last executing test programs:

1m18.240899955s ago: executing program 3 (id=4719):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0) (async)
r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x2a242, 0x0) (async)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x2)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000200)=""/245, 0xf5}], 0x1) (async)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="bf000100000000006111140000000000040000000000000095000000000000001abe5201462857a3db65e291772afa2114f5963ed660b870d974d2252829f8290f8d02e3b0096b3df3e6585851cb7efb50a982b66e14716ffe33a164c3d1ff5798fc4bd6d3e5ab096e9ad743eb00"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1d43, 0x10, &(0x7f0000000000), 0x76}, 0x48)
write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000040)={0x1, 0x2}, 0x2)
write$USERIO_CMD_REGISTER(r1, &(0x7f00000000c0)={0x0, 0xa}, 0x2) (async)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000100)={0x0, 0x1}, 0x2) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r3, 0xaea2, 0x6) (async)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
syz_emit_ethernet(0x4e, &(0x7f0000001740)=ANY=[@ANYBLOB="0180c200000300fe880000000000000000000000000101ff0200000000000000000000000000018800907803000000fe8000000000000000000000000000aa00"/78], 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm-aes-ce\x00'}, 0x58) (async)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x408001, 0x0) (async)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000080)={0x1, 0x0, [{0x1, 0x9, 0x7, 0x9, 0x7}]})
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

1m18.239844475s ago: executing program 3 (id=4721):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x2, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r2}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, &(0x7f0000000140), 0x0}, 0x20)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x1c, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@nested={0x5, 0xa5, 0x0, 0x1, [@generic="fb"]}]}, 0x1c}}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000080)={{'\x00', 0x2}, {}, 0x16, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)="4c2a584b8f40e3eb59b33676b36fe6f237138dd2ad5c34cb3f87fdd92592fd4cebf88e546966c3f09c5e6e54aaa80a84f6090a213cc591a248ded90859542524236d42c1016a360ccea0c758513e7bc9c43d7a1ca4ef003f29c038db86298c7fa0cef3010ff6ba36ba0a75ec3a35c1735cddc6e13b0381b1d5ab2fa3f5105b8632c287659df7855b9904ec460f4ab2bc4cbf73ea53b6f330da5bb216aa3ce80f88987889676e2bbae6f9388e512e7a6ae6fa36a8bc16e283fbb160844dd6095cad6b5b2061848ef4c833055502440581a9bcb0a7629e3f984fc3b3533efa9ef1383d6c1cd439d83caefd50508a1283d90fe971a8d51d91843f6c22ca82e5a45466221f4afc4ddd", 0x107, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000054100000000000000c00100000f80ef107c5a96b9f602c220d480ec53b662dc7d8d24a6d7f352f1a5842862052aafd50066517bd6641f1518b14d4f6e6880d5adc7f4b9811131d7d1ba6b1bfdfe4e43ee926b35c4119d2f0bf799cab86f2db4bca4b84aeb3568aec4864c51f82f48605c789250195d5183c00a1d4261c9de87d1f1c12153b157235a16e28a0d149bd9867ebebd574de4e7958d90ce33b9379a6ad4ef84e781c7e6ae1746dc1c7f4a39921017a99108d3972b9b33a27fa840e44629c1abc9c2dec5775747a48d58113bbf57086eb4d33478e17c0f1e8d3351c1b4dea4260f3473055761cd41ac1575fe8ffff5bd04ab645f587b1f467220292fc41f1e5b6a37c7da019ccbe16353d1068dd3254ac5236ff5cc2e33bc070f445b0c4c5aaeff6f6578dd9cf657ac594cc99fdfc77a038e56941dedf4c45b00da4173e50d781be67cdbca21120eccea4543740f7f125a0bd010547d86fca314d310f9635b6f3402c728627352c0b91782aefd89df8e1e27f9511e92189571dcfe07e941cf28cc4857276aa544c7d31a094f1874059d8a6dd5d510fa9c87dc5f66d2ada29ec550b81acee41b12a4b5f0558b720c9f3e74fb7463fa2bcfb974e4794728c23117053464844e8a5ee6fe96ee0ec0a43d81d3e4d02978618698ba35bb4d5425b0e7d70a8cd4b7a5dcf3b9b9082dc8e383ef95423218b088cc71102d1dff7618966cafc049d3f2d160323e28de88c33eaadfc9927772f019e1a952091ea7cc3fd93d93a47fe336218e67fc5f29e01616b28492f8e461b412d0e6018b7cd0a061ad1b179759366912f695fc9891c8e88e626f51242a639df6d940690230a77578af43f03d2ceb5ad39adbac33f3f39d440a055536c4f7fce35fb6872be4002c1230b7816129aed547042dc021a1fe6e3abd959cdb5d6fe8b7e4b32053ffb7071d3d86aebc35a79f8c069a862aa3456508d862e6fdd716b67dd5cb03d3b502302a578a63dd9a38ea468db7d8bd44c5cfcb124a6466c8249e5bdcc0a0cd1eb00081d581333b183a306afb93ad560f41cc02d30835bbe22252587410bcf1537302b8686b615d38e02ff754e8f05a66a01f9db227658357756f2673efea7f1d14b294da74a29867eeca37be6ef16334ce0ec49e9e00d82d515f45300b9b5e10dececa4cc1b915fe3bc371547cfb7779fcd0962ea1b68be6a1b1886968c615b865e7f6e9dc97190e3c0069e83c944a18be8aaab364675032f9098e8f91daf09f003ff7f30964cabf9294f34b0c1fc3e583efe39c3435d805378cda1b5f2eaa6315d37bb2c98c09b72790fac6a1ad65a763b6863f87928ecc8a251688a9af593b9cb8c0681c65be26398a194e8ee29672a29c0fb865a26d3eb8db02ebff84c6c53e078ee3ee92cb9e32c9d313bfdaaa0c3734161f5fef19102924dce2c7e30428ace45ad833c0408ad63d64fd2a11128cc58fa1e6ed56e5b1331bffa0c9cd69a18f6240b4c76bca17a60fce0d7276c88dddc8e016be5982b1e04050d078a4bca088e3bfbc75a89dacd4f73c48f9b4a37be9c242b9d213fb2eaeb49ff274aa1966f01566f2de62005fd97321ba9791a4ae7ba492d6a37f0e9c0e45f2033a35a2f1d4ee63d85718d733691a87f68be104d0a526f28c85f2593c73a565d94c879ca485f58d0eb3cb9f0e6e4a736017e7c0735b9445db13fda67d551e6a4b2fb3de1d2cec65ca2fc4bf6a275dbff224eda34cd8d0c2c5cd533ab6132ce9cfd5aad6a6aec4dcb749d6cc0c040fdf20bc1126b53378b52480b9e02b76eabe963413da61134461acce0c24c0bfb53b6768f286599db5cccdbf21a7674154033000fdc614bcffd72c5acaf12eab7999a77987123f614a849b293e23fea5f1dc8ebe3f85889e6f9e7159e961bcf24b4be48dcea3fe6c8bc6b7e2319abfff2d6b4cf5fb08167e922abe2b2f4ceb5ea61978e2df00b9769dc78e6851c975bf0ff7019506aec951007f07793bd6ed66360461049d6a60f0a98cf1e92f362892ae5a9381da01d3af7f63b4359be0850fe509d2d4b40199752c143eb53fb230bfe6b3ec362da0366b428e12723cfbd27dbef6a6df79dc9c97c79fda318ff7b863a5ed41dd157cb37cc0d3cc3a8802cd4b1667f5ef99905a86826100fd11ec0388de1b3e5f56843c98af2b8ea09a6107cc71a16033a9cb4e17a973f93f4cd8aee5c63dd516c23e13025e1de9237d47e0f16aa29212a76078b0bcb84cceb7f9a9f9be55992c304c4036f03e632de4cc56b889159c69684bccbca48efe6073099ae1cf3e13d791e750e2c763fa8832cc60fd642a855e0877dd961089080500e08ff74e46d3464c80802bc7429efa32796f758d1d69786d947c8241273d610bfdb73db7167d05c14df354a05602aa76cc1b2fcee754483555eb95e22935c830ca9f499fe78e8cee2b01aedc1ee2a0b58f9bb3d1a14b7ddadc1bdafe29219170c90a286fc220dc826bb18b0baff6e308c360d2fb9c6932d1f621da7f4d59ce83c47672a0efb47d7c4e2640039124dc8c104a5e0c4e23262fd9dfd0de7a4f7c5707b62626ccd11411b6e82a8d73a3bdfeb6f00ca5c852c2ca0f06f3c523eb3c6e236b0deb3a783ce94e0f4d8d73f2239ab3fda9d8ef01aa52f57fb8fc14bf2d1e104341771f59a033c96f111e514cfa8533b9401d36a7065deb8506af95132c2f9a0dc500943b83242d24dd7d3cd3d2f63f9bf980f5c06a588be1daa0626bdd2e211f61520bcba90de622ec20c27126d2b8f002799b944bb9bfba8f1b6838343536cb488b0bed4f505bd48dc0905465151c29456318ca6d8da7919f766a87446a2b4e9baae336521c943d2c5a05926d686e3f303cd0d6be46e36c5b180d99162931560f2d8f2e4344b595913e2382f5bf18c46b7c83c4688f05b342643246548eccd03101f88450c65635225ef0ec8c782985751ccd9c5af0be5ebfca57a523b5a71aa5e9e795783f7d8bd7c7915e634f2b7e7175d11a11dd33c491be9e71040f9e4cdbc5173e683e9f8e2ee48ab5498e25dcc4f2d753036b71e10885178099d334298f7df25d693470fde32498c89064009b686792b6d2f3acede185ba0b8bcca0295a5f1a2200a6a8c2e209138050a984e9a886ee7523f4ca92d76b1f22e4206daacf408d7326330a9271e315e07af0a6243f631069f5b73de1f506d8a555559503679c365f16ee1dc368e20554b9bdd9a0cbb9046ba3e699267e439766ae6b2fabe656b9d6980c4a480ca11aa80fe2345114f681d763a9304b87ca73fbc3c04e626442fb00a29390a48f6146d2fbe41a70b1d24d666f2ce231334b80826d557251f5474daa1eb6a2395a5fb14abde7167a1642532a777e5147fb25215fe237b59e2f612a5e865ff383d822d36afd2449ec4929f83d5e321e606ca934071c51444bf381c3fb64ca439c6e7c38d57f40d330cf47d0b517784b74c3070fc526c3df1e7692dfdf901102fa7b5587ed964fca5a023960c474f62661bef6c8309e60fcc650b7d09ea8ed53ebb128b819b827e9bdb7f5e793c111b811420706321004fe6b34c39e939e22ec0b6f31eaabab84f19e946d5ca0b792dfe873cb5de282dadd4b02d784bd698a19754740b4be39675b322581eaf58057b6c96374e94edd46ad7cec20e3c137bf7dbe1c281ed910dfe993c57d0d589e5a25202ae9e88b4d2732b61b95189f83035a0e9b38ededfadb84b28ec61e0bf102230d5157e8d773ef3d25a7a560a66f2d13f2862eb8271f0afc211ab32592ed9c0345e80a7927f9ba048afe31ae48f3b47740cf5d95b07f35d6c968c12e1eec1318f356c6215c8b266b791ab6ed58f48504234c546573044232409447bcf1acd3e594a909c69bed348c961f1967d9030484555639bc11ceb43db1b9280ad3fa2ade6c60d8b941ecec41693bba4350d8420f9b45eadf969620a066d2c77a71874b10cd91293d66684bbe4bedbe8f6d475055b1e1975bae8c07b475c1f14ca8a2342cf0d06673a8eea7021a72b2f511289afa38bc7965543f837aece00c9ae98865a172c4e4cd743ea5e351200bdc1446ac1d9e12304e924926d80e7f2000bc861c29d842229f8c591a876b19389cb6083b4a3fbe6c0ff8b9b840522c298cd44f9f789bbcfa2a7be76d7d507415c3c8267e4092b73eed651c143ac65d3ba80d75d5e5aa8c4feff305f197dc00a67b4cd59e5c73531810df43a1a081bb7dd164c745dd0f486db457aac9e061a1ce964351a057bdc77c74c3b03720d5c00756c60b1174e0fe8a40c863130031438d237f9e4db73ce8a9ae3892b01d00b10c7f6ac913b6c2a245aff66a653f1709b2971a928a358c231906d3b622a5c0754e72f4537dc204a8b9d7ea0f78de152da28ff596061fee1998702bc0c854ca105a46c622e0bc3c4fb2ab75693deeafb08e90290c647100a4bf9068f9203487be7cac83a7168491596012c17d1661dad5f3ed6a46af91712906e0d8e3a44cacfcf43e2d0dbf04ada497baed3f67253c730ffab483cd5d84b3cbd33b5bd0f142dd817e52125bae6b8c9fba3a8c4eca566b65db3b00dfe470d37a3ddade8ab416922ea26c4f089baddb3bef84ce80d748272c144081eb38633e0094c35296eb0b14c76173ef54f63fc840a46e8dc4b21f176e505a7a8262344e844ab00e49ec68f271ac0f92b7411df30a06395f0e3937c79e6563ffdd46f32707c8b448acb5c36ec6a443ee882ede95e9a4f41832c8b4d9ed278608e7c3184e64cb96ae3d3a873d38767a10646280c6c2da6d180231807463ab1f18228bf2171f59319609a4c1672af027642d320239d225f8b4b76c22363dd9f3e40cc87638a50e9ed9318c23cc22ac8fae739071e79cbfcf7ff5cecf5ff20566c7f7f7b11709fbea60ba4415390df9732a25302279814001e14f32114ea995b4fe3ff9b09bdb320351645d49766c2261473aa82693730686f555f5cd5f3ed4baa799384a09db34a93d1ee2f371a3f053d00a76f55d587c8c20dff76f10d89f87f22ff7ad6eb5a5b072b88b0f5abf7bc630602cfe842e8750b19615fd1f6dbe81adef3a943603e949db0f8fe4b599033ca9dcdc8f60eb5f637e290e57920509f5f43635f64b1abd652b390888cc20a332977dc8b1a28f2d2eb9be6e8e1450b814c7d7a15b3a650b7d2d3512e29ce3ce7432cef52e47c705b3a6d520be740e4592b199b9551b30b5dc2b5a77d170b9323d61b6017120009f1e17a746b9c65c184295ce51ba0a57c87097c4bfdf19a6b8384774343773c28f65285f59f493d93705e79b35d4d209fa392215c6f09dfb3d4ccb82d14310be9caf19c33f333d63d66910e8bbc13d744bea3b4202f2c18d5be279bc46dce1b4b86410624b56036c6884213d8f3ac13083d85d2212c4e08f2ab1e3909b844d28f0320f4d0ee67535fa8c9614e10068b1f955db75bca81bc1d9fd8a398d05d01598b7dab257a710c9e98517e2300a8ff5aeb20a6934132ef378e95afa760e36ff793b29ed582ff72c8b2db509b20745fd4f3ae8961760ffc0604adc18f5a45530ae5a7b566cda80f247ce5179c21c36007b4e505ca88f751852241ae0784f4ec034ce0ef41f51be983f3b1534ce5fd5eba74d4b523e83f24cd638b6f85f288ce4c4d082c9553442c4b5c06ad3765b46ccf4257edd10c12f93f09b2329ad6fb6f802bef08e480d3e77ff114993f909f82f4d65e0a5e70b55d9e374dca15a936ded43bbdffa0162e4d6f423ea616d6de6edaf291e54778463fcdf82b9515008cc013265179f33616e764428e1dd41375f8f3c51965c86854297a741c74e44700000036f38febbd1331bd6f07c8196b28396e104bec5c6bda5c94b112dc99f9ed79d630c71df81f1c844fbce8b7b195297e4c3ecaffbf3a4fcb2ef72f2bb9de1f83625cd4e00d18e833eb000000e420e3a06bd2bb84e8a8969fb4b2273843ef19b2e0932f78573f9775eb43a848f1e466a50d6c35a0c256007177ceb8261cad6b8edf670ef031a50fbb9d042e4aa619e005843898d8851e205a5bbf2180148f89f5ff1ce225c80aafa9f8b84cf7526b234dc8eb8a06cc43e19786fb8b660a560c75b05290a873d651d276fbd577e2c79433e6b54fb266deb809fd92b099d0f3ba81ea8e1207642d78878591b5d9af2c72def362212b64a648aee8fc15c9bc31fbbc32061e5ec2e4614d59fb3e91900b82a731f7908cf597430cec404a932e2f63ddd9f655ba978df281213a925a3954ef71ed998cdf6d4def"], 0x114b})

1m18.160599915s ago: executing program 3 (id=4723):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$selinux_validatetrans(r1, 0x0, 0x79)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_PER_PORT={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1m18.160474293s ago: executing program 3 (id=4724):
openat$audio(0xffffffffffffff9c, 0x0, 0x109842, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
creat(&(0x7f0000000000)='./file0\x00', 0x108)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0x8888b1, 0x0, 0x1, 0x2, 0xa, 0x0, 0x0, 0x2, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0xf8)
write$tcp_congestion(r2, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
dup2(r2, r0)

1m17.891095833s ago: executing program 3 (id=4727):
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x21042, 0x136)
write$P9_RLERRORu(r2, 0x0, 0x10)
listen(r1, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r4)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

1m17.040591206s ago: executing program 3 (id=4738):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f00000005c0)={'tunl0\x00', <r2=>0x0, 0x1, 0x1, 0x4, 0x8, {{0x42, 0x4, 0x3, 0x8, 0x108, 0x68, 0x0, 0xd, 0x2b, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0xc}, {[@ssrr={0x89, 0x1f, 0x7d, [@dev={0xac, 0x14, 0x14, 0x1a}, @loopback, @empty, @empty, @multicast2, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_prespec={0x44, 0x54, 0xa7, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x15}, 0x6}, {@empty, 0x9}, {@loopback, 0x7}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x26}, 0x5}, {@empty, 0x26}, {@private=0xa010101, 0x1}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101, 0x6}, {@broadcast, 0x3}]}, @cipso={0x86, 0x81, 0x3, [{0x5, 0xf, "d7127419c71f006ca477ce1f18"}, {0x0, 0x4, "8a9e"}, {0x5, 0x6, "335474c6"}, {0x2, 0x10, "19e959dbd61067f53ad19bbc9b59"}, {0x6, 0x12, "0d0bebe8f453e02f6a10ae95553c145d"}, {0x0, 0xa, "af136defd0ef1b48"}, {0x3, 0x8, "3102aad26252"}, {0x2, 0x12, "c2f98794c48b5ed3a605bb962cccdaf0"}, {0x5, 0xd, "e8c452533f9fba9048a190"}, {0x1, 0xf, "31a085ee55874dc0d9708694ef"}]}]}}}}})
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000700)={0x4, 0x80000, <r3=>r0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0900000018000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB="000000000000268e00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r4, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)='%pK    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x20, 0xd, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000030000000000000000000000186a00000f0000000000000003000000180100002020782500000000002020207b1af8ff00000000bfa100000000ffb702000008000000b7030000faffffff850000000600004ece710559221000009500"/112], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x57, &(0x7f00000004c0)=""/87, 0x41100, 0x41, '\x00', r2, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r1, 0x2, &(0x7f0000000800)=[0x1, 0x1, r3, r4, r5], &(0x7f0000000840)=[{0x2, 0x3, 0x4, 0x4}, {0x5, 0x1, 0x2, 0x1}], 0x10, 0x9}, 0x94)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={{0x6, @rose, 0x2}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f0000000000))
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r7, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x128, r8, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xff}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@private=0xa010102}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xf}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x32}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6c}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x78}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfc000000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}]}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xa80}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x449}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x80000001}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x44000}, 0x4004000)
r9 = syz_open_dev$loop(&(0x7f0000000580), 0x8, 0x8000)
socket$kcm(0x29, 0x2ccc9ae91b28e04c, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r9, 0x4c08, 0x9)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
r10 = syz_open_dev$dvb_frontend(&(0x7f00000015c0), 0x0, 0x400)
ioctl$FE_GET_PROPERTY(r10, 0x80106f53, &(0x7f0000000000)={0x13, &(0x7f0000000040)=[{0x23, '\x00', @st={0x4, [{0x1, @svalue=0x7}, {0x3, @uvalue=0x3}, {0x0, @svalue=0x5}, {0x2, @uvalue=0x1}]}, 0x1}]})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000019c0)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x70bd2b, 0x25dfdbfd, {0x2, 0x20, 0x80, 0x4, 0x0, 0x2, 0xff, 0x0, 0xa00}}, 0x1c}}, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)

1m2.018454989s ago: executing program 32 (id=4738):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f00000005c0)={'tunl0\x00', <r2=>0x0, 0x1, 0x1, 0x4, 0x8, {{0x42, 0x4, 0x3, 0x8, 0x108, 0x68, 0x0, 0xd, 0x2b, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0xc}, {[@ssrr={0x89, 0x1f, 0x7d, [@dev={0xac, 0x14, 0x14, 0x1a}, @loopback, @empty, @empty, @multicast2, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_prespec={0x44, 0x54, 0xa7, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x15}, 0x6}, {@empty, 0x9}, {@loopback, 0x7}, {@loopback, 0x8}, {@dev={0xac, 0x14, 0x14, 0x26}, 0x5}, {@empty, 0x26}, {@private=0xa010101, 0x1}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101, 0x6}, {@broadcast, 0x3}]}, @cipso={0x86, 0x81, 0x3, [{0x5, 0xf, "d7127419c71f006ca477ce1f18"}, {0x0, 0x4, "8a9e"}, {0x5, 0x6, "335474c6"}, {0x2, 0x10, "19e959dbd61067f53ad19bbc9b59"}, {0x6, 0x12, "0d0bebe8f453e02f6a10ae95553c145d"}, {0x0, 0xa, "af136defd0ef1b48"}, {0x3, 0x8, "3102aad26252"}, {0x2, 0x12, "c2f98794c48b5ed3a605bb962cccdaf0"}, {0x5, 0xd, "e8c452533f9fba9048a190"}, {0x1, 0xf, "31a085ee55874dc0d9708694ef"}]}]}}}}})
ioctl$DVB_DVR_DMX_EXPBUF(0xffffffffffffffff, 0xc00c6f3e, &(0x7f0000000700)={0x4, 0x80000, <r3=>r0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0900000018000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB="000000000000268e00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r4}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r4, &(0x7f0000000580), &(0x7f0000001580)=""/92}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)='%pK    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x20, 0xd, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000030000000000000000000000186a00000f0000000000000003000000180100002020782500000000002020207b1af8ff00000000bfa100000000ffb702000008000000b7030000faffffff850000000600004ece710559221000009500"/112], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x57, &(0x7f00000004c0)=""/87, 0x41100, 0x41, '\x00', r2, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, r1, 0x2, &(0x7f0000000800)=[0x1, 0x1, r3, r4, r5], &(0x7f0000000840)=[{0x2, 0x3, 0x4, 0x4}, {0x5, 0x1, 0x2, 0x1}], 0x10, 0x9}, 0x94)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendto$netrom(r1, 0x0, 0x0, 0x0, &(0x7f0000000000)={{0x6, @rose, 0x2}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f0000000000))
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r7, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x128, r8, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xff}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@private=0xa010102}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xf}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x32}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6c}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x78}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfc000000}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}]}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xa80}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x449}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x80000001}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x44000}, 0x4004000)
r9 = syz_open_dev$loop(&(0x7f0000000580), 0x8, 0x8000)
socket$kcm(0x29, 0x2ccc9ae91b28e04c, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r9, 0x4c08, 0x9)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
r10 = syz_open_dev$dvb_frontend(&(0x7f00000015c0), 0x0, 0x400)
ioctl$FE_GET_PROPERTY(r10, 0x80106f53, &(0x7f0000000000)={0x13, &(0x7f0000000040)=[{0x23, '\x00', @st={0x4, [{0x1, @svalue=0x7}, {0x3, @uvalue=0x3}, {0x0, @svalue=0x5}, {0x2, @uvalue=0x1}]}, 0x1}]})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000019c0)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x70bd2b, 0x25dfdbfd, {0x2, 0x20, 0x80, 0x4, 0x0, 0x2, 0xff, 0x0, 0xa00}}, 0x1c}}, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)

4.465356211s ago: executing program 2 (id=5599):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001500190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)

4.400229845s ago: executing program 2 (id=5600):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000000)=0x2, 0x4) (async)
r1 = syz_open_dev$cec(&(0x7f00000008c0), 0x0, 0x80)
ioctl$CEC_ADAP_G_PHYS_ADDR(r1, 0x80026101, &(0x7f0000000900)) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vcsa(&(0x7f0000000180), 0x5, 0x4081)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r2)
sendmsg$DEVLINK_CMD_PORT_GET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x2, 0x0, {0x37}}, 0x14}}, 0x0) (async)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IMADDTIMER(r4, 0x80044940, &(0x7f00000000c0)=0x32) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0) (async)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r9, {0x2, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x20000000, 0xfffffffc, 0x7ff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x4811}, 0x40884) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0) (async)
read(r4, &(0x7f00000019c0)=""/4107, 0x100b) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x67)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
unshare(0x68040200)

4.179053601s ago: executing program 2 (id=5603):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x28000}, 0x40)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006300)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008340)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, 0x0, 0x80101, 0x101)
dup2(r4, r2)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@private2, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@private0}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8)
chown(&(0x7f00000000c0)='./file0\x00', r5, 0x0)

4.178909773s ago: executing program 4 (id=5604):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
pipe2$9p(0x0, 0x880)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@enum={0x3, 0x0, 0x0, 0xf}, @struct={0x4}]}, {0x0, [0x0, 0x0]}}, 0x0, 0x34, 0x0, 0x1}, 0x28)
ioctl$SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(0xffffffffffffffff, 0x84, 0x7ff, &(0x7f0000000440)="0000000000000000fad5e7fe5f8fb2cbfbb160a23615a6121b76f4323bc4d598c9416e5700e149c718576c5f699d9de96a416a70cff9ad45424c35b4afcc8f4a4c29799cf542861c525c2333de9f8149e1147921dbaffa49c70f8113b3b52d9b19393af71eda2800aca058879feb61656d7f438ffcb22a3506f7ae7e38a09a7fd523448349", 0x85)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x5}, 0x8)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000003c0)="8c", 0x1}, {&(0x7f0000000400)="6dc96060356ae9e9ba271196f805236068f1bd191afd3ef84cbb384035b3154980c5472c9dbe9ed5", 0x28}], 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

3.31049264s ago: executing program 2 (id=5613):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000e40), 0x0, 0x2)
ioctl$HIDIOCSREPORT(r1, 0x81044812, 0x0)

2.900263101s ago: executing program 4 (id=5614):
syz_emit_ethernet(0xb6, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6000000000803afffe80000000000000000000000000001fff0200000000000000000000000000018700907800000000fe8000000000000000000000000000aaff020000000000000000000000000001010b909f50c218fa30165debb32c1997043f1c9ffeca5ab1225605024d58164e9cea3822ef2d41c58f08089a7f8687c5062f050094e0dad5a7e2cfee3e4542e3d1342a4a735d0c9d276a7d7767714d09be6e294917c38356"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000240)={0x24, @long}, 0x14)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000240)=ANY=[], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000300), 0x8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000080)

2.891951527s ago: executing program 1 (id=5615):
openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rf', @ANYRESHEX=r0, @ANYBLOB]) (async, rerun: 64)
io_setup(0x2555b500, &(0x7f0000000040)) (async, rerun: 64)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x83, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="b805000000090200e1490000320f01d9660ff7e31bf7ecec05000000b90000c0fe0fae41d90100b9800000c00f32098f400f300f0826f30fc7b2050000000f32660fc775022e0ffa600c980f320f3566b857000f00d0", 0x56}], 0x1, 0x1c, 0x0, 0x0) (async, rerun: 64)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x6bb6c4a5b2d35090, 0x0, 0x0) (rerun: 64)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000080)={0xbe, 0x0, 0x1}) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.891764262s ago: executing program 4 (id=5616):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e67", 0x26f}], 0x1}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYRES32=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\r'], 0x50)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x880)
r4 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x4, 0xc4}, 0x0)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x20)
connect$unix(r2, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
write$sndseq(r1, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {0x6}, @addr={0x7, 0x3}}, {0xd, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {}, {}, @connect={{0x2, 0x3}, {0x3}}}, {0x0, 0x0, 0x0, 0x0, @time={0x2, 0x2}, {0x0, 0xc}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {0x3, 0x1}, {}, @connect={{}, {0x0, 0x5}}}], 0x70)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a48000000060a01f7ffffffffffffff000a0000040900010073797a31000000000900020073797a32000000001c000480180001800d00010073796e70726f78790000000004000280140000001100010000000000000000000100000a"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
r5 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r5, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466ccfe807a000000ad6e911b51818462b4003a000001", 0x38}], 0x1}, 0x0)

2.800613874s ago: executing program 4 (id=5617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x9}, 0x50)
close(r0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={r0, &(0x7f0000000040)}, 0x20)

2.800009712s ago: executing program 4 (id=5618):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc}, 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x14, 0x40, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}}, 0x14}}, 0xc000)
sendmsg(r1, 0x0, 0x40000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10805}, 0x44049)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) (async)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000d50000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000340)="f081550100a000000f01a6b9fc0300000f66664500a2be252f8a094d36420f705626002e660f3a176a4b00b9800100c035f70000000f22c067420f01c3460f79c20cb8b8010000000f01d945c194710a00000005c6828b44bcae0090", 0x5c}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000d50000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000340)="f081550100a000000f01a6b9fc0300000f66664500a2be252f8a094d36420f705626002e660f3a176a4b00b9800100c035f70000000f22c067420f01c3460f79c20cb8b8010000000f01d945c194710a00000005c6828b44bcae0090", 0x5c}], 0x1, 0x0, 0x0, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) (async)
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)) (async)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x5501, 0x0)
set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r8 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$inet(r8, &(0x7f00000012c0), 0x0, 0x20040004)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2.650511532s ago: executing program 1 (id=5619):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000140))
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000600)={0x1, 0x0, [{0x400000b0, 0x0, 0x7}]})
ioctl$KVM_RUN(r2, 0xae80, 0x10800)

2.500309954s ago: executing program 1 (id=5622):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
pipe2$9p(0x0, 0x880)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(0xffffffffffffffff, 0x84, 0x7ff, &(0x7f0000000440)="0000000000000000fad5e7fe5f8fb2cbfbb160a23615a6121b76f4323bc4d598c9416e5700e149c718576c5f699d9de96a416a70cff9ad45424c35b4afcc8f4a4c29799cf542861c525c2333de9f8149e1147921dbaffa49c70f8113b3b52d9b19393af71eda2800aca058879feb61656d7f438ffcb22a3506f7ae7e38a09a7fd523448349", 0x85)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x5}, 0x8)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000003c0)="8c", 0x1}, {&(0x7f0000000400)="6dc96060356ae9e9ba271196f805236068f1bd191afd3ef84cbb384035b3154980c5472c9dbe9ed5", 0x28}], 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

2.320343182s ago: executing program 4 (id=5623):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000340), 0x4, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000007)
ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f00000000c0)=[0x2a, 0xf0])

1.269928578s ago: executing program 1 (id=5625):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594011d24fc60", 0x14}], 0x1}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000440)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x37}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x1}}}}}}, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
bind$netlink(r5, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r5, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r6, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB="3faf4dcad8e59ea7af47cdeefa4993fd7669022721986e292266fa51b6b7884d3b1cbcc20d657616f112d5b6a1afe068a180f248c284266d7d05d75203d620bd5e230fdf59c426bec941eb3979c3194c8db3b811f4ac12e03fca5344f4557dbd2c4309340d"], 0x44}}, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='ufs\x00', 0x2a08840, 0x0)

379.260697ms ago: executing program 1 (id=5628):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@getsadinfo={0x14, 0x23, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}}, 0x0) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) (async)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$packet(0x11, 0x2, 0x300)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)
syz_emit_ethernet(0x76, &(0x7f00000004c0)={@broadcast, @random='\x00\x00B\f\x00', @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "fec000", 0x40, 0x3a, 0x0, @private0, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "18b088", 0x0, 0x0, 0x0, @empty, @mcast2, [@hopopts={0x11}], "fafb17c133d11e59"}}}}}}}, 0x0) (async)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000040)=0x2) (async)
ioctl$TIOCCONS(r2, 0x541d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYRES32], &(0x7f0000000300)='GPL\x00', 0x4, 0x1002, &(0x7f00000014c0)=""/4098, 0x0, 0x1}, 0x94)

269.889091ms ago: executing program 2 (id=5629):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0xbc, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x8c, 0x2, {{0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, [@TCA_MQPRIO_MODE={0x6}, @TCA_MQPRIO_SHAPER={0x6}, @TCA_MQPRIO_MODE={0x6}, @TCA_MQPRIO_MIN_RATE64={0x1c, 0x3, 0x0, 0x1, [{0xc}, {0xc, 0x3, 0x2}]}]}}}]}, 0xbc}}, 0x20000000)
r4 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc4, 0xffd, 0x1, 0x0, 0x8001, 0x0, 0x2, 0x0, 0x6a, 0x8d], 0xeeee8000, 0x2011c0})
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
write$qrtrtun(r6, &(0x7f0000000340)="66bb0b760dc0f4ff", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x9}}, 0x40)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2})
r9 = socket(0x400000000010, 0x3, 0x0)
r10 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x40, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x3c, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xfffffffe}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}, {0x24, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xf1a}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7ff}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x5}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2bd}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

269.747005ms ago: executing program 1 (id=5630):
syz_usbip_server_init(0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000008000000001"], 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000200)=@bpf_ext={0x1c, 0x13, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@alu={0x70f87770f6a8d02f, 0x1, 0x0, 0x5, 0x8, 0x4, 0xffffffffffffffed}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0xc74, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x8, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x3, 0xe, 0x6, 0x8}, 0x10, 0x28b20, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[r0], 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x8, &(0x7f0000000c40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2, r0}, 0xc) (async)
bpf$ENABLE_STATS(0x20, &(0x7f0000000000), 0x4) (async)
close(0x4) (async)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)

180.481874ms ago: executing program 0 (id=5632):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000070000008500", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000740)={@local, @random="a6e286036e89", @val={@val={0x88a8, 0x0, 0x0, 0x1}, {0x8100, 0x1, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0xb00, 0x4e22, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x9a5f}}}}}}, 0x0)

180.108593ms ago: executing program 0 (id=5633):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e67", 0x26f}], 0x1}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b", 0x6}], 0x1}, 0x0)

130.592415ms ago: executing program 0 (id=5634):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x200, 0x60b924, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3}, {0x0, 0xffe0}, {0xa, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x2400c0e0}, 0x22004091)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x28, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640), 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)='T', &(0x7f0000000240), 0x4af}, 0x38)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf5", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x28543634fae43ad, 0xfffffff8, 0x25dfdbfb, {0x4, 0x0, 0x7d00}}, 0x14}, 0x1, 0x0, 0x0, 0x8886}, 0x20004880)
sendmmsg$inet(r0, &(0x7f0000006340)=[{{&(0x7f0000000080)={0x2, 0x4e1e, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)}, {0x0}], 0x2}}], 0x2, 0xc044)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockname(r0, &(0x7f0000000380)=@phonet, &(0x7f00000000c0)=0x80)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000100)={'team0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000005000000fd0900008100000000000000", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000500"/28], 0x50)
write$binfmt_misc(r0, 0x0, 0x0)

59.363632ms ago: executing program 0 (id=5635):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xb9, 0x10001, 0x9, 0x9}, 0x50)
close(r0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={r0, &(0x7f0000000040)}, 0x20)

59.144854ms ago: executing program 0 (id=5636):
setreuid(0xee00, 0xee00)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x9, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x9, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "18186371ae9b1c03"}}}}}, 0x0)
mount(&(0x7f0000000880)=@sg0, &(0x7f00000008c0)='.\x00', 0x0, 0x111401, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
faccessat2(0xffffffffffffff9c, 0x0, 0x6, 0x1000)
ioctl$BLKFRAGET(0xffffffffffffffff, 0x1265, &(0x7f0000000040))

59.062397ms ago: executing program 0 (id=5637):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000e40), 0x0, 0x2)
ioctl$HIDIOCSREPORT(r1, 0x81044812, 0x0)

0s ago: executing program 2 (id=5638):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xffffffffffffffff, 0x0, 0x0, {0x40, 0x8, 0xe, 0xfffc, 0x0, 0x1, 0x0, 0x0, 0x121, 0x2000, 0x0, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f00000004c0)={0x7, 0x20000, 0x14}}) (fail_nth: 8)

kernel console output (not intermixed with test programs):

4]  ? __pfx_vcpu_run+0x10/0x10
[  548.377639][T21044]  ? rcu_is_watching+0x12/0xc0
[  548.377664][T21044]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  548.377685][T21044]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  548.377713][T21044]  kvm_vcpu_ioctl+0x730/0x1730
[  548.377741][T21044]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  548.377768][T21044]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  548.377794][T21044]  ? do_vfs_ioctl+0x226/0x13e0
[  548.377821][T21044]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  548.377847][T21044]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  548.377885][T21044]  ? __fget_files+0x215/0x3d0
[  548.377902][T21044]  ? hook_file_ioctl_common+0x146/0x410
[  548.377935][T21044]  ? selinux_file_ioctl+0x139/0x290
[  548.377955][T21044]  ? selinux_file_ioctl+0xb4/0x290
[  548.377978][T21044]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  548.378005][T21044]  __x64_sys_ioctl+0x18e/0x210
[  548.378033][T21044]  do_syscall_64+0x106/0xf80
[  548.378052][T21044]  ? clear_bhb_loop+0x40/0x90
[  548.378075][T21044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.378093][T21044] RIP: 0033:0x7f07a419c799
[  548.378108][T21044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  548.378125][T21044] RSP: 002b:00007f07a5032028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  548.378141][T21044] RAX: ffffffffffffffda RBX: 00007f07a4415fa0 RCX: 00007f07a419c799
[  548.378152][T21044] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  548.378163][T21044] RBP: 00007f07a5032090 R08: 0000000000000000 R09: 0000000000000000
[  548.378173][T21044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.378184][T21044] R13: 00007f07a4416038 R14: 00007f07a4415fa0 R15: 00007ffd33cea368
[  548.378210][T21044]  </TASK>
[  548.579450][T21042] loop_reread_partitions: partition scan of loop9 (úòƒå¡™‰ü�¾SêjºÐ	¼ëÜ%õ«`ÉæÖ€ù…ˆŠ5
) failed (rc=-5)
[  548.708847][T21052] lo speed is unknown, defaulting to 1000
[  548.818615][T21052] xfrm0 speed is unknown, defaulting to 1000
[  548.889571][T19679] Bluetooth: hci4: Frame reassembly failed (-84)
[  548.892883][T19679] Bluetooth: hci4: Frame reassembly failed (-84)
[  548.895102][T19679] Bluetooth: hci4: Frame reassembly failed (-84)
[  548.897312][T19679] Bluetooth: hci4: Frame reassembly failed (-84)
[  548.917700][T21069] syzkaller0: entered promiscuous mode
[  548.919619][T21069] syzkaller0: entered allmulticast mode
[  549.038159][T21071] netdevsim netdevsim2 netdevsim0: IPsec offload requires 128 bit authentication
[  549.125751][T21078] FAULT_INJECTION: forcing a failure.
[  549.125751][T21078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  549.130526][T21078] CPU: 1 UID: 0 PID: 21078 Comm: syz.4.5204 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  549.130545][T21078] Tainted: [L]=SOFTLOCKUP
[  549.130549][T21078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  549.130556][T21078] Call Trace:
[  549.130559][T21078]  <TASK>
[  549.130564][T21078]  dump_stack_lvl+0x100/0x190
[  549.130585][T21078]  should_fail_ex.cold+0x5/0xa
[  549.130601][T21078]  _copy_from_user+0x2e/0xd0
[  549.130618][T21078]  input_event_from_user+0x123/0x310
[  549.130632][T21078]  ? __pfx_input_event_from_user+0x10/0x10
[  549.130646][T21078]  ? __pfx___might_resched+0x10/0x10
[  549.130659][T21078]  ? input_inject_event+0x1c9/0x3b0
[  549.130675][T21078]  evdev_write+0x342/0x610
[  549.130691][T21078]  ? __pfx_evdev_write+0x10/0x10
[  549.130705][T21078]  ? bpf_lsm_file_permission+0x9/0x10
[  549.130722][T21078]  ? security_file_permission+0x76/0x210
[  549.130738][T21078]  ? rw_verify_area+0xce/0x6d0
[  549.130755][T21078]  vfs_write+0x2aa/0x1070
[  549.130772][T21078]  ? __pfx_evdev_write+0x10/0x10
[  549.130786][T21078]  ? __pfx_vfs_write+0x10/0x10
[  549.130801][T21078]  ? find_held_lock+0x2b/0x80
[  549.130815][T21078]  ? __fget_files+0x215/0x3d0
[  549.130826][T21078]  ? __fget_files+0x215/0x3d0
[  549.130839][T21078]  ? __fget_files+0x21f/0x3d0
[  549.130854][T21078]  ksys_write+0x1f8/0x250
[  549.130870][T21078]  ? __pfx_ksys_write+0x10/0x10
[  549.130891][T21078]  do_syscall_64+0x106/0xf80
[  549.130903][T21078]  ? clear_bhb_loop+0x40/0x90
[  549.130917][T21078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.130929][T21078] RIP: 0033:0x7f766db9c799
[  549.130939][T21078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  549.130949][T21078] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  549.130961][T21078] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  549.130969][T21078] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  549.130975][T21078] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  549.130982][T21078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  549.130989][T21078] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  549.131003][T21078]  </TASK>
[  549.373555][T21089] netlink: 'syz.2.5208': attribute type 12 has an invalid length.
[  549.381441][T21092] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.484282][T21092] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.493386][T21100] FAULT_INJECTION: forcing a failure.
[  549.493386][T21100] name failslab, interval 1, probability 0, space 0, times 0
[  549.497486][T21100] CPU: 3 UID: 0 PID: 21100 Comm: syz.2.5212 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  549.497504][T21100] Tainted: [L]=SOFTLOCKUP
[  549.497509][T21100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  549.497516][T21100] Call Trace:
[  549.497521][T21100]  <TASK>
[  549.497525][T21100]  dump_stack_lvl+0x100/0x190
[  549.497547][T21100]  should_fail_ex.cold+0x5/0xa
[  549.497562][T21100]  ? tomoyo_encode2+0xfb/0x3c0
[  549.497576][T21100]  should_failslab+0xc2/0x120
[  549.497588][T21100]  __kmalloc_noprof+0xe0/0x850
[  549.497604][T21100]  ? d_absolute_path+0x136/0x1b0
[  549.497623][T21100]  tomoyo_encode2+0xfb/0x3c0
[  549.497639][T21100]  tomoyo_encode+0x29/0x50
[  549.497652][T21100]  tomoyo_realpath_from_path+0x18c/0x690
[  549.497670][T21100]  tomoyo_path_number_perm+0x23c/0x580
[  549.497682][T21100]  ? tomoyo_path_number_perm+0x22e/0x580
[  549.497695][T21100]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  549.497720][T21100]  ? file_ra_state_init+0x39/0xe0
[  549.497734][T21100]  ? generic_file_open+0x89/0xb0
[  549.497751][T21100]  ? do_dentry_open+0xc27/0x1660
[  549.497767][T21100]  ? hook_file_ioctl_common+0x146/0x410
[  549.497787][T21100]  ? vfs_open+0x98/0x3f0
[  549.497802][T21100]  security_file_ioctl+0xd3/0x230
[  549.497816][T21100]  ovl_security_fileattr+0xf6/0x170
[  549.497831][T21100]  ovl_fileattr_get+0xdc/0x330
[  549.497844][T21100]  ? __pfx_ovl_fileattr_get+0x10/0x10
[  549.497861][T21100]  vfs_fileattr_get+0xfc/0x150
[  549.497874][T21100]  vfs_fileattr_set+0x15a/0xd70
[  549.497886][T21100]  ? mnt_get_write_access+0x52/0x2f0
[  549.497902][T21100]  ? __pfx_vfs_fileattr_set+0x10/0x10
[  549.497916][T21100]  ? mnt_get_write_access+0x1e9/0x2f0
[  549.497934][T21100]  ioctl_fssetxattr+0x23e/0x290
[  549.497947][T21100]  ? __pfx_ioctl_fssetxattr+0x10/0x10
[  549.497967][T21100]  do_vfs_ioctl+0xe9e/0x13e0
[  549.497984][T21100]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  549.498000][T21100]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  549.498019][T21100]  ? __fget_files+0x215/0x3d0
[  549.498029][T21100]  ? hook_file_ioctl_common+0x146/0x410
[  549.498049][T21100]  ? selinux_file_ioctl+0x139/0x290
[  549.498062][T21100]  ? selinux_file_ioctl+0xb4/0x290
[  549.498078][T21100]  __x64_sys_ioctl+0x114/0x210
[  549.498095][T21100]  do_syscall_64+0x106/0xf80
[  549.498108][T21100]  ? clear_bhb_loop+0x40/0x90
[  549.498122][T21100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.498133][T21100] RIP: 0033:0x7f3df6b9c799
[  549.498143][T21100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  549.498154][T21100] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  549.498166][T21100] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  549.498173][T21100] RDX: 0000200000002540 RSI: 00000000401c5820 RDI: 0000000000000004
[  549.498180][T21100] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  549.498187][T21100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  549.498193][T21100] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  549.498208][T21100]  </TASK>
[  549.498220][T21100] ERROR: Out of memory at tomoyo_realpath_from_path.
[  549.683010][T21092] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.758725][T21092] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.883407][T21105] fuse: Bad value for 'fd'
[  549.897777][   T46] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.906006][T19682] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.914714][   T46] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.922940][   T46] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  550.017781][T21115] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  550.183084][T21123] FAULT_INJECTION: forcing a failure.
[  550.183084][T21123] name failslab, interval 1, probability 0, space 0, times 0
[  550.188311][T21123] CPU: 1 UID: 0 PID: 21123 Comm: syz.0.5220 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  550.188330][T21123] Tainted: [L]=SOFTLOCKUP
[  550.188334][T21123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  550.188341][T21123] Call Trace:
[  550.188346][T21123]  <TASK>
[  550.188351][T21123]  dump_stack_lvl+0x100/0x190
[  550.188393][T21123]  should_fail_ex.cold+0x5/0xa
[  550.188407][T21123]  ? tomoyo_realpath_from_path+0xb6/0x690
[  550.188427][T21123]  should_failslab+0xc2/0x120
[  550.188438][T21123]  __kmalloc_noprof+0xe0/0x850
[  550.188458][T21123]  tomoyo_realpath_from_path+0xb6/0x690
[  550.188476][T21123]  tomoyo_path_perm+0x276/0x460
[  550.188487][T21123]  ? tomoyo_path_perm+0x262/0x460
[  550.188500][T21123]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  550.188526][T21123]  ? bpf_ksym_find+0x128/0x1c0
[  550.188538][T21123]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  550.188554][T21123]  ? is_bpf_text_address+0x94/0x1a0
[  550.188571][T21123]  security_inode_getattr+0x116/0x280
[  550.188585][T21123]  vfs_getattr+0x25/0x60
[  550.188598][T21123]  ovl_copy_up_one+0x18d/0x3cc0
[  550.188615][T21123]  ? tomoyo_path_number_perm+0x46d/0x580
[  550.188627][T21123]  ? stack_trace_save+0x8e/0xc0
[  550.188642][T21123]  ? stack_depot_save_flags+0x27/0x9d0
[  550.188660][T21123]  ? __pfx_ovl_copy_up_one+0x10/0x10
[  550.188674][T21123]  ? __lock_acquire+0x4a5/0x2630
[  550.188691][T21123]  ? tomoyo_path_number_perm+0x46d/0x580
[  550.188703][T21123]  ? tomoyo_path_mkdir+0x9b/0xe0
[  550.188719][T21123]  ? security_path_mkdir+0x154/0x2e0
[  550.188733][T21123]  ? filename_mkdirat+0x168/0x5e0
[  550.188745][T21123]  ? __x64_sys_mkdir+0x6b/0x90
[  550.188756][T21123]  ? do_syscall_64+0x106/0xf80
[  550.188773][T21123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.188787][T21123]  ? mls_compute_sid+0x3bf/0x10a0
[  550.188799][T21123]  ? security_compute_sid+0x19a5/0x2120
[  550.188812][T21123]  ? rcu_is_watching+0x12/0xc0
[  550.188824][T21123]  ? security_compute_sid+0x19a5/0x2120
[  550.188836][T21123]  ? kfree+0x2ec/0x6b0
[  550.188848][T21123]  ? security_compute_sid+0x1977/0x2120
[  550.188862][T21123]  ? __asan_memset+0x23/0x50
[  550.188877][T21123]  ? security_compute_sid+0x19e9/0x2120
[  550.188915][T21123]  ? dget_parent+0xf8/0x5e0
[  550.188936][T21123]  ovl_copy_up_flags+0xf4/0x240
[  550.188951][T21123]  ovl_create_object+0xc0/0x3b0
[  550.188968][T21123]  ? __pfx_ovl_create_object+0x10/0x10
[  550.188987][T21123]  ? inode_permission+0x374/0x620
[  550.189005][T21123]  ovl_mkdir+0x2a/0x40
[  550.189021][T21123]  vfs_mkdir+0x361/0x850
[  550.189038][T21123]  filename_mkdirat+0x48b/0x5e0
[  550.189052][T21123]  ? __pfx_filename_mkdirat+0x10/0x10
[  550.189065][T21123]  ? strncpy_from_user+0x19d/0x2d0
[  550.189082][T21123]  ? do_getname+0x191/0x390
[  550.189097][T21123]  __x64_sys_mkdir+0x6b/0x90
[  550.189110][T21123]  do_syscall_64+0x106/0xf80
[  550.189121][T21123]  ? clear_bhb_loop+0x40/0x90
[  550.189135][T21123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.189147][T21123] RIP: 0033:0x7f5f0a39c799
[  550.189157][T21123] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  550.189167][T21123] RSP: 002b:00007f5f0b1de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  550.189178][T21123] RAX: ffffffffffffffda RBX: 00007f5f0a615fa0 RCX: 00007f5f0a39c799
[  550.189185][T21123] RDX: 0000000000000000 RSI: 000000000000013b RDI: 0000200000000100
[  550.189192][T21123] RBP: 00007f5f0b1de090 R08: 0000000000000000 R09: 0000000000000000
[  550.189198][T21123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  550.189209][T21123] R13: 00007f5f0a616038 R14: 00007f5f0a615fa0 R15: 00007ffe2fda5058
[  550.189224][T21123]  </TASK>
[  550.189229][T21123] ERROR: Out of memory at tomoyo_realpath_from_path.
[  550.626339][T21132] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.692673][T21132] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.755007][T21132] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.857393][T21132] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.889871][T19441] Bluetooth: hci4: command 0x1003 tx timeout
[  550.889879][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  550.921010][T21135] syzkaller1: entered promiscuous mode
[  550.922911][T21135] syzkaller1: entered allmulticast mode
[  550.954423][T21137] raw_sendmsg: syz.2.5226 forgot to set AF_INET. Fix it!
[  551.529773][   T63] Bluetooth: hci6: command 0x1003 tx timeout
[  551.532281][ T5949] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  551.676782][T21158] __nla_validate_parse: 6 callbacks suppressed
[  551.676798][T21158] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5234'.
[  551.918852][T21160] netlink: 'syz.2.5235': attribute type 1 has an invalid length.
[  551.921558][T21160] netlink: 'syz.2.5235': attribute type 1 has an invalid length.
[  551.924597][T21160] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  551.971175][ T3249] IPVS: starting estimator thread 0...
[  552.069767][T21165] IPVS: using max 25 ests per chain, 60000 per kthread
[  552.093276][T21171] team0 (unregistering): Port device team_slave_0 removed
[  552.097786][T21171] team0 (unregistering): Port device team_slave_1 removed
[  552.268303][T21174] FAULT_INJECTION: forcing a failure.
[  552.268303][T21174] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  552.272557][T21174] CPU: 0 UID: 0 PID: 21174 Comm: syz.2.5240 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  552.272575][T21174] Tainted: [L]=SOFTLOCKUP
[  552.272580][T21174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  552.272587][T21174] Call Trace:
[  552.272591][T21174]  <TASK>
[  552.272596][T21174]  dump_stack_lvl+0x100/0x190
[  552.272617][T21174]  should_fail_ex.cold+0x5/0xa
[  552.272632][T21174]  _copy_to_user+0x32/0xd0
[  552.272650][T21174]  simple_read_from_buffer+0xcb/0x170
[  552.272671][T21174]  proc_fail_nth_read+0x1af/0x230
[  552.272687][T21174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  552.272703][T21174]  ? rw_verify_area+0xce/0x6d0
[  552.272718][T21174]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  552.272735][T21174]  vfs_read+0x1e4/0xb30
[  552.272762][T21174]  ? __pfx_vfs_read+0x10/0x10
[  552.272787][T21174]  ? __fget_files+0x215/0x3d0
[  552.272812][T21174]  ? __fget_files+0x21f/0x3d0
[  552.272839][T21174]  ksys_read+0x12a/0x250
[  552.272865][T21174]  ? __pfx_ksys_read+0x10/0x10
[  552.272886][T21174]  do_syscall_64+0x106/0xf80
[  552.272898][T21174]  ? clear_bhb_loop+0x40/0x90
[  552.272912][T21174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.272924][T21174] RIP: 0033:0x7f3df6b5cfce
[  552.272934][T21174] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  552.272945][T21174] RSP: 002b:00007f3df7a32fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  552.272956][T21174] RAX: ffffffffffffffda RBX: 00007f3df7a336c0 RCX: 00007f3df6b5cfce
[  552.272964][T21174] RDX: 000000000000000f RSI: 00007f3df7a330a0 RDI: 0000000000000005
[  552.272970][T21174] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  552.272977][T21174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.272984][T21174] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  552.272998][T21174]  </TASK>
[  552.441579][T21180] IPv6: NLM_F_CREATE should be specified when creating new route
[  552.543784][T21186] netlink: 'syz.4.5245': attribute type 10 has an invalid length.
[  552.569047][T21186] 8021q: adding VLAN 0 to HW filter on device bond2
[  552.579152][T21186] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  552.714036][T21197] binder: BINDER_SET_CONTEXT_MGR already set
[  552.716498][T21197] binder: 21196:21197 ioctl 4018620d 200000000040 returned -16
[  552.729935][T15765] usb 6-1: new high-speed USB device number 98 using dummy_hcd
[  552.778065][T21199] team0 (unregistering): Port device team_slave_0 removed
[  552.785958][T21199] team0 (unregistering): Port device team_slave_1 removed
[  552.910414][T15765] usb 6-1: Using ep0 maxpacket: 8
[  552.913487][T15765] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  552.916460][T15765] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  552.920057][T15765] usb 6-1: config 0 has no interface number 0
[  552.922115][T15765] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  552.925064][T15765] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.935825][T15765] usb 6-1: config 0 descriptor??
[  552.940822][T21204] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5250'.
[  552.942872][T15765] ldusb 6-1:0.55: Interrupt in endpoint not found
[  553.138157][   T40] audit: type=1400 audit(553.059:1159): avc:  denied  { execheap } for  pid=21209 comm="syz.4.5252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  553.152378][T15765] usb 6-1: USB disconnect, device number 98
[  553.181416][T21214] FAULT_INJECTION: forcing a failure.
[  553.181416][T21214] name failslab, interval 1, probability 0, space 0, times 0
[  553.186990][T21214] CPU: 1 UID: 0 PID: 21214 Comm: syz.4.5253 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  553.187015][T21214] Tainted: [L]=SOFTLOCKUP
[  553.187021][T21214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  553.187030][T21214] Call Trace:
[  553.187035][T21214]  <TASK>
[  553.187041][T21214]  dump_stack_lvl+0x100/0x190
[  553.187071][T21214]  should_fail_ex.cold+0x5/0xa
[  553.187090][T21214]  should_failslab+0xc2/0x120
[  553.187105][T21214]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  553.187126][T21214]  ? skb_clone+0x190/0x400
[  553.187146][T21214]  skb_clone+0x190/0x400
[  553.187162][T21214]  netlink_deliver_tap+0xaed/0xcc0
[  553.187184][T21214]  netlink_dump+0xa60/0xd30
[  553.187203][T21214]  ? __pfx_netlink_dump+0x10/0x10
[  553.187230][T21214]  ? __inet_diag_dump_start+0x3cb/0x8f0
[  553.187252][T21214]  __netlink_dump_start+0x6d6/0x990
[  553.187273][T21214]  inet_diag_rcv_msg_compat+0x275/0x2d0
[  553.187291][T21214]  ? __pfx_inet_diag_rcv_msg_compat+0x10/0x10
[  553.187308][T21214]  ? __pfx_inet_diag_dump_start_compat+0x10/0x10
[  553.187325][T21214]  ? __pfx_inet_diag_dump_compat+0x10/0x10
[  553.187340][T21214]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  553.187358][T21214]  ? sock_diag_rcv_msg+0x33d/0x7a0
[  553.187380][T21214]  ? sock_diag_rcv_msg+0x33d/0x7a0
[  553.187406][T21214]  sock_diag_rcv_msg+0x375/0x7a0
[  553.187430][T21214]  netlink_rcv_skb+0x159/0x420
[  553.187448][T21214]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  553.187472][T21214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  553.187497][T21214]  ? netlink_deliver_tap+0x1ae/0xcc0
[  553.187522][T21214]  netlink_unicast+0x5aa/0x870
[  553.187547][T21214]  ? __pfx_netlink_unicast+0x10/0x10
[  553.187576][T21214]  netlink_sendmsg+0x8b0/0xda0
[  553.187601][T21214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.187620][T21214]  ? __pfx___might_fault+0x10/0x10
[  553.187653][T21214]  ____sys_sendmsg+0x9e1/0xb70
[  553.187675][T21214]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.187705][T21214]  ? __pfx_____sys_sendmsg+0x10/0x10
[  553.187741][T21214]  ___sys_sendmsg+0x190/0x1e0
[  553.187783][T21214]  ? __pfx____sys_sendmsg+0x10/0x10
[  553.187834][T21214]  __sys_sendmsg+0x170/0x220
[  553.187854][T21214]  ? __pfx___sys_sendmsg+0x10/0x10
[  553.187888][T21214]  do_syscall_64+0x106/0xf80
[  553.187907][T21214]  ? clear_bhb_loop+0x40/0x90
[  553.187928][T21214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.187946][T21214] RIP: 0033:0x7f766db9c799
[  553.187961][T21214] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  553.187976][T21214] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.187992][T21214] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  553.188004][T21214] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  553.188015][T21214] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  553.188025][T21214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.188035][T21214] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  553.188060][T21214]  </TASK>
[  553.340082][T21216] netlink: 'syz.4.5254': attribute type 10 has an invalid length.
[  553.365101][T21216] 8021q: adding VLAN 0 to HW filter on device bond3
[  553.372827][T21216] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  553.373473][T21219] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  553.379696][T21220] syz.2.5255 (21220): drop_caches: 0
[  553.382955][T21219] syz.2.5255 (21219): drop_caches: 0
[  553.407347][T21224] binder: BINDER_SET_CONTEXT_MGR already set
[  553.409312][T21224] binder: 21223:21224 ioctl 4018620d 200000000040 returned -16
[  553.681054][T19682] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  553.693446][T19682] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  553.712850][T19679] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  553.721284][T19679] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  553.725783][T21244] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5265'.
[  553.732692][   T40] audit: type=1400 audit(553.659:1160): avc:  denied  { mount } for  pid=21241 comm="syz.1.5263" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  553.745310][T21242] devtmpfs: Cannot change global quota limit on remount
[  553.750365][   T40] audit: type=1400 audit(553.669:1161): avc:  denied  { remount } for  pid=21241 comm="syz.1.5263" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  553.788517][T21250] netlink: 'syz.4.5266': attribute type 10 has an invalid length.
[  553.811924][T21250] 8021q: adding VLAN 0 to HW filter on device bond4
[  553.824821][T21248] team0 (unregistering): Port device team_slave_0 removed
[  553.831730][T21248] team0 (unregistering): Port device team_slave_1 removed
[  553.832471][   T40] audit: type=1400 audit(553.759:1162): avc:  denied  { unmount } for  pid=18915 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  553.843429][T21253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5268'.
[  553.849374][T21250] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  553.972548][T21265] FAULT_INJECTION: forcing a failure.
[  553.972548][T21265] name failslab, interval 1, probability 0, space 0, times 0
[  553.976679][T21265] CPU: 2 UID: 0 PID: 21265 Comm: syz.2.5272 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  553.976697][T21265] Tainted: [L]=SOFTLOCKUP
[  553.976705][T21265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  553.976712][T21265] Call Trace:
[  553.976717][T21265]  <TASK>
[  553.976721][T21265]  dump_stack_lvl+0x100/0x190
[  553.976744][T21265]  should_fail_ex.cold+0x5/0xa
[  553.976759][T21265]  should_failslab+0xc2/0x120
[  553.976770][T21265]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  553.976789][T21265]  ? allocate_partition+0x1bc/0x2a0
[  553.976806][T21265]  kstrdup+0x51/0xe0
[  553.976824][T21265]  allocate_partition+0x1bc/0x2a0
[  553.976838][T21265]  ? cred_has_capability.isra.0+0x186/0x300
[  553.976856][T21265]  mtd_add_partition+0x1bc/0x660
[  553.976871][T21265]  ? __pfx_mtd_add_partition+0x10/0x10
[  553.976884][T21265]  ? __might_fault+0xc5/0x140
[  553.976898][T21265]  ? __might_fault+0xc5/0x140
[  553.976918][T21265]  mtdchar_blkpg_ioctl+0x207/0x250
[  553.976932][T21265]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  553.976958][T21265]  mtdchar_ioctl+0x1670/0x1fd0
[  553.976976][T21265]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  553.976991][T21265]  ? lock_acquire+0x1cf/0x380
[  553.977012][T21265]  ? trace_contention_end+0x140/0x180
[  553.977026][T21265]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  553.977041][T21265]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  553.977059][T21265]  ? __pfx___mutex_lock+0x10/0x10
[  553.977082][T21265]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  553.977096][T21265]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  553.977112][T21265]  __x64_sys_ioctl+0x18e/0x210
[  553.977129][T21265]  do_syscall_64+0x106/0xf80
[  553.977142][T21265]  ? clear_bhb_loop+0x40/0x90
[  553.977155][T21265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.977167][T21265] RIP: 0033:0x7f3df6b9c799
[  553.977177][T21265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  553.977188][T21265] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  553.977199][T21265] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  553.977208][T21265] RDX: 00002000000001c0 RSI: 0000000000001269 RDI: 0000000000000004
[  553.977215][T21265] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  553.977222][T21265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.977228][T21265] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  553.977242][T21265]  </TASK>
[  553.977247][T21265] memory allocation error while creating partitions for "mtdram test device"
[  554.020815][T21268] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5273'.
[  554.160012][ T8268] usb 6-1: new high-speed USB device number 99 using dummy_hcd
[  554.320009][ T8268] usb 6-1: Using ep0 maxpacket: 8
[  554.324753][ T8268] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  554.326696][T21274] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.327968][ T8268] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  554.338230][ T8268] usb 6-1: config 0 has no interface number 0
[  554.340914][ T8268] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  554.345111][ T8268] usb 6-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  554.350983][ T8268] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  554.354242][ T8268] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.363951][ T8268] usb 6-1: config 0 descriptor??
[  554.369198][ T8268] ldusb 6-1:0.55: Interrupt in endpoint not found
[  554.404599][T21274] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.534080][T21274] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.564379][T21282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5278'.
[  554.573653][   T24] usb 6-1: USB disconnect, device number 99
[  554.613470][T21285] FAULT_INJECTION: forcing a failure.
[  554.613470][T21285] name failslab, interval 1, probability 0, space 0, times 0
[  554.617641][T21285] CPU: 0 UID: 0 PID: 21285 Comm: syz.4.5279 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  554.617660][T21285] Tainted: [L]=SOFTLOCKUP
[  554.617664][T21285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  554.617671][T21285] Call Trace:
[  554.617676][T21285]  <TASK>
[  554.617681][T21285]  dump_stack_lvl+0x100/0x190
[  554.617702][T21285]  should_fail_ex.cold+0x5/0xa
[  554.617716][T21285]  should_failslab+0xc2/0x120
[  554.617728][T21285]  __kmalloc_cache_noprof+0x7a/0x6f0
[  554.617742][T21285]  ? flow_change+0x3ab/0x19d0
[  554.617755][T21285]  ? __nla_parse+0x40/0x60
[  554.617769][T21285]  flow_change+0x3ab/0x19d0
[  554.617785][T21285]  ? __pfx_flow_change+0x10/0x10
[  554.617798][T21285]  ? __mutex_unlock_slowpath+0x15c/0x790
[  554.617824][T21285]  ? __pfx_flow_change+0x10/0x10
[  554.617837][T21285]  tc_new_tfilter+0x9df/0x24a0
[  554.617858][T21285]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  554.617877][T21285]  ? __pfx_tc_new_tfilter+0x10/0x10
[  554.617896][T21285]  ? __lock_acquire+0x4a5/0x2630
[  554.617921][T21285]  ? find_held_lock+0x2b/0x80
[  554.617935][T21285]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  554.617949][T21285]  ? __pfx_tc_new_tfilter+0x10/0x10
[  554.617963][T21285]  rtnetlink_rcv_msg+0x95e/0xe90
[  554.617977][T21285]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  554.617993][T21285]  ? ref_tracker_free+0x37e/0x6c0
[  554.618012][T21285]  netlink_rcv_skb+0x159/0x420
[  554.618026][T21285]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  554.618039][T21285]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  554.618057][T21285]  ? netlink_deliver_tap+0x1ae/0xcc0
[  554.618073][T21285]  netlink_unicast+0x5aa/0x870
[  554.618089][T21285]  ? __pfx_netlink_unicast+0x10/0x10
[  554.618107][T21285]  netlink_sendmsg+0x8b0/0xda0
[  554.618123][T21285]  ? __pfx_netlink_sendmsg+0x10/0x10
[  554.618136][T21285]  ? __pfx___might_fault+0x10/0x10
[  554.618157][T21285]  ____sys_sendmsg+0x9e1/0xb70
[  554.618171][T21285]  ? __pfx_netlink_sendmsg+0x10/0x10
[  554.618187][T21285]  ? __pfx_____sys_sendmsg+0x10/0x10
[  554.618210][T21285]  ___sys_sendmsg+0x190/0x1e0
[  554.618227][T21285]  ? __pfx____sys_sendmsg+0x10/0x10
[  554.618259][T21285]  __sys_sendmsg+0x170/0x220
[  554.618299][T21285]  ? __pfx___sys_sendmsg+0x10/0x10
[  554.618320][T21285]  do_syscall_64+0x106/0xf80
[  554.618332][T21285]  ? clear_bhb_loop+0x40/0x90
[  554.618346][T21285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.618358][T21285] RIP: 0033:0x7f766db9c799
[  554.618368][T21285] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  554.618380][T21285] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  554.618391][T21285] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  554.618399][T21285] RDX: 0000000020000800 RSI: 0000200000000900 RDI: 0000000000000004
[  554.618405][T21285] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  554.618412][T21285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.618418][T21285] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  554.618433][T21285]  </TASK>
[  554.744217][T21274] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.853206][T19679] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  554.863907][T19679] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  554.875648][T19679] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  554.896132][T19679] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  555.131065][T21289] netlink: 'syz.1.5281': attribute type 10 has an invalid length.
[  555.150051][T21289] 8021q: adding VLAN 0 to HW filter on device bond2
[  555.158093][T21289] bond1: (slave macvlan4): Error -98 calling set_mac_address
[  555.159970][  T840] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  555.256395][T21293] binder: 21292:21293 ioctl c0306201 2000000003c0 returned -14
[  555.310370][  T840] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  555.313764][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.316536][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.320079][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.323101][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.325964][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.329590][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.333059][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.336342][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.340073][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.343080][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.345854][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.349471][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.355036][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.358048][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.361901][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.364902][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.367691][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.372194][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.376309][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.380709][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.385353][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.389391][  T840] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[  555.392965][  T840] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  555.397585][  T840] usb 9-1: config 0 interface 0 has no altsetting 0
[  555.402664][  T840] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  555.406192][  T840] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  555.409261][  T840] usb 9-1: Product: syz
[  555.410895][  T840] usb 9-1: Manufacturer: syz
[  555.412394][  T840] usb 9-1: SerialNumber: syz
[  555.440596][  T840] usb 9-1: config 0 descriptor??
[  555.446651][  T840] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[  555.517528][T21298] netlink: 'syz.2.5284': attribute type 16 has an invalid length.
[  555.522784][T21298] netlink: 'syz.2.5284': attribute type 2 has an invalid length.
[  555.526143][T21298] netlink: 64102 bytes leftover after parsing attributes in process `syz.2.5284'.
[  555.623945][T21308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5287'.
[  555.834796][T21313] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  556.046732][T21320] netlink: 'syz.1.5290': attribute type 10 has an invalid length.
[  556.066221][T21320] 8021q: adding VLAN 0 to HW filter on device bond3
[  556.078892][T21320] bond1: (slave macvlan4): Error -98 calling set_mac_address
[  556.164474][T21323] binder: 21322:21323 ioctl c0306201 2000000003c0 returned -14
[  556.209752][  T840] usb 7-1: new high-speed USB device number 104 using dummy_hcd
[  556.359927][  T840] usb 7-1: Using ep0 maxpacket: 8
[  556.363146][  T840] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  556.365929][  T840] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  556.374045][  T840] usb 7-1: config 0 has no interface number 0
[  556.376152][  T840] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  556.379626][  T840] usb 7-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  556.391471][  T840] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  556.394461][  T840] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.404979][  T840] usb 7-1: config 0 descriptor??
[  556.408666][  T840] ldusb 7-1:0.55: Interrupt in endpoint not found
[  556.663507][ T5686] usb 7-1: USB disconnect, device number 104
[  557.291828][T21336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5296'.
[  557.623078][T21347] netlink: 'syz.1.5299': attribute type 10 has an invalid length.
[  557.631859][T21347] bond1: (slave macvlan4): Error -98 calling set_mac_address
[  557.689929][    C1] usb 9-1: yurex_control_callback - control failed: -2
[  557.693458][   T24] usb 9-1: USB disconnect, device number 8
[  557.696721][   T24] yurex 9-1:0.0: USB YUREX #0 now disconnected
[  557.863216][   T40] audit: type=1400 audit(557.789:1163): avc:  denied  { ioctl } for  pid=21356 comm="syz.0.5304" path="socket:[148011]" dev="sockfs" ino=148011 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  558.264290][T21366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5305'.
[  558.437003][T21377] netlink: 'syz.2.5308': attribute type 10 has an invalid length.
[  558.439870][T21372] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5306'.
[  558.443182][T21377] syz_tun: entered promiscuous mode
[  558.445247][T21377] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  558.471127][T21377] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  558.619479][T21384] syzkaller0: entered promiscuous mode
[  558.625246][T21384] syzkaller0: entered allmulticast mode
[  558.660946][T21388] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5312'.
[  558.666020][T21388] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21388 comm=syz.1.5312
[  558.778562][T21396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5316'.
[  558.813677][T21401] netlink: 'syz.1.5317': attribute type 10 has an invalid length.
[  558.861489][T21401] bond1: (slave macvlan4): Error -98 calling set_mac_address
[  558.881431][T21406] binder: 21405:21406 ioctl c0306201 2000000003c0 returned -14
[  558.939784][T12931] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  558.948445][T21412] FAULT_INJECTION: forcing a failure.
[  558.948445][T21412] name failslab, interval 1, probability 0, space 0, times 0
[  558.952598][T21412] CPU: 1 UID: 0 PID: 21412 Comm: syz.0.5322 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  558.952615][T21412] Tainted: [L]=SOFTLOCKUP
[  558.952620][T21412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  558.952626][T21412] Call Trace:
[  558.952630][T21412]  <TASK>
[  558.952635][T21412]  dump_stack_lvl+0x100/0x190
[  558.952663][T21412]  should_fail_ex.cold+0x5/0xa
[  558.952678][T21412]  should_failslab+0xc2/0x120
[  558.952690][T21412]  __kmalloc_cache_node_noprof+0x7d/0x770
[  558.952708][T21412]  ? __alloc_workqueue+0xf78/0x1880
[  558.952723][T21412]  ? lockdep_init_map_type+0x5c/0x250
[  558.952737][T21412]  __alloc_workqueue+0xf78/0x1880
[  558.952757][T21412]  alloc_workqueue_noprof+0xd2/0x200
[  558.952774][T21412]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  558.952802][T21412]  hci_register_dev+0x1cd/0xc90
[  558.952826][T21412]  hci_uart_tty_ioctl+0x8fd/0xc80
[  558.952846][T21412]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  558.952862][T21412]  tty_ioctl+0x1204/0x1690
[  558.952879][T21412]  ? __pfx_tty_ioctl+0x10/0x10
[  558.952891][T21412]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  558.952910][T21412]  ? __fget_files+0x215/0x3d0
[  558.952921][T21412]  ? hook_file_ioctl_common+0x146/0x410
[  558.952940][T21412]  ? selinux_file_ioctl+0x139/0x290
[  558.952953][T21412]  ? selinux_file_ioctl+0xb4/0x290
[  558.952967][T21412]  ? __pfx_tty_ioctl+0x10/0x10
[  558.952979][T21412]  __x64_sys_ioctl+0x18e/0x210
[  558.952996][T21412]  do_syscall_64+0x106/0xf80
[  558.953008][T21412]  ? clear_bhb_loop+0x40/0x90
[  558.953022][T21412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.953034][T21412] RIP: 0033:0x7f5f0a39c799
[  558.953043][T21412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  558.953054][T21412] RSP: 002b:00007f5f0b1de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  558.953066][T21412] RAX: ffffffffffffffda RBX: 00007f5f0a615fa0 RCX: 00007f5f0a39c799
[  558.953073][T21412] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003
[  558.953080][T21412] RBP: 00007f5f0b1de090 R08: 0000000000000000 R09: 0000000000000000
[  558.953086][T21412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  558.953093][T21412] R13: 00007f5f0a616038 R14: 00007f5f0a615fa0 R15: 00007ffe2fda5058
[  558.953107][T21412]  </TASK>
[  558.953127][T21412] Bluetooth: Can't register HCI device
[  559.091105][T12931] usb 9-1: Using ep0 maxpacket: 8
[  559.094324][T12931] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  559.096958][T12931] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.101118][T12931] usb 9-1: config 0 has no interface number 0
[  559.103250][T12931] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  559.106791][T12931] usb 9-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  559.111021][T12931] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  559.114066][T12931] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.118030][T12931] usb 9-1: config 0 descriptor??
[  559.125994][T12931] ldusb 9-1:0.55: Interrupt in endpoint not found
[  559.149750][T15765] usb 7-1: new high-speed USB device number 105 using dummy_hcd
[  559.300257][T15765] usb 7-1: Using ep0 maxpacket: 32
[  559.305111][T15765] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  559.307900][T15765] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  559.310315][T21278] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[  559.310859][T15765] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  559.316381][T15765] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  559.319551][T15765] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  559.322844][T15765] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  559.327101][T15765] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  559.330392][T15765] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.333459][ T5686] usb 9-1: USB disconnect, device number 9
[  559.340001][T15765] usb 7-1: config 0 descriptor??
[  559.462804][T21278] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  559.465744][T21278] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.468400][T21278] usb 5-1: Product: syz
[  559.469870][T21278] usb 5-1: Manufacturer: syz
[  559.471414][T21278] usb 5-1: SerialNumber: syz
[  559.475904][T21278] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  559.498911][T21278] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  559.548037][T21403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  559.551358][T21403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  559.557208][T15765] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 105 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  559.562870][T15765] usb 7-1: USB disconnect, device number 105
[  559.566776][T15765] usblp0: removed
[  559.991335][T21421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5326'.
[  559.999835][ T5686] usb 7-1: new high-speed USB device number 106 using dummy_hcd
[  560.025552][T21428] binder: 21427:21428 ioctl c0306201 2000000003c0 returned -14
[  560.149803][   T24] usb 5-1: USB disconnect, device number 98
[  560.158351][T21435] netlink: 'syz.4.5330': attribute type 10 has an invalid length.
[  560.165024][T21435] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  560.169978][ T5686] usb 7-1: Using ep0 maxpacket: 32
[  560.173257][ T5686] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  560.176015][ T5686] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  560.178877][ T5686] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  560.182153][ T5686] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  560.185193][ T5686] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  560.188370][ T5686] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  560.192802][ T5686] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  560.195720][ T5686] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.200621][ T5686] usb 7-1: config 0 descriptor??
[  560.412253][ T5686] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 106 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  560.569922][T21278] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  560.573222][T21278] ath9k_htc: Failed to initialize the device
[  560.578451][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[  560.629734][T15765] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  560.689400][T21466] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5333'.
[  560.779751][T15765] usb 9-1: Using ep0 maxpacket: 8
[  560.785174][T15765] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  560.787977][T15765] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  560.791506][T15765] usb 9-1: config 0 has no interface number 0
[  560.793522][T15765] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  560.797061][T15765] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  560.800259][T15765] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.804212][T15765] usb 9-1: config 0 descriptor??
[  560.814170][T15765] ldusb 9-1:0.55: Interrupt in endpoint not found
[  560.869047][   T59] usb 7-1: USB disconnect, device number 106
[  560.873104][   T59] usblp0: removed
[  560.878379][T21470] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.916934][T21480] binder: 21478:21480 ioctl c0306201 2000000003c0 returned -14
[  560.955406][T21470] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.993652][T21483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5338'.
[  561.004231][T21470] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.011804][ T5686] usb 9-1: USB disconnect, device number 10
[  561.077720][T21470] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.175173][  T160] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  561.186668][  T160] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  561.197702][  T160] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  561.205363][  T160] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  561.279761][ T6061] usb 6-1: new high-speed USB device number 100 using dummy_hcd
[  561.440183][ T6061] usb 6-1: Using ep0 maxpacket: 8
[  561.443807][ T6061] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.447453][ T6061] usb 6-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.451471][ T6061] usb 6-1: config 0 interface 0 has no altsetting 0
[  561.453786][ T6061] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  561.456971][ T6061] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.464139][ T6061] usb 6-1: config 0 descriptor??
[  561.629783][ T5686] usb 7-1: new high-speed USB device number 107 using dummy_hcd
[  561.759736][ T5686] usb 7-1: device descriptor read/64, error -71
[  561.818155][T21529] FAULT_INJECTION: forcing a failure.
[  561.818155][T21529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  561.822618][T21529] CPU: 0 UID: 0 PID: 21529 Comm: syz.4.5345 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  561.822636][T21529] Tainted: [L]=SOFTLOCKUP
[  561.822641][T21529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  561.822648][T21529] Call Trace:
[  561.822652][T21529]  <TASK>
[  561.822656][T21529]  dump_stack_lvl+0x100/0x190
[  561.822678][T21529]  should_fail_ex.cold+0x5/0xa
[  561.822693][T21529]  _copy_to_user+0x32/0xd0
[  561.822711][T21529]  simple_read_from_buffer+0xcb/0x170
[  561.822731][T21529]  proc_fail_nth_read+0x1af/0x230
[  561.822747][T21529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  561.822763][T21529]  ? rw_verify_area+0xce/0x6d0
[  561.822783][T21529]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  561.822798][T21529]  vfs_read+0x1e4/0xb30
[  561.822816][T21529]  ? __pfx_vfs_read+0x10/0x10
[  561.822832][T21529]  ? __fget_files+0x215/0x3d0
[  561.822847][T21529]  ? __fget_files+0x21f/0x3d0
[  561.822862][T21529]  ksys_read+0x12a/0x250
[  561.822878][T21529]  ? __pfx_ksys_read+0x10/0x10
[  561.822898][T21529]  do_syscall_64+0x106/0xf80
[  561.822910][T21529]  ? clear_bhb_loop+0x40/0x90
[  561.822925][T21529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.822936][T21529] RIP: 0033:0x7f766db5cfce
[  561.822946][T21529] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  561.822956][T21529] RSP: 002b:00007f766e96efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  561.822968][T21529] RAX: ffffffffffffffda RBX: 00007f766e96f6c0 RCX: 00007f766db5cfce
[  561.822975][T21529] RDX: 000000000000000f RSI: 00007f766e96f0a0 RDI: 0000000000000005
[  561.822981][T21529] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  561.822988][T21529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  561.822995][T21529] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  561.823009][T21529]  </TASK>
[  562.001792][ T5686] usb 7-1: new high-speed USB device number 108 using dummy_hcd
[  562.019879][T15765] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[  562.077575][ T6061] mcp2221 0003:04D8:00DD.0023: item fetching failed at offset 3/5
[  562.080218][T21534] binder: 21533:21534 ioctl c0306201 2000000003c0 returned -14
[  562.083438][ T6061] mcp2221 0003:04D8:00DD.0023: can't parse reports
[  562.086011][ T6061] mcp2221 0003:04D8:00DD.0023: probe with driver mcp2221 failed with error -22
[  562.129985][ T5686] usb 7-1: device descriptor read/64, error -71
[  562.161284][T21536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5348'.
[  562.179756][T15765] usb 5-1: Using ep0 maxpacket: 8
[  562.183544][T15765] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.187403][T15765] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.191030][T15765] usb 5-1: config 0 interface 0 has no altsetting 0
[  562.193358][T15765] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  562.196688][T15765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.200951][T15765] usb 5-1: config 0 descriptor??
[  562.239902][ T5686] usb usb7-port1: attempt power cycle
[  562.295036][T21493] netlink: 'syz.1.5340': attribute type 3 has an invalid length.
[  562.297475][T21493] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5340'.
[  562.311901][ T5941] usb 6-1: USB disconnect, device number 100
[  562.449911][ T6061] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  562.579828][ T5686] usb 7-1: new high-speed USB device number 109 using dummy_hcd
[  562.599797][ T6061] usb 9-1: Using ep0 maxpacket: 8
[  562.602274][ T5686] usb 7-1: device descriptor read/8, error -71
[  562.605285][ T6061] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  562.608124][ T6061] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  562.611547][ T6061] usb 9-1: config 0 has no interface number 0
[  562.613558][ T6061] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  562.617198][ T6061] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  562.620042][T15765] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0
[  562.620185][ T6061] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.622418][T15765] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0
[  562.622434][T15765] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0
[  562.622446][T15765] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0
[  562.626625][ T6061] usb 9-1: config 0 descriptor??
[  562.632414][T15765] mcp2221 0003:04D8:00DD.0024: unknown main item tag 0x0
[  562.635022][ T6061] ldusb 9-1:0.55: Interrupt in endpoint not found
[  562.635950][T15765] mcp2221 0003:04D8:00DD.0024: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  562.816029][T21525] FAULT_INJECTION: forcing a failure.
[  562.816029][T21525] name failslab, interval 1, probability 0, space 0, times 0
[  562.821864][T21525] CPU: 0 UID: 0 PID: 21525 Comm: syz.0.5343 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  562.821892][T21525] Tainted: [L]=SOFTLOCKUP
[  562.821898][T21525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  562.821909][T21525] Call Trace:
[  562.821915][T21525]  <TASK>
[  562.821922][T21525]  dump_stack_lvl+0x100/0x190
[  562.821954][T21525]  should_fail_ex.cold+0x5/0xa
[  562.821977][T21525]  should_failslab+0xc2/0x120
[  562.821994][T21525]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  562.822019][T21525]  ? mcp_send_data_req_status+0x56/0x170
[  562.822045][T21525]  kmemdup_noprof+0x29/0x60
[  562.822070][T21525]  mcp_send_data_req_status+0x56/0x170
[  562.822090][T21525]  mcp_i2c_write+0x252/0x390
[  562.822119][T21525]  ? __pfx_usbhid_power+0x10/0x10
[  562.822136][T21525]  mcp_i2c_xfer+0x398/0x470
[  562.822158][T21525]  __i2c_transfer+0x5d9/0x17f0
[  562.822182][T21525]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  562.822201][T21525]  ? __pfx___i2c_transfer+0x10/0x10
[  562.822243][T21525]  ? rt_mutex_slowtrylock+0x93/0x100
[  562.822269][T21525]  i2c_transfer+0x15f/0x380
[  562.822292][T21525]  i2c_transfer_buffer_flags+0x10c/0x190
[  562.822314][T21525]  ? __pfx_i2c_transfer_buffer_flags+0x10/0x10
[  562.822339][T21525]  ? _copy_from_user+0x59/0xd0
[  562.822365][T21525]  i2cdev_write+0x11e/0x240
[  562.822386][T21525]  ? __pfx_i2cdev_write+0x10/0x10
[  562.822405][T21525]  vfs_writev+0x5ea/0xe10
[  562.822433][T21525]  ? __pfx_vfs_writev+0x10/0x10
[  562.822456][T21525]  ? find_held_lock+0x2b/0x80
[  562.822492][T21525]  ? __fget_files+0x21f/0x3d0
[  562.822516][T21525]  ? do_pwritev+0x1ac/0x270
[  562.822537][T21525]  do_pwritev+0x1ac/0x270
[  562.822561][T21525]  ? __pfx_do_pwritev+0x10/0x10
[  562.822584][T21525]  ? ksys_write+0x1ac/0x250
[  562.822607][T21525]  ? __pfx_ksys_write+0x10/0x10
[  562.822635][T21525]  __x64_sys_pwritev2+0xef/0x160
[  562.822654][T21525]  do_syscall_64+0x106/0xf80
[  562.822671][T21525]  ? clear_bhb_loop+0x40/0x90
[  562.822691][T21525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.822713][T21525] RIP: 0033:0x7f5f0a39c799
[  562.822729][T21525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  562.822744][T21525] RSP: 002b:00007f5f0b1de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  562.822761][T21525] RAX: ffffffffffffffda RBX: 00007f5f0a615fa0 RCX: 00007f5f0a39c799
[  562.822772][T21525] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000004
[  562.822781][T21525] RBP: 00007f5f0b1de090 R08: 0000000000000003 R09: 0000000000000001
[  562.822791][T21525] R10: 0000000000000e01 R11: 0000000000000246 R12: 0000000000000001
[  562.822801][T21525] R13: 00007f5f0a616038 R14: 00007f5f0a615fa0 R15: 00007ffe2fda5058
[  562.822824][T21525]  </TASK>
[  562.825552][T15765] usb 5-1: USB disconnect, device number 99
[  562.849967][ T5686] usb 7-1: new high-speed USB device number 110 using dummy_hcd
[  562.861541][T21278] usb 9-1: USB disconnect, device number 11
[  562.862459][   T40] audit: type=1800 audit(562.789:1164): pid=21544 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.5351" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  562.903166][ T5686] usb 7-1: device descriptor read/8, error -71
[  562.950892][T21546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5352'.
[  562.993165][T21548] syzkaller0: entered promiscuous mode
[  562.995001][T21548] syzkaller0: entered allmulticast mode
[  563.070125][ T5686] usb usb7-port1: unable to enumerate USB device
[  563.228066][T21554] FAULT_INJECTION: forcing a failure.
[  563.228066][T21554] name failslab, interval 1, probability 0, space 0, times 0
[  563.233803][T21554] CPU: 0 UID: 0 PID: 21554 Comm: syz.1.5355 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  563.233822][T21554] Tainted: [L]=SOFTLOCKUP
[  563.233826][T21554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  563.233833][T21554] Call Trace:
[  563.233837][T21554]  <TASK>
[  563.233841][T21554]  dump_stack_lvl+0x100/0x190
[  563.233864][T21554]  should_fail_ex.cold+0x5/0xa
[  563.233879][T21554]  should_failslab+0xc2/0x120
[  563.233890][T21554]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  563.233906][T21554]  ? alloc_inode+0x68/0x250
[  563.233922][T21554]  ? simple_start_creating+0xb0/0x110
[  563.233933][T21554]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  563.233946][T21554]  alloc_inode+0x68/0x250
[  563.233961][T21554]  new_inode+0x22/0x1c0
[  563.233978][T21554]  __debugfs_create_file+0x105/0x4f0
[  563.233991][T21554]  debugfs_create_file_full+0x41/0x60
[  563.234005][T21554]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  563.234023][T21554]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  563.234051][T21554]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  563.234067][T21554]  ? alloc_netdev_mqs+0xd7/0x14f0
[  563.234081][T21554]  ? lockdep_init_map_type+0x5c/0x250
[  563.234094][T21554]  ? __pfx_br_dev_setup+0x10/0x10
[  563.234108][T21554]  alloc_netdev_mqs+0x314/0x14f0
[  563.234123][T21554]  rtnl_create_link+0xc13/0xf80
[  563.234137][T21554]  rtnl_newlink+0x13b8/0x2380
[  563.234154][T21554]  ? __pfx_rtnl_newlink+0x10/0x10
[  563.234165][T21554]  ? find_held_lock+0x2b/0x80
[  563.234179][T21554]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  563.234195][T21554]  ? avc_has_perm_noaudit+0x11e/0x3b0
[  563.234236][T21554]  ? avc_has_perm_noaudit+0x145/0x3b0
[  563.234266][T21554]  ? find_held_lock+0x2b/0x80
[  563.234280][T21554]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  563.234291][T21554]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  563.234304][T21554]  ? __pfx_rtnl_newlink+0x10/0x10
[  563.234316][T21554]  rtnetlink_rcv_msg+0x95e/0xe90
[  563.234330][T21554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  563.234345][T21554]  ? __lock_acquire+0x4a5/0x2630
[  563.234365][T21554]  netlink_rcv_skb+0x159/0x420
[  563.234379][T21554]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  563.234392][T21554]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  563.234411][T21554]  ? netlink_deliver_tap+0x1ae/0xcc0
[  563.234426][T21554]  netlink_unicast+0x5aa/0x870
[  563.234442][T21554]  ? __pfx_netlink_unicast+0x10/0x10
[  563.234461][T21554]  netlink_sendmsg+0x8b0/0xda0
[  563.234477][T21554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  563.234490][T21554]  ? __pfx___might_fault+0x10/0x10
[  563.234510][T21554]  ____sys_sendmsg+0x9e1/0xb70
[  563.234524][T21554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  563.234539][T21554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  563.234560][T21554]  ___sys_sendmsg+0x190/0x1e0
[  563.234576][T21554]  ? __pfx____sys_sendmsg+0x10/0x10
[  563.234608][T21554]  __sys_sendmsg+0x170/0x220
[  563.234620][T21554]  ? __pfx___sys_sendmsg+0x10/0x10
[  563.234641][T21554]  do_syscall_64+0x106/0xf80
[  563.234653][T21554]  ? clear_bhb_loop+0x40/0x90
[  563.234667][T21554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.234678][T21554] RIP: 0033:0x7f07a419c799
[  563.234689][T21554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  563.234703][T21554] RSP: 002b:00007f07a5032028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  563.234714][T21554] RAX: ffffffffffffffda RBX: 00007f07a4415fa0 RCX: 00007f07a419c799
[  563.234721][T21554] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000006
[  563.234728][T21554] RBP: 00007f07a5032090 R08: 0000000000000000 R09: 0000000000000000
[  563.234734][T21554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.234741][T21554] R13: 00007f07a4416038 R14: 00007f07a4415fa0 R15: 00007ffd33cea368
[  563.234755][T21554]  </TASK>
[  563.234760][T21554] debugfs: out of free dentries, can not create file 'netdev@ffff8880279c4620'
[  563.384863][T21560] syzkaller0: entered promiscuous mode
[  563.386740][T21560] syzkaller0: entered allmulticast mode
[  563.416926][T21562] netlink: 'syz.1.5357': attribute type 10 has an invalid length.
[  563.427502][T21562] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  563.432563][T21562] bond1: (slave macvlan4): Enslaving as a backup interface with an up link
[  563.481468][T21573] binder: 21571:21573 ioctl 4018620d 0 returned -22
[  563.491001][T21573] binder: 21571:21573 ioctl c0306201 2000000003c0 returned -14
[  563.561876][T21576] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.643823][T21576] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.728667][T21576] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.818989][T21576] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.935494][T19682] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  563.943156][T19682] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  563.952908][ T6912] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  563.962144][ T6912] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  563.968323][T21590] netlink: 'syz.1.5369': attribute type 10 has an invalid length.
[  563.976210][T21590] bond1: (slave macvlan5): Error -98 calling set_mac_address
[  564.498883][T21597] binder: 21596:21597 ioctl 4018620d 0 returned -22
[  564.503986][T21597] binder: 21596:21597 ioctl c0306201 2000000003c0 returned -14
[  564.796004][T21615] comedi comedi0: Minor 2147483647 is invalid!
[  564.803360][   T40] audit: type=1400 audit(564.729:1165): avc:  denied  { ioctl } for  pid=21612 comm="syz.4.5378" path="socket:[150893]" dev="sockfs" ino=150893 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  564.946087][T21628] binder: 21625:21628 ioctl 4018620d 0 returned -22
[  564.949483][T21628] binder: 21625:21628 ioctl c0306201 2000000003c0 returned -14
[  564.990108][T21632] netlink: 'syz.2.5385': attribute type 10 has an invalid length.
[  565.000575][T21632] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  565.122245][T21641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5388'.
[  565.215603][T21651] FAULT_INJECTION: forcing a failure.
[  565.215603][T21651] name failslab, interval 1, probability 0, space 0, times 0
[  565.219745][T21651] CPU: 0 UID: 0 PID: 21651 Comm: syz.2.5391 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  565.219763][T21651] Tainted: [L]=SOFTLOCKUP
[  565.219767][T21651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  565.219774][T21651] Call Trace:
[  565.219779][T21651]  <TASK>
[  565.219783][T21651]  dump_stack_lvl+0x100/0x190
[  565.219812][T21651]  should_fail_ex.cold+0x5/0xa
[  565.219827][T21651]  should_failslab+0xc2/0x120
[  565.219838][T21651]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  565.219855][T21651]  ? do_getname+0x35/0x390
[  565.219868][T21651]  ? ksys_write+0x190/0x250
[  565.219888][T21651]  do_getname+0x35/0x390
[  565.219903][T21651]  __do_sys_newstat+0x8c/0x130
[  565.219915][T21651]  ? __pfx___do_sys_newstat+0x10/0x10
[  565.219936][T21651]  ? __pfx_ksys_write+0x10/0x10
[  565.219956][T21651]  do_syscall_64+0x106/0xf80
[  565.219985][T21651]  ? clear_bhb_loop+0x40/0x90
[  565.220000][T21651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.220012][T21651] RIP: 0033:0x7f3df6b9c799
[  565.220021][T21651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  565.220032][T21651] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  565.220043][T21651] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  565.220051][T21651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000680
[  565.220057][T21651] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  565.220064][T21651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  565.220070][T21651] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  565.220084][T21651]  </TASK>
[  565.277984][T21657] binder: BINDER_SET_CONTEXT_MGR already set
[  565.287477][T21657] binder: 21656:21657 ioctl 4018620d 200000000040 returned -16
[  565.319917][T21659] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5396'.
[  565.323377][T21659] bridge_slave_1: left allmulticast mode
[  565.325352][T21659] bridge_slave_1: left promiscuous mode
[  565.327341][T21659] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.333079][T21659] bridge_slave_0: left allmulticast mode
[  565.335146][T21659] bridge_slave_0: left promiscuous mode
[  565.337129][T21659] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.359105][T21661] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5393'.
[  565.470659][ T5941] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  565.596181][T21676] lo speed is unknown, defaulting to 1000
[  565.623196][ T5941] usb 9-1: Using ep0 maxpacket: 8
[  565.626244][ T5941] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  565.628888][ T5941] usb 9-1: config 0 has no interface number 0
[  565.631500][ T5941] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  565.635878][ T5941] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  565.639256][ T5941] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  565.643680][ T5941] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  565.647403][ T5941] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.657118][ T5941] usb 9-1: config 0 descriptor??
[  565.661435][ T5941] ldusb 9-1:0.55: Interrupt in endpoint not found
[  565.679865][T21676] xfrm0 speed is unknown, defaulting to 1000
[  565.880295][ T5941] usb 9-1: USB disconnect, device number 12
[  566.015921][T21689] binder: BINDER_SET_CONTEXT_MGR already set
[  566.018522][T21689] binder: 21688:21689 ioctl 4018620d 200000000040 returned -16
[  566.105749][T21691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5406'.
[  566.179964][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  566.182420][ T5949] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  566.245292][T21699] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5409'.
[  566.296620][T21700] kAFS: No cell specified
[  566.405327][T15765] usb 7-1: new high-speed USB device number 111 using dummy_hcd
[  566.550697][T15765] usb 7-1: device descriptor read/64, error -71
[  566.612323][T21716] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5415'.
[  566.615077][T21716] bond1: option mode: unable to set because the bond device has slaves
[  566.618502][T21716] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5415'.
[  566.621389][T21716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5415'.
[  566.624475][T21716] bond_slave_0: left promiscuous mode
[  566.626414][T21716] bond_slave_1: left promiscuous mode
[  566.628141][T21716] batadv0: left promiscuous mode
[  566.636423][T21716] netlink: 'syz.0.5415': attribute type 4 has an invalid length.
[  566.638898][T21716] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5415'.
[  566.646436][T21716] .`: renamed from bond0
[  566.650490][T21717] netlink: 'syz.4.5416': attribute type 10 has an invalid length.
[  566.658158][T21717] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  566.666029][T21716] lo speed is unknown, defaulting to 1000
[  566.754615][T21716] xfrm0 speed is unknown, defaulting to 1000
[  566.803081][T21723] syzkaller0: entered promiscuous mode
[  566.805252][T21723] syzkaller0: entered allmulticast mode
[  566.809770][T15765] usb 7-1: new high-speed USB device number 112 using dummy_hcd
[  566.959774][T15765] usb 7-1: device descriptor read/64, error -71
[  567.069819][ T5941] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[  567.079911][T15765] usb usb7-port1: attempt power cycle
[  567.219712][ T5941] usb 5-1: Using ep0 maxpacket: 8
[  567.223075][ T5941] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  567.225604][ T5941] usb 5-1: config 0 has no interface number 0
[  567.227562][ T5941] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  567.231531][ T5941] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  567.234923][ T5941] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  567.238942][ T5941] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  567.245389][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.249212][ T5941] usb 5-1: config 0 descriptor??
[  567.259386][ T5941] ldusb 5-1:0.55: Interrupt in endpoint not found
[  567.388961][T21735] binder: 21734:21735 ioctl c0306201 0 returned -14
[  567.392903][T21735] binder: 21734:21735 ioctl c0306201 2000000003c0 returned -14
[  567.419876][T15765] usb 7-1: new high-speed USB device number 113 using dummy_hcd
[  567.449881][T15765] usb 7-1: device descriptor read/8, error -71
[  567.465066][ T5941] usb 5-1: USB disconnect, device number 100
[  567.532646][T21743] FAULT_INJECTION: forcing a failure.
[  567.532646][T21743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.536696][T21743] CPU: 1 UID: 0 PID: 21743 Comm: syz.1.5426 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  567.536714][T21743] Tainted: [L]=SOFTLOCKUP
[  567.536718][T21743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  567.536725][T21743] Call Trace:
[  567.536730][T21743]  <TASK>
[  567.536735][T21743]  dump_stack_lvl+0x100/0x190
[  567.536763][T21743]  should_fail_ex.cold+0x5/0xa
[  567.536778][T21743]  _copy_from_user+0x2e/0xd0
[  567.536800][T21743]  input_event_from_user+0x123/0x310
[  567.536815][T21743]  ? __pfx_input_event_from_user+0x10/0x10
[  567.536829][T21743]  ? __pfx___might_resched+0x10/0x10
[  567.536842][T21743]  ? input_inject_event+0x1c9/0x3b0
[  567.536857][T21743]  evdev_write+0x342/0x610
[  567.536873][T21743]  ? __pfx_evdev_write+0x10/0x10
[  567.536887][T21743]  ? bpf_lsm_file_permission+0x9/0x10
[  567.536904][T21743]  ? security_file_permission+0x76/0x210
[  567.536919][T21743]  ? rw_verify_area+0xce/0x6d0
[  567.536936][T21743]  vfs_write+0x2aa/0x1070
[  567.536953][T21743]  ? __pfx_evdev_write+0x10/0x10
[  567.536968][T21743]  ? __pfx_vfs_write+0x10/0x10
[  567.536983][T21743]  ? find_held_lock+0x2b/0x80
[  567.536997][T21743]  ? __fget_files+0x215/0x3d0
[  567.537008][T21743]  ? __fget_files+0x215/0x3d0
[  567.537022][T21743]  ? __fget_files+0x21f/0x3d0
[  567.537037][T21743]  ksys_write+0x1f8/0x250
[  567.537053][T21743]  ? __pfx_ksys_write+0x10/0x10
[  567.537074][T21743]  do_syscall_64+0x106/0xf80
[  567.537090][T21743]  ? clear_bhb_loop+0x40/0x90
[  567.537104][T21743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.537115][T21743] RIP: 0033:0x7f07a419c799
[  567.537125][T21743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  567.537136][T21743] RSP: 002b:00007f07a5032028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  567.537148][T21743] RAX: ffffffffffffffda RBX: 00007f07a4415fa0 RCX: 00007f07a419c799
[  567.537155][T21743] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  567.537162][T21743] RBP: 00007f07a5032090 R08: 0000000000000000 R09: 0000000000000000
[  567.537168][T21743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.537174][T21743] R13: 00007f07a4416038 R14: 00007f07a4415fa0 R15: 00007ffd33cea368
[  567.537189][T21743]  </TASK>
[  567.689823][T15765] usb 7-1: new high-speed USB device number 114 using dummy_hcd
[  567.710556][T15765] usb 7-1: device descriptor read/8, error -71
[  567.819913][T15765] usb usb7-port1: unable to enumerate USB device
[  567.921087][T21755] 9pnet_virtio: no channels available for device syz
[  567.924954][T21757] FAULT_INJECTION: forcing a failure.
[  567.924954][T21757] name failslab, interval 1, probability 0, space 0, times 0
[  567.928972][T21757] CPU: 0 UID: 0 PID: 21757 Comm: syz.1.5431 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  567.928991][T21757] Tainted: [L]=SOFTLOCKUP
[  567.928995][T21757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  567.929001][T21757] Call Trace:
[  567.929006][T21757]  <TASK>
[  567.929010][T21757]  dump_stack_lvl+0x100/0x190
[  567.929032][T21757]  should_fail_ex.cold+0x5/0xa
[  567.929048][T21757]  ? tomoyo_realpath_from_path+0xb6/0x690
[  567.929063][T21757]  should_failslab+0xc2/0x120
[  567.929075][T21757]  __kmalloc_noprof+0xe0/0x850
[  567.929094][T21757]  tomoyo_realpath_from_path+0xb6/0x690
[  567.929113][T21757]  tomoyo_path_perm+0x276/0x460
[  567.929124][T21757]  ? tomoyo_path_perm+0x262/0x460
[  567.929136][T21757]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  567.929168][T21757]  security_inode_getattr+0x116/0x280
[  567.929182][T21757]  vfs_getattr+0x25/0x60
[  567.929195][T21757]  ovl_copy_up_one+0x18d/0x3cc0
[  567.929208][T21757]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  567.929225][T21757]  ? is_bpf_text_address+0x94/0x1a0
[  567.929242][T21757]  ? kernel_text_address+0x8d/0x100
[  567.929254][T21757]  ? ovl_fileattr_get+0xdc/0x330
[  567.929267][T21757]  ? __kernel_text_address+0xd/0x30
[  567.929279][T21757]  ? unwind_get_return_address+0x59/0xa0
[  567.929296][T21757]  ? __pfx_ovl_copy_up_one+0x10/0x10
[  567.929311][T21757]  ? stack_trace_save+0x8e/0xc0
[  567.929325][T21757]  ? __pfx_stack_trace_save+0x10/0x10
[  567.929340][T21757]  ? stack_depot_save_flags+0x27/0x9d0
[  567.929360][T21757]  ? kasan_save_stack+0x3f/0x50
[  567.929376][T21757]  ? kasan_save_stack+0x30/0x50
[  567.929391][T21757]  ? kasan_record_aux_stack+0xa7/0xc0
[  567.929404][T21757]  ? task_work_add+0x28b/0x3b0
[  567.929414][T21757]  ? __fput_deferred+0x168/0x490
[  567.929427][T21757]  ? ovl_security_fileattr+0x100/0x170
[  567.929441][T21757]  ? __lock_acquire+0x4a5/0x2630
[  567.929485][T21757]  ? dget_parent+0xf8/0x5e0
[  567.929506][T21757]  ovl_copy_up_flags+0xf4/0x240
[  567.929521][T21757]  ovl_fileattr_set+0xa2/0x300
[  567.929535][T21757]  ? __pfx_ovl_fileattr_set+0x10/0x10
[  567.929552][T21757]  vfs_fileattr_set+0x783/0xd70
[  567.929566][T21757]  ? __pfx_vfs_fileattr_set+0x10/0x10
[  567.929579][T21757]  ? mnt_get_write_access+0x1e9/0x2f0
[  567.929598][T21757]  ioctl_fssetxattr+0x23e/0x290
[  567.929610][T21757]  ? __pfx_ioctl_fssetxattr+0x10/0x10
[  567.929631][T21757]  do_vfs_ioctl+0xe9e/0x13e0
[  567.929662][T21757]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  567.929682][T21757]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  567.929701][T21757]  ? __fget_files+0x215/0x3d0
[  567.929712][T21757]  ? hook_file_ioctl_common+0x146/0x410
[  567.929732][T21757]  ? selinux_file_ioctl+0x139/0x290
[  567.929745][T21757]  ? selinux_file_ioctl+0xb4/0x290
[  567.929761][T21757]  __x64_sys_ioctl+0x114/0x210
[  567.929778][T21757]  do_syscall_64+0x106/0xf80
[  567.929790][T21757]  ? clear_bhb_loop+0x40/0x90
[  567.929804][T21757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.929815][T21757] RIP: 0033:0x7f07a419c799
[  567.929825][T21757] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  567.929836][T21757] RSP: 002b:00007f07a5032028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  567.929847][T21757] RAX: ffffffffffffffda RBX: 00007f07a4415fa0 RCX: 00007f07a419c799
[  567.929854][T21757] RDX: 0000200000002540 RSI: 00000000401c5820 RDI: 0000000000000004
[  567.929861][T21757] RBP: 00007f07a5032090 R08: 0000000000000000 R09: 0000000000000000
[  567.929867][T21757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.929874][T21757] R13: 00007f07a4416038 R14: 00007f07a4415fa0 R15: 00007ffd33cea368
[  567.929888][T21757]  </TASK>
[  568.052150][T21759] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.053098][T21757] ERROR: Out of memory at tomoyo_realpath_from_path.
[  568.116571][T21759] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.155276][T21768] netlink: 700 bytes leftover after parsing attributes in process `syz.1.5437'.
[  568.212406][T21759] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.253512][T21759] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  568.346009][ T1175] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  568.353342][ T1175] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  568.364041][ T1175] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  568.372287][ T1175] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  569.195116][T21788] netlink: 'syz.4.5443': attribute type 10 has an invalid length.
[  569.221270][T21788] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  569.579738][ T5686] usb 7-1: new high-speed USB device number 115 using dummy_hcd
[  569.579880][ T3249] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  569.691556][   T24] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[  569.729968][ T3249] usb 9-1: Using ep0 maxpacket: 32
[  569.733074][ T3249] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  569.738253][ T3249] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  569.741259][ T3249] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  569.744048][ T3249] usb 9-1: Product: syz
[  569.745431][ T3249] usb 9-1: Manufacturer: syz
[  569.746982][ T3249] usb 9-1: SerialNumber: syz
[  569.749847][ T5686] usb 7-1: Using ep0 maxpacket: 8
[  569.750085][ T3249] usb 9-1: config 0 descriptor??
[  569.753047][ T5686] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  569.756212][ T5686] usb 7-1: config 0 has no interface number 0
[  569.757895][T21793] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  569.758309][ T5686] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  569.762239][ T3249] hub 9-1:0.0: bad descriptor, ignoring hub
[  569.764304][ T5686] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  569.765932][ T3249] hub 9-1:0.0: probe with driver hub failed with error -5
[  569.771938][ T5686] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  569.776169][ T5686] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  569.779068][ T5686] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.783321][ T5686] usb 7-1: config 0 descriptor??
[  569.786784][ T5686] ldusb 7-1:0.55: Interrupt in endpoint not found
[  569.824810][T21800] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.841033][   T24] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  569.844655][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  569.848201][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  569.852019][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  569.856274][   T24] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  569.859203][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.863092][   T24] usb 6-1: config 0 descriptor??
[  569.869947][T21798] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  569.893189][T21800] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.944091][T21800] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.992420][ T5686] usb 7-1: USB disconnect, device number 115
[  569.996319][T21800] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.069881][   T53] usb 9-1: USB disconnect, device number 13
[  570.279358][   T24] plantronics 0003:047F:FFFF.0025: reserved main item tag 0xd
[  570.289903][   T24] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  570.429743][   T24] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  570.533037][T21805] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5449'.
[  570.541374][T21798] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21798 comm=syz.1.5447
[  570.589913][   T24] usb 9-1: Using ep0 maxpacket: 32
[  570.593120][   T24] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  570.598422][   T24] usb 9-1: string descriptor 0 read error: -22
[  570.600929][   T24] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  570.603900][   T24] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  570.607459][   T24] usb 9-1: config 0 descriptor??
[  570.614141][T21793] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  570.618418][   T24] hub 9-1:0.0: bad descriptor, ignoring hub
[  570.621836][   T24] hub 9-1:0.0: probe with driver hub failed with error -5
[  570.809735][   T24] usb 7-1: new high-speed USB device number 116 using dummy_hcd
[  570.818734][T21793] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.821707][T21793] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.824623][   T40] audit: type=1400 audit(570.749:1166): avc:  denied  { lock } for  pid=21792 comm="syz.4.5445" path="socket:[151169]" dev="sockfs" ino=151169 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  570.939970][   T53] usb 9-1: USB disconnect, device number 14
[  570.961245][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  570.965109][   T24] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  570.969502][   T24] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  570.973042][   T24] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  570.976005][   T24] usb 7-1: Manufacturer: syz
[  570.980395][   T24] usb 7-1: config 0 descriptor??
[  571.361067][T21810] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=23 sclass=netlink_tcpdiag_socket pid=21810 comm=syz.4.5451
[  571.516009][T21816] 9pnet_virtio: no channels available for device syz
[  571.525698][T21816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5454'.
[  571.729743][ T6006] usb 6-1: reset high-speed USB device number 101 using dummy_hcd
[  571.936507][T19680] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  571.943903][T19680] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  571.950934][T19680] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  571.957679][T19680] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.429758][T21823] binder: 21822:21823 ioctl c0306201 2000000003c0 returned -14
[  572.523523][T21831] netlink: 'syz.0.5459': attribute type 10 has an invalid length.
[  572.552796][T21836] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5460'.
[  572.558954][T21831] bond1: option mode: unable to set because the bond device has slaves
[  572.605827][T21842] syzkaller1: entered promiscuous mode
[  572.608326][T21842] syzkaller1: entered allmulticast mode
[  572.751262][T21848] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5464'.
[  572.790504][T21851] netlink: 'syz.4.5465': attribute type 3 has an invalid length.
[  572.872919][T21853] 0x000000000007-0x000000020007 : ""
[  572.875031][T21853] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fff9
[  572.878831][T21853] FAULT_INJECTION: forcing a failure.
[  572.878831][T21853] name failslab, interval 1, probability 0, space 0, times 0
[  572.883577][T21853] CPU: 2 UID: 0 PID: 21853 Comm: syz.4.5466 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  572.883595][T21853] Tainted: [L]=SOFTLOCKUP
[  572.883599][T21853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  572.883606][T21853] Call Trace:
[  572.883610][T21853]  <TASK>
[  572.883615][T21853]  dump_stack_lvl+0x100/0x190
[  572.883644][T21853]  should_fail_ex.cold+0x5/0xa
[  572.883659][T21853]  should_failslab+0xc2/0x120
[  572.883671][T21853]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  572.883688][T21853]  ? kvasprintf_const+0x66/0x1a0
[  572.883718][T21853]  kvasprintf+0xbc/0x150
[  572.883734][T21853]  ? __pfx_kvasprintf+0x10/0x10
[  572.883753][T21853]  ? idr_alloc_u32+0x22b/0x320
[  572.883770][T21853]  kvasprintf_const+0x66/0x1a0
[  572.883788][T21853]  kobject_set_name_vargs+0x5a/0x140
[  572.883804][T21853]  dev_set_name+0xc7/0x100
[  572.883815][T21853]  ? __pfx_dev_set_name+0x10/0x10
[  572.883827][T21853]  ? idr_alloc+0xdd/0x130
[  572.883838][T21853]  ? __pfx_idr_alloc+0x10/0x10
[  572.883849][T21853]  ? mtd_add_partition+0x302/0x660
[  572.883863][T21853]  ? mtd_add_partition+0x302/0x660
[  572.883877][T21853]  ? __pfx__printk+0x10/0x10
[  572.883888][T21853]  ? add_mtd_device+0x7c7/0x17a0
[  572.883901][T21853]  add_mtd_device+0x88c/0x17a0
[  572.883917][T21853]  ? __pfx_add_mtd_device+0x10/0x10
[  572.883933][T21853]  mtd_add_partition+0x30a/0x660
[  572.883948][T21853]  ? __pfx_mtd_add_partition+0x10/0x10
[  572.883961][T21853]  ? __might_fault+0xc5/0x140
[  572.883975][T21853]  ? __might_fault+0xc5/0x140
[  572.883995][T21853]  mtdchar_blkpg_ioctl+0x207/0x250
[  572.884010][T21853]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  572.884037][T21853]  mtdchar_ioctl+0x1670/0x1fd0
[  572.884053][T21853]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  572.884068][T21853]  ? lock_acquire+0x1cf/0x380
[  572.884090][T21853]  ? trace_contention_end+0x140/0x180
[  572.884103][T21853]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  572.884119][T21853]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  572.884136][T21853]  ? __pfx___mutex_lock+0x10/0x10
[  572.884160][T21853]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  572.884178][T21853]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  572.884201][T21853]  __x64_sys_ioctl+0x18e/0x210
[  572.884228][T21853]  do_syscall_64+0x106/0xf80
[  572.884246][T21853]  ? clear_bhb_loop+0x40/0x90
[  572.884267][T21853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.884286][T21853] RIP: 0033:0x7f766db9c799
[  572.884300][T21853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  572.884311][T21853] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  572.884322][T21853] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  572.884329][T21853] RDX: 00002000000001c0 RSI: 0000000000001269 RDI: 0000000000000004
[  572.884336][T21853] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  572.884343][T21853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  572.884349][T21853] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  572.884364][T21853]  </TASK>
[  573.047313][T21859] input: syz0 as /devices/virtual/input/input47
[  573.194882][T15765] usb 6-1: USB disconnect, device number 101
[  573.349494][T21863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5470'.
[  573.414727][T21868] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5471'.
[  573.585485][ T5941] usb 7-1: USB disconnect, device number 116
[  573.656978][T21877] binder: 21876:21877 ioctl c0306201 2000000003c0 returned -14
[  573.691853][T21881] netlink: 'syz.4.5477': attribute type 10 has an invalid length.
[  573.695435][T21881] bond1: option mode: unable to set because the bond device has slaves
[  574.039830][ T5941] usb 7-1: new high-speed USB device number 117 using dummy_hcd
[  574.089757][   T59] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  574.187516][T21900] binder: 21899:21900 ioctl c0306201 2000000003c0 returned -14
[  574.199834][ T5941] usb 7-1: Using ep0 maxpacket: 16
[  574.203143][ T5941] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x6 has invalid wMaxPacketSize 0
[  574.206325][ T5941] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  574.211565][ T5941] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  574.214429][ T5941] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.216959][ T5941] usb 7-1: Product: syz
[  574.218454][ T5941] usb 7-1: Manufacturer: syz
[  574.220283][ T5941] usb 7-1: SerialNumber: syz
[  574.270275][   T59] usb 9-1: no configurations
[  574.271954][   T59] usb 9-1: can't read configurations, error -22
[  574.399794][   T59] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  574.441181][T21890] fuse: Unknown parameter ''
[  574.547776][ T5941] cdc_ncm 7-1:1.0: bind() failure
[  574.550251][   T59] usb 9-1: no configurations
[  574.551823][   T59] usb 9-1: can't read configurations, error -22
[  574.552076][ T5941] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  574.554042][   T59] usb usb9-port1: attempt power cycle
[  574.556219][ T5941] cdc_ncm 7-1:1.1: bind() failure
[  574.565654][ T5941] usb 7-1: USB disconnect, device number 117
[  574.747047][T21905] netlink: 'syz.1.5487': attribute type 10 has an invalid length.
[  574.751961][T21905] bond1: option mode: unable to set because the bond device has slaves
[  574.890441][   T59] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  574.910811][   T59] usb 9-1: no configurations
[  574.913108][   T59] usb 9-1: can't read configurations, error -22
[  575.019741][ T5686] usb 6-1: new high-speed USB device number 102 using dummy_hcd
[  575.039734][   T59] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  575.060611][   T59] usb 9-1: no configurations
[  575.062189][   T59] usb 9-1: can't read configurations, error -22
[  575.064482][   T59] usb usb9-port1: unable to enumerate USB device
[  575.099992][   T40] audit: type=1400 audit(575.029:1167): avc:  denied  { checkpoint_restore } for  pid=21911 comm="syz.2.5490" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  575.179792][ T5686] usb 6-1: Using ep0 maxpacket: 8
[  575.185487][ T5686] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  575.188187][ T5686] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  575.191434][ T5686] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  575.194659][ T5686] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  575.197799][ T5686] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  575.202364][ T5686] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  575.205339][ T5686] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.413307][T21924] fuse: Bad value for 'group_id'
[  575.415014][T21924] fuse: Bad value for 'group_id'
[  575.422107][ T5686] usb 6-1: usb_control_msg returned -32
[  575.424010][ T5686] usbtmc 6-1:16.0: can't read capabilities
[  575.637772][T21930] netlink: 'syz.2.5496': attribute type 10 has an invalid length.
[  575.641757][T21930] bond1: option mode: unable to set because the bond device has slaves
[  575.671857][T21932] binder: 21931:21932 ioctl c0306201 2000000003c0 returned -14
[  575.727448][T21936] program syz.2.5499 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  575.782438][T21908] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5488'.
[  575.785441][T21939] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5488'.
[  575.874407][T21943] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.893756][T21945] sctp: [Deprecated]: syz.2.5502 (pid 21945) Use of struct sctp_assoc_value in delayed_ack socket option.
[  575.893756][T21945] Use struct sctp_sack_info instead
[  575.957310][T21943] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.032583][T21943] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.153675][T21943] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  576.288856][T19679] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  576.296606][T19679] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  576.304399][T19679] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  576.312046][T19679] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  577.107595][   T40] audit: type=1400 audit(577.029:1168): avc:  denied  { map } for  pid=21944 comm="syz.2.5502" path="socket:[153721]" dev="sockfs" ino=153721 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  577.182456][T21959] binder: 21958:21959 ioctl c0306201 2000000003c0 returned -14
[  577.229740][T15765] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  577.379752][T15765] usb 9-1: Using ep0 maxpacket: 8
[  577.390842][T15765] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.394594][T15765] usb 9-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.398810][T15765] usb 9-1: config 0 interface 0 has no altsetting 0
[  577.409738][T15765] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  577.412693][T15765] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.420395][T15765] usb 9-1: config 0 descriptor??
[  577.664058][T21972] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.714694][T21972] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.774073][T21972] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.791496][ T3249] usb 6-1: USB disconnect, device number 102
[  577.825755][T15765] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0
[  577.828078][T15765] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0
[  577.833430][T21972] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.839797][T15765] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0
[  577.842258][T15765] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0
[  577.844517][T15765] mcp2221 0003:04D8:00DD.0026: unknown main item tag 0x0
[  577.847179][T15765] mcp2221 0003:04D8:00DD.0026: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  577.880920][T21978] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  577.884311][T21978] block device autoloading is deprecated and will be removed.
[  577.916590][ T1175] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  577.931304][T19679] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  577.946669][T19679] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  577.956954][T19679] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  577.999812][   T53] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  578.026272][T21957] FAULT_INJECTION: forcing a failure.
[  578.026272][T21957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  578.030815][T21957] CPU: 3 UID: 0 PID: 21957 Comm: syz.4.5505 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  578.030834][T21957] Tainted: [L]=SOFTLOCKUP
[  578.030838][T21957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  578.030844][T21957] Call Trace:
[  578.030849][T21957]  <TASK>
[  578.030854][T21957]  dump_stack_lvl+0x100/0x190
[  578.030884][T21957]  should_fail_ex.cold+0x5/0xa
[  578.030899][T21957]  _copy_to_user+0x32/0xd0
[  578.030921][T21957]  simple_read_from_buffer+0xcb/0x170
[  578.030941][T21957]  proc_fail_nth_read+0x1af/0x230
[  578.030957][T21957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  578.030973][T21957]  ? rw_verify_area+0xce/0x6d0
[  578.030993][T21957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  578.031008][T21957]  vfs_read+0x1e4/0xb30
[  578.031027][T21957]  ? __pfx_vfs_read+0x10/0x10
[  578.031043][T21957]  ? __fget_files+0x215/0x3d0
[  578.031057][T21957]  ? __fget_files+0x21f/0x3d0
[  578.031072][T21957]  ksys_read+0x12a/0x250
[  578.031088][T21957]  ? __pfx_ksys_read+0x10/0x10
[  578.031108][T21957]  do_syscall_64+0x106/0xf80
[  578.031125][T21957]  ? clear_bhb_loop+0x40/0x90
[  578.031138][T21957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.031150][T21957] RIP: 0033:0x7f766db5cfce
[  578.031159][T21957] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  578.031170][T21957] RSP: 002b:00007f766e96efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  578.031182][T21957] RAX: ffffffffffffffda RBX: 00007f766e96f6c0 RCX: 00007f766db5cfce
[  578.031189][T21957] RDX: 000000000000000f RSI: 00007f766e96f0a0 RDI: 0000000000000005
[  578.031195][T21957] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  578.031202][T21957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.031208][T21957] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  578.031228][T21957]  </TASK>
[  578.104053][   T59] usb 9-1: USB disconnect, device number 19
[  578.143041][T21988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5518'.
[  578.150341][   T53] usb 5-1: no configurations
[  578.153666][   T53] usb 5-1: can't read configurations, error -22
[  578.280119][   T53] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  578.440323][   T53] usb 5-1: no configurations
[  578.441903][   T53] usb 5-1: can't read configurations, error -22
[  578.445195][   T53] usb usb5-port1: attempt power cycle
[  578.536974][T22003] binder: 22002:22003 ioctl 4018620d 0 returned -22
[  578.540665][T22003] binder: 22002:22003 ioctl c0306201 2000000003c0 returned -14
[  578.599758][   T40] audit: type=1326 audit(578.519:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22005 comm="syz.1.5524" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f07a419c799 code=0x0
[  578.790146][   T53] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  578.811053][   T53] usb 5-1: no configurations
[  578.812924][   T53] usb 5-1: can't read configurations, error -22
[  578.949796][   T53] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[  578.982290][   T53] usb 5-1: no configurations
[  578.983886][   T53] usb 5-1: can't read configurations, error -22
[  578.986193][   T53] usb usb5-port1: unable to enumerate USB device
[  578.999750][ T5941] usb 7-1: new low-speed USB device number 118 using dummy_hcd
[  579.151143][ T5941] usb 7-1: config 0 has an invalid descriptor of length 176, skipping remainder of the config
[  579.154531][ T5941] usb 7-1: config 0 interface 0 altsetting 254 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  579.158806][ T5941] usb 7-1: config 0 interface 0 has no altsetting 0
[  579.161544][ T5941] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice=c9.00
[  579.164856][ T5941] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.169431][ T5941] usb 7-1: config 0 descriptor??
[  579.173985][ T5941] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  579.421213][T22014] syzkaller0: entered promiscuous mode
[  579.423223][T22014] syzkaller0: entered allmulticast mode
[  579.596380][T22016] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5528'.
[  579.738076][T22021] FAULT_INJECTION: forcing a failure.
[  579.738076][T22021] name failslab, interval 1, probability 0, space 0, times 0
[  579.743657][T22021] CPU: 3 UID: 0 PID: 22021 Comm: syz.4.5529 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  579.743685][T22021] Tainted: [L]=SOFTLOCKUP
[  579.743692][T22021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  579.743701][T22021] Call Trace:
[  579.743707][T22021]  <TASK>
[  579.743713][T22021]  dump_stack_lvl+0x100/0x190
[  579.743742][T22021]  should_fail_ex.cold+0x5/0xa
[  579.743761][T22021]  ? fuse_io_alloc+0x92/0x150
[  579.743795][T22021]  should_failslab+0xc2/0x120
[  579.743814][T22021]  __kmalloc_noprof+0xe0/0x850
[  579.743846][T22021]  fuse_io_alloc+0x92/0x150
[  579.743869][T22021]  fuse_direct_io+0x195e/0x2590
[  579.743914][T22021]  ? __pfx_fuse_direct_io+0x10/0x10
[  579.743941][T22021]  ? lockdep_init_map_type+0x5c/0x250
[  579.743965][T22021]  fuse_direct_IO+0x7fe/0xf10
[  579.743998][T22021]  ? __pfx_fuse_direct_IO+0x10/0x10
[  579.744041][T22021]  generic_file_direct_write+0x198/0x410
[  579.744075][T22021]  fuse_file_write_iter+0x79d/0x990
[  579.744104][T22021]  vfs_write+0x6ac/0x1070
[  579.744133][T22021]  ? __pfx_fuse_file_write_iter+0x10/0x10
[  579.744161][T22021]  ? __pfx_vfs_write+0x10/0x10
[  579.744205][T22021]  ksys_write+0x12a/0x250
[  579.744232][T22021]  ? __pfx_ksys_write+0x10/0x10
[  579.744267][T22021]  do_syscall_64+0x106/0xf80
[  579.744287][T22021]  ? clear_bhb_loop+0x40/0x90
[  579.744309][T22021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.744328][T22021] RIP: 0033:0x7f766db9c799
[  579.744344][T22021] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  579.744361][T22021] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  579.744379][T22021] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  579.744391][T22021] RDX: 00000000fffffdef RSI: 00002000000000c0 RDI: 0000000000000005
[  579.744402][T22021] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  579.744412][T22021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  579.744423][T22021] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  579.744449][T22021]  </TASK>
[  580.049181][T22033] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5533'.
[  580.151085][T22047] netlink: 'syz.4.5536': attribute type 10 has an invalid length.
[  580.154770][T22047] bond1: option mode: unable to set because the bond device has slaves
[  580.263710][T22051] ip6tnl0: Caught tx_queue_len zero misconfig
[  580.779750][T12931] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  580.830012][T22065] CIFS mount error: No usable UNC path provided in device string!
[  580.830012][T22065] 
[  580.833590][T22065] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  580.931968][T12931] usb 9-1: Using ep0 maxpacket: 8
[  580.937166][T12931] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  580.940321][T12931] usb 9-1: config 0 has no interface number 0
[  580.942476][T12931] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  580.946244][T12931] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  580.951786][T12931] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  580.955502][T12931] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  580.961362][T12931] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  580.964502][T12931] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.968935][T12931] usb 9-1: config 0 descriptor??
[  580.976009][T12931] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  581.021542][T22079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5549'.
[  581.231950][T20005] usb 9-1: USB disconnect, device number 20
[  581.233988][    C3] ldusb 9-1:0.55: usb_submit_urb failed (-19)
[  581.236020][T22061] ldusb 9-1:0.55: Couldn't submit interrupt_out_urb -19
[  581.240598][T20005] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  581.280544][T22089] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.285096][T22089] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.290619][T12931] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[  581.324078][T19682] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.327828][T19682] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.332480][T19682] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.336015][T19682] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  581.365251][T22092] netlink: 'syz.0.5553': attribute type 10 has an invalid length.
[  581.413253][T22092] bond1: option mode: unable to set because the bond device has slaves
[  581.440635][T12931] usb 6-1: no configurations
[  581.442301][T12931] usb 6-1: can't read configurations, error -22
[  581.570053][T12931] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[  581.624867][T22100] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  581.632862][T22100] comedi comedi0: Minor 268435458 is invalid!
[  581.720464][T12931] usb 6-1: no configurations
[  581.722057][T12931] usb 6-1: can't read configurations, error -22
[  581.724613][T12931] usb usb6-port1: attempt power cycle
[  581.733369][ T3249] usb 7-1: USB disconnect, device number 118
[  581.830877][T22106] netlink: 'syz.4.5559': attribute type 21 has an invalid length.
[  581.834301][T22106] netlink: 128 bytes leftover after parsing attributes in process `syz.4.5559'.
[  581.838500][T22106] netlink: 3 bytes leftover after parsing attributes in process `syz.4.5559'.
[  581.888294][T22117] netlink: 'syz.4.5562': attribute type 10 has an invalid length.
[  581.893426][T22117] bond1: option mode: unable to set because the bond device has slaves
[  581.971335][T22124] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5152 sclass=netlink_route_socket pid=22124 comm=syz.4.5564
[  581.975921][T22124] netlink: 'syz.4.5564': attribute type 25 has an invalid length.
[  581.980023][T22124] syzkaller0: entered promiscuous mode
[  581.981884][T22124] syzkaller0: entered allmulticast mode
[  582.060005][T12931] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[  582.081284][T12931] usb 6-1: no configurations
[  582.083389][T12931] usb 6-1: can't read configurations, error -22
[  582.109212][T22134] syzkaller0: entered promiscuous mode
[  582.111122][T22134] syzkaller0: entered allmulticast mode
[  582.116667][T22129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5566'.
[  582.219846][T12931] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[  582.240973][T12931] usb 6-1: no configurations
[  582.243106][T12931] usb 6-1: can't read configurations, error -22
[  582.248264][T12931] usb usb6-port1: unable to enumerate USB device
[  582.454121][T22156] lo speed is unknown, defaulting to 1000
[  582.555009][T22156] xfrm0 speed is unknown, defaulting to 1000
[  582.563316][T22163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5576'.
[  582.741660][T22183] syzkaller0: entered promiscuous mode
[  582.746172][T22183] syzkaller0: entered allmulticast mode
[  582.777471][   T63] Bluetooth: hci4: sending frame failed (-49)
[  582.783406][ T5949] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  582.854721][T22191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5587'.
[  583.026250][T22208] FAULT_INJECTION: forcing a failure.
[  583.026250][T22208] name failslab, interval 1, probability 0, space 0, times 0
[  583.033122][T22208] CPU: 0 UID: 0 PID: 22208 Comm: syz.4.5593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.033149][T22208] Tainted: [L]=SOFTLOCKUP
[  583.033155][T22208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  583.033166][T22208] Call Trace:
[  583.033173][T22208]  <TASK>
[  583.033181][T22208]  dump_stack_lvl+0x100/0x190
[  583.033223][T22208]  should_fail_ex.cold+0x5/0xa
[  583.033247][T22208]  should_failslab+0xc2/0x120
[  583.033265][T22208]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  583.033290][T22208]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  583.033317][T22208]  ? do_user_addr_fault+0x780/0x12f0
[  583.033342][T22208]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  583.033376][T22208]  mmu_topup_memory_caches+0x25/0x170
[  583.033398][T22208]  kvm_mmu_load+0xd6/0x23e0
[  583.033417][T22208]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  583.033441][T22208]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  583.033469][T22208]  ? __pfx_kvm_mmu_load+0x10/0x10
[  583.033487][T22208]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  583.033515][T22208]  ? kvm_check_and_inject_events+0x961/0x10c0
[  583.033541][T22208]  vcpu_run+0x39f4/0x5ca0
[  583.033572][T22208]  ? __pfx_vcpu_run+0x10/0x10
[  583.033601][T22208]  ? rcu_is_watching+0x12/0xc0
[  583.033627][T22208]  ? kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  583.033648][T22208]  kvm_arch_vcpu_ioctl_run+0x565/0x1830
[  583.033677][T22208]  kvm_vcpu_ioctl+0x730/0x1730
[  583.033706][T22208]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.033732][T22208]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  583.033759][T22208]  ? do_vfs_ioctl+0x226/0x13e0
[  583.033785][T22208]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  583.033811][T22208]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  583.033849][T22208]  ? __fget_files+0x215/0x3d0
[  583.033866][T22208]  ? hook_file_ioctl_common+0x146/0x410
[  583.033899][T22208]  ? selinux_file_ioctl+0x139/0x290
[  583.033920][T22208]  ? selinux_file_ioctl+0xb4/0x290
[  583.033942][T22208]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.033969][T22208]  __x64_sys_ioctl+0x18e/0x210
[  583.034000][T22208]  do_syscall_64+0x106/0xf80
[  583.034024][T22208]  ? clear_bhb_loop+0x40/0x90
[  583.034047][T22208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.034065][T22208] RIP: 0033:0x7f766db9c799
[  583.034082][T22208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.034125][T22208] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.034143][T22208] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  583.034155][T22208] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  583.034166][T22208] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  583.034177][T22208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  583.034187][T22208] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  583.034213][T22208]  </TASK>
[  583.254175][T22213] netlink: 'syz.2.5594': attribute type 10 has an invalid length.
[  583.257955][T22213] bond1: option mode: unable to set because the bond device has slaves
[  583.340213][T22211] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  583.440403][T22218] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5596'.
[  583.512156][   T40] audit: type=1400 audit(583.439:1170): avc:  denied  { connect } for  pid=22224 comm="syz.4.5598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  583.529790][   T40] audit: type=1400 audit(583.439:1171): avc:  denied  { read } for  pid=22224 comm="syz.4.5598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  583.816166][T22238] FAULT_INJECTION: forcing a failure.
[  583.816166][T22238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  583.822610][T22238] CPU: 2 UID: 0 PID: 22238 Comm: syz.4.5602 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.822628][T22238] Tainted: [L]=SOFTLOCKUP
[  583.822633][T22238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  583.822640][T22238] Call Trace:
[  583.822644][T22238]  <TASK>
[  583.822649][T22238]  dump_stack_lvl+0x100/0x190
[  583.822672][T22238]  should_fail_ex.cold+0x5/0xa
[  583.822687][T22238]  _copy_from_user+0x2e/0xd0
[  583.822703][T22238]  input_event_from_user+0x123/0x310
[  583.822719][T22238]  ? __pfx_input_event_from_user+0x10/0x10
[  583.822735][T22238]  ? __pfx___might_resched+0x10/0x10
[  583.822753][T22238]  ? input_inject_event+0x1c9/0x3b0
[  583.822776][T22238]  evdev_write+0x342/0x610
[  583.822802][T22238]  ? __pfx_evdev_write+0x10/0x10
[  583.822824][T22238]  ? bpf_lsm_file_permission+0x9/0x10
[  583.822850][T22238]  ? security_file_permission+0x76/0x210
[  583.822873][T22238]  ? rw_verify_area+0xce/0x6d0
[  583.822901][T22238]  vfs_write+0x2aa/0x1070
[  583.822927][T22238]  ? __pfx_evdev_write+0x10/0x10
[  583.822949][T22238]  ? __pfx_vfs_write+0x10/0x10
[  583.822971][T22238]  ? find_held_lock+0x2b/0x80
[  583.822991][T22238]  ? __fget_files+0x215/0x3d0
[  583.823014][T22238]  ? __fget_files+0x215/0x3d0
[  583.823034][T22238]  ? __fget_files+0x21f/0x3d0
[  583.823058][T22238]  ksys_write+0x1f8/0x250
[  583.823082][T22238]  ? __pfx_ksys_write+0x10/0x10
[  583.823112][T22238]  do_syscall_64+0x106/0xf80
[  583.823130][T22238]  ? clear_bhb_loop+0x40/0x90
[  583.823154][T22238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.823173][T22238] RIP: 0033:0x7f766db9c799
[  583.823187][T22238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.823203][T22238] RSP: 002b:00007f766e96f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  583.823220][T22238] RAX: ffffffffffffffda RBX: 00007f766de15fa0 RCX: 00007f766db9c799
[  583.823232][T22238] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  583.823242][T22238] RBP: 00007f766e96f090 R08: 0000000000000000 R09: 0000000000000000
[  583.823252][T22238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  583.823262][T22238] R13: 00007f766de16038 R14: 00007f766de15fa0 R15: 00007ffe3d4c5928
[  583.823286][T22238]  </TASK>
[  584.102879][T22247] netlink: 'syz.1.5605': attribute type 10 has an invalid length.
[  584.106630][T22247] bond1: option mode: unable to set because the bond device has slaves
[  584.114478][T22247] bond1: (slave macvlan5): Error -98 calling set_mac_address
[  584.219727][T20005] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  584.369794][T20005] usb 9-1: Using ep0 maxpacket: 8
[  584.374772][T20005] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  584.377826][T20005] usb 9-1: config 0 has no interface number 0
[  584.381077][T20005] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  584.385501][T20005] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  584.389235][T20005] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  584.393041][T20005] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  584.397463][T20005] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  584.400562][T20005] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  584.407942][T20005] usb 9-1: config 0 descriptor??
[  584.415905][T20005] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  584.672417][  T840] usb 9-1: USB disconnect, device number 21
[  584.673694][    C3] ldusb 9-1:0.55: usb_submit_urb failed (-19)
[  584.677297][T22244] ldusb 9-1:0.55: Couldn't submit interrupt_out_urb -19
[  584.689838][  T840] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  584.979836][   T63] Bluetooth: hci3: command 0x0406 tx timeout
[  585.060163][ T6006] usb 7-1: new high-speed USB device number 119 using dummy_hcd
[  585.248078][ T6006] usb 7-1: unable to read config index 0 descriptor/start: -61
[  585.250786][ T6006] usb 7-1: can't read configurations, error -61
[  585.274824][T22275] dlm: non-version read from control device 8
[  585.276452][T22276] 9pnet_fd: Insufficient options for proto=fd
[  585.379824][ T6006] usb 7-1: new high-speed USB device number 120 using dummy_hcd
[  585.483112][T22292] binder: 22290:22292 ioctl c0306201 2000000003c0 returned -14
[  585.486354][T22292] binder: 22290:22292 ioctl c0306201 0 returned -14
[  585.534103][ T6006] usb 7-1: unable to read config index 0 descriptor/start: -61
[  585.536590][ T6006] usb 7-1: can't read configurations, error -61
[  585.541654][ T6006] usb usb7-port1: attempt power cycle
[  585.849928][T20005] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[  585.889764][ T6006] usb 7-1: new high-speed USB device number 121 using dummy_hcd
[  585.912332][ T6006] usb 7-1: unable to read config index 0 descriptor/start: -61
[  585.915007][ T6006] usb 7-1: can't read configurations, error -61
[  586.019791][T20005] usb 6-1: Using ep0 maxpacket: 8
[  586.023191][T20005] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  586.025776][T20005] usb 6-1: config 0 has no interface number 0
[  586.027849][T20005] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  586.031387][T20005] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  586.035084][T20005] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  586.038557][T20005] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  586.042730][T20005] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  586.045612][T20005] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.049804][ T6061] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  586.050038][ T6006] usb 7-1: new high-speed USB device number 122 using dummy_hcd
[  586.052538][T20005] usb 6-1: config 0 descriptor??
[  586.061565][T20005] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  586.073022][ T6006] usb 7-1: unable to read config index 0 descriptor/start: -61
[  586.076455][ T6006] usb 7-1: can't read configurations, error -61
[  586.079568][ T6006] usb usb7-port1: unable to enumerate USB device
[  586.189717][ T6061] usb 9-1: device descriptor read/64, error -71
[  586.317444][T20005] usb 6-1: USB disconnect, device number 107
[  586.317500][    C1] ldusb 6-1:0.55: usb_submit_urb failed (-19)
[  586.324332][T20005] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  586.429773][ T6061] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  586.569736][ T6061] usb 9-1: device descriptor read/64, error -71
[  586.690110][ T6061] usb usb9-port1: attempt power cycle
[  586.913462][T22308] netlink: 'syz.1.5625': attribute type 10 has an invalid length.
[  587.030361][ T6061] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[  587.050159][ T6061] usb 9-1: device descriptor read/8, error -71
[  587.290744][ T6061] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[  587.312243][ T6061] usb 9-1: device descriptor read/8, error -71
[  587.419965][ T6061] usb usb9-port1: unable to enumerate USB device
[  587.656000][T22309] bond1: option mode: unable to set because the bond device has slaves
[  587.662223][T22310] bond1: (slave macvlan5): Error -98 calling set_mac_address
[  587.840055][T22323] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  588.170166][T22343] 0x000000000007-0x000000020007 : ""
[  588.171950][T22343] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1fff9
[  588.175565][T22343] FAULT_INJECTION: forcing a failure.
[  588.175565][T22343] name failslab, interval 1, probability 0, space 0, times 0
[  588.179816][T22343] CPU: 1 UID: 0 PID: 22343 Comm: syz.2.5638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.179834][T22343] Tainted: [L]=SOFTLOCKUP
[  588.179838][T22343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  588.179845][T22343] Call Trace:
[  588.179849][T22343]  <TASK>
[  588.179854][T22343]  dump_stack_lvl+0x100/0x190
[  588.179879][T22343]  should_fail_ex.cold+0x5/0xa
[  588.179893][T22343]  should_failslab+0xc2/0x120
[  588.179905][T22343]  __kmalloc_cache_noprof+0x7a/0x6f0
[  588.179920][T22343]  ? device_add+0xd3a/0x1950
[  588.179936][T22343]  ? __pfx___debug_object_init+0x10/0x10
[  588.179950][T22343]  ? do_raw_spin_lock+0x128/0x260
[  588.179965][T22343]  device_add+0xd3a/0x1950
[  588.179980][T22343]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  588.179996][T22343]  ? lockdep_init_map_type+0x5c/0x250
[  588.180007][T22343]  ? __pfx_device_add+0x10/0x10
[  588.180023][T22343]  ? lockdep_init_map_type+0x5c/0x250
[  588.180034][T22343]  ? __init_waitqueue_head+0xca/0x150
[  588.180050][T22343]  add_mtd_device+0x928/0x17a0
[  588.180066][T22343]  ? __pfx_add_mtd_device+0x10/0x10
[  588.180082][T22343]  mtd_add_partition+0x30a/0x660
[  588.180097][T22343]  ? __pfx_mtd_add_partition+0x10/0x10
[  588.180110][T22343]  ? __might_fault+0xc5/0x140
[  588.180124][T22343]  ? __might_fault+0xc5/0x140
[  588.180144][T22343]  mtdchar_blkpg_ioctl+0x207/0x250
[  588.180159][T22343]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  588.180186][T22343]  mtdchar_ioctl+0x1670/0x1fd0
[  588.180203][T22343]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  588.180219][T22343]  ? lock_acquire+0x1cf/0x380
[  588.180240][T22343]  ? trace_contention_end+0x140/0x180
[  588.180254][T22343]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  588.180269][T22343]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  588.180287][T22343]  ? __pfx___mutex_lock+0x10/0x10
[  588.180311][T22343]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  588.180326][T22343]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  588.180342][T22343]  __x64_sys_ioctl+0x18e/0x210
[  588.180360][T22343]  do_syscall_64+0x106/0xf80
[  588.180372][T22343]  ? clear_bhb_loop+0x40/0x90
[  588.180386][T22343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.180398][T22343] RIP: 0033:0x7f3df6b9c799
[  588.180408][T22343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.180419][T22343] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  588.180431][T22343] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  588.180438][T22343] RDX: 00002000000001c0 RSI: 0000000000001269 RDI: 0000000000000004
[  588.180445][T22343] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  588.180452][T22343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.180458][T22343] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  588.180473][T22343]  </TASK>
[  588.180795][T22343] ------------[ cut here ]------------
[  588.284458][T22343] !list_empty(&mtd->part.node)
[  588.284467][T22343] WARNING: drivers/mtd/mtdpart.c:37 at release_mtd_partition+0x71/0x90, CPU#1: syz.2.5638/22343
[  588.289526][T22343] Modules linked in:
[  588.291421][T22343] CPU: 1 UID: 0 PID: 22343 Comm: syz.2.5638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.295017][T22343] Tainted: [L]=SOFTLOCKUP
[  588.296421][T22343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  588.300954][T22343] RIP: 0010:release_mtd_partition+0x71/0x90
[  588.302930][T22343] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 7f 10 dc fb 48 89 df 5b 5d e9 75 10 dc fb e8 70 a0 7b fb 90 <0f> 0b 90 eb c2 e8 85 22 e8 fb eb db 48 89 ef e8 7b 22 e8 fb eb a5
[  588.309364][T22343] RSP: 0018:ffffc90005f27818 EFLAGS: 00010293
[  588.311647][T22343] RAX: 0000000000000000 RBX: ffff888035a15000 RCX: ffffffff8b8a8f17
[  588.314209][T22343] RDX: ffff88803d520000 RSI: ffffffff868d1350 RDI: ffff888035a15000
[  588.316777][T22343] RBP: ffff888035a15650 R08: 0000000000000001 R09: 0000000000000001
[  588.319357][T22343] R10: 000000000000000a R11: 0000000000000000 R12: 0000000000000000
[  588.322045][T22343] R13: dffffc0000000000 R14: ffff8880385f7040 R15: 0000000000000000
[  588.324568][T22343] FS:  00007f3df7a336c0(0000) GS:ffff8880d6448000(0000) knlGS:0000000000000000
[  588.327430][T22343] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  588.329574][T22343] CR2: 00007f3df7a12d58 CR3: 0000000013901000 CR4: 0000000000352ef0
[  588.332346][T22343] Call Trace:
[  588.333458][T22343]  <TASK>
[  588.334463][T22343]  mtd_release+0xa0/0xd0
[  588.335898][T22343]  ? __pfx_mtd_release+0x10/0x10
[  588.337521][T22343]  device_release+0xa4/0x240
[  588.339065][T22343]  kobject_put+0x1f7/0x640
[  588.340547][T22343]  put_device+0x1f/0x30
[  588.341949][T22343]  add_mtd_device+0xbd7/0x17a0
[  588.343534][T22343]  ? __pfx_add_mtd_device+0x10/0x10
[  588.345247][T22343]  mtd_add_partition+0x30a/0x660
[  588.346880][T22343]  ? __pfx_mtd_add_partition+0x10/0x10
[  588.348814][T22343]  ? __might_fault+0xc5/0x140
[  588.351046][T22343]  ? __might_fault+0xc5/0x140
[  588.353130][T22343]  mtdchar_blkpg_ioctl+0x207/0x250
[  588.355422][T22343]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  588.357964][T22343]  mtdchar_ioctl+0x1670/0x1fd0
[  588.360182][T22343]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  588.362083][T22343]  ? lock_acquire+0x1cf/0x380
[  588.364165][T22343]  ? trace_contention_end+0x140/0x180
[  588.366543][T22343]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  588.368633][T22343]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  588.370429][T22343]  ? __pfx___mutex_lock+0x10/0x10
[  588.372107][T22343]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  588.373826][T22343]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  588.375764][T22343]  __x64_sys_ioctl+0x18e/0x210
[  588.377325][T22343]  do_syscall_64+0x106/0xf80
[  588.378898][T22343]  ? clear_bhb_loop+0x40/0x90
[  588.379739][ T6006] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[  588.380501][T22343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.384908][T22343] RIP: 0033:0x7f3df6b9c799
[  588.386373][T22343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.393720][T22343] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  588.397312][T22343] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  588.400569][T22343] RDX: 00002000000001c0 RSI: 0000000000001269 RDI: 0000000000000004
[  588.403351][T22343] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  588.405884][T22343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.408553][T22343] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  588.411576][T22343]  </TASK>
[  588.412698][T22343] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  588.415064][T22343] CPU: 1 UID: 0 PID: 22343 Comm: syz.2.5638 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.418587][T22343] Tainted: [L]=SOFTLOCKUP
[  588.420010][T22343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  588.423293][T22343] Call Trace:
[  588.424386][T22343]  <TASK>
[  588.425361][T22343]  dump_stack_lvl+0x100/0x190
[  588.426908][T22343]  vpanic+0x552/0x970
[  588.428251][T22343]  ? __pfx_vpanic+0x10/0x10
[  588.429758][T22343]  panic+0xd1/0xe0
[  588.431027][T22343]  ? __pfx_panic+0x10/0x10
[  588.432527][T22343]  ? check_panic_on_warn+0x1f/0x90
[  588.434198][T22343]  check_panic_on_warn.cold+0x19/0x34
[  588.435938][T22343]  ? release_mtd_partition+0x71/0x90
[  588.437652][T22343]  __warn.cold+0x191/0x348
[  588.439315][T22343]  __report_bug+0x296/0x3d0
[  588.440835][T22343]  ? release_mtd_partition+0x71/0x90
[  588.442621][T22343]  ? __pfx___report_bug+0x10/0x10
[  588.444151][T22343]  ? delete_node+0x20a/0x8f0
[  588.445658][T22343]  ? release_mtd_partition+0x71/0x90
[  588.447373][T22343]  report_bug+0xb2/0x220
[  588.448805][T22343]  ? release_mtd_partition+0x71/0x90
[  588.450552][T22343]  handle_bug+0x16a/0x2a0
[  588.451972][T22343]  exc_invalid_op+0x17/0x50
[  588.453473][T22343]  asm_exc_invalid_op+0x1a/0x20
[  588.455055][T22343] RIP: 0010:release_mtd_partition+0x71/0x90
[  588.456957][T22343] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 7f 10 dc fb 48 89 df 5b 5d e9 75 10 dc fb e8 70 a0 7b fb 90 <0f> 0b 90 eb c2 e8 85 22 e8 fb eb db 48 89 ef e8 7b 22 e8 fb eb a5
[  588.464066][T22343] RSP: 0018:ffffc90005f27818 EFLAGS: 00010293
[  588.466024][T22343] RAX: 0000000000000000 RBX: ffff888035a15000 RCX: ffffffff8b8a8f17
[  588.469422][T22343] RDX: ffff88803d520000 RSI: ffffffff868d1350 RDI: ffff888035a15000
[  588.472781][T22343] RBP: ffff888035a15650 R08: 0000000000000001 R09: 0000000000000001
[  588.475749][T22343] R10: 000000000000000a R11: 0000000000000000 R12: 0000000000000000
[  588.479142][T22343] R13: dffffc0000000000 R14: ffff8880385f7040 R15: 0000000000000000
[  588.481712][T22343]  ? delete_node+0x417/0x8f0
[  588.483248][T22343]  ? release_mtd_partition+0x70/0x90
[  588.485026][T22343]  ? release_mtd_partition+0x70/0x90
[  588.486754][T22343]  mtd_release+0xa0/0xd0
[  588.488105][T22343]  ? __pfx_mtd_release+0x10/0x10
[  588.489759][T22343]  device_release+0xa4/0x240
[  588.491287][T22343]  kobject_put+0x1f7/0x640
[  588.492792][T22343]  put_device+0x1f/0x30
[  588.494202][T22343]  add_mtd_device+0xbd7/0x17a0
[  588.495780][T22343]  ? __pfx_add_mtd_device+0x10/0x10
[  588.497474][T22343]  mtd_add_partition+0x30a/0x660
[  588.499166][T22343]  ? __pfx_mtd_add_partition+0x10/0x10
[  588.500913][T22343]  ? __might_fault+0xc5/0x140
[  588.502513][T22343]  ? __might_fault+0xc5/0x140
[  588.504306][T22343]  mtdchar_blkpg_ioctl+0x207/0x250
[  588.505984][T22343]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  588.507834][T22343]  mtdchar_ioctl+0x1670/0x1fd0
[  588.509465][T22343]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  588.511190][T22343]  ? lock_acquire+0x1cf/0x380
[  588.512738][T22343]  ? trace_contention_end+0x140/0x180
[  588.514535][T22343]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  588.516275][T22343]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  588.517914][T22343]  ? __pfx___mutex_lock+0x10/0x10
[  588.519605][T22343]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  588.521296][T22343]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  588.523299][T22343]  __x64_sys_ioctl+0x18e/0x210
[  588.524896][T22343]  do_syscall_64+0x106/0xf80
[  588.526417][T22343]  ? clear_bhb_loop+0x40/0x90
[  588.527983][T22343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.530539][T22343] RIP: 0033:0x7f3df6b9c799
[  588.532498][T22343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.540716][T22343] RSP: 002b:00007f3df7a33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  588.543908][T22343] RAX: ffffffffffffffda RBX: 00007f3df6e15fa0 RCX: 00007f3df6b9c799
[  588.547167][T22343] RDX: 00002000000001c0 RSI: 0000000000001269 RDI: 0000000000000004
[  588.550608][T22343] RBP: 00007f3df7a33090 R08: 0000000000000000 R09: 0000000000000000
[  588.553290][T22343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.555860][T22343] R13: 00007f3df6e16038 R14: 00007f3df6e15fa0 R15: 00007ffd544d1f68
[  588.558483][T22343]  </TASK>
[  588.560350][T22343] Kernel Offset: disabled
[  588.561780][T22343] Rebooting in 86400 seconds..