last executing test programs:

12m50.016063649s ago: executing program 0 (id=1703):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2, 0x2000}, 0x10)

12m49.955826055s ago: executing program 0 (id=1705):
r0 = gettid()
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r2}, 0x10)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000000180)={0x33, 0x40000020, 0xfffffffb})

12m49.935287108s ago: executing program 0 (id=1708):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000010020"], 0x24, 0x0)

12m49.885881613s ago: executing program 0 (id=1712):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000800)='./file0\x00', 0x18001, &(0x7f00000012c0)=ANY=[@ANYRES32=0x0, @ANYRESHEX, @ANYRESOCT, @ANYRES8, @ANYRES32, @ANYRES64], 0x8, 0x2f0, &(0x7f0000000880)="$eJzs3M9PE0EUwPHXH5S2BMrBaDQxTPSilw1Uz0pjIDE2kSA1/khMFthq07Ul3QZTY0RPXo1/hAfCkRuJ8g9w8aYXL964mHiQg3FNt7u0lG0RKK3C95OQPmbm7c60G/Jmw3bz3tun+aylZfWyBKNKAhFxBb1AAg0tAdke4Hgllwd+fD5/5/6DW6l0emJaqcnUzJWkUmpo5MOzFzF32Fq/bAw/2vye/LZxeuPs5u+ZJzlL5SxVKJaVrmaLX8v6rGmo+ZyV15SaMg3dMlSuYBmlWn+x1p81iwsLFaUX5gfjCyXDspReqKi8UVHloiqXKir0WM8VlKZpajAu2EtmeXpaTx0wea7Dk8ERKZVSekhEYrt6Mss9mRAAAOip5vo/KEpkS2S4M/X/yoX18sDd1SG3/l+L+NX/V7/UjrWj/o+KiG/9753ft/7X91f/766ITpZD1f/4N4xEdjUF6mG1s5TS4407+tcPV0adgPofAAAAAAAAAAAAAAAAAAAAAID/wZZtJ2zbTniv3k+/iERFxPvdJzUkItd7MGV00CE+fxwD9Qf3wkMi5pvFzGKm9uoOWBcRUwwZlYT8cq4HVzX2njxSVcPy0Vxy85cWMyGnJ5WVnJM/Jok+ac637cmb6YkxVbMzv0/ijflJScgp//ykb35ELl1syNckIZ/mpCimzDvzqOe/HFPqxu10U37MGQcAAAAAwHGgqW2++3dNa9Vfy9/eXzffHwjV99ejvvvzsJwL93btAAAAAACcFFbleV43TaPUJojJ3mMOHoSP6MjeCv82y/tfhqNbaZvAO/mOrqjb2PG3JbCPt6VFEJSDZI1UV6MOuwrvtlGLMXGZGu/+J+gEZ969/9m5A15bjbZf6V6BtE4Ptb8A+rrxtwcAAABAd9WLfq9lvLcTAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgBOrGt6P5njja9aUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfcnAAD//7puAHY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000001740)='d', 0x1}], 0x1}}], 0x1, 0x4000050)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r4, &(0x7f00000014c0)=[{&(0x7f0000000340)=""/191, 0xfffffd90}], 0x1, 0x182, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0xfffffffffffffccc, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r5, &(0x7f0000000000)=ANY=[], 0x0, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x18)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xffffffff, 0xffffffff, 0x3b0, 0xffffffff, 0x3b0, 0xffffffff, 0xffffffff, 0x3b0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0xffff0000, 0x24, 0x0, 'syz1\x00'}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x1, 0x5}}}, {{@ipv6={@remote, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'erspan0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@ipv6header={{0x28}, {0x2c, 0x10, 0x1}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x6, 0x4, 0x0, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000004c0)='mm_page_alloc\x00', r8}, 0x18)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/mem_sleep', 0x141a82, 0x4)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f00000002c0)={0x3, 0x7, 0x0, 'queue0\x00', 0x10000})
sendfile(r10, r10, 0x0, 0x6)

12m49.779162505s ago: executing program 0 (id=1714):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x33}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000000)="c9a5090000003ef19f71a7afbcd9", 0x0, 0x1, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = accept4(r1, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, &(0x7f0000000080)=0x80, 0x800)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRESHEX=r2, @ANYBLOB, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x8, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="180000002d0e666735aa566600000000000000005206c1c1c0d0f488a817ff03eb811d4b9ec2a58a99ec551c03ec289f55db730fed1019ce3e294aaaa5d00f4f23f511ea0f542fa5d1618c434ed81cc9e349b639c5442595d4684b60c4b85435c500c4749118ef286cd70de979400bf04988a4147f90fb06bd7d5837fa1291f0b65f618939b3fb6fc0b7ef85005ee5fdd8d7a6c67d2865737e9585021b27b900e878f500c0b67c726e075e7c8407c8c322bb85b7dc02802f39fdcfee4da344a63a53c61d1af3e40965f5d044cfe9c42ad11a0f60ebaba372ea0021000000000000631f4366781331549fe2e9ec09cf211c10b5688b759afc10170e2d4115dcf11c37d7bb244bcf5525c7a1363502b9cbf09ec6dab91c44fb534ae8023d6618f19ebc67d82096d94e9f04b944f66ad828dd71aabba827c03da8769aa23458d67a478b86302d010617bbd8d07923e7a1509c7bb8895e2ffc8509d2be54d2059522b2e4b8c86cdbf11082894ef401bd82ccb820b03a1f58591e8933338ef7d898d7caa06b086f638d1b5a85975f3f271db065c73001f24d2353a0bd2317f4ba1887b110d271ffacea540b354128a3ac52be419ba9a99cce6c8642d9652c36172433c33c8a02219e356f28a9a48758619f406f85241a15433e6ffeb65cd64c4e89a4dc638d16a0449843f2a6a0f430c12326b3f19fafd8829bf09103", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{}, &(0x7f0000000500), 0x0}, 0x20)
lsm_set_self_attr(0x66, 0x0, 0x43, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xff02e8e1f63ec034, &(0x7f0000000080)={[{@dioread_lock}]}, 0xfa, 0x5db, &(0x7f0000001400)="$eJzs3c9vVNUeAPDvnZmWlr73po+8PMWFaTAEEqWlBQz+WMCeEPyx04WVFoIMP0JrtGhiSXCjMbpwQeLKhfhfaKNbVyYuXLhxZUjQGBZqjI65M3fKWGbaaenMrZ3PJ5n2nHvu9JwL/facufecewPoW2Ppl0LE7oi4nESUm8pKkRWO1fe78/Obp9NXEtXqcz8lkWTbGvsn2feR7M1/lCO+/iKJXcV7651buHp+ulKZvZLlJ+YvXJ6YW7h64NyF6bOzZ2cvTj0+dfTI4SNHJw/e1/EVmtInrr/yWvmdky988tHvyeSn351M4lj8eKZe1nwcm2UsxuLXavWtldvTf9ejm11ZTorLvyd3JSs3sGWVshgZjIgHohzFpv/Ncrz9TK6NA7qqmkRUgT6ViH/oU41xQOOzfWefgwtdHpUAvXD7ePp1oEX8l+rnBmM0BiJi74r3tTiltyFpHV99efJ6+oounYcDWlu8tiNLrYz/pBabozFUy+28U2g6MzhUGwGcykYC6fZnN1j/2Iq8+IfeWbwWEQ+2Gv+vFv/1uH+pKf5f3mD94h8AAAAAAAA2z9LxiHis1fW/QnZtbij21K7/JfXrf9/cXSF4bBPqX/v6X+HWJlQDtHD7eMTTLef/Ls/xHS1muX/XZwMmZ85VZg9GxH8iYn8M7Ejzk6vUceC9XTfalTXP/0tfaf2NuYBZO26Vdvz9PTPT89P3c8xA3e1rEQ+V2s//Sfv/pLn/z6R/Dy53WMeuvTdPtStbO/6Bbql+HLGvZf+fLO+TrH5/jonaeGCiMSq418NvvP9Zu/rFP+Qn7f93rh7/o0nz/Xrm1vfzByPi0EKp2q58o+P/weT5YuPnp16fnp+/MhkxmJy4d/vU+toM21UjHhrxksb//kdWP/+3PP5visPhiFjssM7//znyfbsy/T/kJ43/mXX1/+tPTN0c/bxd/Z31/4drffr+bIvzf7C6RvD9kuXbBWjOzQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6RCRPwrksJ4mq494LtQGB+PGImI/8XOQuXS3PyjZy69enEm3a/2/P9C40m/5Xo+aTz/f7QpP7Uifygi/hsRHxaHa/nx05cqM3kfPAAAAAAAAAAAAAAAAAAAAGwRI83r/2vp+vr/1A/FvFsHdF0p+94i3pNetwXorVLeDQByI/6hf4l/6F/iH/qX+If+tcH4d3kQtgH9P/Srgc52G+p2O4A86P8BAAAAAGBbWXrqiRtJRCw+OVx7pQazsuULg8N5tQ7opsLG3vbiB0t7NrspQI+Zwwv9y9Qf6F8dTv4FtrG79/n7rdqqvP3sf3cIBAAAAAAAAAAAAIBe2bd76ds11/8D21KH6//fLXe7IUDPWf8P/cv6f+hf6/qMb7AA29Jaq/it/wcAAAAAAAAAAACA/M0tXD0/XanMXpGQ2GqJgYjYAs3IITGYf3jm/IcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABY9lcAAAD//7rOJOA=")
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fdatasync(r4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r7)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003000000018000180140002007665746830"], 0x2c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94)

12m49.192060289s ago: executing program 0 (id=1719):
r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0xc2d6, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='virtio_transport_alloc_pkt\x00', r0, 0x0, 0x10}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000240)})
r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x4, 0x208, 0x5ad, 0x0, 0xffffffffffffffff, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x4, 0x208, 0x5ad, 0x0, 0xffffffffffffffff, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x0) (async)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
unshare(0x6a040000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
fcntl$notify(0xffffffffffffffff, 0x402, 0x22)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r9}})
splice(r8, 0x0, r7, 0x0, 0xffffffffffff8000, 0x0)
write$P9_RLERRORu(r7, &(0x7f0000000100)={0xe, 0x7, 0x1, {{0x1, '-'}, 0x207}}, 0xe) (async)
write$P9_RLERRORu(r7, &(0x7f0000000100)={0xe, 0x7, 0x1, {{0x1, '-'}, 0x207}}, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000) (async)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x4b85, 0x800, 0x7ff9, 0x32c, 0x0, r2}, &(0x7f0000000380)=<r10=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
socket$tipc(0x1e, 0x5, 0x0) (async)
r11 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18}, './bus\x00'})
bind$tipc(r11, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='io_uring_file_get\x00'}, 0x18)

12m34.176314848s ago: executing program 32 (id=1719):
r0 = syz_open_dev$vcsu(&(0x7f0000000040), 0xc2d6, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='virtio_transport_alloc_pkt\x00', r0, 0x0, 0x10}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000240)})
r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/consoles\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x4, 0x208, 0x5ad, 0x0, 0xffffffffffffffff, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x4, 0x208, 0x5ad, 0x0, 0xffffffffffffffff, 0x8000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x50)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x0) (async)
prctl$PR_SET_MM_AUXV(0x23, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
unshare(0x6a040000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
pipe(&(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
fcntl$notify(0xffffffffffffffff, 0x402, 0x22)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r9}})
splice(r8, 0x0, r7, 0x0, 0xffffffffffff8000, 0x0)
write$P9_RLERRORu(r7, &(0x7f0000000100)={0xe, 0x7, 0x1, {{0x1, '-'}, 0x207}}, 0xe) (async)
write$P9_RLERRORu(r7, &(0x7f0000000100)={0xe, 0x7, 0x1, {{0x1, '-'}, 0x207}}, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000) (async)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000)
syz_io_uring_setup(0x49d, &(0x7f00000003c0)={0x0, 0x4b85, 0x800, 0x7ff9, 0x32c, 0x0, r2}, &(0x7f0000000380)=<r10=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
socket$tipc(0x1e, 0x5, 0x0) (async)
r11 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000004c0)={{0x1, 0x1, 0x18}, './bus\x00'})
bind$tipc(r11, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='io_uring_file_get\x00'}, 0x18)

2.676842935s ago: executing program 1 (id=14676):
socket$inet(0xa, 0x801, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x17, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020207025000000000020209b7b1af8ff00000000bfa100000000200007010000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4000000, 0x2010, 0xffffffffffffffff, 0x8000000)
syz_io_uring_complete(r2)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x1843}, 0x18)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="00000000010000000000040000"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x4004000)
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000300)={'netdevsim0\x00', @random="f60f63971a2b"})
syz_io_uring_setup(0x3dca, &(0x7f0000000140)={0x0, 0xfffffffc, 0x1, 0xffffffff, 0x1ff}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="180000001814010000002de370ddf4eb0000eddbdf250800010000000000"], 0x18}, 0x1, 0x0, 0x0, 0x4000044}, 0x44810)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fcdbdf251200000018000180"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x2004c0a0)
r9 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001900010000000000000000000218"], 0x2c}}, 0x0)
sendto$inet6(r9, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000314010030bd7000ffdbdf250900020073797a30000000000800410073697700140033007767310000000000f4ffff06"], 0x38}}, 0x4008010)

2.338656049s ago: executing program 2 (id=14679):
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x101042, 0x1) (fail_nth: 5)

2.063418366s ago: executing program 2 (id=14680):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x0, 0x0})
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff91, 0xfffffffffffffff8}, 0x126a0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000500)='\t!=&\x00\xaeH\xfc\xf7\xf7\xd4\x1c\x94\xcb\r^\xd6<\xda9\xdc\xac(\x8cj\x13hk\xfc\xa8\v#)\xddk\x93\x12\xbfh\x95\xb9\xb7-:\xebr\xf2%\xaf\x8fH\x89MO\xf7\xbe\x1b\xd7\xd7S\b\x00\x00\x00\x00\x00\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x8}, 0x18)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r5 = geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
quotactl_fd$Q_GETINFO(r4, 0xffffffff80000502, r5, &(0x7f0000000100))
sendmsg$inet6(r3, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x5b0}, 0x20008001)
sendmsg$inet6(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000022c0)="3b9eccc918ce8c50894cb802b04e9492b64a02d85d3ed05eac49318868ad13e4fa9e2f1b165dfcc79e43ed30bb0c212bebb71afc79347f2f1a90e936a487e1ce171789626d34ffa8e3b4415ad869955133f81fab7f450d7ef6df7bf6a16cc39fd78e88662ffd1c3b31ffe836682b1ad9c331a068a75d12fd346d77f5cdacee9fee2203a321c260b0b5fdc8b5d7d43148f4b0fb550dd9d8746f0a0444cfa52af90a966921f9cb48b0c99727166a2f59c12dae2fcc4d891258bd723b5fd1fcb4cb219c87fadebe2582802ef18165f5ff67ba0d4eb4d3ef1f80ba9dff1a74dd5874b3d8017ff61b5174d9660e54f2b5f94f29f6665567b2ca6d0549a500a428ce29b197f754f8e3b6c7dc21260ce97551074886667837db75c9a21cdf92b14dcb2e1f997bab3bf1902b8d8e9eb238c021fdbe48675473dac385e2fada25f767ce5e7576c2dc496841123c81314f100e0648405f0ca9b5aa012d9316f3945e613aba10d1fbc2917143ed606c5513394343c9fac6f95ee678031ba5f4a81d8c2ae0d31c5711c91845f07b0add2bb4bd0f700217044582adf1850b0af5f04b63906918b7312fc3a800d67d8293604321633c41153f83662b2cbec354cf9c33e9eaa8ab2c5e4d86f82d379e98ad8d749595829b548ad77596448bf718c5e52a7dac04f62fde8ab1cc55ee5b6fd57327c8e678c1c8f9b8c235c132faffc553d54253f67d40075d91b7abaa303e5844ee31871fcdded3d8de8df952ae53e60d73e57267117129a4b42df34faa3287bb1c475d9ef904b7a4d33f1f8014e59905c3dc145e3974d71487ce05c9149fb4f9788ef0f519151d82391d783df5753819a0d967d842e60d28257741fb8b794b18a4e2f2f4f10412aa580062d0ef3691f4bdc14d283d672ae10fbbe23fa15f9225642aad56cc8a36538afe97750a0bf313cf3b9fdd881aa067b3b6ad9a69c04b50c9b4f8e29c11d7dcaf08b57ecd5cfd8a01b0e50313d09ea6b3634867f0c23c06055e04c36bddcdc6", 0x2d3}], 0x1}, 0x20000044)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private2, @in, 0x4e21, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x0, 0x33}, {0xffff, 0x4, 0x0, 0x0, 0x80000001, 0x6, 0x1000000, 0x80000000}, {0x800, 0x0, 0x6, 0xffffffffffffffff}, 0x9, 0x200000, 0x0, 0x0, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x2b}, 0x0, @in6=@mcast1, 0x0, 0x3}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)

1.817102029s ago: executing program 1 (id=14691):
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$BLKBSZSET(r0, 0x40081271, &(0x7f00000000c0)=0x6)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x5, 0xb1130, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x101280, 0x26f, 0xc, 0x3, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
write$cgroup_devices(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB='c ', @ANYRESDEC], 0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x80, 0x1000000}, &(0x7f0000000280)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_WRITEV={0x2, 0x40, 0x4000, @fd=r4, 0x9, 0x0, 0x0, 0x5, 0x1})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x840)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0xa, 0x4000011, r1, 0x0)
socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x14, r7, 0x1, 0x0, 0x0, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x4048815}, 0x0)

1.72735818s ago: executing program 5 (id=14694):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6erspan0\x00'})
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2c, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0519, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xa}, 0x6025, 0x4005, 0xb, 0x3, 0x2, 0x20005, 0x7f, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r1, 0x0) (async)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec29, 0x800, 0x1, 0x40000337}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 64)
r6 = syz_io_uring_setup(0x12ab, &(0x7f0000000140)={0x0, 0x7496, 0x0, 0x2, 0x1f7}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0) (rerun: 64)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r9}}) (async)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0xc, 0x0, r5, 0x0, &(0x7f0000000100)="0351679a83a736c44fd0af5d3fc9be51a6ffa3556868ef7310e6bc57fff28d97", 0x20, 0x8100, 0x0, {0x0, r9}})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0) (async)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)

1.652650721s ago: executing program 1 (id=14696):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r1=>0x0})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/uevent_helper', 0x102, 0x21)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0xf0, 0x8, 0x2, 0xe, 0x10}]}, &(0x7f0000000180)='syzkaller\x00', 0x7, 0x4d, &(0x7f0000000200)=""/77, 0x40f00, 0x2a, '\x00', r1, 0x25, r2, 0x8, &(0x7f00000002c0)={0x2, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x5, 0x3, 0xc, 0x7}, {0x3, 0x3, 0x10, 0x5}], 0x10, 0x4}, 0x94)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000100)=0x4)
r3 = socket(0xa, 0x3, 0x3a)
accept4$vsock_stream(r2, &(0x7f0000000440)={0x28, 0x0, 0x1, @host}, 0x10, 0x80000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16, @ANYBLOB="04002a0003200000000000000000000096218ed6bd9a08e51fc23277c20000", @ANYRES32=r6, @ANYBLOB="0c00990008000000730000000a001a0008021100000000000a00060008021100000000000a001a0008021100000100000a000600ffffffffffff00000a001a00ffffffffffff00000a00"], 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x48000)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000b40)={0xaf4, r4, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x70, 0x11d, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa9}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x82}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc6d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xee}]}]}, @NL80211_ATTR_TID_CONFIG={0x2e0, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x1a8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x77}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x174, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x58, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5abe, 0x4, 0x4, 0x3200, 0x1, 0x4, 0x8001, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xe, 0x860a, 0xc, 0x4, 0x1, 0x101, 0x8]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x0, 0x5, 0x1, 0x8, 0x101, 0xfff2, 0x1]}}]}, @NL80211_BAND_5GHZ={0x60, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x18, 0x1, 0x2, 0x16, 0x18, 0x1, 0x24, 0x6, 0x6c, 0x4, 0x3, 0x24, 0x1, 0x2, 0x3, 0x0, 0xb, 0x1, 0x30, 0xb, 0x63, 0x60, 0x24, 0x5, 0x60, 0x5, 0xb, 0x6, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0xa0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xf, 0xf001, 0x0, 0x4, 0xea8, 0x1, 0x1, 0xf6]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x3, 0x6c, 0xb, 0x30, 0x16, 0x6, 0x12, 0x36, 0x24, 0x24, 0x60, 0x17, 0x6c, 0x36, 0x18, 0x190db8df50304da9, 0x16, 0x6, 0x24, 0x30, 0xc, 0x1, 0x4cafbac07f947f3e, 0x4, 0x36, 0x1b, 0x9, 0x6b, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x6, 0x60, 0x6c, 0x16, 0x5, 0x60, 0x12, 0x18, 0x1b, 0x12, 0x60, 0xb, 0x48, 0x2, 0x4, 0xb, 0x24, 0x2, 0x48, 0x48, 0x30, 0xc, 0x6, 0x3, 0x30, 0xc, 0x6c, 0xf]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xde5, 0xb9, 0x5, 0x6, 0x200, 0x0, 0x8, 0x5]}}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x62}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xbc38}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x9}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x58}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xee}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7fffffff}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x56}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2ea}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x26}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x32}]}]}, @NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x620, 0x11d, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xeb}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xef}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfa}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4b}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1800000}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x5b8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x3a}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x2f4, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xcc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x3, 0x4, 0x1a, 0x30, 0x24, 0x6c, 0x48, 0x16]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x7, 0x9}, {0x6, 0x9}, {0x1, 0x5}, {0x4}, {0x5, 0x1}, {0x1, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x1, 0x6}, {0x3, 0x4}, {0x4, 0x5}, {0x7, 0x7}, {}, {0x7, 0x3}, {0x0, 0x9}, {0x3}, {0x1, 0x8}, {0x7, 0x8}, {0x5}, {0x2, 0xa}, {0x4, 0x5}, {0x0, 0x6}, {0x4}, {0x2, 0x8}, {0x0, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x7, 0x8}, {0x0, 0x9}, {0x7, 0x3}, {0x5, 0x5}, {0x0, 0x5}, {0x1, 0xa}, {0x4}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x2}, {0x1, 0xa}, {0x6, 0x1}, {0x7, 0x1}]}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x7, 0x4}, {0x6, 0xa}, {0x4, 0x1}, {0x3, 0x7}, {0x7, 0x2}, {0x5, 0x7}, {0x4}, {0x7, 0x1}, {0x1}, {0x7, 0x3}, {0x7, 0x2}, {0x6, 0x9}, {0x2, 0x5}, {0x0, 0x6}, {0x0, 0x8}, {0x2, 0x3}, {0x5, 0x7}, {0x5, 0x4}, {0x3, 0x6}, {0x7, 0x8}, {0x1, 0x4}, {0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x7, 0x6}, {0x1}, {0x0, 0x9}, {0x5, 0x1}, {0x7, 0x5}, {}, {0x4, 0x2}, {0x7, 0x7}, {0x7, 0x4}, {0x4, 0x1}, {0x7, 0x2}, {0x0, 0x2}, {0x6, 0x9}, {0x5, 0xa}, {0x0, 0x6}, {0x3, 0x3}, {0x2, 0xa}, {0x2, 0x6}, {0x4, 0x7}, {0x6, 0xa}, {0x7, 0x9}, {0x5, 0x1}, {0x6, 0x5}, {0x4}, {0x1, 0x1}, {0x6, 0x8}, {0x2, 0x2}, {0x5, 0x9}, {0x0, 0x8}, {0x3, 0x3}, {0x4}, {0x4, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x5, 0x0, 0x545, 0x2, 0x7, 0xd19, 0x6ce]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xddc3, 0x4, 0x7ff, 0x5, 0x4, 0xbd4b, 0x8, 0x1000]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7ff, 0x300, 0x1ff, 0xff, 0x520, 0xed3, 0xfffb, 0x24e9]}}]}, @NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7fff, 0x0, 0x0, 0x6, 0x7, 0x3, 0x7f]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x3, 0x1}, {0x5, 0x4}, {0x6, 0x1}, {0x5, 0x6}, {0x3, 0xa}, {0x4, 0x4}, {0x1, 0x3}, {0x6, 0x4}, {0x1, 0x8}, {0x0, 0xa}, {0x2, 0x8}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x8}, {0x2, 0xa}, {0x0, 0x5}, {0x1, 0x2}, {0x1, 0x2}, {0x3, 0x5}, {0x6, 0x2}, {0x5, 0x2}, {0x2, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffc, 0xfff9, 0x1, 0x5, 0x7, 0x7, 0x7, 0x1]}}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x9, 0x8, 0x9, 0x3, 0x2, 0x9]}}]}, @NL80211_BAND_2GHZ={0x2c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x84, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x16, 0x5]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x2, 0x8}, {0x3, 0x8}, {0x2, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x4, 0x1}, {0x5, 0x7}, {0x5}, {0x4, 0x5}, {0x1, 0x8}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x3, 0x7}, {0x0, 0x1}, {0x4, 0xa}, {0x4, 0x3}, {0x7, 0x2}, {0x5, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x7, 0x9}, {0x0, 0x1}, {0x5, 0x8}, {0x5}, {0x4, 0x9}, {0x5}, {0x6, 0x6}, {0x0, 0x3}, {0x1, 0x7}, {0x3, 0xa}, {0x6, 0x9}, {0x4, 0x5}, {0x2, 0x9}, {0x6, 0x8}, {0x0, 0x6}, {0x3, 0xa}, {0x6, 0x5}, {0x0, 0x7}, {0x1, 0x6}, {0x5, 0xa}, {0x6, 0xa}, {0x7, 0x9}, {}, {0x6, 0xa}, {0x2, 0x3}, {0x2, 0x5}, {0x2, 0x4}, {0x1, 0x3}, {0x6, 0xa}, {0x7, 0x4}, {0x3, 0x4}, {0x0, 0x5}, {0x1, 0x7}, {0x7, 0x3}, {0x4, 0x2}, {0x1, 0x5}, {0x0, 0x6}, {0x4, 0x2}, {0x5, 0x6}, {0x1, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0xbe, 0x8, 0x8, 0xff, 0x5, 0x2, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x5}, {0x7}, {0x1, 0x7}, {0x4, 0x3}, {0x5, 0x4}, {0x3, 0x9}, {0x2, 0x9}, {0x4}, {0x0, 0x8}, {0x1, 0x8}, {0x5, 0x7}, {0x1, 0xa}, {0x4, 0x8}, {0x6, 0x7}, {0x2, 0x8}, {0x6, 0x9}, {0x1, 0x2}, {0x4}, {0x2, 0x9}, {0x1, 0x6}, {0x1, 0x6}, {0x6, 0x6}, {0x3, 0x4}, {0x1, 0x2}, {0x7}, {0x1, 0x3}, {0x6, 0x7}, {0x5, 0x7}, {0x6, 0x4}, {0x0, 0x7}, {0x6, 0x1}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x3}, {0x3, 0x9}, {0x4, 0x6}, {0x4, 0x6}, {0x4}, {0x3, 0x1}, {0x0, 0x7}, {0x0, 0x7}, {0x1, 0xa}, {0x6, 0x1}, {0x1, 0x5}, {0x0, 0x6}, {0x4, 0x2}, {0x3, 0x8}, {0x3}, {0x2, 0x1}, {0x4, 0x7}, {0x2, 0x8}, {0x2, 0x8}, {0x1, 0x5}, {0x0, 0x6}, {0x1}, {0x4, 0x3}, {0x2, 0x9}, {0x0, 0x2}, {0x2, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x4, 0x9}, {0x4, 0x8}, {0x5, 0x5}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x6, 0xffd0, 0x9, 0x401, 0xc, 0xfffc, 0x6]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0xffff, 0x3, 0x0, 0x3ff, 0x7fff, 0x4, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x6c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0xd, 0x2, [{0x2}, {0x2, 0x2}, {0x4, 0x9}, {0x2, 0x5}, {0x3, 0x7}, {0x5, 0x1}, {0x7, 0xa}, {0x1, 0x3}, {0x5, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x7dd3, 0xf318, 0x3, 0x9, 0x3, 0x4, 0xa]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x6, 0x48, 0x6, 0x18, 0x9, 0x48, 0x16, 0x36, 0x12, 0x12, 0x1b, 0x48, 0x36, 0x60, 0x30, 0x12, 0xc, 0x4, 0x6bc0b88371b17b73, 0x6, 0x12, 0x30, 0x30, 0x6, 0x6c, 0x3, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2a0a, 0xe, 0xff, 0x8, 0x8, 0x7ff, 0x1, 0x401]}}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4e}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8a}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x270, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x5c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x8001, 0x4, 0x38b2, 0x9, 0x9, 0x0, 0xff65]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x2, 0x7f, 0x0, 0x60, 0x7, 0x5, 0x5e]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x91b, 0x5, 0xfff8, 0x1, 0x3a, 0x3, 0x3, 0xfffc]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x5, 0x60, 0x12, 0x1, 0x24, 0x18, 0x1b, 0x3, 0x16, 0x30, 0x6c, 0xc, 0x6c, 0x6, 0x6, 0x36]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x12c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x34, 0x2, [{0x5, 0x7}, {0x3, 0x1}, {0x2}, {0x2, 0x6}, {0x5, 0x7}, {}, {0x2, 0x2}, {0x5, 0x3}, {0x7, 0x6}, {0x6, 0x7}, {0x2, 0x1}, {0x2, 0xa}, {0x6, 0x5}, {0x4, 0x9}, {0x1}, {}, {0x4, 0x3}, {0x0, 0x2}, {0x7, 0x1}, {0x5, 0x2}, {0x2, 0x4}, {0x4, 0x7}, {0x4}, {0x4, 0x5}, {0x1, 0x6}, {0x2, 0x5}, {0x5, 0x3}, {0x2, 0xa}, {0x0, 0x8}, {0x1, 0x6}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x4}, {0x1, 0x4}, {0x2, 0x7}, {0x6, 0x5}, {0x2, 0x1}, {0x6, 0x5}, {0x0, 0x8}, {0x6, 0x2}, {0x3, 0x4}, {0x1, 0x2}, {0x0, 0x5}, {0x5, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x6, 0x1}]}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x6, 0x4}, {0x4, 0x6}, {0x1, 0x7}, {0x2, 0x7}, {0x7}, {0x6}, {0x2, 0x4}, {0x7, 0x8}, {0x2, 0x3}, {0x5, 0xa}, {0x6, 0x5}, {0x4, 0xa}, {0x6, 0x6}, {0x6}, {0x3, 0x6}, {0x0, 0x5}, {0x0, 0x6}, {0x7, 0xa}, {0x6, 0x2}, {0x7, 0x1}, {0x7, 0x9}, {0x0, 0x8}, {0x7, 0x7}, {0x7, 0x7}, {0x1, 0x1}, {0x7, 0x8}, {0x4, 0x5}, {0x5, 0x9}, {0x3, 0x8}, {0x5}, {0x7, 0x5}, {0x6, 0x4}, {0x2, 0x7}, {0x0, 0x2}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x3}, {0x0, 0x8}, {0x4, 0x7}, {0x7, 0x1}, {0x0, 0x1}, {0x0, 0x8}, {}, {0x1, 0xa}, {0x5, 0x4}, {0x0, 0x4}, {0x1, 0x9}, {0x7, 0x4}, {0x6, 0x8}, {0x1, 0x3}, {}, {0x3}, {0x4, 0xa}, {0x6, 0x5}, {0x6, 0x6}, {0x0, 0x9}]}, @NL80211_TXRATE_HT={0x2f, 0x2, [{0x1, 0x7}, {0x6, 0xa}, {0x5, 0xa}, {0x7, 0xa}, {0x0, 0x9}, {0x0, 0xa}, {0x2, 0x3}, {0x3, 0x9}, {0x5, 0x7}, {0x1, 0xa}, {0x0, 0xa}, {0x5, 0x9}, {0x1}, {0x6, 0x2}, {0x5, 0xa}, {0x2, 0x7}, {0x4, 0x2}, {0x0, 0x5}, {0x1, 0x8}, {0x4, 0xa}, {0x3, 0x3}, {0x0, 0x5}, {0x7, 0x3}, {}, {0x4}, {0x1, 0x7}, {0x5, 0x8}, {0x0, 0x6}, {0x1, 0x5}, {0x2, 0x4}, {0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x1, 0x1}, {0x6, 0x6}, {0x1, 0x6}, {0x0, 0xa}, {0x0, 0x3}, {0x2, 0x5}, {0x4, 0x3}, {0x5, 0x5}, {0x1, 0x4}, {0x7, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x200, 0xa7c, 0x21e, 0x0, 0xd, 0x417, 0x519, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0xe, 0x401, 0x3, 0xdc5d, 0x5b0c, 0x1, 0x1af2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x0, 0x5, 0x3, 0x1a, 0xc1]}}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x7, 0x9}, {0x1, 0x4}, {0x7, 0xa}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x4}, {0x2, 0x9}, {0x3, 0x9}, {0x2, 0x3}, {0x5, 0x2}, {0x4, 0x2}, {0x0, 0xa}, {}, {0x4, 0x4}, {0x3, 0x8}, {0x7, 0x4}, {0x0, 0x5}, {0x7, 0x2}, {0x5, 0x4}, {0x7, 0x6}, {0x6, 0x4}, {0x1, 0x9}, {0x0, 0x3}, {0x7}, {0x3, 0x1}]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x1, 0x60, 0xd, 0x32, 0x24, 0xb, 0xc, 0x18, 0x24, 0x5, 0x5, 0x1, 0x30, 0x24, 0x48, 0xc, 0x24, 0x48, 0x6, 0x18, 0x30, 0x1, 0x5, 0x9, 0xb, 0x3, 0x5, 0x32, 0xc]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x460a, 0x8, 0x5, 0x7, 0x3, 0xb, 0x0, 0x7]}}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x3, 0x3}, {0x7, 0x4}, {0x7, 0x4}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6cc5, 0x4, 0x7fff, 0x0, 0x1, 0x100, 0x9, 0xfffe]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd, 0xb18, 0x7, 0x2, 0x6, 0x9, 0xe, 0x3]}}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfb18, 0x0, 0x8, 0x7, 0x831, 0x791, 0x6, 0x6bf9]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x9, 0xb4, 0x40, 0xffff, 0x2, 0x26c6, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x40, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x1, 0xa}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x3, 0x0, 0x5, 0x6, 0x3ff, 0xffff, 0x10]}}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xe8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}]}]}, @NL80211_ATTR_TID_CONFIG={0x13c, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xbe}]}, {0x124, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x84, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x723, 0xf, 0x1, 0xfba7, 0x1ff, 0x5, 0xa]}}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x7, 0x1}, {0x1, 0x6}, {0x3, 0x9}, {0x1, 0x8}, {0x5, 0x9}, {0x4, 0x6}, {0x1}, {0x2, 0x6}]}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x6, 0x5}, {0x4}, {0x3, 0x1}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x86, 0x0, 0x8, 0x0, 0x458a, 0x2, 0x6b9e, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x6, 0x3, 0x8001, 0x6, 0xb, 0x4, 0xa71f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x84, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0xc, 0x76, 0x24, 0x12]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x0, 0x7, 0x3ff, 0x2, 0x4, 0x8, 0xf70e]}}]}, @NL80211_BAND_60GHZ={0x38, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0xb2, 0x4, 0x8, 0x9, 0xfc, 0x10, 0x1]}}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x1, 0x1, 0x48]}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}]}]}, 0xaf4}, 0x1, 0x0, 0x0, 0x800}, 0x50)
unshare(0x20000400)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r8, &(0x7f0000000180)={0xa, 0x5e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000002c0)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000000), 0x4)
connect$bt_l2cap(r7, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000080)={0x24, r4, 0x62c21a4ade68aba1, 0x70bd23, 0xfffffffd, {{0x32}, {@val={0x8, 0x117, 0x59}, @val={0x8}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x30, r4, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x4}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x10}], @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4854)
openat2(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x4241, 0xc5, 0x28}, 0x18)
setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)

1.422988921s ago: executing program 5 (id=14703):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='kfree\x00'}, 0x18)
r0 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0xb8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xc, 0x7}, 0x410, 0x2000000, 0x0, 0x4, 0x0, 0x0, 0x5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000180)='cpu=_0||!')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xfffffffffffffff8}, 0x18)
r2 = memfd_create(&(0x7f0000000480)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x03\x00\x00\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xcaX\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\xb1\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedP\xff\xff\xff\xff\xff\xff\xff\xef)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xb4Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x9b-\xe3\xe6R\xa2T\x1e\n!\xad$\x93c\xd3\"\xd6\xa1\xd6\xfc\v\x81\x9e\xc1\xb3T\n\xd9\xff\x18 \xf8\xc4\xef\xd2\xb0\xf8\x80\xb8\x1e\xb7fo\x1c\a\xc9\x1a!D\xde\xc6\xf1\x13\xc2F\xc44A\x1d\xb7\xe6\xfbB\xee4\xa1\xdf+\xa5\xb1\xc2\xfb\xc0\t\x15\x7fA{\xe0\xc7\xe0\x96\xc9\xe6\x8fk\xe6\x87;\x03\xff\xb0\x10\x10\x1e\x14\x99\xc7\xd5)\x8d\xc7\xf0\xfd\xe9d\xc9\xce\x85\x88\x88\xcd\xf6\xb2\xbf\xf8E\xe4\xd8\xd0\xe00\xbd\xc2M\xe7\x1b\xac\xc0\v\xb0\xfc\"\x12\x8d\xa5\x96\x10\xf3\x82~2\xa3[\xa4w]\n\xb1+\xac\bR&B\xebW0\xe2\xffBO9y\x8e\xb6\x03\x99\r', 0x3)
r3 = dup(r2)
write$binfmt_elf64(r3, &(0x7f0000000c00)=ANY=[@ANYBLOB="7f454c4606ff78a3050000000000000002003e00cd220000c9030000000000004000000000000000ea02000000000000020001000500380001000600b10600040300000081000000ff000000000000000900000000000000070000000000000009"], 0x178)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="c35b809d5800fbc31541aa035e45b1fcd354f1da200869f0570fe87f81ceed3168643c00fcb7bf81619eaeb1d63d042888975ead84da68bcc3aeb17b370a678813d809fea21cad88dd27f37da01c5c3fd3965349c76443652d1bb5b7f37d18c1e7d17a48e184597ce6ccd69826a2c7cb367a17c4b88590e7bb736d8fffae6a47bab0a093e6840ef66ee976e7dc3237d925290d6d5447f612c94d221194650adb3239ba2900fc654f4c1291cbaf3209ea733fef64fa46eb4f6b74fdd2f5"], 0x318c)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xf, "0040001e1d113c812e5d6000"})
r5 = syz_open_pts(r4, 0x0)
dup3(r5, r4, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000aa", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000008000fffa0000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r7, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x2}, 0x10, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = io_uring_setup(0x6720, &(0x7f0000000080)={0x0, 0x417e, 0x400, 0x3, 0xd4})
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400249, 0x0, r8}, &(0x7f0000000340)=<r9=>0x0, &(0x7f00000006c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYRESOCT=r10], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.28259198s ago: executing program 3 (id=14705):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f0000000580), 0x1, 0x4e8, &(0x7f00000005c0)="$eJzs3U9oVNsZAPDvTv5YY2LSUrHVFgItVrGdmESjQilmVRAtbS100T8Sk5iISSaYCagUahCLFCpddGFx1Y1ddBO6K9IiFB681Vu4eG8hCm/1njyfPHkuXOVxJ3d0jGPyYmLuY/z94DL3nEnmfHc+7p1zhnPPBPDW6o6IIxHRFBHFiOjM6gvZFpcWt/TvTvXPj6dbEgsLJx4lkUTE0f758eprJdnjluwFvpU+XInY2/xyuzMXLp4dmpgYPZeVe8qT0z0zFy7+6Mzk0Njo2OjUwMGDhw8dGDhweP2OdfP26ze//fdjd669M/fdbVuGJ9N427Pnao9jvXRHd/aetERH7RNJxKn1bixnX8s7AFbtk8LOW3nHAABsvELW92+u9P87oykWO+v37/72cWf8sS3v+AAAAIC1W1hoyh4BAACAxpUY+wMAAECDq84DONo/P17dNmruwYOfblRLvMrDwYjoWsx/9f7uxWean93T2/KG7u/9w9OI7uh48tFPvvH/dIs3dB82X03zH+YdAXlq3Z93BORpxy/yjoA8vXc17wi4NBcRt4/U6f8na+7ztS8pJ0vKxwfT/t9fZmrr9P/eHr88kXcE5OlnA3lHQJ5uPMo7Am4PRsS+et//FSrr91Vtjoi26tp+6+RQe/r5/+/7tXUvf/4XHqxjkyzxcDDixzVrO56qyX+mqykrdVS+KmxJTp+ZGN0XEVsjYne0bErLvcu00Ttw46/16r/zJM3/P5Pq93/plrZf/S4wi+NB86YX/29kqDy01uNm0cO5iB3N9fL/vP+fZLl+Xf8tXftzvfqBPZV1RXctn3/epIV/ROyqe/4/H60ly67P2lO5HPRULwp1/OuDz67Uq//+79P8n90j//lJz/+25fNfuf4/W693ZvVtXP7fzSf16p/eSvP/t0uvc/1vTX5VCbA1qzs/VC6f641oTY69XN+3+pgbVfX9qL5faf53f6/+53+1/5dk60J3RcTXX6PNuXvTd+rVXy+k+b/xO+d/ftL8j6xw/icvnP+r35l//4c/qNf2zqtp/rt+vfL5v78SzO6sRv9vZV82QXnHCQAAAAAAAMD6KFTu00kKxWf7hUKxuDjP95vRVpgozZT3ni7NTo0s3s/TFS2F6lSvzpr5oL3Z/JBquW9JuT+bO3K1c3OlXBwuTYzkffAAAADQ4Noj7v3m8n+2b3nF+D91tzPvKAEAAIC1SMf/HffaKst5fW6cDwAAAA0pHf8//tOn74bxPwAAADSs2vE/AAAA0Nh+fvx4ui1Uf/dvqjR25uz49OG+fcXJ2eHicOncdHGsVBqrrNg3ufLrTZRK0719MXu+pzw6U+6ZuXDx5GRpdqp8svK7sSdHWzbgmICVFbd+vC3vGAAAgI2zlt/1t2PHTqPu5H1lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLb4IAAD//wws/WY=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
writev(r1, &(0x7f0000000500)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd", 0x12}, {0x0}], 0x2)

1.20810144s ago: executing program 5 (id=14706):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
r4 = dup(r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)

1.20737158s ago: executing program 3 (id=14707):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
r3 = inotify_init()
ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, 0x0)
sendmmsg$inet(r1, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a000100000000000000000002100000fe020009001b000008001900", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c800}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r9, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000001c0), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
preadv2(r0, &(0x7f0000000180)=[{&(0x7f0000000340)=""/180, 0xb4}], 0x1, 0x1ff, 0x8, 0xd)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000600)={'macvtap0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r12, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800)
epoll_create1(0x80000)

1.161652916s ago: executing program 2 (id=14708):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000380)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x18) (async)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'gre0\x00', <r5=>0x0, 0x0, 0x10, 0xffffd4fe, 0x1, {{0x11, 0x4, 0x0, 0x5, 0x44, 0x68, 0xe, 0x8, 0x29, 0x0, @multicast2, @loopback, {[@noop, @ssrr={0x89, 0xf, 0x80, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100]}, @timestamp={0x44, 0x20, 0xd, 0x0, 0x8, [0x5, 0x100, 0x7f, 0xa, 0x6, 0x1, 0xff]}]}}}}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex=r5, r4, 0x15, 0x8, 0x0, @void, @value=r2}, 0x20) (async)
sendmsg$kcm(r0, &(0x7f0000000c40)={0x0, 0x2c, &(0x7f0000000140)=[{&(0x7f00000006c0)="d8000000180081064e81f782db4cb904021d0800fe007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x40000) (async, rerun: 64)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8) (async, rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', <r6=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x5, 0xe, &(0x7f0000001880)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x2010004}, 0x8, 0x10, &(0x7f0000000000)={0x4, 0x0, 0xd9}, 0x10}, 0x94)

1.146835078s ago: executing program 5 (id=14709):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4}, 0x10)
write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904ff81000000ff020002000a00000800040001600000", 0x24)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x0, 0x940c, 0x3002, 0x198, 0x2c0, 0x2d0, 0x3d8, 0x3d8, 0x2d0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1={0xfc, 0x1, '\x00', 0xfd}, [0xffffff00, 0xffffff00, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {}, {}, 0x84, 0x81, 0x2, 0x1d}, 0x0, 0x128, 0x198, 0x0, {}, [@common=@frag={{0x30}, {[0x6, 0x1], 0x3, 0x2, 0x3}}, @common=@inet=@multiport={{0x50}, {0x1, 0xff, [0x4e24, 0x4e22, 0x4e23, 0x4e22, 0x4e20, 0x4e20, 0x4e21, 0x4e22, 0x4e20, 0x4e20, 0x4e20, 0x4e24, 0x4e22, 0x4e22, 0x4e21], [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x10]}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x7, 0xdc2, 0x928, 0x0, 0x0, "1c59a670732d50c7f033f0b6c4b8596f856914e85955278e480b3bab5707a2e078aafb298de06807aa4238648a05398f6113975f6563cf084d58a79d1d7f5542"}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@dst={{0x48}, {0x7fff, 0x1, 0x0, [0x0, 0x7, 0x4, 0x7, 0x0, 0x9, 0x3, 0x7, 0x3, 0x1, 0x8, 0x1, 0x90, 0x9, 0x2, 0x8001], 0x3}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast1, 'ip6gre0\x00', {0x12}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r3)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000102, 0x0, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nouid32}]}, 0x5, 0x441, &(0x7f00000011c0)="$eJzs28tvG8UfAPDv2kn66zP5VeXRBxAoiIpH0qSl9MAFBBIHkJDgUI4hSatQt0FNkGgVQUCoHFEl7ogjEv8AnOCCgBMSV7ijShXKpYWT0dq7ie3aaZI62RR/PtK2M7tjzXw9O/bMThxAzxpO/0ki9kTE7xExWM82Fxiu/3draWHy76WFySSq1Tf/Smrlbi4tTOZF89ftzjN9EaVPkzjcpt65y1fOT1Qq05ey/Oj8hfdG5y5feXbmwsS56XPTF8dPnz55Yuz5U+PPdSXONK6bhz6cPXLw1bevvT555to7P3+T5PG3xNElw6tdfKJa7XJ1xdrbkE76CmwI61KuD9Por43/wSjHSucNxiufFNo4YFNVq9Xq/Z0vL1aB/7Akim4BUIz8iz5d/+bHFk09toUbL9YXQGnct7KjfqUvSlmZ/pb1bTcNR8SZxX++TI/YnOcQAABNvk/nP8+0m/+VovG50L5sD2UoIv4fEfsj4lREHIiI+yJqZR+IiAfXWX/rJsnt85/S9Q0Ftkbp/O+FbG+ref6Xz/5iqJzl9tbi70/OzlSmj2fvybHo35Hmx1ap44eXf/u807XG+V96pPXnc8GsHdf7djS/ZmpifuJuYm504+OIQ33t4k+WdwKSiDgYEYc2WMfMU18f6XTtzvGvogv7TNWvIp6s9/9itMSfS1bfnxz9X1Smj4/md8Xtfvn16hud6r+r+Lsg7f9dbe//5fiHksb92rn113H1j8/ar2n2bfz+H0jeajr3wcT8/KWxiIHktXqjG8+Pt5QbXymfxn/saPvxvz9W3onDEZHexA9FxMMR8UjWd49GxGMRcXSV+H966fF3O13bDv0/ta7+X0kMROuZ9ony+R+/a6p0aD3xp/1/spY6lp1Zy+ffWtq1sbsZAAAA7j2liNgTSWlkOV0qjYzU/4b/QOwqVWbn5p8+O/v+xan6bwSGor+UP+kabHgeOpYt6/P8eEv+RPbc+Ivyzlp+ZHK2MlV08NDjdncY/6k/y0W3Dth0fq8Fvcv4h95l/EPvMv6hd7UZ/zuLaAew9dp9/39UQDuArdcy/m37QQ+x/ofe1Tj+kwLbAWw93//Qk+Z2xp1/JN8DiYHt0Yx7KBGltRf+Nrvbim6zxNoTBX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMm/AQAA//8iOuPQ")
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbbbbbbbbbbbbb86dd672d5115000800fffc010000000000000000e7ff00000001ff02000000000000000000000000000132"], 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_FREE_STREAMS(r6, 0x8008551d, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x14, r4, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.114713732s ago: executing program 3 (id=14710):
iopl(0x3)

1.071153348s ago: executing program 2 (id=14711):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000740), 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

1.071002908s ago: executing program 3 (id=14712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
shutdown(r2, 0x2)
recvmmsg(r3, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/31, 0x1f}], 0x1, &(0x7f0000003780)=""/4078, 0xfee}, 0x404}], 0x1, 0x0, 0x0)

1.043581001s ago: executing program 5 (id=14713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f0016000600040050000600200003400300000000000000c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d48fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x8000)
r3 = socket$tipc(0x1e, 0x5, 0x0)
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f00000001c0)='cgroup.max.depth\x00', 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0x12)
sendfile(r7, r6, 0x0, 0x4)
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r8}, 0x18)
move_pages(0x0, 0x2, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f00000000c0), 0x0)
mlockall(0x7)
bind$tipc(r3, &(0x7f0000001800)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x4}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r9 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
fsmount(r9, 0x0, 0xf)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r9, 0x7, 0x0, 0x0, 0x0)

1.034686623s ago: executing program 3 (id=14714):
r0 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{0x0}], 0x1, 0x0)

1.017483125s ago: executing program 2 (id=14715):
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1f071f, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, @perf_config_ext={0x1, 0x9}, 0xa022, 0x4005, 0xb, 0x3, 0xfff, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {0x5, 0x6}, {0xd, 0x2}, {0x11, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/uevent_helper', 0x102, 0x21)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @generic={0xf0, 0x8, 0x2, 0xe, 0x10}]}, &(0x7f0000000180)='syzkaller\x00', 0x7, 0x4d, &(0x7f0000000200)=""/77, 0x40f00, 0x2a, '\x00', r2, 0x25, r3, 0x8, &(0x7f00000002c0)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x9, 0x0, 0x1}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x5, 0x3, 0xc, 0x7}, {0x0, 0x2, 0x1, 0x3}, {0x3, 0x3, 0x10, 0x5}], 0x10, 0x4}, 0x94)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x4)
r4 = socket(0xa, 0x3, 0x3a)
accept4$vsock_stream(r3, &(0x7f0000000440)={0x28, 0x0, 0x1, @host}, 0x10, 0x80000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_MPATH(r6, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16, @ANYBLOB="04002a0003200000000000000000000096218ed6bd9a08e51fc23277c20000", @ANYRES32=r7, @ANYBLOB="0c00990008000000730000000a001a0008021100000000000a00060008021100000000000a001a0008021100000100000a000600ffffffffffff00000a001a00ffffffffffff00000a00"], 0x70}, 0x1, 0x0, 0x0, 0x8000}, 0x48000)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000600)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000b40)={0xb48, r5, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x2, 0x6}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x70, 0x11d, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xa9}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x82}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc6d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xee}]}]}, @NL80211_ATTR_TID_CONFIG={0x2e0, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x1a8, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x77}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x174, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x58, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5abe, 0x4, 0x4, 0x3200, 0x1, 0x4, 0x8001, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0xe, 0x860a, 0xc, 0x4, 0x1, 0x101, 0x8]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x0, 0x5, 0x1, 0x8, 0x101, 0xfff2, 0x1]}}]}, @NL80211_BAND_5GHZ={0x60, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x18, 0x1, 0x2, 0x16, 0x18, 0x1, 0x24, 0x6, 0x6c, 0x4, 0x3, 0x24, 0x1, 0x2, 0x3, 0x0, 0xb, 0x1, 0x30, 0xb, 0x63, 0x60, 0x24, 0x5, 0x60, 0x5, 0xb, 0x6, 0x6c]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0xa0, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xf, 0xf001, 0x0, 0x4, 0xea8, 0x1, 0x1, 0xf6]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x3, 0x6c, 0xb, 0x30, 0x16, 0x6, 0x12, 0x36, 0x24, 0x24, 0x60, 0x17, 0x6c, 0x36, 0x18, 0x190db8df50304da9, 0x16, 0x6, 0x24, 0x30, 0xc, 0x1, 0x4cafbac07f947f3e, 0x4, 0x36, 0x1b, 0x9, 0x6b, 0x3]}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x20, 0x1, [0x6, 0x60, 0x6c, 0x16, 0x5, 0x60, 0x12, 0x18, 0x1b, 0x12, 0x60, 0xb, 0x48, 0x2, 0x4, 0xb, 0x24, 0x2, 0x48, 0x48, 0x30, 0xc, 0x6, 0x3, 0x30, 0xc, 0x6c, 0xf]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xde5, 0xb9, 0x5, 0x6, 0x200, 0x0, 0x8, 0x5]}}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}]}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x62}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xbc38}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x9}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x58}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xee}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7fffffff}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x56}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2ea}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x26}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x32}]}]}, @NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0x62c, 0x11d, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xeb}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xef}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfa}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4b}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1800000}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x5c4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x3a}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x2f4, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xcc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xc, 0x1, [0x3, 0x4, 0x1a, 0x30, 0x24, 0x6c, 0x48, 0x16]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x7, 0x9}, {0x6, 0x9}, {0x1, 0x5}, {0x4}, {0x5, 0x1}, {0x1, 0x4}, {0x3, 0xa}, {0x4, 0x2}, {0x1, 0x6}, {0x3, 0x4}, {0x4, 0x5}, {0x7, 0x7}, {}, {0x7, 0x3}, {0x0, 0x9}, {0x3}, {0x1, 0x8}, {0x7, 0x8}, {0x5}, {0x2, 0xa}, {0x4, 0x5}, {0x0, 0x6}, {0x4}, {0x2, 0x8}, {0x0, 0xa}, {0x4, 0x2}, {0x0, 0x6}, {0x7, 0x8}, {0x0, 0x9}, {0x7, 0x3}, {0x5, 0x5}, {0x0, 0x5}, {0x1, 0xa}, {0x4}, {0x5, 0x8}, {0x4, 0xa}, {0x0, 0x2}, {0x1, 0xa}, {0x6, 0x1}, {0x7, 0x1}]}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x7, 0x4}, {0x6, 0xa}, {0x4, 0x1}, {0x3, 0x7}, {0x7, 0x2}, {0x5, 0x7}, {0x4}, {0x7, 0x1}, {0x1}, {0x7, 0x3}, {0x7, 0x2}, {0x6, 0x9}, {0x2, 0x5}, {0x0, 0x6}, {0x0, 0x8}, {0x2, 0x3}, {0x5, 0x7}, {0x5, 0x4}, {0x3, 0x6}, {0x7, 0x8}, {0x1, 0x4}, {0x7}, {0x0, 0x7}, {0x4, 0x5}, {0x7, 0x6}, {0x1}, {0x0, 0x9}, {0x5, 0x1}, {0x7, 0x5}, {}, {0x4, 0x2}, {0x7, 0x7}, {0x7, 0x4}, {0x4, 0x1}, {0x7, 0x2}, {0x0, 0x2}, {0x6, 0x9}, {0x5, 0xa}, {0x0, 0x6}, {0x3, 0x3}, {0x2, 0xa}, {0x2, 0x6}, {0x4, 0x7}, {0x6, 0xa}, {0x7, 0x9}, {0x5, 0x1}, {0x6, 0x5}, {0x4}, {0x1, 0x1}, {0x6, 0x8}, {0x2, 0x2}, {0x5, 0x9}, {0x0, 0x8}, {0x3, 0x3}, {0x4}, {0x4, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x5, 0x0, 0x545, 0x2, 0x7, 0xd19, 0x6ce]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xddc3, 0x4, 0x7ff, 0x5, 0x4, 0xbd4b, 0x8, 0x1000]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7ff, 0x300, 0x1ff, 0xff, 0x520, 0xed3, 0xfffb, 0x24e9]}}]}, @NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7fff, 0x0, 0x0, 0x6, 0x7, 0x3, 0x7f]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HT={0x1a, 0x2, [{0x3, 0x1}, {0x5, 0x4}, {0x6, 0x1}, {0x5, 0x6}, {0x3, 0xa}, {0x4, 0x4}, {0x1, 0x3}, {0x6, 0x4}, {0x1, 0x8}, {0x0, 0xa}, {0x2, 0x8}, {0x0, 0x3}, {0x6, 0xa}, {0x3, 0x8}, {0x2, 0xa}, {0x0, 0x5}, {0x1, 0x2}, {0x1, 0x2}, {0x3, 0x5}, {0x6, 0x2}, {0x5, 0x2}, {0x2, 0x1}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffc, 0xfff9, 0x1, 0x5, 0x7, 0x7, 0x7, 0x1]}}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x0, 0x9, 0x8, 0x9, 0x3, 0x2, 0x9]}}]}, @NL80211_BAND_2GHZ={0x2c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x84, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x6, 0x1, [0x16, 0x5]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x2, 0x8}, {0x3, 0x8}, {0x2, 0x6}, {0x1, 0x9}, {0x5, 0x4}, {0x4, 0x1}, {0x5, 0x7}, {0x5}, {0x4, 0x5}, {0x1, 0x8}, {0x5, 0x4}, {0x1, 0x5}, {0x2}, {0x3, 0x7}, {0x0, 0x1}, {0x4, 0xa}, {0x4, 0x3}, {0x7, 0x2}, {0x5, 0x3}, {0x1, 0x6}, {0x0, 0x4}, {0x7, 0x9}, {0x0, 0x1}, {0x5, 0x8}, {0x5}, {0x4, 0x9}, {0x5}, {0x6, 0x6}, {0x0, 0x3}, {0x1, 0x7}, {0x3, 0xa}, {0x6, 0x9}, {0x4, 0x5}, {0x2, 0x9}, {0x6, 0x8}, {0x0, 0x6}, {0x3, 0xa}, {0x6, 0x5}, {0x0, 0x7}, {0x1, 0x6}, {0x5, 0xa}, {0x6, 0xa}, {0x7, 0x9}, {}, {0x6, 0xa}, {0x2, 0x3}, {0x2, 0x5}, {0x2, 0x4}, {0x1, 0x3}, {0x6, 0xa}, {0x7, 0x4}, {0x3, 0x4}, {0x0, 0x5}, {0x1, 0x7}, {0x7, 0x3}, {0x4, 0x2}, {0x1, 0x5}, {0x0, 0x6}, {0x4, 0x2}, {0x5, 0x6}, {0x1, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0xbe, 0x8, 0x8, 0xff, 0x5, 0x2, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x44, 0x2, [{0x0, 0x5}, {0x7}, {0x1, 0x7}, {0x4, 0x3}, {0x5, 0x4}, {0x3, 0x9}, {0x2, 0x9}, {0x4}, {0x0, 0x8}, {0x1, 0x8}, {0x5, 0x7}, {0x1, 0xa}, {0x4, 0x8}, {0x6, 0x7}, {0x2, 0x8}, {0x6, 0x9}, {0x1, 0x2}, {0x4}, {0x2, 0x9}, {0x1, 0x6}, {0x1, 0x6}, {0x6, 0x6}, {0x3, 0x4}, {0x1, 0x2}, {0x7}, {0x1, 0x3}, {0x6, 0x7}, {0x5, 0x7}, {0x6, 0x4}, {0x0, 0x7}, {0x6, 0x1}, {0x4, 0x9}, {0x2, 0x3}, {0x3, 0x3}, {0x3, 0x9}, {0x4, 0x6}, {0x4, 0x6}, {0x4}, {0x3, 0x1}, {0x0, 0x7}, {0x0, 0x7}, {0x1, 0xa}, {0x6, 0x1}, {0x1, 0x5}, {0x0, 0x6}, {0x4, 0x2}, {0x3, 0x8}, {0x3}, {0x2, 0x1}, {0x4, 0x7}, {0x2, 0x8}, {0x2, 0x8}, {0x1, 0x5}, {0x0, 0x6}, {0x1}, {0x4, 0x3}, {0x2, 0x9}, {0x0, 0x2}, {0x2, 0x4}, {0x4, 0xa}, {0x1, 0x1}, {0x4, 0x9}, {0x4, 0x8}, {0x5, 0x5}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x6, 0xffd0, 0x9, 0x401, 0xc, 0xfffc, 0x6]}}]}, @NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0xffff, 0x3, 0x0, 0x3ff, 0x7fff, 0x4, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x6c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0xd, 0x2, [{0x2}, {0x2, 0x2}, {0x4, 0x9}, {0x2, 0x5}, {0x3, 0x7}, {0x5, 0x1}, {0x7, 0xa}, {0x1, 0x3}, {0x5, 0x4}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x7dd3, 0xf318, 0x3, 0x9, 0x3, 0x4, 0xa]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x6, 0x48, 0x6, 0x18, 0x9, 0x48, 0x16, 0x36, 0x12, 0x12, 0x1b, 0x48, 0x36, 0x60, 0x30, 0x12, 0xc, 0x4, 0x6bc0b88371b17b73, 0x6, 0x12, 0x30, 0x30, 0x6, 0x6c, 0x3, 0x4]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2a0a, 0xe, 0xff, 0x8, 0x8, 0x7ff, 0x1, 0x401]}}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4e}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x8a}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x27c, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7, 0x8001, 0x4, 0x38b2, 0x9, 0x9, 0x0, 0xff65]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x2, 0x7f, 0x0, 0x60, 0x7, 0x5, 0x5e]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x91b, 0x5, 0xfff8, 0x1, 0x3a, 0x3, 0x3, 0xfffc]}}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x5, 0x60, 0x12, 0x1, 0x24, 0x18, 0x1b, 0x3, 0x16, 0x30, 0x6c, 0xc, 0x6c, 0x6, 0x6, 0x36]}]}, @NL80211_BAND_6GHZ={0x12c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x34, 0x2, [{0x5, 0x7}, {0x3, 0x1}, {0x2}, {0x2, 0x6}, {0x5, 0x7}, {}, {0x2, 0x2}, {0x5, 0x3}, {0x7, 0x6}, {0x6, 0x7}, {0x2, 0x1}, {0x2, 0xa}, {0x6, 0x5}, {0x4, 0x9}, {0x1}, {}, {0x4, 0x3}, {0x0, 0x2}, {0x7, 0x1}, {0x5, 0x2}, {0x2, 0x4}, {0x4, 0x7}, {0x4}, {0x4, 0x5}, {0x1, 0x6}, {0x2, 0x5}, {0x5, 0x3}, {0x2, 0xa}, {0x0, 0x8}, {0x1, 0x6}, {0x5, 0xa}, {0x3, 0x9}, {0x0, 0x4}, {0x1, 0x4}, {0x2, 0x7}, {0x6, 0x5}, {0x2, 0x1}, {0x6, 0x5}, {0x0, 0x8}, {0x6, 0x2}, {0x3, 0x4}, {0x1, 0x2}, {0x0, 0x5}, {0x5, 0x4}, {0x7, 0x1}, {0x4, 0xa}, {0x1, 0x7}, {0x6, 0x1}]}, @NL80211_TXRATE_HT={0x3c, 0x2, [{0x6, 0x4}, {0x4, 0x6}, {0x1, 0x7}, {0x2, 0x7}, {0x7}, {0x6}, {0x2, 0x4}, {0x7, 0x8}, {0x2, 0x3}, {0x5, 0xa}, {0x6, 0x5}, {0x4, 0xa}, {0x6, 0x6}, {0x6}, {0x3, 0x6}, {0x0, 0x5}, {0x0, 0x6}, {0x7, 0xa}, {0x6, 0x2}, {0x7, 0x1}, {0x7, 0x9}, {0x0, 0x8}, {0x7, 0x7}, {0x7, 0x7}, {0x1, 0x1}, {0x7, 0x8}, {0x4, 0x5}, {0x5, 0x9}, {0x3, 0x8}, {0x5}, {0x7, 0x5}, {0x6, 0x4}, {0x2, 0x7}, {0x0, 0x2}, {0x2, 0xa}, {0x0, 0x2}, {0x7, 0x3}, {0x0, 0x8}, {0x4, 0x7}, {0x7, 0x1}, {0x0, 0x1}, {0x0, 0x8}, {}, {0x1, 0xa}, {0x5, 0x4}, {0x0, 0x4}, {0x1, 0x9}, {0x7, 0x4}, {0x6, 0x8}, {0x1, 0x3}, {}, {0x3}, {0x4, 0xa}, {0x6, 0x5}, {0x6, 0x6}, {0x0, 0x9}]}, @NL80211_TXRATE_HT={0x30, 0x2, [{0x1, 0x7}, {0x6, 0xa}, {0x5, 0xa}, {0x7, 0xa}, {0x0, 0x9}, {0x0, 0xa}, {0x2, 0x3}, {0x3, 0x9}, {0x5, 0x7}, {0x1, 0xa}, {0x0, 0xa}, {0x5, 0x9}, {0x1}, {0x6, 0x2}, {0x5, 0xa}, {0x2, 0x7}, {0x4, 0x2}, {0x0, 0x5}, {0x1, 0x8}, {0x4, 0xa}, {0x3, 0x3}, {0x0, 0x5}, {0x7, 0x3}, {0x0, 0x7}, {}, {0x4}, {0x1, 0x7}, {0x5, 0x8}, {0x0, 0x6}, {0x1, 0x5}, {0x2, 0x4}, {0x2}, {0x5, 0x7}, {0x0, 0x9}, {0x1, 0x1}, {0x6, 0x6}, {0x1, 0x6}, {0x0, 0xa}, {0x0, 0x3}, {0x2, 0x5}, {0x4, 0x3}, {0x5, 0x5}, {0x1, 0x4}, {0x7, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x200, 0xa7c, 0x21e, 0x0, 0xd, 0x417, 0x519, 0x6]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x9, 0xe, 0x401, 0x3, 0xdc5d, 0x5b0c, 0x1, 0x1af2]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x1, 0x0, 0x5, 0x3, 0x1a, 0xc1]}}, @NL80211_TXRATE_HT={0x1d, 0x2, [{0x7, 0x9}, {0x1, 0x4}, {0x7, 0xa}, {0x3, 0x6}, {0x1, 0x8}, {0x7, 0x4}, {0x2, 0x9}, {0x3, 0x9}, {0x2, 0x3}, {0x5, 0x2}, {0x4, 0x2}, {0x0, 0xa}, {}, {0x4, 0x4}, {0x3, 0x8}, {0x7, 0x4}, {0x0, 0x5}, {0x7, 0x2}, {0x5, 0x4}, {0x7, 0x6}, {0x6, 0x4}, {0x1, 0x9}, {0x0, 0x3}, {0x7}, {0x3, 0x1}]}, @NL80211_TXRATE_LEGACY={0x22, 0x1, [0x30, 0x1, 0x60, 0xd, 0x32, 0x24, 0xb, 0xc, 0x18, 0x24, 0x5, 0x5, 0x1, 0x30, 0x24, 0x48, 0xc, 0x24, 0x48, 0x6, 0x18, 0x30, 0x1, 0x5, 0x9, 0xb, 0x3, 0x5, 0x32, 0xc]}]}, @NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x460a, 0x8, 0x5, 0x7, 0x3, 0xb, 0x0, 0x7]}}]}, @NL80211_BAND_60GHZ={0x64, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x3, 0x3}, {0x7, 0x4}, {0x7, 0x4}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6cc5, 0x4, 0x7fff, 0x0, 0x1, 0x100, 0x9, 0xfffe]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xd, 0xb18, 0x7, 0x2, 0x6, 0x9, 0xe, 0x3]}}, @NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xfb18, 0x0, 0x8, 0x7, 0x831, 0x791, 0x6, 0x6bf9]}}]}, @NL80211_BAND_60GHZ={0x28, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x9, 0xb4, 0x40, 0xffff, 0x2, 0x26c6, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x54, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xb3, 0x8, 0x6, 0x9, 0x9, 0x0, 0x8, 0x7]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x5, 0x2, [{0x1, 0xa}]}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x101, 0x3, 0x0, 0x5, 0x6, 0x3ff, 0xffff, 0x10]}}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xe8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}]}]}, @NL80211_ATTR_TID_CONFIG={0x184, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xbe}]}, {0x16c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x84, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x723, 0xf, 0x1, 0xfba7, 0x1ff, 0x5, 0xa]}}, @NL80211_TXRATE_HT={0xc, 0x2, [{0x7, 0x1}, {0x1, 0x6}, {0x3, 0x9}, {0x1, 0x8}, {0x5, 0x9}, {0x4, 0x6}, {0x1}, {0x2, 0x6}]}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x7, 0x2, [{0x6, 0x5}, {0x4}, {0x3, 0x1}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x86, 0x0, 0x8, 0x0, 0x458a, 0x2, 0x6b9e, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x6, 0x3, 0x8001, 0x6, 0xb, 0x4, 0xa71f]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xcc, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x48, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0xc, 0x76, 0x24, 0x12]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x0, 0x7, 0x3ff, 0x2, 0x4, 0x8, 0xf70e]}}]}, @NL80211_BAND_60GHZ={0x80, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3e, 0x2, [{0x0, 0x1}, {0x5, 0x2}, {0x5, 0x8}, {0x5, 0x4}, {0x2, 0x1}, {0x0, 0x2}, {0x2, 0x9}, {0x1}, {0x2, 0xa}, {0x7, 0x1}, {0x7, 0x1}, {0x0, 0x7}, {0x4, 0x2}, {0x5, 0x3}, {0x2, 0x7}, {0x5, 0x6}, {0x6, 0x9}, {0x7}, {0x1, 0x1}, {0x7, 0x1}, {0x6, 0x4}, {0x0, 0x5}, {0x4}, {0x2, 0x5}, {0x1, 0x2}, {0x4, 0x5}, {0x4, 0x5}, {0x2, 0x4}, {0x3, 0x6}, {0x0, 0x1}, {0x2, 0x4}, {0x6, 0xa}, {0x1}, {0x4, 0x5}, {0x2, 0x9}, {0x2, 0x5}, {0x6, 0x7}, {0x7, 0x2}, {0x7, 0x7}, {0x6, 0x1}, {}, {0x3, 0x2}, {0x7, 0x2}, {0x3, 0x5}, {0x7, 0x4}, {0x5, 0x2}, {0x1, 0x1}, {0x0, 0x8}, {0x0, 0x3}, {0x3, 0x8}, {0x2, 0x1}, {0x2, 0x3}, {0x0, 0x6}, {0x1}, {0x1, 0x2}, {0x3, 0x7}, {0x0, 0x5}, {0x2, 0x8}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0xb2, 0x4, 0x8, 0x9, 0xfc, 0x10, 0x1]}}, @NL80211_TXRATE_LEGACY={0xf, 0x1, [0x16, 0x3a, 0x6, 0x12, 0x24, 0x3, 0xc, 0x18, 0xc, 0x0, 0x16]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x1, 0x1, 0x48]}, @NL80211_TXRATE_HE_LTF={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}]}]}, 0xb48}, 0x1, 0x0, 0x0, 0x800}, 0x50)
unshare(0x20000400)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x5e21, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f00000002c0)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r9, 0x6, 0x13, &(0x7f0000000000), 0x4)
connect$bt_l2cap(r8, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000080)={0x24, r5, 0x62c21a4ade68aba1, 0x70bd23, 0xfffffffd, {{0x32}, {@val={0x8, 0x117, 0x59}, @val={0x8}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x30, r5, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x4}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x10}], @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4854)
openat2(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x4241, 0xc5, 0x28}, 0x18)
setsockopt$MRT6_ADD_MIF(r4, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)

919.007558ms ago: executing program 3 (id=14717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = getgid()
lchown(0x0, 0x0, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x20000010)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a31000000000500010007"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
syz_pidfd_open(0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r7}, &(0x7f0000000100), &(0x7f0000000200)=r8}, 0x20)
fchownat(r8, &(0x7f0000002680)='./file0\x00', 0x0, r1, 0x800)
statx(0xffffffffffffffff, 0x0, 0x2000, 0x10, &(0x7f0000000780))
ptrace$ARCH_SET_GS(0x1e, 0x0, 0x0, 0x1001)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r9, 0x0, r10, 0x0, 0x7, 0x9)
clock_gettime(0x0, &(0x7f0000003980)={<r11=>0x0, <r12=>0x0})
recvmmsg(r9, &(0x7f0000003840)=[{{&(0x7f0000000000)=@ax25={{0x3, @rose}, [@netrom, @netrom, @default, @netrom, @netrom, @rose, @rose]}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000080)=""/203, 0xcb}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000180)=""/33, 0x21}, {&(0x7f00000001c0)=""/132, 0x84}], 0x4, &(0x7f00000002c0)=""/240, 0xf0}, 0x9}, {{&(0x7f0000000580)=@nfc_llcp, 0x80, &(0x7f0000000480)=[{&(0x7f0000000600)=""/144, 0x90}, {&(0x7f00000006c0)=""/164, 0xa4}, {&(0x7f0000000400)=""/44, 0x2c}], 0x3, &(0x7f0000001880)=""/138, 0x8a}, 0x7}, {{&(0x7f0000001940)=@xdp, 0x80, &(0x7f0000001d00)=[{&(0x7f00000019c0)=""/207, 0xcf}, {&(0x7f0000001ac0)=""/144, 0x90}, {&(0x7f0000001b80)=""/217, 0xd9}, {&(0x7f0000001c80)=""/109, 0x6d}], 0x4, &(0x7f0000001d40)=""/155, 0x9b}}, {{&(0x7f0000001e00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000002340)=[{&(0x7f0000001e80)=""/111, 0x6f}, {&(0x7f0000001f00)=""/196, 0xc4}, {&(0x7f0000002000)=""/68, 0x44}, {&(0x7f0000002080)=""/203, 0xcb}, {&(0x7f0000002180)=""/28, 0x1c}, {&(0x7f00000021c0)=""/105, 0x69}, {&(0x7f0000002240)=""/199, 0xc7}], 0x7, &(0x7f00000023c0)=""/200, 0xc8}}, {{&(0x7f00000024c0)=@nl=@proc, 0x80, &(0x7f00000037c0)=[{&(0x7f0000002540)=""/214, 0xd6}, {&(0x7f0000002640)=""/9, 0x9}, {&(0x7f0000002680)}, {&(0x7f00000026c0)=""/202, 0xca}, {&(0x7f00000027c0)=""/4096, 0x1000}], 0x5}, 0xfffffff8}], 0x5, 0x100, &(0x7f00000039c0)={r11, r12+10000000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r0, 0x0, 0xffffffffffff8001}, 0x18)

880.735713ms ago: executing program 2 (id=14718):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3d, &(0x7f0000000040)={0x0, 0x0})
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, 0x0)
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffffff91, 0xfffffffffffffff8}, 0x126a0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x7ff, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000500)='\t!=&\x00\xaeH\xfc\xf7\xf7\xd4\x1c\x94\xcb\r^\xd6<\xda9\xdc\xac(\x8cj\x13hk\xfc\xa8\v#)\xddk\x93\x12\xbfh\x95\xb9\xb7-:\xebr\xf2%\xaf\x8fH\x89MO\xf7\xbe\x1b\xd7\xd7S\b\x00\x00\x00\x00\x00\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x8}, 0x18)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r5 = geteuid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
quotactl_fd$Q_GETINFO(r4, 0xffffffff80000502, r5, &(0x7f0000000100))
sendmsg$inet6(r3, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x5b0}, 0x20008001)
sendmsg$inet6(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000022c0)="3b9eccc918ce8c50894cb802b04e9492b64a02d85d3ed05eac49318868ad13e4fa9e2f1b165dfcc79e43ed30bb0c212bebb71afc79347f2f1a90e936a487e1ce171789626d34ffa8e3b4415ad869955133f81fab7f450d7ef6df7bf6a16cc39fd78e88662ffd1c3b31ffe836682b1ad9c331a068a75d12fd346d77f5cdacee9fee2203a321c260b0b5fdc8b5d7d43148f4b0fb550dd9d8746f0a0444cfa52af90a966921f9cb48b0c99727166a2f59c12dae2fcc4d891258bd723b5fd1fcb4cb219c87fadebe2582802ef18165f5ff67ba0d4eb4d3ef1f80ba9dff1a74dd5874b3d8017ff61b5174d9660e54f2b5f94f29f6665567b2ca6d0549a500a428ce29b197f754f8e3b6c7dc21260ce97551074886667837db75c9a21cdf92b14dcb2e1f997bab3bf1902b8d8e9eb238c021fdbe48675473dac385e2fada25f767ce5e7576c2dc496841123c81314f100e0648405f0ca9b5aa012d9316f3945e613aba10d1fbc2917143ed606c5513394343c9fac6f95ee678031ba5f4a81d8c2ae0d31c5711c91845f07b0add2bb4bd0f700217044582adf1850b0af5f04b63906918b7312fc3a800d67d8293604321633c41153f83662b2cbec354cf9c33e9eaa8ab2c5e4d86f82d379e98ad8d749595829b548ad77596448bf718c5e52a7dac04f62fde8ab1cc55ee5b6fd57327c8e678c1c8f9b8c235c132faffc553d54253f67d40075d91b7abaa303e5844ee31871fcdded3d8de8df952ae53e60d73e57267117129a4b42df34faa3287bb1c475d9ef904b7a4d33f1f8014e59905c3dc145e3974d71487ce05c9149fb4f9788ef0f519151d82391d783df5753819a0d967d842e60d28257741fb8b794b18a4e2f2f4f10412aa580062d0ef3691f4bdc14d283d672ae10fbbe23fa15f9225642aad56cc8a36538afe97750a0bf313cf3b9fdd881aa067b3b6ad9a69c04b50c9b4f8e29c11d7dcaf08b57ecd5cfd8a01b0e50313d09ea6b3634867f0c23c06055e04c36bddcdc6", 0x2d3}], 0x1}, 0x20000044)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private2, @in, 0x4e21, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x0, 0x33}, {0xffff, 0x4, 0x0, 0x0, 0x80000001, 0x6, 0x1000000, 0x80000000}, {0x800, 0x0, 0x6, 0xffffffffffffffff}, 0x9, 0x200000, 0x0, 0x0, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x2b}, 0x0, @in6=@mcast1, 0x0, 0x3}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)

862.686256ms ago: executing program 5 (id=14719):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r3, 0x0, 0x100000000}, 0x18)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x9)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={<r4=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r4, 0x3fc}}, 0x48)

797.031934ms ago: executing program 1 (id=14720):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
r3 = inotify_init()
ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, 0x0)
sendmmsg$inet(r1, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a000100000000000000000002100000fe020009001b000008001900", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c800}, 0x10)
r6 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r9, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x8, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000001c0), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
preadv2(r0, &(0x7f0000000180)=[{&(0x7f0000000340)=""/180, 0xb4}], 0x1, 0x1ff, 0x8, 0xd)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000600)={'macvtap0\x00', <r12=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r12, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800)
epoll_create1(0x80000)

715.533565ms ago: executing program 1 (id=14722):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='8\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdff80100000006000a004e24000014000900fe880000000000000000000000000001050002000a"], 0x38}, 0x1, 0x0, 0x0, 0x8000000}, 0x800) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bond0\x00', <r3=>0x0})
r4 = socket$inet6(0xa, 0x2, 0x0) (async)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x2, {0x0, 0x0, 0x0, r6, 0x50483}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_IGMP_VERSION={0x5, 0x2b, 0x3}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) (async)
sendmmsg$inet(r4, &(0x7f0000000880)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x60, r2, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_TYPE={0x5}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @rand_addr=0x64010100}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}, @FOU_ATTR_PEER_V6={0x14, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}}, @FOU_ATTR_IPPROTO={0x5}, @FOU_ATTR_IFINDEX={0x8, 0xb, r3}, @FOU_ATTR_IFINDEX={0x8, 0xb, r6}]}, 0x60}, 0x1, 0x0, 0x0, 0x840}, 0x40000) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="7959100800080000000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x16c, &(0x7f00000004c0)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x15a, 0x2, 0x1, 0xa, 0x30, 0xd, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x0, 0x401, 0xa}, {0x6, 0x24, 0x1a, 0x3, 0x10}, [@mdlm_detail={0xe3, 0x24, 0x13, 0x1c, "60e7a1c4e55f70eb70629619d93468994b97f815af8a223249a18887d415588808cc570b166900a3f7546d4acbb24b60e6a97e5e3778be70783acdb6efa71bc919b6894e709bf616f3e866e1fd104f2008672843e47435a1076dffdadf2d1c1cd6409caeb6d223606b4cf3ab1a9cda24b487fb63802d263dd0538f7fb4d1aaa0f5d1b98baf3d7ced6735ccda0df8061fb462259c7808b5bd064e87ba84526743a7c8c2966bee9b272302f8302ab08c8152d12698b58d9322f863b11b8f615a11fae1651a398d3caef75f0b2afc06d55c4731726a89b41b101d9f3527eb37b4"}, @dmm={0x7, 0x24, 0x14, 0x5, 0x7}, @acm={0x4, 0x24, 0x2, 0x9}, @mbim={0xc, 0x24, 0x1b, 0x32d, 0x2, 0xf7, 0x4, 0x7, 0x3}, @acm={0x4, 0x24, 0x2, 0x6}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x9, 0xe4}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x60, 0xee}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x9, 0x8}}}}}}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x1, 0x5, 0xc, 0x20, 0xfa}, 0x51, &(0x7f0000000380)={0x5, 0xf, 0x51, 0x2, [@generic={0x49, 0x10, 0x3, "f58b38c3a80d9a9e3d41fc48920c4ed4636106b6bd97a460ba2a7150bff98ec93a8b9c7211bdfa087242db56fd651116b7b6675a238b90ae03cebf6b34e510237d967a562199"}, @ptm_cap={0x3}]}, 0x1, [{0x9b, &(0x7f00000008c0)=@string={0x9b, 0x3, "464aa2a0de2f48ecfbf6308d3d7f72d73fbd48b941671407b0bfb13793e53d72ad60cd8f778c0a9c827ac655b7928c63bea49a0e5794874235846414660d3e3db6e702d8ea744aa99710d39918a8af95b95e20f8cb49d0a6454ec55b4b522fe5275142dc674bb3088e1e51b4a66cc125bdd6b103cc2f895874dacb90ae9e09bee769ec965997c23787938173d196b1533bf190c1232ee1d84b"}}]})

537.512039ms ago: executing program 4 (id=14724):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
shutdown(r2, 0x2)
recvmmsg(r3, &(0x7f0000003740)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/31, 0x1f}], 0x1, &(0x7f0000003780)=""/4078, 0xfee}, 0x404}], 0x1, 0x0, 0x0)

499.009664ms ago: executing program 4 (id=14725):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000740), 0x75, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

395.165808ms ago: executing program 4 (id=14726):
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = socket(0x10, 0x803, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf22}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000180)=@udp=r3}, 0x20)
lgetxattr(0x0, 0x0, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000100)=@name={0x1e, 0x2, 0x1, {{0x42}}}, 0x10)
r6 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0xb)
fchdir(r7)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r8, 0x104, 0x0)
getdents64(r8, 0x0, 0x1d)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r10}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r11, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)

199.733413ms ago: executing program 4 (id=14727):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x208004, 0x21fffc, 0xc, 0x0, 0x2, 0xfffffffe})
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

43.134974ms ago: executing program 4 (id=14728):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x100000001}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180800000000000000000000000000008510000003000000180000000000000000000000000000009500000000000000bfa000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0xb, 0x0, 0x0, 0xb6df4c32c1d5c814, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

42.991204ms ago: executing program 1 (id=14729):
syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000001200)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e01"], 0x1, 0x11ce, &(0x7f0000002440)="$eJzs3V9Ls3UYB/BLH/doM83+WXrSjzqpk5v0oKNOJBSiQZGuqCC4xVljaxu7d7BJkNBZR72O6LCzIHoDvotOQoKoE49a6ExTDDPSPeDnc7JrfO+LXReDwT32Y4evf/1ZY7fIdvNeTE5MxFSnFOkoRYrJeBAj+/HKlxu/f7X58PR5ShtrWyuvpZTmX/jho8+/ffHH3ux7381/Px0HCx8f/rr608HiwdLhH1uf1otUL1Kr3Ut52m63e/l2s5Z26kUjS+mdZi0vaqneKmrdC/lus93pDFLe2pkrd7q1okh5a5AatUHqtVOvO0j5J3m9lbIsS3Pl4LLhcDj84l9eW/3maDgcHveU4uFJ52NRjtl4POZiPp6IhXgynoqn45l4NhbjuXg+lk6uuuUVAAAAAAAAAAAAAAAAAAAA4J5x/h8AAAAAAAAAAAAAAAAAAADG70bn/0vHHc7/AwAAAAAAAAAAAAAAAAAAwP/N//8DAAAAAAAAAAAAAAAAAADA+G1+8OFba5XK+rspzUT8st+v9qujx1G+8WZl/dV0YuG867d+v/rgLF8Z5eliPh3l03z1ynwmXn5plB9nb7xduZQvx87trw8AAAD3QpbOXHl/n2X/lI+qv30/cOn+fSqWp656xZnbWoX/oBjsNfJms9YtBqW/ir2xFROnU415DIXi+uLn9yNu3jX5aAx/fTHmDybuxPmbPu5JAAAAAAAAAAAAuIm7+DnhuHcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAP9mBYwEAAAAAYf7WaXRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVwUAAP//GASTNA==")
lsetxattr(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='b['], 0x0, 0x0, 0x3)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

0s ago: executing program 4 (id=14730):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000100)={0x0, &(0x7f00000000c0)})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x100000001}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) (fail_nth: 3)

kernel console output (not intermixed with test programs):

T11452] Tainted: [W]=WARN
[  842.888489][T11452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  842.888500][T11452] Call Trace:
[  842.888507][T11452]  <TASK>
[  842.888515][T11452]  __dump_stack+0x1d/0x30
[  842.888544][T11452]  dump_stack_lvl+0x95/0xd0
[  842.888565][T11452]  dump_stack+0x15/0x1b
[  842.888582][T11452]  should_fail_ex+0x265/0x280
[  842.888653][T11452]  should_fail+0xb/0x20
[  842.888670][T11452]  should_fail_usercopy+0x1a/0x20
[  842.888690][T11452]  _copy_from_user+0x1c/0xb0
[  842.888721][T11452]  memdup_user+0x5e/0xd0
[  842.888822][T11452]  strndup_user+0x68/0xb0
[  842.888841][T11452]  __se_sys_mount+0x4d/0x2e0
[  842.888942][T11452]  ? schedule+0x5f/0xd0
[  842.888964][T11452]  ? exit_to_user_mode_loop+0xf1/0x740
[  842.889014][T11452]  __x64_sys_mount+0x67/0x80
[  842.889039][T11452]  x64_sys_call+0x2cca/0x3000
[  842.889065][T11452]  do_syscall_64+0xca/0x2b0
[  842.889097][T11452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.889193][T11452] RIP: 0033:0x7f21ee65f749
[  842.889207][T11452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  842.889223][T11452] RSP: 002b:00007f21ed085038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  842.889240][T11452] RAX: ffffffffffffffda RBX: 00007f21ee8b6180 RCX: 00007f21ee65f749
[  842.889251][T11452] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  842.889339][T11452] RBP: 00007f21ed085090 R08: 0000200000000340 R09: 0000000000000000
[  842.889361][T11452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  842.889376][T11452] R13: 00007f21ee8b6218 R14: 00007f21ee8b6180 R15: 00007ffe78135a08
[  842.889401][T11452]  </TASK>
[  843.338307][T11468] xt_hashlimit: max too large, truncated to 1048576
[  843.687549][T11509] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.763149][T11509] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.805468][T11517] xt_connbytes: Forcing CT accounting to be enabled
[  843.820717][T11509] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.836464][T11511] 9pnet_fd: Insufficient options for proto=fd
[  843.924852][T11509] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.957551][T11525] FAULT_INJECTION: forcing a failure.
[  843.957551][T11525] name failslab, interval 1, probability 0, space 0, times 0
[  843.970293][T11525] CPU: 1 UID: 0 PID: 11525 Comm: syz.3.13950 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  843.970425][T11525] Tainted: [W]=WARN
[  843.970432][T11525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  843.970445][T11525] Call Trace:
[  843.970453][T11525]  <TASK>
[  843.970462][T11525]  __dump_stack+0x1d/0x30
[  843.970491][T11525]  dump_stack_lvl+0x95/0xd0
[  843.970518][T11525]  dump_stack+0x15/0x1b
[  843.970569][T11525]  should_fail_ex+0x265/0x280
[  843.970590][T11525]  should_failslab+0x8c/0xb0
[  843.970609][T11525]  __kmalloc_node_track_caller_noprof+0xb9/0x5b0
[  843.970636][T11525]  ? sidtab_sid2str_get+0xa0/0x130
[  843.970719][T11525]  kmemdup_noprof+0x2b/0x70
[  843.970752][T11525]  sidtab_sid2str_get+0xa0/0x130
[  843.970781][T11525]  security_sid_to_context_core+0x1eb/0x2e0
[  843.970828][T11525]  security_sid_to_context+0x27/0x40
[  843.970862][T11525]  avc_audit_post_callback+0x9d/0x520
[  843.970900][T11525]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  843.970934][T11525]  common_lsm_audit+0x1bb/0x230
[  843.970988][T11525]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  843.971055][T11525]  ? avc_denied+0xe4/0x100
[  843.971094][T11525]  slow_avc_audit+0x104/0x140
[  843.971151][T11525]  avc_has_perm+0x13a/0x180
[  843.971177][T11525]  selinux_inode_setxattr+0x473/0x6d0
[  843.971264][T11525]  security_inode_setxattr+0x13a/0x1b0
[  843.971298][T11525]  __vfs_setxattr_locked+0x83/0x1c0
[  843.971410][T11525]  vfs_setxattr+0x132/0x270
[  843.971479][T11525]  file_setxattr+0x139/0x1b0
[  843.971509][T11525]  path_setxattrat+0x290/0x310
[  843.971618][T11525]  __x64_sys_fsetxattr+0x6b/0x80
[  843.971737][T11525]  x64_sys_call+0x23c4/0x3000
[  843.971788][T11525]  do_syscall_64+0xca/0x2b0
[  843.971831][T11525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.971855][T11525] RIP: 0033:0x7f9ccb11f749
[  843.971872][T11525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.971981][T11525] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  843.971998][T11525] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  843.972045][T11525] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000000000000005
[  843.972060][T11525] RBP: 00007f9cc9b7f090 R08: 0000000000000000 R09: 0000000000000000
[  843.972075][T11525] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[  843.972089][T11525] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  843.972113][T11525]  </TASK>
[  844.251033][ T2399] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  844.265952][ T2399] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  844.285219][ T2399] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  844.294083][ T2399] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  844.386045][T11540] lo speed is unknown, defaulting to 1000
[  844.394498][T11540] wg1 speed is unknown, defaulting to 1000
[  845.446789][T11601] siw: device registration error -23
[  845.477505][T11613] __nla_validate_parse: 26 callbacks suppressed
[  845.477520][T11613] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.492253][T11613] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.503130][T11613] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.540988][T11616] netlink: 'syz.4.13986': attribute type 10 has an invalid length.
[  845.549256][T11616] dummy0: left promiscuous mode
[  845.554161][T11616] dummy0: left allmulticast mode
[  845.560157][T11616] dummy0: entered promiscuous mode
[  845.565523][T11616] dummy0: entered allmulticast mode
[  845.571233][T11616] team0: Port device dummy0 added
[  845.654652][T11618] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=11618 comm=syz.1.13987
[  845.684408][T11618] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11618 comm=syz.1.13987
[  845.731925][T11635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13992'.
[  845.832286][T11648] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.840722][T11648] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.849203][T11648] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.903228][T11650] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.911664][T11650] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  845.920069][T11650] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  846.396677][   T36] hid-generic 0000:0000:0000.005C: unknown main item tag 0x0
[  846.413772][   T36] hid-generic 0000:0000:0000.005C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  846.491760][T11686] syzkaller0: entered promiscuous mode
[  846.497270][T11686] syzkaller0: entered allmulticast mode
[  846.503855][T11684] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  846.512253][T11686] 0: reclassify loop, rule prio 0, protocol 700
[  846.731294][T11696] FAULT_INJECTION: forcing a failure.
[  846.731294][T11696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  846.744581][T11696] CPU: 0 UID: 0 PID: 11696 Comm: syz.1.14014 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  846.744614][T11696] Tainted: [W]=WARN
[  846.744621][T11696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  846.744632][T11696] Call Trace:
[  846.744638][T11696]  <TASK>
[  846.744645][T11696]  __dump_stack+0x1d/0x30
[  846.744666][T11696]  dump_stack_lvl+0x95/0xd0
[  846.744762][T11696]  dump_stack+0x15/0x1b
[  846.744816][T11696]  should_fail_ex+0x265/0x280
[  846.744841][T11696]  should_fail+0xb/0x20
[  846.744861][T11696]  should_fail_usercopy+0x1a/0x20
[  846.744888][T11696]  _copy_from_user+0x1c/0xb0
[  846.744991][T11696]  __se_sys_mount+0x10d/0x2e0
[  846.745016][T11696]  ? fput+0x8f/0xc0
[  846.745057][T11696]  ? ksys_write+0x192/0x1a0
[  846.745078][T11696]  __x64_sys_mount+0x67/0x80
[  846.745165][T11696]  x64_sys_call+0x2cca/0x3000
[  846.745199][T11696]  do_syscall_64+0xca/0x2b0
[  846.745236][T11696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.745303][T11696] RIP: 0033:0x7ff87181f749
[  846.745320][T11696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.745342][T11696] RSP: 002b:00007ff870287038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  846.745364][T11696] RAX: ffffffffffffffda RBX: 00007ff871a75fa0 RCX: 00007ff87181f749
[  846.745404][T11696] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000
[  846.745419][T11696] RBP: 00007ff870287090 R08: 0000200000000300 R09: 0000000000000000
[  846.745433][T11696] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001
[  846.745448][T11696] R13: 00007ff871a76038 R14: 00007ff871a75fa0 R15: 00007ffc0303a128
[  846.745471][T11696]  </TASK>
[  846.777108][   T36] kernel read not supported for file /vcs (pid: 36 comm: kworker/1:1)
[  846.939122][   T29] kauditd_printk_skb: 2615 callbacks suppressed
[  846.939139][   T29] audit: type=1326 audit(1768205409.816:255250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  846.969193][   T29] audit: type=1326 audit(1768205409.816:255251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  846.992943][   T29] audit: type=1326 audit(1768205409.816:255252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.016766][   T29] audit: type=1326 audit(1768205409.816:255253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.040644][   T29] audit: type=1326 audit(1768205409.816:255254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.064537][   T29] audit: type=1326 audit(1768205409.816:255255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.088336][   T29] audit: type=1326 audit(1768205409.816:255256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.112155][   T29] audit: type=1326 audit(1768205409.816:255257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7fe47065e7 code=0x7ffc0000
[  847.135834][   T29] audit: type=1326 audit(1768205409.816:255258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7fe46ab829 code=0x7ffc0000
[  847.159551][   T29] audit: type=1326 audit(1768205409.816:255259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11701 comm="syz.4.14017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  847.214310][T11708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=11708 comm=syz.3.14019
[  847.244269][T11708] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11708 comm=syz.3.14019
[  847.400686][T11727] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  847.534530][T11737] siw: device registration error -23
[  847.684463][T11742] netlink: 'syz.4.14030': attribute type 13 has an invalid length.
[  847.924730][T11747] netlink: 'syz.3.14032': attribute type 13 has an invalid length.
[  848.375316][T11773] lo speed is unknown, defaulting to 1000
[  848.381654][T11773] wg1 speed is unknown, defaulting to 1000
[  848.513116][T11775] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=11775 comm=syz.2.14043
[  848.540766][T11775] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11775 comm=syz.2.14043
[  848.711162][T11793] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11793 comm=syz.4.14047
[  849.208591][T11825] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11825 comm=syz.1.14058
[  849.333616][T11840] netlink: 'syz.2.14065': attribute type 1 has an invalid length.
[  849.415695][T11847] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  849.487611][T11857] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11857 comm=syz.5.14070
[  849.631966][ T3420] hid (null): report_id 3804673681 is invalid
[  849.638201][ T3420] hid (null): global environment stack underflow
[  849.644592][ T3420] hid (null): report_id 0 is invalid
[  849.649913][ T3420] hid (null): invalid report_size 11153
[  849.655628][ T3420] hid (null): unknown global tag 0xe
[  849.660960][ T3420] hid (null): unknown global tag 0xc2
[  849.665022][T11861] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=11861 comm=syz.5.14072
[  849.666452][ T3420] hid (null): unknown global tag 0xe
[  849.688913][ T3420] hid-generic 0002:0400:01F0.005D: report_id 3804673681 is invalid
[  849.696881][ T3420] hid-generic 0002:0400:01F0.005D: item 0 4 1 8 parsing failed
[  849.704882][ T3420] hid-generic 0002:0400:01F0.005D: probe with driver hid-generic failed with error -22
[  849.793930][T11876] lo speed is unknown, defaulting to 1000
[  849.800076][T11876] wg1 speed is unknown, defaulting to 1000
[  850.307411][T11883] lo speed is unknown, defaulting to 1000
[  850.313632][T11883] wg1 speed is unknown, defaulting to 1000
[  850.497306][T11895] __nla_validate_parse: 23 callbacks suppressed
[  850.497324][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14082'.
[  850.614676][T11905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14085'.
[  850.625634][T11905] netlink: 87 bytes leftover after parsing attributes in process `syz.2.14085'.
[  850.635033][T11905] siw: device registration error -23
[  850.752411][T11913] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14088'.
[  850.929246][T11920] lo speed is unknown, defaulting to 1000
[  850.935421][T11920] wg1 speed is unknown, defaulting to 1000
[  851.010307][T11922] selinux_netlink_send: 2 callbacks suppressed
[  851.010325][T11922] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=11922 comm=syz.5.14090
[  851.049324][ T3483] hid (null): report_id 3804673681 is invalid
[  851.055572][ T3483] hid (null): global environment stack underflow
[  851.061948][ T3483] hid (null): report_id 0 is invalid
[  851.067356][ T3483] hid (null): invalid report_size 11153
[  851.072965][ T3483] hid (null): unknown global tag 0xe
[  851.078288][ T3483] hid (null): unknown global tag 0xc2
[  851.083690][ T3483] hid (null): unknown global tag 0xe
[  851.089386][T11919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11919 comm=syz.5.14090
[  851.104896][ T3483] hid-generic 0002:0400:01F0.005E: report_id 3804673681 is invalid
[  851.112964][ T3483] hid-generic 0002:0400:01F0.005E: item 0 4 1 8 parsing failed
[  851.120655][ T3483] hid-generic 0002:0400:01F0.005E: probe with driver hid-generic failed with error -22
[  851.163674][T11932] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  851.232979][T11932] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  851.282696][T11932] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  851.332836][T11932] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  851.391493][ T2399] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  851.402950][ T2399] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  851.415216][ T2399] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  851.424196][T11937] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.428420][ T2399] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  851.432593][T11937] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.433568][T11937] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.526852][T11941] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.535262][T11941] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.543816][T11941] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  851.762477][T11967] netlink: 'syz.1.14106': attribute type 13 has an invalid length.
[  851.801802][T11967] bridge0: port 2(bridge_slave_1) entered disabled state
[  851.809153][T11967] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.401937][T11975] netlink: 'syz.1.14108': attribute type 13 has an invalid length.
[  852.417818][T11972] lo speed is unknown, defaulting to 1000
[  852.422202][ T2381] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.432002][T11972] wg1 speed is unknown, defaulting to 1000
[  852.441496][ T2381] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.458341][ T2381] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.475109][ T2381] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  852.485711][   T29] kauditd_printk_skb: 2653 callbacks suppressed
[  852.485766][   T29] audit: type=1326 audit(1768205415.366:257913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  852.541339][   T29] audit: type=1326 audit(1768205415.416:257914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  852.565236][   T29] audit: type=1326 audit(1768205415.416:257915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff871821667 code=0x7ffc0000
[  852.589251][   T29] audit: type=1326 audit(1768205415.416:257916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff8718215dc code=0x7ffc0000
[  852.613037][   T29] audit: type=1326 audit(1768205415.416:257917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff871821514 code=0x7ffc0000
[  852.636946][   T29] audit: type=1326 audit(1768205415.416:257918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff871821514 code=0x7ffc0000
[  852.660668][   T29] audit: type=1326 audit(1768205415.416:257919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff87181e3aa code=0x7ffc0000
[  852.684335][   T29] audit: type=1326 audit(1768205415.416:257920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  852.708098][   T29] audit: type=1326 audit(1768205415.416:257921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  852.731922][   T29] audit: type=1326 audit(1768205415.416:257922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11976 comm="syz.1.14109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  852.949060][T11987] lo speed is unknown, defaulting to 1000
[  852.955174][T11987] wg1 speed is unknown, defaulting to 1000
[  853.258243][T12002] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12002 comm=syz.5.14118
[  853.377613][T12013] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=773 sclass=netlink_tcpdiag_socket pid=12013 comm=wg1
[  853.410106][T12013] tmpfs: Bad value for 'mpol'
[  853.624564][T12025] siw: device registration error -23
[  853.650877][T12024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  853.659547][T12024] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  853.680093][T12011] tap0: tun_chr_ioctl cmd 1074025681
[  853.700264][T12034] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12034 comm=syz.1.14130
[  854.375837][T12048] lo speed is unknown, defaulting to 1000
[  854.382036][T12048] wg1 speed is unknown, defaulting to 1000
[  854.401986][T12059] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12059 comm=syz.3.14141
[  854.495708][T12063] netlink: 'syz.3.14143': attribute type 13 has an invalid length.
[  854.504408][T12065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2304 sclass=netlink_route_socket pid=12065 comm=syz.5.14144
[  854.522696][T12065] netlink: 'syz.5.14144': attribute type 6 has an invalid length.
[  854.681604][T12084] siw: device registration error -23
[  854.795104][T12090] lo speed is unknown, defaulting to 1000
[  854.801136][T12090] wg1 speed is unknown, defaulting to 1000
[  854.905254][T12098] netlink: 'syz.4.14156': attribute type 13 has an invalid length.
[  855.010568][T12097] lo speed is unknown, defaulting to 1000
[  855.016708][T12097] wg1 speed is unknown, defaulting to 1000
[  855.548169][T12128] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=12128 comm=syz.2.14167
[  855.592553][T12129] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=12129 comm=syz.5.14168
[  855.627332][T12121] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12121 comm=syz.2.14167
[  855.656291][T12135] FAULT_INJECTION: forcing a failure.
[  855.656291][T12135] name failslab, interval 1, probability 0, space 0, times 0
[  855.668993][T12135] CPU: 0 UID: 0 PID: 12135 Comm: syz.3.14170 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  855.669029][T12135] Tainted: [W]=WARN
[  855.669035][T12135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  855.669045][T12135] Call Trace:
[  855.669051][T12135]  <TASK>
[  855.669057][T12135]  __dump_stack+0x1d/0x30
[  855.669077][T12135]  dump_stack_lvl+0x95/0xd0
[  855.669094][T12135]  dump_stack+0x15/0x1b
[  855.669210][T12135]  should_fail_ex+0x265/0x280
[  855.669228][T12135]  should_failslab+0x8c/0xb0
[  855.669246][T12135]  kmem_cache_alloc_noprof+0x69/0x4b0
[  855.669263][T12135]  ? alloc_empty_file+0x76/0x200
[  855.669341][T12135]  alloc_empty_file+0x76/0x200
[  855.669364][T12135]  alloc_file_pseudo+0xc6/0x160
[  855.669438][T12135]  hugetlb_file_setup+0x2a6/0x3d0
[  855.669543][T12135]  ksys_mmap_pgoff+0x157/0x310
[  855.669566][T12135]  x64_sys_call+0x16bb/0x3000
[  855.669587][T12135]  do_syscall_64+0xca/0x2b0
[  855.669644][T12135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.669730][T12135] RIP: 0033:0x7f9ccb11f749
[  855.669742][T12135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  855.669758][T12135] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  855.669774][T12135] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  855.669785][T12135] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000200000000000
[  855.669795][T12135] RBP: 00007f9cc9b7f090 R08: ffffffffffffffff R09: 0000000000000000
[  855.669882][T12135] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000001
[  855.669892][T12135] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  855.669909][T12135]  </TASK>
[  855.899707][T12139] lo speed is unknown, defaulting to 1000
[  855.905976][T12139] wg1 speed is unknown, defaulting to 1000
[  855.983140][T12143] __nla_validate_parse: 35 callbacks suppressed
[  855.983160][T12143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14174'.
[  856.002271][T12143] netlink: 'syz.3.14174': attribute type 13 has an invalid length.
[  856.238345][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14178'.
[  856.248757][T12156] netlink: 87 bytes leftover after parsing attributes in process `syz.3.14178'.
[  856.276529][ T3420] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[  856.285144][ T3420] hid-generic 0000:0000:0000.005F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  856.381629][T12162] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  856.441997][T12171] netlink: 60 bytes leftover after parsing attributes in process `syz.5.14183'.
[  856.487151][T12173] lo speed is unknown, defaulting to 1000
[  856.493230][T12173] wg1 speed is unknown, defaulting to 1000
[  856.733922][T12175] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  857.062144][T12202] FAULT_INJECTION: forcing a failure.
[  857.062144][T12202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  857.075268][T12202] CPU: 0 UID: 0 PID: 12202 Comm: syz.3.14194 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  857.075309][T12202] Tainted: [W]=WARN
[  857.075317][T12202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  857.075332][T12202] Call Trace:
[  857.075339][T12202]  <TASK>
[  857.075345][T12202]  __dump_stack+0x1d/0x30
[  857.075447][T12202]  dump_stack_lvl+0x95/0xd0
[  857.075519][T12202]  dump_stack+0x15/0x1b
[  857.075612][T12202]  should_fail_ex+0x265/0x280
[  857.075650][T12202]  should_fail+0xb/0x20
[  857.075727][T12202]  should_fail_usercopy+0x1a/0x20
[  857.075748][T12202]  _copy_from_iter+0xcf/0xe70
[  857.075855][T12202]  ? __alloc_skb+0x396/0x4b0
[  857.075883][T12202]  ? __alloc_skb+0x228/0x4b0
[  857.075945][T12202]  netlink_sendmsg+0x471/0x6b0
[  857.076011][T12202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  857.076128][T12202]  __sock_sendmsg+0x145/0x180
[  857.076170][T12202]  ____sys_sendmsg+0x31e/0x4a0
[  857.076203][T12202]  ___sys_sendmsg+0x17b/0x1d0
[  857.076245][T12202]  __x64_sys_sendmsg+0xd4/0x160
[  857.076349][T12202]  x64_sys_call+0x17ba/0x3000
[  857.076376][T12202]  do_syscall_64+0xca/0x2b0
[  857.076411][T12202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.076510][T12202] RIP: 0033:0x7f9ccb11f749
[  857.076530][T12202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  857.076553][T12202] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  857.076577][T12202] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  857.076591][T12202] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003
[  857.076604][T12202] RBP: 00007f9cc9b7f090 R08: 0000000000000000 R09: 0000000000000000
[  857.076694][T12202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  857.076711][T12202] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  857.076738][T12202]  </TASK>
[  857.136736][T12204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=12204 comm=syz.5.14191
[  857.312396][T12207] lo speed is unknown, defaulting to 1000
[  857.318533][T12207] wg1 speed is unknown, defaulting to 1000
[  857.418918][T12216] netlink: 'syz.4.14200': attribute type 13 has an invalid length.
[  857.432977][T12214] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14199'.
[  857.503590][T12222] FAULT_INJECTION: forcing a failure.
[  857.503590][T12222] name failslab, interval 1, probability 0, space 0, times 0
[  857.516314][T12222] CPU: 0 UID: 0 PID: 12222 Comm: syz.3.14202 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  857.516359][T12222] Tainted: [W]=WARN
[  857.516366][T12222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  857.516380][T12222] Call Trace:
[  857.516387][T12222]  <TASK>
[  857.516397][T12222]  __dump_stack+0x1d/0x30
[  857.516431][T12222]  dump_stack_lvl+0x95/0xd0
[  857.516484][T12222]  dump_stack+0x15/0x1b
[  857.516504][T12222]  should_fail_ex+0x265/0x280
[  857.516530][T12222]  should_failslab+0x8c/0xb0
[  857.516566][T12222]  __kmalloc_noprof+0xb9/0x5a0
[  857.516646][T12222]  ? alloc_pipe_info+0x1c9/0x340
[  857.516669][T12222]  ? alloc_pipe_info+0xae/0x340
[  857.516698][T12222]  alloc_pipe_info+0x1c9/0x340
[  857.516728][T12222]  splice_direct_to_actor+0x592/0x680
[  857.516816][T12222]  ? __pfx_direct_splice_actor+0x10/0x10
[  857.516842][T12222]  ? selinux_file_permission+0x2ee/0x320
[  857.516883][T12222]  do_splice_direct+0xda/0x150
[  857.516911][T12222]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  857.517042][T12222]  do_sendfile+0x380/0x650
[  857.517079][T12222]  __x64_sys_sendfile64+0x105/0x150
[  857.517113][T12222]  x64_sys_call+0x2db1/0x3000
[  857.517143][T12222]  do_syscall_64+0xca/0x2b0
[  857.517225][T12222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.517251][T12222] RIP: 0033:0x7f9ccb11f749
[  857.517272][T12222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  857.517297][T12222] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  857.517320][T12222] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  857.517344][T12222] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  857.517360][T12222] RBP: 00007f9cc9b7f090 R08: 0000000000000000 R09: 0000000000000000
[  857.517373][T12222] R10: 000000007ffffffc R11: 0000000000000246 R12: 0000000000000001
[  857.517386][T12222] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  857.517407][T12222]  </TASK>
[  857.770184][   T36] hid (null): report_id 3804673681 is invalid
[  857.776349][   T36] hid (null): global environment stack underflow
[  857.782768][   T36] hid (null): report_id 0 is invalid
[  857.788084][   T36] hid (null): invalid report_size 11153
[  857.793764][   T36] hid (null): unknown global tag 0xe
[  857.799084][   T36] hid (null): unknown global tag 0xc2
[  857.804477][   T36] hid (null): unknown global tag 0xe
[  857.814770][   T36] hid-generic 0002:0400:01F0.0060: report_id 3804673681 is invalid
[  857.822736][   T36] hid-generic 0002:0400:01F0.0060: item 0 4 1 8 parsing failed
[  857.830503][   T36] hid-generic 0002:0400:01F0.0060: probe with driver hid-generic failed with error -22
[  857.850727][T12229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14204'.
[  857.865771][   T29] kauditd_printk_skb: 751 callbacks suppressed
[  857.865787][   T29] audit: type=1326 audit(1768205420.746:258674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  857.907330][   T29] audit: type=1326 audit(1768205420.776:258675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fe4711667 code=0x7ffc0000
[  857.931083][   T29] audit: type=1326 audit(1768205420.776:258676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f7fe47115dc code=0x7ffc0000
[  857.954970][   T29] audit: type=1326 audit(1768205420.776:258677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f7fe4711514 code=0x7ffc0000
[  857.978818][   T29] audit: type=1326 audit(1768205420.776:258678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f7fe4711514 code=0x7ffc0000
[  858.002799][   T29] audit: type=1326 audit(1768205420.776:258679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7fe470e3aa code=0x7ffc0000
[  858.026515][   T29] audit: type=1326 audit(1768205420.776:258680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  858.050287][   T29] audit: type=1326 audit(1768205420.776:258681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  858.074070][   T29] audit: type=1326 audit(1768205420.776:258682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  858.097884][   T29] audit: type=1326 audit(1768205420.776:258683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12225 comm="syz.4.14204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  858.401496][T12249] lo speed is unknown, defaulting to 1000
[  858.415876][T12249] wg1 speed is unknown, defaulting to 1000
[  858.422029][T12251] netlink: 60 bytes leftover after parsing attributes in process `syz.4.14212'.
[  858.475666][T12254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14213'.
[  858.502793][T12254] netlink: 'syz.4.14213': attribute type 13 has an invalid length.
[  858.735305][T12269] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=12269 comm=syz.4.14217
[  858.873233][T12274] lo speed is unknown, defaulting to 1000
[  858.879298][T12274] wg1 speed is unknown, defaulting to 1000
[  859.014196][ T3483] hid-generic 0000:0000:0000.0061: unknown main item tag 0x0
[  859.029805][ T3483] hid-generic 0000:0000:0000.0061: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  859.112166][T12287] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14225'.
[  859.132067][T12285] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  859.489017][T12310] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14232'.
[  859.607583][T12324] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  859.633310][T12324] vhci_hcd vhci_hcd.2: invalid port number 96
[  859.639442][T12324] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  859.664985][T12328] netlink: 'syz.4.14240': attribute type 13 has an invalid length.
[  859.691867][T22763] hid-generic 0000:0000:0000.0062: unknown main item tag 0x0
[  859.712673][T22763] hid-generic 0000:0000:0000.0062: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  859.831758][T12332] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  859.915523][T12335] lo speed is unknown, defaulting to 1000
[  859.928033][T12335] wg1 speed is unknown, defaulting to 1000
[  860.031403][T12337] lo speed is unknown, defaulting to 1000
[  860.056743][T12337] wg1 speed is unknown, defaulting to 1000
[  860.251417][T12345] netlink: 'syz.5.14245': attribute type 13 has an invalid length.
[  860.533695][T22763] hid-generic 0000:0000:0000.0063: unknown main item tag 0x0
[  860.542437][T22763] hid-generic 0000:0000:0000.0063: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  860.671797][T12360] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  860.895604][T12376] netlink: 'syz.1.14258': attribute type 13 has an invalid length.
[  861.128588][T12395] block device autoloading is deprecated and will be removed.
[  861.195710][T12402] lo speed is unknown, defaulting to 1000
[  861.202479][T12402] wg1 speed is unknown, defaulting to 1000
[  861.269854][T12407] __nla_validate_parse: 4 callbacks suppressed
[  861.269874][T12407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14272'.
[  861.299022][T12407] netlink: 87 bytes leftover after parsing attributes in process `syz.3.14272'.
[  861.770880][T22763] hid-generic 0000:0000:0000.0064: unknown main item tag 0x0
[  861.779027][T22763] hid-generic 0000:0000:0000.0064: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  862.043923][T12441] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  862.052358][T12441] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  862.061052][T12441] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  862.070640][T12441] loop3: detected capacity change from 0 to 128
[  862.078231][T12441] msdos: Bad value for 'tz'
[  862.371339][   T36] hid-generic 0000:0000:0000.0065: unknown main item tag 0x0
[  862.380548][T12464] futex_wake_op: syz.1.14288 tries to shift op by -1; fix this program
[  862.391510][   T36] hid-generic 0000:0000:0000.0065: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  862.871292][   T29] kauditd_printk_skb: 2457 callbacks suppressed
[  862.871308][   T29] audit: type=1326 audit(1768205425.756:261141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  862.901567][   T29] audit: type=1326 audit(1768205425.756:261142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  862.925375][   T29] audit: type=1326 audit(1768205425.756:261143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12477 comm="syz.3.14295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9ccb1165e7 code=0x7ffc0000
[  862.949053][   T29] audit: type=1326 audit(1768205425.756:261144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12477 comm="syz.3.14295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9ccb0bb829 code=0x7ffc0000
[  862.972767][   T29] audit: type=1326 audit(1768205425.756:261145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12477 comm="syz.3.14295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f9ccb11f749 code=0x7ffc0000
[  862.996487][   T29] audit: type=1326 audit(1768205425.756:261146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  863.020243][   T29] audit: type=1326 audit(1768205425.756:261147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  863.044035][   T29] audit: type=1326 audit(1768205425.756:261148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  863.067826][   T29] audit: type=1326 audit(1768205425.756:261149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  863.091648][   T29] audit: type=1326 audit(1768205425.756:261150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12455 comm="syz.1.14288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  863.094115][T12482] lo speed is unknown, defaulting to 1000
[  863.122215][T12482] wg1 speed is unknown, defaulting to 1000
[  863.219954][T12490] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  863.228132][T12490] vhci_hcd vhci_hcd.2: invalid port number 96
[  863.234365][T12490] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  863.349199][T22771] hid-generic 0000:0000:0000.0066: unknown main item tag 0x0
[  863.381484][T22771] hid-generic 0000:0000:0000.0066: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  863.513550][T12506] loop3: detected capacity change from 0 to 128
[  863.815744][T12514] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  863.943363][T12530] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14312'.
[  863.954661][T12530] netlink: 'syz.4.14312': attribute type 13 has an invalid length.
[  863.979276][T12532] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  863.987794][T12532] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  863.996250][T12532] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  864.033276][T12534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14314'.
[  864.123933][T22771] hid-generic 0000:0000:0000.0067: unknown main item tag 0x0
[  864.145825][T22771] hid-generic 0000:0000:0000.0067: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  864.251992][T12555] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  864.277199][T12563] lo speed is unknown, defaulting to 1000
[  864.284240][T12563] wg1 speed is unknown, defaulting to 1000
[  864.515482][T12577] SELinux: failed to load policy
[  864.529220][T12580] gtp0: entered promiscuous mode
[  864.534249][T12580] gtp0: entered allmulticast mode
[  864.539309][T12580] team0: Device gtp0 is of different type
[  864.653764][T12597] FAULT_INJECTION: forcing a failure.
[  864.653764][T12597] name failslab, interval 1, probability 0, space 0, times 0
[  864.666592][T12597] CPU: 1 UID: 0 PID: 12597 Comm: syz.1.14336 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  864.666678][T12597] Tainted: [W]=WARN
[  864.666685][T12597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  864.666698][T12597] Call Trace:
[  864.666705][T12597]  <TASK>
[  864.666714][T12597]  __dump_stack+0x1d/0x30
[  864.666762][T12597]  dump_stack_lvl+0x95/0xd0
[  864.666789][T12597]  dump_stack+0x15/0x1b
[  864.666813][T12597]  should_fail_ex+0x265/0x280
[  864.666852][T12597]  should_failslab+0x8c/0xb0
[  864.666935][T12597]  __kmalloc_noprof+0xb9/0x5a0
[  864.666957][T12597]  ? iter_file_splice_write+0xf7/0xa20
[  864.666979][T12597]  ? __rcu_read_unlock+0x4f/0x70
[  864.667052][T12597]  iter_file_splice_write+0xf7/0xa20
[  864.667074][T12597]  ? copy_splice_read+0x623/0x660
[  864.667099][T12597]  ? __traceiter_kfree+0x2e/0x50
[  864.667173][T12597]  ? copy_splice_read+0x623/0x660
[  864.667198][T12597]  ? copy_splice_read+0x623/0x660
[  864.667224][T12597]  ? __pfx_iter_file_splice_write+0x10/0x10
[  864.667244][T12597]  direct_splice_actor+0x156/0x2a0
[  864.667316][T12597]  ? __pfx_copy_splice_read+0x1/0x10
[  864.667340][T12597]  splice_direct_to_actor+0x312/0x680
[  864.667365][T12597]  ? __pfx_direct_splice_actor+0x10/0x10
[  864.667410][T12597]  do_splice_direct+0xda/0x150
[  864.667436][T12597]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  864.667473][T12597]  do_sendfile+0x380/0x650
[  864.667498][T12597]  __x64_sys_sendfile64+0x105/0x150
[  864.667553][T12597]  x64_sys_call+0x2db1/0x3000
[  864.667582][T12597]  do_syscall_64+0xca/0x2b0
[  864.667623][T12597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.667664][T12597] RIP: 0033:0x7ff87181f749
[  864.667679][T12597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  864.667697][T12597] RSP: 002b:00007ff870287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  864.667715][T12597] RAX: ffffffffffffffda RBX: 00007ff871a75fa0 RCX: 00007ff87181f749
[  864.667727][T12597] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  864.667739][T12597] RBP: 00007ff870287090 R08: 0000000000000000 R09: 0000000000000000
[  864.667822][T12597] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001
[  864.667834][T12597] R13: 00007ff871a76038 R14: 00007ff871a75fa0 R15: 00007ffc0303a128
[  864.667867][T12597]  </TASK>
[  864.995159][T12598] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=12598 comm=syz.3.14332
[  865.025588][T12598] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12598 comm=syz.3.14332
[  865.260400][T12616] netlink: 'syz.1.14341': attribute type 13 has an invalid length.
[  865.369514][T12625] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=12625 comm=syz.2.14344
[  865.393184][T12627] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=12627 comm=syz.1.14345
[  865.467866][T22763] hid-generic 0000:0000:0000.0068: unknown main item tag 0x0
[  865.475727][T22763] hid-generic 0000:0000:0000.0068: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  865.821703][T12648] netlink: 'syz.5.14353': attribute type 13 has an invalid length.
[  865.894492][T12652] loop3: detected capacity change from 0 to 512
[  865.912765][T12652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  865.957606][T12656] lo speed is unknown, defaulting to 1000
[  865.963707][T12656] wg1 speed is unknown, defaulting to 1000
[  866.001555][ T6466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.033422][T12659] FAULT_INJECTION: forcing a failure.
[  866.033422][T12659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.046549][T12659] CPU: 1 UID: 0 PID: 12659 Comm: syz.3.14356 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  866.046584][T12659] Tainted: [W]=WARN
[  866.046662][T12659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  866.046677][T12659] Call Trace:
[  866.046734][T12659]  <TASK>
[  866.046741][T12659]  __dump_stack+0x1d/0x30
[  866.046768][T12659]  dump_stack_lvl+0x95/0xd0
[  866.046795][T12659]  dump_stack+0x15/0x1b
[  866.046869][T12659]  should_fail_ex+0x265/0x280
[  866.046894][T12659]  should_fail+0xb/0x20
[  866.046912][T12659]  should_fail_usercopy+0x1a/0x20
[  866.046934][T12659]  copy_folio_from_iter_atomic+0x26a/0x1150
[  866.047031][T12659]  ? shmem_write_begin+0xfc/0x1f0
[  866.047060][T12659]  ? shmem_write_begin+0x135/0x1f0
[  866.047087][T12659]  generic_perform_write+0x2c2/0x490
[  866.047118][T12659]  shmem_file_write_iter+0xc5/0xf0
[  866.047171][T12659]  do_iter_readv_writev+0x4a1/0x540
[  866.047202][T12659]  vfs_writev+0x2df/0x8b0
[  866.047288][T12659]  __x64_sys_pwritev+0xfd/0x1c0
[  866.047314][T12659]  x64_sys_call+0x161b/0x3000
[  866.047345][T12659]  do_syscall_64+0xca/0x2b0
[  866.047408][T12659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.047435][T12659] RIP: 0033:0x7f9ccb11f749
[  866.047453][T12659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  866.047484][T12659] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  866.047523][T12659] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  866.047534][T12659] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000004
[  866.047544][T12659] RBP: 00007f9cc9b7f090 R08: 0000000000000000 R09: 0000000000000000
[  866.047558][T12659] R10: 0000000000800004 R11: 0000000000000246 R12: 0000000000000001
[  866.047571][T12659] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  866.047593][T12659]  </TASK>
[  866.266197][   T36] hid-generic 0000:0000:0000.0069: unknown main item tag 0x0
[  866.275423][   T36] hid-generic 0000:0000:0000.0069: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  866.339518][T12663] vlan2: entered allmulticast mode
[  866.647837][T12681] netlink: 'syz.3.14364': attribute type 13 has an invalid length.
[  866.670989][T12683] loop3: detected capacity change from 0 to 512
[  866.677630][T12683] msdos: Unknown parameter 'fm
[  866.677630][T12683] '
[  866.688933][T12683] SELinux:  Context system_u:object_r:userio_device_t:s0 is not valid (left unmapped).
[  866.834384][T12693] __nla_validate_parse: 10 callbacks suppressed
[  866.834453][T12693] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14370'.
[  866.857520][T12693] netlink: 'syz.5.14370': attribute type 13 has an invalid length.
[  866.978672][T12709] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  866.986237][T12709] vhci_hcd vhci_hcd.2: invalid port number 96
[  866.992411][T12709] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  867.340520][T12720] netlink: 60 bytes leftover after parsing attributes in process `syz.1.14379'.
[  867.369384][T12722] FAULT_INJECTION: forcing a failure.
[  867.369384][T12722] name failslab, interval 1, probability 0, space 0, times 0
[  867.382716][T12722] CPU: 1 UID: 0 PID: 12722 Comm: syz.4.14381 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  867.382749][T12722] Tainted: [W]=WARN
[  867.382796][T12722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  867.382807][T12722] Call Trace:
[  867.382813][T12722]  <TASK>
[  867.382826][T12722]  __dump_stack+0x1d/0x30
[  867.382850][T12722]  dump_stack_lvl+0x95/0xd0
[  867.382870][T12722]  dump_stack+0x15/0x1b
[  867.382892][T12722]  should_fail_ex+0x265/0x280
[  867.382914][T12722]  should_failslab+0x8c/0xb0
[  867.382939][T12722]  kmem_cache_alloc_noprof+0x69/0x4b0
[  867.382960][T12722]  ? getname_flags+0x80/0x3b0
[  867.382983][T12722]  getname_flags+0x80/0x3b0
[  867.383040][T12722]  __x64_sys_execve+0x42/0x70
[  867.383087][T12722]  x64_sys_call+0x271d/0x3000
[  867.383110][T12722]  do_syscall_64+0xca/0x2b0
[  867.383143][T12722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.383242][T12722] RIP: 0033:0x7f7fe470f749
[  867.383256][T12722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  867.383334][T12722] RSP: 002b:00007f7fe316f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  867.383352][T12722] RAX: ffffffffffffffda RBX: 00007f7fe4965fa0 RCX: 00007f7fe470f749
[  867.383364][T12722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000003040
[  867.383376][T12722] RBP: 00007f7fe316f090 R08: 0000000000000000 R09: 0000000000000000
[  867.383387][T12722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  867.383399][T12722] R13: 00007f7fe4966038 R14: 00007f7fe4965fa0 R15: 00007ffc58b7d968
[  867.383475][T12722]  </TASK>
[  867.664225][T12735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14386'.
[  867.674914][T12735] netlink: 87 bytes leftover after parsing attributes in process `syz.4.14386'.
[  867.736646][T12738] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=12738 comm=syz.1.14384
[  867.769881][T12738] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12738 comm=syz.1.14384
[  867.929843][T12748] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  867.938237][T12748] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  867.946690][T12748] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  868.468825][T12756] netlink: 60 bytes leftover after parsing attributes in process `syz.1.14393'.
[  868.479512][   T36] hid-generic 0000:0000:0000.006A: unknown main item tag 0x0
[  868.489678][   T29] kauditd_printk_skb: 1863 callbacks suppressed
[  868.489691][   T29] audit: type=1326 audit(1768205431.366:263014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.496008][   T36] hid-generic 0000:0000:0000.006A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  868.581168][   T29] audit: type=1326 audit(1768205431.366:263015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.605005][   T29] audit: type=1326 audit(1768205431.366:263016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.628751][   T29] audit: type=1326 audit(1768205431.366:263017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.647055][   T36] hid (null): report_id 3804673681 is invalid
[  868.652470][   T29] audit: type=1326 audit(1768205431.366:263018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.658501][   T36] hid (null): global environment stack underflow
[  868.658513][   T36] hid (null): report_id 0 is invalid
[  868.658535][   T36] hid (null): invalid report_size 11153
[  868.682278][   T29] audit: type=1326 audit(1768205431.366:263019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.682311][   T29] audit: type=1326 audit(1768205431.366:263020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.688741][   T36] hid (null): unknown global tag 0xe
[  868.693946][   T29] audit: type=1326 audit(1768205431.366:263021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.699570][   T36] hid (null): unknown global tag 0xc2
[  868.723239][   T29] audit: type=1326 audit(1768205431.366:263022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.747017][   T36] hid (null): unknown global tag 0xe
[  868.752307][   T29] audit: type=1326 audit(1768205431.366:263023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12755 comm="syz.1.14393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff87181f749 code=0x7ffc0000
[  868.778697][   T36] hid-generic 0002:0400:01F0.006B: report_id 3804673681 is invalid
[  868.842443][   T36] hid-generic 0002:0400:01F0.006B: item 0 4 1 8 parsing failed
[  868.857548][   T36] hid-generic 0002:0400:01F0.006B: probe with driver hid-generic failed with error -22
[  869.060496][T12770] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  869.067948][T12770] vhci_hcd vhci_hcd.2: invalid port number 96
[  869.074031][T12770] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  869.149024][ T3483] hid-generic 0000:0000:0000.006C: unknown main item tag 0x0
[  869.156853][ T3483] hid-generic 0000:0000:0000.006C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  869.289512][T12779] loop3: detected capacity change from 0 to 164
[  869.297014][T12779] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  869.306339][T12779] FAULT_INJECTION: forcing a failure.
[  869.306339][T12779] name failslab, interval 1, probability 0, space 0, times 0
[  869.319027][T12779] CPU: 1 UID: 0 PID: 12779 Comm: ÿ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  869.319107][T12779] Tainted: [W]=WARN
[  869.319116][T12779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  869.319130][T12779] Call Trace:
[  869.319155][T12779]  <TASK>
[  869.319164][T12779]  __dump_stack+0x1d/0x30
[  869.319194][T12779]  dump_stack_lvl+0x95/0xd0
[  869.319274][T12779]  dump_stack+0x15/0x1b
[  869.319357][T12779]  should_fail_ex+0x265/0x280
[  869.319418][T12779]  should_failslab+0x8c/0xb0
[  869.319443][T12779]  kmem_cache_alloc_lru_noprof+0x6d/0x4c0
[  869.319531][T12779]  ? __d_alloc+0x37/0x340
[  869.319564][T12779]  __d_alloc+0x37/0x340
[  869.319635][T12779]  ? selinux_inode_permission+0x6be/0x7c0
[  869.319669][T12779]  d_alloc_parallel+0x54/0xcd0
[  869.319705][T12779]  ? security_inode_permission+0x4a/0xb0
[  869.319779][T12779]  ? lockref_get_not_dead+0x120/0x1c0
[  869.319812][T12779]  ? __rcu_read_unlock+0x4f/0x70
[  869.319833][T12779]  __lookup_slow+0x8c/0x250
[  869.319861][T12779]  lookup_slow+0x3c/0x60
[  869.319926][T12779]  path_lookupat+0x2f7/0x500
[  869.319954][T12779]  filename_lookup+0x147/0x340
[  869.320038][T12779]  user_path_at+0x3e/0x130
[  869.320102][T12779]  do_fchownat+0xb0/0x210
[  869.320155][T12779]  __x64_sys_chown+0x47/0x60
[  869.320180][T12779]  x64_sys_call+0x2eb9/0x3000
[  869.320209][T12779]  do_syscall_64+0xca/0x2b0
[  869.320245][T12779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.320276][T12779] RIP: 0033:0x7f9ccb11f749
[  869.320292][T12779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  869.320314][T12779] RSP: 002b:00007f9cc9b7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  869.320382][T12779] RAX: ffffffffffffffda RBX: 00007f9ccb375fa0 RCX: 00007f9ccb11f749
[  869.320418][T12779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  869.320433][T12779] RBP: 00007f9cc9b7f090 R08: 0000000000000000 R09: 0000000000000000
[  869.320449][T12779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  869.320539][T12779] R13: 00007f9ccb376038 R14: 00007f9ccb375fa0 R15: 00007ffc6129bd48
[  869.320558][T12779]  </TASK>
[  869.616961][T12785] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  869.625370][T12785] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  869.766203][T22771] hid (null): report_id 3804673681 is invalid
[  869.772437][T22771] hid (null): global environment stack underflow
[  869.778826][T22771] hid (null): report_id 0 is invalid
[  869.784365][T22771] hid (null): invalid report_size 11153
[  869.789972][T22771] hid (null): unknown global tag 0xe
[  869.795426][T22771] hid (null): unknown global tag 0xc2
[  869.800818][T22771] hid (null): unknown global tag 0xe
[  869.810902][T22771] hid-generic 0002:0400:01F0.006D: report_id 3804673681 is invalid
[  869.818898][T22771] hid-generic 0002:0400:01F0.006D: item 0 4 1 8 parsing failed
[  869.827942][T22771] hid-generic 0002:0400:01F0.006D: probe with driver hid-generic failed with error -22
[  870.638923][T12841] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=12841 comm=syz.3.14424
[  870.667850][T12841] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12841 comm=syz.3.14424
[  870.985096][T22771] hid (null): report_id 3804673681 is invalid
[  870.991423][T22771] hid (null): global environment stack underflow
[  870.997801][T22771] hid (null): report_id 0 is invalid
[  871.003146][T22771] hid (null): invalid report_size 11153
[  871.008779][T22771] hid (null): unknown global tag 0xe
[  871.014198][T22771] hid (null): unknown global tag 0xc2
[  871.019585][T22771] hid (null): unknown global tag 0xe
[  871.027826][T22771] hid-generic 0002:0400:01F0.006E: report_id 3804673681 is invalid
[  871.035950][T22771] hid-generic 0002:0400:01F0.006E: item 0 4 1 8 parsing failed
[  871.044668][T22771] hid-generic 0002:0400:01F0.006E: probe with driver hid-generic failed with error -22
[  871.067579][T12888] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  871.075355][T12888] vhci_hcd vhci_hcd.2: invalid port number 96
[  871.081479][T12888] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  871.091940][T12890] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  871.099401][T12890] vhci_hcd vhci_hcd.2: invalid port number 96
[  871.105579][T12890] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  871.293921][T12908] lo speed is unknown, defaulting to 1000
[  871.300023][T12908] wg1 speed is unknown, defaulting to 1000
[  871.852158][T12925] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  871.859750][T12925] vhci_hcd vhci_hcd.2: invalid port number 96
[  871.865872][T12925] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  871.951533][   T10] hid-generic 0000:0000:0000.006F: unknown main item tag 0x0
[  871.960753][   T10] hid-generic 0000:0000:0000.006F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  872.246487][T12942] loop3: detected capacity change from 0 to 512
[  872.253455][T12944] __nla_validate_parse: 13 callbacks suppressed
[  872.253472][T12944] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14462'.
[  872.287334][T12944] netlink: 'syz.1.14462': attribute type 13 has an invalid length.
[  872.296654][T12942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  872.404104][T12950] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1793 sclass=netlink_route_socket pid=12950 comm=syz.5.14460
[  872.474524][ T6466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  872.486745][T12950] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12950 comm=syz.5.14460
[  872.586119][T12966] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  872.596112][T22771] hid-generic 0000:0000:0000.0070: unknown main item tag 0x0
[  872.614206][T22771] hid-generic 0000:0000:0000.0070: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  872.624047][T12966] vhci_hcd vhci_hcd.2: invalid port number 96
[  872.630163][T12966] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  872.721944][T12973] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  872.823992][T12982] lo speed is unknown, defaulting to 1000
[  872.831258][T12982] wg1 speed is unknown, defaulting to 1000
[  872.871306][T12983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14471'.
[  872.891771][T12983] netlink: 87 bytes leftover after parsing attributes in process `syz.3.14471'.
[  873.174454][T12995] lo speed is unknown, defaulting to 1000
[  873.180859][T12995] wg1 speed is unknown, defaulting to 1000
[  873.491486][   T29] kauditd_printk_skb: 4094 callbacks suppressed
[  873.491505][   T29] audit: type=1326 audit(1768205436.376:267118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.521629][   T29] audit: type=1326 audit(1768205436.376:267119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.545499][   T29] audit: type=1326 audit(1768205436.376:267120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.569340][   T29] audit: type=1326 audit(1768205436.376:267121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.593087][   T29] audit: type=1326 audit(1768205436.376:267122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.616829][   T29] audit: type=1326 audit(1768205436.376:267123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.640690][   T29] audit: type=1326 audit(1768205436.376:267124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12974 comm="syz.4.14469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7fe47065e7 code=0x7ffc0000
[  873.664343][   T29] audit: type=1326 audit(1768205436.376:267125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12974 comm="syz.4.14469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7fe46ab829 code=0x7ffc0000
[  873.687981][   T29] audit: type=1326 audit(1768205436.376:267126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12974 comm="syz.4.14469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  873.711776][   T29] audit: type=1326 audit(1768205436.376:267127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.1.14472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff871852005 code=0x7ffc0000
[  873.743502][T12999] SELinux:  Context system_u:object_r:cert_t:s0 is not valid (left unmapped).
[  873.848217][T13006] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  873.870701][T13006] vhci_hcd vhci_hcd.2: invalid port number 96
[  873.876957][T13006] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  873.957251][T13019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14482'.
[  874.003067][T13024] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  874.011498][T13024] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  874.033846][T13024] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  874.236400][T13042] lo speed is unknown, defaulting to 1000
[  874.261675][T13042] wg1 speed is unknown, defaulting to 1000
[  874.293523][T13047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14488'.
[  874.344292][T13043] netlink: 87 bytes leftover after parsing attributes in process `syz.1.14488'.
[  875.109033][T13068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14495'.
[  875.157023][T13068] FAULT_INJECTION: forcing a failure.
[  875.157023][T13068] name failslab, interval 1, probability 0, space 0, times 0
[  875.169758][T13068] CPU: 0 UID: 0 PID: 13068 Comm: syz.2.14495 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  875.169803][T13068] Tainted: [W]=WARN
[  875.169809][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  875.169951][T13068] Call Trace:
[  875.169959][T13068]  <TASK>
[  875.169966][T13068]  __dump_stack+0x1d/0x30
[  875.169993][T13068]  dump_stack_lvl+0x95/0xd0
[  875.170053][T13068]  dump_stack+0x15/0x1b
[  875.170074][T13068]  should_fail_ex+0x265/0x280
[  875.170100][T13068]  should_failslab+0x8c/0xb0
[  875.170125][T13068]  __kmalloc_noprof+0xb9/0x5a0
[  875.170148][T13068]  ? nft_obj_init+0x3c/0x220
[  875.170187][T13068]  nft_obj_init+0x3c/0x220
[  875.170217][T13068]  nf_tables_updobj+0x109/0x1a0
[  875.170244][T13068]  nf_tables_newobj+0x8bf/0x1070
[  875.170275][T13068]  nfnetlink_rcv+0xbc9/0x16c0
[  875.170383][T13068]  netlink_unicast+0x5c0/0x690
[  875.170428][T13068]  netlink_sendmsg+0x58b/0x6b0
[  875.170468][T13068]  ? __pfx_netlink_sendmsg+0x10/0x10
[  875.170542][T13068]  __sock_sendmsg+0x145/0x180
[  875.170566][T13068]  ____sys_sendmsg+0x31e/0x4a0
[  875.170603][T13068]  ___sys_sendmsg+0x17b/0x1d0
[  875.170690][T13068]  __x64_sys_sendmsg+0xd4/0x160
[  875.170727][T13068]  x64_sys_call+0x17ba/0x3000
[  875.170749][T13068]  do_syscall_64+0xca/0x2b0
[  875.170781][T13068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.170848][T13068] RIP: 0033:0x7f50c441f749
[  875.170861][T13068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.170878][T13068] RSP: 002b:00007f50c2e66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  875.170921][T13068] RAX: ffffffffffffffda RBX: 00007f50c4676090 RCX: 00007f50c441f749
[  875.170937][T13068] RDX: 0000000000000000 RSI: 0000200000000d80 RDI: 0000000000000005
[  875.170948][T13068] RBP: 00007f50c2e66090 R08: 0000000000000000 R09: 0000000000000000
[  875.170959][T13068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  875.170970][T13068] R13: 00007f50c4676128 R14: 00007f50c4676090 R15: 00007ffebb89f018
[  875.170988][T13068]  </TASK>
[  875.177292][T13070] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  875.301552][T13067] lo speed is unknown, defaulting to 1000
[  875.480161][T13070] vhci_hcd vhci_hcd.2: invalid port number 96
[  875.486341][T13070] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  875.578697][T13079] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  875.652229][T22771] hid-generic 0000:0000:0000.0071: unknown main item tag 0x0
[  875.660404][T22771] hid-generic 0000:0000:0000.0071: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  875.681186][T13067] wg1 speed is unknown, defaulting to 1000
[  875.687263][T13081] FAULT_INJECTION: forcing a failure.
[  875.687263][T13081] name failslab, interval 1, probability 0, space 0, times 0
[  875.700311][T13081] CPU: 1 UID: 0 PID: 13081 Comm: syz.4.14499 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  875.700382][T13081] Tainted: [W]=WARN
[  875.700388][T13081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  875.700443][T13081] Call Trace:
[  875.700451][T13081]  <TASK>
[  875.700460][T13081]  __dump_stack+0x1d/0x30
[  875.700495][T13081]  dump_stack_lvl+0x95/0xd0
[  875.700514][T13081]  dump_stack+0x15/0x1b
[  875.700607][T13081]  should_fail_ex+0x265/0x280
[  875.700634][T13081]  should_failslab+0x8c/0xb0
[  875.700660][T13081]  kmem_cache_alloc_noprof+0x69/0x4b0
[  875.700722][T13081]  ? audit_log_start+0x342/0x720
[  875.700743][T13081]  audit_log_start+0x342/0x720
[  875.700762][T13081]  ? kstrtouint+0x76/0xc0
[  875.700780][T13081]  audit_seccomp+0x48/0x100
[  875.700926][T13081]  ? __seccomp_filter+0x832/0x1260
[  875.700959][T13081]  __seccomp_filter+0x843/0x1260
[  875.700998][T13081]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  875.701107][T13081]  ? vfs_write+0x7e8/0x960
[  875.701135][T13081]  __secure_computing+0x82/0x150
[  875.701167][T13081]  syscall_trace_enter+0xcf/0x1e0
[  875.701207][T13081]  do_syscall_64+0xa4/0x2b0
[  875.701248][T13081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.701273][T13081] RIP: 0033:0x7f7fe470f749
[  875.701290][T13081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.701334][T13081] RSP: 002b:00007f7fe316f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  875.701354][T13081] RAX: ffffffffffffffda RBX: 00007f7fe4965fa0 RCX: 00007f7fe470f749
[  875.701369][T13081] RDX: 0000000000000002 RSI: 00002000000002c0 RDI: 0000000000000004
[  875.701430][T13081] RBP: 00007f7fe316f090 R08: 0000000000000000 R09: 0000000000000000
[  875.701445][T13081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  875.701458][T13081] R13: 00007f7fe4966038 R14: 00007f7fe4965fa0 R15: 00007ffc58b7d968
[  875.701481][T13081]  </TASK>
[  876.380448][T13102] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  876.403281][T13102] vhci_hcd vhci_hcd.2: invalid port number 96
[  876.409438][T13102] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  876.437413][T13103] siw: device registration error -23
[  876.638742][T13114] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=13114 comm=syz.4.14509
[  876.640543][T13115] loop3: detected capacity change from 0 to 128
[  876.819037][T13124] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  876.834814][T13124] vhci_hcd vhci_hcd.2: invalid port number 96
[  876.840939][T13124] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  876.958679][T13128] FAULT_INJECTION: forcing a failure.
[  876.958679][T13128] name failslab, interval 1, probability 0, space 0, times 0
[  876.971404][T13128] CPU: 0 UID: 0 PID: 13128 Comm: syz.4.14515 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  876.971496][T13128] Tainted: [W]=WARN
[  876.971503][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  876.971515][T13128] Call Trace:
[  876.971520][T13128]  <TASK>
[  876.971527][T13128]  __dump_stack+0x1d/0x30
[  876.971549][T13128]  dump_stack_lvl+0x95/0xd0
[  876.971569][T13128]  dump_stack+0x15/0x1b
[  876.971644][T13128]  should_fail_ex+0x265/0x280
[  876.971670][T13128]  should_failslab+0x8c/0xb0
[  876.971705][T13128]  __kmalloc_cache_noprof+0x65/0x4c0
[  876.971783][T13128]  ? audit_log_d_path+0x8d/0x150
[  876.971803][T13128]  audit_log_d_path+0x8d/0x150
[  876.971824][T13128]  audit_log_d_path_exe+0x42/0x70
[  876.971891][T13128]  audit_log_task+0x1e9/0x250
[  876.971919][T13128]  ? kstrtouint+0x76/0xc0
[  876.971936][T13128]  audit_seccomp+0x61/0x100
[  876.972052][T13128]  ? __seccomp_filter+0x832/0x1260
[  876.972113][T13128]  __seccomp_filter+0x843/0x1260
[  876.972143][T13128]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  876.972174][T13128]  ? vfs_write+0x7e8/0x960
[  876.972250][T13128]  ? __rcu_read_unlock+0x4f/0x70
[  876.972306][T13128]  ? __fget_files+0x184/0x1c0
[  876.972393][T13128]  __secure_computing+0x82/0x150
[  876.972453][T13128]  syscall_trace_enter+0xcf/0x1e0
[  876.972478][T13128]  do_syscall_64+0xa4/0x2b0
[  876.972568][T13128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.972586][T13128] RIP: 0033:0x7f7fe470f749
[  876.972599][T13128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  876.972647][T13128] RSP: 002b:00007f7fe316f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000042
[  876.972703][T13128] RAX: ffffffffffffffda RBX: 00007f7fe4965fa0 RCX: 00007f7fe470f749
[  876.972744][T13128] RDX: 0000000000000012 RSI: 0000000000000002 RDI: 0000000000000000
[  876.972760][T13128] RBP: 00007f7fe316f090 R08: 0000000000000000 R09: 0000000000000000
[  876.972823][T13128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  876.972835][T13128] R13: 00007f7fe4966038 R14: 00007f7fe4965fa0 R15: 00007ffc58b7d968
[  876.972859][T13128]  </TASK>
[  877.244131][   T10] hid-generic 0000:0000:0000.0072: unknown main item tag 0x0
[  877.323579][   T10] hid-generic 0000:0000:0000.0072: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  877.333794][T13133] FAULT_INJECTION: forcing a failure.
[  877.333794][T13133] name failslab, interval 1, probability 0, space 0, times 0
[  877.346549][T13133] CPU: 0 UID: 0 PID: 13133 Comm: syz.2.14517 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  877.346585][T13133] Tainted: [W]=WARN
[  877.346591][T13133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  877.346611][T13133] Call Trace:
[  877.346618][T13133]  <TASK>
[  877.346625][T13133]  __dump_stack+0x1d/0x30
[  877.346649][T13133]  dump_stack_lvl+0x95/0xd0
[  877.346705][T13133]  dump_stack+0x15/0x1b
[  877.346724][T13133]  should_fail_ex+0x265/0x280
[  877.346745][T13133]  should_failslab+0x8c/0xb0
[  877.346764][T13133]  kmem_cache_alloc_noprof+0x69/0x4b0
[  877.346783][T13133]  ? getname_kernel+0x3c/0x1f0
[  877.346873][T13133]  ? should_fail_ex+0xdb/0x280
[  877.346893][T13133]  getname_kernel+0x3c/0x1f0
[  877.347051][T13133]  kern_path+0x23/0x130
[  877.347074][T13133]  lookup_bdev+0x66/0x150
[  877.347100][T13133]  __se_sys_quotactl+0x1b7/0x670
[  877.347118][T13133]  ? fput+0x8f/0xc0
[  877.347222][T13133]  __x64_sys_quotactl+0x55/0x70
[  877.347241][T13133]  x64_sys_call+0x19a4/0x3000
[  877.347273][T13133]  do_syscall_64+0xca/0x2b0
[  877.347348][T13133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  877.347369][T13133] RIP: 0033:0x7f50c441f749
[  877.347404][T13133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  877.347429][T13133] RSP: 002b:00007f50c2e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  877.347472][T13133] RAX: ffffffffffffffda RBX: 00007f50c4675fa0 RCX: 00007f50c441f749
[  877.347503][T13133] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffff80000102
[  877.347520][T13133] RBP: 00007f50c2e87090 R08: 0000000000000000 R09: 0000000000000000
[  877.347537][T13133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  877.347549][T13133] R13: 00007f50c4676038 R14: 00007f50c4675fa0 R15: 00007ffebb89f018
[  877.347636][T13133]  </TASK>
[  877.399141][T13138] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  877.805847][T13145] __nla_validate_parse: 9 callbacks suppressed
[  877.805860][T13145] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  877.820546][T13145] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  877.863400][T13146] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14521'.
[  877.886577][T13145] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  877.985339][   T36] hid-generic 0000:0000:0000.0073: unknown main item tag 0x0
[  877.993651][   T36] hid-generic 0000:0000:0000.0073: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  878.134324][T13154] netlink: 'syz.3.14524': attribute type 13 has an invalid length.
[  878.201785][T13155] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  878.355663][T13170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14528'.
[  878.365439][T13161] FAULT_INJECTION: forcing a failure.
[  878.365439][T13161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  878.378548][T13161] CPU: 1 UID: 0 PID: 13161 Comm: syz.5.14526 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  878.378584][T13161] Tainted: [W]=WARN
[  878.378590][T13161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  878.378601][T13161] Call Trace:
[  878.378607][T13161]  <TASK>
[  878.378625][T13161]  __dump_stack+0x1d/0x30
[  878.378654][T13161]  dump_stack_lvl+0x95/0xd0
[  878.378712][T13161]  dump_stack+0x15/0x1b
[  878.378731][T13161]  should_fail_ex+0x265/0x280
[  878.378753][T13161]  should_fail+0xb/0x20
[  878.378774][T13161]  should_fail_usercopy+0x1a/0x20
[  878.378840][T13161]  strncpy_from_user+0x27/0x260
[  878.378879][T13161]  getname_flags+0xae/0x3b0
[  878.378937][T13161]  __x64_sys_mkdirat+0x40/0x60
[  878.378960][T13161]  x64_sys_call+0x30c/0x3000
[  878.378988][T13161]  do_syscall_64+0xca/0x2b0
[  878.379036][T13161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.379111][T13161] RIP: 0033:0x7f21ee65f749
[  878.379125][T13161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  878.379146][T13161] RSP: 002b:00007f21ed0c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  878.379168][T13161] RAX: ffffffffffffffda RBX: 00007f21ee8b5fa0 RCX: 00007f21ee65f749
[  878.379183][T13161] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  878.379197][T13161] RBP: 00007f21ed0c7090 R08: 0000000000000000 R09: 0000000000000000
[  878.379237][T13161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  878.379249][T13161] R13: 00007f21ee8b6038 R14: 00007f21ee8b5fa0 R15: 00007ffe78135a08
[  878.379268][T13161]  </TASK>
[  878.553622][T13170] netlink: 87 bytes leftover after parsing attributes in process `syz.3.14528'.
[  878.627462][   T29] kauditd_printk_skb: 1192 callbacks suppressed
[  878.627479][   T29] audit: type=1326 audit(1768205441.506:268318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.662553][   T29] audit: type=1326 audit(1768205441.536:268319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.686399][   T29] audit: type=1326 audit(1768205441.536:268320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.710231][   T29] audit: type=1326 audit(1768205441.536:268321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.733974][   T29] audit: type=1326 audit(1768205441.546:268322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.757781][   T29] audit: type=1326 audit(1768205441.546:268323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.781558][   T29] audit: type=1326 audit(1768205441.546:268324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.805381][   T29] audit: type=1326 audit(1768205441.546:268325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.829162][   T29] audit: type=1326 audit(1768205441.546:268326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.852943][   T29] audit: type=1326 audit(1768205441.546:268327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13176 comm="syz.5.14531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f21ee65f749 code=0x7ffc0000
[  878.960842][T13183] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14533'.
[  878.985989][T13183] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14533'.
[  879.145218][T13200] netlink: 'syz.1.14538': attribute type 13 has an invalid length.
[  879.205260][   T36] hid-generic 0000:0000:0000.0074: unknown main item tag 0x0
[  879.222500][   T36] hid-generic 0000:0000:0000.0074: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  879.293358][T13212] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  879.387700][T13216] netlink: 60 bytes leftover after parsing attributes in process `syz.2.14543'.
[  879.480257][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14546'.
[  879.693265][T13243] netlink: 'syz.1.14551': attribute type 13 has an invalid length.
[  879.737452][T13249] FAULT_INJECTION: forcing a failure.
[  879.737452][T13249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  879.750616][T13249] CPU: 1 UID: 0 PID: 13249 Comm: syz.1.14554 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  879.750702][T13249] Tainted: [W]=WARN
[  879.750712][T13249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  879.750730][T13249] Call Trace:
[  879.750738][T13249]  <TASK>
[  879.750749][T13249]  __dump_stack+0x1d/0x30
[  879.750781][T13249]  dump_stack_lvl+0x95/0xd0
[  879.750811][T13249]  dump_stack+0x15/0x1b
[  879.750919][T13249]  should_fail_ex+0x265/0x280
[  879.750950][T13249]  should_fail+0xb/0x20
[  879.750977][T13249]  should_fail_usercopy+0x1a/0x20
[  879.751013][T13249]  _copy_to_user+0x20/0xa0
[  879.751052][T13249]  simple_read_from_buffer+0xb5/0x130
[  879.751119][T13249]  proc_fail_nth_read+0x10e/0x150
[  879.751215][T13249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  879.751296][T13249]  vfs_read+0x1a8/0x770
[  879.751338][T13249]  ? __rcu_read_unlock+0x4f/0x70
[  879.751407][T13249]  ? __fget_files+0x184/0x1c0
[  879.751433][T13249]  ? mutex_lock+0x58/0x90
[  879.751466][T13249]  ksys_read+0xda/0x1a0
[  879.751488][T13249]  __x64_sys_read+0x40/0x50
[  879.751545][T13249]  x64_sys_call+0x2889/0x3000
[  879.751573][T13249]  do_syscall_64+0xca/0x2b0
[  879.751613][T13249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.751637][T13249] RIP: 0033:0x7ff87181e15c
[  879.751653][T13249] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  879.751764][T13249] RSP: 002b:00007ff870287030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  879.751824][T13249] RAX: ffffffffffffffda RBX: 00007ff871a75fa0 RCX: 00007ff87181e15c
[  879.751838][T13249] RDX: 000000000000000f RSI: 00007ff8702870a0 RDI: 0000000000000006
[  879.751853][T13249] RBP: 00007ff870287090 R08: 0000000000000000 R09: 0000000000000000
[  879.751873][T13249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  879.751887][T13249] R13: 00007ff871a76038 R14: 00007ff871a75fa0 R15: 00007ffc0303a128
[  879.751937][T13249]  </TASK>
[  880.244405][T13273] lo speed is unknown, defaulting to 1000
[  880.250522][T13273] wg1 speed is unknown, defaulting to 1000
[  880.333477][T13283] netlink: 'syz.5.14564': attribute type 13 has an invalid length.
[  880.377686][T13287] FAULT_INJECTION: forcing a failure.
[  880.377686][T13287] name failslab, interval 1, probability 0, space 0, times 0
[  880.390468][T13287] CPU: 1 UID: 0 PID: 13287 Comm: syz.5.14565 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  880.390506][T13287] Tainted: [W]=WARN
[  880.390513][T13287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  880.390525][T13287] Call Trace:
[  880.390531][T13287]  <TASK>
[  880.390538][T13287]  __dump_stack+0x1d/0x30
[  880.390577][T13287]  dump_stack_lvl+0x95/0xd0
[  880.390602][T13287]  dump_stack+0x15/0x1b
[  880.390622][T13287]  should_fail_ex+0x265/0x280
[  880.390684][T13287]  should_failslab+0x8c/0xb0
[  880.390711][T13287]  __kmalloc_cache_node_noprof+0x6a/0x4d0
[  880.390741][T13287]  ? __get_vm_area_node+0x106/0x1d0
[  880.390770][T13287]  __get_vm_area_node+0x106/0x1d0
[  880.390856][T13287]  __vmalloc_node_range_noprof+0x28e/0x1310
[  880.390882][T13287]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  880.390952][T13287]  ? lockref_put_return+0xf7/0x130
[  880.390979][T13287]  ? __rcu_read_unlock+0x4f/0x70
[  880.391090][T13287]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  880.391128][T13287]  __vmalloc_noprof+0xa4/0xf0
[  880.391152][T13287]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  880.391185][T13287]  bpf_prog_alloc_no_stats+0x47/0x390
[  880.391268][T13287]  ? bpf_prog_alloc+0x2a/0x150
[  880.391290][T13287]  bpf_prog_alloc+0x3c/0x150
[  880.391311][T13287]  __get_filter+0x92/0x230
[  880.391367][T13287]  sk_attach_filter+0x20/0xe0
[  880.391395][T13287]  sk_setsockopt+0x1a25/0x20e0
[  880.391441][T13287]  sock_setsockopt+0x40/0x50
[  880.391531][T13287]  unix_setsockopt+0xe8/0x1e0
[  880.391565][T13287]  ? __pfx_unix_setsockopt+0x10/0x10
[  880.391607][T13287]  __sys_setsockopt+0x184/0x200
[  880.391637][T13287]  __x64_sys_setsockopt+0x64/0x80
[  880.391666][T13287]  x64_sys_call+0x21d5/0x3000
[  880.391689][T13287]  do_syscall_64+0xca/0x2b0
[  880.391784][T13287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.391886][T13287] RIP: 0033:0x7f21ee65f749
[  880.391903][T13287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  880.391974][T13287] RSP: 002b:00007f21ed0c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  880.391996][T13287] RAX: ffffffffffffffda RBX: 00007f21ee8b5fa0 RCX: 00007f21ee65f749
[  880.392011][T13287] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000007
[  880.392026][T13287] RBP: 00007f21ed0c7090 R08: 0000000000000010 R09: 0000000000000000
[  880.392081][T13287] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001
[  880.392095][T13287] R13: 00007f21ee8b6038 R14: 00007f21ee8b5fa0 R15: 00007ffe78135a08
[  880.392117][T13287]  </TASK>
[  880.643051][T13287] syz.5.14565: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  880.658975][T13287] CPU: 1 UID: 0 PID: 13287 Comm: syz.5.14565 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  880.659003][T13287] Tainted: [W]=WARN
[  880.659011][T13287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  880.659105][T13287] Call Trace:
[  880.659113][T13287]  <TASK>
[  880.659123][T13287]  __dump_stack+0x1d/0x30
[  880.659170][T13287]  dump_stack_lvl+0x95/0xd0
[  880.659195][T13287]  dump_stack+0x15/0x1b
[  880.659214][T13287]  warn_alloc+0x12b/0x1a0
[  880.659241][T13287]  __vmalloc_node_range_noprof+0x2b3/0x1310
[  880.659348][T13287]  ? lockref_put_return+0xf7/0x130
[  880.659375][T13287]  ? __rcu_read_unlock+0x4f/0x70
[  880.659403][T13287]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  880.659468][T13287]  __vmalloc_noprof+0xa4/0xf0
[  880.659491][T13287]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  880.659570][T13287]  bpf_prog_alloc_no_stats+0x47/0x390
[  880.659607][T13287]  ? bpf_prog_alloc+0x2a/0x150
[  880.659670][T13287]  bpf_prog_alloc+0x3c/0x150
[  880.659728][T13287]  __get_filter+0x92/0x230
[  880.659759][T13287]  sk_attach_filter+0x20/0xe0
[  880.659783][T13287]  sk_setsockopt+0x1a25/0x20e0
[  880.659872][T13287]  sock_setsockopt+0x40/0x50
[  880.659895][T13287]  unix_setsockopt+0xe8/0x1e0
[  880.659926][T13287]  ? __pfx_unix_setsockopt+0x10/0x10
[  880.660061][T13287]  __sys_setsockopt+0x184/0x200
[  880.660095][T13287]  __x64_sys_setsockopt+0x64/0x80
[  880.660164][T13287]  x64_sys_call+0x21d5/0x3000
[  880.660212][T13287]  do_syscall_64+0xca/0x2b0
[  880.660312][T13287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.660336][T13287] RIP: 0033:0x7f21ee65f749
[  880.660403][T13287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  880.660422][T13287] RSP: 002b:00007f21ed0c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  880.660444][T13287] RAX: ffffffffffffffda RBX: 00007f21ee8b5fa0 RCX: 00007f21ee65f749
[  880.660459][T13287] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000007
[  880.660470][T13287] RBP: 00007f21ed0c7090 R08: 0000000000000010 R09: 0000000000000000
[  880.660481][T13287] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001
[  880.660559][T13287] R13: 00007f21ee8b6038 R14: 00007f21ee8b5fa0 R15: 00007ffe78135a08
[  880.660581][T13287]  </TASK>
[  880.660588][T13287] Mem-Info:
[  880.717509][T13273] chnl_net:caif_netlink_parms(): no params data found
[  880.720780][T13287] active_anon:20950 inactive_anon:37 isolated_anon:0
[  880.720780][T13287]  active_file:27891 inactive_file:2862 isolated_file:0
[  880.720780][T13287]  unevictable:0 dirty:239 writeback:10
[  880.720780][T13287]  slab_reclaimable:3701 slab_unreclaimable:124505
[  880.720780][T13287]  mapped:35616 shmem:12742 pagetables:1195
[  880.720780][T13287]  sec_pagetables:0 bounce:0
[  880.720780][T13287]  kernel_misc_reclaimable:0
[  880.720780][T13287]  free:1714369 free_pcp:21467 free_cma:0
[  880.941488][T13287] Node 0 active_anon:62340kB inactive_anon:148kB active_file:111564kB inactive_file:11448kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:142464kB dirty:956kB writeback:40kB shmem:29508kB kernel_stack:4704kB pagetables:4664kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  880.969219][T13287] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  880.998862][T13287] lowmem_reserve[]: 0 2880 7859 7859
[  881.004273][T13287] Node 0 DMA32 free:2945888kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949520kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:3528kB free_cma:0kB
[  881.035778][T13287] lowmem_reserve[]: 0 0 4978 4978
[  881.040921][T13287] Node 0 Normal free:3928116kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:49812kB inactive_anon:148kB active_file:111564kB inactive_file:11448kB unevictable:0kB writepending:996kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:84028kB local_pcp:32444kB free_cma:0kB
[  881.074282][T13287] lowmem_reserve[]: 0 0 0 0
[  881.078829][T13287] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  881.091905][T13287] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945888kB
[  881.108317][T13287] Node 0 Normal: 5743*4kB (UME) 4656*8kB (UME) 3245*16kB (UME) 2440*32kB (UME) 1304*64kB (UME) 841*128kB (UME) 490*256kB (UM) 366*512kB (UME) 298*1024kB (UM) 152*2048kB (UME) 642*4096kB (UM) = 3940236kB
[  881.128519][T13287] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  881.137885][T13287] 32372 total pagecache pages
[  881.142598][T13287] 83 pages in swap cache
[  881.146845][T13287] Free swap  = 124664kB
[  881.151030][T13287] Total swap = 124996kB
[  881.155191][T13287] 2097051 pages RAM
[  881.158998][T13287] 0 pages HighMem/MovableOnly
[  881.163718][T13287] 81271 pages reserved
[  881.254058][T13304] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  881.279813][T13273] bridge0: port 1(bridge_slave_0) entered blocking state
[  881.286957][T13273] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.301142][T13304] vhci_hcd vhci_hcd.2: invalid port number 96
[  881.307255][T13304] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  881.340569][T13273] bridge_slave_0: entered allmulticast mode
[  881.354474][T13273] bridge_slave_0: entered promiscuous mode
[  881.367974][T13273] bridge0: port 2(bridge_slave_1) entered blocking state
[  881.375137][T13273] bridge0: port 2(bridge_slave_1) entered disabled state
[  881.404734][T13273] bridge_slave_1: entered allmulticast mode
[  881.418482][T13273] bridge_slave_1: entered promiscuous mode
[  881.435893][ T2381] bridge_slave_1: left allmulticast mode
[  881.441634][ T2381] bridge_slave_1: left promiscuous mode
[  881.447388][ T2381] bridge0: port 2(bridge_slave_1) entered disabled state
[  881.456389][ T2381] bridge_slave_0: left promiscuous mode
[  881.462124][ T2381] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.544049][ T2381] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  881.553165][ T2381] bond_slave_0: left promiscuous mode
[  881.558627][ T2381] bond_slave_0: left allmulticast mode
[  881.571843][ T2381] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  881.590808][ T2381] bond_slave_1: left promiscuous mode
[  881.596326][ T2381] bond_slave_1: left allmulticast mode
[  881.602133][ T2381] bond0 (unregistering): Released all slaves
[  881.628658][T13273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  881.643235][T13273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  881.682676][   T36] hid (null): report_id 3804673681 is invalid
[  881.688843][   T36] hid (null): global environment stack underflow
[  881.693311][T13273] team0: Port device team_slave_0 added
[  881.695352][   T36] hid (null): report_id 0 is invalid
[  881.706134][   T36] hid (null): invalid report_size 11153
[  881.711766][   T36] hid (null): unknown global tag 0xe
[  881.717110][   T36] hid (null): unknown global tag 0xc2
[  881.722518][   T36] hid (null): unknown global tag 0xe
[  881.723590][T13273] team0: Port device team_slave_1 added
[  881.746068][   T36] hid-generic 0002:0400:01F0.0075: report_id 3804673681 is invalid
[  881.754047][   T36] hid-generic 0002:0400:01F0.0075: item 0 4 1 8 parsing failed
[  881.765444][   T36] hid-generic 0002:0400:01F0.0075: probe with driver hid-generic failed with error -22
[  881.775379][ T2381] pim6reg (unregistering): left allmulticast mode
[  881.824174][ T2381] team_slave_1 (unregistering): left promiscuous mode
[  881.831028][ T2381] team_slave_1 (unregistering): left allmulticast mode
[  881.839076][ T2381] team0 (unregistering): Port device team_slave_1 removed
[  881.864192][ T2381] team_slave_0 (unregistering): left promiscuous mode
[  881.871026][ T2381] team_slave_0 (unregistering): left allmulticast mode
[  881.878277][ T2381] team0 (unregistering): Port device team_slave_0 removed
[  881.887817][T13328] siw: device registration error -23
[  881.912513][T13334] siw: device registration error -23
[  881.956212][T13273] batman_adv: batadv0: Adding interface: batadv_slave_0
[  881.963197][T13273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  881.989143][T13273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  882.001665][T13273] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.008684][T13273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  882.034600][T13273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  882.063347][T13273] hsr_slave_0: entered promiscuous mode
[  882.069463][T13273] hsr_slave_1: entered promiscuous mode
[  882.075828][T13273] debugfs: 'hsr0' already exists in 'hsr'
[  882.081615][T13273] Cannot create hsr debugfs directory
[  882.197308][T13342] FAULT_INJECTION: forcing a failure.
[  882.197308][T13342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  882.210433][T13342] CPU: 1 UID: 0 PID: 13342 Comm: syz.4.14581 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  882.210517][T13342] Tainted: [W]=WARN
[  882.210582][T13342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  882.210593][T13342] Call Trace:
[  882.210599][T13342]  <TASK>
[  882.210638][T13342]  __dump_stack+0x1d/0x30
[  882.210660][T13342]  dump_stack_lvl+0x95/0xd0
[  882.210784][T13342]  dump_stack+0x15/0x1b
[  882.210804][T13342]  should_fail_ex+0x265/0x280
[  882.210826][T13342]  should_fail+0xb/0x20
[  882.210898][T13342]  should_fail_usercopy+0x1a/0x20
[  882.210919][T13342]  _copy_from_iter+0xcf/0xe70
[  882.210941][T13342]  ? __alloc_skb+0x396/0x4b0
[  882.210966][T13342]  ? __alloc_skb+0x228/0x4b0
[  882.211101][T13342]  netlink_sendmsg+0x471/0x6b0
[  882.211132][T13342]  ? __pfx_netlink_sendmsg+0x10/0x10
[  882.211161][T13342]  __sock_sendmsg+0x145/0x180
[  882.211181][T13342]  ____sys_sendmsg+0x31e/0x4a0
[  882.211224][T13342]  ___sys_sendmsg+0x17b/0x1d0
[  882.211342][T13342]  __x64_sys_sendmsg+0xd4/0x160
[  882.211422][T13342]  x64_sys_call+0x17ba/0x3000
[  882.211602][T13342]  do_syscall_64+0xca/0x2b0
[  882.211641][T13342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.211665][T13342] RIP: 0033:0x7f7fe470f749
[  882.211680][T13342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  882.211706][T13342] RSP: 002b:00007f7fe316f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  882.211722][T13342] RAX: ffffffffffffffda RBX: 00007f7fe4965fa0 RCX: 00007f7fe470f749
[  882.211734][T13342] RDX: 0000000000004054 RSI: 00002000000002c0 RDI: 0000000000000006
[  882.211745][T13342] RBP: 00007f7fe316f090 R08: 0000000000000000 R09: 0000000000000000
[  882.211759][T13342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  882.211818][T13342] R13: 00007f7fe4966038 R14: 00007f7fe4965fa0 R15: 00007ffc58b7d968
[  882.211835][T13342]  </TASK>
[  882.580272][T13273] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  882.589443][T13273] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  882.608062][T13352] tipc: Started in network mode
[  882.613056][T13352] tipc: Node identity ac14140f, cluster identity 4711
[  882.625541][T13352] tipc: New replicast peer: 255.255.255.83
[  882.631548][T13352] tipc: Enabled bearer <udp:£>, priority 10
[  882.638781][T13273] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  882.661967][T13273] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  882.697097][T13365] 9p: Bad value for 'wfdno'
[  882.753863][T13273] 8021q: adding VLAN 0 to HW filter on device bond0
[  882.786706][T13273] 8021q: adding VLAN 0 to HW filter on device team0
[  882.810392][ T2381] bridge0: port 1(bridge_slave_0) entered blocking state
[  882.817488][ T2381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  882.842830][   T36] hid-generic 0000:0000:0000.0076: unknown main item tag 0x0
[  882.868418][   T36] hid-generic 0000:0000:0000.0076: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  882.868898][ T2381] bridge0: port 2(bridge_slave_1) entered blocking state
[  882.885101][ T2381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  882.893262][T13380] __nla_validate_parse: 10 callbacks suppressed
[  882.893278][T13380] netlink: 60 bytes leftover after parsing attributes in process `syz.4.14595'.
[  882.941649][T13382] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  883.030106][T13273] 8021q: adding VLAN 0 to HW filter on device batadv0
[  883.058850][T13393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14596'.
[  883.071801][T13393] netlink: 87 bytes leftover after parsing attributes in process `syz.3.14596'.
[  883.104335][T13404] netlink: 'syz.4.14599': attribute type 6 has an invalid length.
[  883.112292][T13404] netlink: 'syz.4.14599': attribute type 23 has an invalid length.
[  883.120325][T13404] IPv6: NLM_F_CREATE should be specified when creating new route
[  883.146999][T13273] veth0_vlan: entered promiscuous mode
[  883.155470][T13407] netlink: 'syz.4.14600': attribute type 13 has an invalid length.
[  883.163514][T13407] netlink: 24859 bytes leftover after parsing attributes in process `syz.4.14600'.
[  883.174816][T13273] veth1_vlan: entered promiscuous mode
[  883.194712][T13273] veth0_macvtap: entered promiscuous mode
[  883.202426][T13273] veth1_macvtap: entered promiscuous mode
[  883.209147][T13407] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14600'.
[  883.220391][T13273] batman_adv: batadv0: Interface activated: batadv_slave_0
[  883.232468][T13273] batman_adv: batadv0: Interface activated: batadv_slave_1
[  883.245777][ T2390] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.258155][ T2390] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.272815][ T2390] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  883.282428][ T2390] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  883.320676][T13413] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  883.530092][T13421] 8021q: adding VLAN 0 to HW filter on device bond0
[  883.537800][T13421] bridge0: port 3(bond0) entered blocking state
[  883.544276][T13421] bridge0: port 3(bond0) entered disabled state
[  883.551508][T13421] bond0: entered allmulticast mode
[  883.557953][T13421] bond0: entered promiscuous mode
[  883.588250][T13421] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14604'.
[  883.620281][T13427] netlink: 'syz.2.14605': attribute type 13 has an invalid length.
[  883.656887][T13429] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5134 sclass=netlink_route_socket pid=13429 comm=syz.2.14606
[  883.751249][   T36] tipc: Node number set to 2886997007
[  883.812949][T13441] lo speed is unknown, defaulting to 1000
[  883.819116][T13441] wg1 speed is unknown, defaulting to 1000
[  883.856137][T13443] lo speed is unknown, defaulting to 1000
[  883.869845][T13443] wg1 speed is unknown, defaulting to 1000
[  883.922887][   T29] kauditd_printk_skb: 1380 callbacks suppressed
[  883.922902][   T29] audit: type=1326 audit(1768205446.806:269708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  883.952978][   T29] audit: type=1326 audit(1768205446.806:269709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.017347][   T29] audit: type=1326 audit(1768205446.806:269710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.041337][   T29] audit: type=1326 audit(1768205446.806:269711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.065133][   T29] audit: type=1326 audit(1768205446.806:269712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.088977][   T29] audit: type=1326 audit(1768205446.836:269713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.112822][   T29] audit: type=1326 audit(1768205446.836:269714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.136617][   T29] audit: type=1326 audit(1768205446.836:269715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.160404][   T29] audit: type=1326 audit(1768205446.836:269716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.184238][   T29] audit: type=1326 audit(1768205446.836:269717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.2.14612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50c441f749 code=0x7ffc0000
[  884.224119][T13453] bridge0: port 4(ipvlan2) entered blocking state
[  884.230615][T13453] bridge0: port 4(ipvlan2) entered disabled state
[  884.261263][T13453] ipvlan2: entered allmulticast mode
[  884.267955][T13453] ipvlan2: left allmulticast mode
[  884.276635][T13455] netlink: 'syz.1.14617': attribute type 13 has an invalid length.
[  884.304925][ T3603] hid-generic 0000:0000:0000.0077: unknown main item tag 0x0
[  884.313172][ T3603] hid-generic 0000:0000:0000.0077: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  884.334269][T13455] bridge0: port 2(bridge_slave_1) entered disabled state
[  884.341632][T13455] bridge0: port 1(bridge_slave_0) entered disabled state
[  884.371175][T13459] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  884.378732][T13459] vhci_hcd vhci_hcd.2: invalid port number 96
[  884.384888][T13459] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  884.403725][T13460] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  884.441317][T13455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  884.451407][T13455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  884.506033][ T2380] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  884.520214][ T2380] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  884.529486][ T2380] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  884.538924][ T2380] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  884.753491][T13475] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14623'.
[  884.765815][T13475] netlink: 87 bytes leftover after parsing attributes in process `syz.5.14623'.
[  884.775660][T13475] siw: device registration error -23
[  884.800034][T13485] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  884.807533][T13485] vhci_hcd vhci_hcd.2: invalid port number 96
[  884.813637][T13485] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  885.197157][T13494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14631'.
[  885.316338][T13502] netlink: 4 bytes leftover after parsing attributes in process `+“[@'.
[  885.348750][T13504] lo speed is unknown, defaulting to 1000
[  885.354878][T13504] wg1 speed is unknown, defaulting to 1000
[  885.520206][T13513] FAULT_INJECTION: forcing a failure.
[  885.520206][T13513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  885.533419][T13513] CPU: 1 UID: 0 PID: 13513 Comm: syz.5.14639 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  885.533529][T13513] Tainted: [W]=WARN
[  885.533537][T13513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  885.533551][T13513] Call Trace:
[  885.533575][T13513]  <TASK>
[  885.533586][T13513]  __dump_stack+0x1d/0x30
[  885.533616][T13513]  dump_stack_lvl+0x95/0xd0
[  885.533640][T13513]  dump_stack+0x15/0x1b
[  885.533663][T13513]  should_fail_ex+0x265/0x280
[  885.533690][T13513]  should_fail+0xb/0x20
[  885.533791][T13513]  should_fail_usercopy+0x1a/0x20
[  885.533820][T13513]  _copy_to_user+0x20/0xa0
[  885.533852][T13513]  simple_read_from_buffer+0xb5/0x130
[  885.533929][T13513]  proc_fail_nth_read+0x10e/0x150
[  885.534004][T13513]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  885.534029][T13513]  vfs_read+0x1a8/0x770
[  885.534044][T13513]  ? __rcu_read_unlock+0x4f/0x70
[  885.534067][T13513]  ? __fget_files+0x184/0x1c0
[  885.534093][T13513]  ? mutex_lock+0x58/0x90
[  885.534153][T13513]  ksys_read+0xda/0x1a0
[  885.534170][T13513]  __x64_sys_read+0x40/0x50
[  885.534220][T13513]  x64_sys_call+0x2889/0x3000
[  885.534250][T13513]  do_syscall_64+0xca/0x2b0
[  885.534385][T13513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.534412][T13513] RIP: 0033:0x7f21ee65e15c
[  885.534431][T13513] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  885.534518][T13513] RSP: 002b:00007f21ed0c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  885.534541][T13513] RAX: ffffffffffffffda RBX: 00007f21ee8b5fa0 RCX: 00007f21ee65e15c
[  885.534557][T13513] RDX: 000000000000000f RSI: 00007f21ed0c70a0 RDI: 0000000000000006
[  885.534572][T13513] RBP: 00007f21ed0c7090 R08: 0000000000000000 R09: 0000000000000000
[  885.534595][T13513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  885.534618][T13513] R13: 00007f21ee8b6038 R14: 00007f21ee8b5fa0 R15: 00007ffe78135a08
[  885.534642][T13513]  </TASK>
[  885.843660][T13536] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  885.851382][T13536] vhci_hcd vhci_hcd.2: invalid port number 96
[  885.857533][T13536] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  885.980195][T13556] siw: device registration error -23
[  886.556577][T13574] netlink: 'syz.4.14661': attribute type 13 has an invalid length.
[  886.582231][T13576] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  886.589581][T13576] vhci_hcd vhci_hcd.2: invalid port number 96
[  886.595782][T13576] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  886.724152][T13588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7957 sclass=netlink_route_socket pid=13588 comm=syz.4.14665
[  886.903714][T13608] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  886.916652][T13608] vhci_hcd vhci_hcd.2: invalid port number 96
[  886.922799][T13608] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[  887.046836][T13622] FAULT_INJECTION: forcing a failure.
[  887.046836][T13622] name failslab, interval 1, probability 0, space 0, times 0
[  887.059602][T13622] CPU: 0 UID: 0 PID: 13622 Comm: syz.2.14677 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  887.059635][T13622] Tainted: [W]=WARN
[  887.059642][T13622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  887.059653][T13622] Call Trace:
[  887.059659][T13622]  <TASK>
[  887.059665][T13622]  __dump_stack+0x1d/0x30
[  887.059737][T13622]  dump_stack_lvl+0x95/0xd0
[  887.059762][T13622]  dump_stack+0x15/0x1b
[  887.059784][T13622]  should_fail_ex+0x265/0x280
[  887.059808][T13622]  should_failslab+0x8c/0xb0
[  887.059856][T13622]  __kmalloc_cache_noprof+0x65/0x4c0
[  887.059881][T13622]  ? tipc_sub_subscribe+0xc7/0x340
[  887.059910][T13622]  tipc_sub_subscribe+0xc7/0x340
[  887.059941][T13622]  ? idr_alloc+0x89/0xd0
[  887.059973][T13622]  tipc_conn_rcv_sub+0x100/0x210
[  887.059996][T13622]  tipc_topsrv_kern_subscr+0x148/0x1b0
[  887.060059][T13622]  tipc_group_create+0x24d/0x290
[  887.060080][T13622]  tipc_sk_join+0x130/0x2e0
[  887.060119][T13622]  tipc_setsockopt+0x598/0x620
[  887.060198][T13622]  ? __pfx_tipc_setsockopt+0x10/0x10
[  887.060234][T13622]  __sys_setsockopt+0x184/0x200
[  887.060261][T13622]  __x64_sys_setsockopt+0x64/0x80
[  887.060310][T13622]  x64_sys_call+0x21d5/0x3000
[  887.060331][T13622]  do_syscall_64+0xca/0x2b0
[  887.060362][T13622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.060384][T13622] RIP: 0033:0x7f50c441f749
[  887.060401][T13622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  887.060467][T13622] RSP: 002b:00007f50c2e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  887.060483][T13622] RAX: ffffffffffffffda RBX: 00007f50c4675fa0 RCX: 00007f50c441f749
[  887.060498][T13622] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000004
[  887.060512][T13622] RBP: 00007f50c2e87090 R08: 0000000000000010 R09: 0000000000000000
[  887.060557][T13622] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  887.060571][T13622] R13: 00007f50c4676038 R14: 00007f50c4675fa0 R15: 00007ffebb89f018
[  887.060594][T13622]  </TASK>
[  887.060602][T13622] tipc: Subscription rejected, no memory
[  887.069166][T13623] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  887.153404][T13625] siw: device registration error -23
[  887.154677][T13623] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  887.345289][T13635] FAULT_INJECTION: forcing a failure.
[  887.345289][T13635] name failslab, interval 1, probability 0, space 0, times 0
[  887.358067][T13635] CPU: 0 UID: 0 PID: 13635 Comm: syz.2.14679 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  887.358117][T13635] Tainted: [W]=WARN
[  887.358125][T13635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  887.358138][T13635] Call Trace:
[  887.358156][T13635]  <TASK>
[  887.358163][T13635]  __dump_stack+0x1d/0x30
[  887.358189][T13635]  dump_stack_lvl+0x95/0xd0
[  887.358214][T13635]  dump_stack+0x15/0x1b
[  887.358265][T13635]  should_fail_ex+0x265/0x280
[  887.358292][T13635]  should_failslab+0x8c/0xb0
[  887.358313][T13635]  kmem_cache_alloc_lru_noprof+0x6d/0x4c0
[  887.358335][T13635]  ? __d_alloc+0x37/0x340
[  887.358392][T13635]  __d_alloc+0x37/0x340
[  887.358425][T13635]  ? security_inode_permission+0x4a/0xb0
[  887.358456][T13635]  d_alloc_parallel+0x54/0xcd0
[  887.358487][T13635]  ? __rcu_read_unlock+0x4f/0x70
[  887.358579][T13635]  ? __d_lookup+0x316/0x340
[  887.358610][T13635]  ? try_to_unlazy+0x2a7/0x400
[  887.358646][T13635]  path_openat+0x8c6/0x23b0
[  887.358768][T13635]  do_filp_open+0x109/0x230
[  887.358861][T13635]  do_sys_openat2+0xa6/0x150
[  887.358891][T13635]  __x64_sys_open+0xe6/0x110
[  887.358936][T13635]  x64_sys_call+0x166f/0x3000
[  887.358977][T13635]  do_syscall_64+0xca/0x2b0
[  887.359010][T13635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.359072][T13635] RIP: 0033:0x7f50c441f749
[  887.359088][T13635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  887.359109][T13635] RSP: 002b:00007f50c2e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  887.359131][T13635] RAX: ffffffffffffffda RBX: 00007f50c4675fa0 RCX: 00007f50c441f749
[  887.359146][T13635] RDX: 0000000000000001 RSI: 0000000000101042 RDI: 0000200000000000
[  887.359217][T13635] RBP: 00007f50c2e87090 R08: 0000000000000000 R09: 0000000000000000
[  887.359231][T13635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  887.359274][T13635] R13: 00007f50c4676038 R14: 00007f50c4675fa0 R15: 00007ffebb89f018
[  887.359297][T13635]  </TASK>
[  887.722189][T13643] netlink: 'syz.4.14682': attribute type 1 has an invalid length.
[  887.992663][T13677] netlink: 'syz.3.14695': attribute type 13 has an invalid length.
[  888.107082][T13687] pim6reg: entered allmulticast mode
[  888.224229][T13696] __nla_validate_parse: 13 callbacks suppressed
[  888.224248][T13696] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14702'.
[  888.472109][ T3502] hid-generic 0000:0000:0000.0078: unknown main item tag 0x0
[  888.480423][T13706] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l65535
[  888.491183][ T3502] hid-generic 0000:0000:0000.0078: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  888.534241][T13713] netlink: 'syz.2.14708': attribute type 7 has an invalid length.
[  888.674411][T13727] netlink: 'syz.5.14713': attribute type 21 has an invalid length.
[  888.682675][T13727] netlink: 128 bytes leftover after parsing attributes in process `syz.5.14713'.
[  888.700577][T13730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14715'.
[  888.718697][T13727] netlink: 'syz.5.14713': attribute type 4 has an invalid length.
[  888.726665][T13727] netlink: 'syz.5.14713': attribute type 3 has an invalid length.
[  888.734569][T13727] netlink: 3 bytes leftover after parsing attributes in process `syz.5.14713'.
[  888.759895][T13735] wireguard0: entered promiscuous mode
[  888.765518][T13735] wireguard0: entered allmulticast mode
[  888.977621][T13753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  888.995737][T13753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  889.145072][T13755] lo speed is unknown, defaulting to 1000
[  889.152731][T13755] wg1 speed is unknown, defaulting to 1000
[  889.289730][   T29] kauditd_printk_skb: 1884 callbacks suppressed
[  889.289743][   T29] audit: type=1326 audit(1768205452.166:271602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.320069][ T2398] bond1: left allmulticast mode
[  889.324980][ T2398] bond1: left promiscuous mode
[  889.329904][ T2398] bridge0: port 3(bond1) entered disabled state
[  889.337113][   T29] audit: type=1326 audit(1768205452.206:271603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.360934][   T29] audit: type=1326 audit(1768205452.206:271604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.384809][   T29] audit: type=1326 audit(1768205452.206:271605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.408574][   T29] audit: type=1326 audit(1768205452.206:271606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.432347][   T29] audit: type=1326 audit(1768205452.206:271607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.456109][   T29] audit: type=1326 audit(1768205452.206:271608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.479845][   T29] audit: type=1326 audit(1768205452.206:271609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.503585][   T29] audit: type=1326 audit(1768205452.206:271610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.527335][   T29] audit: type=1326 audit(1768205452.206:271611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13771 comm="syz.4.14726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fe470f749 code=0x7ffc0000
[  889.551937][ T2398] bridge_slave_1: left allmulticast mode
[  889.557710][ T2398] bridge_slave_1: left promiscuous mode
[  889.563405][ T2398] bridge0: port 2(bridge_slave_1) entered disabled state
[  889.572276][ T2398] bridge_slave_0: left allmulticast mode
[  889.577936][ T2398] bridge_slave_0: left promiscuous mode
[  889.583665][ T2398] bridge0: port 1(bridge_slave_0) entered disabled state
[  889.635243][ T2398] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.644140][ T2398] bond_slave_0: left promiscuous mode
[  889.649666][ T2398] bond_slave_0: left allmulticast mode
[  889.666400][ T2398] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.686172][ T2398] bond_slave_1: left promiscuous mode
[  889.691775][ T2398] bond_slave_1: left allmulticast mode
[  889.707563][ T2398] .` (unregistering): Released all slaves
[  889.724507][ T2398] bond1 (unregistering): Released all slaves
[  889.731476][T13781] FAULT_INJECTION: forcing a failure.
[  889.731476][T13781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  889.744606][T13781] CPU: 0 UID: 0 PID: 13781 Comm: syz.4.14730 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  889.744637][T13781] Tainted: [W]=WARN
[  889.744645][T13781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  889.744659][T13781] Call Trace:
[  889.744665][T13781]  <TASK>
[  889.744672][T13781]  __dump_stack+0x1d/0x30
[  889.744699][T13781]  dump_stack_lvl+0x95/0xd0
[  889.744757][T13781]  dump_stack+0x15/0x1b
[  889.744779][T13781]  should_fail_ex+0x265/0x280
[  889.744804][T13781]  should_fail+0xb/0x20
[  889.744894][T13781]  should_fail_usercopy+0x1a/0x20
[  889.744938][T13781]  _copy_from_user+0x1c/0xb0
[  889.744966][T13781]  proc_do_submiturb+0x866/0x1d20
[  889.745017][T13781]  ? proc_do_submiturb+0xb1/0x1d20
[  889.745052][T13781]  ? should_fail_ex+0xdb/0x280
[  889.745081][ T2398] bond2 (unregistering): Released all slaves
[  889.745348][T13781] ==================================================================
[  889.745429][T13781] BUG: KCSAN: data-race in data_push_tail / string
[  889.745523][T13781] 
[  889.745540][T13781] write to 0xffffffff88ec06a0 of 1 bytes by task 2398 on cpu 1:
[  889.745578][T13781]  string+0x187/0x220
[  889.745632][T13781]  vsnprintf+0x532/0x860
[  889.745691][T13781]  vscnprintf+0x41/0x90
[  889.745746][T13781]  printk_sprint+0x30/0x2d0
[  889.745820][T13781]  vprintk_store+0x568/0x830
[  889.745898][T13781]  vprintk_emit+0x15a/0x5c0
[  889.745983][T13781]  vprintk_default+0x26/0x30
[  889.746065][T13781]  vprintk+0x1d/0x30
[  889.746119][T13781]  _printk+0x79/0xa0
[  889.746155][T13781]  __netdev_printk+0x310/0x370
[  889.746238][T13781]  netdev_info+0x9b/0xd0
[  889.746292][T13781]  bond_uninit+0x1ee/0x330
[  889.746347][T13781]  unregister_netdevice_many_notify+0x1245/0x16d0
[  889.746445][T13781]  unregister_netdevice_many+0x19/0x20
[  889.746523][T13781]  ops_undo_list+0x213/0x410
[  889.746577][T13781]  cleanup_net+0x2f4/0x520
[  889.746656][T13781]  process_scheduled_works+0x4ce/0x9d0
[  889.746758][T13781]  worker_thread+0x582/0x770
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  889.746820][T13781]  kthread+0x489/0x510
[  889.746897][T13781]  ret_from_fork+0x149/0x290
[  889.746970][T13781]  ret_from_fork_asm+0x1a/0x30
[  889.747039][T13781] 
[  889.747050][T13781] read to 0xffffffff88ec06a0 of 8 bytes by task 13781 on cpu 0:
[  889.747089][T13781]  data_push_tail+0x100/0x470
[  889.747162][T13781]  data_alloc+0x11b/0x390
[  889.747231][T13781]  prb_reserve+0x8d7/0xad0
[  889.747330][T13781]  vprintk_store+0x53c/0x830
[  889.747424][T13781]  vprintk_emit+0x15a/0x5c0
[  889.747497][T13781]  vprintk_default+0x26/0x30
[  889.747575][T13781]  vprintk+0x1d/0x30
[  889.747628][T13781]  _printk+0x79/0xa0
[  889.747670][T13781]  __show_trace_log_lvl+0x4e3/0x560
[  889.747741][T13781]  __dump_stack+0x1d/0x30
[  889.747794][T13781]  dump_stack_lvl+0x95/0xd0
[  889.747851][T13781]  dump_stack+0x15/0x1b
[  889.747908][T13781]  should_fail_ex+0x265/0x280
[  889.747961][T13781]  should_fail+0xb/0x20
[  889.748032][T13781]  should_fail_usercopy+0x1a/0x20
[  889.748127][T13781]  _copy_from_user+0x1c/0xb0
[  889.748206][T13781]  proc_do_submiturb+0x866/0x1d20
[  889.748286][T13781]  proc_submiturb+0x7b/0xa0
[  889.748353][T13781]  usbdev_ioctl+0xcb6/0x1700
[  889.748417][T13781]  __se_sys_ioctl+0xce/0x140
[  889.748496][T13781]  __x64_sys_ioctl+0x43/0x50
[  889.748571][T13781]  x64_sys_call+0x14b0/0x3000
[  889.748635][T13781]  do_syscall_64+0xca/0x2b0
[  889.748720][T13781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.748776][T13781] 
[  889.748785][T13781] value changed: 0x0000000100003174 -> 0x52203a29676e6972
[  889.748814][T13781] 
[  889.748823][T13781] Reported by Kernel Concurrency Sanitizer on:
[  889.748859][T13781] CPU: 0 UID: 0 PID: 13781 Comm: syz.4.14730 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  889.748940][T13781] Tainted: [W]=WARN
[  889.748953][T13781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  889.748987][T13781] ==================================================================
[  889.749083][T13781]  proc_submiturb+0x7b/0xa0
[  889.749240][T13781]  usbdev_ioctl+0xcb6/0x1700
[  889.749317][T13781]  ? __pfx_usbdev_ioctl+0x10/0x10
[  889.749393][T13781]  __se_sys_ioctl+0xce/0x140
[  889.749511][T13781]  __x64_sys_ioctl+0x43/0x50
[  889.749613][T13781]  x64_sys_call+0x14b0/0x3000
[  889.749685][T13781]  do_syscall_64+0xca/0x2b0
[  889.749733][T13781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.749752][T13781] RIP: 0033:0x7f7fe470f749
[  889.749791][T13781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  889.749864][T13781] RSP: 002b:00007f7fe316f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  889.749918][T13781] RAX: ffffffffffffffda RBX: 00007f7fe4965fa0 RCX: 00007f7fe470f749
[  889.749965][T13781] RDX: 0000200000000000 RSI: 000000008038550a RDI: 0000000000000005
[  889.750002][T13781] RBP: 00007f7fe316f090 R08: 0000000000000000 R09: 0000000000000000
[  889.750037][T13781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  889.750123][T13781] R13: 00007f7fe4966038 R14: 00007f7fe4965fa0 R15: 00007ffc58b7d968
[  889.750220][T13781]  </TASK>
[  890.392667][ T2398] hsr_slave_0: left promiscuous mode
[  890.398352][ T2398] hsr_slave_1: left promiscuous mode
[  890.404307][ T2398] pim6reg (unregistering): left allmulticast mode
[  890.467916][ T2398] team_slave_1 (unregistering): left promiscuous mode
[  890.474850][ T2398] team_slave_1 (unregistering): left allmulticast mode
[  890.484281][ T2398] team0 (unregistering): Port device team_slave_1 removed
[  890.497284][ T2398] team_slave_0 (unregistering): left promiscuous mode
[  890.504215][ T2398] team_slave_0 (unregistering): left allmulticast mode
[  890.513025][ T2398] team0 (unregistering): Port device team_slave_0 removed
[  891.494722][ T2398] bond0: left allmulticast mode
[  891.499663][ T2398] bond0: left promiscuous mode
[  891.504674][ T2398] bridge0: port 3(bond0) entered disabled state
[  891.511589][ T2398] bridge_slave_1: left allmulticast mode
[  891.517305][ T2398] bridge_slave_1: left promiscuous mode
[  891.522973][ T2398] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.530733][ T2398] bridge_slave_0: left allmulticast mode
[  891.536399][ T2398] bridge_slave_0: left promiscuous mode
[  891.542182][ T2398] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.550460][ T2398] bridge_slave_1: left allmulticast mode
[  891.556113][ T2398] bridge_slave_1: left promiscuous mode
[  891.561792][ T2398] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.569427][ T2398] bridge_slave_0: left allmulticast mode
[  891.575177][ T2398] bridge_slave_0: left promiscuous mode
[  891.580767][ T2398] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.588850][ T2398] bridge_slave_1: left allmulticast mode
[  891.594591][ T2398] bridge_slave_1: left promiscuous mode
[  891.600252][ T2398] bridge0: port 2(bridge_slave_1) entered disabled state
[  891.608026][ T2398] bridge_slave_0: left allmulticast mode
[  891.613721][ T2398] bridge_slave_0: left promiscuous mode
[  891.619362][ T2398] bridge0: port 1(bridge_slave_0) entered disabled state
[  891.672672][ T2398] bond0 (unregistering): Released all slaves
[  891.723134][ T2398] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  891.731623][ T2398] bond_slave_0: left promiscuous mode
[  891.737197][ T2398] bond_slave_0: left allmulticast mode
[  891.743302][ T2398] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  891.751707][ T2398] bond_slave_1: left promiscuous mode
[  891.757168][ T2398] bond_slave_1: left allmulticast mode
[  891.763371][ T2398] .` (unregistering): (slave dummy0): Releasing backup interface
[  891.771446][ T2398] dummy0: left promiscuous mode
[  891.776332][ T2398] dummy0: left allmulticast mode
[  891.781470][ T2398] .` (unregistering): Released all slaves
[  891.789571][ T2398] bond0 (unregistering): Released all slaves
[  891.863221][ T2398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  891.872008][ T2398] bond_slave_0: left promiscuous mode
[  891.877483][ T2398] bond_slave_0: left allmulticast mode
[  891.883589][ T2398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  891.892433][ T2398] bond_slave_1: left promiscuous mode
[  891.897937][ T2398] bond_slave_1: left allmulticast mode
[  891.903673][ T2398] bond0 (unregistering): Released all slaves
[  891.963392][ T2398] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  891.972595][ T2398] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  891.981628][ T2398] bond0 (unregistering): Released all slaves
[  892.047114][ T2398] tipc: Disabling bearer <udp:£>
[  892.052159][ T2398] tipc: Left network mode
[  892.056942][ T2398] tipc: Disabling bearer <udp:syz2>
[  892.062182][ T2398] tipc: Left network mode
[  892.132557][ T2398] hsr_slave_0: left promiscuous mode
[  892.138258][ T2398] hsr_slave_1: left promiscuous mode
[  892.149373][ T2398] hsr_slave_0: left promiscuous mode
[  892.155209][ T2398] hsr_slave_1: left promiscuous mode
[  892.160883][ T2398] batman_adv: batadv0: Removing interface: batadv_slave_0
[  892.168317][ T2398] batman_adv: batadv0: Removing interface: batadv_slave_1
[  892.182442][ T2398] pim6reg (unregistering): left allmulticast mode
[  892.209822][ T2398] team_slave_1 (unregistering): left promiscuous mode
[  892.216662][ T2398] team_slave_1 (unregistering): left allmulticast mode
[  892.223871][ T2398] team0 (unregistering): Port device team_slave_1 removed
[  892.233284][ T2398] team0 (unregistering): Port device team_slave_0 removed
[  892.263889][ T2398] pim6reg (unregistering): left allmulticast mode
[  892.291846][ T2398] team_slave_1 (unregistering): left promiscuous mode
[  892.298634][ T2398] team_slave_1 (unregistering): left allmulticast mode
[  892.306289][ T2398] team0 (unregistering): Port device team_slave_1 removed
[  892.315938][ T2398] team_slave_0 (unregistering): left promiscuous mode
[  892.322810][ T2398] team_slave_0 (unregistering): left allmulticast mode
[  892.330050][ T2398] team0 (unregistering): Port device team_slave_0 removed
[  892.356760][ T2398] dummy0 (unregistering): left promiscuous mode
[  892.363199][ T2398] dummy0 (unregistering): left allmulticast mode
[  892.369859][ T2398] team0 (unregistering): Port device dummy0 removed
[  892.381520][ T2398] pim6reg (unregistering): left allmulticast mode
[  892.412247][ T2398] team0 (unregistering): Port device team_slave_1 removed
[  892.421783][ T2398] team0 (unregistering): Port device team_slave_0 removed
[  893.069160][ T2398] IPVS: stop unused estimator thread 0...