAWPHYS(r3, 0x80404805, &(0x7f0000000340))

6m37.106836673s ago: executing program 0 (id=2600):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x1a, r0, 0x0, &(0x7f0000000040)) (fail_nth: 2)

6m36.336917751s ago: executing program 0 (id=2609):
r0 = socket$kcm(0x10, 0x2, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x80)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getpid()
splice(r4, 0x0, r5, 0x0, 0xf3b, 0xa)
openat$cgroup(r2, &(0x7f0000000200)='syz0\x00', 0x200002, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x8}}, 0x20)
write(r3, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r2, 0x330c}], 0x1, 0x0, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000080)={0x2, r6, 0x1})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x800, 0x2, 0x80000000000004, 0x6}, 0x0, &(0x7f0000000400)={0x1f, 0x0, 0x800000000000, 0x0, 0x1000000000, 0x0, 0xfffffffffffffffe}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffff, 0x8}}, './file0\x00'})
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="180000003c000bab956cb26f8c7d94f90324fc602f000000", 0x18}], 0x1}, 0x40)

6m35.961609493s ago: executing program 0 (id=2606):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff0006}]})
mkdir(0x0, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40048820)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x18, r5, 0x325, 0xfffffffe, 0x0, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}}, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x208000, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x7ffffffc}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
write$cgroup_int(r6, &(0x7f0000000040)=0x1c9, 0x12)

6m34.482725103s ago: executing program 0 (id=2615):
syz_open_dev$sg(0x0, 0x0, 0x38dd80)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0x5, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x7, &(0x7f0000000140)=ANY=[], 0x0, 0x2}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000100)='./file0\x00')
r1 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x805, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x4c)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0x0, 0x7e, 0x3fe, 0x7fdfffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x1a}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f04)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r3, 0x17, 0x0, 0x1)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x80000002)
setsockopt$sock_int(r2, 0x1, 0x2d, &(0x7f0000000140)=0x400, 0x4)

6m19.467391468s ago: executing program 32 (id=2615):
syz_open_dev$sg(0x0, 0x0, 0x38dd80)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0x5, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x7, &(0x7f0000000140)=ANY=[], 0x0, 0x2}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000100)='./file0\x00')
r1 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x805, 0x0, 0xd, 0x0, 0x0, 0x0}, 0x4c)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0x0, 0x7e, 0x3fe, 0x7fdfffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x1a}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x7f04)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r3, 0x17, 0x0, 0x1)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x80000002)
setsockopt$sock_int(r2, 0x1, 0x2d, &(0x7f0000000140)=0x400, 0x4)

8.32165155s ago: executing program 3 (id=4367):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000740)={0x434, r5, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c52, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x6c, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x354, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x2, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x9, 0x1, 0x3, 0x8, 0xcf, 0x3, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0xa86f, 0xc2c, 0x9, 0x2900, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7fff, 0x5d, 0x7, 0x4, 0x326a, 0x7fff, 0x400]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x3, 0x9, 0x24, 0x1b]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0xc, 0x36, 0x1b, 0x3, 0x3]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x60]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x9, 0x401, 0x7c, 0x8, 0x5, 0x7, 0x8001]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x3}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8000, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x434}, 0x1, 0x0, 0x0, 0x4}, 0x80)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00', <r10=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x3c}}, 0x0)

7.936167921s ago: executing program 2 (id=4369):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/dev_snmp6\x00')
getdents64(r0, &(0x7f0000001540)=""/92, 0x5c)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r1, &(0x7f0000000440)=ANY=[@ANYRES16=r1, @ANYRESHEX=0x0, @ANYRESHEX=r1, @ANYRES8=r1, @ANYBLOB="2ab8c4e6fb2f77b441c4cfd9e85716211c822f0c6083b6ac6895b732f4b3452e1885cc1f0edfd5c2de9e7673fc1c0dc15d1683ffed69fc27ff119a1bab239715888195e559efa56c3cbb642e9d7e1cfcfb5c31958d35be0bea6cdfe138007920f128c83fd0ff8a842281112d23a5b8e5ecf9db24f56138e2b34694f90d3f3f18a4072b78afb93d7290958c769505ca537ea90c9582101696d748993f71a5d8e6c7cac212321aea5cf8ecf17eaca3a6293ff093"], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r2 = syz_open_pts(r1, 0x0)
dup3(r2, r1, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x3)

7.932543457s ago: executing program 4 (id=4370):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0xff7ffff7)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000500)={r2, 0x7, 0x2, r2})

7.856178152s ago: executing program 2 (id=4371):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0xd, 0x0, &(0x7f0000000100)="3d6ee2e04b91ab10343d9a01005d", 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x6}, 0x4c)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xf18d, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000480)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r2, 0x47f6, 0x20, 0x4, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
removexattr(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)=@known='trusted.overlay.upper\x00')
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={r5, 0xd87, 0xffffffff, 0x4}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, 0x0, &(0x7f0000000200))

7.586834812s ago: executing program 4 (id=4372):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000740)={0x434, r5, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c52, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x6c, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x354, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x2, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x9, 0x1, 0x3, 0x8, 0xcf, 0x3, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0xa86f, 0xc2c, 0x9, 0x2900, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7fff, 0x5d, 0x7, 0x4, 0x326a, 0x7fff, 0x400]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x3, 0x9, 0x24, 0x1b]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0xc, 0x36, 0x1b, 0x3, 0x3]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x60]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x9, 0x401, 0x7c, 0x8, 0x5, 0x7, 0x8001]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x3}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8000, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x434}, 0x1, 0x0, 0x0, 0x4}, 0x80)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

6.797237048s ago: executing program 2 (id=4373):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, 0x0, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

5.601492872s ago: executing program 2 (id=4374):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000740)={0x434, r5, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c52, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x6c, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x354, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x2, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x9, 0x1, 0x3, 0x8, 0xcf, 0x3, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0xa86f, 0xc2c, 0x9, 0x2900, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7fff, 0x5d, 0x7, 0x4, 0x326a, 0x7fff, 0x400]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x3, 0x9, 0x24, 0x1b]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0xc, 0x36, 0x1b, 0x3, 0x3]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x60]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x9, 0x401, 0x7c, 0x8, 0x5, 0x7, 0x8001]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x3}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8000, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x434}, 0x1, 0x0, 0x0, 0x4}, 0x80)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

5.320315166s ago: executing program 3 (id=4375):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$udambuf(0xffffff9c, &(0x7f0000000300), 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000880), 0x10}, 0x94)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xf18d, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000480)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r3, 0x47f6, 0x20, 0x4, 0x0, 0x0)
writev(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
removexattr(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)=@known='trusted.overlay.upper\x00')
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={r6, 0xd87, 0xffffffff, 0x4}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000200))

4.996571739s ago: executing program 4 (id=4377):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter\x00')
readv(r1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe, 0x80}}, 0xe4)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
exit(0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
socket$netlink(0x10, 0x3, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
recvmmsg(0xffffffffffffffff, &(0x7f0000005e80)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x6}], 0x1, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)

4.278890087s ago: executing program 3 (id=4378):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter\x00')
readv(r1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe, 0x80}}, 0xe4)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
exit(0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
socket$netlink(0x10, 0x3, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000005e80)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x6}], 0x1, 0x0, 0x0)
connect$can_j1939(r4, &(0x7f0000000140)={0x1d, r5, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}}, 0x18)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)

3.899913048s ago: executing program 4 (id=4379):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b00000000002010400000000000000000700000608000940ffffffff080004400000008108000840000000032000018006"], 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70600001fffffff8500000005000000bf0900000000000026090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
pidfd_getfd(r3, 0xffffffffffffffff, 0x0)
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r6}, 0x18)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c9, &(0x7f0000000100))
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r9=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0xb}}}, 0x24}}, 0x800)

3.285807612s ago: executing program 3 (id=4382):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0xd, 0x0, &(0x7f0000000100)="3d6ee2e04b91ab10343d9a01005d", 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x6}, 0x4c)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xf18d, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000480)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r3, 0x47f6, 0x20, 0x4, 0x0, 0x0)
writev(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
removexattr(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)=@known='trusted.overlay.upper\x00')
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={r6, 0xd87, 0xffffffff, 0x4}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000200))

2.603125336s ago: executing program 4 (id=4383):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r8, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000740)={0x434, r5, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c52, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x6c, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x354, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x2, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x9, 0x1, 0x3, 0x8, 0xcf, 0x3, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0xa86f, 0xc2c, 0x9, 0x2900, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7fff, 0x5d, 0x7, 0x4, 0x326a, 0x7fff, 0x400]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x3, 0x9, 0x24, 0x1b]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0xc, 0x36, 0x1b, 0x3, 0x3]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x60]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x9, 0x401, 0x7c, 0x8, 0x5, 0x7, 0x8001]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x3}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8000, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x434}, 0x1, 0x0, 0x0, 0x4}, 0x80)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r9, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

2.287932695s ago: executing program 3 (id=4384):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x8800)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0xe5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0xfffffffffffffd9c)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x0)

2.097390142s ago: executing program 1 (id=4386):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter\x00')
readv(r1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe, 0x80}}, 0xe4)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
exit(0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
socket$netlink(0x10, 0x3, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
connect$can_j1939(r4, &(0x7f0000000140)={0x1d, r5, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}}, 0x18)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)

1.758044634s ago: executing program 3 (id=4387):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x2, 0x4, 0x4, 0xa, 0x1000}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}]}})
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x140)
read$FUSE(r5, &(0x7f0000000180)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r7, @ANYBLOB="0800250000000040080002"], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000740)={0x434, 0x0, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xfffffff7}, @NL80211_ATTR_TX_RATES={0x98, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x2c3, 0x1000, 0x10, 0x0, 0x4c52, 0x9, 0x8]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7, 0xb6a, 0x3, 0x3, 0x1ff, 0x6, 0xdc]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x30, 0x0, 0x6, 0x5, 0xe8d3, 0x8001, 0x7, 0x3ff]}}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9e8, 0x9, 0x9, 0x2, 0x2, 0x0, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xb, 0x1, [0xb, 0x12, 0x6c, 0x6, 0x5, 0x24, 0xb]}]}]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x17c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_TX_RATES={0x354, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xa, 0x1, [0x24, 0x6, 0x12, 0x1b, 0x2, 0x36]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x8, 0x7, 0x6, 0x9, 0x90, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x9, 0x5, 0x3, 0x4, 0x0, 0xb, 0xc]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x92b, 0x6, 0x1, 0x3, 0x2, 0x1, 0x4]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1000, 0x8, 0x0, 0x1, 0x7, 0x8, 0x2, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0x74, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0x9, 0x1, 0x3, 0x8, 0xcf, 0x3, 0xfff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2, 0xa86f, 0xc2c, 0x9, 0x2900, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x7fff, 0x5d, 0x7, 0x4, 0x326a, 0x7fff, 0x400]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x3, 0x9, 0x24, 0x1b]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6, 0xc, 0x36, 0x1b, 0x3, 0x3]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x60]}]}, @NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x200, 0x101, 0x57c, 0x2, 0x4, 0x1, 0x2]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x9212cfe61b77720f, 0x36, 0x6c, 0xb, 0x1b, 0x16, 0x16, 0x3, 0x5, 0x6c, 0x6c, 0x60, 0x36, 0x36, 0x30]}]}, @NL80211_BAND_6GHZ={0x60, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x9, 0x401, 0x7c, 0x8, 0x5, 0x7, 0x8001]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x0, 0x4}, {0x3, 0x8}, {0x7, 0x8}, {0x2, 0xa}, {0x3, 0x5}, {0x0, 0x5}, {0x2, 0x9}, {0x7, 0x2}, {0x0, 0x6}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe204, 0x9, 0x8, 0x0, 0x22, 0x18, 0x2]}}]}, @NL80211_BAND_60GHZ={0x70, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2000, 0x2, 0x1, 0x3, 0xf757]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xdff4, 0x8, 0x7, 0x10, 0x1, 0x7fff, 0xe4, 0xff]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x7d, 0x8, 0x15e, 0xfff0, 0x1, 0x0, 0x1ff]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x7f, 0x8, 0x1000, 0xc39, 0x3, 0x3ff, 0xfff, 0x81]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x7bd1459584481418}, @NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x6}, {0x6, 0x2}, {0x0, 0x9}, {0x0, 0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x2, 0x2}, {0x1, 0x6}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x9}, {0x2, 0x8}, {0x6, 0x6}, {0x2, 0x6}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x2}, {0x7, 0x8}, {0x7, 0x3}, {0x1, 0x5}, {0x4, 0xa}, {0x6, 0x3}, {0x5}, {0x1, 0x6}, {0x3, 0x7}, {0x7, 0x3}, {0x6, 0x14}, {0x3, 0x4}, {0x2, 0x2}, {0x4, 0x2}, {0x2, 0x9}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfffd, 0x8000, 0x9, 0x9, 0x1, 0x70e, 0xd1, 0x2f]}}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x1b, 0xc, 0x60, 0x1, 0x60, 0x5, 0x0, 0x6, 0x5, 0x12, 0x0, 0x4, 0xb]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x30, 0x0, 0x3, 0x12, 0x1, 0x30, 0x6c, 0xb, 0x1b, 0x3, 0x12, 0x36, 0x60, 0xc, 0x48, 0x24, 0x24, 0x24, 0x6c, 0xc, 0x9, 0x6, 0x16, 0x0, 0x1b, 0x6c, 0x24, 0x2, 0x2]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xff, 0xb1, 0x5958, 0x2, 0x6, 0xa, 0xa1, 0x2]}}]}, @NL80211_BAND_5GHZ={0xa0, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x5, 0x6}, {0x0, 0x6}, {0x1, 0x6}, {0x6, 0x9}, {0x0, 0x7}, {0x7, 0x7}, {0x3, 0x1}, {0x6, 0x8}, {0x1, 0x3}, {0x3, 0x1}, {0x4, 0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x1, 0x7}, {0x3, 0x2}, {0x3, 0x6}, {0x3, 0x5}, {0x1, 0x5}, {0x5, 0x3}, {0x6}, {0x4, 0x8}, {0x4, 0x2}, {0x5, 0x1}, {0x5}, {0x7, 0x8}, {0x2, 0x8}, {0x4, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x1, 0x3}, {0x0, 0xa}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x3}, {0x6, 0x6}, {0x2}, {0x4, 0x5}, {0x3, 0x7}, {0x4, 0x8}, {0x5, 0x2}, {0x5, 0x5}, {0x5, 0x2}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x4, 0x4}, {0x0, 0x5}, {0x7, 0x7}, {0x1, 0x8}, {0x2}, {0x5, 0x6}, {0x6, 0xa}, {0x0, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HT={0x25, 0x2, [{0x6, 0x7}, {0x6, 0x3}, {0x7, 0x3}, {0x7}, {0x2, 0x1}, {0x1, 0x8}, {0x6, 0x6}, {0x7, 0x7}, {0x4, 0x6}, {0x5, 0x4}, {0x0, 0xa}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {}, {0x2, 0x7}, {0x5, 0xa}, {0x7, 0x2}, {0x7, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x5}, {0x7, 0x5}, {0x5, 0x1}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x4}, {0x0, 0x5}, {0x7, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x101, 0xcc13, 0x7fff, 0xb01e, 0x96, 0x0, 0x5]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0x100, 0x4, 0x1, 0x8, 0x6, 0x400, 0x3]}}]}]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x434}, 0x1, 0x0, 0x0, 0x4}, 0x80)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00', <r9=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x3c}}, 0x0)

1.068620133s ago: executing program 1 (id=4388):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b00000000002010400000000000000000700000608000940ffffffff080004400000008108000840000000032000018006"], 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, 0x0, 0xc000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70600001fffffff8500000005000000bf0900000000000026090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
pidfd_getfd(r3, 0xffffffffffffffff, 0x0)
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r6}, 0x18)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c9, &(0x7f0000000100))
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r9=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0xb}}}, 0x24}}, 0x800)

896.323962ms ago: executing program 2 (id=4389):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x80802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0xa]}})
io_setup(0x1, &(0x7f00000016c0)=<r2=>0x0)
io_getevents(r2, 0x81, 0x0, 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES32=r7, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008800}, 0x8000)
r10 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r10, &(0x7f0000000680)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r11, @ANYBLOB="01"], 0x3c}}, 0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r12, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0xfdef)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000002c0)="b9", 0x1}], 0x1)
io_submit(r2, 0x16, &(0x7f0000001640)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x4, r0, &(0x7f0000000280)='a', 0x1, 0x5}])

811.529196ms ago: executing program 1 (id=4390):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x22102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0xff7ffff7)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000500)={r2, 0x7, 0x2, r2})

708.639018ms ago: executing program 1 (id=4391):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b00000000002010400000000000000000700000608000940ffffffff080004400000008108000840000000032000018006"], 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70600001fffffff8500000005000000bf0900000000000026090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
pidfd_getfd(r3, 0xffffffffffffffff, 0x0)
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r6}, 0x18)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c9, &(0x7f0000000100))
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r9=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0xb}}}, 0x24}}, 0x800)

414.504058ms ago: executing program 1 (id=4392):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xf18d, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000480)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r2, 0x47f6, 0x20, 0x4, 0x0, 0x0)
writev(r0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
socket$nl_route(0x10, 0x3, 0x0)

108.012864ms ago: executing program 2 (id=4393):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0xfff}, 0x10)
write(r0, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x1101000000000000, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000c0000000001a0000f7"], 0x48)
r5 = accept4(r2, 0x0, 0x0, 0x800)
socket$phonet_pipe(0x23, 0x5, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$sock_SIOCDELRT(r1, 0x890c, &(0x7f00000003c0)={0x0, @isdn={0x22, 0xfc, 0x6, 0x2, 0x4}, @qipcrtr={0x2a, 0xffffffffffffffff, 0x7fff}, @phonet={0x23, 0x1, 0xf, 0x8}, 0xd4bc, 0x0, 0x0, 0x0, 0xff59, 0x0, 0x419, 0x8})
io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r6 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r6, &(0x7f0000000340)=[{&(0x7f0000000200)="0bd4951c9d441bc51eff3961507d0e8f29a5bce325d570b483c0fc82eb923ef769ede557a3c23798ab2b54e15d2ca55dc75bdd3b5f982cfcff3f77b88a52f9b0fe859ea7935416121a6f1416479d2d20b2aaa10075e7e9a54ebb3a1c7233e4cbca538f2a31b25d32214f4dfee12be794cda4b8d31165fdaed868fe0257adfa2cdc0a41697493dbc713645bc068ab213d9902b957690406f496df26d52e475b12b8d474628b945834958e5c99812e11bd1b8e1378a4cbb6d6942814fbbbaebc998a43294290a75c7e45e6836f6d64322112bd6210797c1f857f1bd7bf86d5dc82ac4e2799bd363b436106d83a59ec09940060", 0xf2}], 0x1)
sendmmsg$alg(r5, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)="b57523cb1a2c90d8acad2e2d98dfc9ea7a5843c3b63b683ced2b3266175599b779617e66e6b3e15c042be90635a2d36160bbf9a2edcacc0bbe015b84150a1928de94397894ff36aa430fc2a0814ba634308d6d0837250dfd1eca5383f9d151449743b1a0c4ffc51242a229c5d6d06f147a61d797ea7ffeda95b76f5623", 0x7d}, {&(0x7f00000001c0)="66f7", 0x3}, {&(0x7f0000000300)='l3', 0x7fffef80}], 0x3}], 0x1, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @tunnel={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xb0}}, 0x0)

98.57822ms ago: executing program 1 (id=4401):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b00000000002010400000000000000000700000608000940ffffffff080004400000008108000840000000032000018006"], 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70600001fffffff8500000005000000bf0900000000000026090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
pidfd_getfd(r3, 0xffffffffffffffff, 0x0)
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r6}, 0x18)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c9, &(0x7f0000000100))
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_OFF(0x3b, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r9=>0x0})
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r9}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xe, 0xb}}}, 0x24}}, 0x800)

0s ago: executing program 4 (id=4394):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/mcfilter\x00')
readv(r1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe, 0x80}}, 0xe4)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
exit(0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
socket$netlink(0x10, 0x3, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
recvmmsg(0xffffffffffffffff, &(0x7f0000005e80)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x6}], 0x1, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)

kernel console output (not intermixed with test programs):

000080000000
[ 1052.735286][T21293] RDX: 000000002000c000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1052.735292][T21293] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1052.735298][T21293] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1052.735305][T21293] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1052.735319][T21293]  </TASK>
[ 1053.447780][T21298] binder: BINDER_SET_CONTEXT_MGR already set
[ 1053.450922][T21298] binder: 21297:21298 ioctl 4018620d 80000040 returned -16
[ 1053.723555][T21308] FAULT_INJECTION: forcing a failure.
[ 1053.723555][T21308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1053.727815][T21308] CPU: 2 UID: 0 PID: 21308 Comm: syz.2.4081 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1053.727836][T21308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1053.727843][T21308] Call Trace:
[ 1053.727847][T21308]  <TASK>
[ 1053.727852][T21308]  dump_stack_lvl+0x16c/0x1f0
[ 1053.727870][T21308]  should_fail_ex+0x512/0x640
[ 1053.727888][T21308]  _copy_from_iter+0x29f/0x16f0
[ 1053.727907][T21308]  ? __lock_acquire+0x62e/0x1ce0
[ 1053.727924][T21308]  ? __pfx__copy_from_iter+0x10/0x10
[ 1053.727940][T21308]  ? __lock_acquire+0xb97/0x1ce0
[ 1053.727953][T21308]  ? _parse_integer_limit+0x17f/0x1d0
[ 1053.727972][T21308]  tun_get_user+0x26d/0x3ce0
[ 1053.727991][T21308]  ? __pfx_tun_get_user+0x10/0x10
[ 1053.728003][T21308]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1053.728031][T21308]  ? find_held_lock+0x2b/0x80
[ 1053.728042][T21308]  ? tun_get+0x191/0x370
[ 1053.728061][T21308]  tun_chr_write_iter+0xdc/0x210
[ 1053.728074][T21308]  vfs_write+0x7d0/0x11d0
[ 1053.728089][T21308]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1053.728102][T21308]  ? __pfx_vfs_write+0x10/0x10
[ 1053.728113][T21308]  ? find_held_lock+0x2b/0x80
[ 1053.728132][T21308]  ksys_write+0x12a/0x250
[ 1053.728145][T21308]  ? __pfx_ksys_write+0x10/0x10
[ 1053.728159][T21308]  ? rcu_is_watching+0x12/0xc0
[ 1053.728173][T21308]  __do_fast_syscall_32+0x7c/0x3a0
[ 1053.728189][T21308]  do_fast_syscall_32+0x32/0x80
[ 1053.728204][T21308]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1053.728218][T21308] RIP: 0023:0xf7f36579
[ 1053.728227][T21308] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1053.728239][T21308] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[ 1053.728250][T21308] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000380
[ 1053.728257][T21308] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[ 1053.728264][T21308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1053.728270][T21308] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1053.728277][T21308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1053.728291][T21308]  </TASK>
[ 1053.900693][T21313] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4082'.
[ 1053.927630][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[ 1053.929836][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[ 1053.946169][T21313] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.024232][T21313] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.100443][T21318] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4083'.
[ 1054.102529][T21313] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.125498][T21318] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.158559][T21313] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.219727][T21318] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.248552][T21323] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4084'.
[ 1054.269358][T21323] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.327986][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.340094][T21318] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.466596][T21323] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.479802][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.484903][   T61] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.491250][T21318] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.527987][T17702] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.541643][T21323] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.614709][T21323] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.650418][T21328] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4086'.
[ 1054.669911][T21328] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.714593][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.734082][T17702] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.746937][T20412] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.757127][T21328] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.815993][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1054.856190][T21328] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1054.901923][T21328] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.171891][T21337] wireguard0: entered promiscuous mode
[ 1055.174174][T21337] wireguard0: entered allmulticast mode
[ 1056.680035][T21356] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1056.924321][T17702] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.936733][T16030] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.950426][T21364] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4095'.
[ 1056.954544][T17702] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.976550][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1057.017230][T21364] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.111232][T21364] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.208929][T21364] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.314359][T21364] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.746882][T21370] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1058.126738][T21383] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4098'.
[ 1058.149795][T17702] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.208503][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.212735][T21383] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.239887][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.242453][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.300497][T21383] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.379496][T21383] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.431599][T21387] veth57: entered promiscuous mode
[ 1058.458283][T21386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4100'.
[ 1058.467370][T21383] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1058.471367][T21386] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4100'.
[ 1058.678746][T17702] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.703004][T16030] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.783787][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.793779][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1059.000050][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.013031][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.025914][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.029213][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.032109][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.035417][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.038759][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.041942][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.045279][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.048326][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.052206][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.055537][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.059037][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.062100][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.065686][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.068672][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.071984][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.075632][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.078649][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.081740][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.084914][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.087952][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.091456][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.095212][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.098762][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.102242][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.105945][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.109407][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.112822][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.116775][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.120458][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.123427][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.126734][T21401] program syz.4.4105 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1059.784319][T21415] FAULT_INJECTION: forcing a failure.
[ 1059.784319][T21415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1059.804849][T21415] CPU: 0 UID: 0 PID: 21415 Comm: syz.4.4116 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1059.804867][T21415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1059.804874][T21415] Call Trace:
[ 1059.804879][T21415]  <TASK>
[ 1059.804884][T21415]  dump_stack_lvl+0x16c/0x1f0
[ 1059.804903][T21415]  should_fail_ex+0x512/0x640
[ 1059.804921][T21415]  _copy_to_user+0x32/0xd0
[ 1059.804940][T21415]  simple_read_from_buffer+0xcb/0x170
[ 1059.804962][T21415]  proc_fail_nth_read+0x197/0x240
[ 1059.804975][T21415]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1059.804988][T21415]  ? rw_verify_area+0xcf/0x6c0
[ 1059.804999][T21415]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1059.805011][T21415]  vfs_read+0x1e4/0xcf0
[ 1059.805027][T21415]  ? __pfx_vfs_read+0x10/0x10
[ 1059.805038][T21415]  ? find_held_lock+0x2b/0x80
[ 1059.805052][T21415]  ? __fget_files+0x20e/0x3c0
[ 1059.805069][T21415]  ksys_read+0x12a/0x250
[ 1059.805081][T21415]  ? __pfx_ksys_read+0x10/0x10
[ 1059.805095][T21415]  ? rcu_is_watching+0x12/0xc0
[ 1059.805108][T21415]  __do_fast_syscall_32+0x7c/0x3a0
[ 1059.805124][T21415]  do_fast_syscall_32+0x32/0x80
[ 1059.805138][T21415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1059.805153][T21415] RIP: 0023:0xf7f87579
[ 1059.805162][T21415] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1059.805173][T21415] RSP: 002b:00000000f54a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1059.805184][T21415] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54a6620
[ 1059.805191][T21415] RDX: 000000000000000f RSI: 00000000f7414ff4 RDI: 0000000000000000
[ 1059.805197][T21415] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1059.805209][T21415] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1059.805216][T21415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1059.805229][T21415]  </TASK>
[ 1060.031789][T21421] input: syz1 as /devices/virtual/input/input18
[ 1060.819028][T21432] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4112'.
[ 1061.043403][T21432] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.201673][T21432] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.349539][T21432] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.409057][T21432] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.064814][T20412] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.081559][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.097395][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.111566][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.535069][T21460] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4121'.
[ 1062.710380][T21460] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.811137][T21460] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.876166][T21463] Bluetooth: MGMT ver 1.23
[ 1062.885253][T21460] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1062.943903][T21460] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.011610][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.031316][T16030] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.083494][T17702] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.150108][T20412] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.165052][T20412] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.176775][T20412] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.186522][T20412] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.205377][T20412] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.214722][T21470] FAULT_INJECTION: forcing a failure.
[ 1063.214722][T21470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1063.221293][T21470] CPU: 3 UID: 0 PID: 21470 Comm: syz.2.4123 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1063.221309][T21470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1063.221316][T21470] Call Trace:
[ 1063.221320][T21470]  <TASK>
[ 1063.221324][T21470]  dump_stack_lvl+0x16c/0x1f0
[ 1063.221343][T21470]  should_fail_ex+0x512/0x640
[ 1063.221361][T21470]  _copy_to_user+0x32/0xd0
[ 1063.221379][T21470]  simple_read_from_buffer+0xcb/0x170
[ 1063.221399][T21470]  proc_fail_nth_read+0x197/0x240
[ 1063.221413][T21470]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1063.221426][T21470]  ? rw_verify_area+0xcf/0x6c0
[ 1063.221437][T21470]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1063.221449][T21470]  vfs_read+0x1e4/0xcf0
[ 1063.221464][T21470]  ? __pfx_vfs_read+0x10/0x10
[ 1063.221475][T21470]  ? find_held_lock+0x2b/0x80
[ 1063.221492][T21470]  ? __fget_files+0x20e/0x3c0
[ 1063.221516][T21470]  ksys_read+0x12a/0x250
[ 1063.221534][T21470]  ? __pfx_ksys_read+0x10/0x10
[ 1063.221554][T21470]  ? rcu_is_watching+0x12/0xc0
[ 1063.221578][T21470]  __do_fast_syscall_32+0x7c/0x3a0
[ 1063.221606][T21470]  do_fast_syscall_32+0x32/0x80
[ 1063.221626][T21470]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1063.221645][T21470] RIP: 0023:0xf7f36579
[ 1063.221656][T21470] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1063.221667][T21470] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1063.221679][T21470] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[ 1063.221686][T21470] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[ 1063.221692][T21470] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1063.221699][T21470] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1063.221705][T21470] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1063.221719][T21470]  </TASK>
[ 1063.290540][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1063.526519][T21488] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4127'.
[ 1063.539470][T21488] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.597608][T21490] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4129'.
[ 1063.609421][T21488] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.639906][T21490] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.024590][T21488] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.078477][T21490] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.107974][T21488] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.158374][T21490] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.265858][T21490] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.357015][   T72] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.391700][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.418863][T20412] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.426649][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4130'.
[ 1064.459255][T17702] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.504147][T21497] veth57: entered promiscuous mode
[ 1064.546033][T21496] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4130'.
[ 1064.554064][T21496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4130'.
[ 1064.802938][T21504] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4133'.
[ 1064.819924][T21504] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.933231][T21504] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.031799][T21504] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.111983][T21504] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.751192][T21521] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4137'.
[ 1065.788767][   T40] audit: type=1326 audit(1754895214.697:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21522 comm="syz.4.4138" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f87579 code=0x0
[ 1065.790273][T21521] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.882347][T21521] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.994148][T21521] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.049459][T21521] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.230306][ T1172] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.240094][ T1172] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.255514][T16030] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.269126][T16030] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.466226][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.476683][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.496551][T16030] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.946745][   T72] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.997617][T21535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1067.071253][T21536] veth57: entered promiscuous mode
[ 1067.110327][T21535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1067.115432][T21535] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1067.325895][T21544] fuse: Bad value for 'fd'
[ 1067.387594][T21548] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1067.484048][T21550] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4148'.
[ 1067.678894][T21553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4149'.
[ 1067.800351][T16030] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1067.813187][T16030] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1067.828862][ T1172] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1067.847492][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1068.072211][T21570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4155'.
[ 1068.193895][T21573] veth57: entered promiscuous mode
[ 1068.233975][T21570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4155'.
[ 1068.238176][T21570] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4155'.
[ 1068.505578][T21580] fuse: Invalid rootmode
[ 1068.595849][T21582] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4158'.
[ 1068.616291][T21584] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1068.713942][T21588] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1068.764330][T21584] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4159'.
[ 1068.913046][T21600] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.963427][T21600] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.169981][T21600] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.417991][T21600] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.689563][T21613] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.707585][T21614] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.743227][T21613] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.890574][T21614] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.917694][T21613] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.962611][T21614] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.059824][T21613] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.171776][T21614] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.532410][ T1172] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.536397][ T1172] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.549549][T20412] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.562636][T20412] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.608206][ T1172] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.617997][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.629095][T20412] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.638203][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.705660][T21621] fuse: Invalid rootmode
[ 1070.793844][ T1172] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.822573][T20412] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.880818][T17702] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.890146][T21627] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1070.891090][T17702] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1071.201286][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.207678][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.211548][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.215651][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.219067][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.222677][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.226283][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.229926][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.233287][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.237998][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.241454][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.244508][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.247681][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.251018][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.254478][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.258355][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.261430][T21637] ldm_validate_partition_table(): Disk read failed.
[ 1071.266877][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.270225][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.273087][T21637] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1071.280280][T21637] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1071.283027][T21637] Dev nbd1: unable to read RDB block 0
[ 1071.285492][T21637]  nbd1: unable to read partition table
[ 1072.583466][T21663] __nla_validate_parse: 7 callbacks suppressed
[ 1072.583510][T21663] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4179'.
[ 1072.612049][T21663] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1072.664499][T21665] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4178'.
[ 1072.801750][T21663] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1072.899070][T21663] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1072.988662][T21663] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.181035][T21668] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1073.298742][T21668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4180'.
[ 1073.333535][T21676] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4181'.
[ 1073.396530][T21676] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.496860][T21683] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4182'.
[ 1073.506961][T21676] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.647107][T21676] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.664240][T21683] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.714011][T21676] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.754436][T21683] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.868244][T21683] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.970844][T21683] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.541422][   T72] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1074.558166][ T1172] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1074.573615][   T72] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1074.587440][   T72] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1074.797296][T21690] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4193'.
[ 1074.826429][T21690] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.967753][T21690] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1075.049079][T21690] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1075.139297][T21690] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1075.235401][T17702] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.238988][T17702] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.253815][T17702] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.259331][T17702] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.330583][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.384985][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.400106][T17702] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.415134][T17702] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.615585][T17702] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.640436][T17702] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.654844][   T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.675131][   T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1076.216917][T21705] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4189'.
[ 1076.313062][T21705] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.409853][T21710] FAULT_INJECTION: forcing a failure.
[ 1076.409853][T21710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1076.414110][T21710] CPU: 2 UID: 0 PID: 21710 Comm: syz.2.4191 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1076.414125][T21710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1076.414132][T21710] Call Trace:
[ 1076.414137][T21710]  <TASK>
[ 1076.414142][T21710]  dump_stack_lvl+0x16c/0x1f0
[ 1076.414159][T21710]  should_fail_ex+0x512/0x640
[ 1076.414177][T21710]  _copy_to_user+0x32/0xd0
[ 1076.414196][T21710]  simple_read_from_buffer+0xcb/0x170
[ 1076.414217][T21710]  proc_fail_nth_read+0x197/0x240
[ 1076.414230][T21710]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1076.414243][T21710]  ? rw_verify_area+0xcf/0x6c0
[ 1076.414254][T21710]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1076.414266][T21710]  vfs_read+0x1e4/0xcf0
[ 1076.414282][T21710]  ? __pfx_vfs_read+0x10/0x10
[ 1076.414293][T21710]  ? find_held_lock+0x2b/0x80
[ 1076.414308][T21710]  ? __fget_files+0x20e/0x3c0
[ 1076.414319][T21710]  ? __fget_files+0x200/0x3c0
[ 1076.414335][T21710]  ksys_read+0x12a/0x250
[ 1076.414348][T21710]  ? __pfx_ksys_read+0x10/0x10
[ 1076.414360][T21710]  ? syscall_user_dispatch+0x78/0x140
[ 1076.414378][T21710]  ? rcu_is_watching+0x12/0xc0
[ 1076.414392][T21710]  __do_fast_syscall_32+0x7c/0x3a0
[ 1076.414408][T21710]  do_fast_syscall_32+0x32/0x80
[ 1076.414423][T21710]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1076.414438][T21710] RIP: 0023:0xf7f36579
[ 1076.414447][T21710] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1076.414471][T21710] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1076.414482][T21710] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5456620
[ 1076.414489][T21710] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[ 1076.414496][T21710] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1076.414503][T21710] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1076.414509][T21710] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1076.414524][T21710]  </TASK>
[ 1076.523256][T21714] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1076.563793][T21705] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.572791][T21717] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4194'.
[ 1076.621573][T21717] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.658806][T21705] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.693128][T21714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4192'.
[ 1076.710472][T21717] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.757012][T21705] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.809130][T21717] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.869059][T21725] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4195'.
[ 1076.890256][T21717] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1077.595185][T21728] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4196'.
[ 1077.656244][T21728] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1077.715869][T21728] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1077.781061][T21728] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1077.847204][T21728] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1078.349818][T21737] loop7: detected capacity change from 0 to 7
[ 1078.416190][T21738] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4199'.
[ 1078.517752][T21740] veth55: entered promiscuous mode
[ 1078.536903][T21737] Dev loop7: unable to read RDB block 7
[ 1078.538683][T21737]  loop7: unable to read partition table
[ 1078.540548][T21737] loop7: partition table beyond EOD, truncated
[ 1078.543242][T21737] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1078.555284][T20412] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.561609][T20412] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.570942][T21737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4199'.
[ 1078.574281][T20412] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.578713][T21737] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4199'.
[ 1078.588070][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.598831][    C2] blk_print_req_error: 6 callbacks suppressed
[ 1078.598841][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1078.604361][    C2] buffer_io_error: 6 callbacks suppressed
[ 1078.604371][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1078.621829][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1078.624930][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1079.025588][T21748] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4209'.
[ 1079.037619][T21748] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1079.440347][T21748] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1079.589646][ T1145] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.608955][T16030] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.623095][ T1145] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.641855][ T1145] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.667065][T21748] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1079.706183][ T1145] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.709592][ T1145] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.775231][ T1145] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.791939][ T1145] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.094931][T21748] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1080.531656][   T72] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.555781][   T72] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.588299][   T72] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.809471][   T72] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.890870][T21774] input: syz1 as /devices/virtual/input/input19
[ 1080.935823][T21774] FAULT_INJECTION: forcing a failure.
[ 1080.935823][T21774] name failslab, interval 1, probability 0, space 0, times 0
[ 1080.950021][T21774] CPU: 0 UID: 0 PID: 21774 Comm: syz.4.4210 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1080.950038][T21774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1080.950046][T21774] Call Trace:
[ 1080.950050][T21774]  <TASK>
[ 1080.950055][T21774]  dump_stack_lvl+0x16c/0x1f0
[ 1080.950072][T21774]  should_fail_ex+0x512/0x640
[ 1080.950089][T21774]  ? fs_reclaim_acquire+0xae/0x150
[ 1080.950107][T21774]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1080.950123][T21774]  should_failslab+0xc2/0x120
[ 1080.950138][T21774]  __kmalloc_noprof+0xd2/0x510
[ 1080.950155][T21774]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1080.950172][T21774]  ? tomoyo_profile+0x47/0x60
[ 1080.950191][T21774]  tomoyo_path_number_perm+0x245/0x580
[ 1080.950204][T21774]  ? tomoyo_path_number_perm+0x237/0x580
[ 1080.950219][T21774]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1080.950246][T21774]  ? find_held_lock+0x2b/0x80
[ 1080.950258][T21774]  ? hook_file_ioctl_common+0x145/0x410
[ 1080.950276][T21774]  ? __fget_files+0x20e/0x3c0
[ 1080.950291][T21774]  security_file_ioctl_compat+0x9b/0x240
[ 1080.950307][T21774]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1080.950326][T21774]  __do_fast_syscall_32+0x7c/0x3a0
[ 1080.950342][T21774]  do_fast_syscall_32+0x32/0x80
[ 1080.950357][T21774]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1080.950371][T21774] RIP: 0023:0xf7f87579
[ 1080.950381][T21774] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1080.950392][T21774] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1080.950403][T21774] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ae01
[ 1080.950410][T21774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1080.950416][T21774] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1080.950422][T21774] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1080.950429][T21774] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1080.950442][T21774]  </TASK>
[ 1080.950447][T21774] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1080.978213][T21776] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4211'.
[ 1081.105445][T21782] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4214'.
[ 1081.207091][T21785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4212'.
[ 1081.251951][T21786] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4215'.
[ 1081.284404][T21785] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.344401][T21789] input: syz1 as /devices/virtual/input/input20
[ 1081.353225][T21790] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.428861][T21785] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.451611][T21793] FAULT_INJECTION: forcing a failure.
[ 1081.451611][T21793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1081.456156][T21793] CPU: 2 UID: 0 PID: 21793 Comm: syz.1.4217 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1081.456173][T21793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1081.456180][T21793] Call Trace:
[ 1081.456184][T21793]  <TASK>
[ 1081.456189][T21793]  dump_stack_lvl+0x16c/0x1f0
[ 1081.456206][T21793]  should_fail_ex+0x512/0x640
[ 1081.456224][T21793]  _copy_from_user+0x2e/0xd0
[ 1081.456241][T21793]  get_compat_msghdr+0xa7/0x170
[ 1081.456256][T21793]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1081.456274][T21793]  ___sys_sendmsg+0x1ae/0x1d0
[ 1081.456289][T21793]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1081.456310][T21793]  ? find_held_lock+0x2b/0x80
[ 1081.456330][T21793]  __sys_sendmsg+0x16d/0x220
[ 1081.456344][T21793]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1081.456364][T21793]  ? rcu_is_watching+0x12/0xc0
[ 1081.456377][T21793]  __do_fast_syscall_32+0x7c/0x3a0
[ 1081.456393][T21793]  do_fast_syscall_32+0x32/0x80
[ 1081.456407][T21793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1081.456421][T21793] RIP: 0023:0xf7fd2579
[ 1081.456431][T21793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1081.456442][T21793] RSP: 002b:00000000f54f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1081.456453][T21793] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[ 1081.456460][T21793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1081.456467][T21793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1081.456473][T21793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1081.456480][T21793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1081.456492][T21793]  </TASK>
[ 1081.461205][T21790] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.636689][T21785] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.648839][T21798] loop7: detected capacity change from 0 to 7
[ 1081.744000][T21790] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.856915][T21254] Dev loop7: unable to read RDB block 7
[ 1081.859088][T21254]  loop7: unable to read partition table
[ 1081.865443][T21254] loop7: partition table beyond EOD, truncated
[ 1081.998270][T21801] 8021q: adding VLAN 0 to HW filter on device bond28
[ 1082.020846][T21799] 8021q: adding VLAN 0 to HW filter on device bond28
[ 1082.025478][T21801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4219'.
[ 1082.029540][T21799] bond28: (slave vxcan9): The slave device specified does not support setting the MAC address
[ 1082.039632][T21799] bond28: (slave vxcan9): Error -95 calling set_mac_address
[ 1082.076599][T21790] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.122587][T21803] veth55: entered promiscuous mode
[ 1082.127979][T21803] bond28: (slave veth55): Enslaving as an active interface with an up link
[ 1082.154157][T21785] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1082.254385][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1082.254493][T21798] Dev loop7: unable to read RDB block 7
[ 1082.258605][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1082.259360][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1082.259379][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1082.270630][T21798]  loop7: unable to read partition table
[ 1082.272775][T21798] loop7: partition table beyond EOD, truncated
[ 1082.274861][T21798] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1082.292752][T16030] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1082.307217][T16030] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1082.332336][T16030] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1082.334821][T16030] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1082.639945][T21817] __nla_validate_parse: 1 callbacks suppressed
[ 1082.640230][T21817] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4223'.
[ 1083.302397][ T5992] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1083.311160][ T5992] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1083.315764][ T5992] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1083.318909][ T5992] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1083.322006][ T5992] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1083.360536][T21830] lo speed is unknown, defaulting to 1000
[ 1083.634871][T21834] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4228'.
[ 1083.737467][T21834] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1083.852113][T20412] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1083.860455][T21830] chnl_net:caif_netlink_parms(): no params data found
[ 1083.891571][T21834] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1083.923211][T20412] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1083.962240][T16030] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1083.978859][T17702] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1084.020107][T21834] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.073694][T21830] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1084.077227][T21830] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1084.079590][T21830] bridge_slave_0: entered allmulticast mode
[ 1084.084973][T21830] bridge_slave_0: entered promiscuous mode
[ 1084.086231][T21849] loop7: detected capacity change from 0 to 7
[ 1084.088209][T21830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1084.091430][T21830] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1084.093797][T21830] bridge_slave_1: entered allmulticast mode
[ 1084.096964][T21830] bridge_slave_1: entered promiscuous mode
[ 1084.168984][T21834] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.219859][T21850] 8021q: adding VLAN 0 to HW filter on device bond18
[ 1084.227292][T21830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1084.261408][T21854] 8021q: adding VLAN 0 to HW filter on device bond18
[ 1084.265497][T21854] bond18: (slave vxcan5): The slave device specified does not support setting the MAC address
[ 1084.271173][T21854] bond18: (slave vxcan5): Error -95 calling set_mac_address
[ 1084.286561][T21830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1084.332819][T21855] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4231'.
[ 1084.339841][T21850] veth33: entered promiscuous mode
[ 1084.343107][T21254] Dev loop7: unable to read RDB block 7
[ 1084.345508][T21254]  loop7: unable to read partition table
[ 1084.345826][T21850] bond18: (slave veth33): Enslaving as an active interface with an up link
[ 1084.347904][T21254] loop7: partition table beyond EOD, truncated
[ 1084.385190][T21857] fuse: Unknown parameter 'use00000000000000000000'
[ 1084.416182][T21830] team0: Port device team_slave_0 added
[ 1084.422037][T21850] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4231'.
[ 1084.432300][T21830] team0: Port device team_slave_1 added
[ 1084.590001][T21830] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1084.593026][T21830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1084.604769][T21830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1084.637416][T21849] Dev loop7: unable to read RDB block 7
[ 1084.639306][T21849]  loop7: unable to read partition table
[ 1084.642744][T21849] loop7: partition table beyond EOD, truncated
[ 1084.646155][T21849] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1084.655148][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1084.659315][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1084.661957][T16030] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1084.680124][   T72] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1084.694235][T21830] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1084.696682][T21830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1084.704602][T21830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1084.722647][T16030] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1084.748768][ T1145] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1084.798481][T21830] hsr_slave_0: entered promiscuous mode
[ 1084.801107][T21830] hsr_slave_1: entered promiscuous mode
[ 1084.803627][T21830] debugfs: 'hsr0' already exists in 'hsr'
[ 1084.806610][T21830] Cannot create hsr debugfs directory
[ 1084.919078][T21830] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.022088][T21830] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.108272][T21830] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.130399][T21867] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4237'.
[ 1085.192841][T21830] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.364941][ T5992] Bluetooth: hci2: command tx timeout
[ 1085.391949][T21871] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1085.447210][T21874] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4238'.
[ 1085.528047][T21830] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1085.538967][T21871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4239'.
[ 1085.539013][T21830] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1085.569425][T21874] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.646382][T21830] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1085.654723][T21830] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1086.058544][ T1172] bond0 (unregistering): Released all slaves
[ 1086.168253][ T1172] bond1 (unregistering): Released all slaves
[ 1086.278673][ T1172] bond2 (unregistering): Released all slaves
[ 1086.621854][ T1172] bond3 (unregistering): Released all slaves
[ 1086.711124][ T1172] bond4 (unregistering): Released all slaves
[ 1086.802865][ T1172] bond5 (unregistering): Released all slaves
[ 1086.892264][ T1172] bond6 (unregistering): Released all slaves
[ 1086.901440][ T1172] bond7 (unregistering): Released all slaves
[ 1086.994524][ T1172] bond8 (unregistering): Released all slaves
[ 1087.103539][ T1172] bond9 (unregistering): Released all slaves
[ 1087.255640][ T1172] bond10 (unregistering): Released all slaves
[ 1087.350057][ T1172] bond11 (unregistering): Released all slaves
[ 1087.445217][ T5992] Bluetooth: hci2: command tx timeout
[ 1087.459870][ T1172] bond12 (unregistering): Released all slaves
[ 1087.586914][ T1172] bond13 (unregistering): Released all slaves
[ 1087.719529][ T1172] bond14 (unregistering): Released all slaves
[ 1087.827978][ T1172] bond15 (unregistering): Released all slaves
[ 1087.940364][ T1172] bond16 (unregistering): Released all slaves
[ 1088.050893][ T1172] bond17 (unregistering): Released all slaves
[ 1088.168141][ T1172] bond18 (unregistering): Released all slaves
[ 1088.300376][ T1172] bond19 (unregistering): (slave veth27): Releasing active interface
[ 1088.307167][ T1172] bond19 (unregistering): Released all slaves
[ 1088.412422][ T1172] bond20 (unregistering): (slave veth29): Releasing active interface
[ 1088.417453][ T1172] bond20 (unregistering): Released all slaves
[ 1088.549223][ T1172] bond21 (unregistering): (slave veth31): Releasing active interface
[ 1088.554324][ T1172] bond21 (unregistering): Released all slaves
[ 1088.656685][ T1172] bond22 (unregistering): (slave veth33): Releasing active interface
[ 1088.662357][ T1172] bond22 (unregistering): Released all slaves
[ 1088.776572][ T1172] bond23 (unregistering): (slave veth35): Releasing active interface
[ 1088.781877][ T1172] bond23 (unregistering): Released all slaves
[ 1088.896359][ T1172] bond24 (unregistering): (slave veth37): Releasing active interface
[ 1088.901236][ T1172] bond24 (unregistering): Released all slaves
[ 1089.003619][ T1172] bond25 (unregistering): (slave veth39): Releasing active interface
[ 1089.008315][ T1172] bond25 (unregistering): Released all slaves
[ 1089.115936][ T1172] bond26 (unregistering): (slave veth41): Releasing active interface
[ 1089.126812][ T1172] bond26 (unregistering): Released all slaves
[ 1089.241086][ T1172] bond27 (unregistering): (slave veth43): Releasing active interface
[ 1089.245987][ T1172] bond27 (unregistering): Released all slaves
[ 1089.356350][ T1172] bond28 (unregistering): (slave veth45): Releasing active interface
[ 1089.362809][ T1172] bond28 (unregistering): Released all slaves
[ 1089.481414][ T1172] bond29 (unregistering): Released all slaves
[ 1089.525002][ T5992] Bluetooth: hci2: command tx timeout
[ 1089.587901][ T1172] bond30 (unregistering): Released all slaves
[ 1089.710803][ T1172] bond31 (unregistering): Released all slaves
[ 1089.812069][ T1172] bond32 (unregistering): (slave veth53): Releasing active interface
[ 1089.816331][ T1172] bond32 (unregistering): Released all slaves
[ 1089.953069][T21902] loop7: detected capacity change from 0 to 7
[ 1089.957126][T21874] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.025630][T21906] 8021q: adding VLAN 0 to HW filter on device bond24
[ 1090.046864][T21830] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1090.090853][T21906] 8021q: adding VLAN 0 to HW filter on device bond24
[ 1090.093776][T21906] bond24: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1090.119317][T21906] bond24: (slave vxcan3): Error -95 calling set_mac_address
[ 1090.145773][T21910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4244'.
[ 1090.158645][T21902] Dev loop7: unable to read RDB block 7
[ 1090.160444][T21902]  loop7: unable to read partition table
[ 1090.162332][T21902] loop7: partition table beyond EOD, truncated
[ 1090.165081][T21902] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1090.194913][ T1172] tipc: Left network mode
[ 1090.202656][T21902] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4244'.
[ 1090.207164][T21874] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.276694][T21909] veth43: entered promiscuous mode
[ 1090.296011][T21909] bond24: (slave veth43): Enslaving as an active interface with an up link
[ 1090.330973][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1090.334056][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1090.336692][T21914] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4246'.
[ 1090.337419][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1090.343060][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1090.357759][T21874] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.379630][T21830] 8021q: adding VLAN 0 to HW filter on device team0
[ 1090.384950][T16030] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1090.387250][T16030] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1090.394507][   T72] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1090.396896][   T72] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1090.414888][T21914] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.553714][T21914] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.595876][   T72] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1090.633256][T16030] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1090.662982][   T72] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1090.729413][   T72] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1090.765565][T21925] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1090.848488][T21914] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1090.906086][T21925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4248'.
[ 1091.044933][T21830] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1091.216868][T21931] : entered promiscuous mode
[ 1091.226139][T21922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4247'.
[ 1091.236238][T21914] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1091.281192][T21830] veth0_vlan: entered promiscuous mode
[ 1091.311382][ T1172] hsr_slave_0: left promiscuous mode
[ 1091.313678][ T1172] 0�: left promiscuous mode
[ 1091.330298][T21935] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4249'.
[ 1091.365237][ T1172] veth1_macvtap: left promiscuous mode
[ 1091.367155][ T1172] veth0_macvtap: left allmulticast mode
[ 1091.369882][ T1172] veth0_macvtap: left promiscuous mode
[ 1091.373562][ T1172] veth1_vlan: left promiscuous mode
[ 1091.607295][ T5992] Bluetooth: hci2: command tx timeout
[ 1093.300006][T21956] loop7: detected capacity change from 0 to 7
[ 1093.382636][ T1172] team0 (unregistering): Port device vlan0 removed
[ 1093.474409][T21905] Dev loop7: unable to read RDB block 7
[ 1093.478585][T21905]  loop7: unable to read partition table
[ 1093.483001][T21905] loop7: partition table beyond EOD, truncated
[ 1093.531181][T21960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4255'.
[ 1093.585523][T21961] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4255'.
[ 1093.739078][T21956] Dev loop7: unable to read RDB block 7
[ 1093.740189][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1093.744078][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1093.744824][T21956]  loop7: unable to read partition table
[ 1093.747840][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1093.748707][T21956] loop7: partition table beyond EOD, truncated
[ 1093.751740][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1093.754865][T21956] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1094.335081][ T5388] Dev loop7: unable to read RDB block 7
[ 1094.337195][ T5388]  loop7: unable to read partition table
[ 1094.339490][ T5388] loop7: partition table beyond EOD, truncated
[ 1094.891279][T21957] workqueue: Failed to create a rescuer kthread for wq "bond25": -EINTR
[ 1094.955214][T21959] veth45: entered promiscuous mode
[ 1095.000234][T16934] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.003792][T21830] veth1_vlan: entered promiscuous mode
[ 1095.018388][T16934] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.032656][   T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.040441][T17702] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.067524][T21830] veth0_macvtap: entered promiscuous mode
[ 1095.072541][T21830] veth1_macvtap: entered promiscuous mode
[ 1095.082960][T21968] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4256'.
[ 1095.102363][T21830] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1095.133106][T21968] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.197666][T21830] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1095.265076][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.268745][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.272443][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.282416][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1095.341214][T21978] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1095.360079][T21968] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.389362][T16030] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1095.392304][T16030] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1095.410691][T21980] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4258'.
[ 1095.539095][T21978] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.551902][T16030] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1095.555014][T16030] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1095.562327][T21968] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.649807][T21980] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.757616][T21978] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.771023][T21980] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.858065][T21986] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4227'.
[ 1095.890126][T21968] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.911072][T21978] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.974077][T21980] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.141660][T21986] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.225584][T21978] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.249560][T21980] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.383276][T21986] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.501339][T17702] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.598613][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.686534][T21986] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.711584][   T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.737599][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.765690][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.786909][T16030] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.829765][T21986] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.887588][T20412] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.890181][T20412] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1097.431783][T21991] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4260'.
[ 1097.518759][T21991] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.593737][T21991] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.660201][T21996] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4261'.
[ 1097.708902][T21996] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.762304][T21991] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.792732][T21996] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.872747][T21991] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.907499][T21996] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1098.051805][T21996] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1098.791436][ T1172] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1098.805304][T20412] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1098.820415][T20412] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1098.824675][T20412] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.135054][T22005] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4263'.
[ 1099.736461][T16030] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.747188][T17702] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.760286][T16030] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.769910][T16030] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1099.878451][T22010] loop7: detected capacity change from 0 to 7
[ 1099.937877][T22012] netlink: 'syz.4.4265': attribute type 1 has an invalid length.
[ 1099.950291][T22012] 8021q: adding VLAN 0 to HW filter on device bond19
[ 1099.963633][T22012] 8021q: adding VLAN 0 to HW filter on device bond19
[ 1099.966672][T22012] bond19: (slave vxcan5): The slave device specified does not support setting the MAC address
[ 1099.970875][T22012] bond19: (slave vxcan5): Error -95 calling set_mac_address
[ 1100.029091][T22014] veth35: entered promiscuous mode
[ 1100.037501][T22014] bond19: (slave veth35): Enslaving as an active interface with an up link
[ 1100.045219][T21905] Dev loop7: unable to read RDB block 7
[ 1100.047202][T21905]  loop7: unable to read partition table
[ 1100.049243][T21905] loop7: partition table beyond EOD, truncated
[ 1100.050877][T22012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4265'.
[ 1100.056507][T22012] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4265'.
[ 1100.135066][T16030] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.147996][ T1172] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.156901][ T1172] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.176180][ T1172] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.222389][T22010] Dev loop7: unable to read RDB block 7
[ 1100.224577][T22010]  loop7: unable to read partition table
[ 1100.227179][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1100.230228][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1100.233469][T22010] loop7: partition table beyond EOD, truncated
[ 1100.233655][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1100.235851][T22010] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1100.239783][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1100.335491][T22019] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4266'.
[ 1100.389111][T22019] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1100.458367][T22019] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1100.568932][ T5388] Dev loop7: unable to read RDB block 7
[ 1100.570754][ T5388]  loop7: unable to read partition table
[ 1100.573105][ T5388] loop7: partition table beyond EOD, truncated
[ 1100.937496][T22019] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.014456][T22019] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.597714][T22030] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4269'.
[ 1101.665811][T16030] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.669084][T16030] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.713238][T22030] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.755618][ T1145] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.780029][ T1145] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.813311][T22030] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.899059][T22033] loop7: detected capacity change from 0 to 7
[ 1102.008382][T22030] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.068118][T22034] veth3: entered promiscuous mode
[ 1102.096254][T22035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4270'.
[ 1102.129398][T22030] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.136536][T21905] Dev loop7: unable to read RDB block 7
[ 1102.138981][T21905]  loop7: unable to read partition table
[ 1102.143599][T21905] loop7: partition table beyond EOD, truncated
[ 1102.182980][T22034] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4270'.
[ 1102.349955][T22033] Dev loop7: unable to read RDB block 7
[ 1102.351424][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1102.352727][T22033]  loop7: unable to read partition table
[ 1102.355180][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1102.356272][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1102.358337][T22033] loop7: partition table beyond EOD, 
[ 1102.360342][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1102.364272][T22033] truncated
[ 1102.370423][T22033] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1102.784078][T22042] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4271'.
[ 1102.811706][T22043] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4279'.
[ 1102.859273][T22042] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1102.926580][T22043] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.051371][T22042] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.060883][T22043] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.116380][T22042] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.146771][T22043] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.219837][T22043] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.255051][T22042] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.392402][ T1172] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.409983][ T1172] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.451821][T17702] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.455267][T17702] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.673977][T17702] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.696607][T17702] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.748231][T17702] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.765126][T17702] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.045138][   T72] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.054729][   T72] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.062559][   T72] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.473725][T16030] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.658690][T22065] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4273'.
[ 1104.884962][T22065] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.000654][T22065] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.058671][T22065] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.131945][T22065] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.384251][T22081] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4275'.
[ 1105.790291][   T46] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.830870][T16030] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.846872][   T46] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.862024][   T46] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.029988][T22100] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4276'.
[ 1106.066331][T22100] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1106.498697][T22100] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1106.687578][T22100] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1106.758357][T22100] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1107.981261][   T46] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1107.987842][   T46] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.002225][T20412] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.015995][T20412] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.255367][   T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.285388][   T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.294923][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.316986][   T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1108.456243][T22131] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4283'.
[ 1108.481522][T22131] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.702228][T22131] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.842250][T22131] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.904851][T22131] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.942577][T22135] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4286'.
[ 1108.958812][T22135] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.219596][T22135] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.382541][T22135] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.523877][T22140] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4287'.
[ 1109.555886][T22135] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.953879][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.962970][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.989249][   T46] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1110.002358][   T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1111.426298][T22158] FAULT_INJECTION: forcing a failure.
[ 1111.426298][T22158] name failslab, interval 1, probability 0, space 0, times 0
[ 1111.431623][T22158] CPU: 0 UID: 0 PID: 22158 Comm: syz.2.4292 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1111.431647][T22158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1111.431658][T22158] Call Trace:
[ 1111.431666][T22158]  <TASK>
[ 1111.431674][T22158]  dump_stack_lvl+0x16c/0x1f0
[ 1111.431709][T22158]  should_fail_ex+0x512/0x640
[ 1111.431733][T22158]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1111.431758][T22158]  should_failslab+0xc2/0x120
[ 1111.431782][T22158]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1111.431802][T22158]  ? __pfx_tcp_current_mss+0x10/0x10
[ 1111.431821][T22158]  ? __alloc_skb+0x2b2/0x380
[ 1111.431847][T22158]  __alloc_skb+0x2b2/0x380
[ 1111.431868][T22158]  ? __pfx___alloc_skb+0x10/0x10
[ 1111.431904][T22158]  ? __lock_acquire+0xb40/0x1ce0
[ 1111.431926][T22158]  ? _parse_integer_limit+0x17f/0x1d0
[ 1111.431955][T22158]  tcp_stream_alloc_skb+0x34/0x570
[ 1111.431985][T22158]  tcp_sendmsg_locked+0x12d0/0x42a0
[ 1111.432020][T22158]  ? __lock_acquire+0xb97/0x1ce0
[ 1111.432052][T22158]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1111.432081][T22158]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1111.432108][T22158]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1111.432141][T22158]  ? __local_bh_enable_ip+0xa4/0x120
[ 1111.432167][T22158]  tcp_sendmsg+0x2e/0x50
[ 1111.432191][T22158]  ? __pfx_tcp_sendmsg+0x10/0x10
[ 1111.432217][T22158]  inet_sendmsg+0xb9/0x140
[ 1111.432236][T22158]  __sys_sendto+0x43c/0x520
[ 1111.432256][T22158]  ? __pfx___sys_sendto+0x10/0x10
[ 1111.432317][T22158]  ? ksys_write+0x1ac/0x250
[ 1111.432338][T22158]  ? __pfx_ksys_write+0x10/0x10
[ 1111.432362][T22158]  __ia32_sys_sendto+0xdd/0x1b0
[ 1111.432380][T22158]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1111.432401][T22158]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1111.432424][T22158]  __do_fast_syscall_32+0x7c/0x3a0
[ 1111.432450][T22158]  do_fast_syscall_32+0x32/0x80
[ 1111.432472][T22158]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1111.432494][T22158] RIP: 0023:0xf7f36579
[ 1111.432509][T22158] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1111.432525][T22158] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[ 1111.432543][T22158] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000580
[ 1111.432555][T22158] RDX: 000000000000059a RSI: 0000000010008095 RDI: 0000000000000000
[ 1111.432566][T22158] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1111.432576][T22158] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1111.432587][T22158] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1111.432611][T22158]  </TASK>
[ 1111.640630][T22165] loop7: detected capacity change from 0 to 7
[ 1111.684488][T22167] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4291'.
[ 1111.701441][T22169] netlink: 'syz.2.4295': attribute type 1 has an invalid length.
[ 1111.717603][T22169] 8021q: adding VLAN 0 to HW filter on device bond29
[ 1111.751680][T22169] 8021q: adding VLAN 0 to HW filter on device bond29
[ 1111.756674][T22169] bond29: (slave vxcan9): The slave device specified does not support setting the MAC address
[ 1111.762711][T22169] bond29: (slave vxcan9): Error -95 calling set_mac_address
[ 1111.782240][T22167] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.807373][T22174] netlink: 'syz.3.4296': attribute type 1 has an invalid length.
[ 1111.841653][T22173] veth57: entered promiscuous mode
[ 1111.845266][T22173] bond29: (slave veth57): Enslaving as an active interface with an up link
[ 1111.867566][T22169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4295'.
[ 1111.892150][T22169] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4295'.
[ 1111.916390][T22167] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.958646][T21905] Dev loop7: unable to read RDB block 7
[ 1111.961071][T21905]  loop7: unable to read partition table
[ 1111.963586][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1111.967039][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1111.970458][T21905] loop7: partition table beyond EOD, truncated
[ 1111.970501][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1111.975625][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1111.985846][T22176] veth3: entered promiscuous mode
[ 1111.996867][T22174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4296'.
[ 1112.002364][T22174] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4296'.
[ 1112.049849][T22167] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.180013][T22167] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.253355][T22165] Dev loop7: unable to read RDB block 7
[ 1112.256176][T22165]  loop7: unable to read partition table
[ 1112.258920][T22165] loop7: partition table beyond EOD, truncated
[ 1112.261826][T22165] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1112.420733][T17702] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.445452][T16030] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.447659][T22178] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1112.514802][T16030] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.522991][T16030] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.529594][T22178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4297'.
[ 1112.532730][T22178] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1112.586041][ T5388] Dev loop7: unable to read RDB block 7
[ 1112.590872][ T5388]  loop7: unable to read partition table
[ 1112.592727][ T5388] loop7: partition table beyond EOD, truncated
[ 1112.726444][T22178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1112.794158][T22183] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4298'.
[ 1112.876675][T22185] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.939884][ T1145] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1113.016343][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1113.027208][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1113.034852][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1113.065545][T22185] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.234044][T22185] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.304574][T22191] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.343890][T22185] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.389860][T22191] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.616011][T22191] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.764145][T22191] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.891226][T22196] __nla_validate_parse: 2 callbacks suppressed
[ 1113.891249][T22196] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4301'.
[ 1113.935031][T17702] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.002433][ T1145] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.006167][ T1145] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.019354][ T1145] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.165897][T22201] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4302'.
[ 1114.236389][T22201] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1114.306534][T22201] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1114.420017][T22201] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1114.533972][T22201] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.369527][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.372478][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.641602][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.650935][T16934] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.663567][T16934] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.704381][T16030] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.706912][T22219] loop7: detected capacity change from 0 to 7
[ 1116.765067][T22223] netlink: 'syz.2.4306': attribute type 1 has an invalid length.
[ 1116.769885][T22222] netlink: 'syz.3.4307': attribute type 1 has an invalid length.
[ 1116.788882][T22223] 8021q: adding VLAN 0 to HW filter on device bond30
[ 1116.852026][T22223] 8021q: adding VLAN 0 to HW filter on device bond30
[ 1116.854185][T22223] bond30: (slave vxcan9): The slave device specified does not support setting the MAC address
[ 1116.860478][T22223] bond30: (slave vxcan9): Error -95 calling set_mac_address
[ 1116.906163][T21905] Dev loop7: unable to read RDB block 7
[ 1116.906768][T22222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4307'.
[ 1116.908066][T21905]  loop7: unable to read partition table
[ 1116.916704][T21905] loop7: partition table beyond EOD, truncated
[ 1116.916958][T22228] veth3: entered promiscuous mode
[ 1116.917878][T22230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4306'.
[ 1116.931834][T22231] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4308'.
[ 1116.957735][T22229] veth59: entered promiscuous mode
[ 1116.961546][T22229] bond30: (slave veth59): Enslaving as an active interface with an up link
[ 1116.968288][T22233] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4307'.
[ 1116.984871][T16934] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.995405][T16934] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1117.006978][T22234] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.055810][   T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1117.093670][T22223] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4306'.
[ 1117.106274][T22234] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.135600][T22219] Dev loop7: unable to read RDB block 7
[ 1117.137508][T22219]  loop7: unable to read partition table
[ 1117.139345][T22219] loop7: partition table beyond EOD, truncated
[ 1117.145175][T22219] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1117.153844][T20412] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1117.161143][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1117.164573][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1117.167973][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1117.171707][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1117.175103][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1117.178389][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1117.188919][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1117.192401][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1117.360258][T22234] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.469043][T22234] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.610273][ T5388] Dev loop7: unable to read RDB block 7
[ 1117.616993][ T5388]  loop7: unable to read partition table
[ 1117.626421][ T5388] loop7: partition table beyond EOD, truncated
[ 1117.985810][T22245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4311'.
[ 1118.074982][T22248] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4312'.
[ 1118.219573][T22250] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1118.440018][T22253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4314'.
[ 1118.645772][T22259] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1118.923331][T22266] __nla_validate_parse: 1 callbacks suppressed
[ 1118.923345][T22266] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.4317'.
[ 1118.938634][T22266] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4317'.
[ 1118.941920][T22266] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[ 1118.944514][T22266] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1119.096400][T22272] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4318'.
[ 1119.161439][T22272] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.338113][T22276] loop7: detected capacity change from 0 to 7
[ 1119.360834][T22272] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.397521][T22277] netlink: 'syz.3.4320': attribute type 1 has an invalid length.
[ 1119.548497][T21905] Dev loop7: unable to read RDB block 7
[ 1119.550847][T22277] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1119.551199][T21905]  loop7: unable to read partition table
[ 1119.557193][T21905] loop7: partition table beyond EOD, truncated
[ 1119.593804][T22277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4320'.
[ 1119.613607][T22278] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1119.626554][T22278] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1119.632979][T22278] bond1: (slave vxcan3): Error -95 calling set_mac_address
[ 1119.649015][T22281] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4320'.
[ 1119.678988][T22279] veth3: entered promiscuous mode
[ 1119.685784][T22279] bond1: (slave veth3): Enslaving as an active interface with an up link
[ 1119.705298][T22272] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.795581][T22276] Dev loop7: unable to read RDB block 7
[ 1119.795693][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1119.797397][T22276]  loop7: unable to read partition table
[ 1119.800447][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1119.803578][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1119.805980][T22276] loop7: partition table beyond EOD, truncated
[ 1119.808460][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1119.815087][T22276] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1119.816814][T22272] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.158652][ T5388] Dev loop7: unable to read RDB block 7
[ 1120.160605][ T5388]  loop7: unable to read partition table
[ 1120.162444][ T5388] loop7: partition table beyond EOD, truncated
[ 1120.463765][T22288] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4321'.
[ 1120.636656][T17702] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.655248][T20412] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.663463][T17702] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.708543][T22288] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.747276][T17702] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.765951][T17702] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.780177][   T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.804602][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.816132][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.889149][T22297] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4323'.
[ 1120.908714][T22288] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.990640][T22297] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.032166][T22288] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.055727][T22297] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.136168][T22288] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.150333][T22297] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.350086][T22297] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.417648][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.476179][T17702] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.582761][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.125552][ T1145] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.690666][T22353] loop7: detected capacity change from 0 to 7
[ 1124.745132][T22355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4335'.
[ 1124.873839][T22355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4335'.
[ 1124.901842][T22353] Dev loop7: unable to read RDB block 7
[ 1124.904335][T22353]  loop7: unable to read partition table
[ 1124.907086][T22353] loop7: partition table beyond EOD, truncated
[ 1124.907984][T22357] veth61: entered promiscuous mode
[ 1124.910111][T22353] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1124.932289][T22353] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4335'.
[ 1124.948355][ T1145] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.983660][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1124.987734][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1125.017654][ T1145] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.028122][ T1145] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.043665][ T1145] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1125.085974][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1125.089651][    C1] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1125.501812][T22378] vlan2: entered allmulticast mode
[ 1125.771653][T22390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4340'.
[ 1125.815528][T22394] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4341'.
[ 1126.075124][T22411] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4344'.
[ 1126.410319][T22424] loop7: detected capacity change from 0 to 7
[ 1126.622065][T22426] veth37: entered promiscuous mode
[ 1126.653064][T22425] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4346'.
[ 1126.711660][T22428] FAULT_INJECTION: forcing a failure.
[ 1126.711660][T22428] name failslab, interval 1, probability 0, space 0, times 0
[ 1126.714155][T22425] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4346'.
[ 1126.719710][T22428] CPU: 0 UID: 0 PID: 22428 Comm: syz.2.4347 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1126.719727][T22428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1126.719734][T22428] Call Trace:
[ 1126.719739][T22428]  <TASK>
[ 1126.719744][T22428]  dump_stack_lvl+0x16c/0x1f0
[ 1126.719763][T22428]  should_fail_ex+0x512/0x640
[ 1126.719779][T22428]  ? fs_reclaim_acquire+0xae/0x150
[ 1126.719819][T22428]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1126.719838][T22428]  should_failslab+0xc2/0x120
[ 1126.719854][T22428]  __kmalloc_noprof+0xd2/0x510
[ 1126.719870][T22428]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1126.719888][T22428]  ? tomoyo_profile+0x47/0x60
[ 1126.719906][T22428]  tomoyo_path_number_perm+0x245/0x580
[ 1126.719919][T22428]  ? tomoyo_path_number_perm+0x237/0x580
[ 1126.719933][T22428]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1126.719961][T22428]  ? find_held_lock+0x2b/0x80
[ 1126.719972][T22428]  ? hook_file_ioctl_common+0x145/0x410
[ 1126.719990][T22428]  ? __fget_files+0x20e/0x3c0
[ 1126.720004][T22428]  security_file_ioctl_compat+0x9b/0x240
[ 1126.720019][T22428]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1126.720039][T22428]  __do_fast_syscall_32+0x7c/0x3a0
[ 1126.720055][T22428]  do_fast_syscall_32+0x32/0x80
[ 1126.720069][T22428]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1126.720083][T22428] RIP: 0023:0xf7f36579
[ 1126.720093][T22428] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1126.720104][T22428] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1126.720115][T22428] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c0383e04
[ 1126.720122][T22428] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1126.720129][T22428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1126.720135][T22428] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1126.720142][T22428] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1126.720155][T22428]  </TASK>
[ 1126.720211][T22428] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1126.858023][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1126.861479][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1126.864389][T22358] Dev loop7: unable to read RDB block 7
[ 1126.867617][T22358]  loop7: unable to read partition table
[ 1126.867681][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1126.869516][T22358] loop7: partition table beyond EOD, truncated
[ 1126.872520][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1127.093890][T22424] Dev loop7: unable to read RDB block 7
[ 1127.104651][T22424]  loop7: unable to read partition table
[ 1127.106731][T22424] loop7: partition table beyond EOD, truncated
[ 1127.109515][T22424] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1127.131154][T22438] netlink: 'syz.1.4350': attribute type 1 has an invalid length.
[ 1127.163873][T22438] 8021q: adding VLAN 0 to HW filter on device bond25
[ 1127.191597][T22438] 8021q: adding VLAN 0 to HW filter on device bond25
[ 1127.194227][T22438] bond25: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1127.201459][T22438] bond25: (slave vxcan3): Error -95 calling set_mac_address
[ 1127.271875][T22450] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4352'.
[ 1127.280556][T22448] veth45: entered promiscuous mode
[ 1127.287507][T22448] bond25: (slave veth45): Enslaving as an active interface with an up link
[ 1127.343455][T22438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4350'.
[ 1127.380347][ T5388] Dev loop7: unable to read RDB block 7
[ 1127.384105][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1127.385004][ T5388]  loop7: unable to read partition table
[ 1127.387978][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1127.396836][    C3] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1127.400762][    C3] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1127.403830][ T5388] loop7: partition table beyond EOD, truncated
[ 1127.410223][T22450] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.495734][    C2] vcan0: j1939_session_tx_dat: 0xffff888023895800: queue data error: -100
[ 1127.499835][    C2] vcan0: j1939_xtp_rx_dpo: no connection found
[ 1127.502034][    C2] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found
[ 1127.504839][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.507496][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.509995][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.512442][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.515411][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.518012][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.520628][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.523249][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.525913][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.528856][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.531564][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.534240][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.536957][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.539501][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.542087][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.544622][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.547210][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.549932][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.552922][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.555480][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.557946][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.560356][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.562844][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.565455][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.568048][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.570737][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.573775][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.577072][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.579646][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.582070][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.584617][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.587102][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.589665][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.592729][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.595584][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.598155][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.600646][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.603121][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.605802][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.608583][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.611138][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.613745][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.616676][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.619448][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.622129][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.624571][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.626991][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.629405][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.631834][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.634356][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.637079][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.639662][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.642119][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.644744][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.647248][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.649761][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.652276][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.654819][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.657296][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.659784][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.662238][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.664740][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.667234][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.669893][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.672572][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.675458][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.678248][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.680843][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.683479][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.686109][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.688715][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.691391][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.694048][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.696992][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.699662][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.702096][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.704655][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.707241][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.709886][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.712475][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.715351][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.718141][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.720946][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.723466][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.726110][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.728743][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.731696][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.734340][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.737035][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.739488][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.741935][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.744642][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.747269][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.750058][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.752746][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.755408][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.758016][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.760566][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.763351][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.766009][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.768853][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.771788][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.774668][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.777338][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.779934][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.782697][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.785639][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.788423][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.791442][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.794445][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.797605][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.800034][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.802487][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.804976][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.807613][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.810394][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.813006][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.815753][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.818598][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.820985][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.823471][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.825971][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.828530][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.830975][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.833527][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1127.836310][    C2] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1127.860474][T22450] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.064234][T22450] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.135921][T22462] FAULT_INJECTION: forcing a failure.
[ 1128.135921][T22462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1128.145912][T22462] CPU: 1 UID: 0 PID: 22462 Comm: syz.3.4357 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1128.145931][T22462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1128.145939][T22462] Call Trace:
[ 1128.145944][T22462]  <TASK>
[ 1128.145949][T22462]  dump_stack_lvl+0x16c/0x1f0
[ 1128.145971][T22462]  should_fail_ex+0x512/0x640
[ 1128.145990][T22462]  _copy_from_user+0x2e/0xd0
[ 1128.146010][T22462]  get_compat_msghdr+0xa7/0x170
[ 1128.146026][T22462]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1128.146044][T22462]  ___sys_sendmsg+0x1ae/0x1d0
[ 1128.146060][T22462]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1128.146081][T22462]  ? find_held_lock+0x2b/0x80
[ 1128.146102][T22462]  __sys_sendmsg+0x16d/0x220
[ 1128.146116][T22462]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1128.146136][T22462]  ? rcu_is_watching+0x12/0xc0
[ 1128.146151][T22462]  __do_fast_syscall_32+0x7c/0x3a0
[ 1128.146172][T22462]  do_fast_syscall_32+0x32/0x80
[ 1128.146187][T22462]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1128.146203][T22462] RIP: 0023:0xf702e579
[ 1128.146213][T22462] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1128.146225][T22462] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1128.146237][T22462] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[ 1128.146244][T22462] RDX: 00000000000000c4 RSI: 0000000000000000 RDI: 0000000000000000
[ 1128.146251][T22462] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1128.146257][T22462] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1128.146264][T22462] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1128.146277][T22462]  </TASK>
[ 1128.272626][T22450] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1128.432797][T16030] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.466475][T20412] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.485373][   T46] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.514242][   T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.964640][   T10] IPVS: starting estimator thread 0...
[ 1129.044700][T22480] IPVS: using max 44 ests per chain, 105600 per kthread
[ 1129.555923][T22489] netlink: 'syz.4.4361': attribute type 9 has an invalid length.
[ 1129.559288][T22489] netlink: 'syz.4.4361': attribute type 7 has an invalid length.
[ 1129.562409][T22489] netlink: 'syz.4.4361': attribute type 8 has an invalid length.
[ 1129.613184][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880283eac00: rx timeout, send abort
[ 1129.617974][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880283ea800: rx timeout, send abort
[ 1129.620832][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880283eac00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1129.627460][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880283ea800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1129.914708][T22500] netlink: 'syz.4.4364': attribute type 1 has an invalid length.
[ 1129.998974][T22500] bond20: (slave bridge1): Enslaving as a backup interface with an up link
[ 1130.995203][T22526] __nla_validate_parse: 3 callbacks suppressed
[ 1130.995220][T22526] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4367'.
[ 1131.047769][T22526] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.156313][T22539] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4368'.
[ 1131.179995][T22526] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.301663][T22541] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.490098][T22526] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.510150][T22541] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.538494][T22546] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1131.597015][T22546] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.663902][T22526] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.734552][T22546] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.936571][T22541] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.043987][T22546] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.113610][T22541] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.362446][T22550] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4373'.
[ 1132.576628][   T46] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.579543][   T46] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.584172][T22546] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.714413][   T46] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.718192][   T46] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.998304][T16030] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.002194][T16030] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.019139][T20412] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.214951][ T1172] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.219011][ T1172] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.244850][ T1172] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.247608][ T1172] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.250343][ T1172] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1133.465624][T22555] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4374'.
[ 1133.594527][T22559] loop7: detected capacity change from 0 to 7
[ 1133.627870][T22555] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.164581][T22570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4376'.
[ 1134.272114][T22572] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4376'.
[ 1134.404317][T22564] veth47: entered promiscuous mode
[ 1134.500707][T22555] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.641050][T22358] Dev loop7: unable to read RDB block 7
[ 1134.641229][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1134.643304][T22358]  loop7: unable to read partition table
[ 1134.643659][T22358] loop7: partition table beyond EOD, 
[ 1134.647099][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1134.655955][T22358] truncated
[ 1134.899620][T22555] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.153719][T22559] Dev loop7: unable to read RDB block 7
[ 1135.166970][T22559]  loop7: unable to read partition table
[ 1135.175818][T22559] loop7: partition table beyond EOD, truncated
[ 1135.187125][T22559] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1135.273655][T22555] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.403224][T22596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4379'.
[ 1135.983306][   T46] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.090771][T20412] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.310974][ T1145] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.367590][ T1145] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.607288][T22623] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4383'.
[ 1136.625468][T22623] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1136.634967][T22625] netlink: 'syz.3.4384': attribute type 1 has an invalid length.
[ 1136.849263][T22623] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1136.999435][T22623] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1137.142741][T22623] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1137.364318][   T46] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.373221][   T46] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.376539][   T46] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.386846][   T46] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.784724][T22648] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1137.918580][T22648] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1137.993211][T22660] loop7: detected capacity change from 0 to 7
[ 1138.045239][T22658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4388'.
[ 1138.156564][T22666] veth61: entered promiscuous mode
[ 1138.161948][T22358] Dev loop7: unable to read RDB block 7
[ 1138.163725][T22358]  loop7: unable to read partition table
[ 1138.165933][T22358] loop7: partition table beyond EOD, truncated
[ 1138.186463][T22648] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1138.228051][T22663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4389'.
[ 1138.281279][T22673] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4391'.
[ 1138.290855][T22648] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1138.308604][T22663] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4389'.
[ 1138.392364][T22660] Dev loop7: unable to read RDB block 7
[ 1138.394553][T22660]  loop7: unable to read partition table
[ 1138.397160][T22660] loop7: partition table beyond EOD, truncated
[ 1138.399870][T22660] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1138.418779][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1138.421881][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1138.425913][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1138.429217][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[ 1138.972378][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.992606][T22686] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4401'.
[ 1139.259832][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1139.273994][T22648] BUG: unable to handle page fault for address: ffff8880974c6020
[ 1139.276553][T22648] #PF: supervisor write access in kernel mode
[ 1139.279494][T22648] #PF: error_code(0x0002) - not-present page
[ 1139.282781][T22648] PGD 1b401067 P4D 1b401067 PUD 0 
[ 1139.284541][T22648] Oops: Oops: 0002 [#1] SMP KASAN NOPTI
[ 1139.286292][T22648] CPU: 0 UID: 0 PID: 22648 Comm: syz.3.4387 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1139.289746][T22648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1139.293518][T22648] RIP: 0010:nsim_queue_free+0xba/0x120
[ 1139.295231][T22648] Code: 07 77 6c 4a 8d 3c ed 60 7e f5 8d 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 46 4a 03 1c ed 60 7e f5 8d <4c> 01 63 20 be 00 02 00 00 48 8d 3d 00 00 00 00 e8 a1 fc 53 fa 48
[ 1139.302930][T22648] RSP: 0018:ffffc900068af150 EFLAGS: 00010286
[ 1139.305374][T22648] RAX: dffffc0000000000 RBX: ffff8880974c6000 RCX: 000000000000c423
[ 1139.308480][T22648] RDX: 1ffffffff1beafcc RSI: ffffffff8c162800 RDI: ffffffff8df57e60
[ 1139.311985][T22648] RBP: ffff888065b31000 R08: 0000000000000000 R09: 0000000000000000
[ 1139.316114][T22648] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 1139.319851][T22648] R13: 0000000000000000 R14: ffff888056bbafe0 R15: ffffed100a81d08e
[ 1139.322930][T22648] FS:  0000000000000000(0000) GS:ffff8880974c6000(0063) knlGS:00000000f53dcb40
[ 1139.326421][T22648] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1139.329174][T22648] CR2: ffff8880974c6020 CR3: 00000000670ef000 CR4: 0000000000352ef0
[ 1139.332340][T22648] Call Trace:
[ 1139.334162][T22648]  <TASK>
[ 1139.335268][T22648]  nsim_create+0xd0a/0x1260
[ 1139.337027][T22648]  __nsim_dev_port_add+0x435/0x7d0
[ 1139.338649][T22648]  ? __pfx___nsim_dev_port_add+0x10/0x10
[ 1139.340418][T22648]  ? nsim_dev_hwstats_init+0xf5/0x4f0
[ 1139.342192][T22648]  nsim_dev_reload_up+0x5b8/0x860
[ 1139.343805][T22648]  ? __pfx_nsim_dev_reload_up+0x10/0x10
[ 1139.345558][T22648]  ? devlink_params_driverinit_load_new+0x231/0x2c0
[ 1139.347644][T22648]  ? nsim_dev_reload_destroy+0x1a9/0x4d0
[ 1139.349424][T22648]  devlink_reload+0x322/0x7c0
[ 1139.350922][T22648]  ? __pfx_devlink_reload+0x10/0x10
[ 1139.352578][T22648]  devlink_nl_reload_doit+0xe31/0x1410
[ 1139.354583][T22648]  ? __pfx_devlink_nl_reload_doit+0x10/0x10
[ 1139.356682][T22648]  ? __pfx_devlink_get_from_attrs_lock+0x10/0x10
[ 1139.358833][T22648]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1139.361148][T22648]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1139.362886][T22648]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1139.364767][T22648]  ? rcu_is_watching+0x12/0xc0
[ 1139.366251][T22648]  ? bpf_lsm_capable+0x9/0x10
[ 1139.367738][T22648]  ? security_capable+0x7e/0x260
[ 1139.369274][T22648]  genl_rcv_msg+0x55c/0x800
[ 1139.370938][T22648]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1139.372927][T22648]  ? __pfx_devlink_nl_pre_doit_dev_lock+0x10/0x10
[ 1139.375509][T22648]  ? __pfx_devlink_nl_reload_doit+0x10/0x10
[ 1139.377849][T22648]  ? __pfx_devlink_nl_post_doit_dev_lock+0x10/0x10
[ 1139.380229][T22648]  netlink_rcv_skb+0x158/0x420
[ 1139.382143][T22648]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1139.384286][T22648]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1139.386605][T22648]  genl_rcv+0x28/0x40
[ 1139.388464][T22648]  netlink_unicast+0x5a7/0x870
[ 1139.390486][T22648]  ? __pfx_netlink_unicast+0x10/0x10
[ 1139.392720][T22648]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1139.395426][T22648]  netlink_sendmsg+0x8d1/0xdd0
[ 1139.397314][T22648]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1139.399480][T22648]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1139.401879][T22648]  ____sys_sendmsg+0xa95/0xc70
[ 1139.403789][T22648]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1139.405882][T22648]  ? get_compat_msghdr+0x11a/0x170
[ 1139.408026][T22648]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1139.410559][T22648]  ___sys_sendmsg+0x134/0x1d0
[ 1139.412651][T22648]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1139.415062][T22648]  ? find_held_lock+0x2b/0x80
[ 1139.417243][T22648]  __sys_sendmsg+0x16d/0x220
[ 1139.419261][T22648]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1139.421481][T22648]  ? __ia32_sys_futex_time32+0x1d9/0x460
[ 1139.423917][T22648]  ? rcu_is_watching+0x12/0xc0
[ 1139.425997][T22648]  __do_fast_syscall_32+0x7c/0x3a0
[ 1139.428215][T22648]  do_fast_syscall_32+0x32/0x80
[ 1139.430390][T22648]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1139.433058][T22648] RIP: 0023:0xf702e579
[ 1139.434771][T22648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1139.442837][T22648] RSP: 002b:00000000f53dc55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1139.446416][T22648] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000080
[ 1139.449976][T22648] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1139.453397][T22648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1139.456869][T22648] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1139.460334][T22648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1139.463877][T22648]  </TASK>
[ 1139.465216][T22648] Modules linked in:
[ 1139.466900][T22648] CR2: ffff8880974c6020
[ 1139.468999][T22648] ---[ end trace 0000000000000000 ]---
[ 1139.471777][T22648] RIP: 0010:nsim_queue_free+0xba/0x120
[ 1139.474995][T22648] Code: 07 77 6c 4a 8d 3c ed 60 7e f5 8d 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 46 4a 03 1c ed 60 7e f5 8d <4c> 01 63 20 be 00 02 00 00 48 8d 3d 00 00 00 00 e8 a1 fc 53 fa 48
[ 1139.481367][T22648] RSP: 0018:ffffc900068af150 EFLAGS: 00010286
[ 1139.483407][T22648] RAX: dffffc0000000000 RBX: ffff8880974c6000 RCX: 000000000000c423
[ 1139.485856][T22648] RDX: 1ffffffff1beafcc RSI: ffffffff8c162800 RDI: ffffffff8df57e60
[ 1139.488474][T22648] RBP: ffff888065b31000 R08: 0000000000000000 R09: 0000000000000000
[ 1139.490953][T22648] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[ 1139.493446][T22648] R13: 0000000000000000 R14: ffff888056bbafe0 R15: ffffed100a81d08e
[ 1139.495908][T22648] FS:  0000000000000000(0000) GS:ffff8880974c6000(0063) knlGS:00000000f53dcb40
[ 1139.498752][T22648] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 1139.500836][T22648] CR2: ffff8880974c6020 CR3: 00000000670ef000 CR4: 0000000000352ef0
[ 1139.503468][T22648] Kernel panic - not syncing: Fatal exception in interrupt
[ 1139.506348][T22648] Kernel Offset: disabled
[ 1139.507873][T22648] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:54:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85613555 RDI=ffffffff9b0f6600 RBP=ffffffff9b0f65c0 RSP=ffffc900068ae9e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=727265203a465023
R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b0f65c0 R15=ffffffff856134f0
RIP=ffffffff8561357f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974c6000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=ffff8880974c6020 CR3=00000000670ef000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffffa0201a54 RBX=ffffc9000052e000 RCX=ffffc9000ded2000 RDX=1ffff920000a5c06
RSI=ffffc9000052e048 RDI=ffffc90006ce7560 RBP=1ffff92000d9cea4 RSP=ffffc90006ce7508
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=ffffc9000052e028 R15=ffffc90006ce7540
RIP=ffffffffa0201a61 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c6000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080014000 CR3=00000000772d9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
EAX=00000001 EBX=f7414ff4 ECX=00000000 EDX=00001da9
ESI=81cb3da9 EDI=ffffffff EBP=f7430000 ESP=ff98dd20
EIP=f70ce726 EFL=00000282 [--S----] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 56975440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000559a51ffdec8 CR3=000000006d7a1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000004000008fd RBX=ffff88805731a440 RCX=0000000000000830 RDX=0000000000000004
RSI=00000000000000fd RDI=0000000000000004 RBP=0000000000000008 RSP=ffffc90006cf77a8
R8 =0000000000000000 R9 =fffffbfff2156d72 R10=ffffffff90ab6b97 R11=ffff88802b53a740
R12=1ffff92000d9eef6 R13=0000000000000003 R14=0000000000000002 R15=ffffc90006cf77d0
RIP=ffffffff81695748 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c6000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080002000 CR3=000000006d7a1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 11f4165c6a4a8726 8b22b6bb4e8e8500
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c1e6098855ac7ce 5ab8900ed44efc9f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 91c550a00d750182 5c727136810ee5df
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 85429a42c51f452e 3cbc87c074cc984a
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000060
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000020
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e1cf438475491a0 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1cbc428800000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 431d574f27f60056 c50bbcd1e0e64271
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000b7ba83a0
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 015593bc3d93567d 25fe0b8e4346c44e
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 46c2f2e22fd5d4bf 6ef2621142ce7df3
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000