last executing test programs: 35m22.899720054s ago: executing program 3 (id=142): r0 = epoll_create1(0x80000) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9}) close(r2) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r1, 0x7a9, &(0x7f0000000340)={{@hyper, 0x2}, 0xe148, 0x3, 0x69c9, 0x4, 0xd, 0x385a2d2f, 0x4, 0x100000000}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f0000003dc0)=[{{0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000340)=""/244, 0xf4}}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000004c0)=""/248, 0xf8}, {&(0x7f00000005c0)=""/112, 0x70}, {&(0x7f0000000640)=""/209, 0xd1}, {&(0x7f0000000740)=""/46, 0x2e}, {&(0x7f0000000780)=""/135, 0x87}, {&(0x7f0000000840)=""/135, 0x87}, {&(0x7f0000000900)=""/93, 0x5d}, {&(0x7f0000000980)=""/42, 0x2a}, {&(0x7f00000009c0)=""/79, 0x4f}], 0x9}, 0x5}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000ac0)}, {&(0x7f0000000b00)=""/88, 0x58}, {&(0x7f0000000b80)=""/106, 0x6a}, {&(0x7f0000000c00)=""/54, 0x36}, {&(0x7f0000000c40)=""/93, 0x5d}, {&(0x7f0000000cc0)=""/160, 0xa0}, {&(0x7f0000000d80)=""/43, 0x2b}], 0x7}, 0x7}, {{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f00000010c0)=""/243, 0xf3}, {&(0x7f00000011c0)=""/187, 0xbb}, {0x0}, {0x0}, {&(0x7f0000001440)=""/112, 0x70}, {&(0x7f00000014c0)=""/157, 0x9d}], 0x6}, 0x10000}, {{&(0x7f00000016c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, &(0x7f0000002d40)=[{0x0}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f0000002980)=""/255, 0xff}, {&(0x7f0000002a80)=""/30, 0x1e}, {&(0x7f0000002ac0)=""/37, 0x25}, {&(0x7f0000002b00)=""/240, 0xf0}, {&(0x7f0000002c00)=""/111, 0x6f}, {&(0x7f0000002c80)=""/130, 0x82}], 0x8}, 0xe774}], 0x5, 0x40000042, 0x0) r5 = epoll_create1(0x0) r6 = dup2(r1, r0) ioctl$VIDIOC_ENUMAUDOUT(r6, 0xc0345642, &(0x7f00000000c0)={0x7, "56ef0807141e59fa6ea73ed1fa847c1ec008964be9a8518f3ff07536e25c4587", 0x3}) epoll_wait(r5, &(0x7f0000000200)=[{}], 0x1, 0x254) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000100)={0x20000014}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000000)={0xa0000001}) 35m21.988907144s ago: executing program 3 (id=143): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x1}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x4, r1, 0x0, &(0x7f0000000180)="f1", 0x1, 0xfffffffffffffffd}) (fail_nth: 3) 35m21.444045625s ago: executing program 3 (id=145): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x996}) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000180)={0x1, 0x0, [{0x2, 0x1, 0x0, 0x0, @sint={0x3, 0xa}}]}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_MPATH(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x28, r1, 0x101, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x480c0}, 0x4000) 35m21.266986063s ago: executing program 3 (id=147): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) r1 = open_tree(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x0) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 35m20.616780939s ago: executing program 3 (id=149): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x4800, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x8, 0xa0, 0x5, 0x4b}, {0x2, 0x1, 0x2, 0x6}]}) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_BEACON(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000009c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010004000000fedbdf250e00000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990000000000fdffffff15000e001c"], 0x4c}}, 0x10) bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x3, &(0x7f0000000480)=@raw=[@alu={0x7, 0x1, 0xd, 0x4, 0x1, 0x18, 0x1}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}], 0x0, 0xffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000280)={@link_local, @dev, @void, {@canfd={0xd, {{0x1, 0x1, 0x0, 0x1}, 0x3c, 0x0, 0x0, 0x0, "f80900000000000000da9707f653e812f340344a742b6ffb0e913aa1939e28153c161fd8117757e423f45751fd1dd4586f5d99cbaaf8b332233f00"}}}}, 0x0) sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x0) poll(&(0x7f00000001c0)=[{r5}, {r5, 0x340}, {r5, 0x90}], 0x3, 0xd) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000080)) r8 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r8, @ANYBLOB='\t\b'], 0x60}, 0x1, 0x0, 0x0, 0x14000}, 0x40010) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) syz_open_dev$dri(&(0x7f0000000240), 0xd21, 0x4000) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) 35m19.974666072s ago: executing program 3 (id=154): r0 = syz_open_dev$video(&(0x7f0000000000), 0x2000000000001000, 0xc4003) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeec, 0xc2e534adfb4dfa93, r0, 0x395f000) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000340)="67663e26660f38807711b9800000c00f3235008000000f3066b820008ed8c4020928543b00660f38820ac461b973f80db9800000c00f3235001000000f30400f79d8c744240000200000c744240207000000c7442406000000000f011c240f01df", 0x61}], 0x1, 0x90, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xb, &(0x7f0000000000)={0x40000004, 0x201}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002240)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0xfffffffffffffecc) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24008094}], 0x1, 0x40800) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x149803, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r4, 0x40047451, &(0x7f0000000180)) pwritev(r4, &(0x7f0000000080), 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24008040) mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x0, 0x20}, 0xc) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r5, 0x104, 0x5, 0x0, &(0x7f00000003c0)) bind$alg(r2, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-sse2\x00'}, 0x58) r6 = syz_open_dev$sndctrl(0x0, 0xb, 0x30b180) sendmsg$nl_generic(r6, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) 35m19.316420092s ago: executing program 32 (id=154): r0 = syz_open_dev$video(&(0x7f0000000000), 0x2000000000001000, 0xc4003) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeec, 0xc2e534adfb4dfa93, r0, 0x395f000) openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000340)="67663e26660f38807711b9800000c00f3235008000000f3066b820008ed8c4020928543b00660f38820ac461b973f80db9800000c00f3235001000000f30400f79d8c744240000200000c744240207000000c7442406000000000f011c240f01df", 0x61}], 0x1, 0x90, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xb, &(0x7f0000000000)={0x40000004, 0x201}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002240)=""/102392, 0x18ff8) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0xfffffffffffffecc) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24008094}], 0x1, 0x40800) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x149803, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r4, 0x40047451, &(0x7f0000000180)) pwritev(r4, &(0x7f0000000080), 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24008040) mbind(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x0, 0x20}, 0xc) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r5, 0x104, 0x5, 0x0, &(0x7f00000003c0)) bind$alg(r2, &(0x7f0000000100)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-sse2\x00'}, 0x58) r6 = syz_open_dev$sndctrl(0x0, 0xb, 0x30b180) sendmsg$nl_generic(r6, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) 29m11.433805173s ago: executing program 5 (id=1234): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000002000/0x2000)=nil, 0x2000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r2, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r2, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r3, 0x0, 0x10001, 0x0, 0x1, 0xd6fe2, 0x3d3b4e}) ioctl$IOMMU_IOAS_UNMAP$ALL(r1, 0x3b86, &(0x7f0000000300)={0x18, r2}) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='gfs2\x00', 0x10, &(0x7f0000000100)='barrier') read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020) 29m9.649848686s ago: executing program 5 (id=1240): read$FUSE(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) getpid() ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) 29m6.691861594s ago: executing program 5 (id=1244): timer_create(0x0, 0x0, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040), 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = syz_open_dev$evdev(&(0x7f0000000940), 0x1, 0x100) readv(r1, &(0x7f0000000400)=[{&(0x7f0000000080)=""/170, 0xaa}], 0x1) 29m4.371301935s ago: executing program 5 (id=1248): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c00)={0x2c, 0x17, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}}, 0x0) (async) chdir(&(0x7f0000000340)='./file0\x00') mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 29m2.625662029s ago: executing program 5 (id=1251): syz_emit_vhci(0x0, 0x9) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=within_size']) syz_open_dev$video(&(0x7f0000000040), 0x1, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) fallocate(r1, 0x0, 0x0, 0x8800000) read(0xffffffffffffffff, 0x0, 0x0) syz_usb_connect(0x3, 0x64, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb0, 0x80, 0xfe, 0x40, 0x1a0a, 0x101, 0xbe0b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x52, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x12, 0x0, 0x0, 0x90, 0xb8, 0x88, 0x0, [@cdc_ecm={{0x9, 0x24, 0x6, 0x0, 0x0, "2af994b0"}, {0x5, 0x24, 0x0, 0xd0b9}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x0, 0xffff, 0x8}, [@ncm={0x6, 0x24, 0x1a, 0x41, 0x4}, @mbim={0xc, 0x24, 0x1b, 0x120, 0xb3f, 0x0, 0x6, 0xc, 0xf9}, @obex={0x5}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x6, 0xc, 0xc8}, @dmm={0x7, 0x24, 0x14, 0x4, 0x2}]}, @uac_as]}}]}}]}}, 0x0) 29m1.808817955s ago: executing program 5 (id=1254): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xffffffffffffffff) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket(0x28, 0x5, 0x0) getpid() write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000) socket$kcm(0x29, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe94, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100, 0x81}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x1}, {}, {}, {0x8}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0xa, 0x0, 0x200}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0xfffffffd, 0x0, 0x0, 0x0, 0xa92}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x40, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0) socket$netlink(0x10, 0x3, 0x0) 29m0.911429686s ago: executing program 33 (id=1254): prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0xffffffffffffffff) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket(0x28, 0x5, 0x0) getpid() write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000) socket$kcm(0x29, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe94, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100, 0x81}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x1}, {}, {}, {0x8}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0xa, 0x0, 0x200}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0xfffffffd, 0x0, 0x0, 0x0, 0xa92}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000, 0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x40, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0) socket$netlink(0x10, 0x3, 0x0) 21m42.521796016s ago: executing program 0 (id=2541): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x1}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x4, r1, 0x0, &(0x7f0000000180)="f1", 0x1, 0xfffffffffffffffd}) (fail_nth: 4) 21m41.609398179s ago: executing program 0 (id=2543): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0xffffc000, 0x8000}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c06460efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8d54c6ba079a76de8190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec79bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f68696e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) dup3(r2, r0, 0x0) r3 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) fcntl$setstatus(r0, 0x4, 0x80000) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 21m40.735505607s ago: executing program 0 (id=2546): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0103000000000000000011585d0008000300", @ANYRES32=r2, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x24040804}, 0x0) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000000400)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000020c0)={0xe70, r3, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x10001, 0x7f}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_PEER_MEASUREMENTS={0xe44, 0x111, 0x0, 0x1, {0xe40, 0x5, 0x0, 0x1, [{0x1d0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x4}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x346f8c7a}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xa0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8001}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_REQ={0x14, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x94, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x70, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1725}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x395}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x57}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}]}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x234, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1dc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xa8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xa8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x101}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x86}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x101}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x68}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xec}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x32}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15f4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x1a0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x188, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x120, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3ff}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}]}]}, {0x1cc, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0xac, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x68, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4130}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x100, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xa583}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xc4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x32}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1464}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x404, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x128, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xe8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x164, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xb0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xfe}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xa8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x168, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x101}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xac, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7fff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7ff}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x400}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x80, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x65}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3ce}]}]}, {0x24c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x23c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xd0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x65}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xb0}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfffc}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x4}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}]}}]}, 0xe70}, 0x1, 0x0, 0x0, 0x240040c0}, 0x804) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r6 = socket$nl_rdma(0x10, 0x3, 0x14) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r7 = socket(0x10, 0x2, 0x0) r8 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) ioctl$sock_ax25_SIOCDELRT(r8, 0x890c, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="20000000181401000000000000080020080001282c5300000000000800030002000000"], 0x20}, 0x1, 0x0, 0x0, 0x200480c5}, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r7, 0x0, 0x485, 0x0, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r9, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x28, r10, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000810}, 0x4000800) sendmsg$NL80211_CMD_NEW_MPATH(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010125bd7000fbdbdf251700000008000300", @ANYRES32=r5, @ANYBLOB="0a000600050211000000000077c6e8ca1cc8640a3f852808a0887b5676e97ad2c4eafc4d6879adc82695f4531c210d3d9f13dcc25092a46ada8094ad18d8eadcfb5a34c9e629e1420f74ea89e90f1f5bb6e64080ead7f824403a35322c95fc8ab2864d94db54b80c0d92e95638a1c49c"], 0x28}, 0x1, 0x0, 0x0, 0x480c0}, 0x4000) r11 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) write$UHID_INPUT(r11, &(0x7f0000000500)={0x8, {"2540da6fe0cbc42f150742de167c495086ab113c938de0e67add17fb481ea03c8821f6f58a0940d03eb4372b62fe4595e118afb744c50647d1d3ce43f4257a7ace15eefa9c2696796e3e319f1ea6aaac805c1e71bd10d7876a4a022b7811f744ca336d9d72378645a766d61d9d8c6374582a6e1bff33cfacd4fdd7c5f98eebae35e23a7434a5a848675c190dbeb1455236b661c64e4bbd0a5cdac150fbde3c7363428f8ae103a4ea7d9eb34fe0f2a970de13f4b23d56d0c593c3ad0e398c70817e617ba547c6b72bc0d58b0f83c81f2bb73ed95af7b6f08fc0dad0c12daeb0722667dee60c50e0b0fb6ad91f45684fe722812c36e64e1eab4c1424121ccd9504e94fd645442bd5e710c74e651402d66f5c1a505059fd730c1d2f08d5a4381f47e1d283df8e054b5eb8a50a2c3d8a35802acbdbd15fee4d03f0f11993b7cbc87629849d7b1325518376a0191b0761818070ff603bf7f5607ae38bc8d3c07a459f697ec9c04dc775bfcde78a4dbfe25371c89b6d8bb3f4130bd512c96def40d7d7b5491622c6e648268574bedb6eea157908ea43968e0d2eeaca1e4af0bf40a78ff224089a165cc0776524801652683b8988c9a82fbded0447bd89484699fbb0a79d595e46cff02d7d22be9b541e1990e154ba1f6f289de79e74a16112a9a6e1a6abbc3135ea4cbda9d96289f47579c327966368a89863e6db659e1af89f2b2bcce704a072d183677a212dca6d64f73c86bc5f0f0d29b168292343d1b4518e99911cfef2fe60670c7b1d42ed7a37ff7223516773fa8618a7732c758199fd89e690fd6df4b589176d478dfee1e84d6251e594606ed3a0212b5c54db82768ccc93a6c04b6e4106bb2575812569df5009cacb4a7bba5d4e2daeef9de4e3d36c5f1edb93be91f795f3c551c00d3e2b6b34d5b9f065015be8cc2d19fa53b7b301e865e48ff6e4dfbd24879d28fbbe689769ec27eb1196c6abeee42bc26750f8274aad06bcf5671b674432abae93a6e6d3fd7008d10c745d799e9c027afa8495e309c8c6c38e2f5415d0e54ffb8daf20c3eef9175d0c827f81a7571a849ab285d2b1ed266a26ee4aac3d4e647a18edfbea489b09e0dbb6dec9a149fa3ecf3b04f9d579bae7380557d3e0dc29feae53557c70ba50cff659eab551f6cd56ee031a28e871998a304d804b66c9a3dd0695c6014c71091129a4db04a8c3ba5bb210feb6e2673a346aa5b3fe75083b24a3409778633cf0c1119bc83e7ac842a58afb0e176f51ac9dce5a4962998b6695a711205da1df48a76e8ff0e6e3f7b643d9a0f5f733aaff3d8de015803a50a3b9146ebe148269d5e3ef32dcd51d9e6a28f0cf7fe2dc0956a5b5d2e48e20aeb1124cb50fda7bbb75a229811b107a4f07be77019627abd42652e82e3b44c1c5227739d6f27ff882d0b00725bd6243bab06e457e6e616a7deb3c65a799dc411ebc3f04b104ed0e3a75f01356ab37b0840bedc35e87f69aef39633e2186cef61f6cb9da24591e8ab6cd7506a72df4bb7f51ca60c0fcfc5e17650c012c433772fad02fdfe27894ec1008fcf3d8e5e432422e41f8fe34f12d19580db29c755e6b23e4e7261f75f5f268239a4478cf64679f2c7ef557922511f558efb30ffc2f4bf5e5859204330d8a93a21311c8e0620a0cb8dc16410eaa4432ddb69c241908542a84b424c2ee5748193f60ac618136ab96a57f3c8afb8ba828292051313897fb93208f92cf1f88aca753d1601220113d104b96f51f216ff8574f333321160fd6cc0f15fca36dcafd64c58b5443170872dabf762fedd7dae4dc12c795e7e2e2e9e0e3ab2cad15d84e9169fcd32c5387c06ce1248ffcd94e9a14f66a582fbdef6a5c339f94a9318567a3c145d79c9b246bf99a663d6f0762e6507a5ca45abcfdda0a7bde7a8183eaf57674728f81adeb8e8d7f6be164b42a81137a2fea3e85223296bc462ff3e87c8d36fa34c4906517a76661b4232a184a6ead505b9f9c4bb041919ddad24bd402e062c44f489ec54d26184cd389ad2d1b7f241dd2609114472badeabe71dc435b1b4d43065b7728c2cb0f8636c52278d0bf834daa065f60f73fe7bb48c0d3035fc799ea3bbc1a70b35f3e38ab8ba1e78fda5845212caa74b99da4a5f3a7167cc34e41febdc32407fa068c0fe9b5f19ba175fca1526c69c351581694d4e4ee015943babf01f971bdff815309d47bab90f1e1a4371ecfb7ba7436727f2dda9fd6540a0fb720eb733f383f711baaa02ad0dc5a8df5a97413e05cea8e70d33c2fefffe5b701818161bc00b88a79c05ce9e2ed68e0b2da1a295def0a4bcd831ce652c364f6038e86967536a73e8480a5b7ea836cc69939564a5f5b37131f3cd97c49a2013c225703cc90072f925cfe9bce47321a456fc57b8cd53748f6472bb50241192c882111ab4675478a59efe3bca6ce7075745bf6a2d1d694e5b0f6ad563a186b39e21d9222d5c4c8966b66b1a052f8155420899e4bb849bba945c3caafbeaf72227c6c56ea0d0c7ec65580bc34b6c1c1f52cf89be2dd2c5b248a4133aba449e3bab45d4db4ed9f6fe8fd95d05fe079a9826ddb11333209b892a1e39ba49a343c9934769730efc9f8848108754cfb0ecfac5942eb41028215044f87174e0df5ce411f184aec8b1b5337a904a0c0130ad4dcf87e96696443a6e09b36a56e72c1317fd2dd86076eb11e5beb705c7ff535ecd85b615bbd4485df92dbdd1929d73c51272e0c71d5f16fcb55d17a5dabe0df2ff37b98c6b2c0ca6b12aa71d6801fb93ca88eb8ff47297764c5c76129906a2cc22da7b70b4f3069a8dd469f1fd6a5225ba66fa8208707e97efa47641ad86e8587188a3ebc2e6e850559344638fc7454d878186fd23c10056fd4f5184d78ddda2e963f4ecce7ff54372cb114f2997711dd0e383354120a9ff76aabc1065623740866085e63ad14e4df57a34655a4623f40436ca9972ba3e569f6ca4c6e3c8b290e95de56a242a5a9669c2a74af8bc9be5d11ab17050f49fc88a213383d09e9af6acbe27184b3b0dc7369cc7ee88ec26d4e8f9bf977082664c4f9e96fb151fe64a2d5b6f0ad3ec2e2e791db184afb564a40fb8f7b4ccefc7cc551ad867e44fab496de1dd88084b64d5959c6a4b78d9be0c5e7f4fd1a286ec082f68b6bcebf630d211d5b69d328a41881af924a7d10e22e91b930353ea2c56710e662c645d6c0298f2240a8fe6ae66320911a833d96211186c33ae14188bf75b598b532e10643a76f1ee8deea5e11484d651c21ce4fb9f706b7b750fa125d46de901c94d19867e787516a2fd525e89e85a7615817416e8faeeb839a813971dc7a4bbd54e7a79d789460cc0af450755e8faeb995fc2decfd4c8a013540af4e246fbc1ce6a8664d8ab3890a46f9e33ca52112e347e3e152cc691f283026725320c571fe9cddc9076cefbc6aad2daa11def666dd85134c853bfed74c4e219c07ba6768995065460a26f69a3e7abd4f51128014d9c5d48c39c8f5b5f767c50c9f0985035d6665cb9870bdbd668a667e6c15a11e2c30d94080948cf3fbe17041dac3746c20efca7246cf06ec1a8cf28228a5f9ecc47bf01c131250be2fb27eefdab2b9f10c772f1e765004025c019301532b8760098bb200bf8050fed7e72513d6750d15c745b2397b7c24ad6fc3a02b7b052325303b6b76bbc38ef6f98ab6dd0e6699cd0c7b3086c6f6a7382940c9efbf7736ae91f5505cfc76f0acd09e460455e43284c7070dda071b938bd9ce1c3f04865021d00f8020772a99ecbc5e5904823410cdd3ea9e07555b33717e8cde3a56337768b75441400948af5b6502d8d08f7ad4c1b34cc29f7693d0dc2eee90c6456e5691dc49db2e046738a1b14489074cd9b4944c16cebd3ba393d7277c1b75e91373518146f42738e6ff59b7dd928ce3310e8a8ede82d8a5236942e4a8203224c1544f856bea20bc86cb9567675befffedf6a67242bfead0aaf06d96b036353d340b7f96c304cbff3b38f800762902c2d62113cbd74a150de19eab67ab10ca2b58259f5f445695670d3555e2ad6565928cec86ec75122ba04be6ce9ff8f59d412ef8b3514a1252984db9e2196bc98964740febe173fb94036b94d98bbafd584ca34a4ea69556c7d10dd24bdcd4e17a85e3176cb5a2a7e707fe7c031b928442a308db7125eb2c0c960446b70cffc64f17d17e34bc9efcdeb89da97b6559524e2e1e298e57b079ae9dc21ed2116f9edeeab52a727885af29b9b8f042e7ab27c6ac6eec98db30f7218aa4c3bc084dee6e96ae8471ee5e0ffc9327a36a06e488a46bda97ec10a22a0713a3fbb591054527ec8b29ee9feab1f547b321090f25b7ac017f01d06c46cff8b3c560e8d55bbcd63fc23769e5fb8f9d3bbcf89e8366f5961763f44e44a518cbaa9ad5998dd8edea8ea0c4468e29b79d646df950e1d5308d0a8b78b001dd91263ef10915811ee7cf4ffa20052a816988a39c5015e3ad6d1cb4ecd519769473bb1453696cc0b1ced3ce5ab8129458cfd243f5bb410e7cff5c7fa90947a8201963ab95f5758ed27093a93cd5e8ed5671f3033e3c70f8d6ee85c74d800f2a0cfaf854a94a791aac5ea83361a3f095648a80c9314ef8a02eaea3653bd6fb81f8a5275453a5ada141afaafabc3bc08379384d7dbe164149e68844a10e163cc52f9e18454382086ddfb4171e3f9b4b38d241a19be47f29a421cb8b96431c06387b19b65c7f54d24d992c0485b6144de63a030a9c479d8864f0d1a6e9b214b9afda23c7843b15b07c16f3d8c726ee832cc67dbdef13ddb942ad0b11ace3ef4ab1794a74242f0261b73cc52f7a0132ebf3c1c862d02f5f9fc5b75325035b7ab6c92f4c68c3db95508c0db02ff2d5ffa1f0c1aa819cb2ffd118d17cfa2bf4fa1857ebed36df794a9eef73e192e96b30f6bdbb4cb9ae9164956d836fb2c2a1ef2733ffa80941bc2056dcc15f53f9d739618226a1fe64e982d5341705ab4c7eb04a86eb2c5b8e9c7c2acc81a834877ca88c9d29e0ad26d057c13f258353b2d62e61abb086cf51c37523400f36a0151f43d3dbc10d57b5eebfe862c02de33648cef3fbb181df63b9b691984300b640c0b5958ce8a4d26f4dc23c7e755fd972714fef7ede5c8eaf6004a5d5525e67556e240218bfd7b6ee27a51b9404ba5eb25f12fe2557cd9160eac96ebe87d5f79cd6d28e34636e9227453812866ee9c7af7cd19e31c2ba7b27301734fa828e93e83bc460b258cc8724bc7919b782a3c793e7234346088d541c724c8ca905bc0a9af03b89420e8852a3d8c92c731f01ec1d621c31d34fe18aaab8a6e5b35553bfade2a71aa89c884ba691d2040449dd133fcff0b0f6f6e1b552ce56438702ebd405049045a255be6f5149dd8aa7ccde28de90c450acb78d8b431c45e593b0b92c8f88be1cb81ca3890d8e346df92e94fdee952f6de0d6ba62000067d995c0686044da38635885314b10b1b157c047e765f117bc378d310ff82614fa647d2e1f5a95ae31d369b62bd94cc6a14d8c5e9700756babe932b6d71cfa712f13fa491cd99e4eaa4ad167f86875e0146e8f8a126b3ab9dd0a0a4d1acb117c1886acb3726f7ec3c9b7d935cd57c3c4b87b25cb297846fcf4743ad52050c3396cf62faa5b6bee816a5009c4c67c68f92b8e3ab41669ee893aec038c83ac81a6398169394f7bed504d0ff39bb1b2b90a576c9d077a571a27987049f4044b273be15f12b479d0e83f70e172a0787e6851a06e1503fc16c8001de730908b9de99ce7ccfe895ec8930e86820cf9703b1ca7b1b36903", 0x1000}}, 0x1006) r12 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_RELOAD_REGDB(r12, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r4, 0x400, 0x70bd25, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8815}, 0x20000000) 21m40.081982864s ago: executing program 0 (id=2550): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) r1 = open_tree(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x0) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x8c) 21m39.937885637s ago: executing program 0 (id=2551): ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000200)) socket$nl_netfilter(0x10, 0x3, 0xc) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000000)="a2", 0x1}], 0x1, &(0x7f0000000040)}, 0x0) sendmmsg$inet_sctp(r2, &(0x7f0000000080)=[{&(0x7f0000000180)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, 0x0, 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x1, 0x0) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000000)=0x0) landlock_restrict_self(0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r3, 0x4008ae48, &(0x7f00000001c0)=0x3000) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80}) io_uring_enter(r4, 0x3516, 0xf3f, 0x1f, 0x0, 0xfffffdcf) 21m39.077925496s ago: executing program 0 (id=2554): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x8, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2c, r1, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}}, 0x0) mincore(&(0x7f0000000000/0xc00000)=nil, 0xc00000, &(0x7f0000000140)=""/142) 21m37.899572005s ago: executing program 34 (id=2554): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x8, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x2c, r1, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}]}, 0x2c}}, 0x0) mincore(&(0x7f0000000000/0xc00000)=nil, 0xc00000, &(0x7f0000000140)=""/142) 16m43.801894645s ago: executing program 4 (id=3436): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "45208e", 0x8, 0x3a, 0x1, @dev={0xfe, 0x80, '\x00', 0x34}, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x94, 0x9}}}}}}, 0x0) 16m43.641386371s ago: executing program 4 (id=3437): socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_mptcp(0x2, 0x1, 0x106) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec309d59191b00867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3) 16m43.518244479s ago: executing program 4 (id=3438): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_io_uring_setup(0x876, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f0000000240)=0x0, &(0x7f0000000200)=0x0) setsockopt(r0, 0x2, 0x2, &(0x7f00000003c0), 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0xac) pipe(0x0) fcntl$getown(0xffffffffffffffff, 0x9) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r1, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f) syz_open_dev$vbi(0x0, 0x0, 0x2) memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0) (fail_nth: 2) 16m42.929589475s ago: executing program 4 (id=3439): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x92) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/71, 0x47}], 0x1}, 0x8}], 0x1, 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) r2 = socket(0x840000000002, 0x3, 0xff) r3 = socket(0x40000000015, 0x5, 0x0) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e20, @empty}, 0x10) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0xc) mount$bpf(0x0, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440), 0x4c00, &(0x7f0000000480)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r4, @ANYBLOB="e000"]) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x15}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r6}, 0x10) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = socket$kcm(0x29, 0x7, 0x0) recvmsg$kcm(r9, &(0x7f0000000600)={&(0x7f0000000380)=@hci, 0x80, &(0x7f0000000500), 0x0, &(0x7f0000000680)=""/136, 0x88}, 0x2002) r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e006"]) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000740)=ANY=[@ANYBLOB="4ee24191a0d6eb261e310e7e7d288fde42bcd57094f73f25d0de6a7734b50e19d173c0e72c3769f7210cd5b526b0c550b77acb0008134dc03b15ec3715920466cae7a0bb177dfd67576dead96446c56e31", @ANYRES16=r7, @ANYRES16=r0, @ANYRES16, @ANYBLOB="08000d00c2000000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40000010) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) 16m42.572410296s ago: executing program 4 (id=3442): openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, &(0x7f0000000240)=0xffffffed) syz_usb_connect(0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) fanotify_mark(0xffffffffffffffff, 0x90, 0x40100000, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2663}, 0x4000004) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000000), 0x4) setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000000080)={0x1, 0x1, 0x5, 0x40008001, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) setsockopt$MRT_DONE(r3, 0x0, 0xc9, 0x0, 0x0) sendmmsg(r2, 0x0, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000200)) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bond0\x00', 0x0}) sendmsg$nl_xfrm(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB="c40000001900010500000000fbdbdf25fc000000000000000000000000000000fe8000000000000000000000000000bb0000000000000000020000000000", @ANYRES32=r5, @ANYRES32=0x0, @ANYBLOB="0000000000000000fcffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000c001c00", @ANYRES32=r5, @ANYBLOB="04000000"], 0xc4}}, 0x0) read$msr(r0, &(0x7f00000003c0)=""/87, 0x57) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) socket(0x10, 0x3, 0xf02) 16m41.560634319s ago: executing program 4 (id=3447): syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x3b) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, 0x0, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setresuid(0x0, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0xfffffffe, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0xfffff800, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0xc, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0xa, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xfff7343e, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) pread64(r4, &(0x7f0000000200)=""/82, 0x52, 0x2000000fc) socket$inet6(0xa, 0x2, 0x0) r5 = geteuid() setresuid(0xee01, 0x0, r5) faccessat2(0xffffffffffffff9c, 0x0, 0x1, 0x100) syz_emit_ethernet(0xff, &(0x7f00000005c0)={@local, @broadcast, @val={@val={0x88a8, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "498c00", 0xc1, 0x6, 0x0, @local, @remote, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0xfffd}, {"d1ece1872bfe259f0c436d0ddf795c63d6921076bc4130270a73e2107242feb5cb1f95cddd7686c57c0542cb4eb723bafd45ab9f30fb71f7cdb130177f91f1ef959ad89067e19a95906fc8cb10a7ad6750d9a1993b4b9704835fee2938e43b9eaeaad5834809001128d41462d1a2ab584a2ea9ef10a360cafad74c189d01029efbd4c9c66866ea55470781ab7140000688f3709c7ad3fec4bd3b5cb1ab9cadccf8887c478654ac1de59f02e30e"}}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) 16m41.431958479s ago: executing program 35 (id=3447): syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04"], 0x3b) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, 0x0, 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) setresuid(0x0, 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0xfffffffe, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0xfffff800, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0xc, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0xa, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xfff7343e, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) pread64(r4, &(0x7f0000000200)=""/82, 0x52, 0x2000000fc) socket$inet6(0xa, 0x2, 0x0) r5 = geteuid() setresuid(0xee01, 0x0, r5) faccessat2(0xffffffffffffff9c, 0x0, 0x1, 0x100) syz_emit_ethernet(0xff, &(0x7f00000005c0)={@local, @broadcast, @val={@val={0x88a8, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, "498c00", 0xc1, 0x6, 0x0, @local, @remote, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0xfffd}, {"d1ece1872bfe259f0c436d0ddf795c63d6921076bc4130270a73e2107242feb5cb1f95cddd7686c57c0542cb4eb723bafd45ab9f30fb71f7cdb130177f91f1ef959ad89067e19a95906fc8cb10a7ad6750d9a1993b4b9704835fee2938e43b9eaeaad5834809001128d41462d1a2ab584a2ea9ef10a360cafad74c189d01029efbd4c9c66866ea55470781ab7140000688f3709c7ad3fec4bd3b5cb1ab9cadccf8887c478654ac1de59f02e30e"}}}}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) 10.833521715s ago: executing program 8 (id=6603): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x0, 0x44}, 0x28) fsopen(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0xfffffffe, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x48) r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) writev(r4, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb0100", 0x25}, {&(0x7f0000000040)="aa1d484ea000f5fff7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a4", 0x24}], 0x2) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x2, 0x0, {0x8, 0x7}, {0x6, 0x802}, @rumble={0xffff, 0x6}}) syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0x8ea341) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') write$char_usb(r5, &(0x7f00000007c0)="e264222c1a00c48ee4153978c13abc09000000000000000a7ab0f3596abfa8ca3e54e94b93757df9daaa187f2b5d67443de80facce1c52f86f0200000000000000f1ef661d4a17572298c2971db94d7988c0d29c491b4972af51ae9d0ba544a22c0059534e6a8b47", 0x68) mkdir(&(0x7f0000000400)='./file0\x00', 0x103) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c0007010000000000000000010000000400fc800c00018008000600ffff0000080002800400728008"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)='grpquota') r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b0000000200000009000100"], 0x7c}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x10000}, 0x28) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000340)={@in={0x2, 0x4e21, @multicast1}, {&(0x7f0000000440)=""/248, 0xf8}, &(0x7f0000000040), 0x32}, 0xa0) 9.722168447s ago: executing program 8 (id=6606): r0 = socket$tipc(0x1e, 0x5, 0x0) io_setup(0x6, 0x0) connect$tipc(r0, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4000000}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x20001) (fail_nth: 5) 9.14556534s ago: executing program 8 (id=6607): socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="100000000400000008000000080000000000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x1e) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) semget$private(0x0, 0x3, 0x451) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r1, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f000000e280)={0x2020}, 0x2020) prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, 0x0, 0x34}, 0x28) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111}}, 0x20) link(0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='scalable\x00', 0x9) shutdown(r1, 0x1) write(r0, &(0x7f0000000080)="0b000300010001", 0x7) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000000c0)={0x0, 0x0, 0x0, [0x1, 0x0, 0x8, 0x2, 0x36], [0x2, 0x5, 0x2, 0x4, 0x7fff, 0xcb3, 0x3, 0x5, 0x7, 0x4a, 0xb05, 0x3651bf7d, 0x9, 0x3, 0x9, 0x1ff, 0x7ff, 0xa, 0x4, 0x7, 0x8001, 0x8000000000000000, 0x5, 0x3, 0xffffffff, 0x400, 0x2, 0xd, 0x8, 0x1ff, 0x1000, 0xeb6, 0x8001, 0x0, 0x8000000000000001, 0x9, 0x7, 0x2, 0x10000, 0x4, 0x4, 0x1000, 0x401, 0x4, 0x5, 0x8, 0x5, 0xb, 0x8, 0xffffffffffffb00d, 0x7fffffffffffffff, 0x4, 0xfffffffffffffff9, 0x512f, 0xffff, 0x136b, 0xf, 0x81, 0x6cc, 0x9, 0x3, 0x1, 0x3, 0xff, 0x25, 0x7, 0xbb4, 0x7, 0x4, 0x4, 0x7, 0x8, 0xfa59, 0xffffffffffffffb7, 0x9, 0x5, 0xffffffffffffffff, 0xbd25, 0x3, 0x0, 0x9, 0x6, 0x9, 0x2, 0x7, 0x0, 0x9, 0x6, 0x0, 0x35, 0x7, 0x3, 0x6, 0x1ff, 0x5, 0x4, 0x9, 0x39, 0x8, 0x1, 0x8000000000000001, 0xb, 0xffffffffffffffe1, 0x800, 0x3, 0x905b, 0x1, 0x1, 0xffffffffffff8001, 0xbe60, 0x8000000000000000, 0xf, 0x8, 0x7, 0x7, 0x40, 0x0, 0x1, 0x4, 0x0, 0x7]}) ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f0000000a40)={0x0, "8995bfec3622c877f229c31f8e164e34"}) 8.301425972s ago: executing program 6 (id=6608): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c9, &(0x7f0000000100)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x1, 0xc0101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) r7 = syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r6}, &(0x7f0000000140), &(0x7f00000001c0)) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="3c7ecd1f00000040a40b7293e76d3626240500200000000000010902240001000000000904000001030002000921feff0001220500090581030000000000"], 0x0) r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r9, 0x40085112, &(0x7f0000000080)=@e={0xff, 0xa}) syz_usb_control_io$hid(r8, 0x0, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r12, 0x0) r13 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$char_usb(r13, &(0x7f0000000040)="e2", 0x2250) syz_usb_control_io(r8, &(0x7f0000000100)={0x2c, &(0x7f0000000180)={0x0, 0x10, 0x5, {0x5, 0xc, "74f18f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 7.997265707s ago: executing program 8 (id=6609): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000340)=@gcm_256={{0x304}, "00cd83f39500", "7979c06f94e1f3ed1945a2b2c7ff1bd557b28d5a73226a963826af565862c109", '\vv?\f', "dbdf3ad7d6801cf6"}, 0x38) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x11a, 0x4, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r2, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003b80), r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f0000004100)={0x0, 0x0, &(0x7f00000040c0)={&(0x7f0000004040)={0x38, r6, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x32}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macsec0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010100}]}, 0x38}, 0x1, 0x0, 0x0, 0x1000}, 0xc004) 7.873066328s ago: executing program 8 (id=6611): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e004300100000000280", 0x2a}], 0x1}, 0x40000) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000023106a053103000000000001090224000100007e1109040002010300010009210000000122f80409058103"], 0x0) syz_usb_connect(0x3, 0xd7, &(0x7f0000000380)={{0x12, 0x1, 0x310, 0x21, 0xe1, 0x21, 0x20, 0x12d1, 0x5121, 0x8cbb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc5, 0x2, 0x8, 0x2, 0x40, 0x2, [{{0x9, 0x4, 0xf0, 0x5, 0x1, 0xff, 0x3, 0x12, 0x1, [@uac_as={[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x9, 0x4, 0x8, 0x6, "5af8", "a6"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x5, 0x1, 0xde, 0xb2, "6c2cf467"}]}], [{{0x9, 0x5, 0x6, 0x3, 0x400, 0x8, 0x9, 0x8, [@generic={0x5f, 0x11, "291af893ea26edcabf9910a8a78ebfc42e37c7acaf799b1ef32e988b3725d59641b329579f152fd98df778d5a945cbd55d87042a1b6e0929909c3421637f46b35e92d91731a28687eb7be6129cadc90f921c33fece58525d84e0d8bd22"}]}}]}}, {{0x9, 0x4, 0x18, 0xc0, 0x2, 0x8b, 0x54, 0xff, 0x4, [], [{{0x9, 0x5, 0x9, 0x4, 0x2fb6652115d71459, 0x8, 0xa7, 0xc3}}, {{0x9, 0x5, 0xb, 0x0, 0x200, 0x8, 0x9, 0x4, [@generic={0x19, 0x4, "62752d57cc57cfdd9e183156dde26ec471c93d66ebdea5"}]}}]}}]}}]}}, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x57, &(0x7f00000005c0)=@string={0x57, 0x3, "d0cb1e1154a4d2c07f1810316996034aad093435f43e085667f2347a64273023e17b3fb22c268d6da384ba6ae849ae8b6f4c2b8a6391f0bbd62dc7d2e4865cfd39d9b671076a1d25ff52bd0280e1ef48a06d531c46"}}]}) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x1e, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) r4 = fsopen(&(0x7f0000000000)='devpts\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000280)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\bb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xd7\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0) r5 = syz_open_dev$usbmon(&(0x7f0000000240), 0x1ff, 0x2) ioctl$MON_IOCT_RING_SIZE(r5, 0x9204, 0x96fa) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) r6 = gettid() prctl$PR_SCHED_CORE(0x3e, 0x0, r6, 0x2, 0x0) sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) write$UHID_SET_REPORT_REPLY(r0, &(0x7f00000007c0)=ANY=[], 0xffe0) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r7, 0xc0105500, 0x0) syz_open_dev$video(&(0x7f0000000040), 0xa6, 0x80) 7.508111775s ago: executing program 2 (id=6612): syz_80211_inject_frame(0x0, 0x0, 0xb5) prlimit64(0x0, 0xe, 0x0, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) gettid() fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, 0x0, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0xffffffff, 0x4) socket$nl_generic(0x11, 0x3, 0x10) sendmsg(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000380)=@caif=@dgm={0x25, 0xf, 0x80}, 0xfe44, &(0x7f0000000180)=[{&(0x7f0000000040)="728a4af11b259ffdb9697402ac073ab0d2a920e8498d8a"}, {&(0x7f0000001400)="8764a8ee37aedb8234c2c785ea4975fde90d6fe4692c9d28b413f8ee284dceeb60b3a3977fcbb51e665a04d31b652c1b24bb5139d09801d1f6847e1e3d71ccbe03fbe3f8c8dc90889c15b6f89576a406a8f03ee3fc05fbe8942b4b43f45478b124322e6f869744da11da706e92b5fd0fbe0b09d821e108346554de33b2444dc25ec2a5cf620172dbbb7e0da3d5ecbe55111ff7344f830b39a6c6ed81ff6d1f7830c7a578d86d475ad707cc6f3a0f4c996cb995dadb48a297244ec4a528f84354a223099e2fa101b76126c88f48f0ad362208cbe37dbd6821e60329"}, {&(0x7f0000000400)="a5b3147935c25f01f17c8c0a18b8e45e5385f3d44e30db9b9891d219b0ffdc3935b737d5284390e85fd13347240d2458f1f31736316279e6e06dddcb31dabc0d65dba629eb2a4048e7441900cbcb6baafb70b7e76709e8960c4f6f6da32746ea4f8751b32fc0e82e6f86ea303c7c30d605c7b05f6c12a21d3560e9bf1601fbca1e9223d342718e1cbe1bc176804294f381c66881511b6b31490b1393159bc6abc9cd7335f920f0cd11f054697bc77d6b3706d68b6803ddc1fab269a5bfd6c4bc7bd6f8cba1ab22c4047ee992369fe442b26075eb2b75b0f31fb609306cdcad1e2e37f11639c2e57071a3d267d2447e19b359f861d35866c0e24d80a87c780bc6ad2a6415606057820fc0875201f45973392f45fb42d17788cc24b95cfb4027062e70263c8c0192981a9676b7a4d29d2dd5ba0bf3f8bf0f17af9f3c8d207a81bfb54146b5a79e82cebdfe075d97e269929302b8a110dc05b51d31f7b49474cc3b2fe47dd0ceb1213e20d7408a924324ff53c389fdbb6a71bad8906f33bec63b41b18c2b594da3c07da06a22b145014a71c8089f92b7ab9d2c45722eb964a89063dee2790c18d0e62050b06518673000f2c6ed88c56fc9b8f29f0775d388b9394a2a3a01ba8430df6e4a96c81f9d554d68c324c737ae9eb11ead99aa35d62bf35df3d793a35bb10cf5ce31917a9ffe91aa2eed43fbee5ba4eea5d6f7b09a8588cbdc111b9d303659d89c9dcc8d4b5164ca1bbe4a5c4ab0e363bbb68675d4016179eb69f6eb741b3ebfe2a32c85cc354f73a09a29bc16684935303ee43b5dcccbe08278dd1491286110cf11c5051c686a2ff6d84a1298245ceaf0a401315557dd0f46a77ced6370ddf731a93c0f6d79d320c022b8cb00a94db9d0f3f1f18a6f7d5ab78b98b2414c52d08c0bd79340e21f2c34c9c25dbbc689a0eb7d36548c020eaf4c6e318bbdf7f384705e73fa84cf538cd396c9e1160067f36fbf1d093fad1b4f7917a1b88557f828798938b150b98f3e11da9a6ecc264e15ce3455df2099206cfbe6f709a83dba6f396e0f2a776a1f75245c58e4bec6e35600e1c5a61565aa5a78a1223c1bdf28b5dffa40737817f0c0d2b29d84a00ef8548b05438c640f0ee0a1148aeb086c74e8e2a549bd14b84314da60552260240f5e75ebd3996179537eab91b0637ffcd8bbd902a5b77fdbe57e3a7bd9b16df7e9435e4fb9427d282e175a5bedaa72f0a76baa77f70325afca163e8ba3bebedbf8a91ceb063750947f0190e75e44cd9342674f47ab95c3279c5314c37f917250640270c998f80dc2a1d46e7b7f6afb3e94479ff3dbcd36f594a2b105104268c2ac11b66813086e510a827050669892373f88cab04ab04c64ad6f1303155d22f612d0b8e8bdf6788bfa41ca3c33e7118da4ee7ff1e69be06b0be9749b79afb5456900e1682874d208cdfd589e6971b5a4e7340765fa2cd71657714800679206d3d1c8bd54cdc92db1611bfbd46d21b5807c42ea5325e1e1b178d104684c398ab98a22818cda1fe8081537eb6e03b0d46d19dd8f07667398f324816bee8c9fbe23ea7d91d0b3403c08a7c19055190ae7c7d085e12adc0593e2f24ad6a4b7375b5553622231eccb048629b57f357617dafd9adb4d4870d36da008209cbaa375ac16c872a6348208628f071ecbf2d710b9d361331336ceb56078f298adb88d188f572984eca02430241305db492ef274b346b9debbf37880814171cba5291c6742dff1107bbca1d41fc9be65fbabb557a975c79fdb907bfed897b72f0b8d99efae9b2e8f6cb646729def1b5757a62636a6a9cada5e5562ad432695a193227f7f721c9756f3246e3ad9f266d089e9b9ece9fefc4a52f5061d82bcf072f695423a4703954b774033467b011d74b7fc72f4774528c39191b6528a077e39934452c176b8c419bf55ad7bd8424d9c238e2ba87ee7d9c977d2442c572dc979742dd9ba18df1b5b8b24b64115a1c2945f6090bfa3cf3d35086bee0184479b0315d557d73be95b10c720e1d24cc01fb3b14c1d227285d2a1754ceb02e3470e429aa5a34508a317bf83cd784cdd8f8f4cf39a63ff0836c3d4fce3a349e0ef2a4367ececb14fabf0d5c9c22ac814014301b2046ee9fa84474057265165fbbc1cd3287a3d28a80d773768748889c17a6c26ab8bf7952e43e2cd8347837c683292cd5d68e88ff853ba8043715dd1fe4ea805f1fabb11b6b1a462073ed5bb9e866279d39e46dbe3fccfb4330fec7ea87dfebbaf2a7d53c7ecf2153d5edb14b186ea920f31ab2739e0450a2cb905895a5705d7d7fdb508665deccb7fb981849230b4969d8a20327b50af961e459b71deb948c54de14f8e3a942206afb00697f38e73c7fcab9a1a792ef2bfc2e28bd70a997e877119852b4555c6eb172d9479c671428ba23eecdb455d026472298c270b8b099e97b3af8b0cd828f8ea60d30b2ed0da66f1aad2be555c99e605e9afa8d009a4aa78dd04c7aeea873d1e3a9597691c21dfbc557a1b00c3f7ee75da2eb3f503dbe8c5008bf7fb09408a6e362ae901b31219de38a387ec57c8cf6ea778a8906d0ddbfb4fdc9bd5b2317573bbf1df136f194e2f0d62fdf1a7c21f1ea812f5845deb5d2589f6ef51ab9caa45ae0ec41660ad0a48481a2beff67b5fcb83d07904ccde4238366752d004bba35f8e6749afeff899f9577c2725feb4e0f0eef45b77f8013d7f56770a31789b018b24631e2ece2b3e5b8f1b9692d0e09946e2f6819910022bc46e9f115fa1f28350793415df88d312cbc4dbfce3096f8640c5a86dbc130d6619cee66bc31e277a36b655e354d5047dcc716dc76a2834b41da0a1e8adf16439c7816a768e9392a152f4eb33ef6c0cba7fd0b540b10afa4e5e000de25888d0d32cda78eca0d2646c3a60dd12fb0345758d6945939a12c9c358e682077991ff05b44238abbdb02bc5b212f15998bab174c8e8002b47c588fb379e8406e15771cb529df75d8239e81a46700e0eb1a13014d762b19efcc8e3041fce38cf3f8387589540dd486fd2c3fea74fff39ab96993baa21c560a58a85fe15bd60659758f5ea94b56832d9c960bb1ec5a992e1d972d5dcc6325b07002dce1177a30c9c2d89da69d8e3e38384e61df822f6a80784a3125c6f96d9f2a4ab1e3d56028f6de460ab0f81cc415ad0d5ee40c24a3b9d70aaaaf13a0062bc72b545bfd228339c9d9a515f1b00a75c8d2ee3652338947721b961e5619ce3a481525484ddcbf5cd6ef37ed305fbfb9578f6127bf27ad3539b13731119b6be49a336d696c688e89d04a1dd283df4526cc30bb4232bf2b1d853f8f0b086018d08569631ae62bac2623c652a52cdafaf16ce03a636cd36ed2302362e21cdb8f72079275df4742403128d89f6146359ada83d53513b49b73982529d659138c7ca9f37a132a620f890a6b972948a86bc9b12d700f9ba079d73d5b0a724f8f6b25ada9ce97f6431ba2ef0cd36975ed2b58307a3ab727d1f3cba6c4937d2238304d2dafee4b1a0c89bfb74e5c7db48c3c166dead480bada49fb27f657e5a028ba8f13f0fb0c5dc341dc1339fae2901694432da5774416a22f15702c8dcf5e17bb292773c2774c65ba5d2a5794c7dd08573fb859604a3cdb9f3aa7ea080be42ae02df0504fe37d7245f36e760022c41f88479dc701d6d8debaaddbda1826d4f95055f7aa0772854c4149fa33d8dbf721bfc8f209af8e8259995a92e6ff7e5fa080d61ba111d61a744af8f76f3d6630899b959c984e662bed18720065703175f5af6f4c07201ab37be5130cb825851a8c9e4847acbfc54449779904a582e3a7c8bb204619ad238973e0e7ecb477cfac2ef543594c2b62ff0733f6ccf20e20ef91070b24ceaa7cb40b6ee7c3df3a2cc1200cb73a49efd8b01a00247910d2171fc0d2367f163ac5ec90d0a360b7550130f6bbe82bba0cbce8b85c6ff9ba5748af034c54b32072685b90d2f8d848ca345cec45f35175e591f97bd04ac56488ba8ed665f65a030b442f9d048608fde4c903f0ff05cafdaf23ef9215ffda7910bf366425a40ec92b6dd3fb61f477a58f3e2884f3d61eca883dc4b8d598bc15c9f72210efea11073ee7cc6f08f631721edcbeaf604a2d9b02398542118022a8967e77cbe5703fcff5b7c2846ba2424a8352c5453ac63b7cb2624d6296f2a84c37309d8a957ecdb11fcabb6fe59dbcdb08281072c3bc9d364410905ce2c318102759ec77ae674aebc20aaa4157751fa5917f67153bd19f09f3be215f8ef70cfda593305dacb6baa46d0a4abfa30a80003a2acf8b9a9363ef15c66656681e0e7b29a480ac1c5991fa52030ff45b3b7cdd23dd35ca5b8ccefdd7aa4a4f6c79bd7bc5fc7c8d2973933fc0ffae832b878921d24d46cafcd3d13e93c62e79882c8c60e384e1be8012f6b5fa0cf7216e3939c55bb0d5dab75349860d32000310d220f574dd55d3ae2b59e131d4a38f05ffe050dda70f7940a83371516bc35b99b0d0398df3079ecd509a7d7e8fbbdb358ff632db6a9e001383473196ce868d22478c6a71684c259b227032ff37ae9ebc913671183e524d5397787d3f921444ca7874bc5957c8a158df6daf0c5e84eb55da22557657d3880d3b0f9951edf7c2b357ea9fd70765168477d8bf14b73a06629bbf2272c02fce95f4636a79a143b248b7b012e3e1e38abbe0ad0112af4a473e44c2764ac5c375ef75a5cd5d510a33fb283d8afe136e3cd5804b696a8ba5a9372058f798972c894463cd73187119aea794986b38f21e29016bea0bf47056ff2cf8e3e162148b9da6bbdd0372e2b5439167e3911dfab4122f7a73cbfe68c2d2fbe92aeb39d1c9abc70fa13f832b4073c9db64791b6c8d656faaab4ec58108c7e192aec4f281f40694985e49a16e11c1db1ff916f201dec3a4224c729f7ac9e87199fd0b9899fd3ffba9fd0870c3f0843768a6f0783a4f322764aeb7650c012d4afbfa9389080738eb766a7fd89190966b7882b8c3fe23c9083d0af5412462537505a26de29c4cafdcbff49b116229c1091ad7f653005ac54d63b57335250129500592b83b0454b7374916e121a30c2d1a5664e9c0374d71ed2a5167c807a251b90acdcefa6538aa1e649a4f279bdb34a0342e0e9ad8e4c93fff082a7d5330cca937a4c286088da8bc654b0fd25ad6cf0d2b741d85e2b0a7f738a62f1672e7108f0e35176e43c51f9eee685b6638b82f5cb964e0e7a66ee31f6a3f623f21ae7bfb530d36b652377a4940d93f14e3fa80f47df38259e44084199b5e5846988f800b04e554d7c7ec8616fdb849a4af7ddacaa29f61e8fe7dab6b559b2eed1443067417b984a777b39fda6ae5f01328579ade2b35789690a6c49975f3e8ff946cd62651ab5e2351fe474c5f7ea1c3d7a194aaf16013d62eb1d7d25cf2e3c2c000d6623f9be024b55dae5cc5d0f5154979dba1d4b1ec0003a5ad86a4f8234fb68e52073cabdb41a3bf4abcecc3b345bfda55b9939a94d66f7bbd21f723aef651a24dc05f66a0decaa78acd936971cbb1157974594a98a47983399959766daf2ca20513df91bed34968901d9d05f38010a6d248cc89332adc80aaafea57d2e71be1ef5fb5b10d88042fa346dcdd57e358c0561083be4638c47b38e6235cddbf7be31789e85f55a6d581f73fe6aec13b0bec20e7ee96035f8bea0c008ab9a6a2678279c3f59dc933b29a34ab0c851e5a3d881cd1e890c4f124ed234a85b9ab812bf0392d7ce0380a8a974b5ce7bf9547015637f62f78ad6ff225926988c21e1c9dc0232e980d08bdc36"}], 0x2a, 0x0, 0x0, 0x11000000}, 0x20008005) 6.058941769s ago: executing program 1 (id=6616): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$UI_SET_PHYS(0xffffffffffffffff, 0x4008556c, &(0x7f00000005c0)='syz1\x00') r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a300000000008000340000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x34, r3, 0x303, 0x70bd27, 0x0, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000840}, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) write$dsp(r5, &(0x7f0000000880)="378c8882932388799ddc34217119a5f2dcbc6ac15232521c76", 0x19) 5.284388494s ago: executing program 2 (id=6617): r0 = socket$rxrpc(0x21, 0x2, 0xa) fremovexattr(r0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4620, @private=0xa010101}]}, &(0x7f00000002c0)=0x10) getsockopt$bt_hci(r1, 0x84, 0x85, &(0x7f0000000080)=""/4060, &(0x7f00000010c0)=0xfdc) 5.229227898s ago: executing program 6 (id=6618): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) ioctl$UI_SET_PHYS(r3, 0x4008556c, &(0x7f00000005c0)='syz1\x00') r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x34, r4, 0x303, 0x70bd27, 0x0, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000840}, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000004c0)={0x800, 0xb, 0x1, {0xa, @pix_mp={0x9, 0x6, 0x50565559, 0x7, 0xc, [{0x1ff, 0x780}, {0x3}, {0x1e303cd8, 0xe}, {0x3, 0xfa3}, {0x8, 0x7}, {0x80000000, 0x2005}, {0x3, 0x3a}, {0xb, 0x6}], 0x3, 0x1, 0x2, 0x2, 0x2}}, 0x7}) socket(0x80000000000000a, 0x2, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r6 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) write$dsp(r6, &(0x7f0000000880)="378c8882932388799ddc34217119a5f2dcbc6ac15232521c76e5c675cd3035e9d2bbc86abdcc5015ba9a116b96de1f8b6f88", 0x32) 5.064455341s ago: executing program 2 (id=6620): syz_80211_inject_frame(0x0, 0x0, 0xb5) prlimit64(0x0, 0xe, 0x0, 0x0) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) gettid() fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, 0x0, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0xffffffff, 0x4) socket$nl_generic(0x11, 0x3, 0x10) sendmsg(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000380)=@caif=@dgm={0x25, 0xf, 0x80}, 0xfe44, &(0x7f0000000180)=[{&(0x7f0000000040)="728a4af11b259ffdb9697402ac073ab0d2a920e8498d8a"}, {&(0x7f0000001400)="8764a8ee37aedb8234c2c785ea4975fde90d6fe4692c9d28b413f8ee284dceeb60b3a3977fcbb51e665a04d31b652c1b24bb5139d09801d1f6847e1e3d71ccbe03fbe3f8c8dc90889c15b6f89576a406a8f03ee3fc05fbe8942b4b43f45478b124322e6f869744da11da706e92b5fd0fbe0b09d821e108346554de33b2444dc25ec2a5cf620172dbbb7e0da3d5ecbe55111ff7344f830b39a6c6ed81ff6d1f7830c7a578d86d475ad707cc6f3a0f4c996cb995dadb48a297244ec4a528f84354a223099e2fa101b76126c88f48f0ad362208cbe37dbd6821e60329"}, {&(0x7f0000000400)="a5b3147935c25f01f17c8c0a18b8e45e5385f3d44e30db9b9891d219b0ffdc3935b737d5284390e85fd13347240d2458f1f31736316279e6e06dddcb31dabc0d65dba629eb2a4048e7441900cbcb6baafb70b7e76709e8960c4f6f6da32746ea4f8751b32fc0e82e6f86ea303c7c30d605c7b05f6c12a21d3560e9bf1601fbca1e9223d342718e1cbe1bc176804294f381c66881511b6b31490b1393159bc6abc9cd7335f920f0cd11f054697bc77d6b3706d68b6803ddc1fab269a5bfd6c4bc7bd6f8cba1ab22c4047ee992369fe442b26075eb2b75b0f31fb609306cdcad1e2e37f11639c2e57071a3d267d2447e19b359f861d35866c0e24d80a87c780bc6ad2a6415606057820fc0875201f45973392f45fb42d17788cc24b95cfb4027062e70263c8c0192981a9676b7a4d29d2dd5ba0bf3f8bf0f17af9f3c8d207a81bfb54146b5a79e82cebdfe075d97e269929302b8a110dc05b51d31f7b49474cc3b2fe47dd0ceb1213e20d7408a924324ff53c389fdbb6a71bad8906f33bec63b41b18c2b594da3c07da06a22b145014a71c8089f92b7ab9d2c45722eb964a89063dee2790c18d0e62050b06518673000f2c6ed88c56fc9b8f29f0775d388b9394a2a3a01ba8430df6e4a96c81f9d554d68c324c737ae9eb11ead99aa35d62bf35df3d793a35bb10cf5ce31917a9ffe91aa2eed43fbee5ba4eea5d6f7b09a8588cbdc111b9d303659d89c9dcc8d4b5164ca1bbe4a5c4ab0e363bbb68675d4016179eb69f6eb741b3ebfe2a32c85cc354f73a09a29bc16684935303ee43b5dcccbe08278dd1491286110cf11c5051c686a2ff6d84a1298245ceaf0a401315557dd0f46a77ced6370ddf731a93c0f6d79d320c022b8cb00a94db9d0f3f1f18a6f7d5ab78b98b2414c52d08c0bd79340e21f2c34c9c25dbbc689a0eb7d36548c020eaf4c6e318bbdf7f384705e73fa84cf538cd396c9e1160067f36fbf1d093fad1b4f7917a1b88557f828798938b150b98f3e11da9a6ecc264e15ce3455df2099206cfbe6f709a83dba6f396e0f2a776a1f75245c58e4bec6e35600e1c5a61565aa5a78a1223c1bdf28b5dffa40737817f0c0d2b29d84a00ef8548b05438c640f0ee0a1148aeb086c74e8e2a549bd14b84314da60552260240f5e75ebd3996179537eab91b0637ffcd8bbd902a5b77fdbe57e3a7bd9b16df7e9435e4fb9427d282e175a5bedaa72f0a76baa77f70325afca163e8ba3bebedbf8a91ceb063750947f0190e75e44cd9342674f47ab95c3279c5314c37f917250640270c998f80dc2a1d46e7b7f6afb3e94479ff3dbcd36f594a2b105104268c2ac11b66813086e510a827050669892373f88cab04ab04c64ad6f1303155d22f612d0b8e8bdf6788bfa41ca3c33e7118da4ee7ff1e69be06b0be9749b79afb5456900e1682874d208cdfd589e6971b5a4e7340765fa2cd71657714800679206d3d1c8bd54cdc92db1611bfbd46d21b5807c42ea5325e1e1b178d104684c398ab98a22818cda1fe8081537eb6e03b0d46d19dd8f07667398f324816bee8c9fbe23ea7d91d0b3403c08a7c19055190ae7c7d085e12adc0593e2f24ad6a4b7375b5553622231eccb048629b57f357617dafd9adb4d4870d36da008209cbaa375ac16c872a6348208628f071ecbf2d710b9d361331336ceb56078f298adb88d188f572984eca02430241305db492ef274b346b9debbf37880814171cba5291c6742dff1107bbca1d41fc9be65fbabb557a975c79fdb907bfed897b72f0b8d99efae9b2e8f6cb646729def1b5757a62636a6a9cada5e5562ad432695a193227f7f721c9756f3246e3ad9f266d089e9b9ece9fefc4a52f5061d82bcf072f695423a4703954b774033467b011d74b7fc72f4774528c39191b6528a077e39934452c176b8c419bf55ad7bd8424d9c238e2ba87ee7d9c977d2442c572dc979742dd9ba18df1b5b8b24b64115a1c2945f6090bfa3cf3d35086bee0184479b0315d557d73be95b10c720e1d24cc01fb3b14c1d227285d2a1754ceb02e3470e429aa5a34508a317bf83cd784cdd8f8f4cf39a63ff0836c3d4fce3a349e0ef2a4367ececb14fabf0d5c9c22ac814014301b2046ee9fa84474057265165fbbc1cd3287a3d28a80d773768748889c17a6c26ab8bf7952e43e2cd8347837c683292cd5d68e88ff853ba8043715dd1fe4ea805f1fabb11b6b1a462073ed5bb9e866279d39e46dbe3fccfb4330fec7ea87dfebbaf2a7d53c7ecf2153d5edb14b186ea920f31ab2739e0450a2cb905895a5705d7d7fdb508665deccb7fb981849230b4969d8a20327b50af961e459b71deb948c54de14f8e3a942206afb00697f38e73c7fcab9a1a792ef2bfc2e28bd70a997e877119852b4555c6eb172d9479c671428ba23eecdb455d026472298c270b8b099e97b3af8b0cd828f8ea60d30b2ed0da66f1aad2be555c99e605e9afa8d009a4aa78dd04c7aeea873d1e3a9597691c21dfbc557a1b00c3f7ee75da2eb3f503dbe8c5008bf7fb09408a6e362ae901b31219de38a387ec57c8cf6ea778a8906d0ddbfb4fdc9bd5b2317573bbf1df136f194e2f0d62fdf1a7c21f1ea812f5845deb5d2589f6ef51ab9caa45ae0ec41660ad0a48481a2beff67b5fcb83d07904ccde4238366752d004bba35f8e6749afeff899f9577c2725feb4e0f0eef45b77f8013d7f56770a31789b018b24631e2ece2b3e5b8f1b9692d0e09946e2f6819910022bc46e9f115fa1f28350793415df88d312cbc4dbfce3096f8640c5a86dbc130d6619cee66bc31e277a36b655e354d5047dcc716dc76a2834b41da0a1e8adf16439c7816a768e9392a152f4eb33ef6c0cba7fd0b540b10afa4e5e000de25888d0d32cda78eca0d2646c3a60dd12fb0345758d6945939a12c9c358e682077991ff05b44238abbdb02bc5b212f15998bab174c8e8002b47c588fb379e8406e15771cb529df75d8239e81a46700e0eb1a13014d762b19efcc8e3041fce38cf3f8387589540dd486fd2c3fea74fff39ab96993baa21c560a58a85fe15bd60659758f5ea94b56832d9c960bb1ec5a992e1d972d5dcc6325b07002dce1177a30c9c2d89da69d8e3e38384e61df822f6a80784a3125c6f96d9f2a4ab1e3d56028f6de460ab0f81cc415ad0d5ee40c24a3b9d70aaaaf13a0062bc72b545bfd228339c9d9a515f1b00a75c8d2ee3652338947721b961e5619ce3a481525484ddcbf5cd6ef37ed305fbfb9578f6127bf27ad3539b13731119b6be49a336d696c688e89d04a1dd283df4526cc30bb4232bf2b1d853f8f0b086018d08569631ae62bac2623c652a52cdafaf16ce03a636cd36ed2302362e21cdb8f72079275df4742403128d89f6146359ada83d53513b49b73982529d659138c7ca9f37a132a620f890a6b972948a86bc9b12d700f9ba079d73d5b0a724f8f6b25ada9ce97f6431ba2ef0cd36975ed2b58307a3ab727d1f3cba6c4937d2238304d2dafee4b1a0c89bfb74e5c7db48c3c166dead480bada49fb27f657e5a028ba8f13f0fb0c5dc341dc1339fae2901694432da5774416a22f15702c8dcf5e17bb292773c2774c65ba5d2a5794c7dd08573fb859604a3cdb9f3aa7ea080be42ae02df0504fe37d7245f36e760022c41f88479dc701d6d8debaaddbda1826d4f95055f7aa0772854c4149fa33d8dbf721bfc8f209af8e8259995a92e6ff7e5fa080d61ba111d61a744af8f76f3d6630899b959c984e662bed18720065703175f5af6f4c07201ab37be5130cb825851a8c9e4847acbfc54449779904a582e3a7c8bb204619ad238973e0e7ecb477cfac2ef543594c2b62ff0733f6ccf20e20ef91070b24ceaa7cb40b6ee7c3df3a2cc1200cb73a49efd8b01a00247910d2171fc0d2367f163ac5ec90d0a360b7550130f6bbe82bba0cbce8b85c6ff9ba5748af034c54b32072685b90d2f8d848ca345cec45f35175e591f97bd04ac56488ba8ed665f65a030b442f9d048608fde4c903f0ff05cafdaf23ef9215ffda7910bf366425a40ec92b6dd3fb61f477a58f3e2884f3d61eca883dc4b8d598bc15c9f72210efea11073ee7cc6f08f631721edcbeaf604a2d9b02398542118022a8967e77cbe5703fcff5b7c2846ba2424a8352c5453ac63b7cb2624d6296f2a84c37309d8a957ecdb11fcabb6fe59dbcdb08281072c3bc9d364410905ce2c318102759ec77ae674aebc20aaa4157751fa5917f67153bd19f09f3be215f8ef70cfda593305dacb6baa46d0a4abfa30a80003a2acf8b9a9363ef15c66656681e0e7b29a480ac1c5991fa52030ff45b3b7cdd23dd35ca5b8ccefdd7aa4a4f6c79bd7bc5fc7c8d2973933fc0ffae832b878921d24d46cafcd3d13e93c62e79882c8c60e384e1be8012f6b5fa0cf7216e3939c55bb0d5dab75349860d32000310d220f574dd55d3ae2b59e131d4a38f05ffe050dda70f7940a83371516bc35b99b0d0398df3079ecd509a7d7e8fbbdb358ff632db6a9e001383473196ce868d22478c6a71684c259b227032ff37ae9ebc913671183e524d5397787d3f921444ca7874bc5957c8a158df6daf0c5e84eb55da22557657d3880d3b0f9951edf7c2b357ea9fd70765168477d8bf14b73a06629bbf2272c02fce95f4636a79a143b248b7b012e3e1e38abbe0ad0112af4a473e44c2764ac5c375ef75a5cd5d510a33fb283d8afe136e3cd5804b696a8ba5a9372058f798972c894463cd73187119aea794986b38f21e29016bea0bf47056ff2cf8e3e162148b9da6bbdd0372e2b5439167e3911dfab4122f7a73cbfe68c2d2fbe92aeb39d1c9abc70fa13f832b4073c9db64791b6c8d656faaab4ec58108c7e192aec4f281f40694985e49a16e11c1db1ff916f201dec3a4224c729f7ac9e87199fd0b9899fd3ffba9fd0870c3f0843768a6f0783a4f322764aeb7650c012d4afbfa9389080738eb766a7fd89190966b7882b8c3fe23c9083d0af5412462537505a26de29c4cafdcbff49b116229c1091ad7f653005ac54d63b57335250129500592b83b0454b7374916e121a30c2d1a5664e9c0374d71ed2a5167c807a251b90acdcefa6538aa1e649a4f279bdb34a0342e0e9ad8e4c93fff082a7d5330cca937a4c286088da8bc654b0fd25ad6cf0d2b741d85e2b0a7f738a62f1672e7108f0e35176e43c51f9eee685b6638b82f5cb964e0e7a66ee31f6a3f623f21ae7bfb530d36b652377a4940d93f14e3fa80f47df38259e44084199b5e5846988f800b04e554d7c7ec8616fdb849a4af7ddacaa29f61e8fe7dab6b559b2eed1443067417b984a777b39fda6ae5f01328579ade2b35789690a6c49975f3e8ff946cd62651ab5e2351fe474c5f7ea1c3d7a194aaf16013d62eb1d7d25cf2e3c2c000d6623f9be024b55dae5cc5d0f5154979dba1d4b1ec0003a5ad86a4f8234fb68e52073cabdb41a3bf4abcecc3b345bfda55b9939a94d66f7bbd21f723aef651a24dc05f66a0decaa78acd936971cbb1157974594a98a47983399959766daf2ca20513df91bed34968901d9d05f38010a6d248cc89332adc80aaafea57d2e71be1ef5fb5b10d88042fa346dcdd57e358c0561083be4638c47b38e6235cddbf7be31789e85f55a6d581f73fe6aec13b0bec20e7ee96035f8bea0c008ab9a6a2678279c3f59dc933b29a34ab0c851e5a3d881cd1e890c4f124ed234a85b9ab812bf0392d7ce0380a8a974b5ce7bf9547015637f62f78ad6ff225926988c21e1c9dc0232e980d08bdc36"}], 0x2a, 0x0, 0x0, 0x11000000}, 0x20008005) 4.418820405s ago: executing program 1 (id=6621): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a\x00\x00\x00\f\x00\x00\x00\"\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x50) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x2a100, 0x0) syz_80211_join_ibss(0x0, &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) sendmsg(r2, 0x0, 0x4000042) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0) getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, &(0x7f0000000340), &(0x7f0000000140)=0x80) ioctl$SNDRV_PCM_IOCTL_HW_FREE(0xffffffffffffffff, 0x4112, 0x0) socket$key(0xf, 0x3, 0x2) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10000}, 0x28) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000300)=ANY=[@ANYBLOB="0d791ab5079f39a7e739f7", @ANYRESHEX, @ANYRES8], 0x38) munmap(&(0x7f0000001000/0x1000)=nil, 0x1000) ioctl$SNDRV_PCM_IOCTL_STATUS64(0xffffffffffffffff, 0x40084149, &(0x7f0000000080)) 4.108094992s ago: executing program 6 (id=6623): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2}) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000080)=0x1) 3.725826359s ago: executing program 6 (id=6624): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket(0x200000000000011, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x6, 0x80000000, {0x0}, {0xee01}}) sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0xae, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaa852c1c35eeaef1f03e0eb04c657eaaaa0cdfef72d4a308004cb500a000680000010690780102ac1414bb440878a0ffffffff94040000860c000000020006", @ANYRES16, @ANYRES32, @ANYBLOB="91c2000690780000030301030345fe07a1d90b3cc1000000094346f0bf399a3a05874f3964bf3b4691ceb09371e0be68d4f943b5647f32f302190d9b3a7d6aeefd98bf31f25341e670c0d84ca139d8aa76bcef3da1ce05f24fe5d081f46fb2475148488e"], 0x0) 3.555632883s ago: executing program 7 (id=6626): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$igmp(0x2, 0x3, 0x2) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x2, 0xff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x1}}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x24, 0x140f, 0x1, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000851}, 0x8000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mlockall(0x7) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$unix(r5, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x24}}], 0x20, 0x24000010}}], 0x1, 0x0) sendmmsg$inet(r4, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00009700"/38, 0x26}, {&(0x7f0000000140)="ead5e92719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000000000000005766e58d249baf209301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae000000200000000"], 0x50}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95b", 0x59}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000000400)="01d4f4f5b19ed14641c549d118f8916305244efa6bf80577db9feca473691b3a898fa697c61ab8f94573801ce2925bb5a2f435b9a0a05bfe14d60fdafdd527f43b4aedd78fb063444536de7462504fad8e262e908962f9b0c733b4635e28ca332833abfe8f3d366aa9477de5", 0x6c}], 0x1}}], 0x4, 0xc080) 2.82509516s ago: executing program 2 (id=6627): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) set_mempolicy(0x2, 0x0, 0x2) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x3100, 0x3100, &(0x7f0000000000), 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10) mknod(&(0x7f0000000080)='./bus\x00', 0x8000, 0x7) mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./bus\x00', &(0x7f00000002c0)='ext2\x00', 0x0, &(0x7f00000001c0)='discard') recvfrom$inet(r2, &(0x7f0000000200)=""/153, 0x99, 0x2103, 0x0, 0x0) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setrlimit(0x4, &(0x7f00000000c0)={0x796}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x20000050, &(0x7f00000001c0)={0xa, 0x4e22, 0x40000000, @local, 0x1}, 0x1c) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)={0x4c, 0x14, 0x215, 0x70bd2b, 0x25dfdbfb, {0xa, 0x6, 0x4, 0x0, {0x4e24, 0x4e23, [0x10000000, 0x2c000000, 0x800006, 0x3], [0xfffffffe, 0x3, 0x41, 0x8a67], 0x0, [0x3, 0x1002]}, 0x592, 0xffffffff}}, 0x4c}, 0x1, 0x0, 0x0, 0x26040811}, 0x404c814) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1) ioctl$KVM_RUN(r7, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000003c0)={0xc, 0x0, [{0xa1a, 0x0, 0xff}, {0xbdf, 0x0, 0x9}, {0x912, 0x0, 0xc1}, {0x26e, 0x0, 0x4}, {0x2d6, 0x0, 0xb}, {0xa77, 0x0, 0x3}, {0xa6e, 0x0, 0xf6d}, {0xa8f}, {0x1e0, 0x0, 0x8}, {0x8b5, 0x0, 0x200}, {0xba9, 0x0, 0x5}, {0xb14, 0x0, 0xfffffffffffffffa}]}) r8 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000000)=0xe) ioctl$KDSIGACCEPT(r9, 0x80047456, 0x100000001ffffffd) sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000000040)) 2.666773571s ago: executing program 8 (id=6628): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c9, &(0x7f0000000100)) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, 0x0, 0x0) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x1, 0xc0101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) r7 = syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r6}, &(0x7f0000000140), &(0x7f00000001c0)) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="3c7ecd1f00000040a40b7293e76d3626240500200000000000010902240001000000000904000001030002000921feff0001220500090581030000000000"], 0x0) r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r9, 0x40085112, &(0x7f0000000080)=@e={0xff, 0xa}) syz_usb_control_io$hid(r8, 0x0, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r12, 0x0) r13 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$char_usb(r13, &(0x7f0000000040)="e2", 0x2250) syz_usb_control_io(r8, &(0x7f0000000100)={0x2c, &(0x7f0000000180)={0x0, 0x10, 0x5, {0x5, 0xc, "74f18f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 2.664450413s ago: executing program 7 (id=6629): creat(&(0x7f0000000140)='./file0\x00', 0x71) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r4, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x91, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.585119763s ago: executing program 7 (id=6630): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$UI_SET_PHYS(0xffffffffffffffff, 0x4008556c, &(0x7f00000005c0)='syz1\x00') r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a300000000008000340000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x34, r3, 0x303, 0x70bd27, 0x0, {0x2a}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000840}, 0x0) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) write$dsp(r5, &(0x7f0000000880)="378c8882932388799ddc34217119a5f2dcbc6ac15232521c76e5c675cd3035e9d2bbc86abdcc", 0x26) 2.162519497s ago: executing program 7 (id=6631): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000300)={0xe, {0x8, 0x6, 0x7}}, 0xc) socket$inet(0x2, 0x4000000000000001, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRES16=r1, @ANYRES16], 0x0) 2.033939946s ago: executing program 1 (id=6632): openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x16d003, 0x18) 2.01626973s ago: executing program 1 (id=6633): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000400)=ANY=[], 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0x800) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'gre0\x00', 0x0, 0x8, 0x8000, 0xfffffff1, 0x1194, {{0x8, 0x4, 0x3, 0xc, 0x20, 0x67, 0x0, 0x4, 0x4, 0x0, @private=0xa010100, @empty, {[@cipso={0x86, 0xb, 0x0, [{0x7, 0x5, "6183d5"}]}]}}}}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000060000000000000040000000183a00000900000000000000000000446aaffc0001000000000000000f0000009500000000000000"], &(0x7f0000000480)='GPL\x00', 0xffff8000, 0x62, &(0x7f00000004c0)=""/98, 0x40f00, 0x52, '\x00', r3, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x1, 0x10, 0x200, 0x5}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000700)=[{0x0, 0x5, 0xc, 0xa}, {0x2, 0x1, 0x10, 0xa}, {0x0, 0x5, 0x0, 0x9}, {0x3, 0x1, 0x6, 0x1}, {0x4, 0x2, 0x10, 0x6}, {0x5, 0x1002, 0x10, 0xa}, {0x3, 0x4, 0xd, 0x4}], 0x10, 0x9}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg$alg(0xffffffffffffffff, &(0x7f00000063c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x14}], 0x1, 0x800) recvmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000000540)=""/113, 0x71}], 0x1}, 0x40000000) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB="2c010000", @ANYBLOB="00042bbd7000fedbdf25080000006400018014000280080003000700000008000400050000000c0002800800040007000000080003000400000038000400200001000a004e2200000007fe8000000000000000000000000000bb060000001400020002004e23640101010000000000000000300004802c0007800800040000000000080004000600000008000400ffff0000080003000000000008000300000000005400028014000380080002000700000008000200030000003c00038008000100e4fdffff0800010009000000080002000c0000000800010075060000080002000001000008000100600000000800020004000000300002801c00038008000200040000000800010005000000080001000600000008000200a00000000800020002000000"], 0x12c}}, 0x40040088) ioctl$PIO_UNIMAPCLR(r6, 0x4b68, 0x0) 1.672841327s ago: executing program 1 (id=6634): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2}) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000080)=0x1) 1.593642231s ago: executing program 2 (id=6635): r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r5}, 0x18) r7 = socket$inet_tcp(0x2, 0x1, 0x0) r8 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) fcntl$setown(r8, 0x8, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r8, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, 0x0, 0xffffffffffffffff}) sendmsg$kcm(r9, &(0x7f00000003c0)={&(0x7f00000002c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @empty}, 0x1, 0x1, 0x0, 0x2}}, 0x80, &(0x7f0000000a00)=[{&(0x7f00000004c0)="ecd4e4f7404002cb71c184430aca7353dad8c9f9b4f1218a27dae004c46815091ea4e78e546bb9ef70c24b4801e87bd3566dea48d5368451ad7f2ea1962210ffbb32fd871239c40f060b29b3c61f2beff12c6a48570bd4a67d2ef7694fae4ddc9f80a02988b83752929380d107a2729359e06160fe38c75b7681792ad16738be490bf19185e491155160cb3a4c4590ffcb61928cf9ecd65fa7076035bb0a43927f3e65ce83121dd805469f5c43133464a034a59ee28ba8501a301b8bbb62ed", 0xbf}, {&(0x7f0000000580)="49796b2ba6f13d481e519850dab7773ebea0a5e42dd280bee6d209ac7f2b55bc3aac1b56721bb235b88cca452364789be8d06ca7bf2afeecfc57e5f2e74e23852259491bd73fd8f4100719e619ab5fe8177cdec35e76bfd7c2c416c50b31ff997681e85eeed31cbb669f60b4997cdfa0f091494aa6666ce5c9a368d90fb572e67ab61ec32b405468f4b34afe6e95240920092af6716c03d5b6d24c437c002a98ff69236c21111331ba54eb420bda3088351ed26181a0c06d4fc8ab5bd5cdf88e0d10ce946357992a585c53c8217be991930442090709c9957b2e6c4fcee76bf5c14387088327b0ea71", 0xe9}, {&(0x7f0000000680)}, {&(0x7f0000000380)="2f21be5b69090160492cc1e32d8819c09c", 0x11}, {&(0x7f0000000740)="d9f391b45a45f748ecf3367fbc004c2a7f181789898c51f2630bb551b0262f2b3ae3d7e24652e611d7c8cbee7e63c7dcaee618a53e07190d14f349424d973ebf13d63d194e5bae0156a753c14906876f86bd3cbe0c6d69", 0x57}, {&(0x7f00000007c0)="4828a43a647566e8dd3328b9f5a7dca551df8d34249244fc9df7e5d9f5e18c19bf1e2f994054b08713ce7f773378e1bbf622f79d91620e194682b3cb60632a5bf4325e07754db6f65bc1bb7f318151aa31a1f1bdfe68051d4e6c53872ade5c4574359bf02492e8be242d07dc9f7ef2dfa1ed3630fd1a1279d6b82cbafc87c219f5019f7e1ffc84e4495fc028d8b764db0868464cf9e5bfc8394454ce7cb9f9a9d6d0f749cc1d448086df24a8a381bbf04d3085a8f196f14f747a124919130453939633557c2cca6faa60d32ff2bdd72daf1e2ac0dba111b59af5a672933a79cc7b15ededf9", 0xe5}, {&(0x7f00000008c0)="ef429bb0731ce3cac59685ca986857133f61856f6dc13211fc3e0454e0b8f8bbdb0f1f8d0e29a4efadf38379075d0474f8acc88b108fd23401a5a7aeb00d23d801df01ede2be7608472b6dfe80ac4a71ca9ad7039ee3625257afcdc6a3ad76446d7c9958d7c4da4b5dbc047a8dfccaebe74d5becda5ea85fd12d073af70974761e964be3b378632e307d77243f1819bd51c501d8b6fa4059cbfcec1900b192111a84408a9eb71eb165c8134c0071b963132140274a685d4b69d8895468cdbac0f11a7df5e2a3dc96f4ed3e12f2cc", 0xce}], 0x7}, 0x24045080) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r9, 0xc018937b, &(0x7f0000001040)={{0x1, 0x1, 0x18, r7, {0xee00, 0x0}}, './file0\x00'}) r11 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r11, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x5, 0x7a880bb668777da9}, 0x9c) r12 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r12, 0xc0405602, &(0x7f0000000200)={0x5a, 0xa, 0x0, "3205c5460400000000000000022c1e04f4bf40070700000200"}) r13 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000001400), 0x0, 0x0) r14 = ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) r15 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001480)=@o_path={&(0x7f0000001440)='./file0\x00', 0x0, 0x6010, r0}, 0x18) sendmmsg$unix(r9, &(0x7f0000001740)=[{{&(0x7f0000000680)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000d00)=[{&(0x7f0000000a80)="31ca84be9a3d1714c54ee865632fa24176c390ecc86cbcfa6504d07df203f5b5242d7542c0a342344e37e1f9bd59cb6bb0c36a0bb0652d448f41e01efa09a17072b9fac2c727e78f0ed5ff9daec6821f4cefc216b8536e57d2d7b18a17e695330c354035edd9b3e6f76e4c9835f6b4699e2fe95ea3bd3d76edc100c78d48a9510ea958533ed11e1f33a1ed0beee1fa3e8f994bc294d280e49a5fe8afb435dd7f9ed98d974c813206b57e64f9ccf63b05cb48f54bae22f08ac8302738ed8ce72279d2e0ac54ec0cbff9b7fed95f6b7b0c405205bf0e9ebab00bd716", 0xdb}, {&(0x7f0000000b80)="39a3c670dbf797be8f584aaf0eeb4b2900f7695ce03fd47a026fdf8d4ea541e7af2d318c98455369eaab0562cdb0f1310f45ad045b0d54800774040710a1fe2ca25911d0a3a0b17e4947cab1986f4f1cf2bab589872c580e50045099713643b7be892fd36ada0b97946844c83f5894f6b3607e0a10024a9a77f34998f2629d4c15aca9258921865a3370262c433b8474eeeb371f7e74fe51603e7409508cee449427230b07b6147d852d2e963f47f41a65a7e3bb6a18e75adc07a3611369d0104319e4135723e80c011c2630", 0xcc}, {&(0x7f0000000c80)="4809785afbfa3dae1fbe4ac47acf11023fef2f97cefa1e3f0b735c9ee98c005cf3bd9434829f93aad7657ce90f85ff986f6b97f1e5d00ac51c62894934746fd5905a8efa9cbc6d1bde519718b1c269a51ed4f343799877a75ad24736a7a6087b9c8c418a48cfe78f374c314c", 0x6c}, {&(0x7f0000000700)="41db1ab03b19f157a356b159353cb8bdc38dd2a1a3c288929e880a4711f952c9271ab988", 0x24}], 0x4, &(0x7f0000001080)=[@cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x24, 0x1, 0x1, [r2, r8, r7, r9, r2]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r10}}}, @rights={{0x20, 0x1, 0x1, [r6, r5, r9, r5]}}, @rights={{0x14, 0x1, 0x1, [r11]}}], 0x120, 0x20000080}}, {{&(0x7f00000011c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f00000013c0)=[{&(0x7f0000001240)="44ef70e28e67254aba7e8772a342efde5013504a4913a3e124a76a8f47a227945d00095f5d79c9712d92883933720bd5d32cce30ff73c8dbefa5c2031ce5d3b12635e56bc7ab09d5b971ba29a18ab1bda60e5386f6e44387065b8855f741599110270ba5612b1ccff7a8a4a6462eb683a1728308d139b9a239a4fb050bb699fd5e070a7f5607da47a4841b4a0c7ed5f35121cb568928c0dc271c9dd13a566f18ba8d8291a226b52586f5d0cbe953f67492f90acb", 0xb4}, {&(0x7f0000001300)="70be577640c00d02cec7ec57804d6855c6ac159ecc4caef7b1fa75fa09cd734128200f0a74ced045", 0x28}, {&(0x7f0000001340)="b80f6b20df7d121d8c12fb53595153319a4758581889db4019c22f7ec7d963e9e445cf311a62b108ed9000f14c96230f2ea2d1babdf446bf282549792b84f100b3fe8d623f6c07d684db45bd797ba6064299f03d65ded8afcc057541", 0x5c}], 0x3, &(0x7f00000014c0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r12, @ANYRES32=r13, @ANYRES32=r14, @ANYBLOB="000000002800a0000000", @ANYRES32=r3, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r9, @ANYRES32=r9, @ANYRES32=r15], 0x48}}, {{&(0x7f0000001540)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001700)=[{&(0x7f00000015c0)="1f09d50e4ba936ed4092922f4b23957efa05f747cc4b0c888788a135ae2968b59e1d89760f4d4f21c1763f0802f9ecd26d5e530864761327755ff362e37c8fcfc386ca7b626585787a973b946c697fa4054ba970e08490c367b43baf06ae4ca6da92e437638ca7e179088952d168381cfbab03b864c0d68ee9f4ab73057633e4f75591f4c65943c32be415b3d81e443f08b2c74212e3a681aa139d5209a9f0b429a377748a457e7971f541e0228e80913fe6c3722a979543b17f220478d38e2427becb66eed8a66025fbce097b36cf3a4b1d2b0ff0d05c44988773588051e316ab7ce7141a7c7e03f1e591e519a7eda1675f0620", 0xf4}, {&(0x7f00000016c0)="cee41c3eb5eeb7aaa2a1a639d8d34a829249fe703163d832b5d048ad934045bd171ed5ea34", 0x25}], 0x2, 0x0, 0x0, 0x20004000}}], 0x3, 0x40000) rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8) 1.458917389s ago: executing program 1 (id=6636): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r2, 0x0, 0x30, 0x4, @val=@iter={0x0}}, 0x20) close(r1) socket$kcm(0x2d, 0x2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) bind$unix(r4, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) listen(r4, 0x0) shutdown(r3, 0x0) connect$unix(r3, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r5 = accept(r4, 0x0, 0x0) sendto$inet6(r5, &(0x7f0000000000)='\x00', 0x1, 0x11, 0x0, 0x0) write$uinput_user_dev(r1, 0x0, 0x0) brk(0x3) r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_RDWR(r6, 0x707, &(0x7f0000000200)={&(0x7f0000000140)=[{0x63, 0x200, 0x0, 0x0}], 0x1}) 925.699287ms ago: executing program 6 (id=6637): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_open_dev$vim2m(0x0, 0x1000, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0xc2, 0x80000001, 0x35315258, 0x2, 0xff, 0x8, 0x6, 0x6, 0x0, 0x0, 0x1}}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)) r4 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x24, 0x140f, 0x1, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'uverbs\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000851}, 0x8000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mlockall(0x7) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$unix(r6, &(0x7f00000029c0)=[{{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c00)=[@cred={{0x1c, 0x1, 0x24}}], 0x20, 0x24000010}}], 0x1, 0x0) sendmmsg$inet(r5, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00009700"/38, 0x26}, {&(0x7f0000000140)="ead5e92719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000000000000005766e58d249baf209301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae000000200000000"], 0x50}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95b", 0x59}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000000400)="01d4f4f5b19ed14641c549d118f8916305244efa6bf80577db9feca473691b3a898fa697c61ab8f94573801ce2925bb5a2f435b9a0a05bfe14d60fdafdd527f43b4aedd78fb063444536de7462504fad8e262e908962f9b0c733b4635e28ca332833abfe8f3d366aa9477de5", 0x6c}], 0x1}}], 0x4, 0xc080) 216.11416ms ago: executing program 2 (id=6638): pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) epoll_create(0x3) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000400)=ANY=[@ANYBLOB="1e"], 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0x800) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'gre0\x00', 0x0, 0x8, 0x8000, 0xfffffff1, 0x1194, {{0xf, 0x4, 0x3, 0xc, 0x3c, 0x67, 0x0, 0x4, 0x4, 0x0, @private=0xa010100, @empty, {[@lsrr={0x83, 0x17, 0x27, [@local, @empty, @broadcast, @local, @multicast1]}, @cipso={0x86, 0x11, 0x0, [{0x7, 0xb, "6183d5f33cbf7ea433"}]}]}}}}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000060000000000000040000000183a00000900000000000000000000446aaffc0001000000000000000f00000095000000000000"], &(0x7f0000000480)='GPL\x00', 0xffff8000, 0x62, &(0x7f00000004c0)=""/98, 0x40f00, 0x52, '\x00', r3, 0x0, r0, 0x8, &(0x7f0000000600)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x1, 0x10, 0x200, 0x5}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000006c0)=[0x1, r0, r1, r1, r1], &(0x7f0000000700)=[{0x0, 0x5, 0xc, 0xa}, {0x2, 0x1, 0x10, 0xa}, {0x0, 0x5, 0x0, 0x9}, {0x3, 0x1, 0x6, 0x1}, {0x4, 0x2, 0x10, 0x6}, {0x5, 0x1002, 0x10, 0xa}, {0x3, 0x4, 0xd, 0x4}], 0x10, 0x9}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r7 = accept4(r6, 0x0, 0x0, 0x800) sendmmsg$alg(r7, &(0x7f00000063c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x14}], 0x1, 0x800) recvmsg(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000000540)=""/113, 0x71}], 0x1}, 0x40000000) sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0x40}}, 0xc800) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB="2c010000", @ANYBLOB="00042bbd7000fedbdf25080000006400018014000280080003000700000008000400050000000c0002800800040007000000080003000400000038000400200001000a004e2200000007fe8000000000000000000000000000bb060000001400020002004e23640101010000000000000000300004802c0007800800040000000000080004000600000008000400ffff0000080003000000000008000300000000005400028014000380080002000700000008000200030000003c00038008000100e4fdffff0800010009000000080002000c0000000800010075060000080002000001000008000100600000000800020004000000300002801c00038008000200040000000800010005000000080001000600000008000200a00000000800020002000000"], 0x12c}}, 0x40040088) ioctl$PIO_UNIMAPCLR(r8, 0x4b68, 0x0) socket$isdn(0x22, 0x2, 0x25) close_range(r0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x88901) 165.83358ms ago: executing program 7 (id=6639): syz_emit_ethernet(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x5, 0x8}, 0xc) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480)}}], 0x400, 0x10) (fail_nth: 5) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x1, 0x0) ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x1, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0, 0x1, 'syz1\x00', @bcast, 0xff, 0x8, [@bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}) sendmsg(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40041) socket$unix(0x1, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00'}, 0x10) 56.041347ms ago: executing program 7 (id=6640): syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x58}}, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/syz0\x00', 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='freezer.parent_freezing\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f00000083c0)={0x2020}, 0x2020) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x20, 0x0, 0x0) ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000200)) mkdirat(0xffffffffffffff9c, 0x0, 0x40) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1404200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f000001b700)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$FUSE_INIT(r4, 0x0, 0x0) vmsplice(r4, 0x0, 0x0, 0x0) fcntl$setpipe(r4, 0x407, 0x2000000) prctl$PR_SET_THP_DISABLE(0x29, 0x2) sched_setscheduler(0x0, 0x2, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f0000000080)={0x2, 0x0, 0xfffffff9, 0xff, 'syz1\x00', 0x1c3d}) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x4) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x4c, 0x10, 0x10, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r7, 0x32b, 0x4000}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GTP_LOCAL6={0x14, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}}, @IFLA_GTP_FD1={0x8, 0x2, @udp=r6}]}}}]}, 0x4c}}, 0x0) 0s ago: executing program 6 (id=6641): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) lseek(r1, 0x9, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x76, 0xd5, 0x78, 0x40, 0xf11, 0x2000, 0x61d7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x87, 0x98, 0x63}}]}}]}}, 0x0) ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000000000)) kernel console output (not intermixed with test programs): 046.657111][T11461] usb 9-1: Product: syz [ 2046.661371][T11461] usb 9-1: Manufacturer: syz [ 2046.666007][T11461] usb 9-1: SerialNumber: syz [ 2046.680696][T11461] usb 9-1: config 0 descriptor?? [ 2046.698030][T11461] usb 9-1: interface 1 not found [ 2046.712829][T11461] usb 3-1: USB disconnect, device number 57 [ 2047.983430][T12841] usb 9-1: USB disconnect, device number 62 [ 2048.161550][T18558] usb 3-1: new high-speed USB device number 58 using dummy_hcd [ 2048.334485][T18558] usb 3-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac [ 2048.346542][T18558] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2048.355432][T18558] usb 3-1: Product: syz [ 2048.359652][T18558] usb 3-1: Manufacturer: syz [ 2048.364369][T18558] usb 3-1: SerialNumber: syz [ 2048.379608][T18558] usb 3-1: config 0 descriptor?? [ 2048.393252][T18558] usb 3-1: interface 1 not found [ 2049.482936][T29219] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6039'. [ 2049.537954][ T30] audit: type=1400 audit(1754508857.594:1110): avc: denied { setopt } for pid=29217 comm="syz.7.6040" lport=49643 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 2049.955913][T29227] FAULT_INJECTION: forcing a failure. [ 2049.955913][T29227] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2049.991493][T29227] CPU: 0 UID: 0 PID: 29227 Comm: syz.7.6043 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2049.991523][T29227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2049.991534][T29227] Call Trace: [ 2049.991541][T29227] [ 2049.991548][T29227] dump_stack_lvl+0x16c/0x1f0 [ 2049.991580][T29227] should_fail_ex+0x512/0x640 [ 2049.991602][T29227] _copy_to_user+0x32/0xd0 [ 2049.991624][T29227] simple_read_from_buffer+0xcb/0x170 [ 2049.991645][T29227] proc_fail_nth_read+0x197/0x240 [ 2049.991667][T29227] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2049.991689][T29227] ? rw_verify_area+0xcf/0x6c0 [ 2049.991717][T29227] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2049.991737][T29227] vfs_read+0x1e1/0xc60 [ 2049.991759][T29227] ? __pfx___mutex_lock+0x10/0x10 [ 2049.991786][T29227] ? __pfx_vfs_read+0x10/0x10 [ 2049.991811][T29227] ? __fget_files+0x20e/0x3c0 [ 2049.991838][T29227] ksys_read+0x12a/0x250 [ 2049.991856][T29227] ? __pfx_ksys_read+0x10/0x10 [ 2049.991874][T29227] ? fput+0x9b/0xd0 [ 2049.991902][T29227] do_syscall_64+0xcd/0x4c0 [ 2049.991931][T29227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2049.991950][T29227] RIP: 0033:0x7f6e1638d5fc [ 2049.991965][T29227] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2049.991982][T29227] RSP: 002b:00007f6e17289030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2049.991999][T29227] RAX: ffffffffffffffda RBX: 00007f6e165b5fa0 RCX: 00007f6e1638d5fc [ 2049.992011][T29227] RDX: 000000000000000f RSI: 00007f6e172890a0 RDI: 0000000000000004 [ 2049.992022][T29227] RBP: 00007f6e17289090 R08: 0000000000000000 R09: 0000000000000000 [ 2049.992032][T29227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2049.992043][T29227] R13: 00007f6e165b6038 R14: 00007f6e165b5fa0 R15: 00007ffff0a0bd78 [ 2049.992068][T29227] [ 2050.236978][T12841] usb 3-1: USB disconnect, device number 58 [ 2050.461175][T29239] tipc: Can't bind to reserved service type 0 [ 2051.468030][T29250] delete_channel: no stack [ 2051.662395][T29239] virtio-fs: tag not found [ 2052.236149][T29260] ubi31: attaching mtd0 [ 2052.241986][T29260] ubi31: scanning is finished [ 2052.952507][T29260] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4 [ 2054.310587][T29284] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 2054.730280][T29289] FAULT_INJECTION: forcing a failure. [ 2054.730280][T29289] name failslab, interval 1, probability 0, space 0, times 0 [ 2054.752049][T29289] CPU: 1 UID: 0 PID: 29289 Comm: syz.8.6061 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2054.752066][T29289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2054.752072][T29289] Call Trace: [ 2054.752077][T29289] [ 2054.752081][T29289] dump_stack_lvl+0x16c/0x1f0 [ 2054.752101][T29289] should_fail_ex+0x512/0x640 [ 2054.752111][T29289] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 2054.752125][T29289] should_failslab+0xc2/0x120 [ 2054.752138][T29289] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 2054.752150][T29289] ? __d_alloc+0x32/0xae0 [ 2054.752166][T29289] __d_alloc+0x32/0xae0 [ 2054.752181][T29289] d_alloc_pseudo+0x1c/0xc0 [ 2054.752197][T29289] alloc_file_pseudo+0xcf/0x230 [ 2054.752213][T29289] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 2054.752229][T29289] ? alloc_fd+0x471/0x7d0 [ 2054.752242][T29289] sock_alloc_file+0x50/0x210 [ 2054.752260][T29289] __sys_socket+0x1c0/0x260 [ 2054.752273][T29289] ? __pfx___sys_socket+0x10/0x10 [ 2054.752284][T29289] ? ksys_write+0x1ac/0x250 [ 2054.752294][T29289] ? __pfx_ksys_write+0x10/0x10 [ 2054.752307][T29289] __x64_sys_socket+0x72/0xb0 [ 2054.752318][T29289] ? lockdep_hardirqs_on+0x7c/0x110 [ 2054.752334][T29289] do_syscall_64+0xcd/0x4c0 [ 2054.752352][T29289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2054.752362][T29289] RIP: 0033:0x7f6d59d8ebe9 [ 2054.752371][T29289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2054.752382][T29289] RSP: 002b:00007f6d5acad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 2054.752392][T29289] RAX: ffffffffffffffda RBX: 00007f6d59fb5fa0 RCX: 00007f6d59d8ebe9 [ 2054.752399][T29289] RDX: 000000000000000a RSI: 0000000000000002 RDI: 0000000000000021 [ 2054.752405][T29289] RBP: 00007f6d5acad090 R08: 0000000000000000 R09: 0000000000000000 [ 2054.752411][T29289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2054.752423][T29289] R13: 00007f6d59fb6038 R14: 00007f6d59fb5fa0 R15: 00007fffd3e7f728 [ 2054.752436][T29289] [ 2054.753843][T29289] 9pnet_fd: Insufficient options for proto=fd [ 2055.768638][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2055.797293][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2056.284567][T29298] ceph: No mds server is up or the cluster is laggy [ 2056.310054][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2056.338740][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2056.947512][T29319] FAULT_INJECTION: forcing a failure. [ 2056.947512][T29319] name failslab, interval 1, probability 0, space 0, times 0 [ 2056.960328][T29319] CPU: 0 UID: 0 PID: 29319 Comm: syz.7.6067 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2056.960353][T29319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2056.960360][T29319] Call Trace: [ 2056.960364][T29319] [ 2056.960369][T29319] dump_stack_lvl+0x16c/0x1f0 [ 2056.960389][T29319] should_fail_ex+0x512/0x640 [ 2056.960403][T29319] should_failslab+0xc2/0x120 [ 2056.960416][T29319] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2056.960428][T29319] ? skb_clone+0x190/0x3f0 [ 2056.960446][T29319] skb_clone+0x190/0x3f0 [ 2056.960468][T29319] netlink_deliver_tap+0xabd/0xd30 [ 2056.960485][T29319] ? netlink_unicast+0x106/0x870 [ 2056.960504][T29319] netlink_unicast+0x64c/0x870 [ 2056.960522][T29319] ? __pfx_netlink_unicast+0x10/0x10 [ 2056.960540][T29319] ? netlink_unicast+0x20/0x870 [ 2056.960559][T29319] netlink_sendmsg+0x8d1/0xdd0 [ 2056.960578][T29319] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2056.960599][T29319] ____sys_sendmsg+0xa95/0xc70 [ 2056.960612][T29319] ? copy_msghdr_from_user+0x10a/0x160 [ 2056.960627][T29319] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2056.960645][T29319] ___sys_sendmsg+0x134/0x1d0 [ 2056.960661][T29319] ? __pfx____sys_sendmsg+0x10/0x10 [ 2056.960689][T29319] ? lockdep_hardirqs_on+0x50/0x110 [ 2056.960709][T29319] __sys_sendmsg+0x16d/0x220 [ 2056.960725][T29319] ? __pfx___sys_sendmsg+0x10/0x10 [ 2056.960740][T29319] ? rcu_is_watching+0x12/0xc0 [ 2056.960759][T29319] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 2056.960775][T29319] do_syscall_64+0xcd/0x4c0 [ 2056.960793][T29319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2056.960804][T29319] RIP: 0033:0x7f6e1638ebe9 [ 2056.960813][T29319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2056.960824][T29319] RSP: 002b:00007f6e17268038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2056.960834][T29319] RAX: ffffffffffffffda RBX: 00007f6e165b6090 RCX: 00007f6e1638ebe9 [ 2056.960841][T29319] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006 [ 2056.960847][T29319] RBP: 00007f6e17268090 R08: 0000000000000000 R09: 0000000000000000 [ 2056.960853][T29319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2056.960860][T29319] R13: 00007f6e165b6128 R14: 00007f6e165b6090 R15: 00007ffff0a0bd78 [ 2056.960873][T29319] [ 2057.659683][ T30] audit: type=1326 audit(1754508866.139:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.358060][ T30] audit: type=1326 audit(1754508866.139:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.382910][ T30] audit: type=1326 audit(1754508866.149:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.415706][ T30] audit: type=1326 audit(1754508866.149:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.450740][ T30] audit: type=1326 audit(1754508866.149:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.690293][ T30] audit: type=1326 audit(1754508866.149:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2058.715115][ T30] audit: type=1326 audit(1754508867.220:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2059.405621][ T30] audit: type=1326 audit(1754508867.220:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29326 comm="syz.1.6071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb23538ebe9 code=0x7ffc0000 [ 2059.499241][T29341] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7) [ 2059.505786][T29341] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 2059.587420][T29341] vhci_hcd vhci_hcd.0: Device attached [ 2059.708545][T29353] vim2m vim2m.0: Fourcc format (0x47425247) invalid. [ 2059.750719][T17892] vhci_hcd: vhci_device speed not set [ 2059.807709][T17892] usb 47-1: new full-speed USB device number 8 using vhci_hcd [ 2059.952637][T29346] vhci_hcd: connection reset by peer [ 2059.958265][T27919] vhci_hcd: stop threads [ 2059.964575][T27919] vhci_hcd: release socket [ 2059.983559][T27919] vhci_hcd: disconnect device [ 2062.009152][T29373] 9pnet_fd: Insufficient options for proto=fd [ 2062.307209][T29369] ceph: No mds server is up or the cluster is laggy [ 2062.771508][T29384] netlink: 'syz.1.6085': attribute type 1 has an invalid length. [ 2062.794594][T29384] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2062.816258][T29384] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6085'. [ 2062.838866][T29384] bond1: (slave gretap2): making interface the new active one [ 2062.863089][T29384] bond1: (slave gretap2): Enslaving as an active interface with an up link [ 2064.487978][ T919] libceph: connect (1)[c::]:6789 error -101 [ 2064.494063][ T919] libceph: mon0 (1)[c::]:6789 connect error [ 2064.732668][T17892] vhci_hcd: vhci_device speed not set [ 2065.478612][T29429] openvswitch: : Dropping previously announced user features [ 2065.555032][T29431] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6094'. [ 2065.683941][T29415] ceph: No mds server is up or the cluster is laggy [ 2065.771755][ T919] libceph: connect (1)[c::]:6789 error -101 [ 2065.778000][ T919] libceph: mon0 (1)[c::]:6789 connect error [ 2065.828114][T29433] tmpfs: Unknown parameter 'usrquota0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2065.828114][T29433] 0 [ 2066.011865][ C1] vkms_vblank_simulate: vblank timer overrun [ 2066.353452][T29435] 9pnet_fd: Insufficient options for proto=fd [ 2066.722252][T18558] usb 3-1: new high-speed USB device number 59 using dummy_hcd [ 2066.888482][T29442] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29442 comm=syz.1.6098 [ 2066.907787][T18558] usb 3-1: Using ep0 maxpacket: 16 [ 2066.914964][T29442] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=53 sclass=netlink_audit_socket pid=29442 comm=syz.1.6098 [ 2066.938467][T18558] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2066.944924][T29442] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=22 sclass=netlink_audit_socket pid=29442 comm=syz.1.6098 [ 2067.275752][T18558] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2067.314390][T18558] usb 3-1: config 0 interface 0 has no altsetting 0 [ 2067.321032][T18558] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 2067.361566][T18558] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2067.390557][T18558] usb 3-1: config 0 descriptor?? [ 2067.621290][T29437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2067.629838][T29437] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2068.132448][T18558] hid (null): bogus close delimiter [ 2068.243385][T18558] hid (null): invalid report_count 18947 [ 2068.304448][T18558] hid (null): report_id 0 is invalid [ 2068.730647][T29462] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6104'. [ 2068.743215][T18558] usb 3-1: USB disconnect, device number 59 [ 2069.867355][T19078] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2069.886345][T19078] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2069.895733][T19078] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2069.905507][T19078] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2069.913581][T19078] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2069.931012][T19097] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 2070.023958][T19097] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 2070.033310][T29476] 9pnet_fd: Insufficient options for proto=fd [ 2070.034320][T19097] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 2070.055680][T19097] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 2070.065100][T19097] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 2070.101446][T29469] lo speed is unknown, defaulting to 1000 [ 2071.346741][T29495] 9pnet_fd: Insufficient options for proto=fd [ 2071.731247][T13933] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2071.790674][T29498] affs: No valid root block on device nullb0 [ 2072.057614][T19097] Bluetooth: hci4: command tx timeout [ 2072.619501][T13933] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2072.827656][T13933] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2072.951258][T29469] chnl_net:caif_netlink_parms(): no params data found [ 2073.059360][T13933] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2073.979285][T29530] FAULT_INJECTION: forcing a failure. [ 2073.979285][T29530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2073.992964][T29530] CPU: 0 UID: 0 PID: 29530 Comm: syz.7.6119 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2073.992992][T29530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2073.993003][T29530] Call Trace: [ 2073.993009][T29530] [ 2073.993017][T29530] dump_stack_lvl+0x16c/0x1f0 [ 2073.993047][T29530] should_fail_ex+0x512/0x640 [ 2073.993067][T29530] _copy_from_user+0x2e/0xd0 [ 2073.993088][T29530] btf_new_fd+0x70a/0x5490 [ 2073.993108][T29530] ? avc_has_perm_noaudit+0x149/0x3b0 [ 2073.993137][T29530] ? cred_has_capability.isra.0+0x190/0x310 [ 2073.993161][T29530] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 2073.993189][T29530] ? __pfx_btf_new_fd+0x10/0x10 [ 2073.993209][T29530] ? cap_capable+0xb3/0x250 [ 2073.993229][T29530] ? bpf_lsm_capable+0x9/0x10 [ 2073.993254][T29530] ? security_capable+0x7e/0x260 [ 2073.993272][T29530] ? ns_capable+0xd7/0x110 [ 2073.993297][T29530] __sys_bpf+0x38a/0x4de0 [ 2073.993324][T29530] ? __pfx___sys_bpf+0x10/0x10 [ 2073.993346][T29530] ? ksys_write+0x190/0x250 [ 2073.993369][T29530] ? __mutex_unlock_slowpath+0x163/0x800 [ 2073.993411][T29530] ? fput+0x9b/0xd0 [ 2073.993434][T29530] ? ksys_write+0x1ac/0x250 [ 2073.993452][T29530] ? __pfx_ksys_write+0x10/0x10 [ 2073.993474][T29530] __x64_sys_bpf+0x78/0xc0 [ 2073.993497][T29530] ? lockdep_hardirqs_on+0x7c/0x110 [ 2073.993522][T29530] do_syscall_64+0xcd/0x4c0 [ 2073.993551][T29530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2073.993569][T29530] RIP: 0033:0x7f6e1638ebe9 [ 2073.993583][T29530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2073.993600][T29530] RSP: 002b:00007f6e17268038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2073.993618][T29530] RAX: ffffffffffffffda RBX: 00007f6e165b6090 RCX: 00007f6e1638ebe9 [ 2073.993630][T29530] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 0000000000000012 [ 2073.993640][T29530] RBP: 00007f6e17268090 R08: 0000000000000000 R09: 0000000000000000 [ 2073.993650][T29530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2073.993660][T29530] R13: 00007f6e165b6128 R14: 00007f6e165b6090 R15: 00007ffff0a0bd78 [ 2073.993684][T29530] [ 2074.338999][T29534] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6122'. [ 2074.364354][T29534] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6122'. [ 2074.514063][T29469] bridge0: port 1(bridge_slave_0) entered blocking state [ 2074.521211][T29469] bridge0: port 1(bridge_slave_0) entered disabled state [ 2074.528520][T29469] bridge_slave_0: entered allmulticast mode [ 2074.535181][T29469] bridge_slave_0: entered promiscuous mode [ 2074.542108][T29469] bridge0: port 2(bridge_slave_1) entered blocking state [ 2074.549172][T29469] bridge0: port 2(bridge_slave_1) entered disabled state [ 2074.556454][T29469] bridge_slave_1: entered allmulticast mode [ 2074.563227][T29469] bridge_slave_1: entered promiscuous mode [ 2074.726665][T19097] Bluetooth: hci4: command tx timeout [ 2074.920116][T29469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2075.105066][T29469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2075.152691][T29469] team0: Port device team_slave_0 added [ 2075.165001][T29469] team0: Port device team_slave_1 added [ 2075.983674][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2076.034412][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2076.113398][T29469] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2076.122324][T29469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2076.159147][T29469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2076.326378][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2076.333304][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2076.421674][T29548] ceph: No mds server is up or the cluster is laggy [ 2076.547220][T29469] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2076.575872][T29469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2076.705998][T19078] Bluetooth: hci4: command tx timeout [ 2077.096308][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2077.102647][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2077.222743][T29469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2077.880402][T29469] hsr_slave_0: entered promiscuous mode [ 2077.889067][T29469] hsr_slave_1: entered promiscuous mode [ 2077.917351][T13933] bridge_slave_1: left allmulticast mode [ 2077.928645][T13933] bridge_slave_1: left promiscuous mode [ 2077.934405][T13933] bridge0: port 2(bridge_slave_1) entered disabled state [ 2077.948218][T13933] bridge_slave_0: left allmulticast mode [ 2077.954538][T13933] bridge_slave_0: left promiscuous mode [ 2077.960340][T13933] bridge0: port 1(bridge_slave_0) entered disabled state [ 2078.095211][T29568] delete_channel: no stack [ 2078.687503][T19078] Bluetooth: hci4: command tx timeout [ 2080.239505][T29589] affs: No valid root block on device nullb0 [ 2080.562449][T13933] batman_adv: batadv0: Removing interface: gretap1 [ 2080.596505][T13933] bond1 (unregistering): (slave gretap2): Releasing active interface [ 2082.741910][T13933] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2082.754286][T13933] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2082.756579][T29615] netlink: 64 bytes leftover after parsing attributes in process `syz.8.6142'. [ 2082.789116][T13933] bond0 (unregistering): (slave team0): Releasing backup interface [ 2082.812022][T13933] bond0 (unregistering): Released all slaves [ 2083.252848][T29629] affs: No valid root block on device nullb0 [ 2083.537928][T13933] bond1 (unregistering): Released all slaves [ 2083.874547][T12841] usb 3-1: new high-speed USB device number 60 using dummy_hcd [ 2083.998270][T13933] : left promiscuous mode [ 2084.145762][T12841] usb 3-1: Using ep0 maxpacket: 8 [ 2084.210015][T12841] usb 3-1: unable to get BOS descriptor or descriptor too short [ 2084.294707][T13933] tipc: Disabling bearer [ 2084.309355][T13933] tipc: Left network mode [ 2084.584594][T12841] usb 3-1: config 7 has an invalid interface number: 59 but max is 0 [ 2084.592686][T12841] usb 3-1: config 7 has no interface number 0 [ 2084.601243][T12841] usb 3-1: config 7 interface 59 has no altsetting 0 [ 2084.620543][T12841] usb 3-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=cc.70 [ 2084.630276][T12841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2084.642639][T12841] usb 3-1: Product: syz [ 2084.649873][T12841] usb 3-1: Manufacturer: syz [ 2084.668173][T12841] usb 3-1: SerialNumber: syz [ 2085.457430][T12841] kobil_sct 3-1:7.59: KOBIL USB smart card terminal converter detected [ 2085.620244][T12841] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 2085.667243][T12841] usb 3-1: USB disconnect, device number 60 [ 2085.684285][T12841] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 2085.737319][T12841] kobil_sct 3-1:7.59: device disconnected [ 2085.744112][ T30] audit: type=1400 audit(1754508895.607:1119): avc: denied { read } for pid=29649 comm="syz.7.6152" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 2086.042618][T29656] delete_channel: no stack [ 2087.022638][T29666] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6157'. [ 2087.383336][T29669] affs: No valid root block on device nullb0 [ 2087.965317][T13933] hsr_slave_0: left promiscuous mode [ 2087.992759][T13933] hsr_slave_1: left promiscuous mode [ 2088.003630][T13933] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2088.011160][T13933] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2088.041137][T13933] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2088.048768][T13933] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2088.081919][T13933] veth1_macvtap: left promiscuous mode [ 2088.087730][T13933] veth0_macvtap: left promiscuous mode [ 2088.093619][T13933] veth1_vlan: left promiscuous mode [ 2088.099005][T13933] veth0_vlan: left promiscuous mode [ 2088.759945][ T30] audit: type=1400 audit(1754508898.798:1120): avc: denied { setopt } for pid=29688 comm="syz.8.6163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 2089.090472][T13933] team0 (unregistering): Port device team_slave_1 removed [ 2089.125806][T13933] team0 (unregistering): Port device C removed [ 2089.544435][T29692] lo speed is unknown, defaulting to 1000 [ 2089.657668][T29469] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2089.692368][T29469] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2089.748879][T29469] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2089.873193][T29469] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2090.309073][T29713] syz.7.6164: attempt to access beyond end of device [ 2090.309073][T29713] loop7: rw=0, sector=16, nr_sectors = 2 limit=0 [ 2090.641006][T29712] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6164'. [ 2091.404282][T29469] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2091.421093][T29469] 8021q: adding VLAN 0 to HW filter on device team0 [ 2091.432492][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 2091.439659][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2091.552801][T13936] bridge0: port 2(bridge_slave_1) entered blocking state [ 2091.559961][T13936] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2091.687125][T29729] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6170'. [ 2092.452629][T29737] affs: No valid root block on device nullb0 [ 2092.954237][T29744] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6173'. [ 2093.677421][ T30] audit: type=1400 audit(1754508903.848:1121): avc: denied { connect } for pid=29742 comm="syz.6.6174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 2093.912114][T29469] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2093.956489][T29469] veth0_vlan: entered promiscuous mode [ 2094.089988][T29469] veth1_vlan: entered promiscuous mode [ 2094.153700][T29469] veth0_macvtap: entered promiscuous mode [ 2094.187464][T29469] veth1_macvtap: entered promiscuous mode [ 2094.311035][T29469] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2094.360221][T29469] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2094.467129][ T64] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2094.555228][ T64] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2094.639193][ T64] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2094.670562][ T64] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2094.941325][T13933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2094.967291][T13933] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2095.029260][T13933] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2095.052439][T13933] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2095.484952][T29780] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6182'. [ 2096.468098][T29785] FAULT_INJECTION: forcing a failure. [ 2096.468098][T29785] name failslab, interval 1, probability 0, space 0, times 0 [ 2096.481246][T29785] CPU: 1 UID: 0 PID: 29785 Comm: syz.8.6183 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2096.481271][T29785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2096.481282][T29785] Call Trace: [ 2096.481289][T29785] [ 2096.481296][T29785] dump_stack_lvl+0x16c/0x1f0 [ 2096.481327][T29785] should_fail_ex+0x512/0x640 [ 2096.481348][T29785] should_failslab+0xc2/0x120 [ 2096.481370][T29785] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2096.481390][T29785] ? skb_clone+0x190/0x3f0 [ 2096.481419][T29785] skb_clone+0x190/0x3f0 [ 2096.481446][T29785] netlink_deliver_tap+0xabd/0xd30 [ 2096.481478][T29785] netlink_unicast+0x64c/0x870 [ 2096.481507][T29785] ? __pfx_netlink_unicast+0x10/0x10 [ 2096.481543][T29785] netlink_sendmsg+0x8d1/0xdd0 [ 2096.481574][T29785] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2096.481611][T29785] ____sys_sendmsg+0xa95/0xc70 [ 2096.481631][T29785] ? copy_msghdr_from_user+0x10a/0x160 [ 2096.481656][T29785] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2096.481688][T29785] ___sys_sendmsg+0x134/0x1d0 [ 2096.481720][T29785] ? __pfx____sys_sendmsg+0x10/0x10 [ 2096.481777][T29785] __sys_sendmsg+0x16d/0x220 [ 2096.481803][T29785] ? __pfx___sys_sendmsg+0x10/0x10 [ 2096.481845][T29785] do_syscall_64+0xcd/0x4c0 [ 2096.481875][T29785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2096.481893][T29785] RIP: 0033:0x7f6d59d8ebe9 [ 2096.481908][T29785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2096.481925][T29785] RSP: 002b:00007f6d5ac6b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2096.481943][T29785] RAX: ffffffffffffffda RBX: 00007f6d59fb6180 RCX: 00007f6d59d8ebe9 [ 2096.481955][T29785] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000008 [ 2096.481965][T29785] RBP: 00007f6d5ac6b090 R08: 0000000000000000 R09: 0000000000000000 [ 2096.481976][T29785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2096.481987][T29785] R13: 00007f6d59fb6218 R14: 00007f6d59fb6180 R15: 00007fffd3e7f728 [ 2096.482012][T29785] [ 2096.786310][T29787] affs: No valid root block on device nullb0 [ 2097.215821][T29792] FAULT_INJECTION: forcing a failure. [ 2097.215821][T29792] name failslab, interval 1, probability 0, space 0, times 0 [ 2097.955399][T29792] CPU: 0 UID: 0 PID: 29792 Comm: syz.2.6188 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2097.955426][T29792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2097.955436][T29792] Call Trace: [ 2097.955442][T29792] [ 2097.955449][T29792] dump_stack_lvl+0x16c/0x1f0 [ 2097.955478][T29792] should_fail_ex+0x512/0x640 [ 2097.955495][T29792] ? __kmalloc_noprof+0xbf/0x510 [ 2097.955515][T29792] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 2097.955534][T29792] should_failslab+0xc2/0x120 [ 2097.955555][T29792] __kmalloc_noprof+0xd2/0x510 [ 2097.955578][T29792] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 2097.955598][T29792] ? cred_has_capability.isra.0+0x190/0x310 [ 2097.955623][T29792] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 2097.955643][T29792] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 2097.955676][T29792] ? bpf_lsm_capable+0x9/0x10 [ 2097.955697][T29792] ? security_capable+0x7e/0x260 [ 2097.955718][T29792] genl_rcv_msg+0x55c/0x800 [ 2097.955740][T29792] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2097.955756][T29792] ? __pfx_smc_pnet_add+0x10/0x10 [ 2097.955779][T29792] ? __lock_acquire+0x62e/0x1ce0 [ 2097.955805][T29792] netlink_rcv_skb+0x155/0x420 [ 2097.955827][T29792] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2097.955844][T29792] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2097.955876][T29792] ? netlink_deliver_tap+0x1ae/0xd30 [ 2097.955895][T29792] ? selinux_netlink_send+0x578/0x830 [ 2097.955911][T29792] ? is_vmalloc_addr+0x86/0xa0 [ 2097.955928][T29792] genl_rcv+0x28/0x40 [ 2097.955941][T29792] netlink_unicast+0x5aa/0x870 [ 2097.955969][T29792] ? __pfx_netlink_unicast+0x10/0x10 [ 2097.955995][T29792] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2097.956028][T29792] netlink_sendmsg+0x8d1/0xdd0 [ 2097.956057][T29792] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2097.956094][T29792] ____sys_sendmsg+0xa95/0xc70 [ 2097.956114][T29792] ? copy_msghdr_from_user+0x10a/0x160 [ 2097.956139][T29792] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2097.956162][T29792] ? lock_acquire+0x179/0x350 [ 2097.956189][T29792] ? find_held_lock+0x2b/0x80 [ 2097.956214][T29792] ___sys_sendmsg+0x134/0x1d0 [ 2097.956242][T29792] ? __pfx____sys_sendmsg+0x10/0x10 [ 2097.956287][T29792] ? __mutex_unlock_slowpath+0x100/0x800 [ 2097.956320][T29792] __sys_sendmsg+0x16d/0x220 [ 2097.956346][T29792] ? __pfx___sys_sendmsg+0x10/0x10 [ 2097.956376][T29792] ? rcu_is_watching+0x12/0xc0 [ 2097.956409][T29792] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 2097.956435][T29792] do_syscall_64+0xcd/0x4c0 [ 2097.956464][T29792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2097.956483][T29792] RIP: 0033:0x7f71d5b8ebe9 [ 2097.956499][T29792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2097.956517][T29792] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2097.956535][T29792] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2097.956547][T29792] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 2097.956559][T29792] RBP: 00007f71d69e2090 R08: 0000000000000000 R09: 0000000000000000 [ 2097.956569][T29792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2097.956579][T29792] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2097.956604][T29792] [ 2098.305808][T29799] FAULT_INJECTION: forcing a failure. [ 2098.305808][T29799] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2098.319095][T29799] CPU: 0 UID: 0 PID: 29799 Comm: syz.7.6187 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2098.319121][T29799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2098.319130][T29799] Call Trace: [ 2098.319135][T29799] [ 2098.319143][T29799] dump_stack_lvl+0x16c/0x1f0 [ 2098.319174][T29799] should_fail_ex+0x512/0x640 [ 2098.319194][T29799] _copy_from_user+0x2e/0xd0 [ 2098.319212][T29799] __do_sys_add_key+0x229/0x470 [ 2098.319239][T29799] ? __pfx___do_sys_add_key+0x10/0x10 [ 2098.319261][T29799] ? ksys_write+0x1ac/0x250 [ 2098.319289][T29799] do_syscall_64+0xcd/0x4c0 [ 2098.319316][T29799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2098.319332][T29799] RIP: 0033:0x7f6e1638ebe9 [ 2098.319346][T29799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2098.319363][T29799] RSP: 002b:00007f6e17268038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8 [ 2098.319381][T29799] RAX: ffffffffffffffda RBX: 00007f6e165b6090 RCX: 00007f6e1638ebe9 [ 2098.319391][T29799] RDX: 00002000000000c0 RSI: 0000200000000440 RDI: 00002000000003c0 [ 2098.319402][T29799] RBP: 00007f6e17268090 R08: fffffffffffffffd R09: 0000000000000000 [ 2098.319413][T29799] R10: 0000000000005ba8 R11: 0000000000000246 R12: 0000000000000001 [ 2098.319423][T29799] R13: 00007f6e165b6128 R14: 00007f6e165b6090 R15: 00007ffff0a0bd78 [ 2098.319445][T29799] [ 2099.984088][T29819] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6192'. [ 2100.701979][T29807] 9pnet_fd: Insufficient options for proto=fd [ 2101.557806][T29830] delete_channel: no stack [ 2101.923217][T29834] affs: No valid root block on device nullb0 [ 2102.948933][T29842] netlink: 136 bytes leftover after parsing attributes in process `syz.8.6200'. [ 2104.159420][T29854] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6202'. [ 2104.862723][T29854] bridge0: port 2(bridge_slave_1) entered disabled state [ 2104.871824][T29854] bridge0: port 1(bridge_slave_0) entered disabled state [ 2105.075155][T29863] FAULT_INJECTION: forcing a failure. [ 2105.075155][T29863] name failslab, interval 1, probability 0, space 0, times 0 [ 2105.718443][T29863] CPU: 1 UID: 0 PID: 29863 Comm: syz.1.6207 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2105.718461][T29863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2105.718468][T29863] Call Trace: [ 2105.718473][T29863] [ 2105.718477][T29863] dump_stack_lvl+0x16c/0x1f0 [ 2105.718499][T29863] should_fail_ex+0x512/0x640 [ 2105.718510][T29863] ? fs_reclaim_acquire+0xae/0x150 [ 2105.718526][T29863] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2105.718540][T29863] should_failslab+0xc2/0x120 [ 2105.718553][T29863] __kmalloc_noprof+0xd2/0x510 [ 2105.718568][T29863] tomoyo_realpath_from_path+0xc2/0x6e0 [ 2105.718586][T29863] tomoyo_check_open_permission+0x2ab/0x3c0 [ 2105.718604][T29863] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 2105.718629][T29863] ? find_held_lock+0x2b/0x80 [ 2105.718646][T29863] tomoyo_file_open+0x6b/0x90 [ 2105.718663][T29863] security_file_open+0x84/0x1e0 [ 2105.718679][T29863] do_dentry_open+0x596/0x1530 [ 2105.718695][T29863] vfs_open+0x82/0x3f0 [ 2105.718711][T29863] path_openat+0x1de4/0x2cb0 [ 2105.718728][T29863] ? __pfx_path_openat+0x10/0x10 [ 2105.718743][T29863] do_filp_open+0x20b/0x470 [ 2105.718756][T29863] ? __pfx_do_filp_open+0x10/0x10 [ 2105.718778][T29863] ? alloc_fd+0x471/0x7d0 [ 2105.718794][T29863] do_sys_openat2+0x11b/0x1d0 [ 2105.718808][T29863] ? __pfx_do_sys_openat2+0x10/0x10 [ 2105.718825][T29863] ? __fget_files+0x20e/0x3c0 [ 2105.718839][T29863] __x64_sys_openat+0x174/0x210 [ 2105.718856][T29863] ? __pfx___x64_sys_openat+0x10/0x10 [ 2105.718871][T29863] ? ksys_write+0x1ac/0x250 [ 2105.718886][T29863] do_syscall_64+0xcd/0x4c0 [ 2105.718904][T29863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2105.718915][T29863] RIP: 0033:0x7fa54878ebe9 [ 2105.718924][T29863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2105.718935][T29863] RSP: 002b:00007fa549560038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2105.718946][T29863] RAX: ffffffffffffffda RBX: 00007fa5489b5fa0 RCX: 00007fa54878ebe9 [ 2105.718953][T29863] RDX: 0000000000020842 RSI: 000020000000c380 RDI: ffffffffffffff9c [ 2105.718960][T29863] RBP: 00007fa549560090 R08: 0000000000000000 R09: 0000000000000000 [ 2105.718966][T29863] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001 [ 2105.718972][T29863] R13: 00007fa5489b6038 R14: 00007fa5489b5fa0 R15: 00007ffe27bfa6c8 [ 2105.718986][T29863] [ 2105.718990][T29863] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2105.978496][T12841] usb 9-1: new high-speed USB device number 63 using dummy_hcd [ 2106.153372][T29872] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6208'. [ 2106.971149][T12841] usb 9-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac [ 2107.041517][T12841] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2107.045918][ T30] audit: type=1326 audit(1754508917.957:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29869 comm="syz.6.6208" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f823458ebe9 code=0x0 [ 2107.114795][T12841] usb 9-1: Product: syz [ 2107.131974][T12841] usb 9-1: Manufacturer: syz [ 2107.259655][T12841] usb 9-1: SerialNumber: syz [ 2107.275497][T12841] usb 9-1: config 0 descriptor?? [ 2107.313209][T12841] usb 9-1: interface 1 not found [ 2107.674363][T29885] openvswitch: : Dropping previously announced user features [ 2107.772854][T29886] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6211'. [ 2109.461714][ T1206] usb 9-1: USB disconnect, device number 63 [ 2112.599932][T29919] FAULT_INJECTION: forcing a failure. [ 2112.599932][T29919] name failslab, interval 1, probability 0, space 0, times 0 [ 2112.670323][T29919] CPU: 0 UID: 0 PID: 29919 Comm: syz.6.6222 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2112.670341][T29919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2112.670347][T29919] Call Trace: [ 2112.670351][T29919] [ 2112.670356][T29919] dump_stack_lvl+0x16c/0x1f0 [ 2112.670377][T29919] should_fail_ex+0x512/0x640 [ 2112.670388][T29919] ? __kmalloc_noprof+0xbf/0x510 [ 2112.670400][T29919] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 2112.670414][T29919] should_failslab+0xc2/0x120 [ 2112.670427][T29919] __kmalloc_noprof+0xd2/0x510 [ 2112.670440][T29919] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 2112.670454][T29919] ? cred_has_capability.isra.0+0x190/0x310 [ 2112.670470][T29919] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 2112.670482][T29919] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 2112.670499][T29919] ? bpf_lsm_capable+0x9/0x10 [ 2112.670514][T29919] ? security_capable+0x7e/0x260 [ 2112.670528][T29919] genl_rcv_msg+0x55c/0x800 [ 2112.670544][T29919] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2112.670561][T29919] ? __pfx_ip_vs_genl_set_cmd+0x10/0x10 [ 2112.670576][T29919] ? __lock_acquire+0x62e/0x1ce0 [ 2112.670595][T29919] netlink_rcv_skb+0x155/0x420 [ 2112.670612][T29919] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2112.670624][T29919] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2112.670646][T29919] ? netlink_deliver_tap+0x1ae/0xd30 [ 2112.670661][T29919] ? selinux_netlink_send+0x578/0x830 [ 2112.670673][T29919] ? is_vmalloc_addr+0x86/0xa0 [ 2112.670686][T29919] genl_rcv+0x28/0x40 [ 2112.670695][T29919] netlink_unicast+0x5aa/0x870 [ 2112.670713][T29919] ? __pfx_netlink_unicast+0x10/0x10 [ 2112.670730][T29919] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2112.670751][T29919] netlink_sendmsg+0x8d1/0xdd0 [ 2112.670769][T29919] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2112.670792][T29919] ____sys_sendmsg+0xa95/0xc70 [ 2112.670806][T29919] ? copy_msghdr_from_user+0x10a/0x160 [ 2112.670822][T29919] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2112.670840][T29919] ___sys_sendmsg+0x134/0x1d0 [ 2112.670856][T29919] ? __pfx____sys_sendmsg+0x10/0x10 [ 2112.670884][T29919] ? __mutex_unlock_slowpath+0x100/0x800 [ 2112.670906][T29919] __sys_sendmsg+0x16d/0x220 [ 2112.670922][T29919] ? __pfx___sys_sendmsg+0x10/0x10 [ 2112.670947][T29919] do_syscall_64+0xcd/0x4c0 [ 2112.670965][T29919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2112.670976][T29919] RIP: 0033:0x7f823458ebe9 [ 2112.670985][T29919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2112.670996][T29919] RSP: 002b:00007f8235378038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2112.671006][T29919] RAX: ffffffffffffffda RBX: 00007f82347b5fa0 RCX: 00007f823458ebe9 [ 2112.671013][T29919] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 2112.671020][T29919] RBP: 00007f8235378090 R08: 0000000000000000 R09: 0000000000000000 [ 2112.671026][T29919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2112.671032][T29919] R13: 00007f82347b6038 R14: 00007f82347b5fa0 R15: 00007ffc4d2acfc8 [ 2112.671046][T29919] [ 2113.213399][T29926] FAULT_INJECTION: forcing a failure. [ 2113.213399][T29926] name failslab, interval 1, probability 0, space 0, times 0 [ 2113.226131][T29926] CPU: 1 UID: 0 PID: 29926 Comm: syz.6.6224 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2113.226158][T29926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2113.226170][T29926] Call Trace: [ 2113.226178][T29926] [ 2113.226186][T29926] dump_stack_lvl+0x16c/0x1f0 [ 2113.226216][T29926] should_fail_ex+0x512/0x640 [ 2113.226233][T29926] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 2113.226263][T29926] should_failslab+0xc2/0x120 [ 2113.226284][T29926] __kmalloc_cache_noprof+0x6a/0x3e0 [ 2113.226312][T29926] ? copy_mount_options+0x55/0x190 [ 2113.226337][T29926] ? _copy_from_user+0x59/0xd0 [ 2113.226359][T29926] copy_mount_options+0x55/0x190 [ 2113.226386][T29926] __x64_sys_mount+0x1ac/0x310 [ 2113.226409][T29926] ? __pfx___x64_sys_mount+0x10/0x10 [ 2113.226439][T29926] do_syscall_64+0xcd/0x4c0 [ 2113.226474][T29926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2113.226492][T29926] RIP: 0033:0x7f823458ebe9 [ 2113.226507][T29926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2113.226524][T29926] RSP: 002b:00007f8235336038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 2113.226541][T29926] RAX: ffffffffffffffda RBX: 00007f82347b6180 RCX: 00007f823458ebe9 [ 2113.226553][T29926] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 2113.226564][T29926] RBP: 00007f8235336090 R08: 0000200000000340 R09: 0000000000000000 [ 2113.226575][T29926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2113.226586][T29926] R13: 00007f82347b6218 R14: 00007f82347b6180 R15: 00007ffc4d2acfc8 [ 2113.226609][T29926] [ 2113.482094][T29928] netlink: 'syz.2.6223': attribute type 2 has an invalid length. [ 2114.471927][T29943] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6228'. [ 2115.986195][T29955] usb usb8: usbfs: process 29955 (syz.2.6231) did not claim interface 0 before use [ 2116.635487][T29963] : entered promiscuous mode [ 2116.732042][T29964] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6232'. [ 2116.990313][T27796] usb 9-1: new high-speed USB device number 64 using dummy_hcd [ 2117.266865][T29969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6233'. [ 2117.466156][T27796] usb 9-1: Using ep0 maxpacket: 8 [ 2117.479300][T27796] usb 9-1: unable to get BOS descriptor or descriptor too short [ 2117.494026][T27796] usb 9-1: config 7 has an invalid interface number: 59 but max is 0 [ 2117.503039][T27796] usb 9-1: config 7 has no interface number 0 [ 2117.509199][T27796] usb 9-1: config 7 interface 59 has no altsetting 0 [ 2117.521480][T27796] usb 9-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=cc.70 [ 2117.531728][T27796] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2117.560248][T27796] usb 9-1: Product: syz [ 2117.574311][T27796] usb 9-1: Manufacturer: syz [ 2117.606897][T27796] usb 9-1: SerialNumber: syz [ 2117.660625][T29973] program syz.6.6234 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2118.996889][T29979] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2119.155074][T29984] netlink: 104 bytes leftover after parsing attributes in process `syz.2.6238'. [ 2119.221475][T13936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2119.265538][T13936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2119.318270][T27796] usb 9-1: can't set config #7, error -71 [ 2119.335170][T27796] usb 9-1: USB disconnect, device number 64 [ 2121.709137][T30014] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6245'. [ 2122.343622][T30020] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6246'. [ 2124.513042][T30046] loop6: detected capacity change from 0 to 512 [ 2124.540175][T30046] buffer_io_error: 6 callbacks suppressed [ 2124.540185][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.596071][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.596158][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.596233][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.596309][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597096][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597185][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597261][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597315][T30046] ldm_validate_partition_table(): Disk read failed. [ 2124.597349][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597424][T30046] Buffer I/O error on dev loop6, logical block 0, async page read [ 2124.597609][T30046] Dev loop6: unable to read RDB block 0 [ 2124.597948][T30046] loop6: unable to read partition table [ 2124.598108][T30046] loop_reread_partitions: partition scan of loop6 () failed (rc=-5) [ 2124.633651][T30047] ldm_validate_partition_table(): Disk read failed. [ 2124.633985][T30047] Dev loop6: unable to read RDB block 0 [ 2124.634327][T30047] loop6: unable to read partition table [ 2124.634477][T30047] loop_reread_partitions: partition scan of loop6 () failed (rc=-5) [ 2124.925882][T17892] usb 9-1: new high-speed USB device number 65 using dummy_hcd [ 2125.073750][ T1206] libceph: connect (1)[c::]:6789 error -101 [ 2125.073913][ T1206] libceph: mon0 (1)[c::]:6789 connect error [ 2125.219696][T30054] delete_channel: no stack [ 2125.258132][T17892] usb 9-1: Using ep0 maxpacket: 8 [ 2125.321790][ T1206] libceph: connect (1)[c::]:6789 error -101 [ 2125.321944][ T1206] libceph: mon0 (1)[c::]:6789 connect error [ 2125.336192][T17892] usb 9-1: config 162 has an invalid interface number: 236 but max is 0 [ 2125.336257][T17892] usb 9-1: config 162 has no interface number 0 [ 2125.336284][T17892] usb 9-1: config 162 interface 236 has no altsetting 0 [ 2125.338657][T17892] usb 9-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e9.c0 [ 2125.338681][T17892] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2125.338699][T17892] usb 9-1: Product: syz [ 2125.338712][T17892] usb 9-1: Manufacturer: syz [ 2125.338726][T17892] usb 9-1: SerialNumber: syz [ 2125.807061][ T1206] libceph: connect (1)[c::]:6789 error -101 [ 2125.807828][ T1206] libceph: mon0 (1)[c::]:6789 connect error [ 2126.030693][T30056] ceph: No mds server is up or the cluster is laggy [ 2126.476183][T30071] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6259'. [ 2126.562438][T30068] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2127.328687][T17892] cypress_cy7c63 9-1:162.236: Cypress CY7C63xxx device now attached [ 2127.339704][T17892] usb 9-1: USB disconnect, device number 65 [ 2127.348663][T17892] cypress_cy7c63 9-1:162.236: Cypress CY7C63xxx device now disconnected [ 2127.360443][T30088] netlink: 'syz.2.6264': attribute type 3 has an invalid length. [ 2127.613891][T30093] net_ratelimit: 73 callbacks suppressed [ 2127.613903][T30093] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes. [ 2127.644080][T30092] FAULT_INJECTION: forcing a failure. [ 2127.644080][T30092] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2127.665491][T30088] netlink: 'syz.2.6264': attribute type 1 has an invalid length. [ 2127.673932][T30092] CPU: 0 UID: 0 PID: 30092 Comm: syz.7.6265 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2127.673957][T30092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2127.673968][T30092] Call Trace: [ 2127.673974][T30092] [ 2127.673982][T30092] dump_stack_lvl+0x16c/0x1f0 [ 2127.674012][T30092] should_fail_ex+0x512/0x640 [ 2127.674033][T30092] _copy_to_user+0x32/0xd0 [ 2127.674056][T30092] simple_read_from_buffer+0xcb/0x170 [ 2127.674076][T30092] proc_fail_nth_read+0x197/0x240 [ 2127.674099][T30092] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2127.674122][T30092] ? rw_verify_area+0xcf/0x6c0 [ 2127.674149][T30092] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2127.674169][T30092] vfs_read+0x1e1/0xc60 [ 2127.674190][T30092] ? __pfx___mutex_lock+0x10/0x10 [ 2127.674217][T30092] ? __pfx_vfs_read+0x10/0x10 [ 2127.674242][T30092] ? __fget_files+0x20e/0x3c0 [ 2127.674269][T30092] ksys_read+0x12a/0x250 [ 2127.674294][T30092] ? __pfx_ksys_read+0x10/0x10 [ 2127.674318][T30092] do_syscall_64+0xcd/0x4c0 [ 2127.674345][T30092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2127.674364][T30092] RIP: 0033:0x7f6e1638d5fc [ 2127.674379][T30092] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2127.674392][T30092] RSP: 002b:00007f6e17268030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2127.674406][T30092] RAX: ffffffffffffffda RBX: 00007f6e165b6090 RCX: 00007f6e1638d5fc [ 2127.674415][T30092] RDX: 000000000000000f RSI: 00007f6e172680a0 RDI: 0000000000000005 [ 2127.674424][T30092] RBP: 00007f6e17268090 R08: 0000000000000000 R09: 0000000000000000 [ 2127.674432][T30092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2127.674440][T30092] R13: 00007f6e165b6128 R14: 00007f6e165b6090 R15: 00007ffff0a0bd78 [ 2127.674459][T30092] [ 2127.690584][T30088] netlink: 216 bytes leftover after parsing attributes in process `syz.2.6264'. [ 2127.916245][T30088] NCSI netlink: No device for ifindex 0 [ 2129.191893][ T30] audit: type=1400 audit(1754508941.242:1123): avc: denied { getattr } for pid=30112 comm="syz.2.6271" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=121447 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 2129.389021][T30118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6272'. [ 2129.935126][T11461] usb 9-1: new high-speed USB device number 66 using dummy_hcd [ 2130.029302][T30126] FAULT_INJECTION: forcing a failure. [ 2130.029302][T30126] name failslab, interval 1, probability 0, space 0, times 0 [ 2130.047638][T30126] CPU: 1 UID: 0 PID: 30126 Comm: syz.1.6275 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2130.047654][T30126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2130.047661][T30126] Call Trace: [ 2130.047665][T30126] [ 2130.047669][T30126] dump_stack_lvl+0x16c/0x1f0 [ 2130.047690][T30126] should_fail_ex+0x512/0x640 [ 2130.047700][T30126] ? fs_reclaim_acquire+0xae/0x150 [ 2130.047717][T30126] should_failslab+0xc2/0x120 [ 2130.047730][T30126] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2130.047741][T30126] ? arch_stack_walk+0xa6/0x100 [ 2130.047754][T30126] ? p9_tag_alloc+0x9c/0x640 [ 2130.047772][T30126] p9_tag_alloc+0x9c/0x640 [ 2130.047789][T30126] ? __pfx_p9_tag_alloc+0x10/0x10 [ 2130.047805][T30126] ? stack_trace_save+0x8e/0xc0 [ 2130.047819][T30126] ? __pfx_stack_trace_save+0x10/0x10 [ 2130.047834][T30126] ? stack_depot_save_flags+0x29/0x9c0 [ 2130.047847][T30126] p9_client_prepare_req+0x19b/0x4d0 [ 2130.047864][T30126] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 2130.047880][T30126] ? netfs_alloc_subrequest+0xc1/0x3c0 [ 2130.047895][T30126] ? netfs_unbuffered_write_iter+0x414/0x6d0 [ 2130.047910][T30126] ? __lock_acquire+0x62e/0x1ce0 [ 2130.047928][T30126] p9_client_rpc+0x1c4/0xc50 [ 2130.047946][T30126] ? __pfx_p9_client_rpc+0x10/0x10 [ 2130.047963][T30126] ? __lock_acquire+0xb97/0x1ce0 [ 2130.047985][T30126] ? do_raw_spin_lock+0x12c/0x2b0 [ 2130.047999][T30126] p9_client_write+0x245/0x6f0 [ 2130.048014][T30126] ? __pfx_p9_client_write+0x10/0x10 [ 2130.048025][T30126] ? __pfx___debug_object_init+0x10/0x10 [ 2130.048043][T30126] v9fs_issue_write+0xe3/0x1b0 [ 2130.048056][T30126] ? __pfx_v9fs_issue_write+0x10/0x10 [ 2130.048067][T30126] ? find_held_lock+0x2b/0x80 [ 2130.048082][T30126] ? rcu_is_watching+0x12/0xc0 [ 2130.048097][T30126] netfs_do_issue_write+0x95/0x110 [ 2130.048107][T30126] netfs_advance_write+0x387/0xc50 [ 2130.048122][T30126] netfs_unbuffered_write+0x12b/0x230 [ 2130.048136][T30126] netfs_unbuffered_write_iter_locked+0x7d8/0xa00 [ 2130.048153][T30126] netfs_unbuffered_write_iter+0x414/0x6d0 [ 2130.048169][T30126] v9fs_file_write_iter+0xbf/0x100 [ 2130.048184][T30126] do_iter_readv_writev+0x657/0x950 [ 2130.048203][T30126] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 2130.048227][T30126] vfs_writev+0x35f/0xde0 [ 2130.048241][T30126] ? __pfx_vfs_writev+0x10/0x10 [ 2130.048250][T30126] ? __mutex_lock+0x1c4/0x10b0 [ 2130.048267][T30126] ? find_held_lock+0x2b/0x80 [ 2130.048283][T30126] ? __pfx___mutex_lock+0x10/0x10 [ 2130.048305][T30126] ? __fget_files+0x20e/0x3c0 [ 2130.048316][T30126] ? __fget_files+0x120/0x3c0 [ 2130.048330][T30126] ? do_writev+0x132/0x340 [ 2130.048339][T30126] do_writev+0x132/0x340 [ 2130.048349][T30126] ? __pfx_do_writev+0x10/0x10 [ 2130.048363][T30126] do_syscall_64+0xcd/0x4c0 [ 2130.048381][T30126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2130.048392][T30126] RIP: 0033:0x7fa54878ebe9 [ 2130.048401][T30126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2130.048411][T30126] RSP: 002b:00007fa549560038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 2130.048426][T30126] RAX: ffffffffffffffda RBX: 00007fa5489b5fa0 RCX: 00007fa54878ebe9 [ 2130.048433][T30126] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000007 [ 2130.048440][T30126] RBP: 00007fa549560090 R08: 0000000000000000 R09: 0000000000000000 [ 2130.048446][T30126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2130.048452][T30126] R13: 00007fa5489b6038 R14: 00007fa5489b5fa0 R15: 00007ffe27bfa6c8 [ 2130.048466][T30126] [ 2130.392987][ C1] vkms_vblank_simulate: vblank timer overrun [ 2130.517628][T11461] usb 9-1: Using ep0 maxpacket: 32 [ 2130.525207][T11461] usb 9-1: config 0 has an invalid interface number: 85 but max is 0 [ 2130.533382][T11461] usb 9-1: config 0 has no interface number 0 [ 2130.539481][T11461] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2130.550403][T11461] usb 9-1: config 0 interface 85 has no altsetting 0 [ 2130.962894][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2130.970983][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2130.978141][T11461] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 2130.987210][T11461] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2130.997676][T11461] usb 9-1: Product: syz [ 2131.001839][T11461] usb 9-1: Manufacturer: syz [ 2131.007172][T11461] usb 9-1: SerialNumber: syz [ 2131.026312][T11461] usb 9-1: config 0 descriptor?? [ 2131.141292][T30136] delete_channel: no stack [ 2131.292507][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2131.335649][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2131.666305][T30143] netlink: 'syz.7.6278': attribute type 1 has an invalid length. [ 2131.694404][T30129] ceph: No mds server is up or the cluster is laggy [ 2132.133514][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2132.144745][T30142] netlink: 'syz.6.6279': attribute type 2 has an invalid length. [ 2132.154033][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2132.365200][T30145] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 2132.381446][T11461] appletouch 9-1:0.85: Geyser mode initialized. [ 2132.388975][T30143] bond1: entered promiscuous mode [ 2132.406267][T30142] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6279'. [ 2132.427946][T11461] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input95 [ 2132.438012][T30150] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2132.449681][T30143] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2132.627836][T30147] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2133.146490][T30147] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 2133.180744][T30147] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 2133.235344][T30147] bond1: (slave vcan1): making interface the new active one [ 2133.242865][T30147] vcan1: entered promiscuous mode [ 2133.263054][T30147] bond1: (slave vcan1): Enslaving as an active interface with an up link [ 2133.984533][T12841] usb 9-1: USB disconnect, device number 66 [ 2134.373547][T30163] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6283'. [ 2134.657929][T12841] appletouch 9-1:0.85: input: appletouch disconnected [ 2136.134198][T30185] openvswitch: : Dropping previously announced user features [ 2136.224390][T30187] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6289'. [ 2138.472498][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2138.499660][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2138.506237][T30224] affs: No valid root block on device nullb0 [ 2138.791745][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2138.804994][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2138.915354][T30229] delete_channel: no stack [ 2139.052133][T30217] ceph: No mds server is up or the cluster is laggy [ 2140.013343][T30237] openvswitch: : Dropping previously announced user features [ 2140.104163][T30238] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6303'. [ 2140.643817][T17892] libceph: connect (1)[c::]:6789 error -101 [ 2140.649838][T17892] libceph: mon0 (1)[c::]:6789 connect error [ 2140.899610][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2140.913041][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2141.635154][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2141.641563][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2141.685147][T30270] FAULT_INJECTION: forcing a failure. [ 2141.685147][T30270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2141.698768][T30270] CPU: 1 UID: 0 PID: 30270 Comm: syz.2.6309 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2141.698795][T30270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2141.698806][T30270] Call Trace: [ 2141.698812][T30270] [ 2141.698819][T30270] dump_stack_lvl+0x16c/0x1f0 [ 2141.698850][T30270] should_fail_ex+0x512/0x640 [ 2141.698871][T30270] _copy_to_iter+0x29f/0x16f0 [ 2141.698898][T30270] ? __pfx__copy_to_iter+0x10/0x10 [ 2141.698916][T30270] ? find_held_lock+0x2b/0x80 [ 2141.698939][T30270] ? is_bpf_text_address+0x8a/0x1a0 [ 2141.698958][T30270] ? bpf_ksym_find+0x127/0x1c0 [ 2141.698980][T30270] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 2141.699005][T30270] ? is_bpf_text_address+0x94/0x1a0 [ 2141.699026][T30270] simple_copy_to_iter+0x46/0x90 [ 2141.699049][T30270] __skb_datagram_iter+0x5af/0x900 [ 2141.699070][T30270] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 2141.699098][T30270] skb_copy_datagram_iter+0x40/0x50 [ 2141.699128][T30270] tcp_recvmsg_locked+0x1b28/0x2870 [ 2141.699163][T30270] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 2141.699184][T30270] ? __lock_acquire+0xb97/0x1ce0 [ 2141.699214][T30270] ? import_ubuf+0x1b6/0x220 [ 2141.699234][T30270] tcp_zerocopy_receive+0x12db/0x20f0 [ 2141.699266][T30270] ? __pfx___might_resched+0x10/0x10 [ 2141.699292][T30270] ? __pfx_tcp_zerocopy_receive+0x10/0x10 [ 2141.699314][T30270] ? process_measurement+0x4a6/0x23e0 [ 2141.699337][T30270] ? down_write+0x14d/0x200 [ 2141.699357][T30270] ? __lock_acquire+0xb97/0x1ce0 [ 2141.699393][T30270] ? __lock_acquire+0xb97/0x1ce0 [ 2141.699448][T30270] ? __local_bh_enable_ip+0xa4/0x120 [ 2141.699470][T30270] ? lockdep_hardirqs_on+0x7c/0x110 [ 2141.699500][T30270] do_tcp_getsockopt+0x10ee/0x2670 [ 2141.699530][T30270] ? __pfx_do_tcp_getsockopt+0x10/0x10 [ 2141.699553][T30270] ? arch_stack_walk+0xa6/0x100 [ 2141.699580][T30270] ? __lock_acquire+0x62e/0x1ce0 [ 2141.699623][T30270] ? find_held_lock+0x2b/0x80 [ 2141.699645][T30270] ? avc_has_perm_noaudit+0x117/0x3b0 [ 2141.699676][T30270] ? avc_has_perm_noaudit+0x149/0x3b0 [ 2141.699705][T30270] ? avc_has_perm+0x144/0x1f0 [ 2141.699730][T30270] ? __pfx_avc_has_perm+0x10/0x10 [ 2141.699757][T30270] ? __lock_acquire+0xb97/0x1ce0 [ 2141.699784][T30270] ? sock_has_perm+0x259/0x2f0 [ 2141.699809][T30270] ? find_held_lock+0x2b/0x80 [ 2141.699828][T30270] ? __might_fault+0xe3/0x190 [ 2141.699845][T30270] ? __might_fault+0xe3/0x190 [ 2141.699858][T30270] ? __might_fault+0x13b/0x190 [ 2141.699877][T30270] tcp_getsockopt+0xdf/0x100 [ 2141.699902][T30270] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 2141.699919][T30270] do_sock_getsockopt+0x34d/0x440 [ 2141.699938][T30270] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 2141.699953][T30270] ? __fget_files+0x204/0x3c0 [ 2141.699983][T30270] __sys_getsockopt+0x12f/0x260 [ 2141.700012][T30270] __x64_sys_getsockopt+0xbd/0x160 [ 2141.700034][T30270] ? do_syscall_64+0x91/0x4c0 [ 2141.700058][T30270] ? lockdep_hardirqs_on+0x7c/0x110 [ 2141.700081][T30270] do_syscall_64+0xcd/0x4c0 [ 2141.700107][T30270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2141.700131][T30270] RIP: 0033:0x7f71d5b8ebe9 [ 2141.700146][T30270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2141.700163][T30270] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 2141.700180][T30270] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2141.700192][T30270] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004 [ 2141.700202][T30270] RBP: 00007f71d69e2090 R08: 0000200000000a80 R09: 0000000000000000 [ 2141.700212][T30270] R10: 0000200000000a40 R11: 0000000000000246 R12: 0000000000000001 [ 2141.700223][T30270] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2141.700247][T30270] [ 2142.174447][T30250] ceph: No mds server is up or the cluster is laggy [ 2143.145392][T30284] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6313'. [ 2144.958161][T27796] usb 9-1: new high-speed USB device number 67 using dummy_hcd [ 2144.985673][T30297] delete_channel: no stack [ 2145.157203][T27796] usb 9-1: Using ep0 maxpacket: 16 [ 2145.247509][T27796] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2145.285783][T27796] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2145.329614][T27796] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 2145.363403][T27796] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2145.389387][T27796] usb 9-1: config 0 descriptor?? [ 2145.481251][T30303] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6318'. [ 2146.272724][T27796] usb 9-1: can't set config #0, error -71 [ 2146.282141][T27796] usb 9-1: USB disconnect, device number 67 [ 2146.599388][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2146.605539][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2146.666742][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2146.853598][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2147.135621][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2147.303821][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2147.313133][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2147.340615][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2147.361228][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2147.367344][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2147.420472][T30310] ceph: No mds server is up or the cluster is laggy [ 2147.516988][T30323] ceph: No mds server is up or the cluster is laggy [ 2147.624882][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2147.730773][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2148.233686][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2148.243441][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2148.391613][T30330] ceph: No mds server is up or the cluster is laggy [ 2148.481283][ T5931] usb 3-1: new high-speed USB device number 61 using dummy_hcd [ 2148.765874][ T5931] usb 3-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac [ 2148.767520][T27796] usb 9-1: new high-speed USB device number 68 using dummy_hcd [ 2148.776474][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2148.793593][ T5931] usb 3-1: Product: syz [ 2148.797973][ T5931] usb 3-1: Manufacturer: syz [ 2148.805095][T30354] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2148.856437][ T5931] usb 3-1: SerialNumber: syz [ 2148.866943][ T5931] usb 3-1: config 0 descriptor?? [ 2148.886762][ T5931] usb 3-1: interface 1 not found [ 2148.948603][T27796] usb 9-1: Using ep0 maxpacket: 8 [ 2148.957303][T27796] usb 9-1: unable to get BOS descriptor or descriptor too short [ 2148.966752][T27796] usb 9-1: config 7 has an invalid interface number: 59 but max is 0 [ 2148.982869][T27796] usb 9-1: config 7 has no interface number 0 [ 2148.999428][T27796] usb 9-1: config 7 interface 59 has no altsetting 0 [ 2149.017964][T27796] usb 9-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=cc.70 [ 2149.032915][T27796] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2149.053379][T27796] usb 9-1: Product: syz [ 2149.064669][T27796] usb 9-1: Manufacturer: syz [ 2149.069266][T27796] usb 9-1: SerialNumber: syz [ 2149.507948][ T30] audit: type=1400 audit(1754508962.479:1124): avc: denied { write } for pid=30367 comm="syz.1.6338" name="file0" dev="fuse" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 2150.665312][ T5931] usb 3-1: USB disconnect, device number 61 [ 2150.680877][T27796] kobil_sct 9-1:7.59: KOBIL USB smart card terminal converter detected [ 2150.718040][T27796] usb 9-1: KOBIL USB smart card terminal converter now attached to ttyUSB0 [ 2150.730164][ T30] audit: type=1400 audit(1754508963.854:1125): avc: denied { getopt } for pid=30380 comm="syz.6.6342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 2150.741110][T27796] usb 9-1: USB disconnect, device number 68 [ 2150.773098][T27796] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0 [ 2150.784274][T30384] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2150.796463][T27796] kobil_sct 9-1:7.59: device disconnected [ 2151.053873][T30391] openvswitch: : Dropping previously announced user features [ 2151.142620][T30393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6343'. [ 2152.609310][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2152.806656][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2152.923044][T30419] netlink: 'syz.6.6353': attribute type 1 has an invalid length. [ 2152.998251][T30419] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2153.268868][T30402] ceph: No mds server is up or the cluster is laggy [ 2153.495350][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2153.501401][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2153.510863][T30423] 8021q: adding VLAN 0 to HW filter on device bond1 [ 2153.518071][T30423] bond1: (slave vxcan1): The slave device specified does not support setting the MAC address [ 2153.631055][T30423] bond1: (slave vxcan1): Error -95 calling set_mac_address [ 2153.866865][T30434] ptrace attach of "./syz-executor exec"[29469] was attempted by "./syz-executor exec"[30434] [ 2154.273521][T27796] usb 9-1: new high-speed USB device number 69 using dummy_hcd [ 2154.927955][T30439] delete_channel: no stack [ 2155.206584][T30419] gretap2: entered promiscuous mode [ 2155.232868][T30419] bond1: (slave gretap2): making interface the new active one [ 2155.266022][T30419] bond1: (slave gretap2): Enslaving as an active interface with an up link [ 2155.274994][T27796] usb 9-1: Using ep0 maxpacket: 32 [ 2155.399975][T27796] usb 9-1: config 0 has an invalid interface number: 85 but max is 0 [ 2155.408152][T27796] usb 9-1: config 0 has no interface number 0 [ 2155.416358][T27796] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2155.417849][T30431] macvlan2: entered promiscuous mode [ 2155.427558][T27796] usb 9-1: config 0 interface 85 has no altsetting 0 [ 2155.439627][T30431] macvlan2: entered allmulticast mode [ 2155.911390][T30431] bond1: entered promiscuous mode [ 2155.919136][T30431] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 2155.939769][T27796] usb 9-1: string descriptor 0 read error: -71 [ 2155.947518][T30431] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2 [ 2155.964818][T27796] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 2155.974336][T27796] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2155.984842][T27796] usb 9-1: config 0 descriptor?? [ 2155.991985][T27796] usb 9-1: can't set config #0, error -71 [ 2156.003094][T27796] usb 9-1: USB disconnect, device number 69 [ 2156.013580][T30431] bond1: left promiscuous mode [ 2156.045247][T30434] dummy0: entered promiscuous mode [ 2156.051411][T30434] bond0: entered promiscuous mode [ 2156.056625][T30434] bond_slave_0: entered promiscuous mode [ 2156.062426][T30434] bond_slave_1: entered promiscuous mode [ 2156.069802][T30434] hsr1: entered allmulticast mode [ 2156.075224][T30434] dummy0: entered allmulticast mode [ 2156.080428][T30434] bond0: entered allmulticast mode [ 2156.085563][T30434] bond_slave_0: entered allmulticast mode [ 2156.091276][T30434] bond_slave_1: entered allmulticast mode [ 2156.197139][T30448] lo speed is unknown, defaulting to 1000 [ 2156.974209][T30456] lo speed is unknown, defaulting to 1000 [ 2158.998440][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2159.167355][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2159.216976][T30491] usb usb8: usbfs: process 30491 (syz.2.6363) did not claim interface 0 before use [ 2159.472160][T17892] libceph: connect (1)[c::]:6789 error -101 [ 2159.482550][T17892] libceph: mon0 (1)[c::]:6789 connect error [ 2159.513245][ T30] audit: type=1400 audit(1754508972.935:1126): avc: denied { read } for pid=5202 comm="acpid" name="event8" dev="devtmpfs" ino=3805 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2159.535057][ C0] vkms_vblank_simulate: vblank timer overrun [ 2159.541360][ T30] audit: type=1400 audit(1754508972.935:1127): avc: denied { open } for pid=5202 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=3805 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2159.564221][ T30] audit: type=1400 audit(1754508972.935:1128): avc: denied { ioctl } for pid=5202 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=3805 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 2159.588423][ C0] vkms_vblank_simulate: vblank timer overrun [ 2159.690643][T30485] ceph: No mds server is up or the cluster is laggy [ 2159.706188][T30496] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6367'. [ 2159.971987][T30504] delete_channel: no stack [ 2160.415451][ T30] audit: type=1326 audit(1754508973.995:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2160.438957][ C0] vkms_vblank_simulate: vblank timer overrun [ 2160.609598][T30511] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2160.622641][ T30] audit: type=1326 audit(1754508973.995:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2160.646177][ C0] vkms_vblank_simulate: vblank timer overrun [ 2160.836271][ T30] audit: type=1326 audit(1754508973.995:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2160.999165][ T30] audit: type=1326 audit(1754508973.995:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2161.073290][T30515] Device name cannot be null; rc = [-22] [ 2161.458082][ T30] audit: type=1326 audit(1754508974.016:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2161.516663][ T30] audit: type=1326 audit(1754508974.016:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2161.743040][ T30] audit: type=1326 audit(1754508974.016:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30507 comm="syz.1.6371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2161.792070][T30518] FAULT_INJECTION: forcing a failure. [ 2161.792070][T30518] name failslab, interval 1, probability 0, space 0, times 0 [ 2161.833473][T30518] CPU: 1 UID: 0 PID: 30518 Comm: syz.1.6374 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2161.833492][T30518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2161.833499][T30518] Call Trace: [ 2161.833503][T30518] [ 2161.833508][T30518] dump_stack_lvl+0x16c/0x1f0 [ 2161.833530][T30518] should_fail_ex+0x512/0x640 [ 2161.833543][T30518] should_failslab+0xc2/0x120 [ 2161.833557][T30518] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2161.833569][T30518] ? skb_clone+0x190/0x3f0 [ 2161.833587][T30518] skb_clone+0x190/0x3f0 [ 2161.833603][T30518] netlink_deliver_tap+0xabd/0xd30 [ 2161.833627][T30518] netlink_unicast+0x64c/0x870 [ 2161.833646][T30518] ? __pfx_netlink_unicast+0x10/0x10 [ 2161.833662][T30518] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2161.833683][T30518] netlink_sendmsg+0x8d1/0xdd0 [ 2161.833702][T30518] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2161.833723][T30518] ____sys_sendmsg+0xa95/0xc70 [ 2161.833735][T30518] ? copy_msghdr_from_user+0x10a/0x160 [ 2161.833751][T30518] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2161.833768][T30518] ___sys_sendmsg+0x134/0x1d0 [ 2161.833785][T30518] ? __pfx____sys_sendmsg+0x10/0x10 [ 2161.833812][T30518] ? __mutex_unlock_slowpath+0x100/0x800 [ 2161.833833][T30518] __sys_sendmsg+0x16d/0x220 [ 2161.833849][T30518] ? __pfx___sys_sendmsg+0x10/0x10 [ 2161.833873][T30518] do_syscall_64+0xcd/0x4c0 [ 2161.833891][T30518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2161.833902][T30518] RIP: 0033:0x7fa54878ebe9 [ 2161.833911][T30518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2161.833922][T30518] RSP: 002b:00007fa549560038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2161.833933][T30518] RAX: ffffffffffffffda RBX: 00007fa5489b5fa0 RCX: 00007fa54878ebe9 [ 2161.833940][T30518] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 2161.833946][T30518] RBP: 00007fa549560090 R08: 0000000000000000 R09: 0000000000000000 [ 2161.833952][T30518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2161.833958][T30518] R13: 00007fa5489b6038 R14: 00007fa5489b5fa0 R15: 00007ffe27bfa6c8 [ 2161.833972][T30518] [ 2162.459568][T30527] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 2162.471548][T30527] bond0: (slave lo): Error: Device can not be enslaved while up [ 2162.801677][T30526] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6376'. [ 2163.510414][T30540] openvswitch: : Dropping previously announced user features [ 2163.603453][T30542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6380'. [ 2163.825463][T30545] FAULT_INJECTION: forcing a failure. [ 2163.825463][T30545] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2163.843029][T30545] CPU: 0 UID: 0 PID: 30545 Comm: syz.8.6381 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2163.843058][T30545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2163.843068][T30545] Call Trace: [ 2163.843075][T30545] [ 2163.843082][T30545] dump_stack_lvl+0x16c/0x1f0 [ 2163.843114][T30545] should_fail_ex+0x512/0x640 [ 2163.843136][T30545] _copy_from_user+0x2e/0xd0 [ 2163.843162][T30545] btf_new_fd+0x70a/0x5490 [ 2163.843180][T30545] ? avc_has_perm_noaudit+0x149/0x3b0 [ 2163.843209][T30545] ? cred_has_capability.isra.0+0x190/0x310 [ 2163.843231][T30545] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 2163.843257][T30545] ? __pfx_btf_new_fd+0x10/0x10 [ 2163.843276][T30545] ? cap_capable+0xb3/0x250 [ 2163.843296][T30545] ? bpf_lsm_capable+0x9/0x10 [ 2163.843318][T30545] ? security_capable+0x7e/0x260 [ 2163.843336][T30545] ? ns_capable+0xd7/0x110 [ 2163.843360][T30545] __sys_bpf+0x38a/0x4de0 [ 2163.843386][T30545] ? __pfx___sys_bpf+0x10/0x10 [ 2163.843408][T30545] ? ksys_write+0x190/0x250 [ 2163.843431][T30545] ? __mutex_unlock_slowpath+0x163/0x800 [ 2163.843471][T30545] ? fput+0x9b/0xd0 [ 2163.843491][T30545] ? ksys_write+0x1ac/0x250 [ 2163.843506][T30545] ? __pfx_ksys_write+0x10/0x10 [ 2163.843527][T30545] __x64_sys_bpf+0x78/0xc0 [ 2163.843548][T30545] ? lockdep_hardirqs_on+0x7c/0x110 [ 2163.843572][T30545] do_syscall_64+0xcd/0x4c0 [ 2163.843599][T30545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2163.843621][T30545] RIP: 0033:0x7f6d59d8ebe9 [ 2163.843637][T30545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2163.843654][T30545] RSP: 002b:00007f6d5acad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2163.843672][T30545] RAX: ffffffffffffffda RBX: 00007f6d59fb5fa0 RCX: 00007f6d59d8ebe9 [ 2163.843684][T30545] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012 [ 2163.843695][T30545] RBP: 00007f6d5acad090 R08: 0000000000000000 R09: 0000000000000000 [ 2163.843705][T30545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2163.843716][T30545] R13: 00007f6d59fb6038 R14: 00007f6d59fb5fa0 R15: 00007fffd3e7f728 [ 2163.843740][T30545] [ 2164.266403][T30539] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6379'. [ 2164.283332][T30549] FAULT_INJECTION: forcing a failure. [ 2164.283332][T30549] name failslab, interval 1, probability 0, space 0, times 0 [ 2164.332304][T30539] mkiss: ax0: crc mode is auto. [ 2164.379816][T30549] CPU: 1 UID: 0 PID: 30549 Comm: syz.2.6382 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2164.379849][T30549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2164.379860][T30549] Call Trace: [ 2164.379867][T30549] [ 2164.379874][T30549] dump_stack_lvl+0x16c/0x1f0 [ 2164.379905][T30549] should_fail_ex+0x512/0x640 [ 2164.379925][T30549] should_failslab+0xc2/0x120 [ 2164.379946][T30549] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2164.379965][T30549] ? skb_clone+0x190/0x3f0 [ 2164.379994][T30549] skb_clone+0x190/0x3f0 [ 2164.380019][T30549] netlink_deliver_tap+0xabd/0xd30 [ 2164.380051][T30549] netlink_unicast+0x64c/0x870 [ 2164.380081][T30549] ? __pfx_netlink_unicast+0x10/0x10 [ 2164.380105][T30549] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2164.380139][T30549] netlink_sendmsg+0x8d1/0xdd0 [ 2164.380166][T30549] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2164.380200][T30549] ____sys_sendmsg+0xa95/0xc70 [ 2164.380220][T30549] ? copy_msghdr_from_user+0x10a/0x160 [ 2164.380242][T30549] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2164.380272][T30549] ___sys_sendmsg+0x134/0x1d0 [ 2164.380298][T30549] ? __pfx____sys_sendmsg+0x10/0x10 [ 2164.380346][T30549] ? __mutex_unlock_slowpath+0x100/0x800 [ 2164.380379][T30549] __sys_sendmsg+0x16d/0x220 [ 2164.380405][T30549] ? __pfx___sys_sendmsg+0x10/0x10 [ 2164.380446][T30549] do_syscall_64+0xcd/0x4c0 [ 2164.380474][T30549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2164.380491][T30549] RIP: 0033:0x7f71d5b8ebe9 [ 2164.380506][T30549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2164.380523][T30549] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2164.380540][T30549] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2164.380551][T30549] RDX: 0000000000000000 RSI: 0000200000003700 RDI: 0000000000000003 [ 2164.380561][T30549] RBP: 00007f71d69e2090 R08: 0000000000000000 R09: 0000000000000000 [ 2164.380571][T30549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2164.380580][T30549] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2164.380605][T30549] [ 2164.409025][T30551] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2165.177406][ T30] kauditd_printk_skb: 53 callbacks suppressed [ 2165.177452][ T30] audit: type=1400 audit(1754508979.013:1189): avc: denied { map } for pid=30556 comm="syz.8.6385" path="socket:[123527]" dev="sockfs" ino=123527 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 2167.825782][T30592] usb usb8: usbfs: process 30592 (syz.6.6391) did not claim interface 0 before use [ 2167.953782][T30594] netlink: 'syz.7.6395': attribute type 21 has an invalid length. [ 2168.028103][T30594] netlink: 156 bytes leftover after parsing attributes in process `syz.7.6395'. [ 2168.265618][T30598] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2168.295219][T30601] netlink: 'syz.7.6397': attribute type 1 has an invalid length. [ 2168.413666][T30600] netlink: 'syz.7.6397': attribute type 1 has an invalid length. [ 2168.438032][T30601] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 2168.439298][T30600] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 2168.680957][T30607] netlink: 241 bytes leftover after parsing attributes in process `syz.1.6398'. [ 2169.934369][T30624] FAULT_INJECTION: forcing a failure. [ 2169.934369][T30624] name failslab, interval 1, probability 0, space 0, times 0 [ 2169.956463][T30624] CPU: 1 UID: 0 PID: 30624 Comm: syz.2.6402 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2169.956487][T30624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2169.956494][T30624] Call Trace: [ 2169.956498][T30624] [ 2169.956503][T30624] dump_stack_lvl+0x16c/0x1f0 [ 2169.956523][T30624] should_fail_ex+0x512/0x640 [ 2169.956536][T30624] should_failslab+0xc2/0x120 [ 2169.956551][T30624] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2169.956563][T30624] ? skb_clone+0x190/0x3f0 [ 2169.956582][T30624] skb_clone+0x190/0x3f0 [ 2169.956598][T30624] netlink_deliver_tap+0xabd/0xd30 [ 2169.956617][T30624] netlink_unicast+0x64c/0x870 [ 2169.956636][T30624] ? __pfx_netlink_unicast+0x10/0x10 [ 2169.956652][T30624] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2169.956673][T30624] netlink_sendmsg+0x8d1/0xdd0 [ 2169.956692][T30624] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2169.956714][T30624] ____sys_sendmsg+0xa95/0xc70 [ 2169.956726][T30624] ? copy_msghdr_from_user+0x10a/0x160 [ 2169.956742][T30624] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2169.956760][T30624] ___sys_sendmsg+0x134/0x1d0 [ 2169.956781][T30624] ? __pfx____sys_sendmsg+0x10/0x10 [ 2169.956812][T30624] ? __mutex_unlock_slowpath+0x100/0x800 [ 2169.956833][T30624] __sys_sendmsg+0x16d/0x220 [ 2169.956849][T30624] ? __pfx___sys_sendmsg+0x10/0x10 [ 2169.956874][T30624] do_syscall_64+0xcd/0x4c0 [ 2169.956892][T30624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2169.956903][T30624] RIP: 0033:0x7f71d5b8ebe9 [ 2169.956913][T30624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2169.956923][T30624] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2169.956934][T30624] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2169.956941][T30624] RDX: 0000000000000090 RSI: 00002000000003c0 RDI: 0000000000000003 [ 2169.956947][T30624] RBP: 00007f71d69e2090 R08: 0000000000000000 R09: 0000000000000000 [ 2169.956954][T30624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2169.956960][T30624] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2169.956973][T30624] [ 2170.232090][T30625] veth0_macvtap: left promiscuous mode [ 2170.241259][T30625] netlink: 10 bytes leftover after parsing attributes in process `syz.8.6403'. [ 2170.965570][T30640] mac80211_hwsim hwsim38 »»»»»»: renamed from wlan0 (while UP) [ 2170.982805][ T30] audit: type=1400 audit(1754508985.102:1190): avc: denied { write } for pid=30631 comm="syz.6.6409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 2172.263442][T30651] openvswitch: : Dropping previously announced user features [ 2172.366440][T30652] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6411'. [ 2175.026994][T30687] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2175.113212][T30689] netlink: 136 bytes leftover after parsing attributes in process `syz.2.6421'. [ 2175.647768][T30700] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6425'. [ 2175.821059][T30701] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 2175.828907][T30701] IPv6: NLM_F_CREATE should be set when creating new route [ 2175.836215][T30701] IPv6: NLM_F_CREATE should be set when creating new route [ 2175.843436][T30701] IPv6: NLM_F_CREATE should be set when creating new route [ 2176.074003][T30705] FAULT_INJECTION: forcing a failure. [ 2176.074003][T30705] name failslab, interval 1, probability 0, space 0, times 0 [ 2176.115571][T30705] CPU: 1 UID: 0 PID: 30705 Comm: syz.2.6428 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2176.115598][T30705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2176.115609][T30705] Call Trace: [ 2176.115615][T30705] [ 2176.115622][T30705] dump_stack_lvl+0x16c/0x1f0 [ 2176.115653][T30705] should_fail_ex+0x512/0x640 [ 2176.115674][T30705] should_failslab+0xc2/0x120 [ 2176.115695][T30705] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2176.115719][T30705] ? skb_clone+0x190/0x3f0 [ 2176.115749][T30705] skb_clone+0x190/0x3f0 [ 2176.115775][T30705] netlink_deliver_tap+0xabd/0xd30 [ 2176.115807][T30705] netlink_unicast+0x64c/0x870 [ 2176.115837][T30705] ? __pfx_netlink_unicast+0x10/0x10 [ 2176.115864][T30705] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 2176.115897][T30705] netlink_sendmsg+0x8d1/0xdd0 [ 2176.115927][T30705] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2176.115961][T30705] ____sys_sendmsg+0xa95/0xc70 [ 2176.115978][T30705] ? copy_msghdr_from_user+0x10a/0x160 [ 2176.116001][T30705] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2176.116025][T30705] ___sys_sendmsg+0x134/0x1d0 [ 2176.116046][T30705] ? __pfx____sys_sendmsg+0x10/0x10 [ 2176.116083][T30705] ? __mutex_unlock_slowpath+0x100/0x800 [ 2176.116110][T30705] __sys_sendmsg+0x16d/0x220 [ 2176.116129][T30705] ? __pfx___sys_sendmsg+0x10/0x10 [ 2176.116162][T30705] do_syscall_64+0xcd/0x4c0 [ 2176.116184][T30705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2176.116198][T30705] RIP: 0033:0x7f71d5b8ebe9 [ 2176.116210][T30705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2176.116223][T30705] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2176.116236][T30705] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2176.116245][T30705] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003 [ 2176.116254][T30705] RBP: 00007f71d69e2090 R08: 0000000000000000 R09: 0000000000000000 [ 2176.116262][T30705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2176.116270][T30705] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2176.116289][T30705] [ 2176.497224][T30711] delete_channel: no stack [ 2177.632887][T19078] Bluetooth: hci4: command tx timeout [ 2179.344628][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2179.373370][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2179.433968][T30741] kvm: requested 2514 ns i8254 timer period limited to 200000 ns [ 2179.640248][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2179.648178][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2179.879242][T30757] delete_channel: no stack [ 2180.156827][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2180.162915][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2180.480224][T30747] ceph: No mds server is up or the cluster is laggy [ 2181.079211][T19097] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 2181.089091][T19097] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 2181.098229][T19097] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 2181.107832][T19097] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 2181.115168][T19097] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 2181.211237][T30774] usb usb8: usbfs: process 30774 (syz.7.6444) did not claim interface 0 before use [ 2181.225567][T30775] FAULT_INJECTION: forcing a failure. [ 2181.225567][T30775] name failslab, interval 1, probability 0, space 0, times 0 [ 2181.242504][T30770] lo speed is unknown, defaulting to 1000 [ 2181.288680][T30775] CPU: 1 UID: 0 PID: 30775 Comm: syz.2.6446 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2181.288710][T30775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2181.288721][T30775] Call Trace: [ 2181.288727][T30775] [ 2181.288734][T30775] dump_stack_lvl+0x16c/0x1f0 [ 2181.288766][T30775] should_fail_ex+0x512/0x640 [ 2181.288782][T30775] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 2181.288804][T30775] should_failslab+0xc2/0x120 [ 2181.288824][T30775] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 2181.288841][T30775] ? sk_prot_alloc+0x60/0x2a0 [ 2181.288862][T30775] sk_prot_alloc+0x60/0x2a0 [ 2181.288880][T30775] sk_alloc+0x36/0xc20 [ 2181.288904][T30775] inet_create+0x3a1/0x1040 [ 2181.288925][T30775] ? inet_create+0x93/0x1040 [ 2181.288948][T30775] __sock_create+0x338/0x8d0 [ 2181.288972][T30775] mptcp_subflow_create_socket+0xf5/0xed0 [ 2181.288996][T30775] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 2181.289022][T30775] __mptcp_nmpc_sk+0x182/0x7d0 [ 2181.289043][T30775] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 2181.289066][T30775] ? __local_bh_enable_ip+0xa4/0x120 [ 2181.289093][T30775] mptcp_sendmsg+0x163d/0x1eb0 [ 2181.289118][T30775] ? sock_has_perm+0x259/0x2f0 [ 2181.289136][T30775] ? __pfx_sock_has_perm+0x10/0x10 [ 2181.289155][T30775] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 2181.289179][T30775] ? __might_fault+0xe3/0x190 [ 2181.289196][T30775] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 2181.289223][T30775] ? __import_iovec+0x1dd/0x650 [ 2181.289246][T30775] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 2181.289271][T30775] inet_sendmsg+0x119/0x140 [ 2181.289293][T30775] ____sys_sendmsg+0x973/0xc70 [ 2181.289313][T30775] ? copy_msghdr_from_user+0x10a/0x160 [ 2181.289337][T30775] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2181.289368][T30775] ___sys_sendmsg+0x134/0x1d0 [ 2181.289395][T30775] ? __pfx____sys_sendmsg+0x10/0x10 [ 2181.289443][T30775] ? __mutex_unlock_slowpath+0x100/0x800 [ 2181.289479][T30775] __sys_sendmsg+0x16d/0x220 [ 2181.289505][T30775] ? __pfx___sys_sendmsg+0x10/0x10 [ 2181.289547][T30775] do_syscall_64+0xcd/0x4c0 [ 2181.289576][T30775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2181.289593][T30775] RIP: 0033:0x7f71d5b8ebe9 [ 2181.289608][T30775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2181.289631][T30775] RSP: 002b:00007f71d69e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2181.289649][T30775] RAX: ffffffffffffffda RBX: 00007f71d5db5fa0 RCX: 00007f71d5b8ebe9 [ 2181.289660][T30775] RDX: 0000000030004001 RSI: 0000200000000080 RDI: 0000000000000004 [ 2181.289671][T30775] RBP: 00007f71d69e2090 R08: 0000000000000000 R09: 0000000000000000 [ 2181.289681][T30775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2181.289691][T30775] R13: 00007f71d5db6038 R14: 00007f71d5db5fa0 R15: 00007ffc0be4fbc8 [ 2181.289716][T30775] [ 2181.920198][ T30] audit: type=1326 audit(1754508996.598:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2182.284074][ T30] audit: type=1326 audit(1754508996.598:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2182.336538][ T30] audit: type=1326 audit(1754508996.598:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2182.365453][ T30] audit: type=1326 audit(1754508996.598:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.004238][ T30] audit: type=1326 audit(1754508996.598:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.027877][ T30] audit: type=1326 audit(1754508996.598:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.088725][T19097] Bluetooth: hci5: command tx timeout [ 2183.116722][ T30] audit: type=1326 audit(1754508996.598:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.143218][ T30] audit: type=1326 audit(1754508996.598:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.290022][ T30] audit: type=1326 audit(1754508996.598:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54878ebe9 code=0x7ffc0000 [ 2183.384177][ T30] audit: type=1326 audit(1754508996.598:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30776 comm="syz.1.6447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa54878d550 code=0x7ffc0000 [ 2183.387103][T13936] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2183.767879][T30795] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6453'. [ 2184.046510][T13936] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2184.169279][T13936] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2184.891029][T13936] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2184.938402][T30770] chnl_net:caif_netlink_parms(): no params data found [ 2185.079015][T19097] Bluetooth: hci5: command tx timeout [ 2185.482011][T30821] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6456'. [ 2185.631928][T30818] openvswitch: : Dropping previously announced user features [ 2185.684239][T30770] bridge0: port 1(bridge_slave_0) entered blocking state [ 2185.706001][T30770] bridge0: port 1(bridge_slave_0) entered disabled state [ 2185.720635][T30770] bridge_slave_0: entered allmulticast mode [ 2185.734671][T30770] bridge_slave_0: entered promiscuous mode [ 2185.829455][T30770] bridge0: port 2(bridge_slave_1) entered blocking state [ 2185.852549][T30770] bridge0: port 2(bridge_slave_1) entered disabled state [ 2185.885686][T30770] bridge_slave_1: entered allmulticast mode [ 2185.916285][T30770] bridge_slave_1: entered promiscuous mode [ 2186.065720][T30770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2186.119878][T30770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2186.256042][T30830] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2186.337575][T30770] team0: Port device team_slave_0 added [ 2186.358921][T30770] team0: Port device team_slave_1 added [ 2186.365121][T13936] bridge_slave_1: left allmulticast mode [ 2186.373892][T13936] bridge_slave_1: left promiscuous mode [ 2186.379785][T13936] bridge0: port 2(bridge_slave_1) entered disabled state [ 2186.394457][T13936] bridge_slave_0: left allmulticast mode [ 2186.399270][T30831] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 2186.412051][T13936] bridge_slave_0: left promiscuous mode [ 2186.418600][T13936] bridge0: port 1(bridge_slave_0) entered disabled state [ 2186.427264][T30831] F2FS-fs (loop13): Can't find valid F2FS filesystem in 1th superblock [ 2186.476820][T30831] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 2186.487055][T30831] F2FS-fs (loop13): Can't find valid F2FS filesystem in 2th superblock [ 2187.053312][T19097] Bluetooth: hci5: command tx timeout [ 2188.054115][T12841] IPVS: starting estimator thread 0... [ 2188.165350][T30838] IPVS: using max 41 ests per chain, 98400 per kthread [ 2188.291812][T13936] batman_adv: batadv0: Removing interface: gretap1 [ 2188.358493][T13936] dvmrp1 (unregistering): left allmulticast mode [ 2188.729227][T13936] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 2188.900431][T13936] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2188.914434][T13936] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2188.939956][T13936] bond0 (unregistering): Released all slaves [ 2188.971212][T13936] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 2188.982845][T13936] bond1 (unregistering): Released all slaves [ 2189.014418][T30846] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6463'. [ 2189.033760][T19097] Bluetooth: hci5: command tx timeout [ 2189.091054][T30770] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2189.102653][T30770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2189.162961][T30770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2189.175767][T30851] program syz.6.6465 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2189.976940][T13936] : left promiscuous mode [ 2190.023071][T30770] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2190.030172][T30770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2190.062974][T30770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2190.112553][T13936] tipc: Left network mode [ 2190.214730][T13936] IPVS: stopping master sync thread 21070 ... [ 2190.399891][T30770] hsr_slave_0: entered promiscuous mode [ 2190.415012][T30770] hsr_slave_1: entered promiscuous mode [ 2190.438010][T30770] debugfs: 'hsr0' already exists in 'hsr' [ 2190.444284][T30770] Cannot create hsr debugfs directory [ 2190.717207][T30861] delete_channel: no stack [ 2191.026122][T30865] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6470'. [ 2191.131227][T30866] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6469'. [ 2191.360872][T30872] syz.2.6470: attempt to access beyond end of device [ 2191.360872][T30872] nbd2: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 2191.379685][T30872] gfs2: error -5 reading superblock [ 2191.452352][T30870] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6470'. [ 2192.682857][T13936] hsr_slave_0: left promiscuous mode [ 2192.692518][T13936] hsr_slave_1: left promiscuous mode [ 2192.700332][T13936] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2192.713821][T13936] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2192.771218][T13936] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2192.795136][T13936] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2192.834057][T13936] veth1_macvtap: left promiscuous mode [ 2192.848171][T13936] veth1_vlan: left promiscuous mode [ 2192.853665][T13936] veth0_vlan: left promiscuous mode [ 2193.201947][T30890] program syz.6.6476 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2194.108689][T30891] netlink: 34 bytes leftover after parsing attributes in process `syz.1.6473'. [ 2196.143098][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2196.149911][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2196.157394][T30902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2196.347695][T13936] team0 (unregistering): Port device team_slave_1 removed [ 2196.415177][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2196.431005][T13936] team0 (unregistering): Port device team_slave_0 removed [ 2196.432754][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2196.457347][T30914] program syz.1.6481 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2196.667994][T30908] ceph: No mds server is up or the cluster is laggy [ 2197.662973][T30921] netlink: 136 bytes leftover after parsing attributes in process `syz.6.6484'. [ 2197.766044][T30925] program syz.7.6487 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2198.973117][T30770] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 2199.100328][T30770] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 2199.135702][T30770] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 2199.155850][T30770] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 2199.968973][T30955] netlink: 1004 bytes leftover after parsing attributes in process `syz.6.6492'. [ 2200.059230][T30953] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2200.725938][T30966] usb usb8: usbfs: process 30966 (syz.2.6491) did not claim interface 0 before use [ 2201.141087][T30972] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2201.544411][T30770] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2201.670298][T30770] 8021q: adding VLAN 0 to HW filter on device team0 [ 2202.306339][ T4926] bridge0: port 1(bridge_slave_0) entered blocking state [ 2202.313499][ T4926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2202.482341][ T4926] bridge0: port 2(bridge_slave_1) entered blocking state [ 2202.489496][ T4926] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2202.850041][T30989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6498'. [ 2202.992983][T30989] bridge_slave_1: left allmulticast mode [ 2203.047134][T30989] bridge_slave_1: left promiscuous mode [ 2203.070491][T30989] bridge0: port 2(bridge_slave_1) entered disabled state [ 2203.142566][T30989] bridge_slave_0: left allmulticast mode [ 2203.149169][T30989] bridge_slave_0: left promiscuous mode [ 2203.174772][T30991] program syz.1.6499 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2204.000515][T30989] bridge0: port 1(bridge_slave_0) entered disabled state [ 2204.190182][T30995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6500'. [ 2205.215039][T31004] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6502'. [ 2205.330255][T30770] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2206.619055][T31032] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2206.781475][T31036] delete_channel: no stack [ 2207.072196][T31039] netlink: 1004 bytes leftover after parsing attributes in process `syz.7.6510'. [ 2207.076835][T30770] veth0_vlan: entered promiscuous mode [ 2207.125803][T30770] veth1_vlan: entered promiscuous mode [ 2207.256568][T30770] veth0_macvtap: entered promiscuous mode [ 2207.266728][T30770] veth1_macvtap: entered promiscuous mode [ 2208.594216][T31042] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2208.631078][T11461] libceph: connect (1)[c::]:6789 error -101 [ 2208.641087][T30770] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2208.658582][T11461] libceph: mon0 (1)[c::]:6789 connect error [ 2208.673458][T30770] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2208.694931][T13936] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.713797][T13936] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.734011][T13936] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.766402][T13936] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2208.838350][T10618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.847181][T10618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2208.874789][T30943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2208.883192][T30943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2209.169621][T31048] ceph: No mds server is up or the cluster is laggy [ 2209.170296][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2209.189130][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2209.827458][T31068] : entered promiscuous mode [ 2210.360570][T31066] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6515'. [ 2211.450422][T31084] netlink: 'syz.7.6520': attribute type 1 has an invalid length. [ 2212.110394][T31094] delete_channel: no stack [ 2212.250096][T31084] 8021q: adding VLAN 0 to HW filter on device bond2 [ 2212.400568][T31095] bond2: (slave veth3): Enslaving as an active interface with a down link [ 2212.533049][T31097] bond2: (slave dummy0): making interface the new active one [ 2212.551829][T31097] dummy0: entered promiscuous mode [ 2212.560513][ T5931] usb 9-1: new high-speed USB device number 70 using dummy_hcd [ 2212.571414][T31097] bond2: (slave dummy0): Enslaving as an active interface with an up link [ 2213.628192][T31120] openvswitch: : Dropping previously announced user features [ 2213.649633][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2213.664341][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2213.670863][T31120] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6527'. [ 2213.701273][T31126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2213.930822][ T1206] libceph: connect (1)[c::]:6789 error -101 [ 2213.931555][T31115] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2213.949084][ T1206] libceph: mon0 (1)[c::]:6789 connect error [ 2214.244383][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2214.261522][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2214.424538][T31116] ceph: No mds server is up or the cluster is laggy [ 2214.443655][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2214.466963][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2214.523331][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2214.571332][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2215.100523][T27796] libceph: connect (1)[c::]:6789 error -101 [ 2215.265453][T31133] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2215.278606][T27796] libceph: mon0 (1)[c::]:6789 connect error [ 2216.132799][T31136] ceph: No mds server is up or the cluster is laggy [ 2216.313799][T12841] libceph: connect (1)[c::]:6789 error -101 [ 2216.319953][T12841] libceph: mon0 (1)[c::]:6789 connect error [ 2218.397454][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2218.754635][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2219.144423][T31175] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2219.197396][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2219.204184][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2219.409332][ T5848] usb 3-1: new high-speed USB device number 62 using dummy_hcd [ 2219.631491][T31180] ceph: No mds server is up or the cluster is laggy [ 2219.821187][ T5848] usb 3-1: Using ep0 maxpacket: 32 [ 2219.838705][ T5848] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 2219.850885][ T5848] usb 3-1: config 0 has no interface number 0 [ 2219.875803][ T5848] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 2219.922288][ T5848] usb 3-1: config 0 interface 85 has no altsetting 0 [ 2219.938692][ T5848] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 2219.951135][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2219.967716][ T5848] usb 3-1: Product: syz [ 2219.999902][ T5848] usb 3-1: Manufacturer: syz [ 2220.004775][ T5848] usb 3-1: SerialNumber: syz [ 2220.010864][ T5848] usb 3-1: config 0 descriptor?? [ 2220.366281][T31209] affs: No valid root block on device nullb0 [ 2220.789418][T31211] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 2220.968522][ T5848] appletouch 3-1:0.85: Geyser mode initialized. [ 2220.997554][ T5848] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input100 [ 2221.403204][ T30] kauditd_printk_skb: 40 callbacks suppressed [ 2221.403220][ T30] audit: type=1400 audit(1754509038.044:1241): avc: denied { getopt } for pid=31204 comm="syz.7.6552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 2221.452808][ T30] audit: type=1400 audit(1754509038.075:1242): avc: denied { accept } for pid=31204 comm="syz.7.6552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 2222.311253][ T5931] usb 3-1: USB disconnect, device number 62 [ 2222.355540][ T1206] usb 9-1: new high-speed USB device number 71 using dummy_hcd [ 2222.370097][ T5931] appletouch 3-1:0.85: input: appletouch disconnected [ 2222.610103][ T1206] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 2222.618734][ T1206] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2222.628922][ T1206] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 2222.637954][ T1206] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2222.656096][ T1206] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 2222.666940][ T1206] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 2222.683144][ T1206] usb 9-1: Product: syz [ 2222.687498][ T1206] usb 9-1: Manufacturer: syz [ 2222.718249][ T1206] cdc_wdm 9-1:1.0: skipping garbage [ 2222.723526][ T1206] cdc_wdm 9-1:1.0: skipping garbage [ 2222.731323][ T1206] cdc_wdm 9-1:1.0: probe with driver cdc_wdm failed with error -22 [ 2223.201411][T27796] usb 9-1: USB disconnect, device number 71 [ 2223.833104][T31240] input: syz0 as /devices/virtual/input/input102 [ 2224.675911][T31254] affs: No valid root block on device nullb0 [ 2225.065720][T31257] affs: No valid root block on device nullb0 [ 2225.462035][T31263] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6566'. [ 2225.608116][T31265] input: syz1 as /devices/virtual/input/input103 [ 2225.810902][T31272] netlink: 'syz.8.6570': attribute type 23 has an invalid length. [ 2226.023183][T31262] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6568'. [ 2226.272282][T31284] lo speed is unknown, defaulting to 1000 [ 2227.273544][T31298] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 2227.891160][T31304] affs: No valid root block on device nullb0 [ 2228.344623][ T4926] dummy0: left promiscuous mode [ 2229.240904][T31318] netlink: 148 bytes leftover after parsing attributes in process `syz.7.6581'. [ 2230.148537][T31337] : entered promiscuous mode [ 2230.278194][T31338] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6585'. [ 2231.020450][T31348] lo speed is unknown, defaulting to 1000 [ 2231.983561][T31356] delete_channel: no stack [ 2232.243617][ T1206] usb 9-1: new high-speed USB device number 72 using dummy_hcd [ 2232.431475][ T1206] usb 9-1: Using ep0 maxpacket: 32 [ 2232.574398][ T1206] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 2232.587590][ T1206] usb 9-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 2232.597530][ T1206] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2232.606921][ T1206] usb 9-1: Product: syz [ 2232.611182][ T1206] usb 9-1: Manufacturer: syz [ 2232.620749][ T1206] usb 9-1: SerialNumber: syz [ 2232.659120][T31365] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2232.673093][ T1206] usb 9-1: config 0 descriptor?? [ 2232.694293][ T1206] cdc_ether 9-1:0.0: skipping garbage [ 2232.713255][ T1206] usb 9-1: bad CDC descriptors [ 2232.724196][ T1206] usb 9-1: unsupported MDLM descriptors [ 2232.745061][T31368] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6593'. [ 2232.947143][T31371] blktrace: Concurrent blktraces are not allowed on sg0 [ 2232.984759][T12841] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 2233.204214][T27796] usb 9-1: USB disconnect, device number 72 [ 2233.297844][T12841] usb 3-1: device descriptor read/64, error -71 [ 2233.582937][T12841] usb 3-1: new high-speed USB device number 64 using dummy_hcd [ 2234.183459][T31382] program syz.7.6597 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 2236.679388][T31407] openvswitch: : Dropping previously announced user features [ 2236.779103][T31408] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6603'. [ 2237.145505][T31413] FAULT_INJECTION: forcing a failure. [ 2237.145505][T31413] name failslab, interval 1, probability 0, space 0, times 0 [ 2237.158470][T31413] CPU: 0 UID: 0 PID: 31413 Comm: syz.8.6606 Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2237.158486][T31413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2237.158493][T31413] Call Trace: [ 2237.158497][T31413] [ 2237.158501][T31413] dump_stack_lvl+0x16c/0x1f0 [ 2237.158523][T31413] should_fail_ex+0x512/0x640 [ 2237.158536][T31413] should_failslab+0xc2/0x120 [ 2237.158550][T31413] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 2237.158562][T31413] ? __alloc_skb+0x2b2/0x380 [ 2237.158577][T31413] ? __lock_acquire+0x62e/0x1ce0 [ 2237.158595][T31413] __alloc_skb+0x2b2/0x380 [ 2237.158609][T31413] ? __pfx___alloc_skb+0x10/0x10 [ 2237.158626][T31413] ? lock_acquire+0x179/0x350 [ 2237.158644][T31413] tipc_buf_acquire+0x26/0xe0 [ 2237.158657][T31413] tipc_msg_reverse+0x1e9/0x920 [ 2237.158672][T31413] tipc_sk_filter_rcv+0x5b5/0x3020 [ 2237.158690][T31413] ? __pfx_tipc_sk_filter_rcv+0x10/0x10 [ 2237.158713][T31413] tipc_sk_rcv+0xfed/0x1bd0 [ 2237.158727][T31413] ? find_held_lock+0x2b/0x80 [ 2237.158742][T31413] ? __pfx_tipc_sk_rcv+0x10/0x10 [ 2237.158761][T31413] ? find_held_lock+0x2b/0x80 [ 2237.158774][T31413] ? lockdep_init_map_type+0x5c/0x280 [ 2237.158786][T31413] tipc_node_xmit+0x232/0xfc0 [ 2237.158802][T31413] ? __pfx_tipc_node_xmit+0x10/0x10 [ 2237.158819][T31413] ? skb_clone+0x1e8/0x3f0 [ 2237.158837][T31413] ? __tipc_sendmsg+0xb3f/0x19a0 [ 2237.158848][T31413] __tipc_sendmsg+0xb3f/0x19a0 [ 2237.158863][T31413] ? __pfx___tipc_sendmsg+0x10/0x10 [ 2237.158878][T31413] ? find_held_lock+0x2b/0x80 [ 2237.158890][T31413] ? __pfx_woken_wake_function+0x10/0x10 [ 2237.158908][T31413] ? register_lock_class+0x41/0x4c0 [ 2237.158918][T31413] ? register_lock_class+0x41/0x4c0 [ 2237.158930][T31413] __tipc_sendstream+0xe06/0x1170 [ 2237.158947][T31413] ? __pfx___tipc_sendstream+0x10/0x10 [ 2237.158963][T31413] ? do_raw_spin_lock+0x12c/0x2b0 [ 2237.158975][T31413] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2237.158990][T31413] ? __local_bh_enable_ip+0xa4/0x120 [ 2237.159005][T31413] tipc_send_packet+0x6c/0xa0 [ 2237.159018][T31413] ____sys_sendmsg+0xa95/0xc70 [ 2237.159030][T31413] ? copy_msghdr_from_user+0x10a/0x160 [ 2237.159045][T31413] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2237.159062][T31413] ___sys_sendmsg+0x134/0x1d0 [ 2237.159078][T31413] ? __pfx____sys_sendmsg+0x10/0x10 [ 2237.159104][T31413] ? __mutex_unlock_slowpath+0x100/0x800 [ 2237.159124][T31413] __sys_sendmsg+0x16d/0x220 [ 2237.159140][T31413] ? __pfx___sys_sendmsg+0x10/0x10 [ 2237.159164][T31413] do_syscall_64+0xcd/0x4c0 [ 2237.159181][T31413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2237.159192][T31413] RIP: 0033:0x7faa6b18ebe9 [ 2237.159201][T31413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2237.159212][T31413] RSP: 002b:00007faa6bfa7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2237.159223][T31413] RAX: ffffffffffffffda RBX: 00007faa6b3b5fa0 RCX: 00007faa6b18ebe9 [ 2237.159230][T31413] RDX: 0000000000020001 RSI: 0000200000000240 RDI: 0000000000000004 [ 2237.159236][T31413] RBP: 00007faa6bfa7090 R08: 0000000000000000 R09: 0000000000000000 [ 2237.159242][T31413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2237.159248][T31413] R13: 00007faa6b3b6038 R14: 00007faa6b3b5fa0 R15: 00007fff9c36ad08 [ 2237.159261][T31413] [ 2239.175735][ T5931] usb 9-1: new high-speed USB device number 73 using dummy_hcd [ 2239.565534][ T5931] usb 9-1: Using ep0 maxpacket: 16 [ 2239.584425][ T5931] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2239.675844][T31442] hub 8-0:1.0: USB hub found [ 2239.681610][T31442] hub 8-0:1.0: 1 port detected [ 2240.404170][T18558] libceph: connect (1)[c::]:6789 error -101 [ 2240.743705][ T5931] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2240.755559][T18558] libceph: mon0 (1)[c::]:6789 connect error [ 2240.756045][T31432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2240.764668][ T5931] usb 9-1: config 0 interface 0 has no altsetting 0 [ 2240.786775][ T5931] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 2240.827550][ T5931] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2240.967267][T31450] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6615'. [ 2241.007925][ T1206] libceph: connect (1)[c::]:6789 error -101 [ 2241.050189][ T1206] libceph: mon0 (1)[c::]:6789 connect error [ 2241.115391][ T5931] usb 9-1: config 0 descriptor?? [ 2241.236443][T31452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6616'. [ 2241.278190][T31443] ceph: No mds server is up or the cluster is laggy [ 2241.588687][T31426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2241.597232][T31426] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2241.830278][T31459] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6618'. [ 2242.052523][ T5931] hid (null): invalid report_count 18947 [ 2242.080768][ T5931] hid (null): report_id 0 is invalid [ 2242.728603][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2242.758597][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2242.875517][T31463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2243.041040][ T5931] libceph: connect (1)[c::]:6789 error -101 [ 2243.054716][T31479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 2243.066875][ T5931] libceph: mon0 (1)[c::]:6789 connect error [ 2243.110671][T17892] usb 9-1: USB disconnect, device number 73 [ 2243.362580][T31472] ceph: No mds server is up or the cluster is laggy [ 2244.544432][T31498] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6630'. [ 2244.944939][T17892] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 2245.189138][T17892] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2245.209186][T17892] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 2245.226205][T17892] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 2245.236360][T17892] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 2245.246539][T17892] usb 8-1: SerialNumber: syz [ 2245.252459][ T5931] usb 9-1: new high-speed USB device number 74 using dummy_hcd [ 2245.618225][T17892] usb 8-1: 0:2 : does not exist [ 2245.708644][T17892] usb 8-1: USB disconnect, device number 2 [ 2245.862265][ T5931] usb 9-1: device descriptor read/64, error -71 [ 2246.553641][ T5931] usb 9-1: new high-speed USB device number 75 using dummy_hcd [ 2246.771177][ T5931] usb 9-1: device descriptor read/64, error -71 [ 2246.854707][ C0] ------------[ cut here ]------------ [ 2246.860523][ C0] WARNING: CPU: 0 PID: 27943 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x684/0x830 [ 2246.870151][ C0] Modules linked in: [ 2246.874455][ C0] CPU: 0 UID: 0 PID: 27943 Comm: syz-executor Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2246.886410][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2246.896499][ C0] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 2246.901598][ T5931] usb usb9-port1: attempt power cycle [ 2246.902365][ C0] Code: 0f 0b 90 e9 12 fe ff ff e8 79 af a9 f7 90 0f 0b 90 e9 5e fe ff ff e8 6b af a9 f7 90 0f 0b 90 e9 94 fe ff ff e8 5d af a9 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 df 04 10 f8 e9 d7 fc ff ff 4c 89 ff e8 [ 2246.927332][ C0] RSP: 0018:ffffc90000007d90 EFLAGS: 00010246 [ 2246.933489][ C0] RAX: 0000000000000000 RBX: ffff888021b98000 RCX: ffffffff8a11e297 [ 2246.938761][T31528] delete_channel: no stack [ 2246.941517][ C0] RDX: ffff888036504880 RSI: ffffffff8a11e3c3 RDI: 0000000000000005 [ 2246.954916][ C0] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 2246.954946][ C0] R10: 0000000000000fff R11: 0000000000000000 R12: ffff888021b98000 [ 2246.970998][ C0] R13: ffff888021b98090 R14: ffffc90000007e90 R15: 0000000000000001 [ 2246.979046][ C0] FS: 00005555576c3500(0000) GS:ffff8881246c6000(0000) knlGS:0000000000000000 [ 2246.988081][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2246.994720][ C0] CR2: 00007f82352e56c0 CR3: 0000000066ed0000 CR4: 00000000003526f0 [ 2247.002816][ C0] Call Trace: [ 2247.006183][ C0] [ 2247.009071][ C0] ? inet6_cleanup_sock+0x117/0x210 [ 2247.014340][ C0] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 2247.020075][ C0] __sk_destruct+0x81/0x9a0 [ 2247.024653][ C0] ? rcu_core+0x797/0x1530 [ 2247.029113][ C0] rcu_core+0x79c/0x1530 [ 2247.033448][ C0] ? __pfx_rcu_core+0x10/0x10 [ 2247.038209][ C0] ? mark_held_locks+0x49/0x80 [ 2247.043001][ C0] handle_softirqs+0x216/0x8e0 [ 2247.047873][ C0] ? rcu_is_watching+0x12/0xc0 [ 2247.052665][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 2247.058029][ C0] __irq_exit_rcu+0x109/0x170 [ 2247.062787][ C0] irq_exit_rcu+0x9/0x30 [ 2247.067048][ C0] sysvec_call_function_single+0xa4/0xc0 [ 2247.072729][ C0] [ 2247.075676][ C0] [ 2247.078630][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 2247.084692][ C0] RIP: 0010:lock_is_held_type+0x107/0x150 [ 2247.090394][ C0] Code: 00 00 b8 ff ff ff ff 65 0f c1 05 dc 60 43 08 83 f8 01 75 2d 9c 58 f6 c4 02 75 43 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 c7 03 03 00 45 31 ed eb [ 2247.109986][ C0] vkms_vblank_simulate: vblank timer overrun [ 2247.115947][ C0] RSP: 0018:ffffc9000fcff530 EFLAGS: 00000296 [ 2247.122001][ C0] RAX: 0000000000000046 RBX: ffff8880365053e8 RCX: 0000000000000001 [ 2247.129962][ C0] RDX: 0000000000000000 RSI: ffffffff8de28340 RDI: ffffffff8c161100 [ 2247.137904][ C0] RBP: ffffffff8e5c1160 R08: 0000000000000006 R09: 0000000000001000 [ 2247.145867][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888036504880 [ 2247.153824][ C0] R13: 0000000000000001 R14: 00000000ffffffff R15: 0000000000000003 [ 2247.161794][ C0] lookup_page_ext+0x10d/0x1d0 [ 2247.166533][ C0] page_table_check_set+0x1e6/0x750 [ 2247.171718][ C0] __page_table_check_ptes_set+0x318/0x420 [ 2247.177534][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 2247.183854][ C0] ? __pfx_vm_normal_page+0x10/0x10 [ 2247.189073][ C0] ? ___pte_offset_map+0x2ad/0x4f0 [ 2247.194168][ C0] copy_page_range+0x2394/0x5c80 [ 2247.199114][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 2247.204395][ C0] ? __pfx___might_resched+0x10/0x10 [ 2247.209667][ C0] ? __pfx_mas_store+0x10/0x10 [ 2247.214423][ C0] ? __vma_enter_locked+0x163/0x3f0 [ 2247.219620][ C0] ? dup_mmap+0xe38/0x21d0 [ 2247.224011][ C0] ? down_write+0x14d/0x200 [ 2247.228499][ C0] ? up_write+0x1b2/0x520 [ 2247.232803][ C0] dup_mmap+0xe88/0x21d0 [ 2247.237056][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 2247.241727][ C0] copy_process+0x4081/0x7690 [ 2247.246393][ C0] ? do_wp_page+0x1aa7/0x4f00 [ 2247.251049][ C0] ? __pfx_copy_process+0x10/0x10 [ 2247.256073][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 2247.261070][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2247.266431][ C0] kernel_clone+0xfc/0x930 [ 2247.270856][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 2247.275877][ C0] ? __pfx_css_rstat_updated+0x10/0x10 [ 2247.281325][ C0] __do_sys_clone+0xce/0x120 [ 2247.285914][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 2247.291104][ C0] ? handle_mm_fault+0x2ab/0xd10 [ 2247.296033][ C0] ? do_user_addr_fault+0x843/0x1370 [ 2247.301310][ C0] do_syscall_64+0xcd/0x4c0 [ 2247.305795][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2247.311672][ C0] RIP: 0033:0x7f6e16385453 [ 2247.316069][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 2247.335664][ C0] RSP: 002b:00007ffff0a0bff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2247.344073][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6e16385453 [ 2247.352035][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2247.360004][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 2247.367965][ C0] R10: 00005555576c37d0 R11: 0000000000000246 R12: 0000000000000000 [ 2247.375909][ C0] R13: 00000000000927c0 R14: 000000000023a26d R15: 00007ffff0a0c190 [ 2247.383878][ C0] [ 2247.386883][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2247.394137][ C0] CPU: 0 UID: 0 PID: 27943 Comm: syz-executor Not tainted 6.16.0-syzkaller-11852-g479058002c32 #0 PREEMPT(full) [ 2247.405992][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 2247.416017][ C0] Call Trace: [ 2247.419269][ C0] [ 2247.422084][ C0] dump_stack_lvl+0x3d/0x1f0 [ 2247.426652][ C0] vpanic+0x6e8/0x7a0 [ 2247.430623][ C0] ? __pfx_vpanic+0x10/0x10 [ 2247.435114][ C0] ? inet_sock_destruct+0x684/0x830 [ 2247.440286][ C0] panic+0xca/0xd0 [ 2247.443982][ C0] ? __pfx_panic+0x10/0x10 [ 2247.448377][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 2247.453458][ C0] check_panic_on_warn+0xab/0xb0 [ 2247.458368][ C0] __warn+0xf6/0x3c0 [ 2247.462241][ C0] ? vprintk_emit+0x1e6/0x6d0 [ 2247.466902][ C0] ? inet_sock_destruct+0x684/0x830 [ 2247.472104][ C0] report_bug+0x3c3/0x580 [ 2247.476421][ C0] ? inet_sock_destruct+0x684/0x830 [ 2247.481608][ C0] handle_bug+0x184/0x210 [ 2247.485944][ C0] exc_invalid_op+0x17/0x50 [ 2247.490427][ C0] asm_exc_invalid_op+0x1a/0x20 [ 2247.495257][ C0] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 2247.501047][ C0] Code: 0f 0b 90 e9 12 fe ff ff e8 79 af a9 f7 90 0f 0b 90 e9 5e fe ff ff e8 6b af a9 f7 90 0f 0b 90 e9 94 fe ff ff e8 5d af a9 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 df 04 10 f8 e9 d7 fc ff ff 4c 89 ff e8 [ 2247.520640][ C0] RSP: 0018:ffffc90000007d90 EFLAGS: 00010246 [ 2247.526684][ C0] RAX: 0000000000000000 RBX: ffff888021b98000 RCX: ffffffff8a11e297 [ 2247.534630][ C0] RDX: ffff888036504880 RSI: ffffffff8a11e3c3 RDI: 0000000000000005 [ 2247.542575][ C0] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 2247.550522][ C0] R10: 0000000000000fff R11: 0000000000000000 R12: ffff888021b98000 [ 2247.558468][ C0] R13: ffff888021b98090 R14: ffffc90000007e90 R15: 0000000000000001 [ 2247.566417][ C0] ? inet_sock_destruct+0x557/0x830 [ 2247.571593][ C0] ? inet_sock_destruct+0x683/0x830 [ 2247.576786][ C0] ? inet6_cleanup_sock+0x117/0x210 [ 2247.581989][ C0] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 2247.587614][ C0] __sk_destruct+0x81/0x9a0 [ 2247.592104][ C0] ? rcu_core+0x797/0x1530 [ 2247.596502][ C0] rcu_core+0x79c/0x1530 [ 2247.600726][ C0] ? __pfx_rcu_core+0x10/0x10 [ 2247.605381][ C0] ? mark_held_locks+0x49/0x80 [ 2247.610127][ C0] handle_softirqs+0x216/0x8e0 [ 2247.614867][ C0] ? rcu_is_watching+0x12/0xc0 [ 2247.619604][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 2247.624866][ C0] __irq_exit_rcu+0x109/0x170 [ 2247.629528][ C0] irq_exit_rcu+0x9/0x30 [ 2247.633755][ C0] sysvec_call_function_single+0xa4/0xc0 [ 2247.639365][ C0] [ 2247.642271][ C0] [ 2247.645185][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 2247.651137][ C0] RIP: 0010:lock_is_held_type+0x107/0x150 [ 2247.656840][ C0] Code: 00 00 b8 ff ff ff ff 65 0f c1 05 dc 60 43 08 83 f8 01 75 2d 9c 58 f6 c4 02 75 43 48 f7 04 24 00 02 00 00 74 01 fb 48 83 c4 08 <44> 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 c7 03 03 00 45 31 ed eb [ 2247.676419][ C0] RSP: 0018:ffffc9000fcff530 EFLAGS: 00000296 [ 2247.682469][ C0] RAX: 0000000000000046 RBX: ffff8880365053e8 RCX: 0000000000000001 [ 2247.690411][ C0] RDX: 0000000000000000 RSI: ffffffff8de28340 RDI: ffffffff8c161100 [ 2247.698353][ C0] RBP: ffffffff8e5c1160 R08: 0000000000000006 R09: 0000000000001000 [ 2247.706293][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888036504880 [ 2247.714235][ C0] R13: 0000000000000001 R14: 00000000ffffffff R15: 0000000000000003 [ 2247.722198][ C0] lookup_page_ext+0x10d/0x1d0 [ 2247.726936][ C0] page_table_check_set+0x1e6/0x750 [ 2247.732118][ C0] __page_table_check_ptes_set+0x318/0x420 [ 2247.737907][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 2247.744204][ C0] ? __pfx_vm_normal_page+0x10/0x10 [ 2247.749376][ C0] ? ___pte_offset_map+0x2ad/0x4f0 [ 2247.754462][ C0] copy_page_range+0x2394/0x5c80 [ 2247.759389][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 2247.764668][ C0] ? __pfx___might_resched+0x10/0x10 [ 2247.769928][ C0] ? __pfx_mas_store+0x10/0x10 [ 2247.774675][ C0] ? __vma_enter_locked+0x163/0x3f0 [ 2247.779849][ C0] ? dup_mmap+0xe38/0x21d0 [ 2247.784241][ C0] ? down_write+0x14d/0x200 [ 2247.788714][ C0] ? up_write+0x1b2/0x520 [ 2247.793015][ C0] dup_mmap+0xe88/0x21d0 [ 2247.797236][ C0] ? __pfx_dup_mmap+0x10/0x10 [ 2247.801895][ C0] copy_process+0x4081/0x7690 [ 2247.806545][ C0] ? do_wp_page+0x1aa7/0x4f00 [ 2247.811199][ C0] ? __pfx_copy_process+0x10/0x10 [ 2247.816195][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 2247.821190][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 2247.826540][ C0] kernel_clone+0xfc/0x930 [ 2247.830932][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 2247.835935][ C0] ? __pfx_css_rstat_updated+0x10/0x10 [ 2247.841383][ C0] __do_sys_clone+0xce/0x120 [ 2247.845957][ C0] ? __pfx___do_sys_clone+0x10/0x10 [ 2247.851129][ C0] ? handle_mm_fault+0x2ab/0xd10 [ 2247.856047][ C0] ? do_user_addr_fault+0x843/0x1370 [ 2247.861306][ C0] do_syscall_64+0xcd/0x4c0 [ 2247.865798][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2247.871667][ C0] RIP: 0033:0x7f6e16385453 [ 2247.876065][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 2247.895644][ C0] RSP: 002b:00007ffff0a0bff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 2247.904026][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6e16385453 [ 2247.911967][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 2247.919911][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 2247.927865][ C0] R10: 00005555576c37d0 R11: 0000000000000246 R12: 0000000000000000 [ 2247.935808][ C0] R13: 00000000000927c0 R14: 000000000023a26d R15: 00007ffff0a0c190 [ 2247.943766][ C0] [ 2247.946971][ C0] Kernel Offset: disabled [ 2247.951270][ C0] Rebooting in 86400 seconds..