last executing test programs:

7.700325212s ago: executing program 0 (id=3716):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$MSR(&(0x7f00000004c0), 0xd44e, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240fffffffa16000300686173683a6e65742c706f72742c6e6574000000050004"], 0x64}, 0x1, 0x0, 0x0, 0x24004010}, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffe0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xb, 0x9}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0xc809}, 0x20004804)
ioctl$XFS_IOC_FD_TO_HANDLE(r0, 0xc01c586a, &(0x7f0000000300)={r0, &(0x7f0000000100)='+@\x00', 0x101002, &(0x7f0000000140)={@align=0x5, {0x1, 0xfffe, 0x1ff, 0x6}}, 0x8, &(0x7f0000000280), &(0x7f00000002c0)=0x200})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r5, 0x0, 0xf3a, 0x0)
ioctl$TIOCEXCL(r0, 0x540c)
syz_open_dev$tty20(0xc, 0x4, 0x1)

7.614414387s ago: executing program 0 (id=3720):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f00000003c0)=""/219)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0x40025b0c, &(0x7f0000000040))
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0)={0x1d, 0x0, 0x2, {0x2, 0xf0, 0x3}, 0xff}, 0x18)
r3 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendmsg(r3, &(0x7f0000000200)={&(0x7f0000000040)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="100000001401"], 0x10}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002640)=@newtaction={0xe94, 0x30, 0x3f, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0xfffffffc, 0x0, 0x0, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x5943}, {0x0, 0x800000, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {0x0, 0xa2}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x1cbe}, {0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x8}, {}, {0x0, 0xfffffffe, 0x400000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff6a}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x800000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x7fffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x27a}, {0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0xc}, {}, {0x0, 0x0, 0x2b7f}, {0x3ff, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0xcfc, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0xfffffffd, 0x0, 0x0, 0x0, 0xa92}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x40000000, 0x1, 0x0, 0x10001}, {0x0, 0x0, 0x20}, {}, {0x80000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, {0xfffffffc}, {}, {}, {}, {0x0, 0xa, 0xfffffffc}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x40, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x2}, {0x5}, {}, {}, {}, {}, {}, {0x7, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ocfs2_dlmfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x4000, 0x0)
ioctl$CDROMREADAUDIO(r5, 0x309, 0x0)
stat64(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140))

7.073798142s ago: executing program 1 (id=3737):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x45a5, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000640)=<r3=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3d2d89332461aff2, 0x0, 0x0, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd=r1, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r1, 0x22d0, 0x20, 0x0, 0x0, 0x0)

6.871113052s ago: executing program 0 (id=3730):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001000010025bd7000f9dbdf2500000000", @ANYRES32=r0, @ANYRES64=r0], 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
truncate(0x0, 0x96f)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(&(0x7f0000000600)='asymmetric\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f0000000640)="3956bebe558fa8057a61a56d01", 0xd, 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000340), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0xa25436, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r1])
chdir(&(0x7f0000000300)='./file0\x00')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180007000000000000100000b2bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c0000001f00010029bd7000fedbdf25fc000000000000000000000000000001000004d2020032000a0101020000000000000000000000001b090000000000800c0015005b073500f2520000b3d6cded9e62ee1bc81fec117070b98e80e0a320b181ce8d00c174c2376f1fea6d6b073b73a76fb67914798ce622cbefd9a4e7b04d1616c96014a6df257b916e53a848ad10233cfd5ffde3c7aa01bfe75b39f97874fa59a203c2e2a35d427c34beb3ba2e8132ffa6e9bbbe9d981660f02afc26beec7848009c8a820763f138204445d36eabd6c87eaabfbe90c8ad0293b80f274f43"], 0x4c}, 0x1, 0x0, 0x0, 0x8800}, 0xc8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r6 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x7)

6.861813296s ago: executing program 1 (id=3731):
r0 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newqdisc={0x68, 0x14, 0xf0b, 0x300, 0x3, {0x2, 0x0, 0x0, 0x0, {0xd}, {0xb}, {0x4, 0x3}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x4, 0x213, 0x6, 0x0, 0x8000, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0x1, 0x7, 0x18, 0x4, 0x1, 0x9, 0x4}}, {0x4}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

6.859459908s ago: executing program 1 (id=3732):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
eventfd(0x8)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r1 = syz_open_dev$sndmidi(&(0x7f0000000300), 0x2, 0x1c1102)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
pipe2$watch_queue(&(0x7f00000000c0), 0x80)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000140)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0xf, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

5.797508249s ago: executing program 0 (id=3733):
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4f22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00', @ANYRESOCT=r0, @ANYBLOB="0000000000000000000094b4f562defb5f7756b4cbf5a6d7563c5ac743a2ccb509f77b40dee5bad90c6573030da19ef59bae484332d88c609d30248a44a69cc56623a061439a1dc47a295d5a43429071b408dba7cc7061b052d1a2f3d10824d6fb361906efef7904a738902f10f4662b1849de", @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="ff0c0000000c000000070000000500000000"], 0x0, 0x2b, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1f0000000600000004", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB="00000000010000000000000000"], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0103000000000000000005000000080001005d00000008000300", @ANYRES32=r6], 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x20048040)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x40000)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x3}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r8, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)

5.571584167s ago: executing program 1 (id=3735):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
r2 = openat$vicodec1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000080)={0x0, 0x45, 0x1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_STATUS={0x8}]}, 0x6c}}, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r5, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc2c45512, &(0x7f0000000340)={{0x7, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0xffffffff, 0xffbf, 0x8, 0xfffffffd, 0x80000001, 0x0, 0xfffffffe, 0xfffffffd, 0xfffffffc, 0x0, 0x400006, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffd, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x7fffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xffffffc7, 0x0, 0x4, 0x0, 0x2, 0x3, 0x0, 0x0, 0x4, 0x0, 0x68, 0x0, 0x20000000, 0x3, 0x7fff, 0x0, 0x800, 0x402, 0x0, 0x8, 0x4, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x408, 0x0, 0x0, 0x9, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]})
openat$ocfs2_control(0xffffff9c, 0x0, 0x400, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1a0, 0x9, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1a}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_DESC={0x170, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x8001}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xfffffff9}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_DESC_CONCAT={0x154, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1948}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8007}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6a}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2e8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x57fd}]}, {0x4c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2e19}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000001}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3ff}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7d}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xac}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3545127b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}]}]}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x230}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

4.519705244s ago: executing program 2 (id=3738):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$MSR(&(0x7f00000004c0), 0xd44e, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240fffffffa16000300686173683a6e65742c706f72742c6e6574000000050004"], 0x64}, 0x1, 0x0, 0x0, 0x24004010}, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffe0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xb, 0x9}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0xc809}, 0x20004804)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
ioctl$TIOCEXCL(r0, 0x540c)
syz_open_dev$tty20(0xc, 0x4, 0x1)

4.15870558s ago: executing program 0 (id=3747):
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newchain={0x34, 0x64, 0x8, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0x6, 0x1}, {0xc}}, [@TCA_CHAIN={0x8, 0xb, 0xc758}, @TCA_CHAIN={0x8, 0xb, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x4004000)
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x12002, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x13)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xb, &(0x7f0000000600)=ANY=[@ANYRESOCT=r3, @ANYRES8=r0, @ANYBLOB="f3a5cd0d1b367c56536f87150ac1a1de6fd6f494212bea79ada0450151d8d050792e7859579691e0ddfdfbf53d9a10440b996e8d193d9e455c2a04f21273e92c30c871b556a1271bb6632b0e381dc349368fc93ce55d86df50c3ca96f518952a6d3314a989067eecab5717d1013b0e69becadb0130e965811949aa14d30fb05d159d15cb5f38beec29efa02f6a9a155d4224562f794493cec6278030848a34b23b5924350687b29e35569d9bb78fccff1ce00d13dc44dc249d7ff55bc4842b9409b9d861f3ad3e4d2d117817b6942b51633a6d5b", @ANYRESDEC=r3, @ANYRES8=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r5 = syz_open_dev$sg(&(0x7f0000000300), 0xffc9, 0x40)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000090000000600000099901c6e784a50d71d42e523fe7e3d2518323c0ef867677964b64a5f99266e74d8a1b667d7d2ba7e4a54f7b43c1e7592e7c0ab547e28178331d266ab8b1e47f3c81f8add"])
r6 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_INFO(r6, 0x0, 0x80, &(0x7f00000003c0)={'broute\x00', 0x0, 0x0, 0x0, [0x61, 0x10000, 0x9c9, 0xf, 0x4, 0x3]}, &(0x7f00000001c0)=0x50)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044850}, 0xc010)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f00000008c0)={'filter\x00', 0x7, 0x4, 0x404, 0x0, 0x218, 0x10c, 0x324, 0x324, 0x324, 0x4, &(0x7f0000000280), {[{{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, 0xff000330, 0xffffffff, 0x4, 0x0, {@mac, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, 0xfff2, 0x101, 0x79, 0x1, 0x7ff, 0x8, '\x00', 'vcan0\x00', {0xff}, {0xff}, 0x0, 0x4}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@local, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x8, 0x1}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="07aebe92cc85", @empty, @loopback, @broadcast, 0x8}}}, {{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x1, 0x1}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x450)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
mkdir(0x0, 0x0)
set_mempolicy(0x3, &(0x7f0000000040)=0x401, 0x8)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYRES16=r4], 0x60}, 0x1, 0x0, 0x0, 0x240040c0}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000500)=ANY=[@ANYBLOB="a0000000", @ANYRES16, @ANYBLOB="050424bd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="8400028040"], 0xa0}, 0x1, 0x0, 0x0, 0x4040800}, 0x24040084)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="180100002f00010000000000fcdbdf2507"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

3.497509795s ago: executing program 3 (id=3741):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r1, 0x4002f516, &(0x7f0000000000)={0x8, 0x8})
r2 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r2)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
ioctl$DVB_DEMUX_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000080)={0x8, 0x0, <r4=>r1})
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f00000000c0)=[r0], 0x1)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x66, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0xa, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x4804)

3.428264812s ago: executing program 3 (id=3742):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000030000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000efffffff850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r5, 0x4)
sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

3.413083592s ago: executing program 1 (id=3743):
r0 = getpgid(0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setscheduler(r0, 0x6, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xe, &(0x7f0000000040)=0x86, 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x1, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f00000001c0)={0x0, 0x0, 0x10001, 0x5a3})
socket$kcm(0x29, 0x5, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
preadv(r4, &(0x7f0000000080)=[{&(0x7f0000000100)=""/68, 0x44}], 0x1, 0x92, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x88000000000007, 0x3)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f000097b000/0x3000)=nil, 0x4, 0x0, 0x0, 0x8, 0x8, 0x0, 0x3c, 0x6a})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0xf)
mmap(&(0x7f0000352000/0x3000)=nil, 0x3000, 0x300000b, 0x10, 0xffffffffffffffff, 0xec772000)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f0000001600), 0x1}, 0x38)
r6 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x280}, &(0x7f00000000c0)=<r7=>0x0, &(0x7f0000000240)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='<'], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r6, 0x47bc, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000040)="836d9023d5b682", 0x0, 0xffffff81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0xfffffffe}, 0x4c)
r9 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0)
readv(r9, &(0x7f0000000180)=[{&(0x7f0000000140)=""/64, 0x40}], 0x1)

2.761675943s ago: executing program 0 (id=3744):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000300)={0x2, 0x0, [{0x3ffffffe, 0x2, 0x2, 0x4, 0x400006, 0x100002, 0x7}, {0xc0000001, 0x0, 0x6, 0x0, 0x8, 0x655e, 0x7f}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xffffffb7, 0x200401, 0xfffffffb, 0x0, 0x2, '\x00', 0x3215e6f0, 0x1fd})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xe)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f00000006c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0xad, &(0x7f0000000140)=""/173, 0x41000, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfff}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x2ec, 0x0, 0x4c, 0x1a, 0x180, 0x73, 0x328, 0x258, 0x258, 0x328, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@inet=@l2tp={{0x2c}, {0x0, 0x0, 0x3, 0x0, 0x3}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x23, 0x3, 0x2, 0x3, 'syz1\x00', 'syz0\x00', {0x2}}}}, {{@uncond, 0x0, 0xa4, 0xec}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8, 0x0, {0x0, 0x5400}}, {0x24}}}}, 0x348)
r6 = syz_io_uring_setup(0x54f, &(0x7f0000000140)={0x0, 0x84d9, 0x400, 0xffffffff, 0x204}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000440)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd_index=0x1, 0x0, 0x0, 0xf67, 0xa, 0x0, {0x0, 0x0, r1}})
io_uring_enter(r6, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="12010102020000082505a1a4400001"], 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

1.521574107s ago: executing program 3 (id=3745):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000040)={{0x8, 0xff}, {0x6a, 0x4}, 0x8, 0x6, 0x7})
ioctl$XFS_IOC_GETBMAP(r0, 0xc0205826, &(0x7f00000000c0)={0x2, 0xfffffffffffffffc, 0x2, 0x5, 0x7})
r2 = openat$hwrng(0xffffff9c, &(0x7f0000000100), 0x400000, 0x0)
r3 = openat2$dir(0xffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0xb40340d2940a5f30, 0x6, 0x1}, 0x18)
move_mount(r2, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000200)='./file0\x00', 0x4)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$kcm(r2, &(0x7f0000001400)={&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xe}}, 0x0, 0x4, 0x2, 0x2}}, 0x80, &(0x7f00000002c0), 0x0, &(0x7f0000000300)=[{0x100c, 0x84, 0x9, "3fdbdd5a71d9036a19c8bc0c357a649eaad53d41a6a2f59b5dfdb5bf0971369ed90c40ea3e5971bebb6a96cef6d0f8591d9035879b57e6ade033c2ac63f0b37951d5eb84a7481cf2c3aead9022ce775299001bef271e0a58b6d9929f9f5e30a7de682d3291a8c0088933c56143105188a8cd33ec5f837ef274520d32b751a01cae587065b223b1cd4ba5c733e93a151c2816211beedc655e931713353966546137c498f35f7437b0e32973283000c5c8e46cda7519ced3e3db0c86e3bd441cf72e1abfa5205f535d7f6ffe1eb6182d249a1939ae9ca99cd7f5bb8be318e6aa2eb90c8eeeb36dd57e7e1a6ad4789f7e6bc8c0f34b996cda7d88def6b33cfc7d96cd28818369380eae5a26429a6cc25235af51f56ec3657b7287382edb4af464e7fffa4d5aef62895a9325f7f153eb558b7255429f6fee0995e66b84d0c946281ae54b89ddd84b9b33317a6584436279be4b943bed87a2d63eb055c42bac2b72626b7e665e0141f9a49f8fabaa8247e743bc71ca5bb7be5c08e0555c3a656f9a3f6d13a4b2c923f56c924dea068c02712507193b35b3fdaf733d2873448f630ad30567fbe849cfddb6687f745daa33f2d8e91d818fa920a9f6cd74f3046ccff9800778a80df05ff76aaafcf8204ddd2909dbfd2a640cfbfb2b5e428d25a57feb42a3c1cee815b599cc12691165082cdd13916704803a6429819e41c3dc00b03357b4bfef3adce43afb66a2d573d4d44ee5b05deef50e2b4e6e8aae7ceab99744bff28a6b170c5258c62cffa99cccaef45d027e1c77533a815af96880d40750a1e721773d6b4f953c27abce3660440c0b567693e0c2c0457d2568934c45a20725b89928eeadc78a0cf0066c61faa611ca1d38a8bf0c01f7dc56a1544eb41bb8e6c050fd5b09b5287d17727623530b5dc8b8d0a39a3f09b0d0d59f55fa4df73f7bc3faf39ee37ecfef7221eab8951206b5a4d3205723075427948ffb1f14bbdadad141174f13376928322992d53615bd58a24d3a6407906e526bbcb82faf71eefad7624c62dd88bec846d02575775fbb9b1458c4ddbdc57a132ce4259e4bcb5d8e15d82a5b63f472140dab126af3ddc57818c48f340908afc71608ed8692b7f0cc7d0070030e546189cedd88cd3303e6bcded82b3908c0a82a4d82b8e3c18277dcad69906dd0e529b90074643cf97485bc69a714c2d6d82a12c405a182725cc2a3d97ef7164afbcff3d84cab2eb808f43cd50a8f97b21243fc93293548abee0af8c9178602ae6f8a51707c9946a2a071435915929dcbf8bebe6383f647ed9a3377ae035a80738ba5e3014f04d93eb070fec75735e02585550ea0c8e61565c185692023397e586501f8c7233ba5a15ba21d97420c7306d19472098786cd3aa5affdc6b5f2ed2e2b86dbe5b8a6bfbbb1e31401f19d8115db3731056e436a04da6a8ea07b54ad278da2317cac5882487ebe3678325aba04849d68e2819e16d6c2d64580906c9d2568ff197213010ed470e1faa77a2ad5100a508ce8106bad72b3ee295f9fa7144ebd5a743cb7931eebed608a6e156e11a8340fab584238403ca9a7dc7028974e9fbb13257967db155647aba854366ced2476493d7e87c895e7504cb42f5f76a6a3056a092992d2d1145ae268fa4733fd56e9f1e44bd8fd6e4df3425865d052feec6034e56a32ba578bfaa589ed41e41c40b809cb4c959b4a7b45d52998f046e2a8af9145140d29e1bb768ba3a2c9e246805042579a1b72efc15a42626e949d15282f4eabe480abd9d8976e68cd695032f6defc5b7a3ab2f4b6fb2da60ef58f8100e5cbaa53ef27d97c0b900f62c1d378b47bb437c077cb6d3d23588f778f816df26eadd0917557d52b941b7993baf5742e93bb6ad62a42b180c36ab85cf3dd085dced2965d0e86e20d2d4e0282247c65d9c9d187596255deea487c75639970d2051a481c566aac2b1e0222bfa1005da0564f82292e67ed6dcd471328a8c43a7b428600181b0654fb98ce0c2b8c5b987e674c2fb88ce27593548c3690d18bb503e380a3f259af15f6e2d2afacff799229d71672f9eb0cb42cb34e9d7e08e5582f1710ace117f7c454527082aa342787f8f5ebac256f4a55d5cfc66e54ba28cc91b60aa2b2d433621490329e9b780131680de6eeb22edbc798730b0f1d6c27e9c3bd9cc2feab7f14f1a427f9f5fe44d5b50655f36b723a058c9b0275b1329b3f2bddb5737b5afc1d6cc9e040f0d18402883f86e1b6571742917adb91e12f86a8239fb46ea0237ce9fd6363d76ca9fa75f3e39500d705a1788abd78bbef7ed6d1a3f27cfa4e33b2e59e5da87ff4a7bd537556a3822b9df58082eef447a2500d9d82085569f53d2f75c1deaf41bba3d39a4a859213e82886b4c6ae87f76ccb346fe73bc2c16c6f20006181b417a5a63f9c5d37f22bfb3491f051a08aaf20d496c732e4ea3cec60c6220b745ef6f1b575d27ca5614d2a68df8caca49f24b10aaace2afd60f5d6b8411c6a2fb22e689cee26237ba7efed8ad2a2af07d28a036bcaff1ec842cb59e5e93253931995fc5e51442a7cc6670e9347c990377a5091e544277e65989b08789c1bc00227a5177b15e2bf7c1f0d0d97cdecdec70b42af846e992ab78e31c63603f11a29e9435f4a7fb89e029b0fe9dad5719ff8900ae661397b75d9ae3f54c72d7bf5964d871db0514f861fa7b3bbc5fe1f23c1b637f684292b45e4047313a0f5caab16096edb5d4581cb16c4c03f1f7fe1f58448679dae81dbf719582971f7af69c2f4fd8a7990489a49b00d491acec5ffeaaafd2a7a3e1712a177800f8166e0bd0e53c24a502032361d8167146b534e34f05288879eb6eff11503a67a6830bddb257bb1cab10ca32835772d1881b82ed570f6664300f352f109a31e99489c9fc98482b77e897cfef4d6353b3bb7659a15e6a130979ee2b6805c3a28a87e06589b1b00b92585b86c3c1c6912be0b52ce71eb87717b604048a698ca1ed2e241f9e17c1165a6bab0b6d7a711a64160a1fe9b65263806b0863443763bc499ba69eec716c7f285082a37ef82cbcc1ab18eccb917f80bffbab9f07d2c3b92230eb7e36be90302a6087b87b16bccc6bacb2be2864586a8eb9d610569217f8564e3bc097c44595cb511982375bf8d192f2f136f39263aafed095062eb8dc5ab5b7cccb4645c9229f2d138928c6845f9acad76e663ac039b649a5ebdb53f73ea5c519bc80f129f94432a71503a76a7168fa3efe5848aac721e95e57c8a64f8389987a1b99056250d0ce9408faf29fccf1aceda8df1690f31d753204330d8c172289c7d88a58a4497224c13b43326be8853115e920540bb246b302f86973a7c5ee8774c6f38a09eb6d9184e666b2240ba0b5cb4e3a9e94f9b681285b0d5a0eaddff2649d4512f7ebb356501cb5ebf3ca3d32d01327efe9117836b4c51b5541b67d5924daa8dbc3e9d237acf9cb0fa4c48a0bbdba3c133f445b22b7714b169f9fe8cf1ce1dfdb02eca07361c1aa46bbc8f6f3fb92da975d56442174b14994e6ecc6df75c8e65d074c2cd9d5b9fe80b357966207bebd72613ca2076fa63d8716db90d4ca2419279b67177c2e0e088cb0433297cd07cbe945b0732f2ab4d4853cfd188865259a7788736ecaedd7fc53b714152684da0a33a544f874a00523127aa0c5180ae989b452c5982f8865761b23fd5dd7beab278f812cb36d93c04c936cc38f183ce39b780f185d577d358bc0e6794dfa1a522df2f07e1b6cd6a40700f40da02a8fc7e682ba1cd25e51179870adc269465c05fbaf360155a171c812798e8e422d9869d4e7fb7b79c3cd7896d1e66d9722761bf95152dbafd63c276357b181e2be2b5bd20d2989b0062e24ebcc30f3b5f2def6a8223e9357a8e6a6090df2f564ad82d804470675b6c6c4f3a96651b887efcc416a55ddb737c878ed8cc249d58881e04e7d5da28b9d29bfdabcea4372784392f29861922a10ed9c7490108516817e5864dc018f11019ca16210cd56dfe009bf68c7fe12875403d11c90d8be7cdbe1e1cb1fd36634721c0dd8dbb772157b9c86711449fe191f4e1b53b97d59c9c267844fac4188c55f6a72a777b714d5bdbe06952c364f30f1abbf45ebcb446001c815a3579043c13cbf65d1a6a6dde5ba8dd36eee7785c792045294252487c04c212ee66eafe8b82626dcc4fa7e5213bf6806b8bdd09a423e7ccc36fc3ea7d4f50bf969a6034cb07d24bca2e987635247be0c65ea66f6e01ae8613b7eea6a00f61a801419901df1e9a7c59c820cd8302834c0aac7ed588ebc6b9be048fb1ccf01bcca652d2e4fbfeee4c243ed2196c3e1464c2c51bc920dbe549b0af14c8a3c31953562cd9b5e429d72bf46bb4be97c0a7d0132fc3957c332864deaf6f7ba2dbf65d295b5cf4a4f6139bddf9d442054dee3a0af3d7100084be1c23b6ff28302ea35c09fa8bfa105853d4c13e069b09c618f7f4038e1f1fbe48a1f472cb4a42d5e12d3910ca4b9bdfbef83bb99a2ef699696921fe70ce54c45ecc498e41157930dc5676d13314d1df71a69d8af4911d597facc4665efccac15c9e729586741d12bfc4ba230bcf8e7a9abb247f7e2b7e5df0f6e176c9671681d43d8c3a3dd95038cc775e2f8a483d93e7bfff9ac2cacd35742208bb34f9163936b6fd806108b2a5db09e9592c368c25279e432c23f68b3f187c8b3c67009ef862b1c259baeb389820c921e298b465213ec7986d73240302f108bdd950c3ea5eb7418c854be414e198d55157a02af1e9a0779f75148a0320d8ba73cfb93868207da173aa1d729a8d6cf221dfce00c9d31fbcc7f25b3650b468d2859013ad9c1f321b1ec346580320ac9f44b51b803038895ec3014838494370d8b9b9f2f2c0db1dd0c1484581fbb4b8851a1e35d41575843c590405626c32f84468ba7114a5c6c027e2345f912d44d2c3a7897eea52c0688616ee07d4cff8f328177d88fedfa9358e19e134c42c9ade4b2c5a7b067be1783257f6a71c34f915036546a7e7c15ed9100252e23ece8f476288f2babf7c79a70206a5668243a8254795c762d05974f1ea0d0716a145dcfeaf17ec70320870442cdf5bd0ef0fb378e728c85207b513a7517f8614133365abf34a57da2fe185da100aac52cfe7982da382cf2d2815b7a25f7b2f27e17b1fed7e0c46b3b437566da2e046c38ab0aff12eb73ca9eedbae1ccf6cdcbbfefa6908befe5f45f7d6744b2687d282de18abf0bfce074b97b3589c670d327cea1440a09a3315ad97e8d376faca968a4acee9eec279f12e3558d391a8f2582d36910f8e013ef4b5826df99a8265e9cf6958463bc7c636a89ea99a625df8e13949a9b1262d39e1c923de9ea17148b3102a5e950400499c28d0cbd9adc1c1980b204c11508bd4995a79c63205769af7e3ff984e3c0cc9e7ef8581d8181a988d198395026ddf6ba096f14af42f16698b3295fe36d2e025e15386b4dcaed0671d342027dc2bd616b2108f9b9cd3a7eb4151e149a888b3af7e50f168183bd8916cb40574c3a217fcae06b94e3c55e58b9f25b220939c78bb744651ad99082ffc9a32fb23d179121150f00f101976b43cdf01bf00eb71c5984e2230568eb6d7abd3b797c0b18041176f323c8054cf3cdd22bd800becfa1369ed4d16b76675eaa5e80825d73adb10a247f1f8087790599a4d8f7debf9e2139152a152a29f14b846ac41d28904e5807ce2b6d8d632f8255e411a838d1a89dfe72cd48afffb6f63b98d350cde161b1e1f7e703e454f1507c6c6fb77534555b84646ae003f8759e7aa"}, {0xe0, 0x114, 0x7, "4145e95e2e089f61e97c892b845df39f769b808348f89e505e30dc81fe3ba1e7cf682d0f05c70f3a69193ddf911cbe99d1ed74acd6f9cd802070910b11a6693ecd6a101a427ef7eff7ad9a0a37de5f7f602d3f2763eda2406b8e1e42b3652ba64ec2f2c6e78bcc8942af9bb8a1db6357a622b76af53b50f33424abdebb1c727e04b5319ec083fda29e2fee540311449848f423b34a6b0403389ff86b07591da2856d240855316873b8d4c869934c4c36cca72547fc36554c8ae6f3b8e173d74a78c6edc59b8bc88a5a7d7ac4b488c8796930"}], 0x10ec}, 0xd0)
setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f0000001440), 0x4)
openat$ppp(0xffffff9c, &(0x7f0000001480), 0x121001, 0x0)
poll(&(0x7f00000014c0)=[{r4, 0x220}, {r2, 0x2301}], 0x2, 0x7)
ioctl$PPPIOCSMRU1(r2, 0x40047452, &(0x7f0000001500)=0x8)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000001540)={"cd186eac", 0x5912, 0x40, 0x8, 0x10000, 0x2, "61fe6894b9b25b2b70c32e05bfecb1", "cf54ebf3", "5f55368d", "ad5f8d3a", ["f109302c38031661d10551b2", "844a093eea90b623cb3b7127", "501e755404f06364968a4ddb", "5b46e61eda84dc37154c7558"]})
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$rds(r2, &(0x7f0000001d00)={&(0x7f00000015c0)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000001900)=[{&(0x7f0000001600)=""/91, 0x5b}, {&(0x7f0000001680)=""/190, 0xbe}, {&(0x7f0000001740)=""/171, 0xab}, {&(0x7f0000001800)=""/123, 0x7b}, {&(0x7f0000001880)=""/96, 0x60}], 0x5, &(0x7f0000001b80)=[@rdma_dest={0x18, 0x114, 0x2, {0xdf7b, 0x81}}, @zcopy_cookie={0x10, 0x114, 0xc, 0x4}, @mask_cswp={0x58, 0x114, 0x9, {{0x0, 0x6}, &(0x7f0000001940)=0xec, &(0x7f0000001980)=0x8000, 0xec, 0x0, 0x5, 0x2, 0x2, 0xfff}}, @zcopy_cookie={0x10, 0x114, 0xc, 0x605}, @cswp={0x58, 0x114, 0x7, {{0x6, 0x7}, &(0x7f00000019c0)=0x6, &(0x7f0000001a00)=0x600a, 0xe, 0x0, 0x2, 0x7986, 0x1, 0x5}}, @rdma_map={0x2c, 0x114, 0x3, {{&(0x7f0000001a40)=""/118, 0x76}, &(0x7f0000001ac0), 0x4}}, @cswp={0x58, 0x114, 0x7, {{0x6, 0x8}, &(0x7f0000001b00)=0x694, &(0x7f0000001b40), 0x7, 0xfffffffffffffff9, 0xe, 0x7fffffff, 0x20}}], 0x16c, 0x4000}, 0x4000000)
getsockopt$netrom_NETROM_IDLE(r2, 0x103, 0x7, &(0x7f0000001d40), &(0x7f0000001d80)=0x4)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000001dc0)={@rand_addr=' \x01\x00', 0x3, 0x1, 0x2, 0x0, 0x400, 0x9}, &(0x7f0000001e00)=0x20)
openat$sequencer(0xffffff9c, &(0x7f0000001e40), 0x2c00, 0x0)
ioctl$FBIOGET_CON2FBMAP(r0, 0x460f, &(0x7f0000001e80)={0x8, 0x2})
fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f0000001ec0))
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000001f00)={{0x1, 0x1, 0x18, r1, {0x1}}, './file0\x00'})
r5 = openat$cgroup_ro(r2, &(0x7f0000001f40)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
fcntl$setlease(r0, 0x400, 0x1)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000001f80)=@ccm_128={{0x303}, "379936f1cf1c4f6b", "e639e05021ea031fa2a02acb2be2e159", "897c3d9d", "9da64076838f057d"}, 0x28)
semctl$SEM_STAT_ANY(0x0, 0x4, 0x14, &(0x7f0000001fc0)=""/12)
ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(r5, 0xc0186445, &(0x7f0000002040)={0x2, 0x2})

1.420922788s ago: executing program 2 (id=3746):
shmget$private(0x0, 0x4000, 0x54001983, &(0x7f0000ffc000/0x4000)=nil)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
recvmsg$can_raw(r0, 0x0, 0x12081)
lsm_get_self_attr(0x66, 0x0, &(0x7f0000000700), 0x0)
lsm_set_self_attr(0x68, &(0x7f0000000000)={0x67, 0x8, 0xf1, 0xd1, "0eea99a6e58de369b108e43d429efbc5baa1030508c0b96b3c6e9f5be15887a48f9fc8ce9fd3c2e23134e6cb7933e134fa11b2d03b32ff057278b3e4456c65fcddae1bfda52a69b4244c93558fa1d2887da9fdbd6e6f6c33758564f073d98d13d5cfda3481a01923dbe4b973d64ee6652f6e983573363e504d9072c29be4baa7eefa412761a604b0c496ae3e118b269267b3dc004acccce10286b28695b60f6d75efc48406568507200ad75b84c43722df7621ab491fdf2d52af202243788d60a8e3a1157ecb911844b628042b628855ba"}, 0xf1, 0x0)

1.321643252s ago: executing program 3 (id=3748):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d86e6c1d0000007ea60864160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4100002000800a6d0bdd7000000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = socket(0xa, 0x3, 0xffffffff)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0x3, {0x2, 0x0, 0x0, 0x0, {0xd}, {0xb}, {0x4, 0x3}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x4, 0x213, 0x6, 0x0, 0x8000, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0x1, 0x7, 0x18, 0x4, 0x1, 0x9, 0x4}}, {0x4}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8811}, 0x0)
recvmmsg(r0, &(0x7f0000002fc0)=[{{&(0x7f00000001c0)=@caif, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000300)=""/92, 0x5c}, {&(0x7f0000000000)=""/62, 0x3e}, {&(0x7f0000000380)=""/177, 0xb1}, {&(0x7f00000000c0)=""/62, 0x3e}, {&(0x7f0000000440)=""/79, 0x4f}, {&(0x7f0000000240)=""/13, 0xd}, {&(0x7f00000004c0)=""/166, 0xa6}, {&(0x7f0000000580)=""/2, 0x2}, {&(0x7f00000005c0)=""/4096, 0x1000}], 0x9, &(0x7f0000001640)=""/106, 0x6a}, 0x2}, {{&(0x7f00000016c0)=@can, 0x80, &(0x7f0000001840)=[{&(0x7f0000001740)=""/153, 0x99}, {&(0x7f0000001800)}], 0x2, &(0x7f0000001a00)=""/136, 0x88}, 0x7ff}, {{&(0x7f0000001900)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001980)=""/122, 0x7a}, {&(0x7f0000003140)=""/153, 0x99}, {&(0x7f0000001ac0)=""/203, 0xcb}, {&(0x7f0000001bc0)}, {&(0x7f0000001c00)=""/238, 0xee}], 0x5, &(0x7f0000001d40)=""/142, 0x8e}, 0xae}, {{&(0x7f0000001e00)=@hci, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001e80)=""/243, 0xf3}], 0x1, &(0x7f0000001fc0)=""/94, 0x5e}, 0x7}, {{&(0x7f0000002040)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f00000022c0)=[{&(0x7f00000020c0)=""/197, 0xc5}, {&(0x7f00000021c0)=""/219, 0xdb}], 0x2, &(0x7f0000002300)=""/241, 0xf1}, 0xa451}, {{&(0x7f0000002400)=@tipc, 0x80, &(0x7f0000002540)=[{&(0x7f0000002480)=""/122, 0x7a}, {&(0x7f0000002500)}], 0x2}, 0x8}, {{&(0x7f0000002580)=@xdp, 0x80, &(0x7f0000002700)=[{&(0x7f0000002600)=""/197, 0xc5}], 0x1, &(0x7f0000002740)=""/222, 0xde}}, {{&(0x7f0000002840)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000002a80)=[{&(0x7f00000028c0)=""/178, 0xb2}, {&(0x7f0000002980)=""/226, 0xe2}], 0x2, &(0x7f0000002ac0)=""/186, 0xba}, 0x4}, {{&(0x7f0000002b80)=@generic, 0x80, &(0x7f0000002dc0)=[{&(0x7f0000002c00)=""/187, 0xbb}, {&(0x7f0000002cc0)=""/69, 0x45}, {&(0x7f0000002d40)=""/99, 0x63}], 0x3, &(0x7f0000002e00)=""/253, 0xfd}, 0x8}, {{&(0x7f0000002f00)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000002f80)}, 0x2}], 0xa, 0x4, &(0x7f0000003100)={0x77359400})

1.321328223s ago: executing program 2 (id=3749):
socket(0x2b, 0x80801, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80", @ANYRES16=r0, @ANYRES32=r2], 0x44}}, 0x0)

1.320794345s ago: executing program 1 (id=3750):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000300)={0x2, 0x0, [{0x3ffffffe, 0x2, 0x2, 0x4, 0x400006, 0x100002, 0x7}, {0xc0000001, 0x0, 0x6, 0x0, 0x8, 0x655e, 0x7f}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xffffffb7, 0x200401, 0xfffffffb, 0x0, 0x2, '\x00', 0x3215e6f0, 0x1fd})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xe)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f00000006c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x6, 0xad, &(0x7f0000000140)=""/173, 0x41000, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfff}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x2ec, 0x0, 0x4c, 0x1a, 0x180, 0x73, 0x328, 0x258, 0x258, 0x328, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@inet=@l2tp={{0x2c}, {0x0, 0x0, 0x3, 0x0, 0x3}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x23, 0x3, 0x2, 0x3, 'syz1\x00', 'syz0\x00', {0x2}}}}, {{@uncond, 0x0, 0xa4, 0xec}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'vlan0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8, 0x0, {0x0, 0x5400}}, {0x24}}}}, 0x348)
r6 = syz_io_uring_setup(0x54f, &(0x7f0000000140)={0x0, 0x84d9, 0x400, 0xffffffff, 0x204}, &(0x7f00000001c0)=<r7=>0x0, &(0x7f0000000440)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd_index=0x1, 0x0, 0x0, 0xf67, 0xa, 0x0, {0x0, 0x0, r1}})
io_uring_enter(r6, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='nfs4\x00', 0x2200890, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB="12010102020000082505a1a4400001"], 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

1.241666628s ago: executing program 2 (id=3751):
openat$mice(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x45a5, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000640)=<r3=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3d2d89332461aff2, 0x0, 0x0, 0x0, 0x1007, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd=r1, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r1, 0x22d0, 0x20, 0x0, 0x0, 0x0)

1.241014771s ago: executing program 2 (id=3752):
prctl$PR_SET_IO_FLUSHER(0x4c, 0x2)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r0, &(0x7f00000001c0)={0x27, 0x0, 0x1, 0x2, 0x0, 0x9, "c46e9fd1a84b7fa0bf2cca6beb9363a680b652a86bcf56a1b9ca5386103a5ccbe47b7b9aa6d8d701a3ba00000000b97800001022f987617c318500", 0x2}, 0x58)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r1)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0xc97, &(0x7f00000000c0)={0x0, 0x6015, 0x800, 0x1, 0x302}, &(0x7f00000003c0), &(0x7f0000000140))
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000007001000040000002500000001000000", @ANYRES32, @ANYBLOB="4c2e9bd9000000db3e7012000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)

420.870342ms ago: executing program 3 (id=3753):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@getnexthop={0x20, 0x6a, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@NHA_ID={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r7], 0x5c}}, 0x40)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000140)={'ip6_vti0\x00', <r9=>r8, 0x6, 0x8, 0x0, 0xff, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x8000, 0x0, 0x2}})
r10 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r6, &(0x7f0000000340)={0x2c, 0x2, r9, 0x10, r10}, 0x10)
pipe(&(0x7f00000001c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
vmsplice(r12, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304000000000400000000000000", @ANYRES32=r11, @ANYBLOB="00000000140000002400128009000183de026e640000000014000280"], 0x44}, 0x1, 0x2000000000000000, 0x0, 0x800}, 0x0)
splice(r11, 0x0, r13, 0x0, 0x10d00, 0xf)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x4c}}, 0x884)

299.929935ms ago: executing program 2 (id=3754):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd29, 0x10, {{@in6=@loopback, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffb}, {}, 0x0, 0x6e6bb8, 0x0, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x4008011}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, 0x0, 0x6e6bb5}}, 0xb8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000ffffffff0000000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703"], &(0x7f0000000240)='GPL\x00', 0x1000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000400)=""/81)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$vbi(0x0, 0x1, 0x2)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x9, 0x50424752, 0x3, 0x3, 0x7, 0x0, 0x40000005, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x2}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$sg(&(0x7f0000000000), 0xe6, 0x2602)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
io_setup(0x1, &(0x7f0000000380))
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2778)
getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000580)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000a000000c7cdce5b0022b4641ce03a431aaa908fc6482a5249d19b618a3d373e7c18e829983b9873f10eee44d7cf0ec9c62be14ffbf3e7307683a16b6719d893a07630239b464af203274a2511b749ca234000000000000000c71827be5d3232219d8b7ded3890de66017cad740472dd677a325e3fb2ee0fe9215e870fc112e99a2672c8a511ac48f8962ba26000000000000000000000000000000097e61ecb43edd1a82839993837f14cfe3b6df774ab429f495f84a7075dbdbe6b29c86488a3ffe87b5321ca83f18ebdbe340cf5440ce6ce26052216276656df912405c20064c50b07e6eab4da379bc56477a55aec753863ad56ce2f76d7ba4773ad4166af518bdcd60023b422013d10b788007efcb52273a8ebe08eb5ff2808d9de814d31c68a57a607641cf5b39e823dcd34934f4ed104edee6d6712fcba4dfab2f36be0db34b207b33b00af00448c7a6d7930e28e6b04e0d1ff496933444caae4d6b3508232faea0d"], &(0x7f0000000080)=0x2e)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000340)={0x1, 0x0, 0xffffffff, 0x5, 0x99, &(0x7f0000000880)})

0s ago: executing program 3 (id=3755):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$MSR(&(0x7f00000004c0), 0xd44e, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240fffffffa16000300686173683a6e65742c706f72742c6e6574000000050004"], 0x64}, 0x1, 0x0, 0x0, 0x24004010}, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffe0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x3}]}, 0x2c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
ioctl$TIOCEXCL(r0, 0x540c)
syz_open_dev$tty20(0xc, 0x4, 0x1)

kernel console output (not intermixed with test programs):

 641.042367][T19840]  should_fail_ex.cold+0x5/0xa
[  641.042389][T19840]  _copy_to_user+0x32/0xd0
[  641.042419][T19840]  simple_read_from_buffer+0xcb/0x170
[  641.042448][T19840]  proc_fail_nth_read+0x1af/0x230
[  641.042471][T19840]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.042494][T19840]  ? rw_verify_area+0xce/0x6d0
[  641.042518][T19840]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.042538][T19840]  vfs_read+0x1e4/0xb30
[  641.042568][T19840]  ? __pfx_vfs_read+0x10/0x10
[  641.042592][T19840]  ? find_held_lock+0x2b/0x80
[  641.042609][T19840]  ? __fget_files+0x215/0x3d0
[  641.042640][T19840]  ? __fget_files+0x21f/0x3d0
[  641.042674][T19840]  ksys_read+0x12a/0x250
[  641.042700][T19840]  ? __pfx_ksys_read+0x10/0x10
[  641.042734][T19840]  do_int80_emulation+0x141/0x6b0
[  641.042760][T19840]  asm_int80_emulation+0x1a/0x20
[  641.042777][T19840] RIP: 0023:0xf7205cab
[  641.042793][T19840] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  641.042809][T19840] RSP: 002b:00000000f54bd4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  641.042826][T19840] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f54bd5d0
[  641.042837][T19840] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  641.042846][T19840] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  641.042856][T19840] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  641.042866][T19840] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  641.042891][T19840]  </TASK>
[  641.193848][   T10] hid_parser_main: 34 callbacks suppressed
[  641.193865][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.199963][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.203648][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.207242][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.210548][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.213887][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.216936][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.219556][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.222207][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.225540][   T10] hid-generic 0103:0004:0000.0034: unknown main item tag 0x0
[  641.235018][   T10] hid-generic 0103:0004:0000.0034: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  641.282344][T19851] lo speed is unknown, defaulting to 1000
[  641.286442][T19851] lo speed is unknown, defaulting to 1000
[  642.046908][   T54] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  642.140883][ T5292] Bluetooth: hci2: Malformed HCI Event
[  642.198765][   T54] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  642.202194][   T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  642.207407][   T54] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  642.210485][   T54] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  642.213107][   T54] usb 5-1: Manufacturer: syz
[  642.216999][   T54] usb 5-1: config 0 descriptor??
[  642.278786][   T54] rc_core: IR keymap rc-hauppauge not found
[  642.281624][   T54] Registered IR keymap rc-empty
[  642.284001][   T54] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  642.291376][   T54] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input18
[  642.623276][ T6002] usb 5-1: USB disconnect, device number 17
[  643.535863][T19917] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3087'.
[  644.076934][   T10] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  644.226830][   T10] usb 6-1: Using ep0 maxpacket: 8
[  644.229878][   T10] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  644.233457][   T10] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  644.236992][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  644.239549][   T10] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  644.243383][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.249284][   T10] usb 6-1: config 0 descriptor??
[  644.327813][ T5292] Bluetooth: hci4: Malformed HCI Event
[  644.656556][T19927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  644.661754][T19927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  644.667973][   T10] mcp2221 0003:04D8:00DD.0035: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  644.851648][T19938] FAULT_INJECTION: forcing a failure.
[  644.851648][T19938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  644.858373][T19938] CPU: 3 UID: 0 PID: 19938 Comm: syz.2.3094 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  644.858399][T19938] Tainted: [L]=SOFTLOCKUP
[  644.858405][T19938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  644.858415][T19938] Call Trace:
[  644.858425][T19938]  <TASK>
[  644.858432][T19938]  dump_stack_lvl+0x100/0x190
[  644.858465][T19938]  should_fail_ex.cold+0x5/0xa
[  644.858487][T19938]  _copy_to_user+0x32/0xd0
[  644.858517][T19938]  cdrom_ioctl+0xb9d/0x3880
[  644.858537][T19938]  ? __pfx_cdrom_ioctl+0x10/0x10
[  644.858550][T19938]  ? rcu_is_watching+0x12/0xc0
[  644.858577][T19938]  ? trace_rpm_return_int+0x78/0x250
[  644.858603][T19938]  ? rpm_resume+0x7eb/0x1350
[  644.858631][T19938]  ? __pfx_rpm_resume+0x10/0x10
[  644.858652][T19938]  ? do_raw_spin_lock+0x128/0x260
[  644.858683][T19938]  ? mark_held_locks+0x40/0x70
[  644.858703][T19938]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  644.858724][T19938]  ? lockdep_hardirqs_on+0x78/0x100
[  644.858745][T19938]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  644.858762][T19938]  ? __pm_runtime_resume+0xc3/0x170
[  644.858789][T19938]  sr_block_ioctl+0x1ae/0x250
[  644.858811][T19938]  ? __pfx_sr_block_ioctl+0x10/0x10
[  644.858828][T19938]  blkdev_compat_ptr_ioctl+0x9f/0xe0
[  644.858849][T19938]  ? __pfx_blkdev_compat_ptr_ioctl+0x10/0x10
[  644.858869][T19938]  compat_blkdev_ioctl+0x682/0x7b0
[  644.858892][T19938]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  644.858917][T19938]  ? __pfx_compat_blkdev_ioctl+0x10/0x10
[  644.858940][T19938]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  644.858969][T19938]  __do_fast_syscall_32+0xe3/0x8c0
[  644.858994][T19938]  do_fast_syscall_32+0x32/0x70
[  644.859016][T19938]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  644.859039][T19938] RIP: 0023:0xf7fc4f6c
[  644.859060][T19938] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  644.859077][T19938] RSP: 002b:00000000f548650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  644.859095][T19938] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005396
[  644.859105][T19938] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  644.859114][T19938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  644.859123][T19938] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  644.859134][T19938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  644.859158][T19938]  </TASK>
[  644.874140][   T10] usb 6-1: USB disconnect, device number 23
[  644.982261][T19942] Bluetooth: MGMT ver 1.23
[  645.267092][T19944] lo speed is unknown, defaulting to 1000
[  645.276503][T19944] lo speed is unknown, defaulting to 1000
[  645.466090][T19949] FAULT_INJECTION: forcing a failure.
[  645.466090][T19949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  645.475411][T19949] CPU: 3 UID: 0 PID: 19949 Comm: syz.1.3098 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  645.475433][T19949] Tainted: [L]=SOFTLOCKUP
[  645.475437][T19949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  645.475445][T19949] Call Trace:
[  645.475449][T19949]  <TASK>
[  645.475455][T19949]  dump_stack_lvl+0x100/0x190
[  645.475478][T19949]  should_fail_ex.cold+0x5/0xa
[  645.475493][T19949]  _copy_from_user+0x2e/0xd0
[  645.475511][T19949]  sg_new_write.isra.0+0x44e/0xb10
[  645.475530][T19949]  ? __pfx_sg_new_write.isra.0+0x10/0x10
[  645.475560][T19949]  sg_ioctl+0x357/0x26c0
[  645.475575][T19949]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  645.475593][T19949]  ? __pfx_sg_ioctl+0x10/0x10
[  645.475608][T19949]  ? find_held_lock+0x2b/0x80
[  645.475619][T19949]  ? hook_file_ioctl_common+0x146/0x410
[  645.475640][T19949]  ? __fget_files+0x21f/0x3d0
[  645.475658][T19949]  ? __pfx_sg_ioctl+0x10/0x10
[  645.475672][T19949]  compat_ptr_ioctl+0x6e/0xa0
[  645.475685][T19949]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  645.475699][T19949]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  645.475716][T19949]  __do_fast_syscall_32+0xe3/0x8c0
[  645.475732][T19949]  do_fast_syscall_32+0x32/0x70
[  645.475745][T19949]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  645.475760][T19949] RIP: 0023:0xf702ef6c
[  645.475772][T19949] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  645.475783][T19949] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  645.475795][T19949] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000002285
[  645.475801][T19949] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000
[  645.475808][T19949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  645.475813][T19949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  645.475819][T19949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  645.475833][T19949]  </TASK>
[  645.792113][   T40] kauditd_printk_skb: 72 callbacks suppressed
[  645.792129][   T40] audit: type=1326 audit(1772539820.883:25396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19941 comm="syz.2.3096" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x0
[  646.361063][   T40] audit: type=1326 audit(1772539821.453:25397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.064798][T19981] Invalid logical block size (16777216)
[  647.068000][ T5292] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  647.076969][ T5292] Bluetooth: hci2: command 0x0401 tx timeout
[  647.116813][   T54] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  647.256854][   T40] audit: type=1326 audit(1772539821.453:25398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.264098][   T40] audit: type=1326 audit(1772539821.453:25399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.271549][   T40] audit: type=1326 audit(1772539821.453:25400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.280309][   T40] audit: type=1326 audit(1772539821.453:25401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.288909][   T40] audit: type=1326 audit(1772539821.463:25402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.296216][   T40] audit: type=1326 audit(1772539821.463:25403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.302737][   T54] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  647.306111][   T54] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  647.328413][   T40] audit: type=1326 audit(1772539821.463:25404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.337914][   T54] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  647.342902][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  647.347645][   T40] audit: type=1326 audit(1772539821.463:25405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19961 comm="syz.3.3102" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  647.363834][   T54] usb 5-1: SerialNumber: syz
[  647.373099][T19992] FAULT_INJECTION: forcing a failure.
[  647.373099][T19992] name failslab, interval 1, probability 0, space 0, times 0
[  647.377998][T19992] CPU: 1 UID: 0 PID: 19992 Comm: syz.3.3111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  647.378030][T19992] Tainted: [L]=SOFTLOCKUP
[  647.378036][T19992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  647.378046][T19992] Call Trace:
[  647.378052][T19992]  <TASK>
[  647.378060][T19992]  dump_stack_lvl+0x100/0x190
[  647.378106][T19992]  should_fail_ex.cold+0x5/0xa
[  647.378123][T19992]  ? tomoyo_realpath_from_path+0xb6/0x690
[  647.378141][T19992]  should_failslab+0xc2/0x120
[  647.378158][T19992]  __kmalloc_noprof+0xe0/0x850
[  647.378189][T19992]  tomoyo_realpath_from_path+0xb6/0x690
[  647.378212][T19992]  tomoyo_path_number_perm+0x23c/0x580
[  647.378232][T19992]  ? tomoyo_path_number_perm+0x22e/0x580
[  647.378258][T19992]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  647.378310][T19992]  ? find_held_lock+0x2b/0x80
[  647.378323][T19992]  ? hook_file_ioctl_common+0x146/0x410
[  647.378346][T19992]  ? __fget_files+0x215/0x3d0
[  647.378377][T19992]  ? __fget_files+0x21f/0x3d0
[  647.378407][T19992]  security_file_ioctl_compat+0xd3/0x230
[  647.378431][T19992]  __ia32_compat_sys_ioctl+0xc2/0x360
[  647.378457][T19992]  __do_fast_syscall_32+0xe3/0x8c0
[  647.378482][T19992]  do_fast_syscall_32+0x32/0x70
[  647.378503][T19992]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  647.378523][T19992] RIP: 0023:0xf70cef6c
[  647.378536][T19992] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  647.378551][T19992] RSP: 002b:00000000f54bd50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  647.378568][T19992] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0386106
[  647.378578][T19992] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  647.378588][T19992] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  647.378597][T19992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.378606][T19992] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  647.378625][T19992]  </TASK>
[  647.378677][T19992] ERROR: Out of memory at tomoyo_realpath_from_path.
[  647.877444][ T5292] Bluetooth: hci2: Malformed HCI Event
[  647.965621][T20004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3116'.
[  647.973756][T20004] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  648.067120][T20006] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3108'.
[  648.125356][T20008] netlink: 'syz.1.3117': attribute type 1 has an invalid length.
[  648.156440][T20008] 8021q: adding VLAN 0 to HW filter on device bond1
[  648.187170][T20008] 8021q: adding VLAN 0 to HW filter on device bond1
[  648.189510][T20008] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  648.193371][T20008] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  648.244673][T20010] ip6erspan0: entered promiscuous mode
[  648.258718][T20010] bond1: (slave ip6erspan0): making interface the new active one
[  648.261846][T20010] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  648.827827][   T54] usb 5-1: cannot find UAC_HEADER
[  648.879333][   T54] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  648.917579][   T54] usb 5-1: USB disconnect, device number 18
[  648.964565][T18456] udevd[18456]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  648.994730][T20025] overlayfs: failed to resolve './file1': -2
[  649.103874][T20027] lo speed is unknown, defaulting to 1000
[  649.107465][T20027] lo speed is unknown, defaulting to 1000
[  649.341821][T20041] Invalid logical block size (65481)
[  649.383315][T20043] vivid-003: disconnect
[  649.391876][T20042] vivid-003: reconnect
[  649.902254][T20054] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3132'.
[  650.121674][ T5292] Bluetooth: hci2: Malformed HCI Event
[  650.165394][T20060] FAULT_INJECTION: forcing a failure.
[  650.165394][T20060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.171534][T20060] CPU: 1 UID: 0 PID: 20060 Comm: syz.1.3134 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  650.171561][T20060] Tainted: [L]=SOFTLOCKUP
[  650.171567][T20060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  650.171576][T20060] Call Trace:
[  650.171581][T20060]  <TASK>
[  650.171588][T20060]  dump_stack_lvl+0x100/0x190
[  650.171617][T20060]  should_fail_ex.cold+0x5/0xa
[  650.171637][T20060]  _copy_to_user+0x32/0xd0
[  650.171665][T20060]  simple_read_from_buffer+0xcb/0x170
[  650.171694][T20060]  proc_fail_nth_read+0x1af/0x230
[  650.171716][T20060]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  650.171738][T20060]  ? rw_verify_area+0xce/0x6d0
[  650.171762][T20060]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  650.171781][T20060]  vfs_read+0x1e4/0xb30
[  650.171809][T20060]  ? __pfx_vfs_read+0x10/0x10
[  650.171833][T20060]  ? find_held_lock+0x2b/0x80
[  650.171851][T20060]  ? __fget_files+0x215/0x3d0
[  650.171883][T20060]  ? __fget_files+0x21f/0x3d0
[  650.171926][T20060]  ksys_read+0x12a/0x250
[  650.171952][T20060]  ? __pfx_ksys_read+0x10/0x10
[  650.171986][T20060]  do_int80_emulation+0x141/0x6b0
[  650.172012][T20060]  asm_int80_emulation+0x1a/0x20
[  650.172030][T20060] RIP: 0023:0xf7165cab
[  650.172045][T20060] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  650.172061][T20060] RSP: 002b:00000000f541d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  650.172079][T20060] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f541d5d0
[  650.172090][T20060] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  650.172099][T20060] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  650.172108][T20060] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  650.172118][T20060] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  650.172142][T20060]  </TASK>
[  650.459506][T20074] binder: 20073:20074 unknown command 0
[  650.462044][T20074] binder: 20073:20074 ioctl c0306201 80000640 returned -22
[  650.974913][ T6010] hid_parser_main: 6 callbacks suppressed
[  650.974932][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.981058][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.983725][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.986678][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.989875][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.996764][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  650.999435][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  651.002031][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  651.005659][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  651.011797][ T6010] hid-generic 0103:0004:0000.0036: unknown main item tag 0x0
[  651.025961][ T6010] hid-generic 0103:0004:0000.0036: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  652.480836][T20097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3146'.
[  652.854060][T20108] veth1_to_bond: Caught tx_queue_len zero misconfig
[  653.020223][T20112] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  653.172440][ T6010] hid-generic 0103:0004:0000.0037: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  653.682050][T20122] wg1: entered promiscuous mode
[  653.684235][T20122] wg1: entered allmulticast mode
[  653.774201][T20123] lo speed is unknown, defaulting to 1000
[  653.777524][T20123] lo speed is unknown, defaulting to 1000
[  654.232049][T20141] lo speed is unknown, defaulting to 1000
[  654.237143][T20141] lo speed is unknown, defaulting to 1000
[  654.882397][T20154] 8021q: adding VLAN 0 to HW filter on device bond0
[  654.885733][T20154] 8021q: adding VLAN 0 to HW filter on device team0
[  654.891823][T20154] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  655.297839][   T40] kauditd_printk_skb: 80 callbacks suppressed
[  655.297856][   T40] audit: type=1326 audit(1772539830.393:25486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.310700][   T40] audit: type=1326 audit(1772539830.393:25487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.320564][   T40] audit: type=1326 audit(1772539830.393:25488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.331646][   T40] audit: type=1326 audit(1772539830.393:25489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.341638][   T40] audit: type=1326 audit(1772539830.393:25490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.351297][   T40] audit: type=1326 audit(1772539830.393:25491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.361384][   T40] audit: type=1326 audit(1772539830.393:25492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.371770][   T40] audit: type=1326 audit(1772539830.393:25493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20156 comm="syz.2.3165" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  655.396862][   T40] audit: type=1326 audit(1772539830.403:25494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20158 comm="syz.3.3166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  655.406235][   T40] audit: type=1326 audit(1772539830.403:25495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20158 comm="syz.3.3166" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  655.434170][T20168] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3167'.
[  655.438261][T20168] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3167'.
[  655.442320][T20168] FAULT_INJECTION: forcing a failure.
[  655.442320][T20168] name failslab, interval 1, probability 0, space 0, times 0
[  655.448011][T20168] CPU: 0 UID: 0 PID: 20168 Comm: syz.1.3167 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  655.448036][T20168] Tainted: [L]=SOFTLOCKUP
[  655.448041][T20168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  655.448050][T20168] Call Trace:
[  655.448057][T20168]  <TASK>
[  655.448063][T20168]  dump_stack_lvl+0x100/0x190
[  655.448091][T20168]  should_fail_ex.cold+0x5/0xa
[  655.448110][T20168]  should_failslab+0xc2/0x120
[  655.448126][T20168]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  655.448150][T20168]  ? __alloc_skb+0x140/0x710
[  655.448199][T20168]  __alloc_skb+0x140/0x710
[  655.448214][T20168]  ? __alloc_skb+0x5b7/0x710
[  655.448229][T20168]  ? __pfx___alloc_skb+0x10/0x10
[  655.448252][T20168]  netlink_ack+0x117/0xb80
[  655.448271][T20168]  ? trace_contention_end+0x140/0x180
[  655.448299][T20168]  netlink_rcv_skb+0x333/0x420
[  655.448319][T20168]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  655.448340][T20168]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  655.448375][T20168]  xfrm_netlink_rcv+0x71/0x90
[  655.448393][T20168]  netlink_unicast+0x5aa/0x870
[  655.448416][T20168]  ? __pfx_netlink_unicast+0x10/0x10
[  655.448445][T20168]  netlink_sendmsg+0x8b0/0xda0
[  655.448469][T20168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.448492][T20168]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  655.448517][T20168]  ____sys_sendmsg+0xa54/0xc30
[  655.448541][T20168]  ? __pfx_____sys_sendmsg+0x10/0x10
[  655.448573][T20168]  ___sys_sendmsg+0x190/0x1e0
[  655.448597][T20168]  ? __pfx____sys_sendmsg+0x10/0x10
[  655.448648][T20168]  __sys_sendmsg+0x170/0x220
[  655.448667][T20168]  ? __pfx___sys_sendmsg+0x10/0x10
[  655.448694][T20168]  ? __pfx_ksys_write+0x10/0x10
[  655.448723][T20168]  __do_fast_syscall_32+0xe3/0x8c0
[  655.448745][T20168]  do_fast_syscall_32+0x32/0x70
[  655.448764][T20168]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  655.448784][T20168] RIP: 0023:0xf702ef6c
[  655.448796][T20168] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  655.448811][T20168] RSP: 002b:00000000f53fc50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  655.448826][T20168] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800003c0
[  655.448836][T20168] RDX: 0000000004004040 RSI: 0000000000000000 RDI: 0000000000000000
[  655.448845][T20168] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  655.448854][T20168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  655.448863][T20168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  655.448890][T20168]  </TASK>
[  655.623126][T20172] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3168'.
[  656.165136][T20185] lo speed is unknown, defaulting to 1000
[  656.168528][T20185] lo speed is unknown, defaulting to 1000
[  656.453550][T20201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3178'.
[  656.466551][T20201] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  656.486775][   T54] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  656.658042][   T54] usb 7-1: Using ep0 maxpacket: 8
[  656.669043][T20205] netlink: 'syz.0.3180': attribute type 1 has an invalid length.
[  656.677553][   T54] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  656.680454][   T54] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  656.683674][   T54] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  656.687894][   T54] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  656.691134][   T54] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  656.695285][   T54] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  656.698575][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.728836][T20205] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  656.732574][T20205] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  656.773612][T20210] bond1: (slave bridge1): Enslaving as an active interface with a down link
[  656.912403][   T54] usb 7-1: usb_control_msg returned -32
[  656.914364][   T54] usbtmc 7-1:16.0: can't read capabilities
[  656.946779][ T6021] usb 6-1: new low-speed USB device number 24 using dummy_hcd
[  657.108344][ T6021] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  657.112096][ T6021] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  657.115556][ T6021] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  657.120412][ T6021] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  657.124296][ T6021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.137178][T20209] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  657.142514][ T6021] hub 6-1:1.0: bad descriptor, ignoring hub
[  657.145173][ T6021] hub 6-1:1.0: probe with driver hub failed with error -5
[  657.150236][ T6021] cdc_wdm 6-1:1.0: skipping garbage
[  657.152385][ T6021] cdc_wdm 6-1:1.0: skipping garbage
[  657.157066][ T6021] cdc_wdm 6-1:1.0: cdc-wdm1: USB WDM device
[  657.159753][ T6021] cdc_wdm 6-1:1.0: Unknown control protocol
[  657.221726][T20196] usbtmc 7-1:16.0: usb_control_msg returned -71
[  657.221881][   T34] usb 7-1: USB disconnect, device number 11
[  657.224180][T20198] usbtmc 7-1:16.0: send_request_dev_dep_msg_in returned -19
[  657.446982][ T6010] usb 6-1: USB disconnect, device number 24
[  657.733280][T20225] netlink: 15678 bytes leftover after parsing attributes in process `syz.0.3185'.
[  657.758889][T20227] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3186'.
[  657.764053][T20227] tmpfs: Group quota inode hardlimit too large.
[  657.806913][ T6021] usb 6-1: new low-speed USB device number 25 using dummy_hcd
[  657.862678][T20230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3187'.
[  657.968113][ T6021] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  657.972157][ T6021] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  657.975392][ T6021] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  657.979306][ T6021] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  657.982464][ T6021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.063538][T20203] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  658.073161][ T6021] hub 6-1:1.0: bad descriptor, ignoring hub
[  658.075859][ T6021] hub 6-1:1.0: probe with driver hub failed with error -5
[  658.080221][ T6021] cdc_wdm 6-1:1.0: skipping garbage
[  658.082816][ T6021] cdc_wdm 6-1:1.0: skipping garbage
[  658.086848][ T6021] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  658.090996][ T6021] cdc_wdm 6-1:1.0: Unknown control protocol
[  658.296871][T20231] netlink: 292 bytes leftover after parsing attributes in process `syz.0.3185'.
[  658.300968][T20231] openvswitch: netlink: Flow key attr not present in new flow.
[  658.366782][T20231] XFS (nbd0): SB validate failed with error -5.
[  658.387826][ T6021] usb 6-1: USB disconnect, device number 25
[  658.861264][T20245] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3189'.
[  658.947921][T20249] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3188'.
[  659.413778][T20253] syz.3.3192 (20253): drop_caches: 2
[  660.503762][   T40] kauditd_printk_skb: 99 callbacks suppressed
[  660.503797][   T40] audit: type=1326 audit(1772539835.593:25595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.1.3193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000
[  660.516047][   T40] audit: type=1326 audit(1772539835.593:25596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20255 comm="syz.1.3193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000
[  660.582395][T20266] veth0_to_hsr: Caught tx_queue_len zero misconfig
[  660.606398][T20268] Invalid logical block size (65466)
[  660.872670][T20275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3199'.
[  660.903593][T20276] netlink: 'syz.3.3198': attribute type 4 has an invalid length.
[  661.655501][T20274] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  661.659125][T20274] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  662.482071][T20274] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  662.484574][T20274] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  662.503881][T20274] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  662.527927][T20274] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  662.530204][T20274] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  662.537870][T20274] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  662.901496][   T40] audit: type=1326 audit(1772539837.993:25597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.910247][   T40] audit: type=1326 audit(1772539837.993:25598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.918426][ T5292] Bluetooth: hci4: command 0x0406 tx timeout
[  662.921725][   T40] audit: type=1326 audit(1772539837.993:25599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.931254][   T40] audit: type=1326 audit(1772539837.993:25600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.940539][   T40] audit: type=1326 audit(1772539837.993:25601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.950136][   T40] audit: type=1326 audit(1772539837.993:25602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.959940][   T40] audit: type=1326 audit(1772539837.993:25603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.968732][   T40] audit: type=1326 audit(1772539837.993:25604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20296 comm="syz.3.3207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  662.976837][   T10] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  663.128541][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  663.133410][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  663.139230][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  663.143525][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  663.151833][   T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  663.155388][   T10] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  663.159972][   T10] usb 5-1: Manufacturer: syz
[  663.163035][   T10] usb 5-1: config 0 descriptor??
[  663.589014][   T10] hid_parser_main: 12 callbacks suppressed
[  663.589036][   T10] appleir 0003:05AC:8243.0038: unknown main item tag 0x0
[  663.593900][T20308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  663.598224][T20308] syzkaller0: entered promiscuous mode
[  663.600463][T20308] syzkaller0: entered allmulticast mode
[  663.618202][   T10] appleir 0003:05AC:8243.0038: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  663.619697][T20308] tipc: Resetting bearer <eth:syzkaller0>
[  663.631000][T20307] tipc: Resetting bearer <eth:syzkaller0>
[  663.649689][T20307] tipc: Disabling bearer <eth:syzkaller0>
[  664.093134][T20325] 9p: Bad value for 'wfdno'
[  664.094445][T20320] netlink: 'syz.3.3213': attribute type 1 has an invalid length.
[  664.098969][T20320] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3213'.
[  664.133951][ T6021] usb 5-1: USB disconnect, device number 19
[  664.199466][T20327] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3215'.
[  664.280032][T20329] loop5: detected capacity change from 0 to 7
[  664.285945][T18456] Dev loop5: unable to read RDB block 7
[  664.288493][T18456]  loop5: unable to read partition table
[  664.290544][T18456] loop5: partition table beyond EOD, truncated
[  664.297132][T20329] Dev loop5: unable to read RDB block 7
[  664.299237][T20329]  loop5: unable to read partition table
[  664.301339][T20329] loop5: partition table beyond EOD, truncated
[  664.303611][T20329] loop_reread_partitions: partition scan of loop5 (�被x������ ) failed (rc=-5)
[  664.506987][ T5292] Bluetooth: hci3: command 0x0c1a tx timeout
[  664.586919][ T5292] Bluetooth: hci2: command 0x0401 tx timeout
[  664.821505][T20342] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3220'.
[  664.996765][ T5292] Bluetooth: hci4: command 0x0406 tx timeout
[  665.622138][T18677] cgroup: fork rejected by pids controller in /syz1
[  665.972204][T20359] overlayfs: failed to resolve './file1': -2
[  665.976635][T20359] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3226'.
[  666.153396][ T1188] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.239495][ T1188] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.387996][T20367] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3230'.
[  666.410062][ T1188] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.486282][T20376] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3230'.
[  666.533640][T16674] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  666.542403][T16674] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  666.542744][ T1188] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.551782][T16674] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  666.555406][T16674] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  666.560311][T16674] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  666.595930][T20375] lo speed is unknown, defaulting to 1000
[  666.598463][ T5292] Bluetooth: hci3: command 0x0c1a tx timeout
[  666.605083][T20375] lo speed is unknown, defaulting to 1000
[  666.807017][   T54] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  666.888028][ T1188] bridge_slave_1: left allmulticast mode
[  666.890260][ T1188] bridge_slave_1: left promiscuous mode
[  666.892811][ T1188] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.898932][ T1188] bridge_slave_0: left allmulticast mode
[  666.901231][ T1188] bridge_slave_0: left promiscuous mode
[  666.903788][ T1188] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.950021][   T40] kauditd_printk_skb: 120 callbacks suppressed
[  666.950035][   T40] audit: type=1326 audit(1772539842.043:25725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  666.960588][   T40] audit: type=1326 audit(1772539842.053:25726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  666.968595][   T40] audit: type=1326 audit(1772539842.063:25727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  666.976133][   T40] audit: type=1326 audit(1772539842.063:25728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  666.978555][   T54] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  666.983526][   T40] audit: type=1326 audit(1772539842.083:25729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  666.987809][   T54] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  666.998991][   T54] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  667.002492][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.012283][   T40] audit: type=1326 audit(1772539842.093:25730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  667.017312][T20379] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  667.026143][   T54] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  667.031029][   T40] audit: type=1326 audit(1772539842.093:25731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  667.043373][   T40] audit: type=1326 audit(1772539842.113:25732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  667.050668][   T40] audit: type=1326 audit(1772539842.113:25733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  667.058511][   T40] audit: type=1326 audit(1772539842.113:25734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20385 comm="syz.2.3234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4f6c code=0x7ffc0000
[  667.160394][ T1188] bond1 (unregistering): (slave ip6erspan0): Releasing active interface
[  667.249023][ T5938] usb 5-1: USB disconnect, device number 20
[  667.407507][ T1188] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  667.414266][ T1188] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  667.420357][ T1188] bond0 (unregistering): Released all slaves
[  667.428172][ T1188] bond1 (unregistering): Released all slaves
[  667.753385][T20375] chnl_net:caif_netlink_parms(): no params data found
[  667.892694][ T1188] tipc: Left network mode
[  668.028090][T20411] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  668.028473][T20375] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.030993][T20411] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  668.034051][T20375] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.040186][T20375] bridge_slave_0: entered allmulticast mode
[  668.063576][T20375] bridge_slave_0: entered promiscuous mode
[  668.069043][T20411] vhci_hcd vhci_hcd.0: Device attached
[  668.070448][T20375] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.074425][T20375] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.077644][T20375] bridge_slave_1: entered allmulticast mode
[  668.081683][T20375] bridge_slave_1: entered promiscuous mode
[  668.173467][T20375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  668.189369][T20375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  668.227742][T20375] team0: Port device team_slave_0 added
[  668.268690][ T1188] hsr_slave_0: left promiscuous mode
[  668.283737][ T1188] hsr_slave_1: left promiscuous mode
[  668.287087][ T1188] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  668.290318][ T1188] batman_adv: batadv0: Removing interface: batadv_slave_0
[  668.304620][ T1188] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  668.306817][ T5938] usb 43-1: new high-speed USB device number 3 using vhci_hcd
[  668.311621][ T1188] batman_adv: batadv0: Removing interface: batadv_slave_1
[  668.340449][ T1188] veth1_macvtap: left promiscuous mode
[  668.342310][ T1188] veth0_macvtap: left promiscuous mode
[  668.344199][ T1188] veth1_vlan: left promiscuous mode
[  668.346112][ T1188] veth0_vlan: left promiscuous mode
[  668.575963][ T1188] team_slave_1 (unregistering): left promiscuous mode
[  668.582448][ T1188] team_slave_1 (unregistering): left allmulticast mode
[  668.586613][ T1188] team0 (unregistering): Port device team_slave_1 removed
[  668.589514][ T5292] Bluetooth: hci1: command tx timeout
[  668.599430][ T1188] team_slave_0 (unregistering): left promiscuous mode
[  668.601909][ T1188] team_slave_0 (unregistering): left allmulticast mode
[  668.604996][ T1188] team0 (unregistering): Port device team_slave_0 removed
[  668.667252][ T5292] Bluetooth: hci3: command 0x0c1a tx timeout
[  668.738280][T20375] team0: Port device team_slave_1 added
[  668.750224][  T827] lo speed is unknown, defaulting to 1000
[  668.752584][  T827] syz0: Port: 1 Link DOWN
[  668.814210][T20375] batman_adv: batadv0: Adding interface: batadv_slave_0
[  668.818973][T20375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.828135][T20375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  668.833777][T20375] batman_adv: batadv0: Adding interface: batadv_slave_1
[  668.838365][T20375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.849818][T20375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  668.885455][T20412] vhci_hcd: connection reset by peer
[  668.928372][   T12] vhci_hcd vhci_hcd.3: stop threads
[  668.930126][   T12] vhci_hcd vhci_hcd.3: release socket
[  668.935938][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  669.075018][T20375] hsr_slave_0: entered promiscuous mode
[  669.077849][T20375] hsr_slave_1: entered promiscuous mode
[  669.114035][T20447] geneve3: entered allmulticast mode
[  669.444134][ T1188] IPVS: stop unused estimator thread 0...
[  669.845953][T20375] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  669.851472][T20375] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  669.858908][T20375] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  669.864145][T20375] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  669.970204][T20375] 8021q: adding VLAN 0 to HW filter on device bond0
[  669.988412][T20375] 8021q: adding VLAN 0 to HW filter on device team0
[  669.995856][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  669.998633][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  670.006410][ T1188] bridge0: port 2(bridge_slave_1) entered blocking state
[  670.008860][ T1188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  670.140375][T20507] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  670.141893][T20511] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3253'.
[  670.181853][T20375] 8021q: adding VLAN 0 to HW filter on device batadv0
[  670.191081][T20514] Bluetooth: hci0: invalid len left 7, exp >= 67
[  670.216259][T20375] veth0_vlan: entered promiscuous mode
[  670.223019][T20375] veth1_vlan: entered promiscuous mode
[  670.238536][T20375] veth0_macvtap: entered promiscuous mode
[  670.242648][T20375] veth1_macvtap: entered promiscuous mode
[  670.253302][T20375] batman_adv: batadv0: Interface activated: batadv_slave_0
[  670.266062][T20375] batman_adv: batadv0: Interface activated: batadv_slave_1
[  670.275611][ T1188] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  670.281586][  T467] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  670.286380][  T467] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  670.292885][  T467] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.367034][  T467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  670.369818][  T467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  670.386075][  T467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  670.389025][  T467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  670.569460][T20529] CIFS mount error: No usable UNC path provided in device string!
[  670.569460][T20529] 
[  670.574021][T20529] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  670.666837][ T5292] Bluetooth: hci1: command tx timeout
[  670.865169][T20532] lo speed is unknown, defaulting to 1000
[  671.960667][   T40] kauditd_printk_skb: 101 callbacks suppressed
[  671.960680][   T40] audit: type=1326 audit(1772539847.053:25836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  671.970382][   T40] audit: type=1326 audit(1772539847.063:25837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  671.987715][   T40] audit: type=1326 audit(1772539847.083:25838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  671.995071][   T40] audit: type=1326 audit(1772539847.083:25839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.006823][   T40] audit: type=1326 audit(1772539847.083:25840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.014361][   T40] audit: type=1326 audit(1772539847.083:25841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.029652][   T40] audit: type=1326 audit(1772539847.083:25842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.042528][   T40] audit: type=1326 audit(1772539847.083:25843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.066645][   T40] audit: type=1326 audit(1772539847.083:25844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.126914][T20548] random: crng reseeded on system resumption
[  672.145858][   T40] audit: type=1326 audit(1772539847.083:25845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20539 comm="syz.1.3261" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  672.746978][ T5292] Bluetooth: hci1: command tx timeout
[  672.776964][T20556] netlink: 'syz.0.3264': attribute type 3 has an invalid length.
[  672.988673][T20573] bridge0: entered allmulticast mode
[  672.994790][T20573] bridge_slave_1: left allmulticast mode
[  673.307624][T20573] bridge_slave_1: left promiscuous mode
[  673.328788][T20573] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.820695][T20573] bridge_slave_0: left allmulticast mode
[  673.823770][T20573] bridge_slave_0: left promiscuous mode
[  673.827939][T20573] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.341513][ T5938] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  674.358833][T20587] sp0: Synchronizing with TNC
[  674.745500][T20605] netlink: 'syz.3.3277': attribute type 13 has an invalid length.
[  674.826836][ T5292] Bluetooth: hci1: command tx timeout
[  675.100339][T20609] netlink: 'syz.1.3279': attribute type 13 has an invalid length.
[  676.110266][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.113036][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.115464][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.126763][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.129271][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.147749][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.150378][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.152934][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.155325][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.179543][   T24] hid-generic 0103:0004:0000.0039: unknown main item tag 0x0
[  676.194505][   T24] hid-generic 0103:0004:0000.0039: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  676.268344][T20625] netlink: 'syz.0.3283': attribute type 13 has an invalid length.
[  676.396368][T20623] fido_id[20623]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  676.668908][T20632] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  677.060102][T20628] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3285'.
[  677.444802][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  677.444816][   T40] audit: type=1326 audit(1772539852.433:25862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.454353][   T40] audit: type=1326 audit(1772539852.433:25863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.465703][   T40] audit: type=1326 audit(1772539852.433:25864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.526002][   T40] audit: type=1326 audit(1772539852.433:25865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.555813][   T40] audit: type=1326 audit(1772539852.433:25866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.567172][   T40] audit: type=1326 audit(1772539852.433:25867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.576845][   T40] audit: type=1326 audit(1772539852.433:25868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.596862][   T40] audit: type=1326 audit(1772539852.433:25869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.605039][   T40] audit: type=1326 audit(1772539852.433:25870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  677.614113][   T40] audit: type=1326 audit(1772539852.433:25871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.3.3287" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  678.146522][ T5938] hid-generic 0103:0004:0000.003A: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  678.242994][T20661] fido_id[20661]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  678.661220][T20669] random: crng reseeded on system resumption
[  678.773238][T20671] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3297'.
[  678.790976][T20673] wg1: entered promiscuous mode
[  678.792962][T20673] wg1: entered allmulticast mode
[  678.835701][T20675] netlink: 'syz.2.3298': attribute type 1 has an invalid length.
[  678.850554][T20675] 8021q: adding VLAN 0 to HW filter on device bond2
[  678.857513][T20675] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode
[  678.864280][T20675] bond2: (slave wlan0): Enslaving as an active interface with a down link
[  679.074580][T20680] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  680.613836][T15700] hid-generic 0103:0004:0000.003B: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  680.955953][  T827] hid-generic 0103:0004:0000.003C: hidraw2: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  680.994176][T20704] fido_id[20704]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  681.038897][T20710] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3307'.
[  682.508918][  T827] hid_parser_main: 34 callbacks suppressed
[  682.508938][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.519665][ T5938] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  682.525577][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.529365][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.532047][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.534651][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.538102][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.540893][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.543438][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.545967][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.549254][  T827] hid-generic 0103:0004:0000.003D: unknown main item tag 0x0
[  682.556673][  T827] hid-generic 0103:0004:0000.003D: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  682.670624][ T5938] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  682.675108][ T5938] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  682.686127][ T5938] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  682.715178][   T40] kauditd_printk_skb: 168 callbacks suppressed
[  682.715195][   T40] audit: type=1326 audit(1772539857.803:26040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.720431][ T5938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  682.730234][   T40] audit: type=1326 audit(1772539857.823:26041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.745186][   T40] audit: type=1326 audit(1772539857.833:26042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.766986][   T40] audit: type=1326 audit(1772539857.853:26043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.779006][   T40] audit: type=1326 audit(1772539857.853:26044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.792917][   T40] audit: type=1326 audit(1772539857.853:26045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.802815][   T40] audit: type=1326 audit(1772539857.853:26046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.812630][   T40] audit: type=1326 audit(1772539857.873:26047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.830620][   T40] audit: type=1326 audit(1772539857.873:26048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.838174][   T40] audit: type=1326 audit(1772539857.883:26049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20735 comm="syz.3.3314" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  682.838333][ T5938] usb 6-1: SerialNumber: syz
[  683.372439][T20742] fido_id[20742]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  683.472292][T20751] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3319'.
[  684.290553][T20771] lo speed is unknown, defaulting to 1000
[  685.354217][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  685.559646][   T24] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  686.634793][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.637711][ T5938] usb 6-1: cannot find UAC_HEADER
[  686.638782][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.648300][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.652886][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.658575][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.675556][ T5938] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  686.676386][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.690344][ T5938] usb 6-1: USB disconnect, device number 26
[  686.690719][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.697989][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.702669][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.707241][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.712401][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.717719][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.727228][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.731135][T18456] udevd[18456]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  686.731779][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.802738][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  686.809244][   T24] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  686.815197][   T24] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  686.820287][   T24] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  686.823055][   T24] usb 5-1: Product: syz
[  686.824340][   T24] usb 5-1: Manufacturer: syz
[  686.825982][   T24] usb 5-1: SerialNumber: syz
[  686.834812][   T24] usb 5-1: config 0 descriptor??
[  687.063177][T20793] FAULT_INJECTION: forcing a failure.
[  687.063177][T20793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  687.068017][T20793] CPU: 1 UID: 0 PID: 20793 Comm: syz.1.3330 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  687.068038][T20793] Tainted: [L]=SOFTLOCKUP
[  687.068042][T20793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  687.068049][T20793] Call Trace:
[  687.068054][T20793]  <TASK>
[  687.068060][T20793]  dump_stack_lvl+0x100/0x190
[  687.068083][T20793]  should_fail_ex.cold+0x5/0xa
[  687.068098][T20793]  _copy_to_iter+0x5a4/0x1720
[  687.068120][T20793]  ? __pfx__copy_to_iter+0x10/0x10
[  687.068135][T20793]  ? print_binder_state+0x260/0x360
[  687.068155][T20793]  ? print_binder_state+0x2ea/0x360
[  687.068171][T20793]  seq_read_iter+0xdab/0x1270
[  687.068195][T20793]  seq_read+0x33b/0x4c0
[  687.068211][T20793]  ? __pfx_seq_read+0x10/0x10
[  687.068237][T20793]  full_proxy_read+0x135/0x1a0
[  687.068250][T20793]  ? __pfx_full_proxy_read+0x10/0x10
[  687.068264][T20793]  vfs_read+0x1e4/0xb30
[  687.068283][T20793]  ? __pfx_vfs_read+0x10/0x10
[  687.068299][T20793]  ? __fget_files+0x215/0x3d0
[  687.068319][T20793]  ? __fget_files+0x21f/0x3d0
[  687.068339][T20793]  ksys_read+0x12a/0x250
[  687.068355][T20793]  ? __pfx_ksys_read+0x10/0x10
[  687.068371][T20793]  ? __pfx_ksys_write+0x10/0x10
[  687.068391][T20793]  __do_fast_syscall_32+0xe3/0x8c0
[  687.068408][T20793]  do_fast_syscall_32+0x32/0x70
[  687.068421][T20793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  687.068435][T20793] RIP: 0023:0xf7f34f6c
[  687.068446][T20793] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  687.068456][T20793] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000003
[  687.068473][T20793] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000480
[  687.068480][T20793] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  687.068486][T20793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  687.068492][T20793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  687.068498][T20793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  687.068512][T20793]  </TASK>
[  687.173082][ T5938] hid-generic 0103:0004:0000.003E: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  687.217367][T20796] fido_id[20796]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  687.726234][   T40] kauditd_printk_skb: 101 callbacks suppressed
[  687.726245][   T40] audit: type=1326 audit(1772539862.813:26151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.743734][   T40] audit: type=1326 audit(1772539862.833:26152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.761158][   T40] audit: type=1326 audit(1772539862.853:26153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.771276][   T40] audit: type=1326 audit(1772539862.863:26154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.782773][   T40] audit: type=1326 audit(1772539862.873:26155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.806070][   T40] audit: type=1326 audit(1772539862.893:26156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.837071][   T40] audit: type=1326 audit(1772539862.893:26157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.845795][   T40] audit: type=1326 audit(1772539862.893:26158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.853423][   T40] audit: type=1326 audit(1772539862.913:26159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  687.860886][   T40] audit: type=1326 audit(1772539862.913:26160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20809 comm="syz.1.3336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  688.446813][ T5938] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  688.596808][ T5938] usb 7-1: Using ep0 maxpacket: 8
[  688.600474][ T5938] usb 7-1: config 1 interface 0 altsetting 22 bulk endpoint 0x82 has invalid maxpacket 16
[  688.603798][ T5938] usb 7-1: config 1 interface 0 altsetting 22 endpoint 0x3 has invalid maxpacket 1600, setting to 1024
[  688.608423][ T5938] usb 7-1: config 1 interface 0 altsetting 22 bulk endpoint 0x3 has invalid maxpacket 1024
[  688.611936][ T5938] usb 7-1: config 1 interface 0 has no altsetting 0
[  688.615898][ T5938] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  688.651900][ T5938] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.654646][ T5938] usb 7-1: Product: э
[  688.656633][ T5938] usb 7-1: Manufacturer: 圐ꬿ䞏⽀뼱迥₏聭集믇⊸晡䥹ゞ괒礲Ά㺿魣쎜嬼໬폣例뫨ꇆ갰澫䈰緽嘬濭愈擄劆㓑ꄵ㹛ᯓ㣒䀙쨓ੇ鉃碛Ờ䞡㰲蟦릟໩횭똳哠덮섆ß᪂ቶ꘏襮類꺈ŗ䚰ꧥ㞖歉⎷⮱∣埡ḓ⌨䀟⛎ူ
[  688.702295][ T5938] usb 7-1: SerialNumber: 㠊
[  689.648924][T20831] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  689.651527][T20831] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  689.992778][ T6010] usb 5-1: USB disconnect, device number 21
[  690.088467][T20862] lo speed is unknown, defaulting to 1000
[  690.168790][ T5938] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71
[  690.200421][ T5938] usb 7-1: USB disconnect, device number 12
[  690.424430][ T5938] hid_parser_main: 12 callbacks suppressed
[  690.424452][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.436911][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.440388][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  690.440666][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.442674][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  690.445916][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.445943][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.445964][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.484336][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.487347][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.490112][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.492717][ T5938] hid-generic 0103:0004:0000.003F: unknown main item tag 0x0
[  690.514878][ T5938] hid-generic 0103:0004:0000.003F: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  690.531717][T20875] fido_id[20875]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  690.923455][T20852] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  690.928159][T20852] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  690.947291][T20879] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  691.059774][T20879] lo speed is unknown, defaulting to 1000
[  691.145973][T20879] lo speed is unknown, defaulting to 1000
[  692.016932][ T6021] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  692.178234][ T6021] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  692.182767][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.187921][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.193105][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.197951][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.203194][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.208944][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.214928][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.220300][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.225874][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.230820][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.235908][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.240647][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.246829][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.251445][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.256501][ T6021] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.261454][ T6021] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  692.268179][ T6021] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  692.272229][ T6021] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  692.275896][ T6021] usb 7-1: Product: syz
[  692.278216][ T6021] usb 7-1: Manufacturer: syz
[  692.280651][ T6021] usb 7-1: SerialNumber: syz
[  692.285776][ T6021] usb 7-1: config 0 descriptor??
[  692.446998][T15700] IPVS: starting estimator thread 0...
[  692.467848][T20903] netlink: 'syz.3.3351': attribute type 11 has an invalid length.
[  692.470498][T20903] netlink: 199828 bytes leftover after parsing attributes in process `syz.3.3351'.
[  692.541885][T20908] IPVS: using max 39 ests per chain, 93600 per kthread
[  692.574853][T20912] lo speed is unknown, defaulting to 1000
[  693.079897][T15700] hid-generic 0103:0004:0000.0040: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  693.130247][T20920] fido_id[20920]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  693.456208][   T40] kauditd_printk_skb: 106 callbacks suppressed
[  693.456223][   T40] audit: type=1326 audit(1772539868.523:26267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.466004][   T40] audit: type=1326 audit(1772539868.523:26268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.545785][   T40] audit: type=1326 audit(1772539868.523:26269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.553055][   T40] audit: type=1326 audit(1772539868.523:26270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.565448][   T40] audit: type=1326 audit(1772539868.523:26271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.575886][   T40] audit: type=1326 audit(1772539868.523:26272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.585485][   T40] audit: type=1326 audit(1772539868.523:26273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.594899][   T40] audit: type=1326 audit(1772539868.523:26274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.602426][   T40] audit: type=1326 audit(1772539868.523:26275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  693.616968][   T40] audit: type=1326 audit(1772539868.523:26276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20929 comm="syz.3.3354" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  694.465479][ T5938] libceph: connect (1)[c::]:6789 error -101
[  694.495405][ T5938] libceph: mon0 (1)[c::]:6789 connect error
[  694.510591][T20938] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.513651][T20938] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.581930][T20938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  694.602772][T20959] ceph: No mds server is up or the cluster is laggy
[  694.648751][T20938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  694.718634][T20971] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  694.721893][T20971] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  694.816923][T20971] vhci_hcd vhci_hcd.0: Device attached
[  694.838597][   T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.848813][   T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.852336][   T12] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.877713][   T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  694.887639][ T6110] usb 7-1: USB disconnect, device number 13
[  694.919046][T20971] random: crng reseeded on system resumption
[  694.986121][T20994] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  695.086938][  T827] usb 44-1: SetAddress Request (15) to port 0
[  695.089522][  T827] usb 44-1: new SuperSpeed USB device number 15 using vhci_hcd
[  695.297919][T20976] vhci_hcd: connection reset by peer
[  695.317521][  T467] vhci_hcd vhci_hcd.3: stop threads
[  695.319632][  T467] vhci_hcd vhci_hcd.3: release socket
[  695.324878][  T467] vhci_hcd vhci_hcd.3: disconnect device
[  695.751590][ T6110] hid_parser_main: 12 callbacks suppressed
[  695.751607][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.756655][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.767092][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.769850][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.772585][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.775243][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.779297][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.781915][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.784571][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.788678][ T6110] hid-generic 0103:0004:0000.0041: unknown main item tag 0x0
[  695.796385][ T6110] hid-generic 0103:0004:0000.0041: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  695.841149][T21002] fido_id[21002]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  696.080259][T21006] netlink: 'syz.0.3362': attribute type 11 has an invalid length.
[  696.083899][T21006] netlink: 199828 bytes leftover after parsing attributes in process `syz.0.3362'.
[  696.109816][T21008] 0x000000000007-0x000000020007 : ""
[  696.112432][T21008] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fff9
[  696.120846][T21008] ftl_cs: FTL header corrupt!
[  696.972672][ T6110] libceph: connect (1)[c::]:6789 error -101
[  696.975709][ T6110] libceph: mon0 (1)[c::]:6789 connect error
[  697.249785][ T6110] libceph: connect (1)[c::]:6789 error -101
[  698.167344][ T6110] libceph: mon0 (1)[c::]:6789 connect error
[  698.171786][T21022] ceph: No mds server is up or the cluster is laggy
[  698.697748][ T6010] hid-generic 0103:0004:0000.0042: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  698.858390][T21042] fido_id[21042]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  700.887009][  T827] usb 44-1: device descriptor read/8, error -110
[  700.942677][T21044] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  700.945761][T21044] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  700.949618][T21044] vhci_hcd vhci_hcd.0: Device attached
[  700.965793][T21063] vhci_hcd: connection closed
[  700.966187][T20849] vhci_hcd vhci_hcd.1: stop threads
[  700.970238][T20849] vhci_hcd vhci_hcd.1: release socket
[  700.972085][T20849] vhci_hcd vhci_hcd.1: disconnect device
[  701.118398][T21071] afs: Unknown parameter 'appraise_type'
[  701.279147][  T827] usb usb44-port1: attempt power cycle
[  701.309344][T21075] overlayfs: failed to resolve './file1': -2
[  701.624296][ T6110] hid_parser_main: 12 callbacks suppressed
[  701.624324][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.631125][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.634553][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.641279][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.644027][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.647062][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.650219][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.656018][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.659299][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.661951][ T6110] hid-generic 0103:0004:0000.0043: unknown main item tag 0x0
[  701.666228][ T6110] hid-generic 0103:0004:0000.0043: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  701.711126][T21082] fido_id[21082]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  701.837307][  T827] usb usb44-port1: unable to enumerate USB device
[  702.793107][T21107] netlink: 'syz.2.3391': attribute type 2 has an invalid length.
[  702.994632][ T6110] hid-generic 0103:0004:0000.0044: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  703.087130][T21110] fido_id[21110]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  703.105308][T21107] netlink: 'syz.2.3391': attribute type 2 has an invalid length.
[  704.437630][T21123] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  706.825191][   T40] kauditd_printk_skb: 81 callbacks suppressed
[  706.825207][   T40] audit: type=1326 audit(1772539881.913:26358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.838867][   T40] audit: type=1326 audit(1772539881.913:26359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.881925][   T40] audit: type=1326 audit(1772539881.933:26360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.894248][   T40] audit: type=1326 audit(1772539881.933:26361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.912770][   T40] audit: type=1326 audit(1772539881.933:26362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.925937][   T40] audit: type=1326 audit(1772539881.943:26363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  706.996838][   T40] audit: type=1326 audit(1772539881.943:26364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  707.038665][   T40] audit: type=1326 audit(1772539881.943:26365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  707.048264][   T40] audit: type=1326 audit(1772539881.943:26366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  707.058149][   T40] audit: type=1326 audit(1772539881.943:26367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21138 comm="syz.3.3401" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf70cef6c code=0x7ffc0000
[  707.768126][T21155] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3404'.
[  708.110943][T21172] input: syz1 as /devices/virtual/input/input19
[  708.141114][T21172] bridge: RTM_NEWNEIGH with invalid state 0x8
[  709.286054][T21184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3414'.
[  711.093860][T21221] netfs: Couldn't get user pages (rc=-14)
[  711.178194][T21224] lo: Caught tx_queue_len zero misconfig
[  711.183215][T21224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3431'.
[  712.402035][   T24] hid_parser_main: 12 callbacks suppressed
[  712.402058][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.416811][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.420858][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.424544][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.431023][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.434304][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.441178][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.444326][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.450356][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.455201][   T24] hid-generic 0103:0004:0000.0045: unknown main item tag 0x0
[  712.484255][   T24] hid-generic 0103:0004:0000.0045: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  712.515176][T21245] fido_id[21245]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  713.139338][T21262] netlink: 'syz.1.3435': attribute type 27 has an invalid length.
[  714.137055][T21264] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  714.140670][T21264] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  714.146809][T21264] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  714.149996][T21264] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  714.161499][T21264] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  714.577196][  T827] hid-generic 0103:0004:0000.0046: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  714.624494][T21296] fido_id[21296]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  715.146846][  T827] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  715.306883][  T827] usb 5-1: Using ep0 maxpacket: 8
[  715.311237][  T827] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  715.315304][  T827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  715.320291][  T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  715.325084][  T827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  715.329561][  T827] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  715.335544][  T827] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  715.340558][  T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.466930][ T5292] Bluetooth: hci4: command 0x0406 tx timeout
[  715.549923][  T827] usb 5-1: usb_control_msg returned -32
[  715.552737][  T827] usbtmc 5-1:16.0: can't read capabilities
[  715.920067][   T24] usb 5-1: USB disconnect, device number 22
[  716.029097][T21315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3448'.
[  716.186870][ T5292] Bluetooth: hci3: command 0x0c1a tx timeout
[  716.197788][T21320] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3450'.
[  716.199698][ T5292] Bluetooth: hci1: command 0x0c1a tx timeout
[  716.253406][T21322] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3451'.
[  716.580715][T21327] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3451'.
[  716.589144][   T24] hid-generic 0103:0004:0000.0047: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  716.632243][T21330] fido_id[21330]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  716.746199][T21338] netlink: 'syz.0.3455': attribute type 5 has an invalid length.
[  716.881544][T21327] wg1: left promiscuous mode
[  716.885663][T21327] wg1: left allmulticast mode
[  716.894338][T21327] mac80211_hwsim hwsim16 wlan0: left promiscuous mode
[  716.900524][T21327] bridge1: left promiscuous mode
[  716.906197][T21327] geneve3: left allmulticast mode
[  717.460367][  T827] hid_parser_main: 23 callbacks suppressed
[  717.460390][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.492051][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.495315][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.503127][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.506575][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.510330][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.513948][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.517746][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.521394][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.525050][  T827] hid-generic 0103:0004:0000.0048: unknown main item tag 0x0
[  717.535417][  T827] hid-generic 0103:0004:0000.0048: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  718.006647][T21372] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  718.199856][T21364] fido_id[21364]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  718.267250][ T5292] Bluetooth: hci1: command 0x0c1a tx timeout
[  718.656538][T21380] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3466'.
[  718.664189][T21380] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3466'.
[  718.671555][T21380] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3466'.
[  718.733368][T21385] fuse: Unknown parameter '�d'
[  719.497240][   T24] hid-generic 0103:0004:0000.0049: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  719.622949][T21401] fido_id[21401]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  719.681046][T21404] mmap: syz.2.3475 (21404): VmData 45760512 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data.
[  720.347068][ T5292] Bluetooth: hci1: command 0x0c1a tx timeout
[  720.908366][T21424] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  721.210372][ T5938] hid-generic 0103:0004:0000.004A: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  721.733563][T21440] fido_id[21440]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  722.858756][T21480] lo speed is unknown, defaulting to 1000
[  722.883765][   T24] hid_parser_main: 23 callbacks suppressed
[  722.883779][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.888863][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.891425][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.893980][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.909806][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.912333][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.915015][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.918971][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.921857][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.924421][   T24] hid-generic 0103:0004:0000.004B: unknown main item tag 0x0
[  722.928077][   T24] hid-generic 0103:0004:0000.004B: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  722.982956][T21485] fido_id[21485]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  723.146800][   T24] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  723.298576][   T24] usb 7-1: config 0 has no interfaces?
[  723.302493][   T24] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  723.308950][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.315468][   T24] usb 7-1: Product: syz
[  723.317608][   T24] usb 7-1: Manufacturer: syz
[  723.319333][   T24] usb 7-1: SerialNumber: syz
[  723.324120][   T24] usb 7-1: config 0 descriptor??
[  723.553828][  T827] usb 7-1: USB disconnect, device number 14
[  723.935765][T21492] netlink: 'syz.0.3493': attribute type 3 has an invalid length.
[  724.144371][T21500] cgroup: fork rejected by pids controller in /syz3
[  724.941747][ T6110] hid-generic 0103:0004:0000.004C: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  725.032606][T22096] fido_id[22096]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  725.468937][T22135] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  725.471149][T22135] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  725.473679][T22135] vhci_hcd vhci_hcd.0: Device attached
[  725.503590][T22135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3506'.
[  725.506601][T22135] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3506'.
[  725.612541][T22142] smc: net device bond0 applied user defined pnetid SYZ2
[  725.616345][T22142] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3509'.
[  725.898140][T22142] smc: removing net device bond0 with user defined pnetid SYZ2
[  725.941902][T22142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  725.952039][T22142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  725.955948][T22142] bond0 (unregistering): Released all slaves
[  726.057092][  T827] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  726.059698][T22137] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  726.064608][T22136] vhci_hcd: connection closed
[  726.065727][T20849] vhci_hcd vhci_hcd.2: stop threads
[  726.071174][T20849] vhci_hcd vhci_hcd.2: release socket
[  726.074656][T20849] vhci_hcd vhci_hcd.2: disconnect device
[  726.241391][ T6010] hid-generic 0103:0004:0000.004D: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  726.308473][T22807] fido_id[22807]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  726.439549][   T40] kauditd_printk_skb: 133 callbacks suppressed
[  726.439563][   T40] audit: type=1326 audit(1772539901.513:26501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.458417][   T40] audit: type=1326 audit(1772539901.513:26502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.476074][   T40] audit: type=1326 audit(1772539901.513:26503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.489473][   T40] audit: type=1326 audit(1772539901.513:26504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.518509][   T40] audit: type=1326 audit(1772539901.513:26505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=283 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.537408][   T40] audit: type=1326 audit(1772539901.513:26506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.556748][   T40] audit: type=1326 audit(1772539901.523:26507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=287 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.582819][   T40] audit: type=1326 audit(1772539901.523:26508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.600080][   T40] audit: type=1326 audit(1772539901.523:26509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  726.613398][   T40] audit: type=1326 audit(1772539901.523:26510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22896 comm="syz.1.3512" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34f6c code=0x7ffc0000
[  727.430547][T23096] syz.0.3518 (23096): drop_caches: 2
[  727.757357][ T5938] hid-generic 0103:0004:0000.004E: hidraw1: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  727.820282][T23107] fido_id[23107]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  727.876923][T23110] siw: device registration error -23
[  727.965111][T23115] lo speed is unknown, defaulting to 1000
[  728.007666][T23118] netlink: 'syz.2.3522': attribute type 4 has an invalid length.
[  729.331226][T23116] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  729.333889][T23116] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  729.352930][T23116] vhci_hcd vhci_hcd.0: Device attached
[  729.384518][T23126] vhci_hcd: connection closed
[  729.384990][   T12] vhci_hcd vhci_hcd.1: stop threads
[  729.390044][   T12] vhci_hcd vhci_hcd.1: release socket
[  729.392445][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  729.916822][ T5292] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  730.852549][T23163] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3537'.
[  730.857145][T23163] netlink: 'syz.3.3537': attribute type 7 has an invalid length.
[  730.859881][T23163] netlink: 'syz.3.3537': attribute type 8 has an invalid length.
[  730.862378][T23163] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3537'.
[  730.902639][T23165] sit0: Caught tx_queue_len zero misconfig
[  731.149800][T23172] random: crng reseeded on system resumption
[  731.220130][T23170] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  731.222642][T23170] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  731.226198][T23170] vhci_hcd vhci_hcd.0: Device attached
[  731.293295][T23167] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  731.357476][  T827] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  731.507050][ T5938] usb 38-1: SetAddress Request (19) to port 0
[  731.509739][ T5938] usb 38-1: new SuperSpeed USB device number 19 using vhci_hcd
[  733.414808][T23174] vhci_hcd: connection reset by peer
[  733.417752][T20849] vhci_hcd vhci_hcd.0: stop threads
[  733.420167][T20849] vhci_hcd vhci_hcd.0: release socket
[  733.422852][T20849] vhci_hcd vhci_hcd.0: disconnect device
[  733.677511][T23192] overlay: Unknown parameter '/'
[  733.977194][ T5292] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  734.509782][T23205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3548'.
[  734.513774][T23205] netlink: 'syz.2.3548': attribute type 7 has an invalid length.
[  734.522740][T23205] netlink: 'syz.2.3548': attribute type 8 has an invalid length.
[  734.526164][T23205] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3548'.
[  735.189350][T23220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3546'.
[  736.141771][T23211] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  736.144843][T23211] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  736.149208][T23215] vhci_hcd: connection closed
[  736.149966][T23211] vhci_hcd vhci_hcd.0: Device attached
[  736.154903][T20859] vhci_hcd vhci_hcd.0: stop threads
[  736.159679][T20859] vhci_hcd vhci_hcd.0: release socket
[  736.162646][T20859] vhci_hcd vhci_hcd.0: disconnect device
[  737.343002][ T5938] usb 38-1: device descriptor read/8, error -110
[  738.481491][ T5938] usb usb38-port1: attempt power cycle
[  739.038466][ T5938] usb usb38-port1: unable to enumerate USB device
[  739.255488][T23261] syz.2.3563 (23261): drop_caches: 2
[  739.573400][T23273] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  740.078328][T23279] lo: Caught tx_queue_len zero misconfig
[  740.080747][T23279] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3569'.
[  740.085915][T23279] netlink: 'syz.2.3569': attribute type 1 has an invalid length.
[  740.104188][T23279] 8021q: adding VLAN 0 to HW filter on device bond3
[  741.028068][T23300] 9p: Unknown Cache mode or invalid value fscache�FlN]�5̷������Up���o;]S�0��&$>)����.Tfi� ��i��4��a6
��h�zB��NŮ�!��P��/VK6-���bͶJZsͩi\^�Z�(����ߘUe~��>J0��*+B�܃7�)����&�����x6�y@�j�1Ő��NlBC5/y��uaFMR�)f�xU�bR���~�������[����`�=�\���hM���b{w5��r���F�v'�1-�/��~�i~�Qƒ>��$���uF�5�/n;�(
[  742.961941][T23314] lo: Caught tx_queue_len zero misconfig
[  742.980023][T23315] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  742.982539][T23315] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  742.988782][T23315] vhci_hcd vhci_hcd.0: Device attached
[  742.994509][T23315] random: crng reseeded on system resumption
[  743.406805][T23316] vhci_hcd: connection closed
[  743.408280][T20854] vhci_hcd vhci_hcd.3: stop threads
[  743.412793][T20854] vhci_hcd vhci_hcd.3: release socket
[  743.414891][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  743.659704][T23334] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3585'.
[  744.287632][  T827] usb usb44-port1: attempt power cycle
[  744.857513][  T827] usb usb44-port1: unable to enumerate USB device
[  744.963169][T23351] FAULT_INJECTION: forcing a failure.
[  744.963169][T23351] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  744.970932][T23351] CPU: 1 UID: 0 PID: 23351 Comm: syz.2.3588 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  744.970955][T23351] Tainted: [L]=SOFTLOCKUP
[  744.970960][T23351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  744.970981][T23351] Call Trace:
[  744.970986][T23351]  <TASK>
[  744.970991][T23351]  dump_stack_lvl+0x100/0x190
[  744.971015][T23351]  should_fail_ex.cold+0x5/0xa
[  744.971030][T23351]  _copy_from_user+0x2e/0xd0
[  744.971050][T23351]  io_msg_copy_hdr.isra.0+0x50c/0x880
[  744.971066][T23351]  ? __pfx_io_msg_copy_hdr.isra.0+0x10/0x10
[  744.971089][T23351]  io_sendmsg_setup+0xfa/0x300
[  744.971103][T23351]  ? __kasan_kmalloc+0xaa/0xb0
[  744.971121][T23351]  ? __pfx_io_sendmsg_setup+0x10/0x10
[  744.971137][T23351]  ? __asan_memset+0x23/0x50
[  744.971153][T23351]  ? io_cache_alloc_new+0xbc/0xe0
[  744.971171][T23351]  io_send_zc_prep+0x55d/0x9d0
[  744.971187][T23351]  io_submit_sqes+0x99b/0x22f0
[  744.971207][T23351]  __do_sys_io_uring_enter+0x9c0/0x1a20
[  744.971221][T23351]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  744.971241][T23351]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  744.971255][T23351]  ? __pfx___schedule+0x10/0x10
[  744.971268][T23351]  ? fput+0x79/0x100
[  744.971282][T23351]  ? exit_to_user_mode_loop+0xdd/0x4a0
[  744.971306][T23351]  __do_fast_syscall_32+0xe3/0x8c0
[  744.971322][T23351]  do_fast_syscall_32+0x32/0x70
[  744.971370][T23351]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  744.971392][T23351] RIP: 0023:0xf7fc4f6c
[  744.971408][T23351] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad
[  744.971420][T23351] RSP: 002b:00000000f546550c EFLAGS: 00000292 ORIG_RAX: 00000000000001aa
[  744.971432][T23351] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000749f
[  744.971440][T23351] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  744.971446][T23351] RBP: 00000000fffffef5 R08: 0000000000000000 R09: 0000000000000000
[  744.971453][T23351] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  744.971460][T23351] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  744.971475][T23351]  </TASK>
[  746.486867][  T827] usb 6-1: new low-speed USB device number 27 using dummy_hcd
[  746.523356][T23704] team_slave_1: Caught tx_queue_len zero misconfig
[  746.606213][T23830] hfs: can't find a HFS filesystem on dev loop2
[  746.822101][T24098] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3599'.
[  748.417622][T25813] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  748.576417][T25817] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  748.578959][T25817] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  748.582574][T25817] vhci_hcd vhci_hcd.0: Device attached
[  748.604166][T25817] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3611'.
[  748.817083][   T24] usb 41-1: new high-speed USB device number 3 using vhci_hcd
[  748.828328][  T827] usb 6-1: unable to get BOS descriptor or descriptor too short
[  748.837836][  T827] usb 6-1: no configurations
[  748.839640][  T827] usb 6-1: can't read configurations, error -22
[  748.885911][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  748.888286][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  748.893168][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.897850][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(12)
[  748.900290][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  748.902905][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.906869][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14)
[  748.909257][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  748.912181][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.918224][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(16)
[  748.920462][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  748.938105][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.958056][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(18)
[  748.960577][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  748.963236][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.973539][T25827] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(20)
[  748.976046][T25827] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  748.980167][T25827] vhci_hcd vhci_hcd.0: Device attached
[  748.989781][T25827] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  748.997785][T25827] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  749.009444][T25840] vhci_hcd: connection closed
[  749.009581][T25837] vhci_hcd: connection closed
[  749.009601][T25832] vhci_hcd: connection closed
[  749.009708][T25830] vhci_hcd: connection closed
[  749.011257][T25828] vhci_hcd: connection closed
[  749.012301][T25834] vhci_hcd: connection closed
[  749.020177][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.024081][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.025970][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.030220][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.032840][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.034828][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.039575][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.041933][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.043953][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.046069][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.050522][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.060574][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.065160][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.070768][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.072893][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.078465][T20854] vhci_hcd vhci_hcd.3: stop threads
[  749.080225][T20854] vhci_hcd vhci_hcd.3: release socket
[  749.082402][T20854] vhci_hcd vhci_hcd.3: disconnect device
[  749.086917][ T6021] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  749.367371][T25818] vhci_hcd: connection reset by peer
[  749.369867][T20859] vhci_hcd vhci_hcd.2: stop threads
[  749.371694][T20859] vhci_hcd vhci_hcd.2: release socket
[  749.373806][T20859] vhci_hcd vhci_hcd.2: disconnect device
[  750.486792][  T827] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  750.636758][  T827] usb 6-1: Using ep0 maxpacket: 8
[  751.034192][  T827] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  751.037569][  T827] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  751.040751][  T827] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  751.044035][  T827] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  751.057035][  T827] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  751.096518][  T827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.396796][ T6021] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  751.461715][  T827] usb 6-1: usb_control_msg returned -71
[  751.463624][  T827] usbtmc 6-1:16.0: can't read capabilities
[  751.498416][  T827] usb 6-1: USB disconnect, device number 29
[  751.592941][   T40] kauditd_printk_skb: 94 callbacks suppressed
[  751.593016][   T40] audit: type=1326 audit(1772539926.683:26605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26205 comm="syz.3.3628" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70cef6c code=0x0
[  751.739832][T26300] cgroup: fork rejected by pids controller in /syz2
[  751.869067][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[  751.871393][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[  753.336886][ T6010] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  753.488649][ T6010] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  753.493266][ T6010] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  753.500880][ T6010] usb 6-1: New USB device found, idVendor=2a39, idProduct=3f8c, bcdDevice=94.24
[  753.505940][ T6010] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  753.513149][ T6010] usb 6-1: Product: syz
[  753.525809][ T6010] usb 6-1: Manufacturer: syz
[  753.536081][ T6010] usb 6-1: SerialNumber: syz
[  753.539620][ T6010] usb 6-1: config 0 descriptor??
[  753.566105][T28761] syzkaller0: entered promiscuous mode
[  753.568748][T28761] syzkaller0: refused to change device tx_queue_len
[  753.675409][ T6021] usb 5-1: unable to get BOS descriptor or descriptor too short
[  753.678617][ T6021] usb 5-1: no configurations
[  753.680220][ T6021] usb 5-1: can't read configurations, error -22
[  753.759940][T28753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3633'.
[  753.866282][T28781] tipc: Started in network mode
[  753.871954][T28781] tipc: Node identity 268cf512eab8, cluster identity 4711
[  753.874626][T28781] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  753.889323][T28781] tipc: Resetting bearer <eth:syzkaller0>
[  753.937486][   T24] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  753.944776][T28780] tipc: Disabling bearer <eth:syzkaller0>
[  754.058169][ T5938] usb 6-1: USB disconnect, device number 30
[  755.105323][T28807] 9p: Bad value for 'rfdno'
[  756.835447][T28821] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3652'.
[  756.841500][T28821] syzkaller0: entered promiscuous mode
[  756.843782][T28821] syzkaller0: entered allmulticast mode
[  757.377230][ T5938] usb 7-1: new low-speed USB device number 15 using dummy_hcd
[  758.193919][T29105] Cannot find add_set index 2 as target
[  758.319784][   T34] libceph: connect (1)[c::]:6789 error -101
[  758.322137][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  758.375254][T29103] ceph: No mds server is up or the cluster is laggy
[  758.577091][   T34] libceph: connect (1)[c::]:6789 error -101
[  758.579277][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  759.097176][   T34] libceph: connect (1)[c::]:6789 error -101
[  759.099944][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  759.634769][ T5938] usb 7-1: unable to get BOS descriptor or descriptor too short
[  759.637608][ T5938] usb 7-1: no configurations
[  759.639720][ T5938] usb 7-1: can't read configurations, error -22
[  759.690492][T29112] random: crng reseeded on system resumption
[  759.736912][T29112] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  760.216998][T29134] xt_time: invalid argument - start or stop time greater than 23:59:59
[  760.922585][T29141] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3673'.
[  760.950575][T29117] team_slave_1: Caught tx_queue_len zero misconfig
[  760.979049][T16674] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15
[  760.983398][T16674] Bluetooth: hci3: Unable to find connection for dst 00:00:00:00:00:00 sid 0x00
[  761.025023][T29114] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  761.113147][T29147] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3675'.
[  761.426784][ T5938] usb 7-1: new low-speed USB device number 17 using dummy_hcd
[  761.448208][T29176] xt_time: invalid argument - start or stop time greater than 23:59:59
[  761.506966][   T34] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  761.666930][   T34] usb 6-1: Using ep0 maxpacket: 8
[  761.671749][   T34] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  761.676872][   T34] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  761.681728][   T34] usb 6-1: config 0 interface 0 has no altsetting 0
[  761.684819][   T34] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  761.689053][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.701133][   T34] usb 6-1: config 0 descriptor??
[  762.134266][   T34] hid_parser_main: 34 callbacks suppressed
[  762.134574][   T34] mcp2221 0003:04D8:00DD.004F: unknown main item tag 0x0
[  762.139513][   T34] mcp2221 0003:04D8:00DD.004F: unknown main item tag 0x0
[  762.142408][   T34] mcp2221 0003:04D8:00DD.004F: unknown main item tag 0x0
[  762.145248][   T34] mcp2221 0003:04D8:00DD.004F: unknown main item tag 0x0
[  762.147781][   T34] mcp2221 0003:04D8:00DD.004F: unknown main item tag 0x0
[  762.150641][   T34] mcp2221 0003:04D8:00DD.004F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  762.333936][   T34] usb 6-1: USB disconnect, device number 31
[  763.596792][ T5938] usb 7-1: unable to get BOS descriptor or descriptor too short
[  763.599305][ T5938] usb 7-1: no configurations
[  763.600869][ T5938] usb 7-1: can't read configurations, error -22
[  764.156855][T31609] netlink: 'syz.1.3688': attribute type 4 has an invalid length.
[  765.898781][T31618] ceph: No mds server is up or the cluster is laggy
[  765.901780][  T827] libceph: connect (1)[c::]:6789 error -101
[  765.904310][  T827] libceph: mon0 (1)[c::]:6789 connect error
[  766.555864][T31641] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3696'.
[  766.560293][T31641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3696'.
[  767.523557][T31656] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3701'.
[  769.942906][T31678] IPVS: set_ctl: invalid protocol: 0 100.1.1.0:20004
[  770.133114][T31680] 9p: Bad value for 'rfdno'
[  770.228317][T31683] o2cb: This node has not been configured.
[  770.230429][T31683] o2cb: Cluster check failed. Fix errors before retrying.
[  770.234024][T31683] (syz.2.3710,31683,3):user_dlm_register:674 ERROR: status = -22
[  770.237116][T31683] (syz.2.3710,31683,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  771.761273][T31694] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3721'.
[  771.930729][T31702] fuse: Unknown parameter '0x000000000000000c'
[  772.165678][T31707] SQUASHFS error: Failed to read block 0x0: -5
[  774.111528][T31724] o2cb: This node has not been configured.
[  774.113520][T31724] o2cb: Cluster check failed. Fix errors before retrying.
[  774.115910][T31724] (syz.0.3720,31724,2):user_dlm_register:674 ERROR: status = -22
[  774.121224][T31725] FAULT_INJECTION: forcing a failure.
[  774.121224][T31725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  774.125629][T31725] CPU: 2 UID: 0 PID: 31725 Comm: syz.1.3722 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  774.125648][T31725] Tainted: [L]=SOFTLOCKUP
[  774.125652][T31725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  774.125659][T31725] Call Trace:
[  774.125665][T31725]  <TASK>
[  774.125670][T31725]  dump_stack_lvl+0x100/0x190
[  774.125691][T31725]  should_fail_ex.cold+0x5/0xa
[  774.125705][T31725]  _copy_to_user+0x32/0xd0
[  774.125725][T31725]  simple_read_from_buffer+0xcb/0x170
[  774.125743][T31725]  proc_fail_nth_read+0x1af/0x230
[  774.125758][T31725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  774.125772][T31725]  ? rw_verify_area+0xce/0x6d0
[  774.125788][T31725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  774.125801][T31725]  vfs_read+0x1e4/0xb30
[  774.125820][T31725]  ? __pfx_vfs_read+0x10/0x10
[  774.125836][T31725]  ? find_held_lock+0x2b/0x80
[  774.125847][T31725]  ? __fget_files+0x215/0x3d0
[  774.125868][T31725]  ? __fget_files+0x21f/0x3d0
[  774.125889][T31725]  ksys_read+0x12a/0x250
[  774.125906][T31725]  ? __pfx_ksys_read+0x10/0x10
[  774.125927][T31725]  do_int80_emulation+0x141/0x6b0
[  774.125944][T31725]  asm_int80_emulation+0x1a/0x20
[  774.125955][T31725] RIP: 0023:0xf7135cab
[  774.125965][T31725] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  774.125976][T31725] RSP: 002b:00000000f53f64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  774.125988][T31725] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f53f65d0
[  774.125995][T31725] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[  774.126001][T31725] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  774.126007][T31725] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  774.126014][T31725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  774.126028][T31725]  </TASK>
[  774.166854][T31724] (syz.0.3720,31724,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  774.347035][T31732] IPVS: set_ctl: invalid protocol: 0 100.1.1.0:20004
[  774.435167][T31737] loop6: detected capacity change from 0 to 524287999
[  774.439812][T18456] buffer_io_error: 24 callbacks suppressed
[  774.439823][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.444797][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.448099][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.451565][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.454197][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.457289][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.460203][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.463250][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.466176][T18456] ldm_validate_partition_table(): Disk read failed.
[  774.468694][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.471251][T18456] Buffer I/O error on dev loop6, logical block 0, async page read
[  774.474188][T18456] Dev loop6: unable to read RDB block 0
[  774.476186][T18456]  loop6: unable to read partition table
[  774.490462][T31737] ldm_validate_partition_table(): Disk read failed.
[  774.493462][T31737] Dev loop6: unable to read RDB block 0
[  774.519006][T31737]  loop6: unable to read partition table
[  774.525003][T31737] loop_reread_partitions: partition scan of loop6 (3��x��C�

) failed (rc=-5)
[  774.918244][T31752] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3730'.
[  775.366887][T31756] SQUASHFS error: Failed to read block 0x0: -5
[  776.185208][T31765] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3733'.
[  776.407175][T31766] Cannot find add_set index 2 as target
[  777.563529][T31764] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  777.566361][T31764] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  777.569943][T31764] vhci_hcd vhci_hcd.0: Device attached
[  777.576641][T31778] o2cb: This node has not been configured.
[  777.579359][T31778] o2cb: Cluster check failed. Fix errors before retrying.
[  777.582607][T31778] (syz.3.3740,31778,3):user_dlm_register:674 ERROR: status = -22
[  777.596308][T31778] (syz.3.3740,31778,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  777.684701][T31779] vhci_hcd: connection closed
[  777.684944][   T70] vhci_hcd vhci_hcd.1: stop threads
[  777.688685][   T70] vhci_hcd vhci_hcd.1: release socket
[  777.690583][   T70] vhci_hcd vhci_hcd.1: disconnect device
[  777.794031][T31781] program syz.0.3747 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  777.846613][T31783] x_tables: duplicate underflow at hook 1
[  777.849192][T31783] hub 8-0:1.0: USB hub found
[  777.850837][T31783] hub 8-0:1.0: 1 port detected
[  777.862208][T31783] netlink: 120 bytes leftover after parsing attributes in process `syz.0.3747'.
[  777.866026][T31783] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3747'.
[  780.459695][T15700] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  781.172672][ T6110] usb 6-1: new low-speed USB device number 32 using dummy_hcd
[  781.208919][T31832] netlink: 'syz.3.3753': attribute type 1 has an invalid length.
[  781.225114][T31832] bond1: entered promiscuous mode
[  781.227746][T31832] 8021q: adding VLAN 0 to HW filter on device bond1
[  781.246945][T31832] bond1: (slave gretap1): making interface the new active one
[  781.249631][T31832] gretap1: entered promiscuous mode
[  781.252553][T31832] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  781.328394][T31835] macvlan2: entered promiscuous mode
[  781.330527][T31835] macvlan2: entered allmulticast mode
[  781.333599][T31835] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  781.380121][T31838] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3754'.
[  781.387248][T31838] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3754'.
[  781.390800][T31838] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3754'.
[  781.867466][   T46] ------------[ cut here ]------------
[  781.869823][   T46] time_after(jiffies, timeout)
[  781.869837][   T46] WARNING: io_uring/io_uring.c:2341 at io_ring_exit_work+0x42d/0xce9, CPU#2: kworker/u32:2/46
[  781.875110][   T46] Modules linked in:
[  781.877364][   T46] CPU: 2 UID: 0 PID: 46 Comm: kworker/u32:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  781.881326][   T46] Tainted: [L]=SOFTLOCKUP
[  781.882910][   T46] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  781.886651][   T46] Workqueue: iou_exit io_ring_exit_work
[  781.889464][   T46] RIP: 0010:io_ring_exit_work+0x42d/0xce9
[  781.891769][   T46] Code: 8e e8 e7 5a 3e 01 48 8b 05 60 d9 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 8e d0 d2 00 4d 85 ed 79 12 e8 a4 d5 d2 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 92 d5 d2 00 48 8b 74 24 38
[  781.899023][   T46] RSP: 0000:ffffc900006dfab0 EFLAGS: 00010293
[  781.901264][   T46] RAX: 0000000000000000 RBX: ffff88802446a778 RCX: ffffffff81353932
[  781.904342][   T46] RDX: ffff8880209c24c0 RSI: ffffffff8135393c RDI: ffff8880209c24c0
[  781.907636][   T46] RBP: ffffc900006dfc38 R08: 0000000000000007 R09: 0000000000000000
[  781.911164][   T46] R10: fffffffffffffffa R11: 0000000000000000 R12: ffff88802446a000
[  781.914061][   T46] R13: fffffffffffffffa R14: dffffc0000000000 R15: 0000000000000000
[  781.916872][   T46] FS:  0000000000000000(0000) GS:ffff88809734c000(0000) knlGS:0000000000000000
[  781.920025][   T46] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  781.922225][   T46] CR2: 00000000f50773fe CR3: 000000006740c000 CR4: 0000000000352ef0
[  781.925110][   T46] Call Trace:
[  781.926280][   T46]  <TASK>
[  781.927467][   T46]  ? __pfx_io_ring_exit_work+0x10/0x10
[  781.929390][   T46]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  781.931781][   T46]  ? debug_object_deactivate+0x2e4/0x3b0
[  781.933939][   T46]  ? rcu_is_watching+0x12/0xc0
[  781.935809][   T46]  process_one_work+0x9d7/0x1920
[  781.937528][   T46]  ? __pfx_process_one_work+0x10/0x10
[  781.939361][   T46]  ? __pfx_io_ring_exit_work+0x10/0x10
[  781.941341][   T46]  worker_thread+0x5da/0xe40
[  781.943050][   T46]  ? __pfx_worker_thread+0x10/0x10
[  781.945087][   T46]  ? kthread+0x13a/0x450
[  781.946959][   T46]  ? __pfx_worker_thread+0x10/0x10
[  781.948806][   T46]  kthread+0x370/0x450
[  781.950249][   T46]  ? __pfx_kthread+0x10/0x10
[  781.951943][   T46]  ret_from_fork+0x754/0xd80
[  781.953471][   T46]  ? __pfx_ret_from_fork+0x10/0x10
[  781.955182][   T46]  ? __switch_to+0x7b4/0x1120
[  781.957055][   T46]  ? __pfx_kthread+0x10/0x10
[  781.958833][   T46]  ret_from_fork_asm+0x1a/0x30
[  781.960801][   T46]  </TASK>
[  781.962082][   T46] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  781.964734][   T46] CPU: 2 UID: 0 PID: 46 Comm: kworker/u32:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  781.968673][   T46] Tainted: [L]=SOFTLOCKUP
[  781.970228][   T46] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  781.974142][   T46] Workqueue: iou_exit io_ring_exit_work
[  781.976231][   T46] Call Trace:
[  781.977557][   T46]  <TASK>
[  781.978630][   T46]  dump_stack_lvl+0x100/0x190
[  781.980301][   T46]  vpanic+0x552/0x970
[  781.981705][   T46]  ? __pfx_vpanic+0x10/0x10
[  781.983305][   T46]  panic+0xd1/0xe0
[  781.984722][   T46]  ? __pfx_panic+0x10/0x10
[  781.986345][   T46]  ? check_panic_on_warn+0x1f/0x90
[  781.988419][   T46]  check_panic_on_warn.cold+0x19/0x34
[  781.990381][   T46]  ? io_ring_exit_work+0x42d/0xce9
[  781.992334][   T46]  __warn.cold+0x191/0x348
[  781.993922][   T46]  __report_bug+0x296/0x3d0
[  781.995645][   T46]  ? io_ring_exit_work+0x42d/0xce9
[  781.997416][   T46]  ? __pfx___report_bug+0x10/0x10
[  781.999527][   T46]  ? trace_contention_end+0x140/0x180
[  782.001515][   T46]  ? __mutex_lock+0x26a/0x1b90
[  782.003475][   T46]  ? find_held_lock+0x2b/0x80
[  782.005226][   T46]  ? io_req_caches_free+0x49/0x60
[  782.007021][   T46]  ? io_req_caches_free+0x49/0x60
[  782.008808][   T46]  ? io_ring_exit_work+0x42d/0xce9
[  782.010646][   T46]  report_bug+0xb2/0x220
[  782.012141][   T46]  ? io_ring_exit_work+0x42d/0xce9
[  782.013891][   T46]  handle_bug+0x16a/0x2a0
[  782.015411][   T46]  exc_invalid_op+0x17/0x50
[  782.017124][   T46]  asm_exc_invalid_op+0x1a/0x20
[  782.018898][   T46] RIP: 0010:io_ring_exit_work+0x42d/0xce9
[  782.021693][   T46] Code: 8e e8 e7 5a 3e 01 48 8b 05 60 d9 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 8e d0 d2 00 4d 85 ed 79 12 e8 a4 d5 d2 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 92 d5 d2 00 48 8b 74 24 38
[  782.028608][   T46] RSP: 0000:ffffc900006dfab0 EFLAGS: 00010293
[  782.030691][   T46] RAX: 0000000000000000 RBX: ffff88802446a778 RCX: ffffffff81353932
[  782.033491][   T46] RDX: ffff8880209c24c0 RSI: ffffffff8135393c RDI: ffff8880209c24c0
[  782.036514][   T46] RBP: ffffc900006dfc38 R08: 0000000000000007 R09: 0000000000000000
[  782.039420][   T46] R10: fffffffffffffffa R11: 0000000000000000 R12: ffff88802446a000
[  782.042117][   T46] R13: fffffffffffffffa R14: dffffc0000000000 R15: 0000000000000000
[  782.044737][   T46]  ? io_ring_exit_work+0x422/0xce9
[  782.046500][   T46]  ? io_ring_exit_work+0x42c/0xce9
[  782.048286][   T46]  ? __pfx_io_ring_exit_work+0x10/0x10
[  782.050196][   T46]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  782.052511][   T46]  ? debug_object_deactivate+0x2e4/0x3b0
[  782.054617][   T46]  ? rcu_is_watching+0x12/0xc0
[  782.056347][   T46]  process_one_work+0x9d7/0x1920
[  782.058074][   T46]  ? __pfx_process_one_work+0x10/0x10
[  782.059910][   T46]  ? __pfx_io_ring_exit_work+0x10/0x10
[  782.061832][   T46]  worker_thread+0x5da/0xe40
[  782.063658][   T46]  ? __pfx_worker_thread+0x10/0x10
[  782.065419][   T46]  ? kthread+0x13a/0x450
[  782.066874][   T46]  ? __pfx_worker_thread+0x10/0x10
[  782.068729][   T46]  kthread+0x370/0x450
[  782.070296][   T46]  ? __pfx_kthread+0x10/0x10
[  782.072053][   T46]  ret_from_fork+0x754/0xd80
[  782.073722][   T46]  ? __pfx_ret_from_fork+0x10/0x10
[  782.075545][   T46]  ? __switch_to+0x7b4/0x1120
[  782.077194][   T46]  ? __pfx_kthread+0x10/0x10
[  782.078814][   T46]  ret_from_fork_asm+0x1a/0x30
[  782.080413][   T46]  </TASK>
[  782.082428][   T46] Kernel Offset: disabled
[  782.084045][   T46] Rebooting in 86400 seconds..