last executing test programs:

6.705340188s ago: executing program 2 (id=1972):
syz_genetlink_get_family_id$devlink(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, 0x0, 0x4000c000)
openat$cdrom(0xffffff9c, &(0x7f0000000080), 0x183d00, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x80, 0x2040)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000100)={0xb783})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x12, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x1)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x9}, 0x18)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0x7ff}, 0xe)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x6)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)

6.704907499s ago: executing program 3 (id=1973):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c040, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000180)=[{0xa, 0xfd, 0x0, 0x7fff7ffc}]}) (async)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) (async)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000400)={{0x2, 0x4e22, @multicast2}, {0x6, @random="4acc7489b5e0"}, 0x6a, {0x2, 0x4e24, @local}, 'netdevsim0\x00'})
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/comedi1\x00', 0x10201, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'pcm3724\x00', [0x5, 0x0, 0x5337, 0x4, 0x5, 0x5, 0x4, 0x7, 0x54c6cff2, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x2, 0x3, 0x10001, 0x89, 0xcaa6, 0x7, 0x20001e5a, 0x3, 0x4, 0x3, 0xffffffff, 0x3, 0x0, 0xfffffff8]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='sched_process_fork\x00', r1}, 0x18) (async)
syz_clone3(&(0x7f0000000380)={0x2140280, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
r5 = syz_open_pts(r4, 0x80)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBSENT(r6, 0x5602, &(0x7f0000000000)={0x0, "96d3e9659db3f50cb3c4e683f4fae026a3b284dd56630882be4bc0f34042227a71f06b95d73e34c8ecf3325e43f75f16f13d8905d3bdce627dc6ae0b14840f4c8bebc40872293c61ddd293631a22c6d5c8c9b16b987f4326874ddc5e2610c5505cea115e51bf6feb3e93cf89b8f44394fa2ac7f6cf757a9416c7545c5e5caa34450f0397d179f2225b57f644ce8ad31b15547b9364daef8e784f2036a75c3c5cfd124cdd424a558ea90d054d36c0d1d0db92e5e7f668dadcbfaed92c7cf3204be0c4904d308feba3447d7f41a58bc2fd4682e306a592696e4de9427d87c008d3e172cf162cc35f00915fe9fc9ea84e28838940e4bb2fda4c55a34abdf6db63d547c91a17211a1ce43a2933f8227e8b6767ab70bc9223e62a2d3ad9b13f74e2000961e62eaea005088d6d74a19eb0c56ce314323143fcfe27e410e10bd21a2140783385bdb1a7d33038427e336829ccfb63c04e537ca51ddae5fdf29505fca04fc4b2a13d6dad7db2eace60e9589712719a49a2d2d44587465037851b1fe93a0ed46822294671098fd53e79fe428bf6ae3846299ab1d238ad07be6cc01b5fcaacfce829c209e67d5548a38b637f3b44905b8be24dfba30e1b6d074b43e53fcded14a4190a585949baa43fef6c70ce7b1612299d734c07feed23252886a1317358cf5ecaf0186d2dbdb3eab8a9c3c21d4828ef8a9dd89207f2884a57679fcd495a"}) (async)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000080)={0xfffc, 0x5, 0x9, 0x8, 0x7f, 0x6})
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x11)

6.704569281s ago: executing program 3 (id=1974):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000280)={{0x1, 0x2, 0xf, 0x5, 0xfb, 0x9, 0x0, 0xb, 0x0, 0x1, 0x3, 0x6}, {0x4, 0xdddd0000, 0xe, 0x14, 0x1, 0x9, 0x2f, 0xe, 0x40, 0x10, 0x6}, {0x3000, 0x5000, 0x4, 0xd, 0x5, 0x3, 0xc3, 0x16, 0x3, 0x8, 0x5, 0x3}, {0xdddd1000, 0x6000, 0x9, 0xf9, 0x7f, 0x3, 0x8, 0x7f, 0x9, 0x2, 0x3, 0x7}, {0xd000, 0xdddd1000, 0x0, 0xd, 0x3, 0x2d, 0x6, 0xc, 0x3, 0x0, 0xff, 0xe5}, {0x2, 0x10000, 0x8, 0x5, 0x6, 0x28, 0x3, 0x1, 0xbf, 0x98, 0x2, 0x4}, {0x5000, 0x8000000, 0x3, 0x9, 0xf6, 0xb, 0xb, 0x3, 0x4, 0x0, 0x4, 0x9}, {0xdddd0000, 0x1, 0xf, 0x4, 0x3, 0xff, 0x0, 0xf9, 0xa1, 0x8, 0x0, 0xfe}, {0xffff1000, 0xcb}, {0xffff1000, 0x17}, 0x20010, 0x0, 0xdddd0000, 0x0, 0x7, 0x1000, 0xdddd1000, [0x2, 0x7, 0x9, 0x7]})
syz_emit_ethernet(0xe, &(0x7f0000000140)={@random="2a504075679e", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@mpls_mc}}, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x20000014})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x7, 0xfe, 0xe1, 0xc, 0x6, 0xd9, 0x40, 0x41, 0xfb, 0x5e, 0xc, 0x0, 0x8, 0x40, 0x1, 0x5}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x3, 0x0, 0x106c, 0x80000001, 0x8000000000000, 0x80000004000080, 0x0, 0x8, 0x0, 0x4, 0x0, 0x8001], 0x1, 0x3c4210})
ioctl$KVM_RUN(r2, 0xae80, 0xfffffffe)

6.696694585s ago: executing program 2 (id=1977):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00'], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x4000000}, 0x0)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x6, 0xc8, 0x7}}}, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf035}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x7625, &(0x7f00000003c0)={0x0, 0x9678, 0x2, 0x0, 0xf7})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f28, 0x5, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c942399, 0x1, 0x3ff, 0x802, 0x1600, 0xb, 0x200001, 0x9, 0xe1c7, 0x4, 0x4, 0x4, 0x392, 0x80000089, 0xfffffffd, 0x20000000, 0x7fff, 0x3, 0x3, 0x3c, 0xf10, 0x4, 0x3, 0xdffffffd]})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x0, 0x8, 0x10, 0x20001, 0xffffffffffffffff, 0x3b, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x3, 0xf}, 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)={0x14, r4, 0x917}, 0x14}}, 0x0)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000380)={0x2c, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0x80015b1b, 0x0)

6.688000957s ago: executing program 3 (id=1978):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x5)
setsockopt$inet_udp_int(r0, 0x11, 0xa, &(0x7f0000000040)=0x507, 0x4)
sendmmsg$inet(r0, &(0x7f0000000bc0)=[{{&(0x7f0000000c00)={0x2, 0x4e22, @multicast2}, 0x10, 0x0}}, {{&(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000001e40), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1000000000000000010000007f0000001000000000000000020000005cffffff0c000000000000000700000080000000000000000700000044248d43ac1414aa00000066ac1414420000007fac1414bb0000a52cffffffff0000000600072bf7ac14143600000000e0000002ac1414aaac1414bb64010102ac1414bb640101000a010102e0000001862000000003060b73d961ae8f8587fbfe010395010c34784a40fcc831bc732401000000180000000000000008000000", @ANYRES32=0x0, @ANYBLOB="e0000001ac141413880000000000000007000000014434a023ffffffff00000009e0000001000000047f000001000001ffac1414bb0000000a6401010100000009ac1e01010000003f8913d4e0000001ac1414bb0a010100ac1414110194040000008307d3ac1414bb4424b940fffffffb0000008000000001ffffffff000000070000000300000004000000080000001000000000000000010000003bcae700"], 0x15c}}], 0x2, 0x2000c044)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x0, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}, {&(0x7f0000000500)=""/189, 0x7fffef68}], 0x2, 0x300100, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_vs_stats\x00')
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x4a301, 0x0)
socket(0x10, 0x800, 0x40)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="1400000004000000080000000600000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$inet6(0xa, 0x80002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)

6.376051449s ago: executing program 3 (id=1982):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=@newtaction={0xbc, 0x30, 0x400, 0x0, 0x0, {}, [{0xa8, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0xffffffff, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x60, 0x1, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x34, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_PRIO={0x8, 0x3, @val=0x4}, @IFE_META_PRIO={0x8, 0x3, @val=0x5}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0xfff4}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095c607e1f09425235e873e32483829345950e03c6b336cfa56af6ac3729403abd6b2dbe3a6c944428e8371cfe29747a7e076"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setpriority(0x0, 0x1, 0xa7a8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x5e3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x2, 0x5, 0x3831354f, 0x0, 0x5, [{0xfffffff2, 0x22}, {0xcbd, 0x10010000}, {0x10, 0x6}, {0x40000001, 0x4}, {0x9, 0xd1}, {0x2, 0x4}, {0x0, 0x9}, {0x1, 0x8}], 0x9, 0x8, 0x3, 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x9)
open_by_handle_at(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000f800000000000000fb150c3053d7eab12f1ae7f0e8b6d3f932ea4f00"], 0x60002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="ef", 0x1}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="140000000100", @ANYRES32, @ANYRES32], 0x14, 0x4060019}, 0x20000841)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x9, 0x3, 0x258, 0x0, 0xffffffff, 0xffffffff, 0xdc, 0xffffffff, 0x1c4, 0xffffffff, 0xffffffff, 0x1c4, 0xffffffff, 0x3, &(0x7f0000000000), {[{{@ip={@private=0xa010102, @multicast2, 0xffffffff, 0xffffffff, 'ip6gre0\x00', 'syzkaller0\x00', {0xff}, {}, 0x21, 0x3, 0x60}, 0x0, 0x70, 0xdc}, @common=@unspec=@NFLOG={0x6c, 'NFLOG\x00', 0x0, {0x5, 0x58ad, 0x4, 0x0, 0x0, "2d6683395228ec9762890fe5c9d0107a77ce6283723e24ff5179e472000480a670bf0b82c97399e88181fea5f96abde0ff6abcfe24fb78cd3b74e7bb502f9f0e"}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1d}, @dev={0xac, 0x14, 0x14, 0xb}, 0xffffffff, 0xffffff00, 'netdevsim0\x00', 'bridge_slave_1\x00', {0xff}, {}, 0x0, 0x2, 0x28}, 0x0, 0xb4, 0xe8, 0x0, {}, [@common=@unspec=@nfacct={{0x44}, {'syz1\x00', 0x10001}}]}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0x0, 0x2, 0x7}, {0x0, 0x3, 0x1}, {0x2, 0x4}, 0x0, 0x8}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x2b4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)

4.501227117s ago: executing program 3 (id=1985):
syz_genetlink_get_family_id$devlink(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, 0x0, 0x4000c000)
openat$cdrom(0xffffff9c, &(0x7f0000000080), 0x183d00, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x80, 0x2040)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000100)={0xb783})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x12, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x1)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x9}, 0x18)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0x7ff}, 0xe)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x27}, 0x6)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)

4.200319244s ago: executing program 2 (id=1986):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async, rerun: 64)
r0 = socket$inet6_udp(0xa, 0x2, 0x0) (rerun: 64)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000300)={0x8, {{0xa, 0x4e20, 0x6, @local, 0x6a3c}}, {{0xa, 0x4e23, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x5}}}, 0x104)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000101000000000000", @ANYRES32=0x1, @ANYBLOB="ea0d00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200"/23], 0x50) (async)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40246608, &(0x7f0000000700)={0xfffffffb, 0x4633, 0x80000001, 0x4, 0x40, 0x6}) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000004c0)={'ip6tnl0\x00', <r1=>0x0, 0x2f, 0x1, 0x8, 0x79, 0x18, @local, @loopback, 0x80, 0x10, 0x100, 0x7}})
r2 = syz_open_dev$mouse(&(0x7f0000000580), 0x7, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x32, &(0x7f0000000b40)=ANY=[@ANYBLOB="18000000090000000000000003000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a50000001845000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000922a100004000000b7080000000000007b8af8ff00000000b7080000e60e00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7053a64e7f82baf7b6500000800000085000000a5000000180100002020692500000004ae32854414d000002020207b1af8b3c8786c00bfa100000000000007010000f8ffffff95114edb8adaa3b702000008000000b703000000000000850000000600000095000000000000001863000001000000000000000800000085100000fbffffff1877bb35040000000080"], &(0x7f00000000c0)='syzkaller\x00', 0x1ff, 0x0, 0x0, 0x40f00, 0x29, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000005c0)=[r2], &(0x7f0000000600)=[{0x4, 0x5, 0xc, 0x2}], 0x10, 0x1800000}, 0x94) (async)
ioctl$CDROM_SEND_PACKET(0xffffffffffffffff, 0x5393, 0x0) (async, rerun: 32)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) (rerun: 32)
r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="020000000400000008000000010000008000000061d53e7309ba445517b35bfaa8b99e790b3eba99b0fa3aceceeb881bff734a40fae327fe86955d0669314683ea990524ed806aa29654cc1505b6a3f235905329589b1e787eb9764304e6731b5434f4a73566eaa01e9a9fcd64feb2aea21e6c5ba68be2088016d874f5bf1a92e6d1f284653ec510ae85ce98399e200cdefb1d611454214a9476b1e83c4fa4b58950246c1e56f62272057bc484c484b92a2b9c43c11b356d3b5dc1cb3cdf03159e923d2cdcf18caf99e1b7763746a809b398d8c5cb40b9b9f1e501a037511f3e309af2321bb235d47fc36e96024b0c1cab3ee49707161bf1659e25", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffffffffffec0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x100, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x24000805}, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r5 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0) (async, rerun: 32)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 32)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

4.019100546s ago: executing program 0 (id=1987):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 000040000'], 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0xff07, 0xfffffffc, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
bind$rose(r2, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000000000000c501"])

3.656893537s ago: executing program 0 (id=1988):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f00000000c0)={0x6, 0x0, [{0x80000007, 0x10f4, 0x1, 0x3, 0x2, 0x33a, 0x57}, {0xc0000013, 0x1000, 0x3, 0x4, 0x3, 0x2, 0x6}, {0x80000008, 0x6, 0x1, 0x2, 0x3, 0xfffffffe, 0x5}, {0x7, 0x75, 0x5, 0xf42, 0xf, 0xfffffffc, 0x3}, {0xa, 0x1ff, 0x3, 0x5, 0x96f, 0xfff, 0x2}, {0x65a3426c26b37cd6, 0x7be1, 0x1, 0x0, 0x0, 0x9, 0xba3}]})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r2)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b29, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NLBL_CALIPSO_C_REMOVE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl818\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x1002, 0x1, 0x8, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x6, 0x7, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]})
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="1d67726f75705f69643d", @ANYRESDEC=0x0, @ANYBLOB="2c667878ce92b27bc049a9d20761b33030303030303030303030303030000000"])
read$FUSE(0xffffffffffffffff, &(0x7f0000000240)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f00000023c0)={0x50, 0x0, r6, {0x7, 0x2b, 0x4, 0x800100, 0x7fff, 0x1, 0x5, 0x9, 0x0, 0x0, 0x80, 0x7}}, 0x50)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x7, 0x3, 0x9, 0x3, 0x5})

3.650734116s ago: executing program 2 (id=1989):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cd40009800800014000000006c80002800c00018008000140000000032400018008000140000000070800014000000008080001400000000908000140000000080c000180080001400000000a240001800800014000000006"], 0x140}}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='inet_sk_error_report\x00'}, 0x18)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r5, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0xbf00, 0xbf})
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000003c0), 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="0040000000000000080004004400000008001b0000000000"], 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, 0x0, &(0x7f00000005c0))
syz_io_uring_setup(0xdaf, &(0x7f0000000180)={0x0, 0x2, 0x13291, 0x0, 0x3b3}, &(0x7f0000000100), &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)

3.569061555s ago: executing program 0 (id=1990):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xc0c, 0x80000001}, 0x0)
fsopen(&(0x7f0000000280)='romfs\x00', 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000, 0x0)
socket$unix(0x1, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
userfaultfd(0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\xf2\xff\xff\xff\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)

3.489193243s ago: executing program 1 (id=1991):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=@updpolicy={0xc8, 0x1b, 0x1, 0x0, 0x0, {{@in=@private=0xa010100, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xf, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x2, 0x2}, 0x2, 0x8}, [@coaddr={0x14, 0xe, @in6=@loopback}]}, 0xc8}}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
syz_kvm_setup_cpu$x86(r5, r4, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_RESVSP(r7, 0x402c5828, &(0x7f0000000700)={0x0, 0x4, 0x1, 0x134})
ioctl$KVM_SET_GUEST_DEBUG_x86(r6, 0x4048ae9b, &(0x7f0000000080)={0xe0002, 0x0, {[0x8, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x8001, 0x4]}})
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYRES8=0x0], 0x14}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
r9 = syz_io_uring_setup(0xcaf, &(0x7f0000000280)={0x0, 0xb601, 0x8, 0x5, 0x18}, &(0x7f00000001c0)=<r10=>0x0, &(0x7f0000000240)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r8, 0xc000000, &(0x7f0000000000), 0x0, 0x1e})
io_uring_enter(r9, 0x1913, 0x0, 0xe, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x0)

3.403572739s ago: executing program 1 (id=1992):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000050)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xd73, 0x80, 0xfffffffd, 0x283}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r3, 0x0, 0x0, 0x0, 0x12141, 0x1})
io_uring_enter(r4, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8, 0x10, 0xffffffffffffffff, 0x2ceae000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)=ANY=[@ANYBLOB="1c00000034000701fffffffffeffffff017c"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a80)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041817aaaaaaaaaa10ffffffffdff3856609ed85"], 0x1a)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c80000bdb834741ca8c5fe9a48f969438ebf7c9d0dee352c7ef42fa46f498bb64b06a8edaec208a03d9b3ab3b4c8ae0a77105771f2ba9f2a0af1e3de5fff447c705954341b123cfc01af2d91cefaddc4f39bd1e420c24175271a8e39f18c5fc588e4dd1563ad23c4626a1cc2a7c2dd0d447b4ec774a50d46bb23d62682f2250cf376d34c57b0137811c7dd4411c995c1e90b54e3e904071794fe10454332dca7ac0a5d6a93b4d8e54d6980a87344180121c700bbd04f3317ad9fdfe4c10f9f332393d54ba1b1da1823c16dca0f465618fd341e3f25850d532b0ad59324dedb33b165521e30cf231c5086e92de5f18aaa831e19fce091ffe8f004e5d45c37d86ff95b441add77e057949fc7c499cac92be793da42f168e8da0f1b93c45e7f3bfce4bff0692a7e80254d6325cab7b4219406d386bf93eb9dc45659d5990bd730a78b1ed06559d2a1dac789d83b78466438db6a1943067179facd92599c70b5fc318b76a16024867badd938ad52679abe016d60b9430977d716b73bca086c01d174e7d516f595dacfe502e7f26ca57dc79bb012905ba1143782af5567820f142644d705406677071cc122f17bb175ada64cf5fc987c686324f0985c5a44aa56822f305d5136ae09a7693a94130132f15fdd6588cb5285d0df8c274bea41097e8f39304738bfa8c3244fc98f59a9ef5951b7f659425eb9c44bbc72ea0878c4dfec078df223874f613daa1334b0f6423426b41b0901e50d8c9418df0c0b8886850c209e8ae28e17b4ba791c0c9b6c09f0e93a9fe4224a2fcdb68a95b80325e23ebe54197f4bd3c633a7edae8a78d0262c9d0d831b8df884b961af5240953f53d8e117bf9127d2787a8e22bfcc2da196daf88af00713af4e5ab2f9a209dd1d9bf2500908164e6706121714b2f2ef7fd01a0b48843f4708af3504dad7e6c6516ceaf938f50446ab6ede103832dde6357cecd81ae0a9ea6129b87d44dcb02a6d3ed4732f30d211fc2a8c27865ab51f02068763c6ab7f24c6dcbc4f628d11bb96f457fd535438d523039849f054048ffb0a9e407844852b21c3afdab84edad49ddccb01fec154c4d61291a99826f2937cbcdce00dce8daef4d78379ea4af3197106e1684947f054a396e8a5b7da4dd61bcfdc9d0a54bcca07142407e684f19fc04be4239b9ff203521952e907117fe5e8166ce94172337b2b65c61b97f1935fd508ff9b9668c8356b706510f54e1a052f091d03c8ab9ad4193b60559d3d53908b21d1d6dc49e1703e2dcf80ff5dc8d395d1bd8757dc8ed5e153a3d76e6e878cfa5601c2976755a4a0da500fcc63b0213f97d122d5a20e484d1ce8d8deca8b7a56ea781e649082090fe7a466567d8a039108fcd6e190e9161b7301a3dfc225bd8b03d8fc4b9bc175baa0aba1524a7f7e6013bbf3ae65e49377373a1bf846bb869f1031e3187d85eca229e071fdaac98c494a8318f6fa5ad02c39378141f580373dd23e0c116b20c35cfd7eedb37e5ef44b6366becdd21343da747675cc03c58edf995e15cd518d7c73cb3974d175dd9a8f1a9c9c19f5e251bd16640e5cf219f7aac80274763395bacb8da3712fcca18aa10a2eb3b7a06aae43f7047def015aa38bb4163da2538d29ebcdf6da71a9d9bf997c0a0c76c16b2ba00ce45916b860edb6d38f11a0d628629c14fa9186f9e658b326f40e45b2f54e285a3bff620cf9f0751779e8e266c9e1c0c7ab0a98aaf72d1031e3030e6ba4315869999e08605aa79f845906dff7df511c2e8b1555d2b1a48ea60f21808ae3ca24f0a586793811d1ea4b0df3e8b2ac8f025548734ed62cf0028be94bc3c168e7155ba6244eadd437cb1ebeb248c90c56fab961bddcf715833ec53604b89190e79f184ce07ac439f5e9a361ba1205a8364673bd67c9d092c1997edad75a537caf3f23a5f2c2ac497a775b1b9a5e6db9b8644fc0fd354f8696b487a9104203e189914e068dbc22e61391827278fba8f50d452b9cbc583dd87573675120925f1e953e0fd5dc5e63499a0a7ea0a6ab69c5be45f2f6ec6a959d490323bdd083d35253c7633092821a58bc60b3c28b760ee760be8d6a314e7d1228f9921b41947d3be21c211d4847eb3b834ee107bf4df0dce25e28e999fcd033ef785c0cb0e36dcdc0a4c006fa83dd5eacfb8f68a689d62f84a475ff71e9295a5069bc6de296f7fbf9acea2e263ed95083db7ba94ddb45cb77cebac1fda1d8b0663fc7f49f4331df27cafb5c407f01b4a18717c182a079064b874bba9e2bfa439a08a4960f1ff7991f6d818eb5ad845632d1cb62f255df3f1fd81f94a29c8c3892c5fa731194b83ee6f29bd102f3b586c368f294ba7c63c73e860f3cba0c1a173176f740404b0eebcf81bba068bf1eccb80fd17d1f7220db92607784a7513bfed8b4a71ab99b8eba82d5aa0152de848d481106973404188e1ee16bd45f5f24a4f9c68f667a2be1bc2a58c30b5a33a8209ddc10d0bd9522a726b012fb8ef221abd4ff59ed7e81b81c7cee428100515cbeeac3076dad870bd069d59f518cf36a3612d3ef9eae597e2458dee075627ee219cf68e2a450495fd8bcc157f4c7d1360760b4be7eb8b87f7724e16859ca5dfb7f50eb98ced3972282fb565511b11231a643489639420d83442b3b2dd133d73ccc2de515987ec2cc869c75b5f4dc8cda7559bdba1626b4bdc6557a7f43e35071c303b083adbbdaa00f389f5358adf90939c5899ff74c4c0c4a6656d3f0b67f460f00d5d8b15346f34432433e226a3952df6537e9a9d772e39a78e851deb6efcf1ab5066a46539ab67533cf42782755461ed295a836a1641a41cfba17da37e6a2206de7f890824538357b3908622221ee0156f57f64970b1d93042e30621db4b7e53686ee5af23cbbb6539fff99e74677626fe42feb95efa6c20d80d7f081da5f98cc0632d4a64b2697c5967a15bd41dee3e64812c3df900b1362832438cd8442f5dedea03cb30cb95542bc7dcba89462d54ccb02559b91ebf7acf849b14164e327bc5c50948e71dda1d2b03dc2183c08e8a03a9fbb5d318c35e953f82e75bec63386a4dc32b6dc5d50d46607f26c7f3595103b7de5bb01d803cba523f1edbac8da33fb93d7afaeaac0dc4b2197c65357d2b111711bb1c2e118a56be7d14adf13b1b4d1f4d0ef8f84b13099dcfeb7b20ea83a4aa906d38c2d7b70a6e1d631663b38b9a3989cec282883346475933dff242930a9a105ab9977ae2dbc7953700ef070bdf75e3e8263c42c65814da383f846185cba2d3f96f0146f5e6e599b27a1c94c0c71370e702337b7c9a5b4dc090ff84003a16691f94b44ed262c10a6f67a6b37a6f2a3466bff2de7233241b95a75aaf308da6d925d5fe1b9af303aff84c5105118cecb53b1597caeff19a5d0bd12ceb9c60de843ffc583b090715f97403d95e6c9159d1e9d7601f5178ea4418e4e7a878b7b6bae69bd3c120e531fc072e3a416fe6906dbe13b51c39c9979ba1370b61e3045aca60955f1f257158e2f1b0a7e92ff834448587defc72e3deaa99ed17c8967a9ae80aa64e8416c47bf90bc7e0888277e2dfa78968fddff1d62bb77419eda8b115091a525eeb2222bb0c2a087657bfc2060204cbb994c87df0fbf47b44133afdf61979162c9fb160e59c0925213fc1fc60080da4c65483fa0e781f06ec09be2b5a8d9738a650772e07fecc2ac306628fc32e8d63180c0272e8e32c7e57bc22c25563a528893321554955e6e125ae079f6345fcf19153559afca2246fc27803547ba6142571b8a2fd70a26ab1caa9abff8e28f8e265c49470b861cd81f207b2fdcd97cafa88a63793bc771c6d14358662bb71fbb22137fcf8c1fc855d5b8f1e200bea16ccc33fdbbe54bbb1ff797727a80d93b18e6f6c3a395d8a76b23f31fcd9f3ea17ae5b2d91a266c60676404022d44dc655d08b4bda8743a2b10f11318c4a563e9fb509a5b83230f4f763f1bd2d51fe9003f50e6cafe44c37615f75a178c6e3c11e22dd43fb76eb15a9f5a66f505a3af50261513f994f20d1073a0fa4d46c9cdd40c07c8d6ef207619e72ba7793e7b5194019b0d996be874bdebe6d5600fca02dd814ee0ae7ca082ff40b85539ba8a64d99e16b5f9b463f71857b42bb79ba636cb4fe38973a3b34af1c40f4934f16d552a85790fe42fe4b31436a35dad3b2689dbdad313827557b27d964457c66dd222447cdc90ad95bbf522e770c44b33d3be157e9cdcc2af098ba48d6626d1bfad5370fae97a321761b608cdedb05d8063c3d9009b978735022c18e4000abd346abddc187bdaca68be68fbaee2eb8f7d99f24523991ac311c834ac0eb5081281ca8045244d1336f5fdde22bf2c5e4b1782c5f35530423de08c73df81938a5a9bd1b7948fd2f4027da2184f2b1be3ce9eb4245ab50f577f415482ca8e7b2922cc74c3456a9ce5c8f451dcee5a8605338b8f0df6baf04e2fc51baa14455162d2816fea4e991b9a678e8b60c9b381ec04191b21f53c6711cb070e248a6a6ab14a7e9c271018b52cc8138b353b6084ab2ce99946c8b4ea8182c5afd075c0670985aa6e0e600c5b933ab104897a62120683ecc40d74cd0f0fa6022b1a633541513e4267328d2f94d23572792cd2a0b4e65c19790f96c71573aa09228861257888705662f252ff5de5de93bc1f0438047c39990ee76c84a2de530630302ecdf23b51bb35b8ad683719ea4f30908981c7a6eb133f6bed11584bcf1c40b9fd1a579ed9ccf1beddd94cf4e6d2b833df0274b258f9d973317942ac0f29e90280b3301e11127b1a816269cdfff37b7f93bca293edc7305ebf9505f868ec03a1522e7658db52758f4d46a1ba4c748892bf0c9f69ee40bd81cd7c6d5a52d53fe6ff241a77f2a8c86c480a4f61a6be151e972b65b8f8134b703417e18c1be98aa41d6607feeaa73b2e4864c184ec6a396cbc5c95c7194fac4c90aeec090fdb3403ca32b74bc00e509dac8b8208c40afa43711860f8ece579338271b80876e9bc6bf0e1eae9d7c96fa3940fd7faa38ebc36be058225c496e03dcc2613df5b354539b5488fcbea0bbc5263491550740efb52179f923e6e25794a374a44fac8f4dbd51defa899659967af66d68c8a6230d34987ebcbb51f3d8fcabf7970d32ae8ffd117e00c31e7c3b7b58bad540d15ce92e5b0629fc09baa05c03e1b7d2cdec728278e48c4b515b74775830da93ced66ca26607e8cc2705e1868e57e89de9bd8e867135296f904c0f85211a07170d7f4ee8f111b08e816a6cd23225861cfa2fa41dfad135487856cd791dbd1fda9806cc578ffa36c3a8a79b432e938b3f14908144db20ebe6749893afae5ab4954979b3bfeb74c1fbc64dc3045da149c4e10d22e84aedcc9ab76880d894b389d811b011ef7cb748d16d2710f38587e9159bf535e32f6260f08d032a5404a28b94e915fbfbf9cc84e13b7ae1931207359bb529f285f8859f1d080d6580779cb1c7a6c4120ad76d2d604b2dfa8fd777c4a369484b8356fff733c0b812fe2c91c5f4f66e608030a1c5c46cbf5aa233a2e8ca71345ffc0b2a39ef17cd163b2297535677c0f57b2a956eeb0c854233486db5878592e1fc840b81d668e611cf64232736fb1530bc86a8805eef2dd332acc534d809ac1f66e43423919fb91c14f858b2661c31e7ad49b4fa7414eb5cb9727e0c96595830d18a675fc488d000901788af3ff66d19bd4595177ada8060b087753069c2ad7813b22d1c411642d4978502975430c26f0c6af1395c2bfc2f942a12cc4b86aa6a63b5ed37377be0ea0589d19037dc4f9"], 0x1004)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x1000})

2.650641212s ago: executing program 2 (id=1993):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000080)={0x2, 0x32314742, 0x2, @discrete={0x7, 0xbe78}})
pipe2(0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = add_key(&(0x7f0000000000)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c42104001000ffff0000ff00000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2, r4}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=""/40, &(0x7f00000001c0), &(0x7f0000000200), 0x1, r4}, 0x38)
r5 = io_uring_setup(0x2cee, 0x0)
io_uring_register$IORING_REGISTER_CLOCK(r5, 0x1d, &(0x7f0000000000)={0x1}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$cuse(0xffffff9c, 0x0, 0x2, 0x0)
syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000180)=@default_ibss_ssid, 0x6, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000017c0)=@newtaction={0x14, 0x30, 0x25}, 0x14}}, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r7, r7, 0x0, 0x200900)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

2.519107988s ago: executing program 1 (id=1994):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00'], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x4000000}, 0x0)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_pkt_type_change={{0x1d, 0x5}, {0x6, 0xc8, 0x7}}}, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf035}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup(0x7625, &(0x7f00000003c0)={0x0, 0x9678, 0x2, 0x0, 0xf7})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f28, 0x5, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c942399, 0x1, 0x3ff, 0x802, 0x1600, 0xb, 0x200001, 0x9, 0xe1c7, 0x4, 0x4, 0x4, 0x392, 0x80000089, 0xfffffffd, 0x20000000, 0x7fff, 0x3, 0x3, 0x3c, 0xf10, 0x4, 0x3, 0xdffffffd]})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x0, 0x8, 0x10, 0x20001, 0xffffffffffffffff, 0x3b, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x3, 0xf}, 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)={0x14, r4, 0x917}, 0x14}}, 0x0)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
syz_usb_control_io$hid(r5, 0x0, &(0x7f0000000380)={0x2c, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0x80015b1b, 0x0)

1.100611708s ago: executing program 1 (id=1995):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x141440, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r1=>0x0})
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000006180), 0x0, 0x0)
read$FUSE(r2, &(0x7f00000064c0)={0x2020}, 0x2020)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="641d0000", @ANYBLOB="010002000020fedbdf25250000000800", @ANYRES32=r1, @ANYBLOB="08002600161700000a00060050505050505000000800350000000000080026001b170000080022014002000008009f000100000011000700cfa87c7b77e4a2824dc815a8ad0000000500080000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000", @ANYRES32=r5, @ANYBLOB="0800c300741300000800"], 0x30}}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x4000000)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x1c})
read(r6, &(0x7f0000000200)=""/145, 0x91)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x9000000)

571.079087ms ago: executing program 0 (id=1996):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r5, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000000000000024d564b"])
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)="6e967d0f563ff96457b49e92ea3c9521816b2e83cab2871179965e1836aebb149ee40124c3ea2d103b79f9cdc1987baba460352ed04d4ad54a667178c26228b324ad1b287469", 0x46}], 0x1)
write$cgroup_subtree(r2, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x17)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x5}, @NFT_OBJECT_LIMIT=@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}}, @NFT_MSG_DELCHAIN={0x1ac, 0x5, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_CHAIN_USERDATA={0x32, 0xc, "d1b2bc4bb474690ab8a5ed9e6df7c4a22f4af8d59ffd2cca3892557c50890d6fe1ec7e8599c591e81f461e2c1891"}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_USERDATA={0xf8, 0xc, "b67d42924eef755d5b9f65a3abc08d41105a3e3d6a7ae96d4810e024cc650c03becc13d21d27d7c012696dcf8529caa7b18809e2c010054228a2d9f8c5d1fc6af9538c35fa2679e536be9b177899ae43dc006c2706fb45eea91c75c21ba4ca0ca63f9cf0e432c5fce1842bada6215f7535a638d3778aedd4ee49344749e01745d9fdb5099c58cc917c8f9e1b28762cf23024765e4f68ebb2189c243adf99a8332370111811801ebf4dbf5c0ea40afef0e83411a5176ecf74beeab85125af5d8c72067db9bb8d81d59884532b8aab8aa5049ed38db2b607180f0af3da8bee62a232eae4833b662d6ed95fec4844d517583a065187"}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x28, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x2}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x9}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffb}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x22a957cb}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x1f4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
lsm_get_self_attr(0x66, 0x0, &(0x7f0000000180), 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
r8 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netlink\x00')
read$FUSE(r8, &(0x7f00000051c0)={0x2020}, 0x2020)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'wg1\x00'})
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x54, 0x10, 0x100, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{}, {0x0, 0x2, 0x0, 0x1, [@IFLA_BOND_XMIT_HASH_POLICY={0x0, 0xe, 0x4}]}}}, @IFLA_NET_NS_FD={0xfffffffffffffd5f, 0x1c, r8}]}, 0x54}, 0x1, 0x0, 0x0, 0x20048841}, 0x0)
r10 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r10, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r10, 0x6, 0x1, &(0x7f0000000240)=@gcm_128={{}, "ecb9d06d2d6e459d", "9ab7e8da5fbd3fc91d33e32cd9f5bddb", "6973ca9e", "e80ebfa5ac114dfa"}, 0x28)
setsockopt$inet6_tcp_int(r10, 0x6, 0x3, &(0x7f0000000000), 0x4)
pread64(r8, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
ioctl$KVM_SET_NESTED_STATE(r8, 0x4080aebf, &(0x7f0000000900)={{0x0, 0x0, 0x80, {0x2, 0xc004000}}, "e391f513816c0fd0c8411e969f9420889ad09ba829db76fa97e91e48afb0ca47e397809822842d22545dba6dd25c738e029c43720e64a0f0564d80a9cc9d473ef003fe99a958669892fc0c7f70c60f41adc09af2ff5b1dd7922c724311c9eb8b5ea7bc66105b46bb7d2f46dcc81f3bed2d65f24c14388a4e8dcca9a68937e59aae6b394357b85ed903e07516b5dc9ee88a4049598da7933c6823a661c6e3d19639ff77b6dfaebd8e54c82a83fa300adbabf8a21fff5b08f0f9be4c17dc6e655ff57556cb6514b3c04a29a745ad6e424b9d7d4d010c861e2e2527e4ada162c66757e0cf4725236d2264135e750af53d48399c26fd5661890a52f0fc5e3515a00f161a04dff0d11d30119c3adc6f622435ba48c1a1940345c120405b8296cbc798f155fd58b07092f643eb39b14d51b1e1f7a8f1ebaf110e95c28f4b32035b71396c4a3f9712f1184bb581b8a594c1d0b0b3a99c39f46554c223106ed1b8f0109c5c4098bf5adf441bd660b338e96f4a05dd1893836aeb6ca395e79282b590fb06f24efcad42055ecf0478470e9cfb4d9a81ff07a7a260a305bc9ebfa9593783f8575b73344b5734ddf0def672469638c605c2bace3efd48f77e4405ee4e78a56c94d557e14c97e325b12a777d986b187123c22db3a671f3431fdb3fcc81ba25bf7229211b6790662f6d77a55865ba1b482f2af02ed1b4b6136c0873d42de81af438166d382084d1408cf2213f495326e4e0c3ddb352ff8fcad1319e4ab59d4c6558c07cbef7a1261e47adfb9c9ace5961375eaf487c6695cd5df16fd8437fd58284eecce5a7d6823c478073a1275af25bb5850fac336188efefe39cd34c38e4b341a9bc1da503361c0342a70d65d879aa6df7e8c29ad1dadc04f5a862e8b3b62e9d5eb0b608980ec0004f5464de281ffea336c00a11e2f6b51d852114abe43a3d9e7f98b1ff08f93601c81e3070687931b9f24d728f692fc7096222083b3122976ec128ca2a85b8c626c420ce0d8966d2d186216c1ad6e571f25ad100b57d05c6dc5d05856c044af62495f2f4a820a3b000bb83aec2fbcdce5214d86b3b37505448a7e1d0dd8e420bdb978b6d0538c3c6ecda366d942875cafed80afdadafb31c59368e43c805c0d9f379774bb8f7e9eae2a5c1884416d04c462b5b9cff6136b14106a6d56bea88fae1bb667acd81c70e1faaec234630e0d42d43dea8b7c76a0975ba65ff7e5091998c29c00b35716e9ffc024a5021eac5575d5fc43dd92c706a006a5098322cc81dc83ea7f6b49a94aed68e4960c7162dd14f4c8258c050628b48e2cdd3fb292eab36d62ab5d57c94ede63ab88c1754cb1d466f9ad6208105d67151b1a852d4840527bd9a0b778537ffb0024593b696294eaeb946d55e09905820cd33647278a6eae939696efc021886c5e404a7e50f090795e33f4b2c2c19fb0b73efce06f7d9bdad49861e0274fe5516027620ce2686c14fe185dae6aaa4579b44bc8204784e26f57556a268c521d6de87ea34b5bb49e0b53245f806deb75b1403c02919aa453ec3eb83c1571aa966dc3235778a22fdf50254909363e875ff248de30ca817716dc74e8228fbdeab4acc526eb7ff0e1b63cb2a7475a882d6c65f78c042f247090c0559fb5f0c338ea8c9b0b3cdffc8fa250f3817eb75891d199ca374f03749537451c2eea9b2b3ab1811578f003484191d8ed3a977eeb930d697a2585d904d70ce5fed7dffae992c72cd59134c792db089fbd02083bf2eb3d45d60b84d2cc5572a9d031e25fd7d07338ee1d84546682ec3700b4d15533640b7065e9504b0df450bd0b313afb4a55dd2ed59e67f3735bee220cf51c150240c6d173fcca0a587edad856faf93634c7d75debcb0d659eaea4081c7760b206e8cfd34e30d563800b26d75a727ee18a98eb71697b28325e67998529b56bef8a76ef20dbd031305cd2dd88c8ec296cc26ae62da5afa77351ee26f46d14b30d7aefb05815a9636bdc0e70edc42762d6c926cb86c20010558c393503760f6fbc042e4d0ae6f861eb787c3dbe075b2e46c3d983cc489c7ba21171e80b82f6ba6701dbc20d276560e51c61da5474ededfe85d592cd8e1f3794855a4ce2d232b572c1f042cdc1ef24679424a78c8a2c6d51e54dc8a63a7c180645996a776205bde76600950165cb4d36f7513649a9ac12291e72427f1beebac587bfc8c7b6a8a3431b97bcf249f023954bc3be6a0badbc9478724bc6f5dd38337ced59b67cc440e9cf4a59e431221234fffd5d47aeb35730e38f552e1388bf36642074751b4f3531a32a59a2b0665b97bfea426e2d9ba5933f7fd85f483ddd2398c8e7dba1168a841717e49a797ddfff08445d8e59c73b4f6f885d98d6c8f4bf106a09c41223b7c0b23ed80bc2c4a1ab09e01563bba224d156aa9c103e4e71041b47cc52f710915cce23dbccaa7956fd29285e5ce3b5767851c678873402e561c6c2ae9cfbcc48761be24b8a49924e5c15261a9272983388abbc7cedd90ebf10f736759b0df8d3c5e3b6d792dd797f8cab7cde86965c90d9222781ba7a55de9578892a1374312afdcc1bebcc94a1c7cf9c9495b7af96a38ce5d2c492838eb7c66054537b6c03e9af7fa5c821d28aaff488ef8739e85f2428ba427337f1b57688b7dc345dfc80088aa4eeffbb1773d3bd2ac4ed8fb6464a7f9770492f412869def3ae1c4f6339b0b7e3f6415c4c1248359263914ec69a4ccf5bee65d06586d36e9dac5c69f5ca8942283f6b9bd9ac3c74ba4731544681054269adb04186fb06f01293753f292791bf5835cb77e07f8eddd6e8d0954f107d53c7a441817c41fcb8db502cbb71a6b2f168021e8e30976eb16037b062b45e93019cd7790d9a69f7ca954a2980a1d24447a6f8c763e63aea279d24e48cf63c3fa7af7783202f592b910e8388517d50c3a2b4e434a92feb3aeaf752ddaf01622fb0d36ee969dbdc365d19e97777fa6509757d28a09671b7f64beb17d0ed97c955deed485c029dea80f58de356f93f96468a295f43e8f34eec7dd9ee25de0a0eb9270cf75e1ba9c2395b6ce39c9438598956174472931f74bda592b20817fd1fde293a2fbd47298445b512ec2a0e0317741c09a5c296f277bbd36beae3fb2d5cfb6cc18d5d8f2488d290a53ebc4c938bb2a86cb35060b7e282b6ea550192cadebac12f209513a5cd931796ceb471abc9a4846bbc4ecaff4c30f50d28de8672bcf62289b59ae55725568f2b7a0bc2967c2f554074e34bd23c04f1baaabde532c6a3aae2430905a2573f056f6987eb9d87890dcb8b342d99864654c95ce07c16f3c915692d7b68bc055cf1bda5efd97b59e83ba31ee9230c2a384b83347bfa103dedb531ea16799530c8ed7260b2eed67b9f4985c4db298c1d673c726c79fd55d07f68b1bb09ce4ec1d464f6f401aa1f24fc8542f8b3f2bd6181d5f002ab3c3adbe66f38dbe6f611d73b1df9f62d742bd6bf4ddf02519fd1d978dea4aa16126d27303e5e8cddb45c78f063afa048d08b35e7a05bc13864f30835fd6582ce7292edfb5a28b5e2a18911b18654f69464dc8b86aec7708cd125fdf3258b280d8b1bf888f072d18ca441d2badea15992d4410bff2e51e551749183aa10c65cce52539bce8902f0b66a36d93c17852fe9e70cd475fbe0bdbaf975212515ee4ffec6fc1aeb50a21d0cb07f964f21a4e6086222c9f5211787bbbc001ac6bd397e08a4380e5b85131c1c738cf3e4cd95bcc51dcc647594bdf95dfca48f58560266eda92b16233eb108e50a72a7be65cffacde75e1973245ce65439a979bcdbc7d4a3130c3ed5dfe42c528fdee3ceabbf677aa59144516397d96268ae08132635dad3c53d81a5ac962b04ef7a62cf06c20ba355b8b3b1699da265d10348e6ca41d57e42df345cf497b9dce2373c5392e0f216f6dc2c3412ae9b49021646c754385d1e8174aaa4c0ce74c7b6657ba31611b5361092900492a635787f2bfda626c98554b0214c68c0abaf7475fd64145f5f82a961de16442b4c53616e4cc980166c86b2b4c5c795952c75c160c70848cbe4a2b19a80a0af570cf0d80c0cb09b4c5a837c8b1f18ec7ee6b27d02e156a9e2374540af105763ac09f667eebf91f59f684391f7e4700f67d7c6fef043e384c7cf8a428b30b413feb9f5368e90c8fc77b2a076d4eb273eec51c84f103ef67b7a71a7be1e6cf47a88eecd5f6eaa073f41d03b518ad37ef9835dae42f79976e59586e8c9ba30dcdb3b71615490fce19f41633c08f926382c6324a760a4a2d7adddce537f8d67dbb99fed4bbc9a43b91253959c2e51c2c29b6cfe85916ad94164c15a55c13a6833f883c32014999fde4a57b037c79337d2ce631f83f9c4e81c6155c70265dfe608ecc481e414777e236179d21e054c4fd9607ce12ef4fa800e4fd51d00fb8f305c665d15b956f75eca3dd3e3e23ddd9319a11238899529deb78f3c95ed57bd870e373e6438270e868b77604ef597943aeee0669cb0609ec7fbb97acf423aaecc5a7be01582c0742178f96307be514ea62c04c60bc6b5a624dffaa16dcb02999ee04846641d745f2af5b3b4e88a4be62cc8898da50b40ec629ed4c4fe95592def4903b78cabaae776f1dcf7fc7491f4c0540b9c44667bd738ab475f3c21235712a96c795988d10a2e5fb365b271668bcc4dab9dcc4fdb8b8e1264c1bb1031cf962426233650fe4f62ec779aac2e1b0ecc1de08eaed80f8efc5ed50c53638d7046f94c6c058554fd1ddee6b32b3545450442fd747e6ec64bb3d1c6526bf904d16883ec0f083a311b31475278322b827039d51d34d1dd6fbc6301d05f8929f2c06d97bc4757b108c11774ee48c1faad8909ffced2ede8be2472aaeac6f2f86765aa8f1a2cca0e2ead68481226017206f06661ffa855e6e3878c7a34de15c958d1ef457301b6e3c2b266b01c4524da4621a28b6f3f08e11055b5d4e7eb0a29296c4d806483840cea007e583e3d18909d3d9dfea0eb7e7babfecafbc99c724effc2a8e452c5818af50ca0352309ffa3061e7e4185be41a8990000a9ca351d608fd38046d69a6b1bae7592bd54350d1cab054e9fa773d1895897c65881fe7375e85bdb974961f003690c608b9048385c5cb3b8636c6103662a07d4bbbcb506aac2bd10cde2dab03af91a04c6256bee9a4ad7a3f3e0da94a9950a5c9618bcde0355faa43268d054e666ff8abd59908750bd3aa33bfadbdb4185f0ed78daa54b27da9391e6b450c702502c57e424bcd4f834a73f0afbfb5bcef8aebba81d2f270d01374cdccf0551acde3241ba4e28c04396ebfb9067bb9b5c0d9179e5fcb2228c97dd2fd9c9c3673fefa6e12d3526e091bd645b3df70143e4aba1fc37d2fd8f433f599809dec66e4effdd67c46ed15ad38da5eeadba5e8c472119dc9ad680c5023ca4fec697f9cbb5f7c405c45eb2bf6956bc9c09c47b95abf81114677252ca563a9a4e5247342f7c70df9993407e63056aa8bfe7239dc86beaa1b7b7dadc795bb37f5d14ecb5e9e470485798216f267d269f0acc5baf1a9bc6772c6997e08c2069d0fbca27273b82e907f6c420b4eae902220894b107b86475535e6fb9acf414d10433ff980051304e93cfc42c05ea806ceed68f6b32bf8d4e040e1e4690a5d9d99d3b2b1a04259cda29f61e205f4ab97d4b1c6a1190e2c16941342209d742c3140483b7d7bf6c941d2516582ecebcd00591ccfebcb7bc15546251cbe4281f480767e3656ac10f629203fa0e5de47f9643a5cb87a234ad41c67c47aca2849aa3a57cfb61bf61424ef98", "00b6b1b23ef205df5a0daec1bad98edbf58dbe8d5a43cf09d58787fbc767952a48ae36783d888ff3dc5bfcb6b4bdb533fc2bd62d8039d02acb518bd688ad6eab1da8f7f7a31c0e2c32e5e82f480f221cd4edfb640a6d5d156c6bac9015924709e950d2725a860a34e08b0942aaf5078c2a43ac344edb951f6b11b1170d5eefea7f20950c889779050ab668b38135f7c8932a0bd4d8dacb96a2b6da89752ca338a252af0a17d912c05aeadba9736c00ecafe52a0a4217d754a768749c0e3fe8db29128000db7308e83b300e2850aade10d79e687639788715f73ba0c41ac567688b92043ff4672ef50b68008014dbc173d74e180cd90728a9d03e18b84182695d562c8319fa10d531d4acd5fe0737dd6bb0287f2e853b8fa216cd0ca930ccace049ffa995d20e23401d13d1421a8ae5c5033de12b12be267b59c04af98d3004a248a964b08c6b1476138fc49d74515bd7b86ecbc1468f868ec9ee45646fa4550e48cb83662dcb0aa4cec62b2ea25c0a6c368eb47b173fab7d76d752163b442a0f735b9957bf4c4dcefcf1cf5b3389db9db215dbcd0259e54564a8fd6d39fbb80ebafafd74c485a086884b7242fb3bc5224065584d19d37c843313196c29e0ae0c3a5e754c2acb63e8cf2eafcad2f53b83ab6a5f91431a6c88ee4e34f7654ced9f6e80a53663a26e3b40f00f8005fca9d073e82f9e13a618ce386436a22075bec66782e6ecbd9fa941b7fd54adcc83a306d2835ec362368e51289deea8506dbac9577d28d84a55275a1dd72252ce4d8aef623e7f20140864cf50133cf282bb6fc30cfca11b88ca3949c62eddb1be08fa2cecf3e4bb8043860a8a387f5c1a14df5b8d6a200ab44c6fe09b77b0ff3dfe804a9c0658deaafdd4df2c56c1f2953886531b6d07f104a63288d8738e06d4f178273b4a891a908f77181f88c85709a135f945a90c7fe91086172a4cd7467c5b178cfbb65e07e2229b0cf235dc88d54345af7212d7b2d423085c0f3c55c461316cd94fe793c427bfebcef98145bd28c2e0baa44076e828bc20763e5601b62c5c1580c979547e112f3911f21b7a84ada8344c2322f24678256773b9130eaa0e20616dab928c280494f350aa2c9962edb55ecc19538339376a1ec98136c63e522f7d9168c0f36151d26a1f95be9c3d1735b51681667e748742fe7038509451cd432f471225087a23b0740987dee61e3427655159700ddfcc55745bb760368794f7808f830d98a64643ef85aea720e0cceadfca4a459c2beccd3df2f3fe99dc7d7afd8a90fc9819af2a218b48226d1b36d893c1d19ffa1586a4058aa8e3253da96478ed67116b530e6f9f4f0670b047ead16a60577f1c8cd3ecc669d31d637fe4dfb07c3e268eeff27fa17e34625391098c40e035e93e5211758de7c0c9dc7846045f92d0800d79410d01851f3cc33bb1e46bcf7bc6ee1903b1b5c15c645d75c073cb75b17b700c1af4a99a86d280388abd2d9ccc21dfb7f3677cc37e59f76b5828380a3679e4c654a3f30d18b62d2b8b40ceeb120df75704bf0dab0fa53fa139c10529feb105911b9f1136d46ff3b4c68b0997caf812c61acdf22c06db8cb3a1d72e38d5b7336f155ba79cf9a60887f44ec1d80dace6e3fb6d9e0d5dd1faee2d56d94109ca65b033509d8e0630f11b98ec3e0a86321821e4e973e8ba26d32b2431057fb4b65b7b580daf90c32840405288bf0657881b1f9f7d503ac7b66fed466b1c0667b05dc689a8ccf3c09510f8b76b33cbe946189295240779f2c268278281b47b2abe04cee2888ead6f8820e61a7bfda53cdcfff78ac7252cd1f7824096c9716685daced13b9ebea8f739ed33b906223d87882e44302250b9d7dc97e169f7977c8360e50776de357644c4171f2d38e3dd4bad610c83751a32631a6c5a88a0c19765678c08873dd0ffc6892aec4a6e0d284bf1f77db68212ca4ae31902d528f9b5295720165b0d1d9c58a03e796800a4488b58f16bda342528d3bfe45bb671e02998010d37b5668c33cbf90e1224e36c5ba8873eedf231c0d6df9b81bf5fc734502f8fad3cd159f2fbc7a14407538a835eefc29528d0cd6866f1faafd538d3184313f02f61638f03fee2e8963cd72535664b03db4a94c79bbff25a718d73b4f5c3c88260c8bcb7b0509c5fde9f001642851b25d38a72e813369195c6ca4a926965b6a7300d6629172b9c823e6d110129c9e6a266a2be020891c65ab8d1126a826064167821c4d1a1841c2b6ea06ea9d7cc66c1b2f67c04c6f53f213d5d238dcbb35d5926a31a84fa3a6f27551e3ff3703c5e538090ba3dff2d6424ffea5f16e3bea4bbfe1171601d999dca1ba3c002c4c6d6090e147dd8d19cf64f0b97a1a10adbc1701e460ecd413ddf01eb709b845df3378f5811f7c3119cd90a9b48d3290c6b0cad19598d04679545d250474a685eff494155c709c385f9d65354e6df82c258152332ab83776a610cf981a323f9ab25eff9d32bcf019c60cfdcd7c493b1673e31b1b30e9b3255a1efe376097ab1be7bf6e0a344b1309f6b77708a02d10596f73b76a02c982179d75ed2d618530a99c1eed2c7cf8bb763dee10c7084d82d0790794469f04a8af5c926d6536f3d46356ca67ca80d45cc4b93468453f1212225018a6a90957f0bb2367e600757d9213208905c50b06b40b1cc31f167ece8b05af6162c25bc2f78e5f6665157b9f082546b47d3002e34c21af47535ab859a577f4726bc1085f3b34e15610d6f39d0857e5689237ca1bb29ffa5574c5c74105c1cc25ac398df4fc8c3d82503f7e6b6e052585d042bd0dca0cfb1795ed52570441e88566a58b0d52760de9915ccbde683ca4eb0068e0ce0a8a03d21f154381504224426fd3189915c35685addeffba8000d0fc66f9ea6405b08343c70a2d5d1ae01ee0ba31d759da32b660cbb77de8c556386b9d19f70fa00886ad10da70fec6c4eacb11d342a5f8fb546c6784848aa0e945294548efdb7e549e7239864c6243209fdee064465c5f61ce7f22524530764a741265ef5027d934143cb442b51ea4287e8afc06ab7d9826b4d4e705f79ed127a41987dcee3be370aab511f236a2373e3b881bff4c4ffd5463620e3d51a2e7224e509d9b38d89b9a88e369e6b93c69b39dcafafc69726b6636eccac6a9b6881997b16db53521c4ef528fd25ee57fd999ff7145b159c30f9396c7b94019528340bf491657ed588a6c4562ea5ac6e5ef15f8cbecf4c9dda21e67f3f0d61f0bd72f759d37f0f284ca3f80f72f625c225b56b1abddfc92caaa8f14d078db8ed3d30ae4a30616b2639239d01ba61a157604fad79a9eb7d22e86462956352b1ca0898913da68448032cfbf084229d3cdbf9114cc60447632a2f0d8739cb9aa2de77e3ae00de924bf595646194577d28f6599d5be3b8c68b8d24f66aa015a25d7e5c830375bb7790f66e3d614d5abff438a7f4a3f385016d196db4013182a48f60b058df8a352acd3a904b688dbb73d4f73c5473af50996e33983bef27ee3df544b4f8a3c938006032d7d78295603499534cc377afa73b9782cb02445c7a54deded95104e6ca1489495f4aeeafa227199ceda87c32b1a1ea7188d7bc25649ddf7cf3dd48e8af3a7108c7dac73dcb9b81724dd935511d6c5f5ef0107c1e126adddca3770dc81ee9afa6cc79596aabdcb328315cb804b58811414e99013717871e88db2a9d5e7f38f85dcb89a28386b88bc6cf2bdcb83ad70eda6062634a621299e5db07211235a3eda3853842c4aa6d6f738d79d1b9a4fb07e999c0cb6e4fcf5bb44bbd2314b55737858eac603caebcb14aeaaa2fb592efa2f085238327c5a2079f463c47374714ff24feb79c25c9e66bb393ba56cd917a8f9231ad325bb2dfc6dc5be4959a0d459cecc6da7fbb6b1a8edf873be1538aa2b73ab44325d105c0ad8665c604102c761e55bad5ad967b9dbf0152bd0986a5bfd9891fa5810e937741480e118d860b642e742b3165f2c3cf30a5182cb9f79876d297be2b4993ea3636eaf3e6544c2c70be7bace538794400c1da75426f22233486e0a005e6d5ffad72db5d3d504969335e9ae812f02fddc3f57d7a3ab65b2eccd6d37fb108e291e7a84839c685b0384aff5b7d5971d64188d4be9a4721dff2ffcf974c77854951625aada33bc4021a1022400c37c285cff126bb03f836cd00327920eaf041c48f6087bae27ce7d63adbf3ceeb75a8a6c5027d01b092024b7eab3e2f3286f167bf6bc5e29641bb3460dc6f25f7934189d8dbd5207ab6c84d6198d3c0e2317a945ec998eb638bb19cca1b99267815907f90faf8547a09b98a129a8f8c09bb06303a0afe705a31473fb073fa69d487333c82676f7e9d82c1de1f7a97c6b01a58542fb913e59ebcf6f2f7f8a8a96f41c0aac7838a83ad6b96fc88c3f38a7df142b2cd22df9b2c7a283a37ad7ee52b8eb488fd19496083da6f01eb54a5e772a43754ccbc3fe95ac22266969fd49dad46efd47d125af5216f18a21c97a8ef6bfa7784401f647736a80f3fc8a2a69b11a5e23126048b8c095c40798a2c5270da0d6fd90ced7a01e6a057b606f99045a98d74c87c1a2756e6be3522ad48b554314fc00bb85fe75908d2a537ef6c4fc467744a9bd42edf535b68fb5f3067c609e5c3019059338f20dd9dcb7da4991e616d436d29510f1483959240448c6c0b1e4afb3d562297993e90c140019f12be8e44a6e1d017a5be922ab0ffd8b940052b1607e2e61b4844cb62331cce23bb665ea02fd6c46ebe999b21800f8195af335ded9512c56a750aef49b27cc272a719ad602b87be508d2431583601cef910379d8aac9d48003f62587211607b661ac9d118d897fb23fd62571614babadc683793c8f7dad90bb4fd4edc76bb4513da1255d5a373bc8401fadabaa5ca33744e8246a1f77be1de99e0e9c95aa6aaade9c73a82ca3d4c9c026af43c9dfb8582ddcc0ff6b26f05b02562601d6c6e6d6caca333ada32602938d1d82a029b19737bf049b3cedbe9cfe2edc828f206a166f52a8d241a848d0827fee9319136bccb01eb90851af07fc8ad8caf6ff7d687a1f803bf793f2a203599f9849d1920dbfadde41f115350da03bdd8854d3e5e55fb52966fcbe5890bbc1f169be812a817d67f67c49901bc4348e07a9fc26d21dda9d2ed6ab727d14a2bf63ca84f9033c8f5c02332369675cc2c84ffd7f63a075b241f37a0b25bee81faf6fbdffda33ef7ff6fee179eb712cc6b437e201130d06b2b38512a7d489a1a25d9537aaba7273440907659047175641df649c2655e3df02e1f334add5567f78fb28fa64c3395b91fe53d039dfba1e0909dcecc5b75e039225577b7a56e586ec180a1b83cf360f8a04159c0f2d25276621f805542ab069793add5b15411e1ee5a089bbe5dfcf99f442c1c382e0b08155befc81d43471ca72c540636395c6778416b12fb0b4359f16c3d4d46d4754fe5b6241f9a01b77cafd2bfca2a9655fd0e2cf1a30e4bccf4515c77c324cbfc0e9eaee5011465c4da826168558ea8cfd451544a28a3f8f6616a947a94c20a7b0d4363a58a15b463905dca11b9178c94a37736887e1272f62782ef3471f911208a40468f43a2033f601133b5c5c82a9c2359b854dd20381238f9c62e6e2ff3ce64e0c176785815d3634e6eb23b4c5bccfd5a7ce0395f55c56b1d9131890be5a729e7fb75d816c7523b5c2acc724e91176b542076c3403d97219e0fa5cea437130bf92a01558f7fa8b7c2265176a71b3a0e1ac681bd3bff9f5e3dec8bc24fc0dbdfffd7f8172843f857946"})

520.346281ms ago: executing program 2 (id=1997):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r3, &(0x7f0000000340)={0x1f, @any, 0x1}, 0xa)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r4, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}, {&(0x7f0000000500)=""/189, 0x7fffef68}], 0x2, 0x300100, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
r6 = openat$bsg(0xffffff9c, &(0x7f0000000100)='/dev/bsg/3:0:0:0\x00', 0x101000, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x14404, &(0x7f00000002c0)={'trans=virtio,', {[{@access_user}, {@cache_mmap}, {@privport}, {@uname={'uname', 0x3d, '/dev/bsg/3:0:0:0\x00'}}], [{@appraise_type}]}})
ioctl$BSG_GET_RESERVED_SIZE(r6, 0x2272, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_setup(0x50d2, &(0x7f0000000000)={0x0, 0xbc04, 0x40000, 0x2, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))

308.909494ms ago: executing program 0 (id=1998):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x110)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x4a02, 0x3}, 0xb, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r2, 0x28, 0x2, &(0x7f0000001680)=""/55, &(0x7f0000000000)=0x21)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000780), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000007c0)={0x14, r3, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x14}}, 0x0)
socket$unix(0x1, 0x2, 0x0)
recvmsg(r1, &(0x7f00000003c0)={&(0x7f0000000200)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000280)=""/79, 0x4f}, {0x0}], 0x2}, 0x0)
mknod$loop(&(0x7f0000001b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat$dsp1(0xffffff9c, &(0x7f00000001c0), 0x10fe83, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x93)
renameat2(0xffffffffffffff9c, &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0, 0x2)
setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f0000000100)=@ng={0x4, 0x0, "25923a03a49d763022be9fc14b08"}, 0x10, 0x1)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@polexpire={0xcc, 0x1b, 0x1, 0x0, 0x0, {{{@in, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f}, {0x0, 0xe3, 0x10000000000, 0x0, 0x1000000, 0x0, 0xdd81}, {}, 0x7ff, 0x8}}, [@mark={0xc, 0x15, {0x35075c, 0x5}}]}, 0xcc}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_CQM(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3800002e256ff784a13ffdc708fb76a100b40e5f68a9193b774f4324974d79a8fe5c0245cdb07c32152fe0fb98e285", @ANYRES16=r6, @ANYBLOB="010004000000000000003f00000008000300", @ANYRES32=r7, @ANYBLOB="1c005e8008000700d20000000800060001000080080005001d000000"], 0x38}, 0x1, 0x0, 0x0, 0x400}, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000500)='incremental-fs\x00', 0x10000, 0x0)

79.266865ms ago: executing program 0 (id=1999):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f000905", @ANYRES32], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000240), 0x8, 0x0)
ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0xc397e)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r2)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r3, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x5008, 0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000340)={0xc0000008})
r5 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, 0x0)
fanotify_init(0x40, 0x1000)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r5, 0x6628)

78.527043ms ago: executing program 1 (id=2000):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$video4linux(&(0x7f0000000380), 0x8c, 0x8080)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f00000003c0)={0x3, 0x0, '\x00', {0x0, @reserved}})
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'lo\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000340)={&(0x7f0000000380)={0x1d, r3}, 0x10, &(0x7f00000003c0)={&(0x7f0000000140)=@can={{0x2, 0x0, 0x1, 0x1}, 0x2, 0x2, 0x0, 0x0, "2e235857a534099b"}, 0x10}, 0x2, 0x0, 0x0, 0x20008804}, 0x1004c818)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002000)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, 0x39, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}, 0x1, 0x1f00}, 0x4000000)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0xd, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r4, 0x331, 0x70bd25, 0x25dfdc00, {0xb}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048800}, 0x8000)

679.982µs ago: executing program 1 (id=2001):
r0 = io_uring_setup(0x2cee, &(0x7f0000000200)={0x0, 0x93b0, 0x3, 0x0, 0x315})
io_uring_register$IORING_REGISTER_CLOCK(r0, 0x1d, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
listen(r1, 0xa14) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async, rerun: 32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={<r2=>0xffffffffffffffff}) (rerun: 32)
setresuid(0xee01, 0xee00, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = syz_clone(0x8c081500, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3) (async)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000180)=@default_ibss_ssid, 0x6, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000017c0)=@newtaction={0xe80, 0x30, 0x25, 0x0, 0x0, {}, [{0xe6c, 0x1, [@m_pedit={0xe68, 0x1, 0x0, 0x0, {{0xa}, {0xe3c, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x18, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x1}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x10000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {}, {0x10}, {0x0, 0x0, 0x4, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x400000}, {0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe80}}, 0x0) (async, rerun: 32)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) (rerun: 32)
sendfile(r6, r6, 0x0, 0x200000)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])

0s ago: executing program 3 (id=2002):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000050)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xd73, 0x80, 0xfffffffd, 0x283}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r3, 0x0, 0x0, 0x0, 0x12141, 0x1})
io_uring_enter(r4, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8, 0x10, 0xffffffffffffffff, 0x2ceae000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002300)=ANY=[@ANYBLOB="1c00000034000701fffffffffeffffff017c"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a80)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="041817aaaaaaaaaa10ffffffffdff3856609ed85"], 0x1a)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c80000bdb834741ca8c5fe9a48f969438ebf7c9d0dee352c7ef42fa46f498bb64b06a8edaec208a03d9b3ab3b4c8ae0a77105771f2ba9f2a0af1e3de5fff447c705954341b123cfc01af2d91cefaddc4f39bd1e420c24175271a8e39f18c5fc588e4dd1563ad23c4626a1cc2a7c2dd0d447b4ec774a50d46bb23d62682f2250cf376d34c57b0137811c7dd4411c995c1e90b54e3e904071794fe10454332dca7ac0a5d6a93b4d8e54d6980a87344180121c700bbd04f3317ad9fdfe4c10f9f332393d54ba1b1da1823c16dca0f465618fd341e3f25850d532b0ad59324dedb33b165521e30cf231c5086e92de5f18aaa831e19fce091ffe8f004e5d45c37d86ff95b441add77e057949fc7c499cac92be793da42f168e8da0f1b93c45e7f3bfce4bff0692a7e80254d6325cab7b4219406d386bf93eb9dc45659d5990bd730a78b1ed06559d2a1dac789d83b78466438db6a1943067179facd92599c70b5fc318b76a16024867badd938ad52679abe016d60b9430977d716b73bca086c01d174e7d516f595dacfe502e7f26ca57dc79bb012905ba1143782af5567820f142644d705406677071cc122f17bb175ada64cf5fc987c686324f0985c5a44aa56822f305d5136ae09a7693a94130132f15fdd6588cb5285d0df8c274bea41097e8f39304738bfa8c3244fc98f59a9ef5951b7f659425eb9c44bbc72ea0878c4dfec078df223874f613daa1334b0f6423426b41b0901e50d8c9418df0c0b8886850c209e8ae28e17b4ba791c0c9b6c09f0e93a9fe4224a2fcdb68a95b80325e23ebe54197f4bd3c633a7edae8a78d0262c9d0d831b8df884b961af5240953f53d8e117bf9127d2787a8e22bfcc2da196daf88af00713af4e5ab2f9a209dd1d9bf2500908164e6706121714b2f2ef7fd01a0b48843f4708af3504dad7e6c6516ceaf938f50446ab6ede103832dde6357cecd81ae0a9ea6129b87d44dcb02a6d3ed4732f30d211fc2a8c27865ab51f02068763c6ab7f24c6dcbc4f628d11bb96f457fd535438d523039849f054048ffb0a9e407844852b21c3afdab84edad49ddccb01fec154c4d61291a99826f2937cbcdce00dce8daef4d78379ea4af3197106e1684947f054a396e8a5b7da4dd61bcfdc9d0a54bcca07142407e684f19fc04be4239b9ff203521952e907117fe5e8166ce94172337b2b65c61b97f1935fd508ff9b9668c8356b706510f54e1a052f091d03c8ab9ad4193b60559d3d53908b21d1d6dc49e1703e2dcf80ff5dc8d395d1bd8757dc8ed5e153a3d76e6e878cfa5601c2976755a4a0da500fcc63b0213f97d122d5a20e484d1ce8d8deca8b7a56ea781e649082090fe7a466567d8a039108fcd6e190e9161b7301a3dfc225bd8b03d8fc4b9bc175baa0aba1524a7f7e6013bbf3ae65e49377373a1bf846bb869f1031e3187d85eca229e071fdaac98c494a8318f6fa5ad02c39378141f580373dd23e0c116b20c35cfd7eedb37e5ef44b6366becdd21343da747675cc03c58edf995e15cd518d7c73cb3974d175dd9a8f1a9c9c19f5e251bd16640e5cf219f7aac80274763395bacb8da3712fcca18aa10a2eb3b7a06aae43f7047def015aa38bb4163da2538d29ebcdf6da71a9d9bf997c0a0c76c16b2ba00ce45916b860edb6d38f11a0d628629c14fa9186f9e658b326f40e45b2f54e285a3bff620cf9f0751779e8e266c9e1c0c7ab0a98aaf72d1031e3030e6ba4315869999e08605aa79f845906dff7df511c2e8b1555d2b1a48ea60f21808ae3ca24f0a586793811d1ea4b0df3e8b2ac8f025548734ed62cf0028be94bc3c168e7155ba6244eadd437cb1ebeb248c90c56fab961bddcf715833ec53604b89190e79f184ce07ac439f5e9a361ba1205a8364673bd67c9d092c1997edad75a537caf3f23a5f2c2ac497a775b1b9a5e6db9b8644fc0fd354f8696b487a9104203e189914e068dbc22e61391827278fba8f50d452b9cbc583dd87573675120925f1e953e0fd5dc5e63499a0a7ea0a6ab69c5be45f2f6ec6a959d490323bdd083d35253c7633092821a58bc60b3c28b760ee760be8d6a314e7d1228f9921b41947d3be21c211d4847eb3b834ee107bf4df0dce25e28e999fcd033ef785c0cb0e36dcdc0a4c006fa83dd5eacfb8f68a689d62f84a475ff71e9295a5069bc6de296f7fbf9acea2e263ed95083db7ba94ddb45cb77cebac1fda1d8b0663fc7f49f4331df27cafb5c407f01b4a18717c182a079064b874bba9e2bfa439a08a4960f1ff7991f6d818eb5ad845632d1cb62f255df3f1fd81f94a29c8c3892c5fa731194b83ee6f29bd102f3b586c368f294ba7c63c73e860f3cba0c1a173176f740404b0eebcf81bba068bf1eccb80fd17d1f7220db92607784a7513bfed8b4a71ab99b8eba82d5aa0152de848d481106973404188e1ee16bd45f5f24a4f9c68f667a2be1bc2a58c30b5a33a8209ddc10d0bd9522a726b012fb8ef221abd4ff59ed7e81b81c7cee428100515cbeeac3076dad870bd069d59f518cf36a3612d3ef9eae597e2458dee075627ee219cf68e2a450495fd8bcc157f4c7d1360760b4be7eb8b87f7724e16859ca5dfb7f50eb98ced3972282fb565511b11231a643489639420d83442b3b2dd133d73ccc2de515987ec2cc869c75b5f4dc8cda7559bdba1626b4bdc6557a7f43e35071c303b083adbbdaa00f389f5358adf90939c5899ff74c4c0c4a6656d3f0b67f460f00d5d8b15346f34432433e226a3952df6537e9a9d772e39a78e851deb6efcf1ab5066a46539ab67533cf42782755461ed295a836a1641a41cfba17da37e6a2206de7f890824538357b3908622221ee0156f57f64970b1d93042e30621db4b7e53686ee5af23cbbb6539fff99e74677626fe42feb95efa6c20d80d7f081da5f98cc0632d4a64b2697c5967a15bd41dee3e64812c3df900b1362832438cd8442f5dedea03cb30cb95542bc7dcba89462d54ccb02559b91ebf7acf849b14164e327bc5c50948e71dda1d2b03dc2183c08e8a03a9fbb5d318c35e953f82e75bec63386a4dc32b6dc5d50d46607f26c7f3595103b7de5bb01d803cba523f1edbac8da33fb93d7afaeaac0dc4b2197c65357d2b111711bb1c2e118a56be7d14adf13b1b4d1f4d0ef8f84b13099dcfeb7b20ea83a4aa906d38c2d7b70a6e1d631663b38b9a3989cec282883346475933dff242930a9a105ab9977ae2dbc7953700ef070bdf75e3e8263c42c65814da383f846185cba2d3f96f0146f5e6e599b27a1c94c0c71370e702337b7c9a5b4dc090ff84003a16691f94b44ed262c10a6f67a6b37a6f2a3466bff2de7233241b95a75aaf308da6d925d5fe1b9af303aff84c5105118cecb53b1597caeff19a5d0bd12ceb9c60de843ffc583b090715f97403d95e6c9159d1e9d7601f5178ea4418e4e7a878b7b6bae69bd3c120e531fc072e3a416fe6906dbe13b51c39c9979ba1370b61e3045aca60955f1f257158e2f1b0a7e92ff834448587defc72e3deaa99ed17c8967a9ae80aa64e8416c47bf90bc7e0888277e2dfa78968fddff1d62bb77419eda8b115091a525eeb2222bb0c2a087657bfc2060204cbb994c87df0fbf47b44133afdf61979162c9fb160e59c0925213fc1fc60080da4c65483fa0e781f06ec09be2b5a8d9738a650772e07fecc2ac306628fc32e8d63180c0272e8e32c7e57bc22c25563a528893321554955e6e125ae079f6345fcf19153559afca2246fc27803547ba6142571b8a2fd70a26ab1caa9abff8e28f8e265c49470b861cd81f207b2fdcd97cafa88a63793bc771c6d14358662bb71fbb22137fcf8c1fc855d5b8f1e200bea16ccc33fdbbe54bbb1ff797727a80d93b18e6f6c3a395d8a76b23f31fcd9f3ea17ae5b2d91a266c60676404022d44dc655d08b4bda8743a2b10f11318c4a563e9fb509a5b83230f4f763f1bd2d51fe9003f50e6cafe44c37615f75a178c6e3c11e22dd43fb76eb15a9f5a66f505a3af50261513f994f20d1073a0fa4d46c9cdd40c07c8d6ef207619e72ba7793e7b5194019b0d996be874bdebe6d5600fca02dd814ee0ae7ca082ff40b85539ba8a64d99e16b5f9b463f71857b42bb79ba636cb4fe38973a3b34af1c40f4934f16d552a85790fe42fe4b31436a35dad3b2689dbdad313827557b27d964457c66dd222447cdc90ad95bbf522e770c44b33d3be157e9cdcc2af098ba48d6626d1bfad5370fae97a321761b608cdedb05d8063c3d9009b978735022c18e4000abd346abddc187bdaca68be68fbaee2eb8f7d99f24523991ac311c834ac0eb5081281ca8045244d1336f5fdde22bf2c5e4b1782c5f35530423de08c73df81938a5a9bd1b7948fd2f4027da2184f2b1be3ce9eb4245ab50f577f415482ca8e7b2922cc74c3456a9ce5c8f451dcee5a8605338b8f0df6baf04e2fc51baa14455162d2816fea4e991b9a678e8b60c9b381ec04191b21f53c6711cb070e248a6a6ab14a7e9c271018b52cc8138b353b6084ab2ce99946c8b4ea8182c5afd075c0670985aa6e0e600c5b933ab104897a62120683ecc40d74cd0f0fa6022b1a633541513e4267328d2f94d23572792cd2a0b4e65c19790f96c71573aa09228861257888705662f252ff5de5de93bc1f0438047c39990ee76c84a2de530630302ecdf23b51bb35b8ad683719ea4f30908981c7a6eb133f6bed11584bcf1c40b9fd1a579ed9ccf1beddd94cf4e6d2b833df0274b258f9d973317942ac0f29e90280b3301e11127b1a816269cdfff37b7f93bca293edc7305ebf9505f868ec03a1522e7658db52758f4d46a1ba4c748892bf0c9f69ee40bd81cd7c6d5a52d53fe6ff241a77f2a8c86c480a4f61a6be151e972b65b8f8134b703417e18c1be98aa41d6607feeaa73b2e4864c184ec6a396cbc5c95c7194fac4c90aeec090fdb3403ca32b74bc00e509dac8b8208c40afa43711860f8ece579338271b80876e9bc6bf0e1eae9d7c96fa3940fd7faa38ebc36be058225c496e03dcc2613df5b354539b5488fcbea0bbc5263491550740efb52179f923e6e25794a374a44fac8f4dbd51defa899659967af66d68c8a6230d34987ebcbb51f3d8fcabf7970d32ae8ffd117e00c31e7c3b7b58bad540d15ce92e5b0629fc09baa05c03e1b7d2cdec728278e48c4b515b74775830da93ced66ca26607e8cc2705e1868e57e89de9bd8e867135296f904c0f85211a07170d7f4ee8f111b08e816a6cd23225861cfa2fa41dfad135487856cd791dbd1fda9806cc578ffa36c3a8a79b432e938b3f14908144db20ebe6749893afae5ab4954979b3bfeb74c1fbc64dc3045da149c4e10d22e84aedcc9ab76880d894b389d811b011ef7cb748d16d2710f38587e9159bf535e32f6260f08d032a5404a28b94e915fbfbf9cc84e13b7ae1931207359bb529f285f8859f1d080d6580779cb1c7a6c4120ad76d2d604b2dfa8fd777c4a369484b8356fff733c0b812fe2c91c5f4f66e608030a1c5c46cbf5aa233a2e8ca71345ffc0b2a39ef17cd163b2297535677c0f57b2a956eeb0c854233486db5878592e1fc840b81d668e611cf64232736fb1530bc86a8805eef2dd332acc534d809ac1f66e43423919fb91c14f858b2661c31e7ad49b4fa7414eb5cb9727e0c96595830d18a675fc488d000901788af3ff66d19bd4595177ada8060b087753069c2ad7813b22d1c411642d4978502975430c26f0c6af1395c2bfc2f942a12cc4b86aa6a63b5ed37377be0ea0589d19037dc4f9"], 0x1004)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x1000})

kernel console output (not intermixed with test programs):

0xf70fe579 code=0x7ffc0000
[  377.368137][   T40] audit: type=1326 audit(1759640015.174:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.377615][   T40] audit: type=1326 audit(1759640015.174:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.386632][   T40] audit: type=1326 audit(1759640015.174:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=299 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.396631][   T40] audit: type=1326 audit(1759640015.174:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.405021][   T40] audit: type=1326 audit(1759640015.174:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.413638][   T40] audit: type=1326 audit(1759640015.174:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.422550][   T40] audit: type=1326 audit(1759640015.174:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11867 comm="syz.2.1397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  377.467353][   T34] usb 8-1: USB disconnect, device number 50
[  377.565016][T11872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1398'.
[  377.914687][   T29] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[  378.072300][T11876] FAULT_INJECTION: forcing a failure.
[  378.072300][T11876] name failslab, interval 1, probability 0, space 0, times 0
[  378.085656][T11876] CPU: 1 UID: 0 PID: 11876 Comm: syz.3.1400 Not tainted syzkaller #0 PREEMPT(full) 
[  378.085712][T11876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  378.085728][T11876] Call Trace:
[  378.085737][T11876]  <TASK>
[  378.085748][T11876]  dump_stack_lvl+0x16c/0x1f0
[  378.085793][T11876]  should_fail_ex+0x512/0x640
[  378.085830][T11876]  ? fs_reclaim_acquire+0xae/0x150
[  378.085867][T11876]  should_failslab+0xc2/0x120
[  378.085903][T11876]  __kmalloc_noprof+0xdd/0x880
[  378.085929][T11876]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  378.085968][T11876]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  378.085998][T11876]  tomoyo_realpath_from_path+0xc2/0x6e0
[  378.086068][T11876]  ? tomoyo_profile+0x47/0x60
[  378.086112][T11876]  tomoyo_path_number_perm+0x245/0x580
[  378.086137][T11876]  ? tomoyo_path_number_perm+0x237/0x580
[  378.086166][T11876]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  378.086230][T11876]  ? find_held_lock+0x2b/0x80
[  378.086261][T11876]  ? hook_file_ioctl_common+0x145/0x410
[  378.086297][T11876]  ? __fget_files+0x20e/0x3c0
[  378.086331][T11876]  security_file_ioctl_compat+0x9b/0x240
[  378.086361][T11876]  __ia32_compat_sys_ioctl+0xc3/0x370
[  378.086390][T11876]  __do_fast_syscall_32+0x7c/0x300
[  378.086428][T11876]  do_fast_syscall_32+0x32/0x80
[  378.086460][T11876]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  378.086489][T11876] RIP: 0023:0xf7f84579
[  378.086511][T11876] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  378.086534][T11876] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  378.086561][T11876] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500
[  378.086578][T11876] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  378.086616][T11876] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  378.086633][T11876] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  378.086649][T11876] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  378.086687][T11876]  </TASK>
[  378.086982][T11876] ERROR: Out of memory at tomoyo_realpath_from_path.
[  378.182248][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  378.186033][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  378.194479][   T29] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  378.197751][   T29] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  378.208950][   T29] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  378.212979][   T29] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  378.219658][   T29] usb 7-1: Manufacturer: syz
[  378.224564][   T29] usb 7-1: config 0 descriptor??
[  378.229216][   T29] igorplugusb 7-1:0.0: incorrect number of endpoints
[  378.437361][ T6069] usb 7-1: USB disconnect, device number 47
[  378.989095][T11888] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1404'.
[  379.081062][T11889] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  379.085718][T11889] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  379.089394][T11889] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  379.092725][T11889] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  379.096062][T11889] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  379.099704][T11889] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  379.103426][T11889] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  379.106843][T11889] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  379.109854][T11889] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  379.113175][T11889] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  379.117632][T11889] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  379.121382][T11889] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  379.124846][T11889] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  379.128885][T11889] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  379.133077][T11889] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  379.137912][T11889] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  379.141233][T11889] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  379.144598][T11889] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  379.147944][T11889] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  379.152277][T11889] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  379.156159][T11889] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  379.374867][   T10] usb 7-1: new full-speed USB device number 48 using dummy_hcd
[  379.544437][   T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  379.549929][   T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  379.556424][   T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  379.561069][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.816179][   T10] usb 7-1: GET_CAPABILITIES returned 0
[  379.818938][   T10] usbtmc 7-1:16.0: can't read capabilities
[  379.992818][T11895] bond3: entered allmulticast mode
[  381.917751][   T10] usb 7-1: USB disconnect, device number 48
[  382.493675][T11934] tipc: Failed to remove unknown binding: 66,1,1/0:1257028778/1257028780
[  382.499123][T11934] tipc: Failed to remove unknown binding: 66,1,1/0:1257028778/1257028780
[  382.620729][T11940] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1419'.
[  383.201251][T11958] evm: overlay not supported
[  383.225909][T11958] fuse: Bad value for 'user_id'
[  383.227975][T11958] fuse: Bad value for 'user_id'
[  383.494206][T11966] netlink: 'syz.3.1423': attribute type 10 has an invalid length.
[  383.915790][ T5968] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  383.920625][T11980] veth0_to_hsr: entered promiscuous mode
[  383.923853][T11980] veth0_to_hsr: entered allmulticast mode
[  383.927660][T11980] veth0_to_hsr: left allmulticast mode
[  383.930527][T11980] veth0_to_hsr: left promiscuous mode
[  384.214950][  T841] usb 8-1: new high-speed USB device number 51 using dummy_hcd
[  384.297515][T11987] netlink: 'syz.2.1428': attribute type 1 has an invalid length.
[  384.301053][T11987] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1428'.
[  384.374603][  T841] usb 8-1: Using ep0 maxpacket: 32
[  384.376471][T11985] infiniband syz1: set active
[  384.378985][T11985] infiniband syz1: added syz_tun
[  384.387053][  T841] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  384.391192][  T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.397114][  T841] usb 8-1: config 0 descriptor??
[  384.409266][  T841] as10x_usb: device has been detected
[  384.412309][  T841] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  384.419219][T11985] RDS/IB: syz1: added
[  384.434566][  T841] usb 8-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  384.467591][  T841] as10x_usb: error during firmware upload part1
[  384.470331][  T841] Registered device nBox DVB-T Dongle
[  384.573759][T11992] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1430'.
[  384.934739][   T34] usb 7-1: new full-speed USB device number 49 using dummy_hcd
[  385.108503][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  385.118020][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  385.133749][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  385.138746][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.316122][T12001] lo speed is unknown, defaulting to 1000
[  385.375868][T12002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1432'.
[  385.408631][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  385.420478][   T34] usbtmc 7-1:16.0: can't read capabilities
[  385.427321][   T29] usb 8-1: USB disconnect, device number 51
[  385.468449][   T29] Unregistered device nBox DVB-T Dongle
[  385.482197][   T29] as10x_usb: device has been disconnected
[  385.803558][   T40] kauditd_printk_skb: 67 callbacks suppressed
[  385.803581][   T40] audit: type=1326 audit(1759640023.634:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.0.1433" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x0
[  386.640366][T12026] netlink: 'syz.0.1438': attribute type 10 has an invalid length.
[  386.646811][T12026] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1438'.
[  386.663780][T12026] team0: Port device geneve0 added
[  386.670852][T12027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1437'.
[  386.729607][ T5968] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  386.730521][T12031] veth0_to_hsr: entered promiscuous mode
[  386.731779][T12028] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  386.731818][T12028] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  386.732469][T12028] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  386.732562][T12028] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  386.732598][T12028] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  386.732798][T12028] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  386.741669][T12031] veth0_to_hsr: entered allmulticast mode
[  386.743451][T12028] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  386.763193][T12028] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  386.767248][T12028] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  386.771964][T12028] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  386.776877][T12028] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  386.839960][T12028] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  386.843425][T12028] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  386.848360][T12028] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  386.853342][T12028] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  386.858009][T12028] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  386.862605][T12028] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  386.866973][T12028] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  386.872321][T12028] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  386.876401][T12028] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  386.880222][T12028] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  387.598577][T12030] veth0_to_hsr: left allmulticast mode
[  387.601039][T12030] veth0_to_hsr: left promiscuous mode
[  387.723926][ T6069] usb 7-1: USB disconnect, device number 49
[  388.438743][ T5964] usb 8-1: new full-speed USB device number 52 using dummy_hcd
[  388.609481][ T5964] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.614511][ T5964] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.621051][ T5964] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  388.767305][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.141203][ T5964] usb 8-1: GET_CAPABILITIES returned 0
[  389.144476][ T5964] usbtmc 8-1:16.0: can't read capabilities
[  389.879549][T12065] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1450'.
[  390.260112][ T5855] usb 7-1: new full-speed USB device number 50 using dummy_hcd
[  390.470969][ T5855] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  390.495044][  T841] usb 8-1: USB disconnect, device number 52
[  390.501751][ T5855] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  390.599817][ T5855] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  390.628719][ T5855] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.741068][   T40] audit: type=1326 audit(1759640028.574:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12081 comm="syz.0.1456" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0
[  390.762478][T12084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1455'.
[  390.798644][T12086] pimreg: entered allmulticast mode
[  390.908785][ T5855] usb 7-1: GET_CAPABILITIES returned 0
[  390.912850][ T5855] usbtmc 7-1:16.0: can't read capabilities
[  391.767902][T12102] 9pnet_fd: Insufficient options for proto=fd
[  392.703732][T12109] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1464'.
[  392.996048][ T5855] usb 7-1: USB disconnect, device number 50
[  393.137224][T12120] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.160350][T12120] batadv_slave_1: left promiscuous mode
[  393.168366][T12120] veth1_virt_wifi: left promiscuous mode
[  393.188504][T12120] bridge2: left promiscuous mode
[  393.273657][   T40] audit: type=1326 audit(1759640031.104:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="syz.0.1469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.286206][   T40] audit: type=1326 audit(1759640031.104:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="syz.0.1469" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.298641][   T40] audit: type=1326 audit(1759640031.104:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.311959][   T40] audit: type=1326 audit(1759640031.104:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.324028][   T40] audit: type=1326 audit(1759640031.104:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.334978][   T40] audit: type=1326 audit(1759640031.104:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.345461][   T40] audit: type=1326 audit(1759640031.104:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.355606][   T40] audit: type=1326 audit(1759640031.104:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.366914][   T40] audit: type=1326 audit(1759640031.104:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.382629][   T40] audit: type=1326 audit(1759640031.104:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12123 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  393.384941][ T5855] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[  393.574879][ T5855] usb 7-1: Using ep0 maxpacket: 8
[  393.605102][ T5855] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  393.611075][ T5855] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  393.621364][ T5855] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  393.631722][ T5855] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  393.650638][ T5855] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  393.674762][ T5855] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.913180][ T5855] usb 7-1: GET_CAPABILITIES returned 0
[  393.919240][ T5855] usbtmc 7-1:16.0: can't read capabilities
[  394.028523][T12151] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1476'.
[  394.111386][T12152] netlink: 'syz.0.1472': attribute type 4 has an invalid length.
[  394.255369][T12119] Bluetooth: Invalid byte 00 after esc byte
[  394.685140][ T5964] usb 8-1: new full-speed USB device number 53 using dummy_hcd
[  394.873594][ T5964] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  394.887091][ T5964] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  394.892642][ T5964] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  394.898313][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.924091][T12162] netlink: 'syz.1.1479': attribute type 3 has an invalid length.
[  395.021025][T12155] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  395.032710][T12168] veth0_to_hsr: entered promiscuous mode
[  395.042389][T12168] veth0_to_hsr: entered allmulticast mode
[  395.053748][T12168] veth0_to_hsr: left allmulticast mode
[  395.058086][T12168] veth0_to_hsr: left promiscuous mode
[  395.153427][ T5964] usb 8-1: GET_CAPABILITIES returned 0
[  395.159440][ T5964] usbtmc 8-1:16.0: can't read capabilities
[  396.256377][T12155] Bluetooth: hci4: command 0x1003 tx timeout
[  396.262921][ T5968] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  396.451217][ T5964] usb 7-1: USB disconnect, device number 51
[  397.046981][  T841] usb 8-1: USB disconnect, device number 53
[  397.146157][T12185] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1486'.
[  399.217922][T12225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1494'.
[  400.284525][   T34] usb 8-1: new high-speed USB device number 54 using dummy_hcd
[  400.446026][   T34] usb 8-1: config index 0 descriptor too short (expected 23569, got 27)
[  400.450244][   T34] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  400.458784][   T34] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  400.462723][   T34] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  400.466243][   T34] usb 8-1: Manufacturer: syz
[  400.470984][   T34] usb 8-1: config 0 descriptor??
[  400.475488][   T34] igorplugusb 8-1:0.0: incorrect number of endpoints
[  400.677374][ T1333] usb 8-1: USB disconnect, device number 54
[  401.080629][T12255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1503'.
[  403.174511][T12277] netlink: 204 bytes leftover after parsing attributes in process `syz.3.1511'.
[  403.235989][T12283] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  403.480870][T12292] binder: 12291:12292 ioctl 8933 80000400 returned -22
[  403.485699][T12292] binder: 12291:12292 ioctl c0306201 800001c0 returned -14
[  403.554999][T12298] FAULT_INJECTION: forcing a failure.
[  403.554999][T12298] name failslab, interval 1, probability 0, space 0, times 0
[  403.562281][T12298] CPU: 3 UID: 0 PID: 12298 Comm: syz.2.1517 Not tainted syzkaller #0 PREEMPT(full) 
[  403.562316][T12298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  403.562329][T12298] Call Trace:
[  403.562337][T12298]  <TASK>
[  403.562346][T12298]  dump_stack_lvl+0x16c/0x1f0
[  403.562389][T12298]  should_fail_ex+0x512/0x640
[  403.562423][T12298]  ? fs_reclaim_acquire+0xae/0x150
[  403.562459][T12298]  should_failslab+0xc2/0x120
[  403.562492][T12298]  __kmalloc_noprof+0xdd/0x880
[  403.562517][T12298]  ? tomoyo_encode2+0x100/0x3e0
[  403.562549][T12298]  ? tomoyo_encode2+0x100/0x3e0
[  403.562574][T12298]  tomoyo_encode2+0x100/0x3e0
[  403.562604][T12298]  tomoyo_encode+0x29/0x50
[  403.562630][T12298]  tomoyo_realpath_from_path+0x18f/0x6e0
[  403.562679][T12298]  tomoyo_path_number_perm+0x245/0x580
[  403.562701][T12298]  ? tomoyo_path_number_perm+0x237/0x580
[  403.562728][T12298]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  403.562786][T12298]  ? find_held_lock+0x2b/0x80
[  403.562814][T12298]  ? hook_file_ioctl_common+0x145/0x410
[  403.562847][T12298]  ? __fget_files+0x20e/0x3c0
[  403.562879][T12298]  security_file_ioctl_compat+0x9b/0x240
[  403.562908][T12298]  __ia32_compat_sys_ioctl+0xc3/0x370
[  403.562935][T12298]  __do_fast_syscall_32+0x7c/0x300
[  403.562973][T12298]  do_fast_syscall_32+0x32/0x80
[  403.563007][T12298]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.563034][T12298] RIP: 0023:0xf70fe579
[  403.563051][T12298] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  403.563072][T12298] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  403.563094][T12298] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000402c5839
[  403.563107][T12298] RDX: 00000000800004c0 RSI: 0000000000000000 RDI: 0000000000000000
[  403.563120][T12298] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  403.563133][T12298] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  403.563145][T12298] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  403.563173][T12298]  </TASK>
[  403.675565][T12298] ERROR: Out of memory at tomoyo_realpath_from_path.
[  403.838089][T12304] veth0_to_hsr: entered promiscuous mode
[  403.841770][T12304] veth0_to_hsr: entered allmulticast mode
[  403.854317][T12303] veth0_to_hsr: left allmulticast mode
[  403.857527][T12303] veth0_to_hsr: left promiscuous mode
[  403.891729][T12309] netlink: 'syz.3.1521': attribute type 3 has an invalid length.
[  403.900857][T12309] netlink: 'syz.3.1521': attribute type 3 has an invalid length.
[  403.902970][T12310] fuse: Unknown parameter '000000000000000000000030x0000000000000003'
[  403.912392][T12306] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1521'.
[  403.924435][T12306] tc_dump_action: action bad kind
[  404.071738][T12312] mmap: syz.1.1523 (12312) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  404.093058][T12302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1519'.
[  404.139286][T12319] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  404.192745][T12325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1529'.
[  404.398799][  T841] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[  404.508432][T12335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1529'.
[  404.513761][T12335] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1529'.
[  404.564545][T12335] batadv1: entered allmulticast mode
[  404.575349][  T841] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  404.581248][  T841] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  404.587800][  T841] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  404.591629][  T841] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  404.595190][  T841] usb 7-1: Manufacturer: syz
[  404.604111][  T841] usb 7-1: config 0 descriptor??
[  404.609976][  T841] igorplugusb 7-1:0.0: incorrect number of endpoints
[  404.821133][  T841] usb 7-1: USB disconnect, device number 52
[  405.707211][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  405.707224][   T40] audit: type=1326 audit(1759640043.544:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.710363][T12351] could not open pipe file descriptor
[  405.731216][   T40] audit: type=1326 audit(1759640043.564:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.749254][   T40] audit: type=1326 audit(1759640043.564:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=123 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.758516][   T40] audit: type=1326 audit(1759640043.564:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.770506][   T40] audit: type=1326 audit(1759640043.564:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.797412][   T40] audit: type=1326 audit(1759640043.564:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.824706][   T40] audit: type=1326 audit(1759640043.564:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.835257][   T40] audit: type=1326 audit(1759640043.564:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.836807][T12366] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  405.847194][   T40] audit: type=1326 audit(1759640043.564:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.847240][   T40] audit: type=1326 audit(1759640043.564:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12356 comm="syz.0.1538" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  405.902349][T12366] cramfs: wrong magic
[  405.983586][T12376] veth0_to_hsr: entered promiscuous mode
[  405.987554][T12376] veth0_to_hsr: entered allmulticast mode
[  405.990655][T12376] veth0_to_hsr: left allmulticast mode
[  405.995685][T12376] veth0_to_hsr: left promiscuous mode
[  406.243752][T12391] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  406.373304][T12400] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1550'.
[  406.408591][T12400] 8021q: adding VLAN 0 to HW filter on device bond4
[  406.426066][T12400] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1550'.
[  407.034233][T12424] FAULT_INJECTION: forcing a failure.
[  407.034233][T12424] name failslab, interval 1, probability 0, space 0, times 0
[  407.040369][T12424] CPU: 0 UID: 0 PID: 12424 Comm: syz.3.1560 Not tainted syzkaller #0 PREEMPT(full) 
[  407.040410][T12424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  407.040421][T12424] Call Trace:
[  407.040428][T12424]  <TASK>
[  407.040435][T12424]  dump_stack_lvl+0x16c/0x1f0
[  407.040471][T12424]  should_fail_ex+0x512/0x640
[  407.040498][T12424]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  407.040519][T12424]  should_failslab+0xc2/0x120
[  407.040553][T12424]  kmem_cache_alloc_noprof+0x75/0x6e0
[  407.040577][T12424]  ? skb_clone+0x190/0x3f0
[  407.040609][T12424]  ? skb_clone+0x190/0x3f0
[  407.040633][T12424]  skb_clone+0x190/0x3f0
[  407.040661][T12424]  netlink_deliver_tap+0xabd/0xd30
[  407.040695][T12424]  netlink_unicast+0x64c/0x870
[  407.040716][T12424]  ? __pfx_netlink_unicast+0x10/0x10
[  407.040734][T12424]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  407.040769][T12424]  netlink_sendmsg+0x8c8/0xdd0
[  407.040790][T12424]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.040810][T12424]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  407.040843][T12424]  ____sys_sendmsg+0xa98/0xc70
[  407.040869][T12424]  ? __pfx_____sys_sendmsg+0x10/0x10
[  407.040887][T12424]  ? get_compat_msghdr+0x11a/0x170
[  407.040925][T12424]  ___sys_sendmsg+0x134/0x1d0
[  407.040953][T12424]  ? __pfx____sys_sendmsg+0x10/0x10
[  407.040993][T12424]  ? find_held_lock+0x2b/0x80
[  407.041034][T12424]  __sys_sendmsg+0x16d/0x220
[  407.041064][T12424]  ? __pfx___sys_sendmsg+0x10/0x10
[  407.041104][T12424]  ? rcu_is_watching+0x12/0xc0
[  407.041131][T12424]  __do_fast_syscall_32+0x7c/0x300
[  407.041201][T12424]  do_fast_syscall_32+0x32/0x80
[  407.041229][T12424]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  407.041253][T12424] RIP: 0023:0xf7f84579
[  407.041270][T12424] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  407.041287][T12424] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  407.041305][T12424] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800002c0
[  407.041317][T12424] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000
[  407.041327][T12424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  407.041335][T12424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  407.041343][T12424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  407.041369][T12424]  </TASK>
[  407.051998][T12421] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1558'.
[  407.797502][T12421] hsr_slave_1 (unregistering): left promiscuous mode
[  407.869253][T12441] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1565'.
[  408.591192][T12470] netlink: 'syz.0.1573': attribute type 10 has an invalid length.
[  408.596853][T12470] openvswitch: netlink: Flow key attr not present in new flow.
[  408.801831][T12480] sg_write: process 1154 (syz.3.1575) changed security contexts after opening file descriptor, this is not allowed.
[  408.828792][T12480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1575'.
[  409.397851][T12487] netlink: 'syz.1.1576': attribute type 1 has an invalid length.
[  409.451183][T12487] 8021q: adding VLAN 0 to HW filter on device bond4
[  410.714412][   T40] kauditd_printk_skb: 2434 callbacks suppressed
[  410.714433][   T40] audit: type=1326 audit(1759640048.544:3010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.735314][   T40] audit: type=1326 audit(1759640048.544:3011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.744721][   T40] audit: type=1326 audit(1759640048.544:3012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.775114][   T40] audit: type=1326 audit(1759640048.544:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.793416][   T40] audit: type=1326 audit(1759640048.554:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be598 code=0x7ffc0000
[  410.803645][   T40] audit: type=1326 audit(1759640048.554:3015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be598 code=0x7ffc0000
[  410.815618][   T40] audit: type=1326 audit(1759640048.554:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70be598 code=0x7ffc0000
[  410.824998][   T40] audit: type=1326 audit(1759640048.554:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.834793][   T40] audit: type=1326 audit(1759640048.554:3018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  410.844963][   T40] audit: type=1326 audit(1759640048.554:3019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12475 comm="syz.0.1574" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[  411.259699][T12500] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  411.263417][T12500] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  411.267876][T12500] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  411.271631][T12500] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  411.274928][T12500] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  411.279394][T12500] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  411.282867][T12500] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  411.286271][T12500] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  411.289208][T12500] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  411.292642][T12500] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  411.295991][T12500] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  411.299223][T12500] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  411.302894][T12500] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  411.307693][T12500] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  411.311212][T12500] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  411.314750][T12500] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  411.319135][T12500] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  411.322400][T12500] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  411.325893][T12500] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  411.329150][T12500] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  411.333191][T12500] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  411.544241][ T5968] Bluetooth: hci2: unexpected event for opcode 0x0c05
[  411.546260][T12514] veth0_to_hsr: entered promiscuous mode
[  411.552195][T12514] veth0_to_hsr: entered allmulticast mode
[  411.555908][T12514] veth0_to_hsr: left allmulticast mode
[  411.558460][T12514] veth0_to_hsr: left promiscuous mode
[  411.702389][T12522] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  411.704643][ T1333] usb 8-1: new full-speed USB device number 55 using dummy_hcd
[  411.900095][ T1333] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  411.912652][ T1333] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  411.938293][ T1333] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  411.943204][ T1333] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.209879][ T1333] usb 8-1: GET_CAPABILITIES returned 0
[  412.212956][ T1333] usbtmc 8-1:16.0: can't read capabilities
[  413.133151][T12572] input input25: cannot allocate more than FF_MAX_EFFECTS effects
[  413.332069][T12589] overlayfs: failed to clone upperpath
[  413.456268][    T9] usb 8-1: USB disconnect, device number 55
[  413.655425][T12601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1615'.
[  414.132290][ T5968] Bluetooth: hci2: unexpected event for opcode 0x9103
[  414.794818][T12610] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.134730][ T5968] Bluetooth: hci3: command 0x0405 tx timeout
[  415.525680][T12643] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1626'.
[  415.674298][T12645] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  415.679825][T12645] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  415.683033][T12645] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  415.686825][T12645] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  415.692474][T12645] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  415.695951][T12645] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  415.699042][T12645] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  415.703214][T12645] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  415.708530][T12645] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  415.711811][T12645] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  415.715115][T12645] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  415.718426][T12645] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  415.721642][T12645] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  415.725893][T12645] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  415.729981][T12645] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  415.734085][T12645] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  415.739906][T12645] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  415.771150][T12645] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  415.794373][T12645] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  415.797438][T12645] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  415.800220][T12645] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  415.808469][T12650] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1624'.
[  415.830732][T12650] batadv1: entered allmulticast mode
[  416.154560][ T5964] usb 7-1: new full-speed USB device number 53 using dummy_hcd
[  416.326622][ T5964] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  416.334540][ T5964] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  416.345744][ T5964] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  416.352196][ T5964] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.668259][ T5964] usb 7-1: GET_CAPABILITIES returned 0
[  416.671254][ T5964] usbtmc 7-1:16.0: can't read capabilities
[  417.193991][T12668] lo speed is unknown, defaulting to 1000
[  417.254308][T12671] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1631'.
[  418.179083][ T5968] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  418.232468][ T5968] Bluetooth: hci2: Injecting HCI hardware error event
[  418.253434][T12155] Bluetooth: hci2: hardware error 0x00
[  418.668157][   T34] usb 7-1: USB disconnect, device number 53
[  419.609417][T12711] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1642'.
[  420.494758][T12155] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  420.531923][T12733] fuse: Unknown parameter ''
[  421.398259][T12751] tipc: Failed to remove unknown binding: 66,1,1/6:611966837/611966839
[  421.414924][T12751] tipc: Failed to remove unknown binding: 66,1,1/6:611966837/611966839
[  421.426337][T12751] tipc: Failed to remove unknown binding: 66,1,1/6:611966837/611966839
[  421.456638][T12752] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  421.459826][T12752] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  421.462973][T12752] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  421.466546][T12752] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  421.469458][T12752] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  421.473582][T12752] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  421.476947][T12752] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  421.480336][T12752] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  421.484114][T12752] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  421.488111][T12752] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  421.491756][T12752] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  421.494905][T12752] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  421.498154][T12752] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  421.501882][T12752] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  421.541888][T12752] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  421.546055][T12752] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  421.550209][T12752] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  421.553373][T12752] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  421.556763][T12752] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  421.559776][T12752] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  421.563574][T12752] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  421.820678][ T6069] usb 7-1: new full-speed USB device number 54 using dummy_hcd
[  422.000284][ T6069] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  422.005664][ T6069] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  422.011517][ T6069] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  422.017374][ T6069] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.328006][ T6069] usb 7-1: GET_CAPABILITIES returned 0
[  422.338664][ T6069] usbtmc 7-1:16.0: can't read capabilities
[  422.975569][T12774] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1658'.
[  423.173185][ T5964] usb 7-1: USB disconnect, device number 54
[  423.238273][T12783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1660'.
[  423.721617][T12800] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.961621][T12800] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.089751][T12800] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.110745][T12827] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1673'.
[  424.212347][T12800] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.372843][T12834] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  425.376524][T12834] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  425.381714][T12834] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  425.384958][T12834] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  425.387968][T12834] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  425.391151][T12834] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  425.394795][T12834] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  425.402539][T12834] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  425.407635][T12834] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  425.411336][T12834] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  425.641596][T12834] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  425.644944][T12834] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  425.647842][T12834] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  425.650732][T12834] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  425.656497][T12834] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  425.661511][T12834] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  425.685840][T12834] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  425.688779][T12834] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  425.692571][T12834] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  425.696522][T12834] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  425.699504][T12834] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  425.711748][   T60] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.747173][  T103] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.782346][   T60] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.806859][   T60] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.924529][   T34] usb 7-1: new full-speed USB device number 55 using dummy_hcd
[  425.957675][T12845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1677'.
[  426.093208][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  426.099732][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  426.106788][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  426.110401][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.346354][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  426.357071][   T34] usbtmc 7-1:16.0: can't read capabilities
[  427.661188][  T841] usb 7-1: USB disconnect, device number 55
[  427.692533][T12866] fuse: Bad value for 'group_id'
[  427.694815][T12866] fuse: Bad value for 'group_id'
[  427.921682][T12875] bridge_slave_0: left allmulticast mode
[  427.938476][T12875] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.952460][T12875] bridge_slave_1: left allmulticast mode
[  427.957684][T12875] bridge_slave_1: left promiscuous mode
[  427.960423][T12875] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.967401][T12878] netlink: 'syz.3.1684': attribute type 10 has an invalid length.
[  427.972086][T12875] bond0: (slave bond_slave_0): Releasing backup interface
[  428.025980][T12875] bond0: (slave bond_slave_1): Releasing backup interface
[  428.076120][T12875] team0: Port device team_slave_0 removed
[  428.100512][T12875] team0: Port device team_slave_1 removed
[  428.116219][T12875] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.120147][T12875] batman_adv: batadv0: Removing interface: batadv_slave_0
[  428.132212][T12875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  428.136088][T12875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  428.142837][T12875] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  428.682388][T12898] netlink: 'syz.3.1686': attribute type 1 has an invalid length.
[  428.745935][T12898] 8021q: adding VLAN 0 to HW filter on device bond1
[  428.830595][T12902] bond1: (slave veth3): Enslaving as an active interface with a down link
[  428.864118][T12901] lo speed is unknown, defaulting to 1000
[  429.019770][T12902] bond1: (slave dummy0): making interface the new active one
[  429.022115][T12902] dummy0: entered promiscuous mode
[  429.042635][T12902] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  429.273614][T12913] bond1 (unregistering): (slave veth3): Releasing active interface
[  429.278942][T12913] bond1 (unregistering): (slave dummy0): Releasing active interface
[  429.290063][T12913] bond1 (unregistering): Released all slaves
[  429.339641][T12921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1689'.
[  429.493482][T12926] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1690'.
[  429.586651][T12930] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  429.590265][T12930] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  429.593685][T12930] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  429.596820][T12930] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  429.599855][T12930] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  429.602713][T12930] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  429.606248][T12930] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  429.609753][T12930] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  429.613815][T12930] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  429.617372][T12930] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  429.620204][T12930] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  429.624857][T12930] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  429.629558][T12930] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  429.632558][T12930] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  429.636426][T12930] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  429.640156][T12930] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  429.651392][T12930] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  429.659332][T12930] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  429.663107][T12930] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  429.666200][T12930] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  429.669261][T12930] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  429.904990][  T841] usb 8-1: new full-speed USB device number 56 using dummy_hcd
[  430.138498][  T841] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  430.184085][  T841] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  430.235909][  T841] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  430.288666][  T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.712438][  T841] usb 8-1: GET_CAPABILITIES returned 0
[  430.736001][  T841] usbtmc 8-1:16.0: can't read capabilities
[  430.988790][T12954] FAULT_INJECTION: forcing a failure.
[  430.988790][T12954] name failslab, interval 1, probability 0, space 0, times 0
[  431.011328][T12954] CPU: 1 UID: 0 PID: 12954 Comm: syz.2.1693 Not tainted syzkaller #0 PREEMPT(full) 
[  431.011347][T12954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.011354][T12954] Call Trace:
[  431.011359][T12954]  <TASK>
[  431.011364][T12954]  dump_stack_lvl+0x16c/0x1f0
[  431.011387][T12954]  should_fail_ex+0x512/0x640
[  431.011404][T12954]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  431.011416][T12954]  should_failslab+0xc2/0x120
[  431.011432][T12954]  kmem_cache_alloc_noprof+0x75/0x6e0
[  431.011445][T12954]  ? skb_clone+0x190/0x3f0
[  431.011465][T12954]  ? skb_clone+0x190/0x3f0
[  431.011480][T12954]  skb_clone+0x190/0x3f0
[  431.011497][T12954]  netlink_deliver_tap+0xabd/0xd30
[  431.011518][T12954]  netlink_unicast+0x64c/0x870
[  431.011530][T12954]  ? __pfx_netlink_unicast+0x10/0x10
[  431.011540][T12954]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  431.011561][T12954]  netlink_sendmsg+0x8c8/0xdd0
[  431.011574][T12954]  ? __pfx_netlink_sendmsg+0x10/0x10
[  431.011585][T12954]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  431.011610][T12954]  ____sys_sendmsg+0xa98/0xc70
[  431.011624][T12954]  ? __pfx_____sys_sendmsg+0x10/0x10
[  431.011636][T12954]  ? get_compat_msghdr+0x11a/0x170
[  431.011658][T12954]  ___sys_sendmsg+0x134/0x1d0
[  431.011675][T12954]  ? __pfx____sys_sendmsg+0x10/0x10
[  431.011698][T12954]  ? find_held_lock+0x2b/0x80
[  431.011721][T12954]  __sys_sendmsg+0x16d/0x220
[  431.011737][T12954]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.011760][T12954]  ? rcu_is_watching+0x12/0xc0
[  431.011775][T12954]  __do_fast_syscall_32+0x7c/0x300
[  431.011792][T12954]  do_fast_syscall_32+0x32/0x80
[  431.011809][T12954]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.011823][T12954] RIP: 0023:0xf70fe579
[  431.011831][T12954] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.011842][T12954] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  431.011852][T12954] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000500
[  431.011859][T12954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  431.011864][T12954] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.011870][T12954] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.011876][T12954] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.011889][T12954]  </TASK>
[  431.181343][T12962] FAULT_INJECTION: forcing a failure.
[  431.181343][T12962] name failslab, interval 1, probability 0, space 0, times 0
[  431.187463][T12962] CPU: 1 UID: 0 PID: 12962 Comm: syz.2.1696 Not tainted syzkaller #0 PREEMPT(full) 
[  431.187485][T12962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  431.187493][T12962] Call Trace:
[  431.187498][T12962]  <TASK>
[  431.187504][T12962]  dump_stack_lvl+0x16c/0x1f0
[  431.187529][T12962]  should_fail_ex+0x512/0x640
[  431.187550][T12962]  ? fs_reclaim_acquire+0xae/0x150
[  431.187571][T12962]  should_failslab+0xc2/0x120
[  431.187591][T12962]  __kmalloc_noprof+0xdd/0x880
[  431.187605][T12962]  ? kfree+0x252/0x6d0
[  431.187616][T12962]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  431.187640][T12962]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  431.187655][T12962]  tomoyo_realpath_from_path+0xc2/0x6e0
[  431.187676][T12962]  tomoyo_check_open_permission+0x2ab/0x3c0
[  431.187690][T12962]  ? path_openat+0xda/0x2cb0
[  431.187706][T12962]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  431.187719][T12962]  ? __do_fast_syscall_32+0x7c/0x300
[  431.187747][T12962]  ? register_lock_class+0x41/0x4c0
[  431.187785][T12962]  ? lock_acquire+0x179/0x350
[  431.187813][T12962]  ? find_held_lock+0x2b/0x80
[  431.187837][T12962]  ? mnt_get_write_access+0x52/0x2f0
[  431.187873][T12962]  tomoyo_file_open+0x6b/0x90
[  431.187899][T12962]  security_file_open+0x84/0x1e0
[  431.187915][T12962]  do_dentry_open+0x596/0x1530
[  431.187938][T12962]  vfs_open+0x82/0x3f0
[  431.187959][T12962]  path_openat+0x1de4/0x2cb0
[  431.187981][T12962]  ? __pfx_path_openat+0x10/0x10
[  431.187999][T12962]  ? __lock_acquire+0xb97/0x1ce0
[  431.188022][T12962]  do_filp_open+0x20b/0x470
[  431.188040][T12962]  ? __pfx_do_filp_open+0x10/0x10
[  431.188069][T12962]  ? _raw_spin_unlock+0x28/0x50
[  431.188086][T12962]  ? alloc_fd+0x471/0x7d0
[  431.188107][T12962]  do_sys_openat2+0x11b/0x1d0
[  431.188119][T12962]  ? __pfx_do_sys_openat2+0x10/0x10
[  431.188134][T12962]  ? __fget_files+0x20e/0x3c0
[  431.188147][T12962]  ? handle_mm_fault+0x220/0xd10
[  431.188165][T12962]  __ia32_compat_sys_openat+0x16d/0x210
[  431.188179][T12962]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  431.188193][T12962]  ? ksys_write+0x1ac/0x250
[  431.188212][T12962]  ? rcu_is_watching+0x12/0xc0
[  431.188232][T12962]  __do_fast_syscall_32+0x7c/0x300
[  431.188254][T12962]  do_fast_syscall_32+0x32/0x80
[  431.188276][T12962]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  431.188293][T12962] RIP: 0023:0xf70fe579
[  431.188304][T12962] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  431.188318][T12962] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  431.188335][T12962] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 000000008000c380
[  431.188343][T12962] RDX: 0000000000020842 RSI: 0000000000000000 RDI: 0000000000000000
[  431.188351][T12962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  431.188358][T12962] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  431.188366][T12962] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  431.188390][T12962]  </TASK>
[  431.188397][T12962] ERROR: Out of memory at tomoyo_realpath_from_path.
[  431.344205][   T40] kauditd_printk_skb: 1068 callbacks suppressed
[  431.344220][   T40] audit: type=1800 audit(1759640069.174:4088): pid=12962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1696" name="/" dev="9p" ino=2 res=0 errno=0
[  432.126241][   T40] audit: type=1804 audit(1759640069.954:4089): pid=12969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1698" name="/newroot/387/bus/bus" dev="tmpfs" ino=2074 res=1 errno=0
[  432.502946][   T34] usb 8-1: USB disconnect, device number 56
[  432.610238][T12986] FAULT_INJECTION: forcing a failure.
[  432.610238][T12986] name failslab, interval 1, probability 0, space 0, times 0
[  432.628052][T12986] CPU: 1 UID: 0 PID: 12986 Comm: syz.3.1702 Not tainted syzkaller #0 PREEMPT(full) 
[  432.628126][T12986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.628137][T12986] Call Trace:
[  432.628144][T12986]  <TASK>
[  432.628151][T12986]  dump_stack_lvl+0x16c/0x1f0
[  432.628182][T12986]  should_fail_ex+0x512/0x640
[  432.628208][T12986]  ? __kmalloc_noprof+0xca/0x880
[  432.628229][T12986]  should_failslab+0xc2/0x120
[  432.628255][T12986]  __kmalloc_noprof+0xdd/0x880
[  432.628275][T12986]  ? lsm_blob_alloc+0x68/0x90
[  432.628302][T12986]  ? lsm_blob_alloc+0x68/0x90
[  432.628322][T12986]  lsm_blob_alloc+0x68/0x90
[  432.628346][T12986]  security_sk_alloc+0x30/0x270
[  432.628375][T12986]  sk_prot_alloc+0x1c7/0x2a0
[  432.628396][T12986]  sk_alloc+0x36/0xc20
[  432.628418][T12986]  bpf_prog_test_run_skb+0x34c/0x2290
[  432.628443][T12986]  ? __fget_files+0x204/0x3c0
[  432.628465][T12986]  ? __fget_files+0x20e/0x3c0
[  432.628484][T12986]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  432.628513][T12986]  ? fput+0x9b/0xd0
[  432.628543][T12986]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  432.628586][T12986]  __sys_bpf+0x1035/0x4980
[  432.628613][T12986]  ? __pfx___sys_bpf+0x10/0x10
[  432.628631][T12986]  ? find_held_lock+0x2b/0x80
[  432.628660][T12986]  ? find_held_lock+0x2b/0x80
[  432.628689][T12986]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  432.628731][T12986]  ? fput+0x9b/0xd0
[  432.628756][T12986]  ? ksys_write+0x1ac/0x250
[  432.628778][T12986]  ? __pfx_ksys_write+0x10/0x10
[  432.628804][T12986]  __ia32_sys_bpf+0x76/0xe0
[  432.628826][T12986]  __do_fast_syscall_32+0x7c/0x300
[  432.628856][T12986]  do_fast_syscall_32+0x32/0x80
[  432.628885][T12986]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.628908][T12986] RIP: 0023:0xf7f84579
[  432.628955][T12986] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.628974][T12986] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  432.628992][T12986] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080001c00
[  432.629004][T12986] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  432.629014][T12986] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  432.629025][T12986] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  432.629035][T12986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.629060][T12986]  </TASK>
[  432.830371][T13002] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1707'.
[  433.125932][T13012] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1710'.
[  433.232267][T13015] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  433.236484][T13015] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  433.239531][T13015] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  433.242670][T13015] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  433.246860][T13015] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  433.250726][T13015] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  433.253907][T13015] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  433.257676][T13015] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  433.261077][T13015] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  433.265218][T13015] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  433.268471][T13015] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  433.271316][T13015] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  433.274787][T13015] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  433.279186][T13015] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  433.327922][T13015] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  433.332302][T13015] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  433.336364][T13015] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  433.339109][T13015] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  433.342021][T13015] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  433.345530][T13015] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  433.349630][T13015] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  433.585214][   T34] usb 7-1: new full-speed USB device number 56 using dummy_hcd
[  433.758225][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  433.762594][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  433.768624][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  433.773843][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.037463][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  434.068854][   T34] usbtmc 7-1:16.0: can't read capabilities
[  435.000205][T13043] netem: change failed
[  435.254600][ T6069] usb 8-1: new high-speed USB device number 57 using dummy_hcd
[  435.434466][ T6069] usb 8-1: device descriptor read/64, error -71
[  435.684739][ T6069] usb 8-1: new high-speed USB device number 58 using dummy_hcd
[  435.814602][ T6069] usb 8-1: device descriptor read/64, error -71
[  435.934763][ T6069] usb usb8-port1: attempt power cycle
[  436.189578][   T10] usb 7-1: USB disconnect, device number 56
[  436.231203][T13067] veth0_to_hsr: entered promiscuous mode
[  436.234002][T13067] veth0_to_hsr: entered allmulticast mode
[  436.236719][T13067] veth0_to_hsr: left allmulticast mode
[  436.239135][T13067] veth0_to_hsr: left promiscuous mode
[  436.304597][ T6069] usb 8-1: new high-speed USB device number 59 using dummy_hcd
[  436.326508][ T6069] usb 8-1: device descriptor read/8, error -71
[  436.432959][   T40] audit: type=1326 audit(1759640074.264:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13075 comm="syz.0.1730" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0
[  436.540763][T13073] FAULT_INJECTION: forcing a failure.
[  436.540763][T13073] name failslab, interval 1, probability 0, space 0, times 0
[  436.546804][T13073] CPU: 2 UID: 0 PID: 13073 Comm: syz.2.1729 Not tainted syzkaller #0 PREEMPT(full) 
[  436.546831][T13073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.546842][T13073] Call Trace:
[  436.546851][T13073]  <TASK>
[  436.546860][T13073]  dump_stack_lvl+0x16c/0x1f0
[  436.546892][T13073]  should_fail_ex+0x512/0x640
[  436.546916][T13073]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  436.546934][T13073]  should_failslab+0xc2/0x120
[  436.546958][T13073]  kmem_cache_alloc_noprof+0x75/0x6e0
[  436.546977][T13073]  ? skb_clone+0x190/0x3f0
[  436.547005][T13073]  ? skb_clone+0x190/0x3f0
[  436.547026][T13073]  skb_clone+0x190/0x3f0
[  436.547052][T13073]  netlink_deliver_tap+0xabd/0xd30
[  436.547084][T13073]  netlink_unicast+0x64c/0x870
[  436.547106][T13073]  ? __pfx_netlink_unicast+0x10/0x10
[  436.547122][T13073]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  436.547154][T13073]  netlink_sendmsg+0x8c8/0xdd0
[  436.547172][T13073]  ? __pfx_netlink_sendmsg+0x10/0x10
[  436.547189][T13073]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  436.547218][T13073]  ____sys_sendmsg+0xa98/0xc70
[  436.547236][T13073]  ? pcpu_free_area+0x160/0xa10
[  436.547257][T13073]  ? __pfx_____sys_sendmsg+0x10/0x10
[  436.547275][T13073]  ? get_compat_msghdr+0x11a/0x170
[  436.547309][T13073]  ___sys_sendmsg+0x134/0x1d0
[  436.547336][T13073]  ? __pfx____sys_sendmsg+0x10/0x10
[  436.547369][T13073]  ? find_held_lock+0x2b/0x80
[  436.547405][T13073]  __sys_sendmsg+0x16d/0x220
[  436.547427][T13073]  ? __pfx___sys_sendmsg+0x10/0x10
[  436.547460][T13073]  ? rcu_is_watching+0x12/0xc0
[  436.547485][T13073]  __do_fast_syscall_32+0x7c/0x300
[  436.547524][T13073]  do_fast_syscall_32+0x32/0x80
[  436.547550][T13073]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  436.547570][T13073] RIP: 0023:0xf70fe579
[  436.547583][T13073] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  436.547599][T13073] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  436.547618][T13073] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000400
[  436.547628][T13073] RDX: 0000000002000000 RSI: 0000000000000000 RDI: 0000000000000000
[  436.547638][T13073] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  436.547647][T13073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  436.547657][T13073] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  436.547680][T13073]  </TASK>
[  436.614577][ T6069] usb 8-1: new high-speed USB device number 60 using dummy_hcd
[  436.710298][T13081] FAULT_INJECTION: forcing a failure.
[  436.710298][T13081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  436.717424][ T6069] usb 8-1: device descriptor read/8, error -71
[  436.720801][T13081] CPU: 3 UID: 0 PID: 13081 Comm: syz.2.1731 Not tainted syzkaller #0 PREEMPT(full) 
[  436.720832][T13081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.720843][T13081] Call Trace:
[  436.720852][T13081]  <TASK>
[  436.720861][T13081]  dump_stack_lvl+0x16c/0x1f0
[  436.720931][T13081]  should_fail_ex+0x512/0x640
[  436.720964][T13081]  _copy_to_user+0x32/0xd0
[  436.720985][T13081]  simple_read_from_buffer+0xcb/0x170
[  436.721008][T13081]  proc_fail_nth_read+0x197/0x240
[  436.721031][T13081]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  436.721054][T13081]  ? rw_verify_area+0xcf/0x6c0
[  436.721074][T13081]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  436.721095][T13081]  vfs_read+0x1e1/0xcf0
[  436.721124][T13081]  ? __pfx_vfs_read+0x10/0x10
[  436.721143][T13081]  ? find_held_lock+0x2b/0x80
[  436.721174][T13081]  ? __fget_files+0x20e/0x3c0
[  436.721227][T13081]  ksys_read+0x12a/0x250
[  436.721249][T13081]  ? __pfx_ksys_read+0x10/0x10
[  436.721269][T13081]  ? fput+0x9b/0xd0
[  436.721291][T13081]  ? rcu_is_watching+0x12/0xc0
[  436.721316][T13081]  __do_fast_syscall_32+0x7c/0x300
[  436.721344][T13081]  do_fast_syscall_32+0x32/0x80
[  436.721370][T13081]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  436.721391][T13081] RIP: 0023:0xf70fe579
[  436.721406][T13081] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  436.721423][T13081] RSP: 002b:00000000f54ee590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  436.721440][T13081] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54ee620
[  436.721452][T13081] RDX: 000000000000000f RSI: 00000000f7495ff4 RDI: 0000000000000000
[  436.721462][T13081] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  436.721471][T13081] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  436.721481][T13081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  436.721504][T13081]  </TASK>
[  436.824821][ T6069] usb usb8-port1: unable to enumerate USB device
[  437.029753][T13088] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1734'.
[  437.293885][T12155] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  437.297305][T13092] veth0_to_hsr: entered promiscuous mode
[  437.300717][T13092] veth0_to_hsr: entered allmulticast mode
[  437.306807][T13091] veth0_to_hsr: left allmulticast mode
[  437.309158][T13091] veth0_to_hsr: left promiscuous mode
[  437.662232][T13098] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1736'.
[  438.490626][T13121] veth0_to_hsr: entered promiscuous mode
[  438.493918][T13121] veth0_to_hsr: entered allmulticast mode
[  438.497440][T13121] veth0_to_hsr: left allmulticast mode
[  438.500333][T13121] veth0_to_hsr: left promiscuous mode
[  438.509762][T13123] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1745'.
[  438.568009][T13127] overlay: ./bus is not a directory
[  439.096734][T13145] netlink: 'syz.2.1751': attribute type 10 has an invalid length.
[  439.105172][T13145] syz_tun: entered promiscuous mode
[  439.124593][T13150] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1753'.
[  439.338045][T13153] veth0_to_hsr: entered promiscuous mode
[  439.341732][T13153] veth0_to_hsr: entered allmulticast mode
[  439.345354][T13151] veth0_to_hsr: left allmulticast mode
[  439.348018][T13151] veth0_to_hsr: left promiscuous mode
[  439.628779][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  439.632089][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  440.074128][T13169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1758'.
[  440.511492][T13175] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1760'.
[  440.542667][T13177] FAULT_INJECTION: forcing a failure.
[  440.542667][T13177] name failslab, interval 1, probability 0, space 0, times 0
[  440.548783][T13177] CPU: 0 UID: 0 PID: 13177 Comm: syz.2.1761 Not tainted syzkaller #0 PREEMPT(full) 
[  440.548808][T13177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  440.548819][T13177] Call Trace:
[  440.548825][T13177]  <TASK>
[  440.548832][T13177]  dump_stack_lvl+0x16c/0x1f0
[  440.548917][T13177]  should_fail_ex+0x512/0x640
[  440.548941][T13177]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  440.548961][T13177]  should_failslab+0xc2/0x120
[  440.548987][T13177]  kmem_cache_alloc_noprof+0x75/0x6e0
[  440.549006][T13177]  ? skb_clone+0x190/0x3f0
[  440.549032][T13177]  ? skb_clone+0x190/0x3f0
[  440.549052][T13177]  skb_clone+0x190/0x3f0
[  440.549076][T13177]  netlink_deliver_tap+0xabd/0xd30
[  440.549106][T13177]  netlink_unicast+0x64c/0x870
[  440.549123][T13177]  ? __pfx_netlink_unicast+0x10/0x10
[  440.549139][T13177]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  440.549168][T13177]  netlink_sendmsg+0x8c8/0xdd0
[  440.549188][T13177]  ? __pfx_netlink_sendmsg+0x10/0x10
[  440.549207][T13177]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  440.549235][T13177]  ____sys_sendmsg+0xa98/0xc70
[  440.549258][T13177]  ? __pfx_____sys_sendmsg+0x10/0x10
[  440.549274][T13177]  ? get_compat_msghdr+0x11a/0x170
[  440.549307][T13177]  ___sys_sendmsg+0x134/0x1d0
[  440.549333][T13177]  ? __pfx____sys_sendmsg+0x10/0x10
[  440.549368][T13177]  ? find_held_lock+0x2b/0x80
[  440.549405][T13177]  __sys_sendmsg+0x16d/0x220
[  440.549431][T13177]  ? __pfx___sys_sendmsg+0x10/0x10
[  440.549465][T13177]  ? rcu_is_watching+0x12/0xc0
[  440.549487][T13177]  __do_fast_syscall_32+0x7c/0x300
[  440.549512][T13177]  do_fast_syscall_32+0x32/0x80
[  440.549545][T13177]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  440.549565][T13177] RIP: 0023:0xf70fe579
[  440.549579][T13177] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  440.549594][T13177] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  440.549611][T13177] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  440.549622][T13177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  440.549631][T13177] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  440.549641][T13177] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  440.549651][T13177] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  440.549673][T13177]  </TASK>
[  440.692389][T13178] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  440.695974][T13178] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  440.699240][T13178] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  440.703788][T13178] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  440.708136][T13178] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  440.711909][T13178] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  440.716127][T13178] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  440.721372][T13178] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  440.724465][T13178] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  440.728011][T13178] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  440.733412][T13178] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  440.738734][T13178] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  440.743994][T13185] veth0_to_hsr: entered promiscuous mode
[  440.748530][T13185] veth0_to_hsr: entered allmulticast mode
[  440.752373][T13184] veth0_to_hsr: left allmulticast mode
[  440.754684][T13184] veth0_to_hsr: left promiscuous mode
[  440.768349][T13178] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  440.771770][T13178] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  440.776530][T13178] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  440.781068][T13178] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  440.786114][T13178] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  440.790012][T13178] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  440.814082][T13178] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  440.817946][T13178] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  440.822401][T13178] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  441.015272][ T5964] usb 8-1: new full-speed USB device number 61 using dummy_hcd
[  441.179739][ T5964] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  441.186206][ T5964] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  441.199747][ T5964] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  441.205268][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  441.478613][ T5964] usb 8-1: GET_CAPABILITIES returned 0
[  441.481180][ T5964] usbtmc 8-1:16.0: can't read capabilities
[  441.694678][T12155] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  441.696084][T13214] veth0_to_hsr: entered promiscuous mode
[  441.701892][T13214] veth0_to_hsr: entered allmulticast mode
[  441.715625][T13213] veth0_to_hsr: left allmulticast mode
[  441.718573][T13213] veth0_to_hsr: left promiscuous mode
[  442.374720][T13229] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  442.377766][T13229] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  442.382522][T13229] vhci_hcd vhci_hcd.0: Device attached
[  442.673153][ T6069] usb 42-1: SetAddress Request (6) to port 0
[  442.676885][ T6069] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[  442.768001][T13230] vhci_hcd: connection reset by peer
[  442.772170][ T1177] vhci_hcd: stop threads
[  442.774918][ T1177] vhci_hcd: release socket
[  442.777512][ T1177] vhci_hcd: disconnect device
[  442.894060][T13238] kAFS: unparsable volume name
[  443.180016][T12155] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  443.197388][T13245] veth0_to_hsr: entered promiscuous mode
[  443.204600][T13244] veth0_to_hsr: left promiscuous mode
[  443.407425][T13254] netlink: 'syz.2.1786': attribute type 2 has an invalid length.
[  443.536342][ T5964] usb 8-1: USB disconnect, device number 61
[  443.626384][T13263] pim6reg: entered allmulticast mode
[  443.640055][T13263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1789'.
[  444.189756][T13281] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1793'.
[  444.240631][T13281] vxlan0: entered promiscuous mode
[  444.249086][   T46] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  444.295256][   T46] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  444.299074][   T46] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  444.304755][ T5964] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[  444.305679][   T46] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  444.391995][T13285] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1794'.
[  444.466513][ T5964] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  444.470872][ T5964] usb 7-1: config 0 has no interfaces?
[  444.474046][ T5964] usb 7-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  444.479254][ T5964] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.485607][ T5964] usb 7-1: config 0 descriptor??
[  444.748071][   T34] usb 7-1: USB disconnect, device number 57
[  444.778465][T13292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1797'.
[  445.309075][T13301] FAULT_INJECTION: forcing a failure.
[  445.309075][T13301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  445.315545][T13301] CPU: 2 UID: 0 PID: 13301 Comm: syz.2.1800 Not tainted syzkaller #0 PREEMPT(full) 
[  445.315571][T13301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.315584][T13301] Call Trace:
[  445.315592][T13301]  <TASK>
[  445.315600][T13301]  dump_stack_lvl+0x16c/0x1f0
[  445.315633][T13301]  should_fail_ex+0x512/0x640
[  445.315667][T13301]  _copy_to_user+0x32/0xd0
[  445.315686][T13301]  usbdev_read+0x60a/0x7b0
[  445.315732][T13301]  ? import_ubuf+0x1b6/0x220
[  445.315772][T13301]  ? __pfx_usbdev_read+0x10/0x10
[  445.315797][T13301]  ? common_file_perm+0x1a9/0x340
[  445.315818][T13301]  ? bpf_lsm_file_permission+0x9/0x10
[  445.315842][T13301]  ? security_file_permission+0x71/0x210
[  445.315865][T13301]  ? rw_verify_area+0xcf/0x6c0
[  445.315887][T13301]  ? __pfx_usbdev_read+0x10/0x10
[  445.315913][T13301]  vfs_readv+0x5be/0x8b0
[  445.315939][T13301]  ? __pfx_vfs_readv+0x10/0x10
[  445.315960][T13301]  ? find_held_lock+0x2b/0x80
[  445.315998][T13301]  ? __fget_files+0x20e/0x3c0
[  445.316027][T13301]  ? do_preadv+0x1a6/0x270
[  445.316045][T13301]  do_preadv+0x1a6/0x270
[  445.316066][T13301]  ? __pfx_do_preadv+0x10/0x10
[  445.316086][T13301]  ? rcu_is_watching+0x12/0xc0
[  445.316113][T13301]  __do_fast_syscall_32+0x7c/0x300
[  445.316143][T13301]  do_fast_syscall_32+0x32/0x80
[  445.316170][T13301]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.316220][T13301] RIP: 0023:0xf70fe579
[  445.316235][T13301] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  445.316253][T13301] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  445.316270][T13301] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  445.316282][T13301] RDX: 0000000000000001 RSI: 0000000000000011 RDI: 0000000000000000
[  445.316292][T13301] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  445.316302][T13301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  445.316314][T13301] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  445.316339][T13301]  </TASK>
[  445.528544][T13307] syzkaller1: entered promiscuous mode
[  445.533295][T13307] syzkaller1: entered allmulticast mode
[  445.593862][T13307] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  445.615520][T13307] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  445.638842][T13307] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  445.658590][T13307] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  445.673793][T13307] kvm: requested 113142 ns i8254 timer period limited to 200000 ns
[  445.679835][T13307] kvm: requested 153371 ns i8254 timer period limited to 200000 ns
[  445.688184][T13307] kvm: requested 186895 ns i8254 timer period limited to 200000 ns
[  445.722879][T13307] kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[  445.741231][T13307] kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  445.749489][T13307] kvm: requested 113142 ns i8254 timer period limited to 200000 ns
[  446.201508][T13326] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1807'.
[  446.546917][T13333] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1810'.
[  446.863365][T13339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1812'.
[  447.766507][ T6069] usb 42-1: device descriptor read/8, error -110
[  448.369346][   T40] audit: type=1326 audit(1759640086.226:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.383687][   T40] audit: type=1326 audit(1759640086.246:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=123 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.395425][   T40] audit: type=1326 audit(1759640086.246:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.406511][   T40] audit: type=1326 audit(1759640086.246:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.414232][   T40] audit: type=1326 audit(1759640086.246:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.422564][   T40] audit: type=1326 audit(1759640086.246:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.440596][   T40] audit: type=1326 audit(1759640086.246:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.451152][   T40] audit: type=1326 audit(1759640086.246:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=241 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.460436][T13371] netlink: 'syz.3.1817': attribute type 2 has an invalid length.
[  448.464616][   T40] audit: type=1326 audit(1759640086.256:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.464687][T13371] netlink: 'syz.3.1817': attribute type 4 has an invalid length.
[  448.479856][   T40] audit: type=1326 audit(1759640086.256:4100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13369 comm="syz.3.1817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  448.536545][T13372] program syz.3.1817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  448.540423][ T6069] usb usb42-port1: attempt power cycle
[  449.148066][ T6069] usb usb42-port1: unable to enumerate USB device
[  449.325742][T13382] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1821'.
[  449.433475][T13387] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1822'.
[  449.928147][ T5968] Bluetooth: hci3: unexpected event for opcode 0x0c05
[  450.483216][T13414] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1832'.
[  450.652251][T13417] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1833'.
[  450.677729][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1832'.
[  451.493559][T13431] gfs2: path_lookup on /dev/net/tun returned error -2
[  453.328404][T13449] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1844'.
[  453.670674][T13459] netlink: 'syz.2.1846': attribute type 27 has an invalid length.
[  453.758941][T13464] [U] 
[  453.760517][T13464] [U] K{�
[  453.762689][T13464] [U] �t �1��Š�F���fˊ�`G�J��g���������o��/�mC�
[  453.766200][T13464] [U] t�ؖ/,�~�Ĝ��j���}8���'o1��"�7-�JQ�K��W��q�5c%"�H12��Y������X�`����`+��(��!(���z'�tXln�I�g�j����ݭ�p�~�7�!���"�����(�5�Ob���̓J�
[  453.800772][T13464] [U] �k\&�}6�6�X�HX�������.`�a�$�40|϶��9��ި����U��4���Vbz��}�w�M�T���Q��Φr�4��
[  453.805932][T13464] [U] ".h6��"�k�[����J�4��I�n��[Z(��C|T�]z{��3�c=��x�����4�w�)\T�XJ��SH{q;칢��t��+���g����d�.˂�>y����wUh�fN����hl]S�2���\g%�O�&z)��'�pul�_<�	�ذ����`ұT�������;_�"(�u{7j��2X �/�'��c���I����H�c�ճ�V�=��Ai�%w�Es� R��j���g��r����hI
���a��6-�D��V�� i"��n� ��Asc~4���8c�*�OO5/��J�~���w�vK+����3��Y)��M���v��yq潀DTr�
Otpem%f��ej�A5��T_-X~�^aaۂ�q��
[  453.841278][T13464] [U] 	+�w�G?]��'a:	��)�
����' B>t���f/��<'�U�'��h�i�.+]e�.�-ɿ���%��>2`�^U�8F.�6��3��+�A�«���g3�p��6:�^0��t��v�'E�t����YC�n��rϩ�n�Pj�;�Z������8!��\���A�ʖ2��$�­wi.��#��/Bai���`��4j��d�y@�z��gW�5˿B��ٜ�N�y"vI2��
[  453.855393][T13464] [U] �T�_K5�t�YJ���9��c�$br�L�Nul��9w���|�G�"ʃ�%����C�؝���q��
 ��3��q��N^HP*��$	�.�7yӱ�2�
[  453.862008][T13464] [U] �?���h��*����3�7�鍾^#Q�"0~���(�o�XL�b�,'v��=���C�S���G�S��0�ւ��`���ه��=1(��p#�2DO*Ƀ
[  453.869658][T13464] [U] �s��g������Gu��d-{���|&������2��L�c_��!`��oz֥�B��%>�r��w���Ss�H"�yA4�O.�Y��䏄RTԶ�B�[+/<<R�B����|Фe���۠�V96#���ͤ�j�U�%
s851���ҩs�P��\��?q�|L��QX�0�K�1orɴ2��|��d�F�������2ޔ���0��H�}C[/����px^��o
[  453.881084][T13464] [U] �؛���(J�Л��m��xz�;�����؝_����*3�3��5�\�xm��U��AK!aQ`��;F�I+��VUH���m�j��Ʒ��Z�c��z���)_矡	���&�����a�xto���_� ���:���%�P���C���y�+_�����}U�m��ƫC�!KJ�7��g��=b�
[  453.892283][T13464] [U] ٽ�F�%�XA��l�2r*g��VW��$��j	�A��F�ߝ�+��9̈́Vi�֗�kپ�1}_��
�%�r6��(]��/����řYܺ��h����r g��rn/ܫ�#!�d����%���D��-{�$�vU��T���$:mtr�E�C1V�D~��];[�����sq����(��e,X�8�"�
��G�d���2@T8��������t8.Rc+�@�ꦇp�u�
p����C���'�yL�-Ss1E?�7�O���^]����c��H]�Jkr]Rkq܆��ݣ��OTc��x���4�N�	��&���ڋ��@�:m7�~�+�W*���xM��>>��{q���
_�՝LX8�U����{�Z����)��7?�rR;�c�r�hײڣ����1�>)�Mă��t���(��aϝ�}9�ڥ�J*Mќ�ġ�'L��q	�DW����=��|q�	�Æ�W;5��Ž�!�dB�x`��/��E�`ƦM��X��"�\
[  453.923025][T13464] [U] {;����٘_�o2��)�o��.2�W2���y���x_  HPϱ�S�D����:]�{������
[  453.928297][T13464] [U] I,�>��	��5�1��^1�N4�oǶ�'0�?֒i�9w.�_.�W�a���V��`)�Z���c6Giӹ�a��XL[����F�*��O�W)+��'\n�
[K@����2�Ǭ���p"^`���	��
[  453.939292][T13464] [U] 22��Ʃ���x?0;3u�
[  453.941138][T13464] [U] ޜ�
��sObx�8�W�4�(�~/���K�U��ԖoQ�e+�G�-y�gY_
�>v�����3.h�ә]̈́�2��)�D�,	��	�D~�d���+�w;A\�F
P��Ș|$��)�
KؐI���ɿk�YT^R���癵��A=�#�ܜ	����ae��t�1��ݯ4K�.e"R�S|��s���:��>p��r�"z������#P!�KY"�}��F�N84����hޱ�o��sߙ̫%Dlw�m��
[  453.954313][T13464] [U] [�['xn�'�����,mr��/����1D=!D�x91B�
w�R�lf���K�Z��#�`�l؛�˜��b~�m���
[  453.960998][T13464] [U] �L�>��d+�d�����"5���h3<���iR=F^�f�n��������v���D�OIO�:U�>�Y�
[  453.964971][T13464] [U] 'B�6v�20��瞥�׌�"t8�{9�FW��]���쩍
[  453.967854][T13464] [U] �72�����u�C6����τI]8c��tۨQSk�Y��I��� �|V'�TV/��g�$[� 9kh`�"����}��[^=��0�]��%�̂T�����F�_v�4C���
[  453.973876][T13464] [U] �ec�
[  453.975517][T13464] [U] ���|���<��:^�3$7nK~�-�@��?��/mtl��۾�I�w�@g~t�{��P�+�$�jp|���I�Ri�pm� ��Y� ��8�t���V�����,�l�,�
[  453.984623][T13460] [U] �K�����)0���~��ʪ�iP'�f��z��r���@B�]�5��{��ʼ�'�8�ƥF��UTqUd
ǩ�K;7��0c[��y���YC���ذm��L�8�T�͚�5���rx����W� x���oQhVi'8����L�
[  454.712376][T13484] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000003
[  454.751727][T13495] overlayfs: failed to resolve './file1': -2
[  454.967969][T13499] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1858'.
[  455.199865][T13502] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  455.205434][T13502] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  455.209431][T13502] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  455.213670][T13502] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  455.217180][T13502] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  455.220814][T13502] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  455.223866][T13502] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  455.227588][T13502] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  455.231658][T13502] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  455.236470][T13502] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  455.240545][T13502] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  455.245360][T13502] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  455.250333][T13502] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  455.253969][T13502] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  455.259476][T13502] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  455.265252][T13502] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  455.269835][T13502] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  455.274503][T13502] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  455.279912][T13502] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  455.284788][T13502] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  455.290280][T13502] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  455.444208][T13506] lo: left promiscuous mode
[  455.447809][T13506] lo: left allmulticast mode
[  455.460011][T13506] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  456.277003][T13511] random: crng reseeded on system resumption
[  456.413164][T13519] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[  456.418550][T13519] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  456.719772][T13540] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1868'.
[  456.801947][T13542] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  456.806289][T13542] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  456.810602][T13542] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  456.816393][T13542] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  456.822322][T13542] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  456.826959][T13542] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  456.833194][T13542] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  456.838890][T13542] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  456.846337][T13542] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  456.852469][T13542] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  456.858610][T13542] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  456.864273][T13542] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  456.870078][T13542] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  456.877405][T13542] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  456.883948][T13542] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  456.889192][T13542] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  456.893170][T13542] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  456.897508][T13542] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  456.904268][T13542] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  456.908637][T13542] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  456.915175][T13542] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  457.331772][   T34] usb 7-1: new full-speed USB device number 58 using dummy_hcd
[  457.507368][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  457.522207][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  457.584043][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  457.650720][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.985736][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  457.991372][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.073792][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.082911][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.090117][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.098438][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.160969][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.224850][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.229508][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.235215][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  458.257143][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  458.286107][   T34] usbtmc 7-1:16.0: can't read capabilities
[  458.817605][T13558] lo speed is unknown, defaulting to 1000
[  459.493200][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  459.493626][   T40] audit: type=1326 audit(1759640098.366:4124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13559 comm="syz.1.1871" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f11579 code=0x0
[  459.622311][T13569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1871'.
[  459.708018][   T34] usb 7-1: USB disconnect, device number 58
[  459.996818][T13576] FAULT_INJECTION: forcing a failure.
[  459.996818][T13576] name failslab, interval 1, probability 0, space 0, times 0
[  460.003526][T13576] CPU: 1 UID: 0 PID: 13576 Comm: syz.2.1873 Not tainted syzkaller #0 PREEMPT(full) 
[  460.003574][T13576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.003587][T13576] Call Trace:
[  460.003598][T13576]  <TASK>
[  460.003608][T13576]  dump_stack_lvl+0x16c/0x1f0
[  460.003647][T13576]  should_fail_ex+0x512/0x640
[  460.003679][T13576]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  460.003703][T13576]  should_failslab+0xc2/0x120
[  460.003736][T13576]  kmem_cache_alloc_noprof+0x75/0x6e0
[  460.003761][T13576]  ? skb_clone+0x190/0x3f0
[  460.003799][T13576]  ? skb_clone+0x190/0x3f0
[  460.003828][T13576]  skb_clone+0x190/0x3f0
[  460.003862][T13576]  netlink_deliver_tap+0xabd/0xd30
[  460.003902][T13576]  netlink_unicast+0x64c/0x870
[  460.003928][T13576]  ? __pfx_netlink_unicast+0x10/0x10
[  460.003949][T13576]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  460.003992][T13576]  netlink_sendmsg+0x8c8/0xdd0
[  460.004018][T13576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.004049][T13576]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  460.004086][T13576]  ____sys_sendmsg+0xa98/0xc70
[  460.004116][T13576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  460.004140][T13576]  ? get_compat_msghdr+0x11a/0x170
[  460.004183][T13576]  ___sys_sendmsg+0x134/0x1d0
[  460.004218][T13576]  ? __pfx____sys_sendmsg+0x10/0x10
[  460.004267][T13576]  ? find_held_lock+0x2b/0x80
[  460.004315][T13576]  __sys_sendmsg+0x16d/0x220
[  460.004371][T13576]  ? __pfx___sys_sendmsg+0x10/0x10
[  460.004417][T13576]  ? rcu_is_watching+0x12/0xc0
[  460.004449][T13576]  __do_fast_syscall_32+0x7c/0x300
[  460.004486][T13576]  do_fast_syscall_32+0x32/0x80
[  460.004519][T13576]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.004546][T13576] RIP: 0023:0xf70fe579
[  460.004564][T13576] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.004585][T13576] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  460.004606][T13576] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  460.004620][T13576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  460.004633][T13576] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  460.004645][T13576] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  460.004658][T13576] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.004718][T13576]  </TASK>
[  460.210623][T13578] FAULT_INJECTION: forcing a failure.
[  460.210623][T13578] name failslab, interval 1, probability 0, space 0, times 0
[  460.226244][T13578] CPU: 0 UID: 0 PID: 13578 Comm: syz.2.1874 Not tainted syzkaller #0 PREEMPT(full) 
[  460.226273][T13578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  460.226307][T13578] Call Trace:
[  460.226316][T13578]  <TASK>
[  460.226324][T13578]  dump_stack_lvl+0x16c/0x1f0
[  460.226359][T13578]  should_fail_ex+0x512/0x640
[  460.226397][T13578]  ? fs_reclaim_acquire+0xae/0x150
[  460.226427][T13578]  should_failslab+0xc2/0x120
[  460.226454][T13578]  __kmalloc_noprof+0xdd/0x880
[  460.226474][T13578]  ? tomoyo_encode2+0x100/0x3e0
[  460.226502][T13578]  ? tomoyo_encode2+0x100/0x3e0
[  460.226519][T13578]  tomoyo_encode2+0x100/0x3e0
[  460.226541][T13578]  tomoyo_encode+0x29/0x50
[  460.226567][T13578]  tomoyo_realpath_from_path+0x18f/0x6e0
[  460.226604][T13578]  tomoyo_path_number_perm+0x245/0x580
[  460.226622][T13578]  ? tomoyo_path_number_perm+0x237/0x580
[  460.226644][T13578]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  460.226693][T13578]  ? find_held_lock+0x2b/0x80
[  460.226717][T13578]  ? hook_file_ioctl_common+0x145/0x410
[  460.226743][T13578]  ? __fget_files+0x20e/0x3c0
[  460.226771][T13578]  security_file_ioctl_compat+0x9b/0x240
[  460.226794][T13578]  __ia32_compat_sys_ioctl+0xc3/0x370
[  460.226817][T13578]  __do_fast_syscall_32+0x7c/0x300
[  460.226848][T13578]  do_fast_syscall_32+0x32/0x80
[  460.226878][T13578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  460.226901][T13578] RIP: 0023:0xf70fe579
[  460.226915][T13578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  460.226933][T13578] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  460.226952][T13578] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000400445a0
[  460.226964][T13578] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  460.226975][T13578] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  460.226987][T13578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  460.226998][T13578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  460.227025][T13578]  </TASK>
[  460.340087][T13578] ERROR: Out of memory at tomoyo_realpath_from_path.
[  461.663839][T13601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1881'.
[  462.938739][T13605] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  462.947102][T13605] FAULT_INJECTION: forcing a failure.
[  462.947102][T13605] name failslab, interval 1, probability 0, space 0, times 0
[  462.961421][T13605] CPU: 0 UID: 0 PID: 13605 Comm: syz.3.1882 Not tainted syzkaller #0 PREEMPT(full) 
[  462.961449][T13605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  462.961459][T13605] Call Trace:
[  462.961466][T13605]  <TASK>
[  462.961475][T13605]  dump_stack_lvl+0x16c/0x1f0
[  462.961503][T13605]  should_fail_ex+0x512/0x640
[  462.961530][T13605]  ? __kmalloc_noprof+0xca/0x880
[  462.961548][T13605]  should_failslab+0xc2/0x120
[  462.961575][T13605]  __kmalloc_noprof+0xdd/0x880
[  462.961608][T13605]  ? ovl_lookup+0x1243/0x21a0
[  462.961625][T13605]  ? ovl_lookup+0x1243/0x21a0
[  462.961635][T13605]  ovl_lookup+0x1243/0x21a0
[  462.961647][T13605]  ? privileged_wrt_inode_uidgid+0xca/0x1d0
[  462.961666][T13605]  ? __pfx_ovl_lookup+0x10/0x10
[  462.961676][T13605]  ? generic_permission+0xad/0x7d0
[  462.961697][T13605]  ? bpf_lsm_inode_permission+0x9/0x10
[  462.961717][T13605]  ? inode_permission+0x156/0x630
[  462.961741][T13605]  ? ovl_revert_creds+0x13/0x50
[  462.961757][T13605]  ? ovl_permission+0xcd/0x290
[  462.961779][T13605]  ? __pfx_ovl_permission+0x10/0x10
[  462.961807][T13605]  ? bpf_lsm_inode_permission+0x9/0x10
[  462.961825][T13605]  ? security_inode_permission+0xbf/0x260
[  462.961845][T13605]  ? inode_permission+0x156/0x630
[  462.961872][T13605]  ? __pfx_ovl_lookup+0x10/0x10
[  462.961889][T13605]  lookup_open.isra.0+0x4da/0x1580
[  462.961914][T13605]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  462.961953][T13605]  ? find_held_lock+0x2b/0x80
[  462.961982][T13605]  ? __pfx_down_write+0x10/0x10
[  462.962006][T13605]  path_openat+0x893/0x2cb0
[  462.962037][T13605]  ? __pfx_path_openat+0x10/0x10
[  462.962066][T13605]  do_filp_open+0x20b/0x470
[  462.962094][T13605]  ? __pfx_do_filp_open+0x10/0x10
[  462.962134][T13605]  ? alloc_fd+0x471/0x7d0
[  462.962163][T13605]  do_sys_openat2+0x11b/0x1d0
[  462.962181][T13605]  ? __pfx_do_sys_openat2+0x10/0x10
[  462.962199][T13605]  ? __fget_files+0x20e/0x3c0
[  462.962217][T13605]  ? handle_mm_fault+0x220/0xd10
[  462.962241][T13605]  __ia32_compat_sys_open+0x146/0x1e0
[  462.962259][T13605]  ? __pfx___ia32_compat_sys_open+0x10/0x10
[  462.962283][T13605]  ? rcu_is_watching+0x12/0xc0
[  462.962303][T13605]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  462.962332][T13605]  __do_fast_syscall_32+0x7c/0x300
[  462.962359][T13605]  do_fast_syscall_32+0x32/0x80
[  462.962386][T13605]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  462.962407][T13605] RIP: 0023:0xf7f84579
[  462.962422][T13605] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  462.962438][T13605] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000005
[  462.962456][T13605] RAX: ffffffffffffffda RBX: 0000000080000580 RCX: 0000000000181242
[  462.962467][T13605] RDX: 000000005997fa5f RSI: 0000000000000000 RDI: 0000000000000000
[  462.962478][T13605] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  462.962487][T13605] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  462.962496][T13605] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  462.962517][T13605]  </TASK>
[  463.102579][    C2] sctp_transport_update_pmtu: 82 callbacks suppressed
[  463.102608][    C2] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.183127][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.187912][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.193127][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.268785][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.343139][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.348919][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.503045][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.507551][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.599904][T13617] hfsplus: unable to find HFS+ superblock
[  463.752595][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  463.930550][T13622] netlink: 'syz.1.1888': attribute type 10 has an invalid length.
[  464.043341][T13625] input: syz1 as /devices/virtual/input/input26
[  464.305583][T13638] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  464.315373][T13638] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  464.323842][T13638] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  464.334866][T13638] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  464.339972][T13638] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  464.389128][T13637] lo speed is unknown, defaulting to 1000
[  464.546603][T13646] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1897'.
[  464.570412][T13646] overlay: ./file0 is not a directory
[  464.917704][T13637] chnl_net:caif_netlink_parms(): no params data found
[  465.023449][T13663] overlayfs: failed to resolve './file1': -2
[  465.214508][T13637] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.219882][T13637] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.225691][T13637] bridge_slave_0: entered allmulticast mode
[  465.230483][T13637] bridge_slave_0: entered promiscuous mode
[  465.243245][T13637] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.251107][T13637] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.254883][T13637] bridge_slave_1: entered allmulticast mode
[  465.261429][T13637] bridge_slave_1: entered promiscuous mode
[  465.273085][T13654] overlayfs: failed to resolve './file1': -2
[  465.334276][T13637] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  465.346824][T13637] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  465.410409][T13637] team0: Port device team_slave_0 added
[  465.416755][T13637] team0: Port device team_slave_1 added
[  465.428214][T13679] fuse: Unknown parameter 'grou�_id'
[  465.476521][T13637] batman_adv: batadv0: Adding interface: batadv_slave_0
[  465.484761][T13637] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  465.497430][T13637] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  465.511064][T13637] batman_adv: batadv0: Adding interface: batadv_slave_1
[  465.514289][T13637] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  465.526705][T13637] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  465.693887][    C2] vkms_vblank_simulate: vblank timer overrun
[  465.739681][T13637] hsr_slave_0: entered promiscuous mode
[  465.745892][T13637] hsr_slave_1: entered promiscuous mode
[  465.749334][T13688] netlink: 'syz.2.1909': attribute type 10 has an invalid length.
[  465.786291][T13688] hsr_slave_0: left promiscuous mode
[  466.015575][T13637] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.118932][T13637] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.199933][T13696] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  466.204719][T13696] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  466.207886][T13696] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  466.210542][T13696] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  466.213361][T13696] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  466.217039][T13696] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  466.219946][T13696] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  466.223255][T13696] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  466.225835][T13696] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  466.228264][T13696] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  466.230860][T13696] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  466.233909][T13696] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  466.237129][T13696] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  466.239844][T13696] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  466.242628][T13696] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  466.245559][T13696] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  466.248690][T13696] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  466.252034][T13696] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  466.259388][T13696] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  466.262461][T13696] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  466.265071][T13696] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  466.304974][T13637] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.400169][ T5968] Bluetooth: hci4: command tx timeout
[  466.544179][T13637] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.602528][   T34] usb 7-1: new full-speed USB device number 59 using dummy_hcd
[  466.787673][   T34] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  466.793726][   T34] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  466.804942][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  466.809206][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.877758][T13637] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  466.892954][T13637] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  466.906062][T13637] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  466.917504][T13637] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  467.028496][T13637] 8021q: adding VLAN 0 to HW filter on device bond0
[  467.047530][T13637] 8021q: adding VLAN 0 to HW filter on device team0
[  467.059691][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.062608][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state
[  467.069061][   T34] usb 7-1: GET_CAPABILITIES returned 0
[  467.073266][   T34] usbtmc 7-1:16.0: can't read capabilities
[  467.077887][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  467.081156][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  467.091960][ T6040] usb 8-1: new high-speed USB device number 62 using dummy_hcd
[  467.222052][ T6040] usb 8-1: device descriptor read/64, error -71
[  467.369242][T13637] 8021q: adding VLAN 0 to HW filter on device batadv0
[  467.457145][T13637] veth0_vlan: entered promiscuous mode
[  467.463873][ T6040] usb 8-1: new high-speed USB device number 63 using dummy_hcd
[  467.469092][T13637] veth1_vlan: entered promiscuous mode
[  467.511115][T13637] veth0_macvtap: entered promiscuous mode
[  467.524103][T13637] veth1_macvtap: entered promiscuous mode
[  467.539648][T13637] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.551267][T13637] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.570556][   T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.575205][   T46] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.581534][   T46] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.587456][   T46] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.633021][ T6040] usb 8-1: device descriptor read/64, error -71
[  467.706534][T12950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.710885][T12950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.730906][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.734760][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.747197][ T6040] usb usb8-port1: attempt power cycle
[  468.092328][ T6040] usb 8-1: new high-speed USB device number 64 using dummy_hcd
[  468.124148][ T6040] usb 8-1: device descriptor read/8, error -71
[  468.383652][ T6040] usb 8-1: new high-speed USB device number 65 using dummy_hcd
[  468.396023][    C3] sctp_transport_update_pmtu: 23 callbacks suppressed
[  468.396047][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.403919][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.408203][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.412816][ T6040] usb 8-1: device descriptor read/8, error -71
[  468.413600][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.421265][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.425787][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.430400][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.436782][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  468.522374][ T6040] usb usb8-port1: unable to enumerate USB device
[  468.945300][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  469.024240][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  469.111166][ T6040] usb 7-1: USB disconnect, device number 59
[  469.410467][T13759] netlink: 'syz.0.1928': attribute type 4 has an invalid length.
[  469.948824][T13778] FAULT_INJECTION: forcing a failure.
[  469.948824][T13778] name failslab, interval 1, probability 0, space 0, times 0
[  469.954357][T13778] CPU: 0 UID: 0 PID: 13778 Comm: syz.3.1932 Not tainted syzkaller #0 PREEMPT(full) 
[  469.954395][T13778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  469.954410][T13778] Call Trace:
[  469.954422][T13778]  <TASK>
[  469.954435][T13778]  dump_stack_lvl+0x16c/0x1f0
[  469.954479][T13778]  should_fail_ex+0x512/0x640
[  469.954623][T13778]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  469.954645][T13778]  should_failslab+0xc2/0x120
[  469.954671][T13778]  kmem_cache_alloc_noprof+0x75/0x6e0
[  469.954693][T13778]  ? skb_clone+0x190/0x3f0
[  469.954722][T13778]  ? skb_clone+0x190/0x3f0
[  469.954742][T13778]  skb_clone+0x190/0x3f0
[  469.954760][T13778]  netlink_deliver_tap+0xabd/0xd30
[  469.954783][T13778]  netlink_unicast+0x64c/0x870
[  469.954795][T13778]  ? __pfx_netlink_unicast+0x10/0x10
[  469.954806][T13778]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  469.954827][T13778]  netlink_sendmsg+0x8c8/0xdd0
[  469.954840][T13778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.954853][T13778]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  469.954874][T13778]  ____sys_sendmsg+0xa98/0xc70
[  469.954889][T13778]  ? __pfx_____sys_sendmsg+0x10/0x10
[  469.954901][T13778]  ? get_compat_msghdr+0x11a/0x170
[  469.954924][T13778]  ___sys_sendmsg+0x134/0x1d0
[  469.954943][T13778]  ? __pfx____sys_sendmsg+0x10/0x10
[  469.954974][T13778]  ? find_held_lock+0x2b/0x80
[  469.954998][T13778]  __sys_sendmsg+0x16d/0x220
[  469.955016][T13778]  ? __pfx___sys_sendmsg+0x10/0x10
[  469.955038][T13778]  ? rcu_is_watching+0x12/0xc0
[  469.955055][T13778]  __do_fast_syscall_32+0x7c/0x300
[  469.955076][T13778]  do_fast_syscall_32+0x32/0x80
[  469.955093][T13778]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  469.955109][T13778] RIP: 0023:0xf7f84579
[  469.955125][T13778] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  469.955139][T13778] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  469.955151][T13778] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001200
[  469.955158][T13778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  469.955164][T13778] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  469.955171][T13778] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  469.955177][T13778] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  469.955191][T13778]  </TASK>
[  470.072284][ T5968] Bluetooth: hci4: command tx timeout
[  470.831239][T13806] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1940'.
[  471.258079][T13808] netlink: 'syz.1.1941': attribute type 30 has an invalid length.
[  471.314982][T13808] bond5: option arp_missed_max: invalid value (0)
[  471.318000][T13808] bond5: option arp_missed_max: allowed values 1 - 255
[  471.328938][T13808] bond5 (unregistering): Released all slaves
[  471.484659][T13822] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1946'.
[  472.151866][ T5968] Bluetooth: hci4: command tx timeout
[  472.350379][T13847] x_tables: ip_tables: HMARK.0 target: invalid size 64 (kernel) != (user) 72
[  472.542878][   T34] usb 8-1: new high-speed USB device number 66 using dummy_hcd
[  472.693896][T13851] netlink: 'syz.2.1954': attribute type 11 has an invalid length.
[  472.697894][T13851] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1954'.
[  472.715213][   T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  472.722746][   T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  472.727690][   T34] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  472.745396][   T34] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  472.751225][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.764029][   T34] usb 8-1: config 0 descriptor??
[  473.212635][   T34] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  473.465608][T13849] @: renamed from vlan0 (while UP)
[  473.502258][    C3] sctp_transport_update_pmtu: 28 callbacks suppressed
[  473.502273][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  474.131032][   T40] audit: type=1804 audit(1759640112.996:4125): pid=13900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1965" name="file0" dev="ramfs" ino=39762 res=1 errno=0
[  474.144267][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  474.148263][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  474.152196][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  474.392473][ T6006] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  474.485125][T13912] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  474.489323][T13912] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  474.494554][T13912] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  474.632817][   T34] usb 8-1: reset high-speed USB device number 66 using dummy_hcd
[  474.782551][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  476.063734][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  476.068724][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  476.318601][  T842] usb 8-1: USB disconnect, device number 66
[  476.703761][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  477.983500][    C0] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  478.624369][    C0] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  478.628926][    C0] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  478.634203][    C0] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.264731][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.269190][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.273618][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.278355][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.906584][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.911053][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  479.915788][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  482.364379][T13993] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  482.367606][T13993] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  482.371100][T13993] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  482.375003][T13993] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  482.378872][T13993] comedi comedi3: 8255: I/O port conflict (0x5c942399,4)
[  482.379181][T13999] lo speed is unknown, defaulting to 1000
[  482.382290][T13993] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  482.397174][T13993] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  482.401329][T13993] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  482.404651][T13993] comedi comedi3: 8255: I/O port conflict (0x200001,4)
[  482.407788][T13993] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  482.410235][T13993] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  482.413642][T13993] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  482.426418][T13993] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  482.437639][T13993] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  482.452744][T13993] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  482.474121][T13993] comedi comedi3: 8255: I/O port conflict (0x20000000,4)
[  482.479308][T13993] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  482.483313][T13993] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  482.487145][T13993] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  482.490983][T13993] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  482.494045][T13993] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffd,4)
[  483.031776][ T6069] usb 7-1: new full-speed USB device number 60 using dummy_hcd
[  483.218673][ T6069] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  483.239220][ T6069] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  483.246052][ T6069] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  483.250310][ T6069] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.742856][    C3] sctp_transport_update_pmtu: 15 callbacks suppressed
[  483.742879][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  483.750656][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  484.102936][ T6069] usb 7-1: GET_CAPABILITIES returned 0
[  484.106740][ T6069] usbtmc 7-1:16.0: can't read capabilities
[  484.139435][ T6069] usb 7-1: USB disconnect, device number 60
[  484.382626][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  484.387050][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  484.811455][T14040] netlink: 'syz.0.1987': attribute type 1 has an invalid length.
[  484.890030][T14040] bond1 (unregistering): Released all slaves
[  485.024272][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  485.030149][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  485.042949][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  485.246971][T14048] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1989'.
[  485.250658][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1989'.
[  485.255513][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1989'.
[  485.323876][T14052] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1991'.
[  485.666642][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  485.671782][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  485.677207][    C3] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  486.433229][ T6210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.443690][ T6210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.542261][ T5968] Bluetooth: hci4: command 0x0406 tx timeout
[  488.659198][T14095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1998'.
[  488.679666][   T40] audit: type=1800 audit(1759640127.546:4126): pid=14090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.1998" name="/file0" dev="9p" ino=75760233 res=0 errno=0
[  488.879977][ T6006] ==================================================================
[  488.884176][ T6006] BUG: KASAN: slab-use-after-free in __mutex_lock+0xe87/0x1060
[  488.888033][ T6006] Read of size 8 at addr ffff888028114320 by task kworker/2:5/6006
[  488.893493][ T6006] 
[  488.896322][ T6006] CPU: 2 UID: 0 PID: 6006 Comm: kworker/2:5 Not tainted syzkaller #0 PREEMPT(full) 
[  488.896353][ T6006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  488.896369][ T6006] Workqueue: events l2cap_chan_timeout
[  488.896445][ T6006] Call Trace:
[  488.896457][ T6006]  <TASK>
[  488.896468][ T6006]  dump_stack_lvl+0x116/0x1f0
[  488.896496][ T6006]  print_report+0xcd/0x630
[  488.896520][ T6006]  ? __virt_addr_valid+0x81/0x610
[  488.896546][ T6006]  ? __phys_addr+0xe8/0x180
[  488.896568][ T6006]  ? __mutex_lock+0xe87/0x1060
[  488.896591][ T6006]  kasan_report+0xe0/0x110
[  488.896614][ T6006]  ? __mutex_lock+0xe87/0x1060
[  488.896639][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  488.896658][ T6006]  __mutex_lock+0xe87/0x1060
[  488.896682][ T6006]  ? add_lock_to_list+0x9d/0x130
[  488.896704][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  488.896728][ T6006]  ? __pfx___mutex_lock+0x10/0x10
[  488.896754][ T6006]  ? debug_object_deactivate+0x1ec/0x3a0
[  488.896781][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  488.896801][ T6006]  l2cap_chan_timeout+0x6d/0x310
[  488.896825][ T6006]  process_one_work+0x9cc/0x1b70
[  488.896849][ T6006]  ? __pfx_wg_packet_tx_worker+0x10/0x10
[  488.896877][ T6006]  ? __pfx_process_one_work+0x10/0x10
[  488.896899][ T6006]  ? assign_work+0x1a0/0x250
[  488.896922][ T6006]  worker_thread+0x6c8/0xf10
[  488.896947][ T6006]  ? __kthread_parkme+0x19e/0x250
[  488.897109][ T6006]  ? __pfx_worker_thread+0x10/0x10
[  488.897145][ T6006]  kthread+0x3c5/0x780
[  488.897165][ T6006]  ? __pfx_kthread+0x10/0x10
[  488.897184][ T6006]  ? rcu_is_watching+0x12/0xc0
[  488.897214][ T6006]  ? __pfx_kthread+0x10/0x10
[  488.897234][ T6006]  ret_from_fork+0x56d/0x730
[  488.897253][ T6006]  ? __pfx_kthread+0x10/0x10
[  488.897273][ T6006]  ret_from_fork_asm+0x1a/0x30
[  488.897311][ T6006]  </TASK>
[  488.897319][ T6006] 
[  489.027666][ T6006] Allocated by task 13371:
[  489.029364][ T6006]  kasan_save_stack+0x33/0x60
[  489.031371][ T6006]  kasan_save_track+0x14/0x30
[  489.033477][ T6006]  __kasan_kmalloc+0xaa/0xb0
[  489.035447][ T6006]  l2cap_conn_add.part.0+0x60/0xa60
[  489.037791][ T6006]  l2cap_chan_connect+0x15e5/0x2020
[  489.040056][ T6006]  l2cap_sock_connect+0x3ba/0x740
[  489.042441][ T6006]  kernel_connect+0x107/0x180
[  489.044721][ T6006]  rfcomm_dlc_open+0x821/0xaa0
[  489.046780][ T6006]  rfcomm_sock_connect+0x423/0x670
[  489.049427][ T6006]  __sys_connect_file+0x141/0x1a0
[  489.051760][ T6006]  __sys_connect+0x13b/0x160
[  489.054059][ T6006]  __ia32_sys_connect+0x71/0xb0
[  489.056138][ T6006]  __do_fast_syscall_32+0x7c/0x300
[  489.058575][ T6006]  do_fast_syscall_32+0x32/0x80
[  489.061280][ T6006]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.064258][ T6006] 
[  489.065463][ T6006] Freed by task 11780:
[  489.067378][ T6006]  kasan_save_stack+0x33/0x60
[  489.069433][ T6006]  kasan_save_track+0x14/0x30
[  489.071416][ T6006]  __kasan_save_free_info+0x3b/0x60
[  489.073852][ T6006]  __kasan_slab_free+0x5f/0x80
[  489.076133][ T6006]  kfree+0x2b8/0x6d0
[  489.078223][ T6006]  l2cap_conn_del+0x59c/0x730
[  489.080569][ T6006]  l2cap_disconn_cfm+0x96/0xd0
[  489.082742][ T6006]  hci_conn_hash_flush+0x10b/0x260
[  489.085150][ T6006]  hci_dev_close_sync+0x602/0x11d0
[  489.087474][ T6006]  hci_dev_do_close+0x2e/0x90
[  489.089334][ T6006]  hci_unregister_dev+0x227/0x640
[  489.091632][ T6006]  vhci_release+0x17d/0x230
[  489.094155][ T6006]  __fput+0x402/0xb70
[  489.096273][ T6006]  task_work_run+0x150/0x240
[  489.098528][ T6006]  do_exit+0x86f/0x2bf0
[  489.100355][ T6006]  do_group_exit+0xd3/0x2a0
[  489.102394][ T6006]  get_signal+0x2671/0x26d0
[  489.104712][ T6006]  arch_do_signal_or_restart+0x8f/0x790
[  489.107164][ T6006]  exit_to_user_mode_loop+0x85/0x130
[  489.109870][ T6006]  __do_fast_syscall_32+0x240/0x300
[  489.112741][ T6006]  do_fast_syscall_32+0x32/0x80
[  489.114791][ T6006]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  489.117314][ T6006] 
[  489.118275][ T6006] The buggy address belongs to the object at ffff888028114000
[  489.118275][ T6006]  which belongs to the cache kmalloc-1k of size 1024
[  489.125172][ T6006] The buggy address is located 800 bytes inside of
[  489.125172][ T6006]  freed 1024-byte region [ffff888028114000, ffff888028114400)
[  489.133038][ T6006] 
[  489.134176][ T6006] The buggy address belongs to the physical page:
[  489.137286][ T6006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28110
[  489.141780][ T6006] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  489.146183][ T6006] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  489.149968][ T6006] page_type: f5(slab)
[  489.151930][ T6006] raw: 00fff00000000040 ffff88801b042dc0 0000000000000000 dead000000000001
[  489.156153][ T6006] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  489.160125][ T6006] head: 00fff00000000040 ffff88801b042dc0 0000000000000000 dead000000000001
[  489.164241][ T6006] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  489.168898][ T6006] head: 00fff00000000003 ffffea0000a04401 00000000ffffffff 00000000ffffffff
[  489.172827][ T6006] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  489.176815][ T6006] page dumped because: kasan: bad access detected
[  489.179750][ T6006] page_owner tracks the page as allocated
[  489.184250][ T6006] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5958, tgid 5958 (syz-executor), ts 55690259794, free_ts 55044135964
[  489.204195][ T6006]  post_alloc_hook+0x1c0/0x230
[  489.206574][ T6006]  get_page_from_freelist+0x10a3/0x3a30
[  489.208918][ T6006]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  489.211090][ T6006]  alloc_pages_mpol+0x1fb/0x550
[  489.213389][ T6006]  new_slab+0x24a/0x360
[  489.215300][ T6006]  ___slab_alloc+0xdc4/0x1ae0
[  489.218308][ T6006]  __slab_alloc.constprop.0+0x63/0x110
[  489.221185][ T6006]  __kmalloc_node_noprof+0x4dd/0x8a0
[  489.223773][ T6006]  qdisc_alloc+0xbb/0xc50
[  489.225848][ T6006]  qdisc_create_dflt+0x94/0x490
[  489.228083][ T6006]  dev_activate+0x63f/0x12d0
[  489.232369][ T6006]  __dev_open+0x432/0x7c0
[  489.234676][ T6006]  __dev_change_flags+0x55d/0x720
[  489.236717][ T6006]  netif_change_flags+0x8d/0x160
[  489.238877][ T6006]  do_setlink.constprop.0+0xb53/0x4380
[  489.241092][ T6006]  rtnl_newlink+0x1446/0x2000
[  489.242841][ T6006] page last free pid 5962 tgid 5962 stack trace:
[  489.245444][ T6006]  __free_frozen_pages+0x7df/0x1160
[  489.247765][ T6006]  __put_partials+0x130/0x170
[  489.258901][ T6006]  qlist_free_all+0x4d/0x120
[  489.261766][ T6006]  kasan_quarantine_reduce+0x195/0x1e0
[  489.264667][ T6006]  __kasan_slab_alloc+0x69/0x90
[  489.267517][ T6006]  __kmalloc_cache_noprof+0x274/0x780
[  489.270556][ T6006]  kobject_uevent_env+0x265/0x1870
[  489.272650][ T6006]  __kobject_del+0x168/0x1f0
[  489.274433][ T6006]  kobject_put+0x327/0x5a0
[  489.276331][ T6006]  netdev_queue_update_kobjects+0x4e5/0x720
[  489.278992][ T6006]  netif_set_real_num_tx_queues+0x151/0x870
[  489.281782][ T6006]  veth_init_queues+0xe1/0x190
[  489.283895][ T6006]  veth_newlink+0x4a3/0xa00
[  489.285438][ T6006]  rtnl_newlink+0xc42/0x2000
[  489.286859][ T6006]  rtnetlink_rcv_msg+0x95b/0xe90
[  489.288698][ T6006]  netlink_rcv_skb+0x158/0x420
[  489.290087][ T6006] 
[  489.290925][ T6006] Memory state around the buggy address:
[  489.293413][ T6006]  ffff888028114200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  489.297464][ T6006]  ffff888028114280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  489.301473][ T6006] >ffff888028114300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  489.306042][ T6006]                                ^
[  489.308766][ T6006]  ffff888028114380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  489.313511][ T6006]  ffff888028114400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  489.319228][ T6006] ==================================================================
[  489.325110][ T6006] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  489.328978][ T6006] CPU: 2 UID: 0 PID: 6006 Comm: kworker/2:5 Not tainted syzkaller #0 PREEMPT(full) 
[  489.334551][ T6006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  489.351524][ T6006] Workqueue: events l2cap_chan_timeout
[  489.354643][ T6006] Call Trace:
[  489.356142][ T6006]  <TASK>
[  489.357376][ T6006]  dump_stack_lvl+0x3d/0x1f0
[  489.359692][ T6006]  vpanic+0x640/0x6f0
[  489.365892][ T6006]  panic+0xca/0xd0
[  489.368173][ T6006]  ? __pfx_panic+0x10/0x10
[  489.370741][ T6006]  ? check_panic_on_warn+0x1f/0xb0
[  489.373124][ T6006]  check_panic_on_warn+0xab/0xb0
[  489.375436][ T6006]  end_report+0x107/0x170
[  489.378031][ T6006]  kasan_report+0xee/0x110
[  489.380683][ T6006]  ? __mutex_lock+0xe87/0x1060
[  489.383130][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  489.386691][ T6006]  __mutex_lock+0xe87/0x1060
[  489.388939][ T6006]  ? add_lock_to_list+0x9d/0x130
[  489.391369][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  489.400153][ T6006]  ? __pfx___mutex_lock+0x10/0x10
[  489.402346][ T6006]  ? debug_object_deactivate+0x1ec/0x3a0
[  489.404818][ T6006]  ? l2cap_chan_timeout+0x6d/0x310
[  489.407076][ T6006]  l2cap_chan_timeout+0x6d/0x310
[  489.409182][ T6006]  process_one_work+0x9cc/0x1b70
[  489.411387][ T6006]  ? __pfx_wg_packet_tx_worker+0x10/0x10
[  489.413951][ T6006]  ? __pfx_process_one_work+0x10/0x10
[  489.416588][ T6006]  ? assign_work+0x1a0/0x250
[  489.418806][ T6006]  worker_thread+0x6c8/0xf10
[  489.421239][ T6006]  ? __kthread_parkme+0x19e/0x250
[  489.423696][ T6006]  ? __pfx_worker_thread+0x10/0x10
[  489.425927][ T6006]  kthread+0x3c5/0x780
[  489.427576][ T6006]  ? __pfx_kthread+0x10/0x10
[  489.429381][ T6006]  ? rcu_is_watching+0x12/0xc0
[  489.431262][ T6006]  ? __pfx_kthread+0x10/0x10
[  489.433534][ T6006]  ret_from_fork+0x56d/0x730
[  489.436320][ T6006]  ? __pfx_kthread+0x10/0x10
[  489.438482][ T6006]  ret_from_fork_asm+0x1a/0x30
[  489.440377][ T6006]  </TASK>
[  489.445455][ T6006] Kernel Offset: disabled
[  489.447687][ T6006] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:51:37  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b640420 RCX=ffffffff81aea041 RDX=ffff88801f914900
RSI=ffffffff81aea01b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900006df888
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed10056c8085 R14=0000000000000001 R15=0000000000000002
RIP=ffffffff81aea01d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097c7e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080ff4000 CR3=000000000df82000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88802b6424e0 RCX=ffffffff81aea041 RDX=ffff888055e6c900
RSI=ffffffff81aea01b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900036cf600
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed10056c849d R14=0000000000000001 R15=0000000000000002
RIP=ffffffff81aea01d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097d7e000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080ff4000 CR3=000000005e98d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85204955 RDI=ffffffff9ab510e0 RBP=ffffffff9ab510a0 RSP=ffffc9000418f530
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000030303654
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ab510a0 R15=ffffffff852048f0
RIP=ffffffff8520497f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097e7e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c33fda5 CR3=0000000065b68000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c39a344cf680cf3a 905389c592fc6738
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 75c418c4ad1d5eaf be40eea340b6bbfd
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 353ef3c567ab0b3f 2ed21dc8c7f69f77
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba68fd427cbfc172 4b37c912c3793c67
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bec900c93a323b79 7fd8e70827b22f6b
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f8130fcf8df8571 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5242964ece674af3 ad0834e2c419da01
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d13ebee200000000 80af64d9d9ea73ce
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f647bb0087bba56 9b9afbdb997613b8
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 850b5a1e4a41645f 5be277db5fd5dd3c
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffffff970f5338 RBX=0000000000000234 RCX=00000000000004b3 RDX=0000000000000144
RSI=00000000000004b3 RDI=ffffffff97198fd8 RBP=0000000000000030 RSP=ffffc9000770f360
R8 =ffffffff95814f00 R9 =0000000000000280 R10=ffffc9000770f500 R11=0000000000000000
R12=ffffffff81967290 R13=ffffc9000770f400 R14=ffffffff81967da0 R15=ffffffff97198fd8
RIP=ffffffff8196934a RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097f7e000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73d5010 CR3=00000000483f7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000