last executing test programs:

7m22.37264525s ago: executing program 32 (id=109):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {0xa}, {}, {0xfff3}}}, 0x24}}, 0x0)
ioctl$sock_ifreq(r1, 0x8935, &(0x7f0000000740)={'ip6_vti0\x00', @ifru_hwaddr=@remote})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000005c001280110001006272696467655f736c617665000000004400058005000500030000"], 0x7c}}, 0x0)

6m54.607553352s ago: executing program 33 (id=521):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400", 0xc)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0x6}, {&(0x7f0000000140), 0xa}, {&(0x7f0000000300)=""/225, 0x2}, {&(0x7f0000000400)=""/41, 0xfeb2}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f00000004c0)=""/203, 0xcb}], 0x6, &(0x7f0000000640)=""/123, 0xfffffffffffffe63, 0x2000000}}, {{&(0x7f00000006c0), 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0xffffffffffffffe0}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680})

6m52.034359665s ago: executing program 34 (id=558):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r1, 0x101, 0x0, 0x0, {}, [@GTPA_NET_NS_FD={0x8, 0xd}, @GTPA_VERSION={0x8}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0)
r2 = userfaultfd(0x80001)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0)
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x118a1ce7c37ad792}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x10, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048841)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

6m35.792652738s ago: executing program 35 (id=566):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x143800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x1, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
write$dsp(r3, &(0x7f00000001c0)="e35e98", 0x3)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r3, 0x0)
close(r3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x16, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r4}, &(0x7f0000000040), &(0x7f00000000c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f00000004c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r5}, 0x10)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_FLUSHABLE(r6, 0x112, 0x8, &(0x7f00000002c0)=0x2000, 0x4)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r9, 0xc0406441, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r12 = dup2(r11, r11)
write$binfmt_script(r12, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r10, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r7, @ANYRES64=r2, @ANYRES16=r10], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
getpriority(0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
connect$packet(r8, &(0x7f00000001c0)={0x11, 0xf7, r10, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)

4m46.590044395s ago: executing program 5 (id=2174):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000200)={0x1d, r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f00000004c0)="b4bd341bda39df5b73e5216a512495f0aacf10118714ac219ff8cd3e96f539b39dfd7b1dd4d401cbc0faf2af22402b63540d8bd0eb80969b763b4cb24d9caf33d9f699816662765bfb5ef7d4aa00de3736131006ab970aef154739e5c5c56997e87d69240f7871a35cb575a30a823dbc5a1fa66b84d51a7d69da8a2a0c94106e89a3c3865d82d2077ab719958e2dc8e1761e5d2cb2db6dad49f3c76b6a2be6f17a3bd47e8f0fc23c73c5bce4560a0a3b759b22062ef6755288497ed82570f3229d3223b5a9c821e6bc9ac67d9ecd9c01e23fa51c93e4ad990e2bd2e1ffcd89633c27f86bf3ab0216ecb79ed0df1ebd4b9a87a9624440a6ed47641fa0e2ceb47a42874cb9d470344853fbc64b1b98da02c5ba97759d2cc4870f8f23897de9a63fcae824a33983bead92d831c9144ebea92117a324be6d97f87becbe38295703c2924e624baaf09e07ce7c6fab801e211acdb0b73e01acaed8462f8cc4d61c608196cc70fc3c5bd98ae50f758cfb10d1b9e88528f032f0a163bc63f65052f76726bb1ef9eb2570fff42eddf3ce631498a4d1cff3488da8ac87165e2260a6eaaf7201", 0x1a1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x28, r5, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)}, 0x0)
r6 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000680)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000000000)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={0x0, 0x5afdbf8e}, &(0x7f00000000c0)=0x8)
ioctl$FS_IOC_GETVERSION(r7, 0xc0145b0e, &(0x7f00000000c0))
sendmsg$IPCTNL_MSG_CT_GET_STATS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x90)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1}, {0xffff, 0xa}, {0x1}}}, 0x24}}, 0x0)

4m45.094323915s ago: executing program 5 (id=2202):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0xffff0000, 0x0, 0x40000}, 0x20000040)

4m45.094169966s ago: executing program 5 (id=2203):
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x40)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r1, 0x3)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x4, 0x2}, 0x6)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
ioctl$HIDIOCSFEATURE(r0, 0xc0404806, 0x0)

4m44.941524421s ago: executing program 5 (id=2206):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r1, 0xc008561c, &(0x7f00000001c0)={0x980901, 0x8081, @name="6736516728a5678c18a4ec047f3f1fa52fe9a9987d0406b3a0c705c611b66f06"})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x6c, 0x0, 0x8, 0x5, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xffff}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xf}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8000}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3f80000}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x5e}]}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x2000c000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, 0x2, 0x8, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x8014}, 0x4000)

4m44.941229986s ago: executing program 5 (id=2208):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x100000, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}, 0x1, 0x0, 0x0, 0x800}, 0x0)

4m44.938434556s ago: executing program 5 (id=2210):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty=0xf5ff}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a0600fe809cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0x0)

4m44.795632627s ago: executing program 36 (id=2210):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty=0xf5ff}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a0600fe809cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0x0)

4m41.909739881s ago: executing program 7 (id=2239):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xd)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
write$eventfd(r1, 0x0, 0x1f)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0x3, 0x4, 0x0, 0x0, 0xc04}}, 0x120)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
read(r0, &(0x7f0000000240)=""/211, 0xd3)
write$UHID_DESTROY(r0, &(0x7f0000000040), 0x4)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x6, 0xc9, 0xf, 0x7}}}}, 0x9)

4m41.039426684s ago: executing program 7 (id=2256):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) (fail_nth: 6)

4m40.744093257s ago: executing program 7 (id=2260):
mkdir(&(0x7f0000000080)='./file1\x00', 0xb)
mount$9p_virtio(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), 0x3000016, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)

4m40.7437615s ago: executing program 7 (id=2261):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000140)=0x2, 0x4) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x24, 0x4, 0x8, 0x3, 0x0, 0x0, {0x5, 0x0, 0x6}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9f3dd937e73e3ff9}]}, 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x40000) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x5, 0x5, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xef, &(0x7f0000000000)=""/239, 0x40f00, 0x3}, 0x94)

4m40.684166151s ago: executing program 7 (id=2263):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xd)
mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180)=0x1)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0x3, 0x4, 0x0, 0x0, 0xc04}}, 0x120)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
read(r0, &(0x7f0000000240)=""/211, 0xd3)
write$UHID_DESTROY(r0, &(0x7f0000000040), 0x4)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x6, 0xc9, 0xf, 0x7}}}}, 0x9)

4m40.404332346s ago: executing program 7 (id=2264):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000711208000000000095e9b94aff0a6404b6c773f4f3bc5f8ecd47aabbf7ff4683997ba22f3bd86ac0a4c46dfd4863de4be818cd5a25a6717f6f10eaa2f34cf2c81319bf9a8d21e1e6de9c9c3be1c5289c89de5b956013448f2318286f810200000000000000006065d34a8ec7263b3675c02e97f00684416f4348556fac5d89f8822657f771ef0f0d0fcff4125f781d50b32be686c02a1c523a867a4d6f0bfb8d1050038e1fa270323d0a9c6a073c90b52f68bcd183441495cf27e224426ec270a2b3fc36fafb4e2070b13a0a6407544ae6c617bbd492feb7210d7d13a2437b59b25a95aa6a492acb4c756c10a30e9869d56a15e7e4be769ba088f5f40e039647b37542f90cd96ddd2e269cf2c349f870f01d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r1, 0x3, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
getdents64(r1, &(0x7f0000003440)=""/99, 0x63)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000580)='.\x00', &(0x7f0000000040), 0xc000, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c6163636573733d757365722c756e616d6525002c616e616d653d66642f33002c616669643d3078303030303030303030303030303030332c009dc9f701d8ddc4bf773811ca462a98ea10166840ecac661fc49133ba14d3b69dfeffffff8ccfda7befa692e3be8eefb23853abe46dff3028addcb95dc754fe7d86028066dea409a0000000000000000000000000000056205514e8f82604116cd7c73d7839cc3ee55f01a6b8"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$MRT_DEL_MFC(r2, 0x0, 0xcd, &(0x7f00000000c0)={@multicast1, @loopback, 0xffffffffffffffff, "14a048be13c9ebd472459c101f810b162aba2a34e6abb8139e0eaf28b004d1b8", 0x3, 0x8, 0x100, 0x3}, 0x3c)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x1, 0x2], 0x0, 0x0, 0x2, 0x1}}, 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x2000000, 0xc, 0xfeff, 0x18e3, 0x200000001, 0x300000000, 0xfffffffffffffff7, 0xce, 0x2f})
connect$rxrpc(r2, &(0x7f0000000240)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24)
socket$inet6(0xa, 0x5, 0x1cd)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)

4m25.34393338s ago: executing program 37 (id=2264):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000711208000000000095e9b94aff0a6404b6c773f4f3bc5f8ecd47aabbf7ff4683997ba22f3bd86ac0a4c46dfd4863de4be818cd5a25a6717f6f10eaa2f34cf2c81319bf9a8d21e1e6de9c9c3be1c5289c89de5b956013448f2318286f810200000000000000006065d34a8ec7263b3675c02e97f00684416f4348556fac5d89f8822657f771ef0f0d0fcff4125f781d50b32be686c02a1c523a867a4d6f0bfb8d1050038e1fa270323d0a9c6a073c90b52f68bcd183441495cf27e224426ec270a2b3fc36fafb4e2070b13a0a6407544ae6c617bbd492feb7210d7d13a2437b59b25a95aa6a492acb4c756c10a30e9869d56a15e7e4be769ba088f5f40e039647b37542f90cd96ddd2e269cf2c349f870f01d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r1, 0x3, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x33)
getdents64(r1, &(0x7f0000003440)=""/99, 0x63)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000580)='.\x00', &(0x7f0000000040), 0xc000, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="2c6163636573733d757365722c756e616d6525002c616e616d653d66642f33002c616669643d3078303030303030303030303030303030332c009dc9f701d8ddc4bf773811ca462a98ea10166840ecac661fc49133ba14d3b69dfeffffff8ccfda7befa692e3be8eefb23853abe46dff3028addcb95dc754fe7d86028066dea409a0000000000000000000000000000056205514e8f82604116cd7c73d7839cc3ee55f01a6b8"])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$MRT_DEL_MFC(r2, 0x0, 0xcd, &(0x7f00000000c0)={@multicast1, @loopback, 0xffffffffffffffff, "14a048be13c9ebd472459c101f810b162aba2a34e6abb8139e0eaf28b004d1b8", 0x3, 0x8, 0x100, 0x3}, 0x3c)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x1, 0x2], 0x0, 0x0, 0x2, 0x1}}, 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x2000000, 0xc, 0xfeff, 0x18e3, 0x200000001, 0x300000000, 0xfffffffffffffff7, 0xce, 0x2f})
connect$rxrpc(r2, &(0x7f0000000240)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24)
socket$inet6(0xa, 0x5, 0x1cd)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)

3m29.179628669s ago: executing program 9 (id=3499):
r0 = shmget$private(0x0, 0x4000, 0x10, &(0x7f0000ff9000/0x4000)=nil)
mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x3000, 0x2, &(0x7f0000ff8000/0x3000)=nil)
shmctl$IPC_RMID(r0, 0x0)
r1 = shmget$private(0x0, 0x3000, 0x80, &(0x7f0000ffa000/0x3000)=nil)
shmctl$SHM_UNLOCK(r1, 0xc)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000480), 0x149000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000500)={{0x1, 0x1, 0x6b, 0xffffffffffffffff, {0x101}}, '\x00'})
remap_file_pages(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000000, 0x9, 0x40)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r4, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r4], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x3c, 0x28, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {}, {0xe, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xbe, 0x2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x810}, 0x40040c4)
shmctl$IPC_STAT(r0, 0x2, &(0x7f0000000000)=""/127)

3m29.097385192s ago: executing program 9 (id=3500):
r0 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@ipv6_deladdr={0x2c, 0x15, 0x1, 0x70bd25, 0x25dfdbfe, {0xa, 0x78, 0x141, 0x0, r1}, [@IFA_LOCAL={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x2c}, 0x1, 0x0, 0x700000000000000, 0x4000801}, 0x20000000)

3m28.99195619s ago: executing program 9 (id=3503):
syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000200)={0x5, 0xe0, 0x2, {0x6, @sliced={0x3, [0x8, 0x9, 0x9, 0x103, 0x2, 0x2, 0x0, 0x400, 0x4, 0xd, 0xfff, 0x5039, 0x9, 0x1002, 0x2, 0x25, 0x7ffd, 0x3, 0x9, 0x4, 0x0, 0x100, 0x3, 0x7, 0x1, 0x2, 0x4c2b, 0x0, 0x200, 0x2, 0x3, 0x0, 0x8, 0x80, 0x1, 0x6, 0xfffe, 0x8, 0x2, 0x6, 0x8000, 0x1, 0x1, 0x7f, 0x8000, 0x3ad, 0x8, 0x1], 0x335}}, 0x80d4})

3m28.943713011s ago: executing program 9 (id=3505):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x7, 0x9, 0x101, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000001811000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x10})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
linkat(r3, &(0x7f0000000240)='./file0/file0\x00', r3, &(0x7f0000000280)='./file0/../file0/../file0\x00', 0x400)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
lsm_get_self_attr(0x67, &(0x7f0000000340)={0x0, 0x0, 0x94, 0x74, ""/116}, &(0x7f0000000100)=0x94, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="0000000000004a641c0012000c000100626f6e64"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x100000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x4c}}, 0x0)
r10 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r10)

3m28.880947967s ago: executing program 9 (id=3507):
r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x40)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r1, 0xc06855c8, &(0x7f0000000140)={0x5, 0x3, {0x53, 0x313, 0x401, {0x8000, 0x7ff}, {0x2, 0x7}, @cond=[{0xac, 0x8001, 0x5, 0x7, 0x8, 0x3ff}, {0x495, 0x6, 0x5, 0x2, 0xa00, 0x5}]}, {0x56, 0x8001, 0x7, {0x6, 0x7}, {0x4, 0x9733}, @period={0x5b, 0x200, 0x8001, 0x9, 0x8, {0x3, 0x8, 0xfa27, 0x8}, 0x1, &(0x7f0000000100)=[0x0]}}})
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
listen(r2, 0x3)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000200008500000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000ff030000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
ioctl$HIDIOCSFEATURE(r0, 0xc0404806, 0x0)

3m28.830414334s ago: executing program 9 (id=3510):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
write$eventfd(r1, 0x0, 0x1f)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180)=0x1)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0x3, 0x4, 0x0, 0x0, 0xc04}}, 0x120)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
read(r0, &(0x7f0000000240)=""/211, 0xd3)
write$UHID_DESTROY(r0, &(0x7f0000000040), 0x4)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x6, 0xc9, 0xf, 0x7}}}}, 0x9)

3m28.775353465s ago: executing program 38 (id=3510):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
write$eventfd(r1, 0x0, 0x1f)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180)=0x1)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0x3, 0x4, 0x0, 0x0, 0xc04}}, 0x120)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2)
read(r0, &(0x7f0000000240)=""/211, 0xd3)
write$UHID_DESTROY(r0, &(0x7f0000000040), 0x4)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x6, 0xc9, 0xf, 0x7}}}}, 0x9)

2m50.267794706s ago: executing program 6 (id=4222):
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598904004ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dac00000000000000000000002000", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
r2 = syz_open_dev$loop(&(0x7f0000000000), 0x1, 0x8000)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000480)={r0, 0x1, {0x2a00, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x12, 0x3, 0x8, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea80000000000000300000000deff0000000000000000000000000000000800", "2809e8dbe108038948224ad54afac11d875397bdb22d008cde1719a93c7558f4767f9e01177d3dd40600000042645db461d608c100", "90be8b1c55f96400000a00", [0x800]}})

2m50.267723754s ago: executing program 6 (id=4223):
mkdir(&(0x7f0000000100)='./file0\x00', 0x11c)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r2, 0x5)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x2a000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
mmap$snddsp_control(&(0x7f0000000000/0x3000)=nil, 0x1000, 0x1, 0x11, r1, 0x82000000)
r4 = fcntl$dupfd(r0, 0x406, r0)
write$cgroup_pid(r4, &(0x7f0000000240), 0xfdef)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000240)='vxfs\x00', 0x11, 0x0)

2m50.117261626s ago: executing program 6 (id=4226):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0xc28c2)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
ioctl$EVIOCGPROP(r7, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r7, 0x4004743a, &(0x7f0000000300))
ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000001f00))
sendmmsg(r5, &(0x7f0000007180)=[{{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000340)}], 0x1}}], 0x1, 0x10014)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x40000071, 0x0, 0xffffffffffffff00}]})
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000040)={'wpan0\x00', <r8=>0x0})
sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x4, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="000008000300", @ANYRES32=r8, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4010}, 0x4000)
mount$9p_virtio(0x0, 0x0, 0x0, 0x0, 0x0)

2m49.886110273s ago: executing program 6 (id=4229):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xc769}, 0x94)
r0 = syz_clone(0xcd1ec30ed67898be, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x21, r0, 0x80000001, 0x4)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000004c0)={0x18}, 0x18)
fchmodat(r3, &(0x7f0000000380)='./file0\x00', 0x102)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0}, 0x24000000)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB=';\x00'])
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f00000021c0)={0x2020, 0x0, <r9=>0x0}, 0x2020)
r10 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r10, 0x104, 0x2, 0x0, &(0x7f0000000040))
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, r9, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_fscache}]}})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r11 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r12 = syz_clone(0x800000, &(0x7f0000000500)="c51657b356d6dde9fd76591feeacf858d4ec099525869bf84ad19156881d9105efde7ca5a2945419b60260084067074a653a5b8b77f79cb4d0421349cbfa54ad5c730868b7a81fc89ee4d1031e29cf27095c35e8764d113b3421bc206cd26b6d855030137fdde8d56a86941e220d60972b2eaf526f9b8a5fa5e149875c63febc6fff6b5ffc1b3c158c7b4e42606c8a82cf0fef732ed29faae3230f5813209a2005190a648d32daaa9a3707366144198fb239a125bd5abd9a44f73330e0ed", 0xbe, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000280)="8b470dcddcee463efabca31cab0a92f493e6c1eaacb9a0532fb726883c551625f04bbdbb629178c5")
ioctl$sock_SIOCSPGRP(r11, 0x8902, &(0x7f0000000340)=r12)
chmod(&(0x7f00000000c0)='./file0\x00', 0x8)

2m49.778097855s ago: executing program 6 (id=4230):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="6c00655810000104000000000000000800000000", @ANYRES32=0x0, @ANYBLOB="5d580000000000001c001a8018000a801400070000000000000300000000000000000001140003006970766c616e310000000000000000001c0012800b0001006970766c61"], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x24048010)

2m49.456873488s ago: executing program 6 (id=4232):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce0702000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
clock_gettime(0x9, &(0x7f0000000280))
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2m49.311092957s ago: executing program 39 (id=4232):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce0702000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
clock_gettime(0x9, &(0x7f0000000280))
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m38.83073205s ago: executing program 0 (id=5550):
write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x644, 0x3, 0x3}, 0x18, 0x2)
landlock_restrict_self(r0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x800}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000080), 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r4, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000180)="c1a24ecb3c4f87aace3e3dddf727360058", 0x11, 0xfffffffffffffffe)
keyctl$revoke(0x3, r5)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r3)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0xffff, r7, {0xe, 0x3}, {}, {0x9, 0xfffc}}}, 0x24}}, 0x40004)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES8], 0x0, 0x37, 0x0, 0x0, 0x9, 0x10000}, 0x28)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000af3f4f18bfb6b21b5e05bb3ed21db34c8000fc071cc1631681759a1a94973c7e4637276b78a4f974a5598d2545af15b47132e4020e3e1d78a01d20b154975a308cf9163d82c96db9ff5503849e4912a1681f2f703e01b86e7b97bb296b4d552de432b9e659a81c5c3d37c0d138", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="020000000100"/28], 0x50)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000017000/0x3000)=nil)
pipe2$9p(&(0x7f0000000400)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80800)
vmsplice(r10, &(0x7f0000000040)=[{&(0x7f0000000000)="e3", 0x1}], 0x1, 0x1)
mremap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000003000/0x2000)=nil)
mbind(&(0x7f0000016000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r9}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r9, &(0x7f0000000140), 0x0}, 0x20)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r3)

1m38.760451852s ago: executing program 0 (id=5551):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0xffff0000, 0x0, 0x2000c061}, 0x4008000)

1m38.571392008s ago: executing program 0 (id=5554):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f00000003c0)={[{@size={'size', 0x3d, [0x25]}}]})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000040)=0xfffffffd)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x1000010, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x55}, 0xc010)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)

1m38.520529653s ago: executing program 0 (id=5555):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00') (async)
chroot(&(0x7f0000000100)='./file0\x00')
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r0, &(0x7f0000000000)={0x23, 0x16, 0x4, 0x3}, 0x10) (async)
connect$phonet_pipe(r0, &(0x7f0000000000)={0x23, 0x16, 0x4, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r0, 0x89ed, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00')

1m38.469181651s ago: executing program 0 (id=5556):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80011200, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

1m38.411423063s ago: executing program 0 (id=5557):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0xdb, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000425bd7000fcdbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="14000c00ff02000000000000000000000000000108000400ffffffffbd66d12921f1ff9c3918246efa9bd2e2a667135d6e727231cc9dcb18bf078399bbca0b4b9e6d92a22424ea6e05d12a1d126929bb775332344dc0916270194c81e7753255984fb26e3ca3a8f42fd97cb15f948168ef64f0e318b3ae83812dff81fe812312a3b0112f7bc59028fbebc651e80fa46376361ae27f00a713375a069c08ce0b8d3dd96827"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r2 = openat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000740)=0x2)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x40000)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)

1m38.343214002s ago: executing program 40 (id=5557):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0xdb, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000425bd7000fcdbdf250300000008000100", @ANYRES32=0x0, @ANYBLOB="14000c00ff02000000000000000000000000000108000400ffffffffbd66d12921f1ff9c3918246efa9bd2e2a667135d6e727231cc9dcb18bf078399bbca0b4b9e6d92a22424ea6e05d12a1d126929bb775332344dc0916270194c81e7753255984fb26e3ca3a8f42fd97cb15f948168ef64f0e318b3ae83812dff81fe812312a3b0112f7bc59028fbebc651e80fa46376361ae27f00a713375a069c08ce0b8d3dd96827"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r2 = openat2(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
syz_emit_vhci(0x0, 0x0)
setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000740)=0x2)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x40000)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0xf}}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)

57.816965867s ago: executing program 1 (id=6267):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x68, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'macvtap0\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x87, 0x1, 0x3d3f, 0x6, 0xfff, 0x3, 0x58f, [{0x8001, 0xc295, 0x0, 0xfffffff4}]}}]}}]}, 0x68}, 0x1, 0x7000000}, 0x24040084)

57.748819955s ago: executing program 1 (id=6269):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480), 0x1000000, &(0x7f0000000400)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}]})
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
unlink(0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0xffaf}, 0x1, 0x0, 0xffffffffffffff9e, 0x854}, 0x0)

57.748631759s ago: executing program 1 (id=6270):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, "0000000000000000000000000000000000000000000000000000000000000000000500"/100}}}}}}, 0x0)

57.748467677s ago: executing program 1 (id=6271):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0) (async)
symlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') (async, rerun: 32)
setpgid(0x0, r0) (async, rerun: 32)
mount$fuseblk(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x200840d, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001000810526bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0220000020000000180012800800010068737200"], 0x38}, 0x1, 0x0, 0x0, 0x20040140}, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={&(0x7f00000001c0)='./file0\x00', 0x0, 0x8}, 0x18) (async)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r3, &(0x7f0000000580)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000400)="b701000911003cbbf0be1450bfd3fd0a25acc5ee9a10f94b57ddd3da115a5d8c619bbb8d978e1cd1f91f4444fdbde3", 0x2f}], 0x2)
sendmsg$AUDIT_TTY_SET(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x18, 0x3f9, 0x300, 0x70bd25, 0x25dfdbfc, {0x1}, ["", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x4)

57.680773856s ago: executing program 1 (id=6272):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@random="e7842a3e0090", @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x50, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x4, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @private2, [@dstopts={0x0, 0x0, '\x00', [@ra={0x5, 0x2f, 0x1}]}], "fb36eeca6fad50b375a22a584d16ca55"}}}}}}}, 0x0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r3=>0x0})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r5, &(0x7f0000000280)=[{&(0x7f0000000180)="b6", 0x1}], 0x1)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r1, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0xffffffff}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x2000000}}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xfe}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0)

57.680645533s ago: executing program 1 (id=6273):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b306e0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)

57.585082322s ago: executing program 41 (id=6273):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b306e0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x5c1}}, 0x505)

1.221957757s ago: executing program 4 (id=7165):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0xb3bdab79a87d528, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bridge_slave_1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$bt_hci(r3, 0x0, 0x1, 0x0, &(0x7f0000006940))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="650a00000000000061118000000000001800000000000000000000000000000095"], 0x0, 0x1}, 0x94)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in=@empty, 0x4d4, 0x3c}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in6=@private2}]}, 0x104}}, 0x0)
r5 = syz_open_dev$audion(&(0x7f0000000080), 0x6e298b6c, 0x240000)
ioctl$NBD_SET_SIZE(r5, 0xab02, 0x81)

1.159710932s ago: executing program 4 (id=7167):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r2, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff3}}}, 0x24}}, 0x6000000000000000)

1.0398926s ago: executing program 4 (id=7173):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x18, 0x1402, 0x1, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0xfcffffff, 0x24000841}, 0x20000000)

1.03137172s ago: executing program 4 (id=7176):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000001c0)={r3, @multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x84, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x58, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x1, 0x1, 0x3, 0x1, 0x4, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_MARK={0x10, 0xa, {0x0, 0x6}}]}}]}, 0x84}}, 0x24040084)
syz_usbip_server_init(0x6)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x1, <r4=>0x0}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r5, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r5, &(0x7f00000000c0)="8f2a0a65bd8c2c2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0xe, &(0x7f00000008c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000100)={0xfffffffe, 0x1, 0x3}, 0x10, r4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x1f00, 0x18, 0x19, &(0x7f00000007c0)="9f44948721919580684010a40566", 0x0, 0x7ff, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x23)
syz_usbip_server_init(0x5)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
socket$inet_tcp(0x2, 0x1, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r10 = fsopen(&(0x7f00000010c0)='nfs4\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000005b00)='\"'})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})

960.251708ms ago: executing program 2 (id=7179):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="31032abd70000000003f0900000008000300", @ANYRES32=r2], 0x24}}, 0x0)

909.82615ms ago: executing program 2 (id=7181):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md5)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="c38f9ea820612208fa07efedcd644dcd1b6f007c4fd3caa0194f9e5232a7d4a8cb15ef282b38714f22b7610fbe9829c65ab43e64f3ed55508cfb17e543a6cbbe6d", 0x41)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_io_uring_setup(0x498, &(0x7f0000000400)={0x0, 0x16fa, 0x800, 0x4, 0x8}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r5, &(0x7f0000000040)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x40000)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0xc28c2)
bind$tipc(r6, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x400, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x44, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e502000000000000000007000000", @ANYRES32, @ANYBLOB="200001", @ANYRES32=0x0, @ANYBLOB="000000f1a0"], 0x38}}, 0x0)

760.315663ms ago: executing program 3 (id=7183):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$nci(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="50850401fbe402"], 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$kcm(r2, &(0x7f0000001240)={&(0x7f0000000080)=@in={0x2, 0x4e20, @local}, 0x80, 0x0}, 0x40)
move_mount(r1, 0x0, r1, &(0x7f00000003c0)='./file0/../file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x200000, &(0x7f0000000400)=ANY=[@ANYBLOB="6e725f626c6f636b733d6b78702c75737271756f74615f696e6f64655f716172646c696d69743d33743325382d2c6d706f6c3d62696e643d7374617469632c75737271756f74615f696e6f64655f686172646c696d69743d25652d312525252c687567653d77697468696e5f73697a652c736d61636b66736861743d6367726f757032002c736d61636b66736861743d115b2e2c002f71a324a13d7747c6870e9ce413dc210073046d758e6dfa6cb565ba55d820e2f9879beeb1448836c187e04da363cb0688f0a6da1a4906e4f8bc9988b958d38dae0dbd5c13eefeb165b26bacbacfe82249c3097ac4bcbfc16a61238537ae9a6018a18bc47416e3c2dcbbdd9f495919f8ee9a00293f25414b244d58922ffdc2b10a69e87a14e2cc454b94fdffffff7fa1a21421992a442454fe03459900503844f87fd250a60fca183db831133f06265d8af3a8370ae981d847932a4755a0691424bb39d787808ed49e82fac580e6782f97821df6c69d160a5d7b3d48d8f59d4cc4e807c3a969b909ea55c72dcb17e0232747ef136de0248394c4d1a5b66d512b173fd23fa4dbaea1da1c73bf90893a899f607f9cc859c829dc7cc3c736eacea7a54d7e6f2fd32d6c918ea56c5d0ca3ac227cf206c731265f0cc9088b109de3c6c2255d85060bd6d30bcd7348a6ad628543765b89e8288ebad81b9cc7b50d1cfeea881865bdb7e2769fbf52113a1e71"])
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)={0x1, 0xc, 0x32}, 0x18)
symlinkat(&(0x7f0000000180)='./file0\x00', r3, &(0x7f0000000240)='./file0/../file0\x00')
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
inotify_add_watch(r1, &(0x7f0000000300)='./file0\x00', 0x20000000)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000680)={0x9fc, r4, 0x400, 0x70bd26, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xb7, 0x3e}}}}, [@NL80211_ATTR_TID_CONFIG={0x68, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x125}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x7b}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x12}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x7d}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x20}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xaf}]}]}, @NL80211_ATTR_TID_CONFIG={0x1a8, 0x11d, 0x0, 0x1, [{0x1a4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf0}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x174, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3f, 0x2, [{0x4, 0xa}, {0x1, 0x2}, {0x4, 0x8}, {0x5, 0x9}, {0x7, 0x9}, {}, {0x6, 0x5}, {0x1, 0x1}, {0x7, 0x2}, {0x3, 0x2}, {0x0, 0x2}, {}, {0x2, 0x6}, {0x1, 0xa}, {0x6, 0xa}, {0x3, 0x3}, {0x4, 0x1}, {0x4, 0x3}, {0x0, 0x5}, {}, {0x5, 0x7}, {0x5, 0xa}, {0x6, 0x9}, {0x5, 0xa}, {0x1, 0x7}, {0x7, 0x8}, {0x4, 0xa}, {0x0, 0x9}, {0x7, 0x3}, {0x3, 0xa}, {0x3, 0x8}, {0x4, 0x6}, {0x2, 0x8}, {0x6, 0x1}, {0x1, 0x9}, {0x3, 0x6}, {0x2, 0x8}, {0x4, 0x7}, {0x7, 0x5}, {0x1, 0x2}, {0x7, 0x2}, {0x5, 0x6}, {0x3}, {0x0, 0xa}, {0x5, 0xa}, {0x0, 0x6}, {0x0, 0x4}, {0x3, 0x6}, {0x4, 0xa}, {0x1, 0x9}, {0x2, 0x4}, {0x7, 0x1}, {0x7, 0x4}, {0x3, 0x9}, {0x0, 0x5}, {0x2, 0x2}, {0x7, 0x5}, {0x2, 0xa}, {0x1, 0x6}]}]}, @NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x5, 0x8000, 0x0, 0xfff, 0x10, 0xf800, 0x5]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x2a, 0x2, [{0x1, 0x4}, {0x6, 0x4}, {0x0, 0x9}, {}, {0x1, 0x5}, {0x4, 0x2}, {0x3, 0x1}, {0x2, 0x9}, {0x7, 0x8}, {0x2, 0x8}, {0x2, 0x4}, {0x2, 0x3}, {0x2, 0x8}, {0x4, 0x3}, {0x5, 0x3}, {0x0, 0x2}, {0x5, 0x3}, {0x7, 0x3}, {0x0, 0x6}, {0x3, 0x4}, {0x2, 0x1}, {0x7, 0x3}, {0x4, 0x6}, {0x7, 0x7}, {0x4, 0x2}, {0x4, 0x2}, {0x5, 0xa}, {0x0, 0x2}, {0x2, 0x7}, {0x0, 0x8}, {0x5, 0x8}, {0x4, 0x5}, {0x6}, {0x4, 0x1}, {0x2}, {0x3, 0x4}, {0x1, 0x3}, {0x2, 0x7}]}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x57, 0x5, 0xcde, 0x8, 0x0, 0x8, 0x9459, 0x81]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0x6c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xb, 0x1, [0x1b, 0x0, 0x5, 0x1, 0x30, 0x9, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x0, 0x7, 0x0, 0x6, 0xcd, 0xc5c4, 0x2]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x23, 0x1, [0xc, 0x3, 0x36, 0x12, 0x3, 0xf9e085269573bb78, 0x3, 0x6, 0x79, 0x3, 0x16, 0x1e5860d2fecb1fc3, 0x18, 0x30, 0x2, 0xc, 0x4, 0x24, 0x4, 0xb, 0x3, 0x5, 0x48, 0x69, 0x1, 0x60, 0x4, 0x6c, 0x6, 0x12, 0x6]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x9, 0x0, 0x6, 0xfffa, 0x7f, 0x5, 0x2]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x3, 0x12, 0x4]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xc4, 0x9, 0x9, 0xfffd, 0x1, 0x0, 0x5, 0x9]}}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x134, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x110, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xf4, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xa4, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x0, 0x9}, {0x1, 0x4}, {0x3}, {0x2, 0x4}, {0x2, 0xa}, {0x4, 0x8}, {0x1, 0x1}, {0x3, 0x9}, {0x1, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x6}, {0x0, 0x8}, {0x2}, {0x2}, {0x7, 0x8}, {0x5, 0x5}, {0x7, 0xa}, {0x7, 0x5}, {0x7, 0xa}, {0x6, 0x9}, {0x0, 0x6}, {0x6, 0x5}, {0x4, 0x5}, {0x0, 0x7}, {0x7}, {0x2, 0x6}, {0x3, 0x7}, {0x5, 0xa}, {0x4, 0x6}, {0x3, 0x8}, {0x0, 0x4}, {0x7, 0x7}, {0x3}, {0x5, 0x6}, {0x3, 0x1}, {0x1, 0x6}, {0x0, 0x1a}, {0x5, 0x1}, {0x0, 0x8}, {0x0, 0x5}, {0x0, 0x4}, {0x1, 0x3}, {0x6, 0x9}, {0x1, 0x1}, {0x3}, {0x1, 0x4}, {0x3, 0x1}, {0x7}, {0x6, 0x9}, {0x2, 0x8}, {0x5, 0xa}, {0x3, 0x3}, {0x0, 0xa}, {}, {0x3, 0x5}, {0x0, 0xa}, {0x5, 0x3}, {0x1, 0xa}, {0x6, 0x9}, {0x3, 0x8}, {0x7, 0x7}, {0x4, 0x7}, {0x4, 0x1}, {0x0, 0xa}, {0x4, 0x4}, {0x3, 0x7}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0x18, 0x12, 0x2, 0x9, 0x24, 0x48, 0x24, 0x16, 0x16, 0x24, 0xb, 0x2, 0x1b, 0x36, 0x9, 0xb, 0x5]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0xff, 0x5, 0x7f, 0x401, 0x8, 0x5, 0x6]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x81, 0x3, 0xa, 0x0, 0x3, 0x4, 0x8, 0x95db]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_60GHZ={0x2c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x4, 0x1}, {0x5}, {0x1, 0xa}, {0x0, 0x5}, {0x2}, {0x6, 0x4}, {0x6, 0x4}, {0x5}, {0x7, 0x2}, {0x0, 0x2}, {0x6}, {0x5, 0x2}, {0x3}, {0x7, 0xa}, {0x7, 0xa}, {0x7, 0x7}, {0x2, 0x1}, {0x2, 0xa}, {0x2, 0x1}, {0x0, 0x4}, {0x1, 0x2}, {0x3}, {0x1, 0x9}, {0x6, 0x9}, {0x3}]}]}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xbe}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x99}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0xf8, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}]}, {0xe0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xee}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xc0, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x50, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x8, 0xe, 0x9, 0x0, 0x5, 0x3, 0x0, 0xe]}}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x60, 0x36, 0x9, 0xa, 0x36, 0x9, 0x12, 0x16, 0x24, 0x1, 0x6, 0x12, 0xb, 0xb]}, @NL80211_TXRATE_HT={0x24, 0x2, [{0x3, 0x3}, {0x1, 0x3}, {0x0, 0x2}, {0x7, 0x5}, {0x6}, {0x4, 0x8}, {0x7, 0x2}, {0x4, 0xa}, {0x4, 0x6}, {0x1, 0x2}, {0x1, 0x6}, {0x0, 0x5}, {0x5, 0x1}, {0x2, 0x8}, {0x2, 0x9}, {0x0, 0x3}, {0x0, 0x4}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0xa}, {0x2, 0x1}, {0x1, 0x3}, {0x4, 0x4}, {0x5, 0xa}, {0x2, 0x3}, {0x7, 0x8}, {0x6, 0x7}, {0x3, 0x9}, {0x4, 0x9}, {0x3, 0x2}, {0x4, 0x4}, {0x5, 0x1}]}]}, @NL80211_BAND_60GHZ={0x2c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x13c, 0x7f, 0x7fff, 0x7fff, 0x3, 0xbf9a, 0x2d, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x85fd, 0x6, 0x70, 0x6800, 0x3, 0x7, 0x2, 0x9]}}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x21, 0x1, [0x0, 0x60, 0x4, 0x6c, 0xc, 0x6c, 0x60, 0x24, 0x60, 0x16, 0x16, 0x2, 0x36, 0x6c, 0xc, 0x48, 0x30, 0x16, 0x4, 0xb, 0x9, 0x36, 0x1b, 0x12, 0x1, 0x4, 0x5, 0x48, 0x6]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5d}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x5a0, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xdd}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8000000000000001}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x70, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xd}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x38, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x34, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x8, 0x1, [0x1b, 0x48, 0x6, 0xb]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xffffffffffffffff}]}, {0x1e0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x46}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x78}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd9}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3ff}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x18c, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xe8, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfff, 0x7, 0x1, 0x9, 0x0, 0xd, 0x0, 0x2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4c1a, 0x8, 0x12, 0x4, 0x8, 0x3, 0x1, 0x9]}}, @NL80211_TXRATE_HT={0x24, 0x2, [{0x7, 0x4}, {0x0, 0x5}, {0x7, 0x8}, {0x1, 0x4}, {}, {0x6, 0x9}, {0x0, 0x6}, {0x2, 0x5}, {0x7, 0x7}, {0x2, 0x6}, {0x2, 0x7}, {0x0, 0x5}, {0x3, 0x3}, {0x3, 0x6}, {0x7, 0x6}, {0x2}, {0x7, 0x5}, {0x1, 0x1}, {0x1, 0x4}, {0x5, 0x4}, {0x0, 0x6}, {0x0, 0x2}, {0x6, 0x8}, {0x3, 0x9}, {0x0, 0x8}, {0x1, 0x2}, {0x0, 0x7}, {0x5, 0x1}, {0x4, 0x3}, {0x1, 0x2}, {0x1, 0x9}, {0x6, 0x6}]}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x9, 0x6c, 0xc]}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6c, 0x6, 0x24, 0x36, 0x24, 0x60]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xa2a0, 0x0, 0x8, 0x7ff, 0xbc5, 0x6, 0x3, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbd, 0x4, 0x7, 0xff, 0x10, 0x7, 0x8001, 0x4]}}, @NL80211_TXRATE_HT={0x40, 0x2, [{0x2}, {0x4, 0x3}, {0x2, 0x3}, {0x1, 0x10}, {0x0, 0x8}, {0x7, 0x4}, {0x1, 0x5}, {0x5}, {0x1, 0x2}, {0x3}, {0x1}, {0x1, 0x2}, {0x6}, {0x0, 0x5}, {0x7, 0x7}, {0x5}, {0x0, 0x1}, {0x4, 0x4}, {0x5, 0x4}, {0x3, 0x7}, {0x7}, {0x3, 0x1}, {0x2, 0x4}, {0x2, 0x4}, {0x1, 0x5}, {}, {0x0, 0xa}, {0x3, 0x4}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0xa}, {0x2}, {0x4, 0x4}, {0x7, 0x8}, {0x7, 0x9}, {0x6, 0x4}, {0x4, 0x9}, {0x4, 0xa}, {0x7}, {0x5, 0x7}, {0x2, 0x7}, {0x1, 0x8}, {0x0, 0x7}, {0x6, 0x3}, {0x5, 0x8}, {0x6, 0x6}, {0x5, 0x2}, {0x3, 0x9}, {0x2, 0x4}, {0x7}, {0x2, 0x7}, {0x6, 0x8}, {0x4, 0x8}, {0x0, 0x4}, {0x2, 0x1}, {0x2, 0x1}, {0x7, 0x5}, {0x1, 0x6}, {0x0, 0x1}, {0x6, 0x8}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1d61, 0x9780, 0x2, 0x2f5, 0x25b6, 0x8, 0x5, 0xede]}}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x5, 0x5}, {0x2, 0x6}, {0x6, 0x9}, {0x7, 0x4}, {0x1, 0x3}, {0x1}, {0x7, 0x7}, {0x0, 0x7}, {0x0, 0x6}, {0x2, 0x4}, {0x2, 0xa}, {0x3, 0x5}, {0x1, 0x4}]}]}, @NL80211_BAND_60GHZ={0x80, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xb, 0x1, [0x1, 0x3, 0xc, 0x6, 0x9, 0x1b, 0x3]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x1aee, 0x4, 0xffff, 0x6, 0xe, 0xff4a, 0x7]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x5, 0x9}, {0x2, 0x6}, {0x2, 0x8}, {0x3}, {0x0, 0xa}, {0x1, 0x6}, {0x3, 0x9}, {0x4, 0x4}, {0x5, 0x5}, {0x3, 0x4}, {0x0, 0x5}, {0x3, 0x5}, {0x7, 0x9}, {0x4, 0xa}, {0x3, 0x5}, {0x6, 0x4}, {0x1, 0x7}, {0x0, 0x6}, {0x1, 0x7}, {0x1, 0x9}, {0x0, 0x4}, {0x7, 0x7}, {0x4, 0x4}, {0x4}, {0x1, 0x3}, {0x7, 0x9}, {0x7, 0x5}, {0x2, 0x7}, {0x7, 0x3}, {0x4, 0x5}, {0x2}, {0x1, 0x6}, {0x0, 0xa}, {0x5, 0x8}, {0x1, 0x9}, {0x3, 0x5}, {0x6, 0x8}, {0x1, 0x6}, {0x1, 0x9}, {0x1, 0x3}, {0x3, 0x6}, {0x0, 0x4}, {0x2, 0xa}, {0x4, 0x6}, {0x5, 0x7}, {0x6, 0x4}, {0x4, 0x5}, {0x0, 0x1}, {0x0, 0x7}, {0x4, 0x9}, {0x6, 0x8}, {0x2, 0x5}, {}, {0x6, 0x3}, {0x1, 0x2}, {0x6, 0x6}, {0x7, 0x4}, {0x1, 0x7}, {0x3, 0x4}, {0x2, 0x1}, {0x4, 0xa}, {0x3, 0x6}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xed}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xa4}]}, {0x30c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x2b8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x9, 0xff, 0x81, 0x3, 0xf, 0x9, 0x2]}}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0xf9, 0x7, 0xee4, 0x7f, 0x7ff, 0x1, 0x5]}}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x13, 0x2, [{0x7, 0x7}, {0x0, 0x8}, {0x2, 0x3}, {0x0, 0xa}, {0x6, 0x5}, {0x6, 0x2}, {0x0, 0x6}, {0x6, 0x5}, {0x7, 0x2}, {0x4, 0xa}, {0x7, 0x2}, {0x5, 0x5}, {0x0, 0x6}, {0x7, 0x5}, {0x7}]}]}, @NL80211_BAND_2GHZ={0x28, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x8, 0x2, [{0x0, 0x1}, {0x4, 0x1}, {0x2, 0x5}, {0x1, 0x6}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x12, 0x2, [{0x5, 0x4}, {0x2, 0x9}, {0x7, 0x4}, {0x1, 0x4}, {0x5, 0xa}, {0x0, 0x1}, {0x7, 0x9}, {0x4, 0x9}, {0x3, 0x1}, {0x7, 0x1}, {0x5, 0x7}, {0x6, 0x1}, {0x1, 0x1}, {0x3, 0x3}]}]}, @NL80211_BAND_5GHZ={0x58, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x28, 0x2, [{0x7, 0x4}, {0x7, 0x2}, {0x1, 0x6}, {0x3, 0x2}, {0x5, 0xa}, {0x2, 0x6}, {0x2}, {0x1, 0x2}, {0x4, 0x6}, {0x2, 0xa}, {0x0, 0x8}, {0x0, 0x5}, {0x3}, {0x0, 0x4}, {0x2, 0x7}, {0x5, 0x4}, {0x4, 0x7}, {0x0, 0x2}, {0x7, 0xa}, {0x0, 0xa}, {0x4, 0x7}, {0x4, 0x8}, {0x1, 0x1}, {0x0, 0x5}, {0x5}, {0x0, 0x4}, {0x2, 0x3}, {0x1, 0x4}, {0x5, 0x5}, {0x4, 0x3}, {0x7, 0x5}, {0x2, 0x8}, {0x4, 0x4}, {0x6, 0x9}, {0x4, 0x1}, {0x4, 0x3}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x5, 0x7, 0xfffe, 0x7, 0xffff, 0x6, 0x8]}}]}, @NL80211_BAND_6GHZ={0x68, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x590b, 0x0, 0x0, 0x5, 0xb9b, 0x3ff, 0x0, 0x7d]}}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0x9, 0x60feff19ccd5dc97, 0x6c, 0x30, 0x4]}, @NL80211_TXRATE_LEGACY={0x18, 0x1, [0x1, 0x30, 0x36, 0x6, 0x2, 0xb, 0x24, 0x6c, 0x18, 0xe, 0x18, 0xb, 0xc, 0xb, 0x48, 0xb, 0x4, 0x24, 0x5, 0x1b]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x80, 0x3, 0x7bf8, 0xb5, 0x6, 0xffff, 0x800, 0x4]}}]}, @NL80211_BAND_5GHZ={0x98, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xcf1, 0xfff7, 0x3, 0xd, 0x2, 0xc000, 0xe9e3, 0xff7a]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x4, 0x8, 0x401, 0x5, 0x7, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x8000, 0x5, 0xfffa, 0x5, 0x800, 0x4, 0x2]}}, @NL80211_TXRATE_HT={0x50, 0x2, [{0x1, 0x5}, {0x4, 0x6}, {0x0, 0x3}, {0x0, 0x6}, {0x4, 0x6}, {0x1, 0x4}, {0x0, 0x8}, {0x1, 0x6}, {0x0, 0x7}, {0x0, 0x3}, {0x3, 0x7}, {0x1, 0x9}, {0x2, 0x3}, {0x2, 0x3}, {0x1, 0x6}, {0x1}, {0x7, 0x2}, {0x5, 0x1}, {0x3, 0x2}, {0x1, 0x5}, {0x6, 0xa}, {0x0, 0xa}, {0x0, 0x3}, {0x0, 0x7}, {0x6, 0x5}, {0x5, 0x6}, {0x3, 0x3}, {0x3, 0x9}, {0x0, 0x4}, {0x7, 0x9}, {0x0, 0x9}, {0x2, 0xa}, {0x5, 0x8}, {0x3, 0x4}, {0x2, 0xa}, {0x1}, {0x3, 0x6}, {0x4, 0x3}, {0x0, 0x2}, {0x6, 0x6}, {0x3}, {0x1, 0x2}, {0x6, 0x9}, {0x6, 0xa}, {0x1, 0x1}, {0x7, 0x1}, {0x7, 0x1}, {0x6, 0x1}, {0x7}, {0x4, 0x4}, {0x4}, {0x4, 0x7}, {0x1}, {0x5, 0x2}, {0x2, 0x2}, {0x1, 0x7}, {0x7, 0x2}, {0x0, 0x8}, {0x0, 0x4}, {0x0, 0x9}, {}, {0x5, 0x5}, {0x0, 0x2}, {0x4, 0xa}, {0x2, 0x4}, {0x7, 0x4}, {0x1, 0x5}, {0x1, 0x3}, {0x1, 0x6}, {0x5, 0xa}, {0x2, 0x9}, {0x5, 0x9}, {0x4, 0x9}, {0x1, 0x8}, {0x2}, {0x4, 0x8}]}]}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffe, 0x100, 0x401, 0x8, 0x7, 0x3, 0x101, 0x38c]}}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x4, 0x48, 0x24, 0x16, 0x2, 0x36, 0x16, 0x6c, 0x60, 0x12, 0xc, 0x36, 0x36, 0x60, 0x1b, 0x6c, 0xb, 0x3b, 0x1b, 0x60, 0x6, 0x48, 0x30, 0x24, 0x60, 0x18, 0x16, 0x6c]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x730e, 0x4, 0x4, 0x5, 0xd6, 0x7, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0xb, 0x1b, 0xf98cb61a18600d17, 0x5, 0x6, 0x36, 0x6c, 0x48, 0x4, 0x18, 0x5, 0x48, 0x24, 0x16, 0x6c]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_2GHZ={0x4c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x46, 0x2, [{0x4, 0x9}, {0x3, 0x4}, {0x4, 0x4}, {}, {0x1, 0x9}, {0x7}, {0x4, 0x5}, {0x3, 0x1}, {0x5}, {0x0, 0x3}, {0x4, 0x4}, {0x0, 0xa}, {0x7, 0x8}, {0x6, 0x6}, {0x7, 0x5}, {0x5, 0x8}, {0x1, 0x4}, {0x2, 0x6}, {0x4, 0xa}, {0x1, 0x4}, {0x1, 0x3}, {0x6, 0x2}, {0x2, 0x9}, {0x6, 0x8}, {0x6, 0x3}, {0x3, 0x9}, {0x6, 0xa}, {0x4, 0x2}, {0x1, 0x3}, {0x3, 0xa}, {0x1, 0x6}, {0x0, 0x6}, {0x2, 0x8}, {0x0, 0x8}, {}, {0x4, 0x4}, {0x4, 0x5}, {0x2, 0x2}, {0x0, 0xa}, {0x1, 0x7}, {0x7}, {0x2, 0x8}, {0x2, 0xa}, {0x6, 0x1}, {0x6, 0x8}, {0x7, 0x7}, {0x4, 0x8}, {0x3, 0x6}, {0x2}, {0x1, 0x3}, {0x1, 0x2}, {0x7, 0x3}, {0x7, 0xa}, {0x7, 0x7}, {0x2, 0xa}, {0x3, 0x2}, {0x5, 0x4}, {0x1, 0x1}, {0x5, 0x7}, {0x6, 0x2}, {0x6, 0x1}, {0x4, 0x1}, {0x0, 0xa}, {0x2, 0x7}, {0x7, 0x8}, {0x0, 0x1}]}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x100}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2f}]}]}]}, 0x9fc}, 0x1, 0x0, 0x0, 0x4008400}, 0x8000)

760.149737ms ago: executing program 2 (id=7184):
socket$unix(0x1, 0x2, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$inet(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x2, 0x80805, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0x3000000feff0000, 0x0, 0x4004}, 0x0)

690.360669ms ago: executing program 3 (id=7185):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0xfffdfffe, 0x25dfdbfc, {{@in=@rand_addr=0x64010101, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@empty, 0xfe, 0x32}, @in6=@rand_addr=' \x01\x00', {0x8, 0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {0x2}, 0x70bd2c, 0x3500, 0x2, 0x4, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e20, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x80ffffffffffffff, 0x0, 0x880}, 0x0)

690.092498ms ago: executing program 3 (id=7186):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030004000000000000000000000005000100070000000900020073797a30000000001400078005001500040000000800124000000000050005000a000000050004000000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x10000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x78, r2, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x78}}, 0x0) (async)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x78, r2, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @local}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast2}, @NLBL_MGMT_A_CLPDOI={0x8}]}, 0x78}}, 0x0)

690.019331ms ago: executing program 2 (id=7187):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500100001a00010000000000020000000200001f0000c808ffffffea083f06000700000008000400", @ANYRES32=0x0, @ANYBLOB="06001c004e21000008000100ac1414"], 0x150}}, 0x0)

689.746619ms ago: executing program 3 (id=7188):
r0 = socket(0x40000000015, 0x5, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000000600))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000280)='g', 0x1, 0x4008891, &(0x7f000005ffe4)={0xa, 0x0, 0x202, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x41}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000100)={0xb, 0x6, 0xfe, 0x2, 0x3, 0x80, 0x5, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x9}, 0xe) (async)
shutdown(r1, 0x1) (async)
poll(&(0x7f0000000140)=[{r1, 0x88}], 0x1, 0x5) (async)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x2b9a, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0) (async)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x18) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={<r4=>0x0, 0xfffff800}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000240)={r4}, &(0x7f00000002c0)=0x8) (async)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffe) (async)
r5 = dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x3, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0f"], 0x48) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

629.692801ms ago: executing program 2 (id=7189):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x401, 0x20000, 0xfffdfffe, {0x0, 0x0, 0x0, 0x0, 0x8007}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0x1a, 0x9, {0xe, 0x20000000}}]}]}, @IFLA_IFNAME={0x14, 0x3, 'veth1_to_team\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/kexec_crash_size', 0x202, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x30, 0x2c, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r6, {0xe, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40)
sendfile(r1, r1, 0x0, 0x6)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000000180)=ANY=[@ANYBLOB="1c00000004000000020000000000000001020000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01000000ffffffff000000000000000000000000000000000000f7190000"], 0x48)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x802, 0x0)
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)

629.557337ms ago: executing program 3 (id=7190):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000009b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

629.321446ms ago: executing program 3 (id=7192):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000040)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x18, r2}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3dcf, 0x10000, 0x0, 0x357}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x600}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

559.380465ms ago: executing program 2 (id=7194):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000680)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80400)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x7fffffff, @local, 0x1000}, 0x1c)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000000000)
ioctl$FS_IOC_GETVERSION(r2, 0x5b06, 0x0)

189.781685ms ago: executing program 4 (id=7197):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r1, 0xb3bdab79a87d528, 0x70bd25, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bridge_slave_1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$bt_hci(r3, 0x0, 0x1, 0x0, &(0x7f0000006940))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="650a00000000000061118000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x1}, 0x94)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
r5 = syz_open_dev$audion(&(0x7f0000000080), 0x6e298b6c, 0x240000)
ioctl$NBD_SET_SIZE(r5, 0xab02, 0x81)

188.772885ms ago: executing program 4 (id=7199):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)={0x44, r2, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x44}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000200)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000240), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000002feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffffb9}, 0x48)
r5 = openat$cgroup_procs(r3, &(0x7f0000000080)='tasks\x00', 0x2, 0x0)
preadv(r5, &(0x7f00000039c0)=[{&(0x7f0000000140)=""/142, 0x8e}], 0x1, 0x4, 0x3)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x800455ca, 0x8)
getsockname$packet(r0, &(0x7f0000000040)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@mpls_getroute={0x28, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14}, [@RTA_MULTIPATH={0xc, 0x9, {0x6, 0x9, 0x4, r7}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x20000, 0x1)
mkdirat(r8, &(0x7f0000000180)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x4, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r9 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
r10 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
pread64(r10, &(0x7f0000001500)=""/4075, 0xfeb, 0x7fff)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r9, 0x800000)

138.582853ms ago: executing program 8 (id=7201):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="31032abd7000000000000900000003000300", @ANYRES32=r2], 0x24}}, 0x0)

138.314974ms ago: executing program 8 (id=7202):
r0 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0)
r1 = creat(&(0x7f00000009c0)='./file0/file1\x00', 0x4) (async)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0xffffffffffffff87, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 32)
r3 = socket$inet_udp(0x2, 0x2, 0x0) (rerun: 32)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000180)='bridge_slave_1\x00')
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4) (async)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}, {{&(0x7f00000003c0)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000400)="ff3e23d28254f96757a999e256ec208d50608551f7aba110b98b46ae5be8350756145d547359151ffb073304566d1c4bec5d", 0x32}, {&(0x7f0000000580)="e1ee729c55c222fc0a6c97b035eeed870de8b748f0470581b2453cf161d8a832ee4743c74c73609b62059a72fa92c6b59eab69009e29a2ab2e78ec91fdafc4262acd8dfe5e345af66e4878a485905e2914a7776df3bf394303c8dd6cd8106b7daa2859c70cc27a06c6f722e50aa549a04e190c642041542532def41c1ffeea", 0x7f}, {&(0x7f0000000600)="d9949d44e5cb3b7bc15fa098959dc1ba09db7f20cf7f43fc97d0a50e23bf5b9477d8818161030e61e381d65892e2e9c10491b10502778040e7ddd2b6af7a406d49a304e3faa60daab51967f0f99d1275e1ac76666abd14ee0aa37c39e268d135ce02a8fb02e06578b97580330a72529ce77aa11a58d2f49a24276c84cf5aef5a25dfef9ad4818f8e1b1879661fcdac42f20f7cfb886b9a2efe5831a65196eeb6dfec3c5c3052037a8e6e51cec5c5449d5135bc4901c23a83838a74ba4262d0194a999fb50eabdfeb468ed04e8495e48fe0e12477869f3c16eb848b5b320a", 0xde}], 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB=' \f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="e0000001ac1414aa00000000110000000000000000000000010000000300000000000000a0000000000000000000000007000000830b72ac14141c000007ff071f5364010102ac141411ac1414bb7f0000016401010064010102ffffffff440c55a000000004fffffff8443412b1000000000000ffffe0000002000000b700000000000000ffac1414bb00000101ac141414000000050000000000000008441c14000000000400000000000000080000000c000000ff000000010707826401010100000014000000000000000000000002000000070000000000000014000000000000000000000002000000ffffff7f00000000110000000000000000000000010000005a000000000000005c000000000000000000000007000000860dffffffff01053480b0000244149e21e00000011c9d6d42640101010000086b071b21ac1414aa7f000001ac1414aae00000020a01010200000000440c7d00fffffff80000040094040100000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000010a01010000000000"], 0x1a0}}], 0x2, 0xf00) (async)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000180)={0x1}) (async)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000000)={0x1, 0x1}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) (async)
mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) (async, rerun: 32)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0) (async, rerun: 64)
r4 = landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) (async)
landlock_restrict_self(r4, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000300)='./file0/file1\x00', &(0x7f0000000340), 0x0, 0x0) (async)
umount2(&(0x7f0000000380)='./file0/file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000440)='\x00', &(0x7f0000000480)='./file0/file0\x00', &(0x7f00000004c0), 0x21, 0x0)
pivot_root(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file0/file0\x00') (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNISCRNMAP(r5, 0x4b69, &(0x7f0000000000)=""/221)
r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
accept$packet(r6, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14)

59.508442ms ago: executing program 8 (id=7203):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mount$9p_virtio(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x2000004, &(0x7f0000000140)=ANY=[@ANYRES8=r0])
chdir(&(0x7f0000000280)='./bus\x00')
ftruncate(0xffffffffffffffff, 0x82081fc)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r1, 0x800000)
timer_create(0x2, &(0x7f0000000200)={0x0, 0x21, 0x4, @thr={0x0, 0x0}}, &(0x7f0000000280)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)

59.31758ms ago: executing program 8 (id=7204):
socket$unix(0x1, 0x2, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$inet(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x2, 0x80805, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0x3000000ffffff8c, 0x0, 0x4004}, 0x0)

322.595Āµs ago: executing program 8 (id=7205):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c2864800001fb9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

0s ago: executing program 8 (id=7206):
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0x4a7c0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000040), 0xfd, 0x0)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r2, 0x40044103, &(0x7f0000000080)=0x5) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@none}}}, 0x9) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x44, 0x107, 0xfffffffc, 0x0, {0x1, 0x7c}, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}, 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) (async)
r4 = syz_kvm_add_vcpu$x86(0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, 0x0) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000200)={0x0, 0x1, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1]}, 0x18) (async)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@gettaction={0x14, 0x32, 0x801, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x880e) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000140)=[{0x64, 0x0, 0x3, 0x1}, {0x6, 0x0, 0x0, 0x7ffffffd}]}) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x1, 0x0, @pic={0x8, 0x7, 0x8, 0x14, 0x2, 0x1, 0xc5, 0x9, 0x28, 0x2, 0x1, 0x95, 0xb, 0x8, 0x8e, 0x7}}) (async)
socket$unix(0x1, 0x5, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r7, &(0x7f0000004100)={0x2020}, 0x2020) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

te: vblank timer overrun
[  479.104234][T19058] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.172545][T19058] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.178183][ T6033] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  479.182994][ T6033] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  479.187735][ T6033] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  479.191639][ T6033] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.198515][T19039] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  479.204440][ T6033] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  479.428550][T19107] loop6: detected capacity change from 0 to 63
[  479.435677][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.435677][T19108] 
[  479.435677][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.435677][T19108] 
[  479.435677][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.449164][T19108] ufs: failed to set blocksize
[  479.456191][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.456191][T19108] 
[  479.456191][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.456191][T19108] 
[  479.456191][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.469207][T19108] ufs: failed to set blocksize
[  479.469503][T19112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.474949][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.474949][T19108] 
[  479.474949][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.474949][T19108] 
[  479.474949][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.474992][T19112] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.488308][T19108] ufs: failed to set blocksize
[  479.499064][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.499064][T19108] 
[  479.499064][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.499064][T19108] 
[  479.499064][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.511871][T19108] ufs: failed to set blocksize
[  479.518979][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.518979][T19108] 
[  479.518979][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.518979][T19108] 
[  479.518979][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.531880][T19108] ufs: failed to set blocksize
[  479.541061][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.541061][T19108] 
[  479.541061][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.541061][T19108] 
[  479.541061][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.554270][T19108] ufs: failed to set blocksize
[  479.562116][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.562116][T19108] 
[  479.562116][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.562116][T19108] 
[  479.562116][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.574743][T19108] ufs: failed to set blocksize
[  479.581731][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.581731][T19108] 
[  479.581731][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.581731][T19108] 
[  479.581731][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.595273][T19108] ufs: failed to set blocksize
[  479.601051][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.601051][T19108] 
[  479.601051][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.601051][T19108] 
[  479.601051][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.613195][T19108] ufs: failed to set blocksize
[  479.618776][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.618776][T19108] 
[  479.618776][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.618776][T19108] 
[  479.618776][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.630892][T19108] ufs: failed to set blocksize
[  479.636210][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.636210][T19108] 
[  479.636210][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.636210][T19108] 
[  479.636210][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.648385][T19108] ufs: failed to set blocksize
[  479.653926][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.653926][T19108] 
[  479.653926][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.653926][T19108] 
[  479.653926][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.667699][T19108] ufs: failed to set blocksize
[  479.673546][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.673546][T19108] 
[  479.673546][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.673546][T19108] 
[  479.673546][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.685974][T19108] ufs: failed to set blocksize
[  479.693577][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.693577][T19108] 
[  479.693577][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.693577][T19108] 
[  479.693577][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.706131][T19108] ufs: failed to set blocksize
[  479.711582][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.711582][T19108] 
[  479.711582][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.711582][T19108] 
[  479.711582][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.722802][T19108] ufs: failed to set blocksize
[  479.729131][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.729131][T19108] 
[  479.729131][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.729131][T19108] 
[  479.729131][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.741861][T19108] ufs: failed to set blocksize
[  479.747721][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.747721][T19108] 
[  479.747721][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.747721][T19108] 
[  479.747721][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.760863][T19108] ufs: failed to set blocksize
[  479.765585][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.765585][T19108] 
[  479.765585][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.765585][T19108] 
[  479.765585][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.778406][T19108] ufs: failed to set blocksize
[  479.784076][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.784076][T19108] 
[  479.784076][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.784076][T19108] 
[  479.784076][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.796671][T19108] ufs: failed to set blocksize
[  479.802922][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.802922][T19108] 
[  479.802922][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.802922][T19108] 
[  479.802922][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.815738][T19108] ufs: failed to set blocksize
[  479.822014][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.822014][T19108] 
[  479.822014][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.822014][T19108] 
[  479.822014][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.834258][T19108] ufs: failed to set blocksize
[  479.839894][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.839894][T19108] 
[  479.839894][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.839894][T19108] 
[  479.839894][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.852764][T19108] ufs: failed to set blocksize
[  479.860612][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.860612][T19108] 
[  479.860612][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.860612][T19108] 
[  479.860612][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.873306][T19108] ufs: failed to set blocksize
[  479.878678][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.878678][T19108] 
[  479.878678][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.878678][T19108] 
[  479.878678][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.887998][T19108] ufs: failed to set blocksize
[  479.895422][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.895422][T19108] 
[  479.895422][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.895422][T19108] 
[  479.895422][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.905143][T19108] ufs: failed to set blocksize
[  479.911872][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.911872][T19108] 
[  479.911872][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.911872][T19108] 
[  479.911872][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.921571][T19108] ufs: failed to set blocksize
[  479.927882][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.927882][T19108] 
[  479.927882][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.927882][T19108] 
[  479.927882][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.938326][T19108] ufs: failed to set blocksize
[  479.944066][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.944066][T19108] 
[  479.944066][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.944066][T19108] 
[  479.944066][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.953979][T19108] ufs: failed to set blocksize
[  479.961929][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.961929][T19108] 
[  479.961929][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.961929][T19108] 
[  479.961929][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.974770][T19108] ufs: failed to set blocksize
[  479.979802][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.979802][T19108] 
[  479.979802][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.979802][T19108] 
[  479.979802][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  479.992763][T19108] ufs: failed to set blocksize
[  479.998052][T19108] ufs: You didn't specify the type of your ufs filesystem
[  479.998052][T19108] 
[  479.998052][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  479.998052][T19108] 
[  479.998052][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.010297][T19108] ufs: failed to set blocksize
[  480.014736][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.014736][T19108] 
[  480.014736][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.014736][T19108] 
[  480.014736][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.027785][T19108] ufs: failed to set blocksize
[  480.032325][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.032325][T19108] 
[  480.032325][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.032325][T19108] 
[  480.032325][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.044798][T19108] ufs: failed to set blocksize
[  480.050351][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.050351][T19108] 
[  480.050351][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.050351][T19108] 
[  480.050351][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.060240][T19108] ufs: failed to set blocksize
[  480.067832][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.067832][T19108] 
[  480.067832][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.067832][T19108] 
[  480.067832][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.080506][T19108] ufs: failed to set blocksize
[  480.086058][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.086058][T19108] 
[  480.086058][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.086058][T19108] 
[  480.086058][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.098679][T19108] ufs: failed to set blocksize
[  480.104250][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.104250][T19108] 
[  480.104250][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.104250][T19108] 
[  480.104250][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.117037][T19108] ufs: failed to set blocksize
[  480.122602][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.122602][T19108] 
[  480.122602][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.122602][T19108] 
[  480.122602][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.135787][T19108] ufs: failed to set blocksize
[  480.141409][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.141409][T19108] 
[  480.141409][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.141409][T19108] 
[  480.141409][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.153949][T19108] ufs: failed to set blocksize
[  480.160105][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.160105][T19108] 
[  480.160105][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.160105][T19108] 
[  480.160105][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.176083][T19108] ufs: failed to set blocksize
[  480.181989][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.181989][T19108] 
[  480.181989][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.181989][T19108] 
[  480.181989][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.192244][T19108] ufs: failed to set blocksize
[  480.198670][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.198670][T19108] 
[  480.198670][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.198670][T19108] 
[  480.198670][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.208411][T19108] ufs: failed to set blocksize
[  480.215609][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.215609][T19108] 
[  480.215609][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.215609][T19108] 
[  480.215609][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.225445][T19108] ufs: failed to set blocksize
[  480.230469][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.230469][T19108] 
[  480.230469][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.230469][T19108] 
[  480.230469][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.243281][T19108] ufs: failed to set blocksize
[  480.250051][T19108] ufs: You didn't specify the type of your ufs filesystem
[  480.250051][T19108] 
[  480.250051][T19108] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  480.250051][T19108] 
[  480.250051][T19108] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  480.262473][T19108] ufs: failed to set blocksize
[  480.343408][T19125] __nla_validate_parse: 18 callbacks suppressed
[  480.343421][T19125] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6678'.
[  480.367836][T19125] 8021q: adding VLAN 0 to HW filter on device bond1
[  480.377510][T19125] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  480.382691][T19125] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6678'.
[  480.481074][T19125] bond1 (unregistering): (slave dummy0): Releasing backup interface
[  480.487279][T19125] bond1 (unregistering): Released all slaves
[  480.748004][T19199] FAULT_INJECTION: forcing a failure.
[  480.748004][T19199] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.752182][T19199] CPU: 1 UID: 0 PID: 19199 Comm: syz.4.6680 Not tainted syzkaller #0 PREEMPT(full) 
[  480.752198][T19199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  480.752205][T19199] Call Trace:
[  480.752209][T19199]  <TASK>
[  480.752214][T19199]  dump_stack_lvl+0x16c/0x1f0
[  480.752232][T19199]  should_fail_ex+0x512/0x640
[  480.752248][T19199]  _copy_to_user+0x32/0xd0
[  480.752265][T19199]  msr_read+0x14e/0x250
[  480.752280][T19199]  ? __pfx_msr_read+0x10/0x10
[  480.752293][T19199]  ? bpf_lsm_file_permission+0x9/0x10
[  480.752308][T19199]  ? security_file_permission+0x71/0x210
[  480.752324][T19199]  ? rw_verify_area+0xcf/0x6c0
[  480.752365][T19199]  ? __pfx_msr_read+0x10/0x10
[  480.752379][T19199]  vfs_read+0x1e1/0xcf0
[  480.752392][T19199]  ? __pfx_vfs_read+0x10/0x10
[  480.752401][T19199]  ? find_held_lock+0x2b/0x80
[  480.752415][T19199]  ? __fget_files+0x204/0x3c0
[  480.752428][T19199]  ? __fget_files+0x20e/0x3c0
[  480.752443][T19199]  ksys_read+0x12a/0x250
[  480.752453][T19199]  ? __pfx_ksys_read+0x10/0x10
[  480.752468][T19199]  do_syscall_64+0xcd/0x4c0
[  480.752483][T19199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.752507][T19199] RIP: 0033:0x7f104758ebe9
[  480.752516][T19199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.752526][T19199] RSP: 002b:00007f104839b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  480.752536][T19199] RAX: ffffffffffffffda RBX: 00007f10477c5fa0 RCX: 00007f104758ebe9
[  480.752543][T19199] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  480.752549][T19199] RBP: 00007f104839b090 R08: 0000000000000000 R09: 0000000000000000
[  480.752555][T19199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  480.752561][T19199] R13: 00007f10477c6038 R14: 00007f10477c5fa0 R15: 00007ffe95801c28
[  480.752575][T19199]  </TASK>
[  480.954207][T19206] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  480.994345][T19209] netlink: 120 bytes leftover after parsing attributes in process `syz.4.6683'.
[  481.464545][ T1146] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  481.478822][   T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  481.498399][ T1153] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  481.516110][ T1146] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  481.569020][T19233] usb usb8: usbfs: process 19233 (syz.2.6686) did not claim interface 0 before use
[  481.580305][T19233] ipvlan2: entered promiscuous mode
[  481.583577][T19233] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  481.632967][T19239] nlmon0: Master is either lo or non-ether device
[  481.669596][T19241] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6688'.
[  481.704694][T19241] 8021q: adding VLAN 0 to HW filter on device bond3
[  481.727554][T19241] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  481.731864][T19241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6688'.
[  481.851066][ T6026] usb 13-1: USB disconnect, device number 38
[  481.968264][T19241] bond3 (unregistering): (slave dummy0): Releasing backup interface
[  481.972760][T19241] bond3 (unregistering): Released all slaves
[  482.018481][T19300] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.019330][T19336] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  482.038753][T19338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6693'.
[  482.041617][T19338] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6693'.
[  482.047612][T19300] bond0: (slave rose0): Enslaving as an active interface with an up link
[  482.090613][T19347] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6696'.
[  482.094268][T19347] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6696'.
[  482.103619][T19347] gretap0: entered promiscuous mode
[  482.106620][T19347] batadv_slave_1: entered promiscuous mode
[  482.152937][T19356] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.177825][T19357] ipvlan2: entered promiscuous mode
[  482.180484][T19357] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  482.201085][T19368] netlink: 276 bytes leftover after parsing attributes in process `syz.8.6702'.
[  482.232464][T19379] FAULT_INJECTION: forcing a failure.
[  482.232464][T19379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.237873][T19379] CPU: 3 UID: 0 PID: 19379 Comm: syz.8.6704 Not tainted syzkaller #0 PREEMPT(full) 
[  482.237890][T19379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  482.237897][T19379] Call Trace:
[  482.237901][T19379]  <TASK>
[  482.237906][T19379]  dump_stack_lvl+0x16c/0x1f0
[  482.237923][T19379]  should_fail_ex+0x512/0x640
[  482.237940][T19379]  _copy_to_user+0x32/0xd0
[  482.237957][T19379]  msr_read+0x14e/0x250
[  482.237973][T19379]  ? __pfx_msr_read+0x10/0x10
[  482.237986][T19379]  ? bpf_lsm_file_permission+0x9/0x10
[  482.238001][T19379]  ? security_file_permission+0x71/0x210
[  482.238020][T19379]  ? rw_verify_area+0xcf/0x6c0
[  482.238037][T19379]  ? __pfx_msr_read+0x10/0x10
[  482.238051][T19379]  vfs_read+0x1e1/0xcf0
[  482.238064][T19379]  ? __pfx_vfs_read+0x10/0x10
[  482.238074][T19379]  ? find_held_lock+0x2b/0x80
[  482.238088][T19379]  ? __fget_files+0x204/0x3c0
[  482.238103][T19379]  ? __fget_files+0x20e/0x3c0
[  482.238118][T19379]  ksys_read+0x12a/0x250
[  482.238129][T19379]  ? __pfx_ksys_read+0x10/0x10
[  482.238143][T19379]  do_syscall_64+0xcd/0x4c0
[  482.238159][T19379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.238171][T19379] RIP: 0033:0x7feed998ebe9
[  482.238180][T19379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.238191][T19379] RSP: 002b:00007feeda8db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  482.238201][T19379] RAX: ffffffffffffffda RBX: 00007feed9bc5fa0 RCX: 00007feed998ebe9
[  482.238208][T19379] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  482.238215][T19379] RBP: 00007feeda8db090 R08: 0000000000000000 R09: 0000000000000000
[  482.238221][T19379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  482.238227][T19379] R13: 00007feed9bc6038 R14: 00007feed9bc5fa0 R15: 00007ffc2f6467b8
[  482.238241][T19379]  </TASK>
[  482.320667][T19356] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.336569][  T839] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  482.412277][T19385] 8021q: adding VLAN 0 to HW filter on device bond3
[  482.428376][T19356] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.440423][T19385] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  482.493826][  T839] usb 7-1: Using ep0 maxpacket: 8
[  482.509441][  T839] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  482.513487][  T839] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  482.518252][  T839] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  482.522665][  T839] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  482.528156][  T839] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  482.531803][  T839] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.574192][T19385] bond3 (unregistering): (slave dummy0): Releasing backup interface
[  482.585768][T19385] bond3 (unregistering): Released all slaves
[  482.608985][T19356] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.732526][ T1146] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  482.740494][  T839] usb 7-1: usb_control_msg returned -32
[  482.743095][  T839] usbtmc 7-1:16.0: can't read capabilities
[  482.750105][ T1592] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  482.751547][  T839] usb 7-1: USB disconnect, device number 17
[  482.760768][ T1592] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  482.768621][  T219] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  483.321185][T19517] 8021q: adding VLAN 0 to HW filter on device bond3
[  483.329940][T19517] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  483.448838][T19517] bond3 (unregistering): (slave dummy0): Releasing backup interface
[  483.454636][T19517] bond3 (unregistering): Released all slaves
[  483.486525][ T6233] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  483.646468][ T6233] usb 9-1: Using ep0 maxpacket: 16
[  483.649565][ T6233] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.653045][ T6233] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.653491][T19593] FAULT_INJECTION: forcing a failure.
[  483.653491][T19593] name failslab, interval 1, probability 0, space 0, times 0
[  483.656126][ T6233] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  483.660758][T19593] CPU: 2 UID: 0 PID: 19593 Comm: syz.2.6720 Not tainted syzkaller #0 PREEMPT(full) 
[  483.660773][T19593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.660780][T19593] Call Trace:
[  483.660784][T19593]  <TASK>
[  483.660789][T19593]  dump_stack_lvl+0x16c/0x1f0
[  483.660806][T19593]  should_fail_ex+0x512/0x640
[  483.660821][T19593]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  483.660834][T19593]  should_failslab+0xc2/0x120
[  483.660847][T19593]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  483.660858][T19593]  ? alloc_inode+0x61/0x240
[  483.660876][T19593]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  483.660888][T19593]  alloc_inode+0x61/0x240
[  483.660903][T19593]  new_inode+0x22/0x1c0
[  483.660919][T19593]  __debugfs_create_file+0x11c/0x6b0
[  483.660935][T19593]  debugfs_create_file_full+0x41/0x60
[  483.660950][T19593]  ? __pfx_ipvlan_link_setup+0x10/0x10
[  483.660961][T19593]  ref_tracker_dir_debugfs+0x19d/0x290
[  483.660981][T19593]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  483.661006][T19593]  ? __kvmalloc_node_noprof+0x298/0x620
[  483.661017][T19593]  ? lockdep_init_map_type+0x5c/0x280
[  483.661030][T19593]  alloc_netdev_mqs+0x30f/0x1530
[  483.661048][T19593]  rtnl_create_link+0xc08/0xf90
[  483.661064][T19593]  rtnl_newlink+0xb69/0x2000
[  483.661082][T19593]  ? __pfx_rtnl_newlink+0x10/0x10
[  483.661094][T19593]  ? find_held_lock+0x2b/0x80
[  483.661108][T19593]  ? avc_has_perm_noaudit+0x117/0x3b0
[  483.661122][T19593]  ? avc_has_perm_noaudit+0x149/0x3b0
[  483.661145][T19593]  ? find_held_lock+0x2b/0x80
[  483.661157][T19593]  ? __pfx_rtnl_newlink+0x10/0x10
[  483.661170][T19593]  ? __pfx_rtnl_newlink+0x10/0x10
[  483.661182][T19593]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  483.661197][T19593]  ? __pfx_rtnl_newlink+0x10/0x10
[  483.661211][T19593]  rtnetlink_rcv_msg+0x95e/0xe90
[  483.661226][T19593]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  483.661244][T19593]  ? ref_tracker_free+0x37c/0x830
[  483.661259][T19593]  netlink_rcv_skb+0x155/0x420
[  483.661274][T19593]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  483.661288][T19593]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  483.661307][T19593]  ? netlink_deliver_tap+0x1ae/0xd30
[  483.661323][T19593]  netlink_unicast+0x5aa/0x870
[  483.661339][T19593]  ? __pfx_netlink_unicast+0x10/0x10
[  483.661353][T19593]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  483.661371][T19593]  netlink_sendmsg+0x8d1/0xdd0
[  483.661387][T19593]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.661407][T19593]  ____sys_sendmsg+0xa98/0xc70
[  483.661423][T19593]  ? copy_msghdr_from_user+0x10a/0x160
[  483.661436][T19593]  ? __pfx_____sys_sendmsg+0x10/0x10
[  483.661459][T19593]  ___sys_sendmsg+0x134/0x1d0
[  483.661473][T19593]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.661503][T19593]  __sys_sendmsg+0x16d/0x220
[  483.661517][T19593]  ? __pfx___sys_sendmsg+0x10/0x10
[  483.661539][T19593]  do_syscall_64+0xcd/0x4c0
[  483.661554][T19593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.661579][T19593] RIP: 0033:0x7f491118ebe9
[  483.661589][T19593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.661599][T19593] RSP: 002b:00007f4911f4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.661610][T19593] RAX: ffffffffffffffda RBX: 00007f49113c5fa0 RCX: 00007f491118ebe9
[  483.661617][T19593] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000f
[  483.661623][T19593] RBP: 00007f4911f4e090 R08: 0000000000000000 R09: 0000000000000000
[  483.661629][T19593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.661636][T19593] R13: 00007f49113c6038 R14: 00007f49113c5fa0 R15: 00007fffb3e9d338
[  483.661650][T19593]  </TASK>
[  483.661701][T19593] debugfs: out of free dentries, can not create file 'netdev@ffff888013350610'
[  483.665830][ T6233] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  483.673191][T19593] nlmon0: Master is either lo or non-ether device
[  483.673794][ T6233] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.804270][ T6233] usb 9-1: config 0 descriptor??
[  483.858600][T19616] nlmon0: Master is either lo or non-ether device
[  483.912028][T19619] support for cryptoloop has been removed.  Use dm-crypt instead.
[  483.995982][T19633] FAULT_INJECTION: forcing a failure.
[  483.995982][T19633] name failslab, interval 1, probability 0, space 0, times 0
[  484.004291][T19633] CPU: 0 UID: 0 PID: 19633 Comm: syz.8.6732 Not tainted syzkaller #0 PREEMPT(full) 
[  484.004339][T19633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  484.004350][T19633] Call Trace:
[  484.004356][T19633]  <TASK>
[  484.004364][T19633]  dump_stack_lvl+0x16c/0x1f0
[  484.004390][T19633]  should_fail_ex+0x512/0x640
[  484.004412][T19633]  ? fs_reclaim_acquire+0xae/0x150
[  484.004438][T19633]  should_failslab+0xc2/0x120
[  484.004460][T19633]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  484.004478][T19633]  ? security_inode_alloc+0x3b/0x2b0
[  484.004505][T19633]  security_inode_alloc+0x3b/0x2b0
[  484.004529][T19633]  inode_init_always_gfp+0xce4/0x1030
[  484.004554][T19633]  alloc_inode+0x86/0x240
[  484.004580][T19633]  new_inode+0x22/0x1c0
[  484.004607][T19633]  __debugfs_create_file+0x11c/0x6b0
[  484.004633][T19633]  debugfs_create_file_full+0x41/0x60
[  484.004659][T19633]  ? __pfx_ipvlan_link_setup+0x10/0x10
[  484.004677][T19633]  ref_tracker_dir_debugfs+0x19d/0x290
[  484.004701][T19633]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  484.004745][T19633]  ? __kvmalloc_node_noprof+0x298/0x620
[  484.004765][T19633]  ? lockdep_init_map_type+0x5c/0x280
[  484.004788][T19633]  alloc_netdev_mqs+0x30f/0x1530
[  484.004817][T19633]  rtnl_create_link+0xc08/0xf90
[  484.004845][T19633]  rtnl_newlink+0xb69/0x2000
[  484.004876][T19633]  ? __pfx_rtnl_newlink+0x10/0x10
[  484.004897][T19633]  ? find_held_lock+0x2b/0x80
[  484.004920][T19633]  ? avc_has_perm_noaudit+0x117/0x3b0
[  484.004943][T19633]  ? avc_has_perm_noaudit+0x149/0x3b0
[  484.004992][T19633]  ? find_held_lock+0x2b/0x80
[  484.005012][T19633]  ? __pfx_rtnl_newlink+0x10/0x10
[  484.005033][T19633]  ? __pfx_rtnl_newlink+0x10/0x10
[  484.005053][T19633]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  484.005076][T19633]  ? __pfx_rtnl_newlink+0x10/0x10
[  484.005098][T19633]  rtnetlink_rcv_msg+0x95e/0xe90
[  484.005124][T19633]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  484.005154][T19633]  ? ref_tracker_free+0x37c/0x830
[  484.005182][T19633]  netlink_rcv_skb+0x155/0x420
[  484.005205][T19633]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  484.005230][T19633]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  484.005264][T19633]  ? netlink_deliver_tap+0x1ae/0xd30
[  484.005291][T19633]  netlink_unicast+0x5aa/0x870
[  484.005318][T19633]  ? __pfx_netlink_unicast+0x10/0x10
[  484.005341][T19633]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  484.005372][T19633]  netlink_sendmsg+0x8d1/0xdd0
[  484.005400][T19633]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.005434][T19633]  ____sys_sendmsg+0xa98/0xc70
[  484.005461][T19633]  ? copy_msghdr_from_user+0x10a/0x160
[  484.005483][T19633]  ? __pfx_____sys_sendmsg+0x10/0x10
[  484.005522][T19633]  ___sys_sendmsg+0x134/0x1d0
[  484.005546][T19633]  ? __pfx____sys_sendmsg+0x10/0x10
[  484.005601][T19633]  __sys_sendmsg+0x16d/0x220
[  484.005624][T19633]  ? __pfx___sys_sendmsg+0x10/0x10
[  484.005664][T19633]  do_syscall_64+0xcd/0x4c0
[  484.005690][T19633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.005708][T19633] RIP: 0033:0x7feed998ebe9
[  484.005722][T19633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.005739][T19633] RSP: 002b:00007feeda8db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  484.005756][T19633] RAX: ffffffffffffffda RBX: 00007feed9bc5fa0 RCX: 00007feed998ebe9
[  484.005767][T19633] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000f
[  484.005778][T19633] RBP: 00007feeda8db090 R08: 0000000000000000 R09: 0000000000000000
[  484.005788][T19633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  484.005798][T19633] R13: 00007feed9bc6038 R14: 00007feed9bc5fa0 R15: 00007ffc2f6467b8
[  484.005824][T19633]  </TASK>
[  484.005854][T19633] debugfs: out of free dentries, can not create file 'netdev@ffff8880382b6610'
[  484.136617][T19633] nlmon0: Master is either lo or non-ether device
[  484.176507][T19637] FAULT_INJECTION: forcing a failure.
[  484.176507][T19637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  484.180871][T19637] CPU: 0 UID: 0 PID: 19637 Comm: syz.8.6733 Not tainted syzkaller #0 PREEMPT(full) 
[  484.180886][T19637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  484.180893][T19637] Call Trace:
[  484.180898][T19637]  <TASK>
[  484.180902][T19637]  dump_stack_lvl+0x16c/0x1f0
[  484.180920][T19637]  should_fail_ex+0x512/0x640
[  484.180936][T19637]  _copy_to_user+0x32/0xd0
[  484.180953][T19637]  msr_read+0x14e/0x250
[  484.180968][T19637]  ? __pfx_msr_read+0x10/0x10
[  484.180981][T19637]  ? bpf_lsm_file_permission+0x9/0x10
[  484.180999][T19637]  ? security_file_permission+0x71/0x210
[  484.181016][T19637]  ? rw_verify_area+0xcf/0x6c0
[  484.181033][T19637]  ? __pfx_msr_read+0x10/0x10
[  484.181046][T19637]  vfs_read+0x1e1/0xcf0
[  484.181059][T19637]  ? __pfx_vfs_read+0x10/0x10
[  484.181068][T19637]  ? find_held_lock+0x2b/0x80
[  484.181082][T19637]  ? __fget_files+0x204/0x3c0
[  484.181095][T19637]  ? __fget_files+0x20e/0x3c0
[  484.181111][T19637]  ksys_read+0x12a/0x250
[  484.181121][T19637]  ? __pfx_ksys_read+0x10/0x10
[  484.181135][T19637]  do_syscall_64+0xcd/0x4c0
[  484.181150][T19637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.181161][T19637] RIP: 0033:0x7feed998ebe9
[  484.181171][T19637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.181186][T19637] RSP: 002b:00007feeda8db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  484.181200][T19637] RAX: ffffffffffffffda RBX: 00007feed9bc5fa0 RCX: 00007feed998ebe9
[  484.181211][T19637] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  484.181221][T19637] RBP: 00007feeda8db090 R08: 0000000000000000 R09: 0000000000000000
[  484.181232][T19637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  484.181241][T19637] R13: 00007feed9bc6038 R14: 00007feed9bc5fa0 R15: 00007ffc2f6467b8
[  484.181264][T19637]  </TASK>
[  484.215236][ T6233] HID 045e:07da: Invalid code 65791 type 1
[  484.255734][ T6233] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/0003:045E:07DA.002E/input/input80
[  484.269640][ T6233] microsoft 0003:045E:07DA.002E: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  484.472199][   T10] usb 9-1: USB disconnect, device number 11
[  484.644261][T19684] 8021q: adding VLAN 0 to HW filter on device bond3
[  484.653212][T19684] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  484.766098][T19684] bond3 (unregistering): (slave dummy0): Releasing backup interface
[  484.771161][T19684] bond3 (unregistering): Released all slaves
[  484.853023][T19752] SELinux:  policydb table sizes (203,2147483647) do not match mine (8,7)
[  484.855795][T19752] SELinux: failed to load policy
[  484.882509][T19754] bond0: entered promiscuous mode
[  484.884622][T19754] mac80211_hwsim hwsim43 wlan1: entered promiscuous mode
[  484.893708][T19754] batadv0: entered promiscuous mode
[  484.898262][T19754] 8021q: adding VLAN 0 to HW filter on device hsr2
[  484.903834][T19754] bond0: left promiscuous mode
[  484.909966][T19754] mac80211_hwsim hwsim43 wlan1: left promiscuous mode
[  484.913517][T19754] batadv0: left promiscuous mode
[  485.115412][   T40] audit: type=1400 audit(3515054319.841:1340): avc:  denied  { execute } for  pid=19787 comm="syz.4.6750" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  485.200083][T19798] 9p filesystem being mounted at /341 supports timestamps until 2106-02-07 (0xffffffff)
[  485.405172][T19811] 9pnet_fd: Insufficient options for proto=fd
[  485.409462][   T40] audit: type=1400 audit(3515054320.141:1341): avc:  denied  { mount } for  pid=19810 comm="syz.2.6757" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  485.418477][   T40] audit: type=1400 audit(3515054320.141:1342): avc:  denied  { search } for  pid=19810 comm="syz.2.6757" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  485.426155][   T40] audit: type=1400 audit(3515054320.141:1343): avc:  denied  { search } for  pid=19810 comm="syz.2.6757" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  485.433655][   T40] audit: type=1400 audit(3515054320.141:1344): avc:  denied  { read open } for  pid=19810 comm="syz.2.6757" path="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  485.448701][T19813] nlmon0: Master is either lo or non-ether device
[  485.621950][T19828] netlink: 'syz.3.6762': attribute type 12 has an invalid length.
[  485.669579][T19833] loop6: detected capacity change from 0 to 7
[  485.678421][T19833] Dev loop6: unable to read RDB block 7
[  485.680808][T19833]  loop6: unable to read partition table
[  485.683331][T19833] loop6: partition table beyond EOD, truncated
[  485.685870][T19833] loop_reread_partitions: partition scan of loop6 (śłƒå”™‰ü¾CźjĢ–ć¢P=Ć½?ć}X‹ŗŠ	œėÜ%õ«`Éęրł…ˆ{ķ©Ö˜Čµ4FLQkŻŠ) failed (rc=-5)
[  485.728313][T19839] FAULT_INJECTION: forcing a failure.
[  485.728313][T19839] name failslab, interval 1, probability 0, space 0, times 0
[  485.733431][T19839] CPU: 3 UID: 0 PID: 19839 Comm: syz.3.6765 Not tainted syzkaller #0 PREEMPT(full) 
[  485.733455][T19839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  485.733467][T19839] Call Trace:
[  485.733473][T19839]  <TASK>
[  485.733481][T19839]  dump_stack_lvl+0x16c/0x1f0
[  485.733507][T19839]  should_fail_ex+0x512/0x640
[  485.733529][T19839]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  485.733551][T19839]  should_failslab+0xc2/0x120
[  485.733571][T19839]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  485.733590][T19839]  ? __alloc_skb+0x2b2/0x380
[  485.733616][T19839]  __alloc_skb+0x2b2/0x380
[  485.733635][T19839]  ? __pfx___alloc_skb+0x10/0x10
[  485.733656][T19839]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  485.733689][T19839]  netlink_alloc_large_skb+0x69/0x130
[  485.733714][T19839]  netlink_sendmsg+0x6a1/0xdd0
[  485.733742][T19839]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.733774][T19839]  ____sys_sendmsg+0xa98/0xc70
[  485.733802][T19839]  ? copy_msghdr_from_user+0x10a/0x160
[  485.733823][T19839]  ? __pfx_____sys_sendmsg+0x10/0x10
[  485.733861][T19839]  ___sys_sendmsg+0x134/0x1d0
[  485.733884][T19839]  ? __pfx____sys_sendmsg+0x10/0x10
[  485.733936][T19839]  __sys_sendmsg+0x16d/0x220
[  485.733959][T19839]  ? __pfx___sys_sendmsg+0x10/0x10
[  485.733997][T19839]  do_syscall_64+0xcd/0x4c0
[  485.734022][T19839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.734040][T19839] RIP: 0033:0x7f97b1f8ebe9
[  485.734054][T19839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.734071][T19839] RSP: 002b:00007f97b2d71038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.734089][T19839] RAX: ffffffffffffffda RBX: 00007f97b21c5fa0 RCX: 00007f97b1f8ebe9
[  485.734100][T19839] RDX: 0000000020000000 RSI: 0000200000000040 RDI: 0000000000000003
[  485.734111][T19839] RBP: 00007f97b2d71090 R08: 0000000000000000 R09: 0000000000000000
[  485.734121][T19839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.734131][T19839] R13: 00007f97b21c6038 R14: 00007f97b21c5fa0 R15: 00007ffd8552b618
[  485.734155][T19839]  </TASK>
[  485.823849][T19845] __nla_validate_parse: 18 callbacks suppressed
[  485.823866][T19845] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6768'.
[  485.831664][T19845] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6768'.
[  485.856229][T19854] netlink: 120 bytes leftover after parsing attributes in process `syz.3.6769'.
[  485.944229][T19864] support for cryptoloop has been removed.  Use dm-crypt instead.
[  486.004473][T19874] netlink: 'syz.8.6774': attribute type 4 has an invalid length.
[  486.270678][T19903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6784'.
[  486.274138][T19903] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6784'.
[  486.963229][T19922] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.042457][T19893] overlayfs: statfs failed on './file0'
[  487.075228][T19922] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.147247][T19922] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.169845][T19939] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6792'.
[  487.191748][T19939] 8021q: adding VLAN 0 to HW filter on device bond1
[  487.201709][T19939] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  487.209378][T19939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6792'.
[  487.331085][T19939] bond1 (unregistering): (slave dummy0): Releasing backup interface
[  487.337556][T19939] bond1 (unregistering): Released all slaves
[  487.349855][T19980] nlmon0: Master is either lo or non-ether device
[  487.371859][T19922] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.407878][T20029] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6801'.
[  487.440231][   T40] audit: type=1400 audit(3515054322.171:1345): avc:  denied  { write } for  pid=20030 comm="syz.8.6802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  487.499609][T20040] FAULT_INJECTION: forcing a failure.
[  487.499609][T20040] name failslab, interval 1, probability 0, space 0, times 0
[  487.501721][   T40] audit: type=1800 audit(3515054322.231:1346): pid=20040 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.6805" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  487.510719][ T1153] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  487.516779][T20040] CPU: 3 UID: 0 PID: 20040 Comm: syz.2.6805 Not tainted syzkaller #0 PREEMPT(full) 
[  487.516796][T20040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.516803][T20040] Call Trace:
[  487.516807][T20040]  <TASK>
[  487.516811][T20040]  dump_stack_lvl+0x16c/0x1f0
[  487.516829][T20040]  should_fail_ex+0x512/0x640
[  487.516843][T20040]  ? fs_reclaim_acquire+0xae/0x150
[  487.516859][T20040]  should_failslab+0xc2/0x120
[  487.516871][T20040]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  487.516883][T20040]  ? p9_tag_alloc+0x9c/0x640
[  487.516899][T20040]  p9_tag_alloc+0x9c/0x640
[  487.516913][T20040]  ? __pfx_p9_tag_alloc+0x10/0x10
[  487.516926][T20040]  ? stack_depot_save_flags+0x29/0x9c0
[  487.516945][T20040]  p9_client_prepare_req+0x19b/0x4d0
[  487.516959][T20040]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  487.516972][T20040]  ? vm_mmap_pgoff+0xec/0x470
[  487.516987][T20040]  ? __lock_acquire+0xb97/0x1ce0
[  487.517006][T20040]  p9_client_rpc+0x1c4/0xc50
[  487.517021][T20040]  ? __pfx_p9_client_rpc+0x10/0x10
[  487.517036][T20040]  ? idr_alloc_u32+0x20f/0x2f0
[  487.517051][T20040]  ? idr_preload_end+0xc2/0x230
[  487.517064][T20040]  ? rcu_is_watching+0x12/0xc0
[  487.517080][T20040]  p9_client_xattrwalk+0xc0/0x290
[  487.517097][T20040]  v9fs_fid_xattr_get+0x10a/0x300
[  487.517115][T20040]  ? __pfx_v9fs_fid_xattr_get+0x10/0x10
[  487.517131][T20040]  ? __pfx_v9fs_fid_find+0x10/0x10
[  487.517151][T20040]  ? v9fs_fid_lookup+0xe9/0xeb0
[  487.517169][T20040]  v9fs_xattr_handler_get+0x6b/0x120
[  487.517184][T20040]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  487.517201][T20040]  vfs_getxattr_alloc+0x1b7/0x340
[  487.517216][T20040]  ? __pfx_vfs_getxattr_alloc+0x10/0x10
[  487.517227][T20040]  ? down_write+0x14d/0x200
[  487.517245][T20040]  ima_read_xattr+0x38/0x60
[  487.517261][T20040]  process_measurement+0x1180/0x23e0
[  487.517280][T20040]  ? avc_has_perm_noaudit+0x149/0x3b0
[  487.517292][T20040]  ? __pfx_process_measurement+0x10/0x10
[  487.517308][T20040]  ? avc_has_perm+0x144/0x1f0
[  487.517319][T20040]  ? __pfx_avc_has_perm+0x10/0x10
[  487.517330][T20040]  ? find_held_lock+0x2b/0x80
[  487.517344][T20040]  ? avc_has_perm_noaudit+0x117/0x3b0
[  487.517368][T20040]  ? file_map_prot_check+0x1eb/0x360
[  487.517386][T20040]  ima_file_mmap+0x1a8/0x1d0
[  487.517401][T20040]  ? __pfx_ima_file_mmap+0x10/0x10
[  487.517420][T20040]  security_mmap_file+0x88c/0x990
[  487.517437][T20040]  vm_mmap_pgoff+0xec/0x470
[  487.517451][T20040]  ? find_held_lock+0x2b/0x80
[  487.517463][T20040]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  487.517479][T20040]  ? __fget_files+0x20e/0x3c0
[  487.517493][T20040]  ksys_mmap_pgoff+0x32c/0x5c0
[  487.517507][T20040]  ? __pfx_ksys_write+0x10/0x10
[  487.517519][T20040]  __x64_sys_mmap+0x125/0x190
[  487.517532][T20040]  do_syscall_64+0xcd/0x4c0
[  487.517547][T20040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.517558][T20040] RIP: 0033:0x7f491118ebe9
[  487.517568][T20040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.517578][T20040] RSP: 002b:00007f4911f4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  487.517588][T20040] RAX: ffffffffffffffda RBX: 00007f49113c5fa0 RCX: 00007f491118ebe9
[  487.517595][T20040] RDX: 00000000007ffffe RSI: 0000000000600402 RDI: 0000200000000000
[  487.517601][T20040] RBP: 00007f4911f4e090 R08: 0000000000000003 R09: 0000000000800000
[  487.517607][T20040] R10: 0000000004002011 R11: 0000000000000246 R12: 0000000000000001
[  487.517613][T20040] R13: 00007f49113c6038 R14: 00007f49113c5fa0 R15: 00007fffb3e9d338
[  487.517627][T20040]  </TASK>
[  487.522480][   T40] audit: type=1800 audit(3515054322.251:1347): pid=20040 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.6805" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  487.527157][ T1153] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  487.541821][ T2422] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  487.552055][ T2422] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  487.585306][T20055] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6809'.
[  487.700086][T20066] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6812'.
[  487.765771][T20069] 8021q: adding VLAN 0 to HW filter on device bond1
[  487.789523][T20069] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  487.929098][T20114] FAULT_INJECTION: forcing a failure.
[  487.929098][T20114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  487.933308][T20069] bond1 (unregistering): (slave dummy0): Releasing backup interface
[  487.934716][T20114] CPU: 0 UID: 0 PID: 20114 Comm: syz.8.6816 Not tainted syzkaller #0 PREEMPT(full) 
[  487.934740][T20114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  487.934750][T20114] Call Trace:
[  487.934757][T20114]  <TASK>
[  487.934765][T20114]  dump_stack_lvl+0x16c/0x1f0
[  487.934791][T20114]  should_fail_ex+0x512/0x640
[  487.934817][T20114]  _copy_to_user+0x32/0xd0
[  487.934845][T20114]  msr_read+0x14e/0x250
[  487.934869][T20114]  ? __pfx_msr_read+0x10/0x10
[  487.934891][T20114]  ? bpf_lsm_file_permission+0x9/0x10
[  487.934912][T20114]  ? security_file_permission+0x71/0x210
[  487.934939][T20114]  ? rw_verify_area+0xcf/0x6c0
[  487.934966][T20114]  ? __pfx_msr_read+0x10/0x10
[  487.934989][T20114]  vfs_read+0x1e1/0xcf0
[  487.935011][T20114]  ? __pfx_vfs_read+0x10/0x10
[  487.935027][T20114]  ? find_held_lock+0x2b/0x80
[  487.935049][T20114]  ? __fget_files+0x204/0x3c0
[  487.935073][T20114]  ? __fget_files+0x20e/0x3c0
[  487.935100][T20114]  ksys_read+0x12a/0x250
[  487.935117][T20114]  ? __pfx_ksys_read+0x10/0x10
[  487.935142][T20114]  do_syscall_64+0xcd/0x4c0
[  487.935167][T20114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.935185][T20114] RIP: 0033:0x7feed998ebe9
[  487.935200][T20114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.935216][T20114] RSP: 002b:00007feeda8db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  487.935233][T20114] RAX: ffffffffffffffda RBX: 00007feed9bc5fa0 RCX: 00007feed998ebe9
[  487.935245][T20114] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  487.935256][T20114] RBP: 00007feeda8db090 R08: 0000000000000000 R09: 0000000000000000
[  487.935266][T20114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  487.935276][T20114] R13: 00007feed9bc6038 R14: 00007feed9bc5fa0 R15: 00007ffc2f6467b8
[  487.935300][T20114]  </TASK>
[  488.010056][T20069] bond1 (unregistering): Released all slaves
[  488.090780][T20167] nlmon0: Master is either lo or non-ether device
[  488.172579][   T40] audit: type=1800 audit(3515054322.901:1348): pid=20187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.6830" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  488.186166][   T40] audit: type=1800 audit(3515054322.901:1349): pid=20187 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.6830" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  488.284327][T20205] nlmon0: Master is either lo or non-ether device
[  488.338512][T20219] support for cryptoloop has been removed.  Use dm-crypt instead.
[  488.402222][T20235] bridge_slave_0: left allmulticast mode
[  488.404434][T20235] bridge_slave_0: left promiscuous mode
[  488.408841][T20235] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.415113][T20235] bridge_slave_1: left allmulticast mode
[  488.417139][T20235] bridge_slave_1: left promiscuous mode
[  488.419085][T20235] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.423949][T20235] bond0: (slave bond_slave_0): Releasing backup interface
[  488.432466][T20235] bond0: (slave bond_slave_1): Releasing backup interface
[  488.443550][T20235] team0: Port device team_slave_1 removed
[  488.446169][T20235] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  488.449553][T20235] batman_adv: batadv0: Removing interface: batadv_slave_0
[  488.454689][T20235] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  488.458224][T20235] batman_adv: batadv0: Removing interface: batadv_slave_1
[  488.506651][T20244] nlmon0: Master is either lo or non-ether device
[  488.512808][T20252] binder: 20240:20252 ioctl c058671e ffffffffffffffff returned -22
[  488.562235][T20259] gfs2: gfs2 mount does not exist
[  488.602076][T20265] support for cryptoloop has been removed.  Use dm-crypt instead.
[  488.635385][T20279] FAULT_INJECTION: forcing a failure.
[  488.635385][T20279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.640338][T20279] CPU: 0 UID: 0 PID: 20279 Comm: syz.3.6861 Not tainted syzkaller #0 PREEMPT(full) 
[  488.640354][T20279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.640361][T20279] Call Trace:
[  488.640366][T20279]  <TASK>
[  488.640370][T20279]  dump_stack_lvl+0x16c/0x1f0
[  488.640389][T20279]  should_fail_ex+0x512/0x640
[  488.640405][T20279]  _copy_to_user+0x32/0xd0
[  488.640422][T20279]  msr_read+0x14e/0x250
[  488.640438][T20279]  ? __pfx_msr_read+0x10/0x10
[  488.640451][T20279]  ? bpf_lsm_file_permission+0x9/0x10
[  488.640466][T20279]  ? security_file_permission+0x71/0x210
[  488.640483][T20279]  ? rw_verify_area+0xcf/0x6c0
[  488.640500][T20279]  ? __pfx_msr_read+0x10/0x10
[  488.640514][T20279]  vfs_read+0x1e1/0xcf0
[  488.640527][T20279]  ? __pfx_vfs_read+0x10/0x10
[  488.640536][T20279]  ? find_held_lock+0x2b/0x80
[  488.640550][T20279]  ? __fget_files+0x204/0x3c0
[  488.640564][T20279]  ? __fget_files+0x20e/0x3c0
[  488.640579][T20279]  ksys_read+0x12a/0x250
[  488.640590][T20279]  ? __pfx_ksys_read+0x10/0x10
[  488.640607][T20279]  do_syscall_64+0xcd/0x4c0
[  488.640646][T20279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.640663][T20279] RIP: 0033:0x7f97b1f8ebe9
[  488.640673][T20279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.640686][T20279] RSP: 002b:00007f97b2d71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  488.640701][T20279] RAX: ffffffffffffffda RBX: 00007f97b21c5fa0 RCX: 00007f97b1f8ebe9
[  488.640714][T20279] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  488.640730][T20279] RBP: 00007f97b2d71090 R08: 0000000000000000 R09: 0000000000000000
[  488.640740][T20279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  488.640749][T20279] R13: 00007f97b21c6038 R14: 00007f97b21c5fa0 R15: 00007ffd8552b618
[  488.640772][T20279]  </TASK>
[  488.721379][T20284] gretap0: entered promiscuous mode
[  488.723588][T20284] batadv_slave_1: entered promiscuous mode
[  488.726267][T20284] debugfs: 'hsr1' already exists in 'hsr'
[  488.729420][T20284] Cannot create hsr debugfs directory
[  488.776167][T20297] nlmon0: Master is either lo or non-ether device
[  488.996817][   T10] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  489.146799][   T10] usb 7-1: Using ep0 maxpacket: 8
[  489.150739][   T10] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  489.153451][   T10] usb 7-1: config 179 has no interface number 0
[  489.156037][   T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  489.161353][   T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  489.164932][   T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  489.169036][   T10] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  489.169087][T20312] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5122 sclass=netlink_audit_socket pid=20312 comm=syz.8.6869
[  489.173424][   T10] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  489.173453][   T10] usb 7-1: config 179 interface 65 has no altsetting 0
[  489.173480][   T10] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  489.173499][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.182640][   T10] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input81
[  489.299441][T20325] batadv_slave_1 (unregistering): left promiscuous mode
[  489.381837][  T839] usb 7-1: USB disconnect, device number 18
[  489.384411][    C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  489.438909][T20352] gretap0: entered promiscuous mode
[  489.442178][T20352] batadv_slave_1: entered promiscuous mode
[  489.445304][T20352] debugfs: 'hsr1' already exists in 'hsr'
[  489.447858][T20352] Cannot create hsr debugfs directory
[  489.488144][T20362] netlink: 'syz.8.6877': attribute type 3 has an invalid length.
[  489.612917][T20373] netlink: 'syz.4.6881': attribute type 12 has an invalid length.
[  489.750558][ T5332] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  489.761750][ T5332] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  489.767007][ T5332] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  489.774239][ T5332] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  489.778652][ T5332] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  489.921165][T20381] chnl_net:caif_netlink_parms(): no params data found
[  490.007082][T20602] trusted_key: encrypted_key: insufficient parameters specified
[  490.044672][T20381] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.048891][T20381] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.051543][T20381] bridge_slave_0: entered allmulticast mode
[  490.056091][T20381] bridge_slave_0: entered promiscuous mode
[  490.063032][T20381] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.065898][T20381] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.070583][T20381] bridge_slave_1: entered allmulticast mode
[  490.074194][T20381] bridge_slave_1: entered promiscuous mode
[  490.144044][T20381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.151083][T20381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.215403][T20381] team0: Port device team_slave_0 added
[  490.221888][T20381] team0: Port device team_slave_1 added
[  490.318974][T20381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  490.321613][T20381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.329646][T20381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  490.341701][T20969] A link change request failed with some changes committed already. Interface veth1 may have been left with an inconsistent configuration, please check.
[  490.347093][T20381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  490.349754][T20381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  490.358129][T20381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  490.391145][T21133] FAULT_INJECTION: forcing a failure.
[  490.391145][T21133] name failslab, interval 1, probability 0, space 0, times 0
[  490.398281][T21133] CPU: 0 UID: 0 PID: 21133 Comm: syz.4.6897 Not tainted syzkaller #0 PREEMPT(full) 
[  490.398305][T21133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  490.398316][T21133] Call Trace:
[  490.398324][T21133]  <TASK>
[  490.398331][T21133]  dump_stack_lvl+0x16c/0x1f0
[  490.398359][T21133]  should_fail_ex+0x512/0x640
[  490.398381][T21133]  ? __kmalloc_node_noprof+0xc5/0x500
[  490.398401][T21133]  should_failslab+0xc2/0x120
[  490.398416][T21133]  __kmalloc_node_noprof+0xd8/0x500
[  490.398426][T21133]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  490.398439][T21133]  ? alloc_slab_obj_exts+0x41/0xa0
[  490.398456][T21133]  alloc_slab_obj_exts+0x41/0xa0
[  490.398472][T21133]  new_slab+0x27d/0x330
[  490.398488][T21133]  ___slab_alloc+0xcf2/0x1750
[  490.398504][T21133]  ? alloc_netdev_mqs+0xe58/0x1530
[  490.398524][T21133]  ? alloc_netdev_mqs+0xe58/0x1530
[  490.398537][T21133]  ? __slab_alloc.constprop.0+0x56/0xb0
[  490.398552][T21133]  __slab_alloc.constprop.0+0x56/0xb0
[  490.398570][T21133]  __kmalloc_cache_noprof+0xfb/0x3e0
[  490.398586][T21133]  ? __asan_memset+0x23/0x50
[  490.398600][T21133]  ? alloc_netdev_mqs+0xe58/0x1530
[  490.398615][T21133]  alloc_netdev_mqs+0xe58/0x1530
[  490.398637][T21133]  rtnl_create_link+0xc08/0xf90
[  490.398653][T21133]  rtnl_newlink+0xb69/0x2000
[  490.398671][T21133]  ? __pfx_rtnl_newlink+0x10/0x10
[  490.398684][T21133]  ? find_held_lock+0x2b/0x80
[  490.398697][T21133]  ? avc_has_perm_noaudit+0x117/0x3b0
[  490.398712][T21133]  ? avc_has_perm_noaudit+0x149/0x3b0
[  490.398735][T21133]  ? find_held_lock+0x2b/0x80
[  490.398747][T21133]  ? __pfx_rtnl_newlink+0x10/0x10
[  490.398760][T21133]  ? __pfx_rtnl_newlink+0x10/0x10
[  490.398772][T21133]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  490.398786][T21133]  ? __pfx_rtnl_newlink+0x10/0x10
[  490.398800][T21133]  rtnetlink_rcv_msg+0x95e/0xe90
[  490.398816][T21133]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  490.398834][T21133]  ? ref_tracker_free+0x37c/0x830
[  490.398850][T21133]  netlink_rcv_skb+0x155/0x420
[  490.398864][T21133]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  490.398880][T21133]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  490.398899][T21133]  ? netlink_deliver_tap+0x1ae/0xd30
[  490.398915][T21133]  netlink_unicast+0x5aa/0x870
[  490.398931][T21133]  ? __pfx_netlink_unicast+0x10/0x10
[  490.398945][T21133]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  490.398963][T21133]  netlink_sendmsg+0x8d1/0xdd0
[  490.398979][T21133]  ? __pfx_netlink_sendmsg+0x10/0x10
[  490.398998][T21133]  ____sys_sendmsg+0xa98/0xc70
[  490.399015][T21133]  ? copy_msghdr_from_user+0x10a/0x160
[  490.399028][T21133]  ? __pfx_____sys_sendmsg+0x10/0x10
[  490.399050][T21133]  ___sys_sendmsg+0x134/0x1d0
[  490.399064][T21133]  ? __pfx____sys_sendmsg+0x10/0x10
[  490.399094][T21133]  __sys_sendmsg+0x16d/0x220
[  490.399107][T21133]  ? __pfx___sys_sendmsg+0x10/0x10
[  490.399129][T21133]  do_syscall_64+0xcd/0x4c0
[  490.399144][T21133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.399156][T21133] RIP: 0033:0x7f104758ebe9
[  490.399166][T21133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.399176][T21133] RSP: 002b:00007f104839b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  490.399186][T21133] RAX: ffffffffffffffda RBX: 00007f10477c5fa0 RCX: 00007f104758ebe9
[  490.399193][T21133] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000f
[  490.399200][T21133] RBP: 00007f104839b090 R08: 0000000000000000 R09: 0000000000000000
[  490.399206][T21133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  490.399212][T21133] R13: 00007f10477c6038 R14: 00007f10477c5fa0 R15: 00007ffe95801c28
[  490.399226][T21133]  </TASK>
[  490.399265][T21133] nlmon0: Master is either lo or non-ether device
[  490.565497][T20381] hsr_slave_0: entered promiscuous mode
[  490.568015][T20381] hsr_slave_1: entered promiscuous mode
[  490.570125][T20381] debugfs: 'hsr0' already exists in 'hsr'
[  490.572268][T20381] Cannot create hsr debugfs directory
[  490.728554][T20381] netdevsim netdevsim8 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  490.731912][T20381] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.736377][ T6233] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  490.797819][T20381] netdevsim netdevsim8 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  490.801834][T20381] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.834204][T21488] __nla_validate_parse: 28 callbacks suppressed
[  490.834223][T21488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6904'.
[  490.841420][T21488] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6904'.
[  490.871108][T20381] netdevsim netdevsim8 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  490.874297][T20381] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.896631][ T6233] usb 7-1: Using ep0 maxpacket: 8
[  490.900607][ T6233] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  490.903670][ T6233] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  490.906634][ T6233] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  490.910334][ T6233] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  490.914629][ T6233] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  490.918597][ T6233] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.003475][T20381] netdevsim netdevsim8 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  491.009479][T20381] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.126073][ T6233] usb 7-1: GET_CAPABILITIES returned 0
[  491.128375][ T6233] usbtmc 7-1:16.0: can't read capabilities
[  491.165755][T20381] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  491.178881][T20381] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  491.182958][T20381] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  491.187228][T20381] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  491.255819][T20381] 8021q: adding VLAN 0 to HW filter on device bond0
[  491.271819][T20381] 8021q: adding VLAN 0 to HW filter on device team0
[  491.280074][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.283145][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  491.293160][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.295412][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  491.332261][ T6033] usb 7-1: USB disconnect, device number 19
[  491.453388][T20381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  491.610500][T20381] veth0_vlan: entered promiscuous mode
[  491.617553][T20381] veth1_vlan: entered promiscuous mode
[  491.638483][T20381] veth0_macvtap: entered promiscuous mode
[  491.642395][T20381] veth1_macvtap: entered promiscuous mode
[  491.656154][T20381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  491.663854][T20381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  491.672476][  T219] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  491.676067][  T219] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  491.680744][  T219] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  491.684308][  T219] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  491.744416][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.747581][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.772063][ T1592] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.774546][ T1592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.796683][ T5971] Bluetooth: hci5: command tx timeout
[  491.811229][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  491.811244][   T40] audit: type=1800 audit(3515054326.541:1355): pid=21557 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.6906" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  491.824046][   T40] audit: type=1800 audit(3515054326.551:1356): pid=21557 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.6906" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  491.977819][T21601] FAULT_INJECTION: forcing a failure.
[  491.977819][T21601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.982561][T21601] CPU: 3 UID: 0 PID: 21601 Comm: syz.2.6911 Not tainted syzkaller #0 PREEMPT(full) 
[  491.982577][T21601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  491.982583][T21601] Call Trace:
[  491.982588][T21601]  <TASK>
[  491.982593][T21601]  dump_stack_lvl+0x16c/0x1f0
[  491.982614][T21601]  should_fail_ex+0x512/0x640
[  491.982634][T21601]  _copy_to_user+0x32/0xd0
[  491.982651][T21601]  msr_read+0x14e/0x250
[  491.982667][T21601]  ? __pfx_msr_read+0x10/0x10
[  491.982680][T21601]  ? bpf_lsm_file_permission+0x9/0x10
[  491.982695][T21601]  ? security_file_permission+0x71/0x210
[  491.982715][T21601]  ? rw_verify_area+0xcf/0x6c0
[  491.982731][T21601]  ? __pfx_msr_read+0x10/0x10
[  491.982745][T21601]  vfs_read+0x1e1/0xcf0
[  491.982759][T21601]  ? __pfx_vfs_read+0x10/0x10
[  491.982768][T21601]  ? find_held_lock+0x2b/0x80
[  491.982782][T21601]  ? __fget_files+0x204/0x3c0
[  491.982796][T21601]  ? __fget_files+0x20e/0x3c0
[  491.982811][T21601]  ksys_read+0x12a/0x250
[  491.982822][T21601]  ? __pfx_ksys_read+0x10/0x10
[  491.982836][T21601]  do_syscall_64+0xcd/0x4c0
[  491.982852][T21601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.982864][T21601] RIP: 0033:0x7f491118ebe9
[  491.982874][T21601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.982884][T21601] RSP: 002b:00007f4911f4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  491.982895][T21601] RAX: ffffffffffffffda RBX: 00007f49113c5fa0 RCX: 00007f491118ebe9
[  491.982902][T21601] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  491.982909][T21601] RBP: 00007f4911f4e090 R08: 0000000000000000 R09: 0000000000000000
[  491.982915][T21601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  491.982921][T21601] R13: 00007f49113c6038 R14: 00007f49113c5fa0 R15: 00007fffb3e9d338
[  491.982935][T21601]  </TASK>
[  492.129610][T21609] nlmon0: Master is either lo or non-ether device
[  492.133058][T21609] FAULT_INJECTION: forcing a failure.
[  492.133058][T21609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  492.139221][T21609] CPU: 0 UID: 0 PID: 21609 Comm: syz.2.6914 Not tainted syzkaller #0 PREEMPT(full) 
[  492.139245][T21609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  492.139256][T21609] Call Trace:
[  492.139262][T21609]  <TASK>
[  492.139270][T21609]  dump_stack_lvl+0x16c/0x1f0
[  492.139297][T21609]  should_fail_ex+0x512/0x640
[  492.139324][T21609]  _copy_from_user+0x2e/0xd0
[  492.139351][T21609]  kstrtouint_from_user+0xd6/0x1d0
[  492.139371][T21609]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  492.139389][T21609]  ? __lock_acquire+0xb97/0x1ce0
[  492.139429][T21609]  proc_fail_nth_write+0x83/0x220
[  492.139451][T21609]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  492.139477][T21609]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  492.139494][T21609]  vfs_write+0x29d/0x11d0
[  492.139513][T21609]  ? __pfx___mutex_lock+0x10/0x10
[  492.139535][T21609]  ? __pfx_vfs_write+0x10/0x10
[  492.139558][T21609]  ? __fget_files+0x20e/0x3c0
[  492.139584][T21609]  ksys_write+0x12a/0x250
[  492.139601][T21609]  ? __pfx_ksys_write+0x10/0x10
[  492.139625][T21609]  do_syscall_64+0xcd/0x4c0
[  492.139648][T21609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.139666][T21609] RIP: 0033:0x7f491118d69f
[  492.139681][T21609] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  492.139698][T21609] RSP: 002b:00007f4911f4e030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  492.139718][T21609] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f491118d69f
[  492.139729][T21609] RDX: 0000000000000001 RSI: 00007f4911f4e0a0 RDI: 0000000000000013
[  492.139739][T21609] RBP: 00007f4911f4e090 R08: 0000000000000000 R09: 0000000000000000
[  492.139749][T21609] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  492.139758][T21609] R13: 00007f49113c6038 R14: 00007f49113c5fa0 R15: 00007fffb3e9d338
[  492.139781][T21609]  </TASK>
[  492.139823][T21611] netlink: 276 bytes leftover after parsing attributes in process `syz.4.6915'.
[  492.299161][T21629] netlink: 120 bytes leftover after parsing attributes in process `syz.2.6921'.
[  492.326041][T21631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6922'.
[  492.330624][T21631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6922'.
[  492.527481][T12086] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  492.536619][T21642] support for cryptoloop has been removed.  Use dm-crypt instead.
[  492.666535][T12086] usb 9-1: device descriptor read/64, error -71
[  492.689350][   T40] audit: type=1800 audit(3515054327.421:1357): pid=21656 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.6928" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  492.689535][T21656] FAULT_INJECTION: forcing a failure.
[  492.689535][T21656] name failslab, interval 1, probability 0, space 0, times 0
[  492.701626][T21656] CPU: 3 UID: 0 PID: 21656 Comm: syz.8.6928 Not tainted syzkaller #0 PREEMPT(full) 
[  492.701642][T21656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  492.701649][T21656] Call Trace:
[  492.701653][T21656]  <TASK>
[  492.701658][T21656]  dump_stack_lvl+0x16c/0x1f0
[  492.701675][T21656]  should_fail_ex+0x512/0x640
[  492.701689][T21656]  ? fs_reclaim_acquire+0xae/0x150
[  492.701708][T21656]  should_failslab+0xc2/0x120
[  492.701720][T21656]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  492.701732][T21656]  ? p9_tag_alloc+0x9c/0x640
[  492.701748][T21656]  p9_tag_alloc+0x9c/0x640
[  492.701762][T21656]  ? __pfx_p9_tag_alloc+0x10/0x10
[  492.701774][T21656]  ? __pfx_stack_trace_save+0x10/0x10
[  492.701789][T21656]  ? arch_stack_walk+0xa6/0x100
[  492.701801][T21656]  ? stack_depot_save_flags+0x29/0x9c0
[  492.701819][T21656]  p9_client_prepare_req+0x19b/0x4d0
[  492.701833][T21656]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  492.701846][T21656]  ? ima_file_mmap+0x1a8/0x1d0
[  492.701861][T21656]  ? __x64_sys_mmap+0x125/0x190
[  492.701871][T21656]  ? do_syscall_64+0xcd/0x4c0
[  492.701884][T21656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.701898][T21656]  p9_client_rpc+0x1c4/0xc50
[  492.701913][T21656]  ? __pfx_p9_client_rpc+0x10/0x10
[  492.701937][T21656]  p9_client_getattr_dotl+0xba/0x1e0
[  492.701952][T21656]  v9fs_vfs_getattr_dotl+0x15f/0x430
[  492.701969][T21656]  vfs_getattr_nosec+0x2a9/0x430
[  492.701983][T21656]  ? __pfx_v9fs_vfs_getattr_dotl+0x10/0x10
[  492.701999][T21656]  ima_collect_measurement+0x2f3/0xa40
[  492.702008][T21656]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  492.702025][T21656]  ? __pfx_ima_collect_measurement+0x10/0x10
[  492.702043][T21656]  ? v9fs_fid_lookup+0xe9/0xeb0
[  492.702063][T21656]  ? vfs_getxattr_alloc+0xec/0x340
[  492.702078][T21656]  ? ima_get_hash_algo+0x27c/0x400
[  492.702092][T21656]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  492.702109][T21656]  ? process_measurement+0x11fa/0x23e0
[  492.702123][T21656]  process_measurement+0x11fa/0x23e0
[  492.702141][T21656]  ? avc_has_perm_noaudit+0x149/0x3b0
[  492.702153][T21656]  ? __pfx_process_measurement+0x10/0x10
[  492.702169][T21656]  ? avc_has_perm+0x144/0x1f0
[  492.702180][T21656]  ? __pfx_avc_has_perm+0x10/0x10
[  492.702191][T21656]  ? find_held_lock+0x2b/0x80
[  492.702205][T21656]  ? avc_has_perm_noaudit+0x117/0x3b0
[  492.702229][T21656]  ? file_map_prot_check+0x1eb/0x360
[  492.702244][T21656]  ima_file_mmap+0x1a8/0x1d0
[  492.702259][T21656]  ? __pfx_ima_file_mmap+0x10/0x10
[  492.702278][T21656]  security_mmap_file+0x88c/0x990
[  492.702294][T21656]  vm_mmap_pgoff+0xec/0x470
[  492.702309][T21656]  ? find_held_lock+0x2b/0x80
[  492.702322][T21656]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  492.702337][T21656]  ? __fget_files+0x20e/0x3c0
[  492.702352][T21656]  ksys_mmap_pgoff+0x32c/0x5c0
[  492.702365][T21656]  ? __pfx_ksys_write+0x10/0x10
[  492.702378][T21656]  __x64_sys_mmap+0x125/0x190
[  492.702389][T21656]  do_syscall_64+0xcd/0x4c0
[  492.702404][T21656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.702414][T21656] RIP: 0033:0x7feea518ebe9
[  492.702423][T21656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.702433][T21656] RSP: 002b:00007feea5f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  492.702444][T21656] RAX: ffffffffffffffda RBX: 00007feea53c5fa0 RCX: 00007feea518ebe9
[  492.702451][T21656] RDX: 00000000007ffffe RSI: 0000000000600402 RDI: 0000200000000000
[  492.702457][T21656] RBP: 00007feea5f26090 R08: 0000000000000003 R09: 0000000000800000
[  492.702463][T21656] R10: 0000000004002011 R11: 0000000000000246 R12: 0000000000000001
[  492.702470][T21656] R13: 00007feea53c6038 R14: 00007feea53c5fa0 R15: 00007fff435a4f58
[  492.702483][T21656]  </TASK>
[  492.702615][   T40] audit: type=1800 audit(3515054327.431:1358): pid=21656 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.6928" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  492.891726][T21662] netlink: 276 bytes leftover after parsing attributes in process `syz.2.6930'.
[  492.928771][   T40] audit: type=1800 audit(3515054327.661:1359): pid=21664 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.8.6929" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  492.976413][T12086] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  493.070058][T21698] FAULT_INJECTION: forcing a failure.
[  493.070058][T21698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.075689][T21698] CPU: 0 UID: 0 PID: 21698 Comm: syz.8.6934 Not tainted syzkaller #0 PREEMPT(full) 
[  493.075710][T21698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  493.075722][T21698] Call Trace:
[  493.075729][T21698]  <TASK>
[  493.075737][T21698]  dump_stack_lvl+0x16c/0x1f0
[  493.075765][T21698]  should_fail_ex+0x512/0x640
[  493.075791][T21698]  _copy_to_user+0x32/0xd0
[  493.075818][T21698]  msr_read+0x14e/0x250
[  493.075843][T21698]  ? __pfx_msr_read+0x10/0x10
[  493.075864][T21698]  ? bpf_lsm_file_permission+0x9/0x10
[  493.075886][T21698]  ? security_file_permission+0x71/0x210
[  493.075914][T21698]  ? rw_verify_area+0xcf/0x6c0
[  493.075942][T21698]  ? __pfx_msr_read+0x10/0x10
[  493.075965][T21698]  vfs_read+0x1e1/0xcf0
[  493.075989][T21698]  ? __pfx_vfs_read+0x10/0x10
[  493.076005][T21698]  ? find_held_lock+0x2b/0x80
[  493.076028][T21698]  ? __fget_files+0x204/0x3c0
[  493.076046][T21698]  ? __fget_files+0x20e/0x3c0
[  493.076072][T21698]  ksys_read+0x12a/0x250
[  493.076090][T21698]  ? __pfx_ksys_read+0x10/0x10
[  493.076116][T21698]  do_syscall_64+0xcd/0x4c0
[  493.076140][T21698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.076159][T21698] RIP: 0033:0x7feea518ebe9
[  493.076174][T21698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.076190][T21698] RSP: 002b:00007feea5f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  493.076206][T21698] RAX: ffffffffffffffda RBX: 00007feea53c5fa0 RCX: 00007feea518ebe9
[  493.076240][T21698] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  493.076251][T21698] RBP: 00007feea5f26090 R08: 0000000000000000 R09: 0000000000000000
[  493.076264][T21698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  493.076273][T21698] R13: 00007feea53c6038 R14: 00007feea53c5fa0 R15: 00007fff435a4f58
[  493.076309][T21698]  </TASK>
[  493.106589][T12086] usb 9-1: device descriptor read/64, error -71
[  493.232078][T21703] nlmon0: Master is either lo or non-ether device
[  493.256649][T12086] usb usb9-port1: attempt power cycle
[  493.308874][T21714] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6938'.
[  493.344052][T21717] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6939'.
[  493.379761][T21719] netlink: 276 bytes leftover after parsing attributes in process `syz.2.6940'.
[  493.417467][   T40] audit: type=1800 audit(3515054328.151:1360): pid=21723 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.6942" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  493.636415][T12086] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  493.666906][T12086] usb 9-1: device descriptor read/8, error -71
[  493.886503][ T5971] Bluetooth: hci5: command tx timeout
[  493.928100][T12086] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  493.947191][T12086] usb 9-1: device descriptor read/8, error -71
[  494.071748][T12086] usb usb9-port1: unable to enumerate USB device
[  494.847799][T12086] usb 13-1: new high-speed USB device number 39 using dummy_hcd
[  495.006451][T12086] usb 13-1: Using ep0 maxpacket: 8
[  495.013371][T12086] usb 13-1: config 179 has an invalid interface number: 65 but max is 0
[  495.022323][T12086] usb 13-1: config 179 has no interface number 0
[  495.025259][T12086] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  495.030085][T12086] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  495.034925][T12086] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  495.039812][T12086] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  495.044077][T12086] usb 13-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  495.049684][T12086] usb 13-1: config 179 interface 65 has no altsetting 0
[  495.052682][T12086] usb 13-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  495.059700][T12086] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.071588][T12086] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:179.65/input/input82
[  495.088750][   T40] audit: type=1800 audit(3515054329.821:1361): pid=21793 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.6956" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  495.095645][   T40] audit: type=1800 audit(3515054329.821:1362): pid=21793 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.6956" name="bus" dev="9p" ino=35913984 res=0 errno=0
[  495.276748][  T840] usb 13-1: USB disconnect, device number 39
[  495.276874][    C2] xpad 13-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  495.820853][T21865] support for cryptoloop has been removed.  Use dm-crypt instead.
[  495.963268][ T5971] Bluetooth: hci5: command tx timeout
[  497.089694][T21859] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  497.108966][T21879] bridge_slave_0: left allmulticast mode
[  497.114113][T21879] bridge_slave_0: left promiscuous mode
[  497.116382][T21879] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.123171][T21879] bridge_slave_1: left allmulticast mode
[  497.125626][T21879] bridge_slave_1: left promiscuous mode
[  497.128099][T21879] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.131958][T21900] FAULT_INJECTION: forcing a failure.
[  497.131958][T21900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  497.136452][T21900] CPU: 0 UID: 0 PID: 21900 Comm: syz.8.6978 Not tainted syzkaller #0 PREEMPT(full) 
[  497.136475][T21900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  497.136485][T21900] Call Trace:
[  497.136491][T21900]  <TASK>
[  497.136498][T21900]  dump_stack_lvl+0x16c/0x1f0
[  497.136524][T21900]  should_fail_ex+0x512/0x640
[  497.136550][T21900]  _copy_to_user+0x32/0xd0
[  497.136575][T21900]  msr_read+0x14e/0x250
[  497.136598][T21900]  ? __pfx_msr_read+0x10/0x10
[  497.136620][T21900]  ? bpf_lsm_file_permission+0x9/0x10
[  497.136642][T21900]  ? security_file_permission+0x71/0x210
[  497.136667][T21900]  ? rw_verify_area+0xcf/0x6c0
[  497.136691][T21900]  ? __pfx_msr_read+0x10/0x10
[  497.136712][T21900]  vfs_read+0x1e1/0xcf0
[  497.136734][T21900]  ? __pfx_vfs_read+0x10/0x10
[  497.136749][T21900]  ? find_held_lock+0x2b/0x80
[  497.136771][T21900]  ? __fget_files+0x204/0x3c0
[  497.136791][T21900]  ? __fget_files+0x20e/0x3c0
[  497.136815][T21900]  ksys_read+0x12a/0x250
[  497.136832][T21900]  ? __pfx_ksys_read+0x10/0x10
[  497.136856][T21900]  do_syscall_64+0xcd/0x4c0
[  497.136881][T21900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.136897][T21900] RIP: 0033:0x7feea518ebe9
[  497.136917][T21900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.136932][T21900] RSP: 002b:00007feea5f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  497.136947][T21900] RAX: ffffffffffffffda RBX: 00007feea53c5fa0 RCX: 00007feea518ebe9
[  497.136957][T21900] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  497.136966][T21900] RBP: 00007feea5f26090 R08: 0000000000000000 R09: 0000000000000000
[  497.136976][T21900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  497.136985][T21900] R13: 00007feea53c6038 R14: 00007feea53c5fa0 R15: 00007fff435a4f58
[  497.137007][T21900]  </TASK>
[  497.219630][T21879] bond0: (slave bond_slave_0): Releasing backup interface
[  497.224853][T21879] bond0: (slave bond_slave_1): Releasing backup interface
[  497.239189][T21879] team0: Port device team_slave_0 removed
[  497.259065][T21879] team0: Port device team_slave_1 removed
[  497.262174][T21879] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  497.266044][T21879] batman_adv: batadv0: Removing interface: batadv_slave_0
[  497.273147][T21879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.276111][T21879] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.308945][T21906] netlink: 'syz.8.6980': attribute type 12 has an invalid length.
[  497.320135][T21911] __nla_validate_parse: 5 callbacks suppressed
[  497.320147][T21911] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.6981'.
[  497.354234][   T40] audit: type=1400 audit(3515054332.081:1363): avc:  denied  { setattr } for  pid=21913 comm="syz.8.6982" name="KEY" dev="sockfs" ino=157503 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  497.355726][T21904] netlink: 152 bytes leftover after parsing attributes in process `syz.2.6979'.
[  497.380360][T21904] netlink: 'syz.2.6979': attribute type 4 has an invalid length.
[  497.416156][T21904] netlink: 'syz.2.6979': attribute type 4 has an invalid length.
[  497.491104][T21936] Invalid ELF header type: 0 != 1
[  497.540266][T21943] netlink: 'syz.8.6990': attribute type 1 has an invalid length.
[  497.542532][T21944] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6989'.
[  497.547675][T21944] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6989'.
[  497.657088][T21963] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6994'.
[  497.684693][T21966] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21966 comm=syz.8.6995
[  497.689781][T21966] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=21966 comm=syz.8.6995
[  497.732500][T21970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6996'.
[  497.737514][T21970] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6996'.
[  497.774374][T21974] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6998'.
[  498.037874][ T5971] Bluetooth: hci5: command tx timeout
[  498.041145][T21996] 9pnet_fd: Insufficient options for proto=fd
[  498.153095][T22003] netlink: 276 bytes leftover after parsing attributes in process `syz.4.7003'.
[  498.195349][   T40] audit: type=1400 audit(3515054332.921:1364): avc:  denied  { shutdown } for  pid=22005 comm="syz.4.7004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  498.308445][T22015] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7007'.
[  498.312116][T22015] netlink: 'syz.4.7007': attribute type 11 has an invalid length.
[  498.530639][T22039] FAULT_INJECTION: forcing a failure.
[  498.530639][T22039] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  498.534807][T22039] CPU: 0 UID: 0 PID: 22039 Comm: syz.4.7013 Not tainted syzkaller #0 PREEMPT(full) 
[  498.534822][T22039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  498.534829][T22039] Call Trace:
[  498.534833][T22039]  <TASK>
[  498.534838][T22039]  dump_stack_lvl+0x16c/0x1f0
[  498.534855][T22039]  should_fail_ex+0x512/0x640
[  498.534872][T22039]  _copy_from_user+0x2e/0xd0
[  498.534888][T22039]  input_event_from_user+0x133/0x3b0
[  498.534899][T22039]  ? __pfx_input_event_from_user+0x10/0x10
[  498.534910][T22039]  ? __pfx___might_resched+0x10/0x10
[  498.534924][T22039]  ? input_inject_event+0x1c0/0x3b0
[  498.534943][T22039]  evdev_write+0x37b/0x750
[  498.534956][T22039]  ? __pfx_evdev_write+0x10/0x10
[  498.534967][T22039]  ? bpf_lsm_file_permission+0x9/0x10
[  498.534981][T22039]  ? security_file_permission+0x71/0x210
[  498.534998][T22039]  ? rw_verify_area+0xcf/0x6c0
[  498.535015][T22039]  ? __pfx_evdev_write+0x10/0x10
[  498.535023][T22039]  vfs_write+0x29d/0x11d0
[  498.535037][T22039]  ? __pfx_vfs_write+0x10/0x10
[  498.535047][T22039]  ? find_held_lock+0x2b/0x80
[  498.535060][T22039]  ? __fget_files+0x204/0x3c0
[  498.535074][T22039]  ? __fget_files+0x20e/0x3c0
[  498.535090][T22039]  ksys_write+0x1f8/0x250
[  498.535101][T22039]  ? __pfx_ksys_write+0x10/0x10
[  498.535112][T22039]  ? fdget+0x187/0x210
[  498.535125][T22039]  do_syscall_64+0xcd/0x4c0
[  498.535140][T22039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.535151][T22039] RIP: 0033:0x7f104758ebe9
[  498.535160][T22039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.535171][T22039] RSP: 002b:00007f104839b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  498.535181][T22039] RAX: ffffffffffffffda RBX: 00007f10477c5fa0 RCX: 00007f104758ebe9
[  498.535187][T22039] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000004
[  498.535193][T22039] RBP: 00007f104839b090 R08: 0000000000000000 R09: 0000000000000000
[  498.535200][T22039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  498.535206][T22039] R13: 00007f10477c6038 R14: 00007f10477c5fa0 R15: 00007ffe95801c28
[  498.535220][T22039]  </TASK>
[  498.670095][T22048] netlink: 'syz.2.7016': attribute type 12 has an invalid length.
[  498.818680][T22061] bridge_slave_0: left allmulticast mode
[  498.821085][T22061] bridge_slave_0: left promiscuous mode
[  498.823158][T22061] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.830837][T22061] bridge_slave_1: left allmulticast mode
[  498.833186][T22061] bridge_slave_1: left promiscuous mode
[  498.835047][T22061] bridge0: port 2(bridge_slave_1) entered disabled state
[  498.846135][T22061] bond0: (slave bond_slave_0): Releasing backup interface
[  498.855711][T22061] bond0: (slave bond_slave_1): Releasing backup interface
[  498.869723][T22061] team0: Port device team_slave_0 removed
[  498.870862][T22064] netlink: 'syz.4.7021': attribute type 10 has an invalid length.
[  498.881173][T22061] team0: Port device team_slave_1 removed
[  498.884495][T22061] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  498.888697][T22061] batman_adv: batadv0: Removing interface: batadv_slave_0
[  498.893244][T22061] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  498.896245][T22061] batman_adv: batadv0: Removing interface: batadv_slave_1
[  498.953584][T22064] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.959749][T22064] team0: Port device bond0 added
[  499.087629][T22061] team0 (unregistering): Port device bond0 removed
[  499.234669][T22143] gretap0: entered promiscuous mode
[  499.238316][T22143] batadv_slave_1: entered promiscuous mode
[  499.241645][T22143] debugfs: 'hsr1' already exists in 'hsr'
[  499.244199][T22143] Cannot create hsr debugfs directory
[  499.314714][T22154] FAULT_INJECTION: forcing a failure.
[  499.314714][T22154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.320789][T22154] CPU: 3 UID: 0 PID: 22154 Comm: syz.4.7036 Not tainted syzkaller #0 PREEMPT(full) 
[  499.320818][T22154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.320830][T22154] Call Trace:
[  499.320836][T22154]  <TASK>
[  499.320843][T22154]  dump_stack_lvl+0x16c/0x1f0
[  499.320870][T22154]  should_fail_ex+0x512/0x640
[  499.320897][T22154]  _copy_from_iter+0x463/0x1720
[  499.320928][T22154]  ? __pfx__copy_from_iter+0x10/0x10
[  499.320953][T22154]  ? _copy_from_iter+0x15d/0x1720
[  499.320987][T22154]  skb_copy_datagram_from_iter+0x124/0x740
[  499.321007][T22154]  ? dev_get_by_index+0x17c/0x380
[  499.321035][T22154]  packet_sendmsg+0x2294/0x5850
[  499.321073][T22154]  ? sock_has_perm+0x259/0x2f0
[  499.321095][T22154]  ? __pfx_sock_has_perm+0x10/0x10
[  499.321120][T22154]  ? __pfx_packet_sendmsg+0x10/0x10
[  499.321153][T22154]  ____sys_sendmsg+0xa98/0xc70
[  499.321181][T22154]  ? copy_msghdr_from_user+0x10a/0x160
[  499.321202][T22154]  ? __pfx_____sys_sendmsg+0x10/0x10
[  499.321239][T22154]  ___sys_sendmsg+0x134/0x1d0
[  499.321263][T22154]  ? __pfx____sys_sendmsg+0x10/0x10
[  499.321316][T22154]  __sys_sendmsg+0x16d/0x220
[  499.321339][T22154]  ? __pfx___sys_sendmsg+0x10/0x10
[  499.321376][T22154]  do_syscall_64+0xcd/0x4c0
[  499.321402][T22154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.321421][T22154] RIP: 0033:0x7f104758ebe9
[  499.321435][T22154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.321451][T22154] RSP: 002b:00007f104839b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.321468][T22154] RAX: ffffffffffffffda RBX: 00007f10477c5fa0 RCX: 00007f104758ebe9
[  499.321478][T22154] RDX: 0000000000008001 RSI: 0000200000000040 RDI: 0000000000000004
[  499.321488][T22154] RBP: 00007f104839b090 R08: 0000000000000000 R09: 0000000000000000
[  499.321498][T22154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.321508][T22154] R13: 00007f10477c6038 R14: 00007f10477c5fa0 R15: 00007ffe95801c28
[  499.321532][T22154]  </TASK>
[  499.355993][T22158] support for cryptoloop has been removed.  Use dm-crypt instead.
[  499.458857][T22170] nlmon0: Master is either lo or non-ether device
[  499.557546][T22181] 9pnet: Unknown protocol version 9p2000ūs
[  499.765620][T22200] netlink: 'syz.4.7049': attribute type 12 has an invalid length.
[  499.793327][T22202] support for cryptoloop has been removed.  Use dm-crypt instead.
[  499.823510][T22207] FAULT_INJECTION: forcing a failure.
[  499.823510][T22207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.828098][T22207] CPU: 3 UID: 0 PID: 22207 Comm: syz.4.7051 Not tainted syzkaller #0 PREEMPT(full) 
[  499.828114][T22207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  499.828120][T22207] Call Trace:
[  499.828125][T22207]  <TASK>
[  499.828129][T22207]  dump_stack_lvl+0x16c/0x1f0
[  499.828147][T22207]  should_fail_ex+0x512/0x640
[  499.828189][T22207]  _copy_from_user+0x2e/0xd0
[  499.828206][T22207]  input_event_from_user+0x133/0x3b0
[  499.828218][T22207]  ? __pfx_input_event_from_user+0x10/0x10
[  499.828228][T22207]  ? __pfx___might_resched+0x10/0x10
[  499.828242][T22207]  ? input_inject_event+0x1c0/0x3b0
[  499.828260][T22207]  evdev_write+0x37b/0x750
[  499.828272][T22207]  ? __pfx_evdev_write+0x10/0x10
[  499.828283][T22207]  ? bpf_lsm_file_permission+0x9/0x10
[  499.828297][T22207]  ? security_file_permission+0x71/0x210
[  499.828314][T22207]  ? rw_verify_area+0xcf/0x6c0
[  499.828331][T22207]  ? __pfx_evdev_write+0x10/0x10
[  499.828340][T22207]  vfs_write+0x29d/0x11d0
[  499.828353][T22207]  ? __pfx_vfs_write+0x10/0x10
[  499.828363][T22207]  ? find_held_lock+0x2b/0x80
[  499.828376][T22207]  ? __fget_files+0x204/0x3c0
[  499.828390][T22207]  ? __fget_files+0x20e/0x3c0
[  499.828405][T22207]  ksys_write+0x1f8/0x250
[  499.828415][T22207]  ? __pfx_ksys_write+0x10/0x10
[  499.828427][T22207]  ? fdget+0x187/0x210
[  499.828440][T22207]  do_syscall_64+0xcd/0x4c0
[  499.828455][T22207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.828466][T22207] RIP: 0033:0x7f104758ebe9
[  499.828476][T22207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.828486][T22207] RSP: 002b:00007f104839b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  499.828497][T22207] RAX: ffffffffffffffda RBX: 00007f10477c5fa0 RCX: 00007f104758ebe9
[  499.828504][T22207] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000004
[  499.828510][T22207] RBP: 00007f104839b090 R08: 0000000000000000 R09: 0000000000000000
[  499.828516][T22207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.828522][T22207] R13: 00007f10477c6038 R14: 00007f10477c5fa0 R15: 00007ffe95801c28
[  499.828538][T22207]  </TASK>
[  500.011779][T22218] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  500.013878][T22218] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  500.017178][T22218] vhci_hcd vhci_hcd.0: Device attached
[  500.057020][  T840] usb 13-1: new high-speed USB device number 40 using dummy_hcd
[  500.067503][T22225] loop4: detected capacity change from 0 to 524255232
[  500.107504][T22226] loop4: detected capacity change from 524255232 to 524287956
[  500.196518][ T6233] vhci_hcd: vhci_device speed not set
[  500.217066][  T840] usb 13-1: Using ep0 maxpacket: 8
[  500.220893][  T840] usb 13-1: config 179 has an invalid interface number: 65 but max is 0
[  500.224003][  T840] usb 13-1: config 179 has no interface number 0
[  500.226508][  T840] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  500.230984][  T840] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  500.235959][  T840] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  500.240797][  T840] usb 13-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  500.244998][  T840] usb 13-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  500.250515][  T840] usb 13-1: config 179 interface 65 has no altsetting 0
[  500.253235][  T840] usb 13-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  500.257221][  T840] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.259099][ T6233] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  500.267371][  T840] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:179.65/input/input83
[  500.276612][ T6050] usb 7-1: new low-speed USB device number 20 using dummy_hcd
[  500.438474][ T6050] usb 7-1: Invalid ep0 maxpacket: 16
[  500.467115][  T840] usb 13-1: USB disconnect, device number 40
[  500.469668][    C1] xpad 13-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  500.566514][ T6050] usb 7-1: new low-speed USB device number 21 using dummy_hcd
[  500.736542][ T6050] usb 7-1: Invalid ep0 maxpacket: 16
[  500.739168][ T6050] usb usb7-port1: attempt power cycle
[  501.002237][T22267] syzkaller1: entered allmulticast mode
[  501.087076][ T6050] usb 7-1: new low-speed USB device number 22 using dummy_hcd
[  501.117175][ T6050] usb 7-1: Invalid ep0 maxpacket: 16
[  501.246908][ T6050] usb 7-1: new low-speed USB device number 23 using dummy_hcd
[  501.265059][T22280] FAULT_INJECTION: forcing a failure.
[  501.265059][T22280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.267367][ T6050] usb 7-1: Invalid ep0 maxpacket: 16
[  501.270550][T22280] CPU: 1 UID: 0 PID: 22280 Comm: syz.8.7061 Not tainted syzkaller #0 PREEMPT(full) 
[  501.270573][T22280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  501.270586][T22280] Call Trace:
[  501.270591][T22280]  <TASK>
[  501.270598][T22280]  dump_stack_lvl+0x16c/0x1f0
[  501.270627][T22280]  should_fail_ex+0x512/0x640
[  501.270654][T22280]  _copy_from_user+0x2e/0xd0
[  501.270678][T22280]  input_event_from_user+0x133/0x3b0
[  501.270697][T22280]  ? __pfx_input_event_from_user+0x10/0x10
[  501.270716][T22280]  ? __pfx___might_resched+0x10/0x10
[  501.270734][T22280]  ? input_inject_event+0x1c0/0x3b0
[  501.270761][T22280]  evdev_write+0x37b/0x750
[  501.270780][T22280]  ? __pfx_evdev_write+0x10/0x10
[  501.270799][T22280]  ? bpf_lsm_file_permission+0x9/0x10
[  501.270822][T22280]  ? security_file_permission+0x71/0x210
[  501.270849][T22280]  ? rw_verify_area+0xcf/0x6c0
[  501.270876][T22280]  ? __pfx_evdev_write+0x10/0x10
[  501.270893][T22280]  vfs_write+0x29d/0x11d0
[  501.270917][T22280]  ? __pfx_vfs_write+0x10/0x10
[  501.270932][T22280]  ? find_held_lock+0x2b/0x80
[  501.270953][T22280]  ? __fget_files+0x204/0x3c0
[  501.270977][T22280]  ? __fget_files+0x20e/0x3c0
[  501.271004][T22280]  ksys_write+0x1f8/0x250
[  501.271021][T22280]  ? __pfx_ksys_write+0x10/0x10
[  501.271039][T22280]  ? fdget+0x187/0x210
[  501.271062][T22280]  do_syscall_64+0xcd/0x4c0
[  501.271084][T22280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.271100][T22280] RIP: 0033:0x7feea518ebe9
[  501.271111][T22280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.271123][T22280] RSP: 002b:00007feea5f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  501.271141][T22280] RAX: ffffffffffffffda RBX: 00007feea53c5fa0 RCX: 00007feea518ebe9
[  501.271154][T22280] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000004
[  501.271164][T22280] RBP: 00007feea5f26090 R08: 0000000000000000 R09: 0000000000000000
[  501.271175][T22280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.271185][T22280] R13: 00007feea53c6038 R14: 00007feea53c5fa0 R15: 00007fff435a4f58
[  501.271205][T22280]  </TASK>
[  501.283725][   T40] audit: type=1400 audit(3515054336.011:1365): avc:  denied  { shutdown } for  pid=22281 comm="syz.3.7062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  501.284730][ T6050] usb usb7-port1: unable to enumerate USB device
[  501.319443][   T40] audit: type=1400 audit(3515054336.051:1366): avc:  denied  { remount } for  pid=22281 comm="syz.3.7062" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=filesystem permissive=1
[  501.420709][ T1187] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  501.424045][ T1187] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  501.427191][ T1187] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  501.430315][ T1187] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  501.440912][T22289] pimreg: entered allmulticast mode
[  501.443809][T22289] pimreg: left allmulticast mode
[  501.674233][T22313] 9p filesystem being mounted at /164/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  501.683503][T22315] 9pnet_virtio: no channels available for device syz
[  501.730411][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  501.733126][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  501.812969][T22334] fuse: Bad value for 'user_id'
[  501.814981][T22334] fuse: Bad value for 'user_id'
[  501.837007][T22336] netlink: 'syz.4.7075': attribute type 12 has an invalid length.
[  501.884974][T22350] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  502.038205][T22367] loop8: detected capacity change from 0 to 8
[  502.043354][T22367]  loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11 p12
[  502.045871][T22367] loop8: p1 start 1094235288 is beyond EOD, truncated
[  502.048519][T22367] loop8: p2 start 2001190138 is beyond EOD, truncated
[  502.050663][T22367] loop8: p3 start 1052393021 is beyond EOD, truncated
[  502.052839][T22367] loop8: p4 start 2771965051 is beyond EOD, truncated
[  502.054957][T22367] loop8: p5 start 2058321373 is beyond EOD, truncated
[  502.057292][T22367] loop8: p6 start 354067484 is beyond EOD, truncated
[  502.059682][T22367] loop8: p7 start 721891510 is beyond EOD, truncated
[  502.062461][T22367] loop8: p8 start 250104858 is beyond EOD, truncated
[  502.065178][T22367] loop8: p9 start 2537791866 is beyond EOD, truncated
[  502.068002][T22367] loop8: p10 start 2188771813 is beyond EOD, truncated
[  502.070788][T22367] loop8: p11 start 2029179045 is beyond EOD, truncated
[  502.073578][T22367] loop8: p12 start 3811662475 is beyond EOD, truncated
[  502.166995][T22374] Bluetooth: MGMT ver 1.23
[  502.394628][T22380] netlink: 'syz.3.7087': attribute type 12 has an invalid length.
[  502.609215][T22393] __nla_validate_parse: 22 callbacks suppressed
[  502.609227][T22393] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7091'.
[  502.642829][T22395] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7092'.
[  502.655289][T22395] 8021q: adding VLAN 0 to HW filter on device bond1
[  502.665184][T22395] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  502.670112][T22395] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7092'.
[  502.770889][T22395] bond1 (unregistering): (slave dummy0): Releasing backup interface
[  502.776876][T22395] bond1 (unregistering): Released all slaves
[  502.855298][T22465] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7094'.
[  502.858226][T22465] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7094'.
[  502.873399][T22467] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7095'.
[  502.877013][T22467] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7095'.
[  502.884247][T22467] gretap0: entered promiscuous mode
[  502.887099][T22467] batadv_slave_1: entered promiscuous mode
[  502.890103][T22467] debugfs: 'hsr1' already exists in 'hsr'
[  502.892599][T22467] Cannot create hsr debugfs directory
[  502.898565][T22469] netlink: 'syz.4.7096': attribute type 12 has an invalid length.
[  502.970326][T22474] netlink: 120 bytes leftover after parsing attributes in process `syz.4.7097'.
[  503.032993][T22219] vhci_hcd: connection reset by peer
[  503.038043][ T1153] vhci_hcd: stop threads
[  503.039356][ T1153] vhci_hcd: release socket
[  503.040679][ T1153] vhci_hcd: disconnect device
[  503.065165][T22492] netlink: 'syz.4.7102': attribute type 2 has an invalid length.
[  503.068717][T22492] netlink: 'syz.4.7102': attribute type 1 has an invalid length.
[  503.160426][T22506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7106'.
[  503.164049][T22506] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7106'.
[  503.251064][T22516] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.322752][T22516] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.383195][T22516] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.490025][T22516] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  503.567532][ T1153] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  503.576927][  T219] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  503.584089][  T219] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  503.593903][ T1146] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  503.874749][T22556] FAULT_INJECTION: forcing a failure.
[  503.874749][T22556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  503.880210][T22556] CPU: 0 UID: 0 PID: 22556 Comm: syz.8.7115 Not tainted syzkaller #0 PREEMPT(full) 
[  503.880235][T22556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  503.880247][T22556] Call Trace:
[  503.880253][T22556]  <TASK>
[  503.880261][T22556]  dump_stack_lvl+0x16c/0x1f0
[  503.880288][T22556]  should_fail_ex+0x512/0x640
[  503.880314][T22556]  _copy_from_user+0x2e/0xd0
[  503.880341][T22556]  input_event_from_user+0x133/0x3b0
[  503.880361][T22556]  ? __pfx_input_event_from_user+0x10/0x10
[  503.880379][T22556]  ? __pfx___might_resched+0x10/0x10
[  503.880402][T22556]  ? input_inject_event+0x1c0/0x3b0
[  503.880434][T22556]  evdev_write+0x37b/0x750
[  503.880456][T22556]  ? __pfx_evdev_write+0x10/0x10
[  503.880474][T22556]  ? bpf_lsm_file_permission+0x9/0x10
[  503.880496][T22556]  ? security_file_permission+0x71/0x210
[  503.880530][T22556]  ? rw_verify_area+0xcf/0x6c0
[  503.880558][T22556]  ? __pfx_evdev_write+0x10/0x10
[  503.880574][T22556]  vfs_write+0x29d/0x11d0
[  503.880597][T22556]  ? __pfx_vfs_write+0x10/0x10
[  503.880613][T22556]  ? find_held_lock+0x2b/0x80
[  503.880635][T22556]  ? __fget_files+0x204/0x3c0
[  503.880659][T22556]  ? __fget_files+0x20e/0x3c0
[  503.880686][T22556]  ksys_write+0x1f8/0x250
[  503.880703][T22556]  ? __pfx_ksys_write+0x10/0x10
[  503.880722][T22556]  ? fdget+0x187/0x210
[  503.880745][T22556]  do_syscall_64+0xcd/0x4c0
[  503.880770][T22556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.880788][T22556] RIP: 0033:0x7feea518ebe9
[  503.880803][T22556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  503.880820][T22556] RSP: 002b:00007feea5f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  503.880837][T22556] RAX: ffffffffffffffda RBX: 00007feea53c5fa0 RCX: 00007feea518ebe9
[  503.880848][T22556] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000004
[  503.880859][T22556] RBP: 00007feea5f26090 R08: 0000000000000000 R09: 0000000000000000
[  503.880870][T22556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  503.880880][T22556] R13: 00007feea53c6038 R14: 00007feea53c5fa0 R15: 00007fff435a4f58
[  503.880905][T22556]  </TASK>
[  503.984253][T22560] loop5: detected capacity change from 0 to 128
[  504.038503][T22579] netlink: 'syz.4.7120': attribute type 12 has an invalid length.
[  504.054145][T22581] geneve2: entered promiscuous mode
[  504.060100][T22581] geneve2: entered allmulticast mode
[  504.110043][T22595] netlink: 'syz.8.7123': attribute type 3 has an invalid length.
[  504.114364][T22597] netlink: 'syz.8.7123': attribute type 3 has an invalid length.
[  504.513931][T22659] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22659 comm=syz.8.7134
[  504.574528][T22659] tmpfs: Unknown parameter 'mpo
'
[  505.205314][T22753] nlmon0: Master is either lo or non-ether device
[  505.232540][T22755] FAULT_INJECTION: forcing a failure.
[  505.232540][T22755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.237422][T22755] CPU: 0 UID: 0 PID: 22755 Comm: syz.2.7142 Not tainted syzkaller #0 PREEMPT(full) 
[  505.237437][T22755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  505.237444][T22755] Call Trace:
[  505.237448][T22755]  <TASK>
[  505.237452][T22755]  dump_stack_lvl+0x16c/0x1f0
[  505.237470][T22755]  should_fail_ex+0x512/0x640
[  505.237524][T22755]  _copy_from_user+0x2e/0xd0
[  505.237546][T22755]  input_event_from_user+0x133/0x3b0
[  505.237562][T22755]  ? __pfx_input_event_from_user+0x10/0x10
[  505.237577][T22755]  ? __pfx___might_resched+0x10/0x10
[  505.237596][T22755]  ? input_inject_event+0x1c0/0x3b0
[  505.237624][T22755]  evdev_write+0x37b/0x750
[  505.237641][T22755]  ? __pfx_evdev_write+0x10/0x10
[  505.237652][T22755]  ? bpf_lsm_file_permission+0x9/0x10
[  505.237666][T22755]  ? security_file_permission+0x71/0x210
[  505.237683][T22755]  ? rw_verify_area+0xcf/0x6c0
[  505.237701][T22755]  ? __pfx_evdev_write+0x10/0x10
[  505.237710][T22755]  vfs_write+0x29d/0x11d0
[  505.237723][T22755]  ? __pfx_vfs_write+0x10/0x10
[  505.237736][T22755]  ? find_held_lock+0x2b/0x80
[  505.237756][T22755]  ? __fget_files+0x204/0x3c0
[  505.237777][T22755]  ? __fget_files+0x20e/0x3c0
[  505.237793][T22755]  ksys_write+0x1f8/0x250
[  505.237803][T22755]  ? __pfx_ksys_write+0x10/0x10
[  505.237823][T22755]  do_syscall_64+0xcd/0x4c0
[  505.237838][T22755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.237849][T22755] RIP: 0033:0x7f491118ebe9
[  505.237859][T22755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.237868][T22755] RSP: 002b:00007f4911f4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  505.237883][T22755] RAX: ffffffffffffffda RBX: 00007f49113c5fa0 RCX: 00007f491118ebe9
[  505.237892][T22755] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000004
[  505.237902][T22755] RBP: 00007f4911f4e090 R08: 0000000000000000 R09: 0000000000000000
[  505.237912][T22755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  505.237921][T22755] R13: 00007f49113c6038 R14: 00007f49113c5fa0 R15: 00007fffb3e9d338
[  505.237944][T22755]  </TASK>
[  505.331719][T22757] netlink: 'syz.2.7143': attribute type 12 has an invalid length.
[  505.396554][ T6233] vhci_hcd: vhci_device speed not set
[  505.401516][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.404503][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.407186][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.410886][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.413277][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.415545][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.418234][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.421372][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.423707][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.426155][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.429986][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.432284][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.435063][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.438975][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.442177][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.445485][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.448562][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.451305][T22761] Can't find a SQUASHFS superblock on nullb0
[  505.452121][T22760] (syz.2.7144,22760,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.456702][T22760] (syz.2.7144,22760,3):ocfs2_sb_probe:753 ERROR: status = -5
[  505.459642][T22760] (syz.2.7144,22760,3):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.468149][T22760] (syz.2.7144,22760,3):ocfs2_fill_super:1177 ERROR: status = -5
[  505.475474][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.478811][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.481871][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.485546][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.490391][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.493611][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.496701][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.500266][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.504303][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.508338][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.511332][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.514765][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.519135][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.522136][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.525060][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.528389][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.532479][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.534943][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.537321][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.540296][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.543365][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.545683][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.550306][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.553691][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.557991][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.560303][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.562689][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.565597][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.569203][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.572274][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.574542][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.577392][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.583101][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.585491][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.588362][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.591439][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.595586][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.598430][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.600737][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.603521][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.607211][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.609769][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.614714][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.618115][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.621525][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.624095][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.627097][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.630437][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.634325][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.637628][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.640000][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.642575][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.646614][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.649949][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.652822][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.656085][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.660490][T22761] (syz.2.7144,22761,2):ocfs2_get_sector:1714 ERROR: status = -5
[  505.663474][T22761] (syz.2.7144,22761,2):ocfs2_sb_probe:753 ERROR: status = -5
[  505.666478][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  505.669646][T22761] (syz.2.7144,22761,2):ocfs2_fill_super:1177 ERROR: status = -5
[  505.672453][T22796] Invalid logical block size (1023)
[  505.715433][T22801] mkiss: ax0: crc mode is auto.
[  505.841983][T22830] netlink: 'syz.8.7160': attribute type 6 has an invalid length.
[  505.842701][T22818] syzkaller1: tun_chr_ioctl cmd 1074025678
[  505.846815][T22818] syzkaller1: group set to 15
[  505.957555][ T5971] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  505.962284][ T5971] Bluetooth: hci5: Injecting HCI hardware error event
[  505.965403][ T5971] Bluetooth: hci5: hardware error 0x00
[  506.108528][T22875] nlmon0: Master is either lo or non-ether device
[  506.209534][T22888] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  506.211611][T22888] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  506.214599][T22888] vhci_hcd vhci_hcd.0: Device attached
[  506.220716][T22888] vhci_hcd vhci_hcd.0: port 0 already used
[  506.385822][T22916] tmpfs: Bad value for 'nr_blocks'
[  506.406878][T22895] vhci_hcd: connection closed
[  506.412135][ T1153] vhci_hcd: stop threads
[  506.416893][ T1153] vhci_hcd: release socket
[  506.419240][ T1153] vhci_hcd: disconnect device
[  506.442742][T22927] nlmon0: Master is either lo or non-ether device
[  506.476616][T20488] usb 46-1: enqueue for inactive port 0
[  506.530138][T22949] netlink: 'syz.3.7190': attribute type 12 has an invalid length.
[  506.848505][  T839] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  506.967974][T20488] usb usb46-port1: attempt power cycle
[  507.017137][  T839] usb 7-1: Using ep0 maxpacket: 8
[  507.020007][  T839] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  507.022858][  T839] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  507.025766][  T839] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  507.030249][  T839] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  507.034251][  T839] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  507.034265][  T839] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.108161][T23024] nlmon0: Master is either lo or non-ether device
[  507.236529][ T6033] ==================================================================
[  507.236545][ T6033] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1b4c/0x1e60
[  507.236582][ T6033] Read of size 8 at addr ffffc90005275000 by task kworker/3:3/6033
[  507.236600][ T6033] 
[  507.236608][ T6033] CPU: 3 UID: 0 PID: 6033 Comm: kworker/3:3 Not tainted syzkaller #0 PREEMPT(full) 
[  507.236628][ T6033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.236643][ T6033] Workqueue: events_power_efficient fb_flashcursor
[  507.236666][ T6033] Call Trace:
[  507.236673][ T6033]  <TASK>
[  507.236680][ T6033]  dump_stack_lvl+0x116/0x1f0
[  507.236714][ T6033]  print_report+0xcd/0x630
[  507.236733][ T6033]  ? __virt_addr_valid+0x81/0x610
[  507.236762][ T6033]  ? sys_imageblit+0x1b4c/0x1e60
[  507.236786][ T6033]  kasan_report+0xe0/0x110
[  507.236809][ T6033]  ? sys_imageblit+0x1b4c/0x1e60
[  507.236835][ T6033]  sys_imageblit+0x1b4c/0x1e60
[  507.236866][ T6033]  ? __pfx_sys_imageblit+0x10/0x10
[  507.236903][ T6033]  ? rcu_is_watching+0x12/0xc0
[  507.236926][ T6033]  ? trace_kmalloc+0x2b/0xd0
[  507.236950][ T6033]  ? __kmalloc_noprof+0x242/0x510
[  507.236968][ T6033]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  507.236995][ T6033]  soft_cursor+0x521/0xa10
[  507.237021][ T6033]  ? fb_get_color_depth+0x120/0x250
[  507.237044][ T6033]  bit_cursor+0xe8c/0x17e0
[  507.237071][ T6033]  ? __pfx_bit_cursor+0x10/0x10
[  507.237099][ T6033]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  507.237120][ T6033]  ? get_color+0x1da/0x450
[  507.237141][ T6033]  ? __pfx_bit_cursor+0x10/0x10
[  507.237160][ T6033]  fb_flashcursor+0x30d/0x400
[  507.237182][ T6033]  process_one_work+0x9cc/0x1b70
[  507.237209][ T6033]  ? __pfx_process_one_work+0x10/0x10
[  507.237235][ T6033]  ? assign_work+0x1a0/0x250
[  507.237255][ T6033]  worker_thread+0x6c8/0xf10
[  507.237279][ T6033]  ? __pfx_worker_thread+0x10/0x10
[  507.237321][ T6033]  kthread+0x3c2/0x780
[  507.237341][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.237362][ T6033]  ? rcu_is_watching+0x12/0xc0
[  507.237382][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.237399][ T6033]  ret_from_fork+0x5d4/0x6f0
[  507.237419][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.237435][ T6033]  ret_from_fork_asm+0x1a/0x30
[  507.237464][ T6033]  </TASK>
[  507.237471][ T6033] 
[  507.237479][ T6033] The buggy address belongs to a vmalloc virtual mapping
[  507.237491][ T6033] Memory state around the buggy address:
[  507.237500][ T6033]  ffffc90005274f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  507.237516][ T6033]  ffffc90005274f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  507.237528][ T6033] >ffffc90005275000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  507.237537][ T6033]                    ^
[  507.237545][ T6033]  ffffc90005275080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  507.237561][ T6033]  ffffc90005275100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  507.237570][ T6033] ==================================================================
[  507.237621][ T6033] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  507.237633][ T6033] CPU: 3 UID: 0 PID: 6033 Comm: kworker/3:3 Not tainted syzkaller #0 PREEMPT(full) 
[  507.237656][ T6033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.237667][ T6033] Workqueue: events_power_efficient fb_flashcursor
[  507.237688][ T6033] Call Trace:
[  507.237694][ T6033]  <TASK>
[  507.237700][ T6033]  dump_stack_lvl+0x3d/0x1f0
[  507.237732][ T6033]  vpanic+0x6e8/0x7a0
[  507.237757][ T6033]  ? __pfx_vpanic+0x10/0x10
[  507.237789][ T6033]  ? sys_imageblit+0x1b4c/0x1e60
[  507.237816][ T6033]  panic+0xca/0xd0
[  507.237844][ T6033]  ? __pfx_panic+0x10/0x10
[  507.237875][ T6033]  ? check_panic_on_warn+0x1f/0xb0
[  507.237892][ T6033]  check_panic_on_warn+0xab/0xb0
[  507.237912][ T6033]  end_report+0x107/0x170
[  507.237933][ T6033]  kasan_report+0xee/0x110
[  507.237956][ T6033]  ? sys_imageblit+0x1b4c/0x1e60
[  507.237984][ T6033]  sys_imageblit+0x1b4c/0x1e60
[  507.238019][ T6033]  ? __pfx_sys_imageblit+0x10/0x10
[  507.238054][ T6033]  ? rcu_is_watching+0x12/0xc0
[  507.238078][ T6033]  ? trace_kmalloc+0x2b/0xd0
[  507.238102][ T6033]  ? __kmalloc_noprof+0x242/0x510
[  507.238124][ T6033]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  507.238145][ T6033]  soft_cursor+0x521/0xa10
[  507.238171][ T6033]  ? fb_get_color_depth+0x120/0x250
[  507.238191][ T6033]  bit_cursor+0xe8c/0x17e0
[  507.238218][ T6033]  ? __pfx_bit_cursor+0x10/0x10
[  507.238243][ T6033]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  507.238266][ T6033]  ? get_color+0x1da/0x450
[  507.238287][ T6033]  ? __pfx_bit_cursor+0x10/0x10
[  507.238311][ T6033]  fb_flashcursor+0x30d/0x400
[  507.238329][ T6033]  process_one_work+0x9cc/0x1b70
[  507.238356][ T6033]  ? __pfx_process_one_work+0x10/0x10
[  507.238382][ T6033]  ? assign_work+0x1a0/0x250
[  507.238399][ T6033]  worker_thread+0x6c8/0xf10
[  507.238430][ T6033]  ? __pfx_worker_thread+0x10/0x10
[  507.238449][ T6033]  kthread+0x3c2/0x780
[  507.238469][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.238486][ T6033]  ? rcu_is_watching+0x12/0xc0
[  507.238530][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.238547][ T6033]  ret_from_fork+0x5d4/0x6f0
[  507.238563][ T6033]  ? __pfx_kthread+0x10/0x10
[  507.238584][ T6033]  ret_from_fork_asm+0x1a/0x30
[  507.238612][ T6033]  </TASK>
[  507.239552][ T6033] Kernel Offset: disabled

VM DIAGNOSIS:
17:12:48  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080010101 RBX=0000000000000000 RCX=ffffffff81608bf0 RDX=ffffffff8e2977c0
RSI=ffffffff81608c38 RDI=ffffffff93dbcfe0 RBP=0000000000000000 RSP=ffffc90000007e38
R8 =0000000000000001 R9 =fffffbfff27b79fc R10=ffffffff93dbcfe7 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81608c39 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007feea33d4f98 CR3=00000000552d1000 CR4=00350ef0
DR0=0000000000008009 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0070234423436d63 702f646e732f7665
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8552bb26
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8552bb26 00007ffd8552bb2c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b21974a8 00007f97b21974a0 00007f97b2197498 00007f97b2197470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2cfd100 00007f97b2197460 00007f97b2190004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b21974b8 00007f97b21974b0 00007f97b21974a8 00007f97b21974a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81608bf0 RDX=ffff88801dea2440
RSI=ffffffff81608c38 RDI=ffffffff93dbcfe0 RBP=0000000000000001 RSP=ffffc900006a0fd0
R8 =0000000000000001 R9 =fffffbfff27b79fc R10=ffffffff93dbcfe7 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81608c39 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007feea53c7dac CR3=00000000552d1000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0070234423436d63 702f646e732f7665
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8552bb26
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8552bb26 00007ffd8552bb2c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b21974a8 00007f97b21974a0 00007f97b2197498 00007f97b2197470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b2cfd100 00007f97b2197460 00007f97b2190004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97b21974b8 00007f97b21974b0 00007f97b21974a8 00007f97b21974a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080010001 RBX=0000000000000000 RCX=ffffffff81608bf0 RDX=ffff888065b62440
RSI=ffffffff81608c38 RDI=ffffffff93dbcfe0 RBP=0000000000000002 RSP=ffffc90000648fd0
R8 =0000000000000001 R9 =fffffbfff27b79fc R10=ffffffff93dbcfe7 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81608c39 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555733b2500 ffffffff 00c00000
GS =0000 ffff8880d68b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3312ab CR3=000000006132e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb3e9d846
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb3e9d846 00007fffb3e9d84c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911212fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f49113974a8 00007f49113974a0 00007f4911397498 00007f4911397470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4911efd100 00007f4911397460 00007f4911397478 00007f49113974c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f49113974b8 00007f49113974b0 00007f49113974a8 00007f49113974a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85646a35 RDI=ffffffff9b1150a0 RBP=ffffffff9b115060 RSP=ffffc900043c72f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303963666666
R12=0000000000000000 R13=0000000000000065 R14=ffffffff9b115060 R15=ffffffff856469d0
RIP=ffffffff85646a5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007feea33f5f98 CR3=000000005b08a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe95802136
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe95802136 00007ffe9580213c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1047612fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f10477974a8 00007f10477974a0 00007f1047797498 00007f1047797470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f10482fd100 00007f1047797460 00007f1047790004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f10477974b8 00007f10477974b0 00007f10477974a8 00007f10477974a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000